Search

Find a vulnerability

Search criteria

    80 vulnerabilities by Technicolor

    VAR-201710-1433

    Vulnerability from variot - Updated: 2026-04-10 23:34

    Heap-based buffer overflow in dnsmasq before 2.78 allows remote attackers to cause a denial of service (crash) or execute arbitrary code via a crafted DNS response. Dnsmasq versions 2.77 and earlier contains multiple vulnerabilities. dnsmasq Exists in a buffer error vulnerability.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state.

    Ubuntu Security Notice USN-3430-3 January 04, 2018

    dnsmasq regression

    A security issue affects these releases of Ubuntu and its derivatives:

    • Ubuntu 12.04 ESM

    Summary:

    USN-3430-2 introduced regression in Dnsmasq.

    Software Description: - dnsmasq: Small caching DNS proxy and DHCP/TFTP server

    Details:

    USN-3430-2 fixed several vulnerabilities. The update introduced a new regression that breaks DNS resolution. This update addresses the problem.

    We apologize for the inconvenience.

    Original advisory details:

    Felix Wilhelm, Fermin J. Serna, Gabriel Campana and Kevin Hamacher discovered that Dnsmasq incorrectly handled DNS requests. (CVE-2017-14491)

    Felix Wilhelm, Fermin J. (CVE-2017-14492)

    Felix Wilhelm, Fermin J. Serna, Gabriel Campana and Kevin Hamacher discovered that Dnsmasq incorrectly handled DHCPv6 requests. (CVE-2017-14493)

    Felix Wilhelm, Fermin J. Serna, Gabriel Campana and Kevin Hamacher discovered that Dnsmasq incorrectly handled DHCPv6 packets. (CVE-2017-14494)

    Felix Wilhelm, Fermin J. Serna, Gabriel Campana and Kevin Hamacher discovered that Dnsmasq incorrectly handled DNS requests. A remote attacker could use this issue to cause Dnsmasq to consume memory, resulting in a denial of service. (CVE-2017-14495)

    Felix Wilhelm, Fermin J. Serna, Gabriel Campana and Kevin Hamacher discovered that Dnsmasq incorrectly handled DNS requests. (CVE-2017-14496)

    Update instructions:

    The problem can be corrected by updating your system to the following package versions:

    Ubuntu 12.04 ESM: dnsmasq=C2=A02.59-4ubuntu0.4 dnsmasq-base2.59-4ubuntu0.4 dnsmasq-utils2.59-4ubuntu0.4

    After a standard system update you need to reboot your computer to make all the necessary changes. 7.3) - ppc64, ppc64le, s390x, x86_64

    1. This issue only affected configurations using one of these options: enable-ra, ra-only, slaac, ra-names, ra-advrouter, or ra-stateless. (CVE-2017-14493)

    2. An information leak was found in dnsmasq in the DHCPv6 relay code. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1

    ===================================================================== Red Hat Security Advisory

    Synopsis: Critical: dnsmasq security update Advisory ID: RHSA-2017:2839-01 Product: Red Hat Enterprise Linux Advisory URL: https://access.redhat.com/errata/RHSA-2017:2839 Issue date: 2017-10-02 CVE Names: CVE-2017-14491 =====================================================================

    1. Summary:

    An update for dnsmasq is now available for Red Hat Enterprise Linux 6.2 Advanced Update Support, Red Hat Enterprise Linux 6.4 Advanced Update Support, Red Hat Enterprise Linux 6.5 Advanced Update Support, Red Hat Enterprise Linux 6.5 Telco Extended Update Support, Red Hat Enterprise Linux 6.6 Advanced Update Support, Red Hat Enterprise Linux 6.6 Telco Extended Update Support, and Red Hat Enterprise Linux 6.7 Extended Update Support.

    Red Hat Product Security has rated this update as having a security impact of Critical. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.

    1. Relevant releases/architectures:

    Red Hat Enterprise Linux HPC Node EUS (v. 6.7) - x86_64 Red Hat Enterprise Linux HPC Node Optional EUS (v. 6.7) - x86_64 Red Hat Enterprise Linux Server AUS (v. 6.2) - x86_64 Red Hat Enterprise Linux Server AUS (v. 6.4) - x86_64 Red Hat Enterprise Linux Server AUS (v. 6.5) - x86_64 Red Hat Enterprise Linux Server AUS (v. 6.6) - x86_64 Red Hat Enterprise Linux Server EUS (v. 6.7) - i386, ppc64, s390x, x86_64 Red Hat Enterprise Linux Server Optional AUS (v. 6.4) - x86_64 Red Hat Enterprise Linux Server Optional AUS (v. 6.5) - x86_64 Red Hat Enterprise Linux Server Optional AUS (v. 6.6) - x86_64 Red Hat Enterprise Linux Server Optional EUS (v. 6.7) - i386, ppc64, s390x, x86_64 Red Hat Enterprise Linux Server Optional TUS (v. 6.5) - x86_64 Red Hat Enterprise Linux Server Optional TUS (v. 6.6) - x86_64 Red Hat Enterprise Linux Server TUS (v. 6.5) - x86_64 Red Hat Enterprise Linux Server TUS (v. 6.6) - x86_64

    1. Description:

    The dnsmasq packages contain Dnsmasq, a lightweight DNS (Domain Name Server) forwarder and DHCP (Dynamic Host Configuration Protocol) server.

    Security Fix(es):

    • A heap buffer overflow was found in dnsmasq in the code responsible for building DNS replies. (CVE-2017-14491)

    Red Hat would like to thank Felix Wilhelm (Google Security Team), Fermin J. Serna (Google Security Team), Gabriel Campana (Google Security Team), Kevin Hamacher (Google Security Team), and Ron Bowes (Google Security Team) for reporting this issue.

    1. Solution:

    For details on how to apply this update, which includes the changes described in this advisory, refer to:

    https://access.redhat.com/articles/11258

    1. Bugs fixed (https://bugzilla.redhat.com/):

    1495409 - CVE-2017-14491 dnsmasq: heap overflow in the code responsible for building DNS replies

    1. Package List:

    Red Hat Enterprise Linux HPC Node EUS (v. 6.7):

    Source: dnsmasq-2.48-16.el6_7.1.src.rpm

    x86_64: dnsmasq-2.48-16.el6_7.1.x86_64.rpm dnsmasq-debuginfo-2.48-16.el6_7.1.x86_64.rpm

    Red Hat Enterprise Linux HPC Node Optional EUS (v. 6.7):

    x86_64: dnsmasq-debuginfo-2.48-16.el6_7.1.x86_64.rpm dnsmasq-utils-2.48-16.el6_7.1.x86_64.rpm

    Red Hat Enterprise Linux Server AUS (v. 6.2):

    Source: dnsmasq-2.48-5.el6_2.2.src.rpm

    x86_64: dnsmasq-2.48-5.el6_2.2.x86_64.rpm dnsmasq-debuginfo-2.48-5.el6_2.2.x86_64.rpm

    Red Hat Enterprise Linux Server AUS (v. 6.4):

    Source: dnsmasq-2.48-13.el6_4.1.src.rpm

    x86_64: dnsmasq-2.48-13.el6_4.1.x86_64.rpm dnsmasq-debuginfo-2.48-13.el6_4.1.x86_64.rpm

    Red Hat Enterprise Linux Server AUS (v. 6.5):

    Source: dnsmasq-2.48-13.el6_5.1.src.rpm

    x86_64: dnsmasq-2.48-13.el6_5.1.x86_64.rpm dnsmasq-debuginfo-2.48-13.el6_5.1.x86_64.rpm

    Red Hat Enterprise Linux Server TUS (v. 6.5):

    Source: dnsmasq-2.48-13.el6_5.1.src.rpm

    x86_64: dnsmasq-2.48-13.el6_5.1.x86_64.rpm dnsmasq-debuginfo-2.48-13.el6_5.1.x86_64.rpm

    Red Hat Enterprise Linux Server AUS (v. 6.6):

    Source: dnsmasq-2.48-14.el6_6.1.src.rpm

    x86_64: dnsmasq-2.48-14.el6_6.1.x86_64.rpm dnsmasq-debuginfo-2.48-14.el6_6.1.x86_64.rpm

    Red Hat Enterprise Linux Server TUS (v. 6.6):

    Source: dnsmasq-2.48-14.el6_6.1.src.rpm

    x86_64: dnsmasq-2.48-14.el6_6.1.x86_64.rpm dnsmasq-debuginfo-2.48-14.el6_6.1.x86_64.rpm

    Red Hat Enterprise Linux Server EUS (v. 6.7):

    Source: dnsmasq-2.48-16.el6_7.1.src.rpm

    i386: dnsmasq-2.48-16.el6_7.1.i686.rpm dnsmasq-debuginfo-2.48-16.el6_7.1.i686.rpm

    ppc64: dnsmasq-2.48-16.el6_7.1.ppc64.rpm dnsmasq-debuginfo-2.48-16.el6_7.1.ppc64.rpm

    s390x: dnsmasq-2.48-16.el6_7.1.s390x.rpm dnsmasq-debuginfo-2.48-16.el6_7.1.s390x.rpm

    x86_64: dnsmasq-2.48-16.el6_7.1.x86_64.rpm dnsmasq-debuginfo-2.48-16.el6_7.1.x86_64.rpm

    Red Hat Enterprise Linux Server Optional AUS (v. 6.4):

    Source: dnsmasq-2.48-13.el6_4.1.src.rpm

    x86_64: dnsmasq-debuginfo-2.48-13.el6_4.1.x86_64.rpm dnsmasq-utils-2.48-13.el6_4.1.x86_64.rpm

    Red Hat Enterprise Linux Server Optional AUS (v. 6.5):

    Source: dnsmasq-2.48-13.el6_5.1.src.rpm

    x86_64: dnsmasq-debuginfo-2.48-13.el6_5.1.x86_64.rpm dnsmasq-utils-2.48-13.el6_5.1.x86_64.rpm

    Red Hat Enterprise Linux Server Optional TUS (v. 6.5):

    Source: dnsmasq-2.48-13.el6_5.1.src.rpm

    x86_64: dnsmasq-debuginfo-2.48-13.el6_5.1.x86_64.rpm dnsmasq-utils-2.48-13.el6_5.1.x86_64.rpm

    Red Hat Enterprise Linux Server Optional AUS (v. 6.6):

    x86_64: dnsmasq-debuginfo-2.48-14.el6_6.1.x86_64.rpm dnsmasq-utils-2.48-14.el6_6.1.x86_64.rpm

    Red Hat Enterprise Linux Server Optional TUS (v. 6.6):

    x86_64: dnsmasq-debuginfo-2.48-14.el6_6.1.x86_64.rpm dnsmasq-utils-2.48-14.el6_6.1.x86_64.rpm

    Red Hat Enterprise Linux Server Optional EUS (v. 6.7):

    i386: dnsmasq-debuginfo-2.48-16.el6_7.1.i686.rpm dnsmasq-utils-2.48-16.el6_7.1.i686.rpm

    ppc64: dnsmasq-debuginfo-2.48-16.el6_7.1.ppc64.rpm dnsmasq-utils-2.48-16.el6_7.1.ppc64.rpm

    s390x: dnsmasq-debuginfo-2.48-16.el6_7.1.s390x.rpm dnsmasq-utils-2.48-16.el6_7.1.s390x.rpm

    x86_64: dnsmasq-debuginfo-2.48-16.el6_7.1.x86_64.rpm dnsmasq-utils-2.48-16.el6_7.1.x86_64.rpm

    These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key/

    1. References:

    https://access.redhat.com/security/cve/CVE-2017-14491 https://access.redhat.com/security/updates/classification/#critical https://access.redhat.com/security/vulnerabilities/3199382

    1. Contact:

    The Red Hat security contact is secalert@redhat.com. More contact details at https://access.redhat.com/security/team/contact/

    Copyright 2017 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1

    iD8DBQFZ0nLUXlSAg2UNWIIRAn39AKDCsn16dEmmA7DazjU2IOpWLIFp8QCeODoG 7t7GGwkabW2pC2Wcr35n/G8= =S/6b -----END PGP SIGNATURE-----

    -- RHSA-announce mailing list RHSA-announce@redhat.com https://www.redhat.com/mailman/listinfo/rhsa-announce . - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Gentoo Linux Security Advisory GLSA 201710-27


                                           https://security.gentoo.org/
    

    Severity: Normal Title: Dnsmasq: Multiple vulnerabilities Date: October 23, 2017 Bugs: #632692 ID: 201710-27


    Synopsis

    Multiple vulnerabilities have been found in Dnsmasq, the worst of which may allow remote attackers to execute arbitrary code.

    Affected packages

    -------------------------------------------------------------------
     Package              /     Vulnerable     /            Unaffected
    -------------------------------------------------------------------
    

    1 net-dns/dnsmasq < 2.78 >= 2.78

    Description

    Multiple vulnerabilities have been discovered in Dnsmasq.

    Workaround

    There is no known workaround at this time.

    Resolution

    All Dnsmasq users should upgrade to the latest version:

    # emerge --sync # emerge --ask --oneshot --verbose ">=net-dns/dnsmasq-2.78"

    References

    [ 1 ] CVE-2017-14491 https://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-14491 [ 2 ] CVE-2017-14492 https://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-14492 [ 3 ] CVE-2017-14493 https://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-14493 [ 4 ] CVE-2017-14494 https://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-14494 [ 5 ] CVE-2017-14495 https://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-14495 [ 6 ] CVE-2017-14496 https://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-14496

    Availability

    This GLSA and any updates to it are available for viewing at the Gentoo Security Website:

    https://security.gentoo.org/glsa/201710-27

    Concerns?

    Security is a primary focus of Gentoo Linux and ensuring the confidentiality and security of our users' machines is of utmost importance to us. Any security concerns should be addressed to security@gentoo.org or alternatively, you may file a bug at https://bugs.gentoo.org.

    License

    Copyright 2017 Gentoo Foundation, Inc; referenced text belongs to its owner(s).

    The contents of this document are licensed under the Creative Commons - Attribution / Share Alike license.

    http://creativecommons.org/licenses/by-sa/2.5

    Show details on source website

    {
      "affected_products": {
        "_id": null,
        "data": [
          {
            "_id": null,
            "model": "diskstation manager",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "synology",
            "version": "6.1"
          },
          {
            "_id": null,
            "model": "enterprise linux workstation",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "redhat",
            "version": "7.0"
          },
          {
            "_id": null,
            "model": "linux",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "debian",
            "version": "9.0"
          },
          {
            "_id": null,
            "model": "arubaos",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "arubanetworks",
            "version": "8.1.0.4"
          },
          {
            "_id": null,
            "model": "arubaos",
            "scope": "gte",
            "trust": 1.0,
            "vendor": "arubanetworks",
            "version": "6.5.3.0"
          },
          {
            "_id": null,
            "model": "linux enterprise server",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "suse",
            "version": "11"
          },
          {
            "_id": null,
            "model": "eos",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "arista",
            "version": "4.17.8m"
          },
          {
            "_id": null,
            "model": "linux for tegra",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "nvidia",
            "version": "r21.6"
          },
          {
            "_id": null,
            "model": "ubuntu linux",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "canonical",
            "version": "14.04"
          },
          {
            "_id": null,
            "model": "linux",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "debian",
            "version": "7.0"
          },
          {
            "_id": null,
            "model": "scalance m-800",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "siemens",
            "version": "5.0"
          },
          {
            "_id": null,
            "model": "arubaos",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "arubanetworks",
            "version": "6.5.4.2"
          },
          {
            "_id": null,
            "model": "arubaos",
            "scope": "gte",
            "trust": 1.0,
            "vendor": "arubanetworks",
            "version": "6.5.4.0"
          },
          {
            "_id": null,
            "model": "enterprise linux workstation",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "redhat",
            "version": "6.0"
          },
          {
            "_id": null,
            "model": "leap",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "opensuse",
            "version": "42.2"
          },
          {
            "_id": null,
            "model": "enterprise linux server",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "redhat",
            "version": "6.0"
          },
          {
            "_id": null,
            "model": "ubuntu linux",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "canonical",
            "version": "12.04"
          },
          {
            "_id": null,
            "model": "eos",
            "scope": "gte",
            "trust": 1.0,
            "vendor": "arista",
            "version": "4.18"
          },
          {
            "_id": null,
            "model": "arubaos",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "arubanetworks",
            "version": "6.3.1.25"
          },
          {
            "_id": null,
            "model": "eos",
            "scope": "gte",
            "trust": 1.0,
            "vendor": "arista",
            "version": "4.17"
          },
          {
            "_id": null,
            "model": "linux enterprise debuginfo",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "suse",
            "version": "11"
          },
          {
            "_id": null,
            "model": "arubaos",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "arubanetworks",
            "version": "6.5.1.9"
          },
          {
            "_id": null,
            "model": "eos",
            "scope": "lte",
            "trust": 1.0,
            "vendor": "arista",
            "version": "4.15"
          },
          {
            "_id": null,
            "model": "diskstation manager",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "synology",
            "version": "6.0"
          },
          {
            "_id": null,
            "model": "ubuntu linux",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "canonical",
            "version": "17.04"
          },
          {
            "_id": null,
            "model": "eos",
            "scope": "lte",
            "trust": 1.0,
            "vendor": "arista",
            "version": "4.18.4.2f"
          },
          {
            "_id": null,
            "model": "enterprise linux desktop",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "redhat",
            "version": "7.0"
          },
          {
            "_id": null,
            "model": "arubaos",
            "scope": "gte",
            "trust": 1.0,
            "vendor": "arubanetworks",
            "version": "8.1.0.0"
          },
          {
            "_id": null,
            "model": "ruggedcom rm1224",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "siemens",
            "version": "5.0"
          },
          {
            "_id": null,
            "model": "arubaos",
            "scope": "gte",
            "trust": 1.0,
            "vendor": "arubanetworks",
            "version": "6.4.4.0"
          },
          {
            "_id": null,
            "model": "diskstation manager",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "synology",
            "version": "5.2"
          },
          {
            "_id": null,
            "model": "linux",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "debian",
            "version": "8.0"
          },
          {
            "_id": null,
            "model": "linux enterprise server",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "suse",
            "version": "12"
          },
          {
            "_id": null,
            "model": "geforce experience",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "nvidia",
            "version": "3.10.0.55"
          },
          {
            "_id": null,
            "model": "router manager",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "synology",
            "version": "1.1"
          },
          {
            "_id": null,
            "model": "honor v9 play",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "huawei",
            "version": "jimmy-al00ac00b135"
          },
          {
            "_id": null,
            "model": "dnsmasq",
            "scope": "lte",
            "trust": 1.0,
            "vendor": "thekelleys",
            "version": "2.77"
          },
          {
            "_id": null,
            "model": "arubaos",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "arubanetworks",
            "version": "6.4.4.16"
          },
          {
            "_id": null,
            "model": "linux",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "debian",
            "version": "7.1"
          },
          {
            "_id": null,
            "model": "linux for tegra",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "nvidia",
            "version": "r24.2.2"
          },
          {
            "_id": null,
            "model": "arubaos",
            "scope": "gte",
            "trust": 1.0,
            "vendor": "arubanetworks",
            "version": "6.3.1"
          },
          {
            "_id": null,
            "model": "geforce experience",
            "scope": "gte",
            "trust": 1.0,
            "vendor": "nvidia",
            "version": "3.0"
          },
          {
            "_id": null,
            "model": "ubuntu linux",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "canonical",
            "version": "16.04"
          },
          {
            "_id": null,
            "model": "arubaos",
            "scope": "gte",
            "trust": 1.0,
            "vendor": "arubanetworks",
            "version": "6.5.0.0"
          },
          {
            "_id": null,
            "model": "eos",
            "scope": "gte",
            "trust": 1.0,
            "vendor": "arista",
            "version": "4.16"
          },
          {
            "_id": null,
            "model": "scalance w1750d",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "siemens",
            "version": "6.5.1.5"
          },
          {
            "_id": null,
            "model": "scalance s615",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "siemens",
            "version": "5.0"
          },
          {
            "_id": null,
            "model": "enterprise linux desktop",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "redhat",
            "version": "6.0"
          },
          {
            "_id": null,
            "model": "eos",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "arista",
            "version": "4.16.13m"
          },
          {
            "_id": null,
            "model": "leap",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "opensuse",
            "version": "42.3"
          },
          {
            "_id": null,
            "model": "arubaos",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "arubanetworks",
            "version": "6.5.3.3"
          },
          {
            "_id": null,
            "model": "enterprise linux server",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "redhat",
            "version": "7.0"
          },
          {
            "_id": null,
            "model": "linux enterprise point of sale",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "suse",
            "version": "11"
          },
          {
            "_id": null,
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "ruckus",
            "version": null
          },
          {
            "_id": null,
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "technicolor",
            "version": null
          },
          {
            "_id": null,
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "zyxel",
            "version": null
          },
          {
            "_id": null,
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "dnsmasq",
            "version": null
          },
          {
            "_id": null,
            "model": "ubuntu",
            "scope": null,
            "trust": 0.8,
            "vendor": "canonical",
            "version": null
          },
          {
            "_id": null,
            "model": "red hat enterprise linux server",
            "scope": null,
            "trust": 0.8,
            "vendor": "\u30ec\u30c3\u30c9\u30cf\u30c3\u30c8",
            "version": null
          },
          {
            "_id": null,
            "model": "red hat enterprise linux workstation",
            "scope": null,
            "trust": 0.8,
            "vendor": "\u30ec\u30c3\u30c9\u30cf\u30c3\u30c8",
            "version": null
          },
          {
            "_id": null,
            "model": "red hat enterprise linux desktop",
            "scope": null,
            "trust": 0.8,
            "vendor": "\u30ec\u30c3\u30c9\u30cf\u30c3\u30c8",
            "version": null
          },
          {
            "_id": null,
            "model": "leap",
            "scope": null,
            "trust": 0.8,
            "vendor": "opensuse",
            "version": null
          },
          {
            "_id": null,
            "model": "gnu/linux",
            "scope": null,
            "trust": 0.8,
            "vendor": "debian",
            "version": null
          },
          {
            "_id": null,
            "model": "dnsmasq",
            "scope": null,
            "trust": 0.8,
            "vendor": "thekelleys",
            "version": null
          },
          {
            "_id": null,
            "model": "dnsmasq",
            "scope": "eq",
            "trust": 0.6,
            "vendor": "thekelleys",
            "version": "2.77"
          }
        ],
        "sources": [
          {
            "db": "CERT/CC",
            "id": "VU#973527"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201709-747"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2017-008618"
          },
          {
            "db": "NVD",
            "id": "CVE-2017-14491"
          }
        ]
      },
      "credits": {
        "_id": null,
        "data": "Gabriel Campana, Kevin Hamacher and Ron Bowes of the Google Security Team,Felix Wilhelm, Fermin J. Serna",
        "sources": [
          {
            "db": "CNNVD",
            "id": "CNNVD-201709-747"
          }
        ],
        "trust": 0.6
      },
      "cve": "CVE-2017-14491",
      "cvss": {
        "_id": null,
        "data": [
          {
            "cvssV2": [
              {
                "accessComplexity": "LOW",
                "accessVector": "NETWORK",
                "authentication": "NONE",
                "author": "nvd@nist.gov",
                "availabilityImpact": "PARTIAL",
                "baseScore": 7.5,
                "confidentialityImpact": "PARTIAL",
                "exploitabilityScore": 10.0,
                "id": "CVE-2017-14491",
                "impactScore": 6.4,
                "integrityImpact": "PARTIAL",
                "severity": "HIGH",
                "trust": 1.9,
                "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
                "version": "2.0"
              }
            ],
            "cvssV3": [
              {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "author": "nvd@nist.gov",
                "availabilityImpact": "HIGH",
                "baseScore": 9.8,
                "baseSeverity": "CRITICAL",
                "confidentialityImpact": "HIGH",
                "exploitabilityScore": 3.9,
                "id": "CVE-2017-14491",
                "impactScore": 5.9,
                "integrityImpact": "HIGH",
                "privilegesRequired": "NONE",
                "scope": "UNCHANGED",
                "trust": 1.0,
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
                "version": "3.1"
              },
              {
                "attackComplexity": "Low",
                "attackVector": "Network",
                "author": "NVD",
                "availabilityImpact": "High",
                "baseScore": 9.8,
                "baseSeverity": "Critical",
                "confidentialityImpact": "High",
                "exploitabilityScore": null,
                "id": "CVE-2017-14491",
                "impactScore": null,
                "integrityImpact": "High",
                "privilegesRequired": "None",
                "scope": "Unchanged",
                "trust": 0.8,
                "userInteraction": "None",
                "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
                "version": "3.0"
              }
            ],
            "severity": [
              {
                "author": "nvd@nist.gov",
                "id": "CVE-2017-14491",
                "trust": 1.0,
                "value": "CRITICAL"
              },
              {
                "author": "NVD",
                "id": "CVE-2017-14491",
                "trust": 0.8,
                "value": "Critical"
              },
              {
                "author": "CNNVD",
                "id": "CNNVD-201709-747",
                "trust": 0.6,
                "value": "CRITICAL"
              },
              {
                "author": "VULMON",
                "id": "CVE-2017-14491",
                "trust": 0.1,
                "value": "HIGH"
              }
            ]
          }
        ],
        "sources": [
          {
            "db": "VULMON",
            "id": "CVE-2017-14491"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201709-747"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2017-008618"
          },
          {
            "db": "NVD",
            "id": "CVE-2017-14491"
          }
        ]
      },
      "description": {
        "_id": null,
        "data": "Heap-based buffer overflow in dnsmasq before 2.78 allows remote attackers to cause a denial of service (crash) or execute arbitrary code via a crafted DNS response. Dnsmasq versions 2.77 and earlier contains multiple vulnerabilities. dnsmasq Exists in a buffer error vulnerability.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state. \n===========================================================================\nUbuntu Security Notice USN-3430-3\nJanuary 04, 2018\n\ndnsmasq regression\n===========================================================================\n\nA security issue affects these releases of Ubuntu and its derivatives:\n\n- Ubuntu 12.04 ESM\n\nSummary:\n\nUSN-3430-2 introduced regression in Dnsmasq. \n\nSoftware Description:\n- dnsmasq: Small caching DNS proxy and DHCP/TFTP server\n\nDetails:\n\nUSN-3430-2 fixed several vulnerabilities. The update introduced a new\nregression that breaks DNS resolution. This update addresses the\nproblem. \n\nWe apologize for the inconvenience. \n\nOriginal advisory details:\n\nFelix Wilhelm, Fermin J. Serna, Gabriel Campana and Kevin Hamacher\ndiscovered that Dnsmasq incorrectly handled DNS requests. \n(CVE-2017-14491)\n\nFelix Wilhelm, Fermin J. (CVE-2017-14492)\n\nFelix Wilhelm, Fermin J. Serna, Gabriel Campana and Kevin Hamacher\ndiscovered that Dnsmasq incorrectly handled DHCPv6 requests. \n(CVE-2017-14493)\n\nFelix Wilhelm, Fermin J. Serna, Gabriel Campana and Kevin Hamacher\ndiscovered that Dnsmasq incorrectly handled DHCPv6 packets. (CVE-2017-14494)\n\nFelix Wilhelm, Fermin J. Serna, Gabriel Campana and Kevin Hamacher\ndiscovered that Dnsmasq incorrectly handled DNS requests. A remote\nattacker could use this issue to cause Dnsmasq to consume memory,\nresulting in a denial of service. (CVE-2017-14495)\n\nFelix Wilhelm, Fermin J. Serna, Gabriel Campana and Kevin Hamacher\ndiscovered that Dnsmasq incorrectly handled DNS requests. (CVE-2017-14496)\n\nUpdate instructions:\n\nThe problem can be corrected by updating your system to the following\npackage versions:\n\nUbuntu 12.04 ESM:\n dnsmasq=C2=A02.59-4ubuntu0.4\n dnsmasq-base2.59-4ubuntu0.4\n dnsmasq-utils2.59-4ubuntu0.4\n\nAfter a standard system update you need to reboot your computer to make\nall the necessary changes. 7.3) - ppc64, ppc64le, s390x, x86_64\n\n3. This issue only affected\nconfigurations using one of these options: enable-ra, ra-only, slaac,\nra-names, ra-advrouter, or ra-stateless. (CVE-2017-14493)\n\n* An information leak was found in dnsmasq in the DHCPv6 relay code. -----BEGIN PGP SIGNED MESSAGE-----\nHash: SHA1\n\n=====================================================================\n                   Red Hat Security Advisory\n\nSynopsis:          Critical: dnsmasq security update\nAdvisory ID:       RHSA-2017:2839-01\nProduct:           Red Hat Enterprise Linux\nAdvisory URL:      https://access.redhat.com/errata/RHSA-2017:2839\nIssue date:        2017-10-02\nCVE Names:         CVE-2017-14491 \n=====================================================================\n\n1. Summary:\n\nAn update for dnsmasq is now available for Red Hat Enterprise Linux 6.2\nAdvanced Update Support, Red Hat Enterprise Linux 6.4 Advanced Update\nSupport, Red Hat Enterprise Linux 6.5 Advanced Update Support, Red Hat\nEnterprise Linux 6.5 Telco Extended Update Support, Red Hat Enterprise\nLinux 6.6 Advanced Update Support, Red Hat Enterprise Linux 6.6 Telco\nExtended Update Support, and Red Hat Enterprise Linux 6.7 Extended Update\nSupport. \n\nRed Hat Product Security has rated this update as having a security impact\nof Critical. A Common Vulnerability Scoring System (CVSS) base score, which\ngives a detailed severity rating, is available for each vulnerability from\nthe CVE link(s) in the References section. \n\n2. Relevant releases/architectures:\n\nRed Hat Enterprise Linux HPC Node EUS (v. 6.7) - x86_64\nRed Hat Enterprise Linux HPC Node Optional EUS (v. 6.7) - x86_64\nRed Hat Enterprise Linux Server AUS (v. 6.2) - x86_64\nRed Hat Enterprise Linux Server AUS (v. 6.4) - x86_64\nRed Hat Enterprise Linux Server AUS (v. 6.5) - x86_64\nRed Hat Enterprise Linux Server AUS (v. 6.6) - x86_64\nRed Hat Enterprise Linux Server EUS (v. 6.7) - i386, ppc64, s390x, x86_64\nRed Hat Enterprise Linux Server Optional AUS (v. 6.4) - x86_64\nRed Hat Enterprise Linux Server Optional AUS (v. 6.5) - x86_64\nRed Hat Enterprise Linux Server Optional AUS (v. 6.6) - x86_64\nRed Hat Enterprise Linux Server Optional EUS (v. 6.7) - i386, ppc64, s390x, x86_64\nRed Hat Enterprise Linux Server Optional TUS (v. 6.5) - x86_64\nRed Hat Enterprise Linux Server Optional TUS (v. 6.6) - x86_64\nRed Hat Enterprise Linux Server TUS (v. 6.5) - x86_64\nRed Hat Enterprise Linux Server TUS (v. 6.6) - x86_64\n\n3. Description:\n\nThe dnsmasq packages contain Dnsmasq, a lightweight DNS (Domain Name\nServer) forwarder and DHCP (Dynamic Host Configuration Protocol) server. \n\nSecurity Fix(es):\n\n* A heap buffer overflow was found in dnsmasq in the code responsible for\nbuilding DNS replies. \n(CVE-2017-14491)\n\nRed Hat would like to thank Felix Wilhelm (Google Security Team), Fermin J. \nSerna (Google Security Team), Gabriel Campana (Google Security Team), Kevin\nHamacher (Google Security Team), and Ron Bowes (Google Security Team) for\nreporting this issue. \n\n4. Solution:\n\nFor details on how to apply this update, which includes the changes\ndescribed in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\n5. Bugs fixed (https://bugzilla.redhat.com/):\n\n1495409 - CVE-2017-14491 dnsmasq: heap overflow in the code responsible for building DNS replies\n\n6. Package List:\n\nRed Hat Enterprise Linux HPC Node EUS (v. 6.7):\n\nSource:\ndnsmasq-2.48-16.el6_7.1.src.rpm\n\nx86_64:\ndnsmasq-2.48-16.el6_7.1.x86_64.rpm\ndnsmasq-debuginfo-2.48-16.el6_7.1.x86_64.rpm\n\nRed Hat Enterprise Linux HPC Node Optional EUS (v. 6.7):\n\nx86_64:\ndnsmasq-debuginfo-2.48-16.el6_7.1.x86_64.rpm\ndnsmasq-utils-2.48-16.el6_7.1.x86_64.rpm\n\nRed Hat Enterprise Linux Server AUS (v. 6.2):\n\nSource:\ndnsmasq-2.48-5.el6_2.2.src.rpm\n\nx86_64:\ndnsmasq-2.48-5.el6_2.2.x86_64.rpm\ndnsmasq-debuginfo-2.48-5.el6_2.2.x86_64.rpm\n\nRed Hat Enterprise Linux Server AUS (v. 6.4):\n\nSource:\ndnsmasq-2.48-13.el6_4.1.src.rpm\n\nx86_64:\ndnsmasq-2.48-13.el6_4.1.x86_64.rpm\ndnsmasq-debuginfo-2.48-13.el6_4.1.x86_64.rpm\n\nRed Hat Enterprise Linux Server AUS (v. 6.5):\n\nSource:\ndnsmasq-2.48-13.el6_5.1.src.rpm\n\nx86_64:\ndnsmasq-2.48-13.el6_5.1.x86_64.rpm\ndnsmasq-debuginfo-2.48-13.el6_5.1.x86_64.rpm\n\nRed Hat Enterprise Linux Server TUS (v. 6.5):\n\nSource:\ndnsmasq-2.48-13.el6_5.1.src.rpm\n\nx86_64:\ndnsmasq-2.48-13.el6_5.1.x86_64.rpm\ndnsmasq-debuginfo-2.48-13.el6_5.1.x86_64.rpm\n\nRed Hat Enterprise Linux Server AUS (v. 6.6):\n\nSource:\ndnsmasq-2.48-14.el6_6.1.src.rpm\n\nx86_64:\ndnsmasq-2.48-14.el6_6.1.x86_64.rpm\ndnsmasq-debuginfo-2.48-14.el6_6.1.x86_64.rpm\n\nRed Hat Enterprise Linux Server TUS (v. 6.6):\n\nSource:\ndnsmasq-2.48-14.el6_6.1.src.rpm\n\nx86_64:\ndnsmasq-2.48-14.el6_6.1.x86_64.rpm\ndnsmasq-debuginfo-2.48-14.el6_6.1.x86_64.rpm\n\nRed Hat Enterprise Linux Server EUS (v. 6.7):\n\nSource:\ndnsmasq-2.48-16.el6_7.1.src.rpm\n\ni386:\ndnsmasq-2.48-16.el6_7.1.i686.rpm\ndnsmasq-debuginfo-2.48-16.el6_7.1.i686.rpm\n\nppc64:\ndnsmasq-2.48-16.el6_7.1.ppc64.rpm\ndnsmasq-debuginfo-2.48-16.el6_7.1.ppc64.rpm\n\ns390x:\ndnsmasq-2.48-16.el6_7.1.s390x.rpm\ndnsmasq-debuginfo-2.48-16.el6_7.1.s390x.rpm\n\nx86_64:\ndnsmasq-2.48-16.el6_7.1.x86_64.rpm\ndnsmasq-debuginfo-2.48-16.el6_7.1.x86_64.rpm\n\nRed Hat Enterprise Linux Server Optional AUS (v. 6.4):\n\nSource:\ndnsmasq-2.48-13.el6_4.1.src.rpm\n\nx86_64:\ndnsmasq-debuginfo-2.48-13.el6_4.1.x86_64.rpm\ndnsmasq-utils-2.48-13.el6_4.1.x86_64.rpm\n\nRed Hat Enterprise Linux Server Optional AUS (v. 6.5):\n\nSource:\ndnsmasq-2.48-13.el6_5.1.src.rpm\n\nx86_64:\ndnsmasq-debuginfo-2.48-13.el6_5.1.x86_64.rpm\ndnsmasq-utils-2.48-13.el6_5.1.x86_64.rpm\n\nRed Hat Enterprise Linux Server Optional TUS (v. 6.5):\n\nSource:\ndnsmasq-2.48-13.el6_5.1.src.rpm\n\nx86_64:\ndnsmasq-debuginfo-2.48-13.el6_5.1.x86_64.rpm\ndnsmasq-utils-2.48-13.el6_5.1.x86_64.rpm\n\nRed Hat Enterprise Linux Server Optional AUS (v. 6.6):\n\nx86_64:\ndnsmasq-debuginfo-2.48-14.el6_6.1.x86_64.rpm\ndnsmasq-utils-2.48-14.el6_6.1.x86_64.rpm\n\nRed Hat Enterprise Linux Server Optional TUS (v. 6.6):\n\nx86_64:\ndnsmasq-debuginfo-2.48-14.el6_6.1.x86_64.rpm\ndnsmasq-utils-2.48-14.el6_6.1.x86_64.rpm\n\nRed Hat Enterprise Linux Server Optional EUS (v. 6.7):\n\ni386:\ndnsmasq-debuginfo-2.48-16.el6_7.1.i686.rpm\ndnsmasq-utils-2.48-16.el6_7.1.i686.rpm\n\nppc64:\ndnsmasq-debuginfo-2.48-16.el6_7.1.ppc64.rpm\ndnsmasq-utils-2.48-16.el6_7.1.ppc64.rpm\n\ns390x:\ndnsmasq-debuginfo-2.48-16.el6_7.1.s390x.rpm\ndnsmasq-utils-2.48-16.el6_7.1.s390x.rpm\n\nx86_64:\ndnsmasq-debuginfo-2.48-16.el6_7.1.x86_64.rpm\ndnsmasq-utils-2.48-16.el6_7.1.x86_64.rpm\n\nThese packages are GPG signed by Red Hat for security.  Our key and\ndetails on how to verify the signature are available from\nhttps://access.redhat.com/security/team/key/\n\n7. References:\n\nhttps://access.redhat.com/security/cve/CVE-2017-14491\nhttps://access.redhat.com/security/updates/classification/#critical\nhttps://access.redhat.com/security/vulnerabilities/3199382\n\n8. Contact:\n\nThe Red Hat security contact is \u003csecalert@redhat.com\u003e. More contact\ndetails at https://access.redhat.com/security/team/contact/\n\nCopyright 2017 Red Hat, Inc. \n-----BEGIN PGP SIGNATURE-----\nVersion: GnuPG v1\n\niD8DBQFZ0nLUXlSAg2UNWIIRAn39AKDCsn16dEmmA7DazjU2IOpWLIFp8QCeODoG\n7t7GGwkabW2pC2Wcr35n/G8=\n=S/6b\n-----END PGP SIGNATURE-----\n\n--\nRHSA-announce mailing list\nRHSA-announce@redhat.com\nhttps://www.redhat.com/mailman/listinfo/rhsa-announce\n. - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\nGentoo Linux Security Advisory                           GLSA 201710-27\n- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\n                                           https://security.gentoo.org/\n- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\n\n Severity: Normal\n    Title: Dnsmasq: Multiple vulnerabilities\n     Date: October 23, 2017\n     Bugs: #632692\n       ID: 201710-27\n\n- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\n\nSynopsis\n========\n\nMultiple vulnerabilities have been found in Dnsmasq, the worst of which\nmay allow remote attackers to execute arbitrary code. \n\nAffected packages\n=================\n\n    -------------------------------------------------------------------\n     Package              /     Vulnerable     /            Unaffected\n    -------------------------------------------------------------------\n  1  net-dns/dnsmasq               \u003c 2.78                     \u003e= 2.78 \n\nDescription\n===========\n\nMultiple vulnerabilities have been discovered in Dnsmasq. \n\nWorkaround\n==========\n\nThere is no known workaround at this time. \n\nResolution\n==========\n\nAll Dnsmasq users should upgrade to the latest version:\n\n  # emerge --sync\n  # emerge --ask --oneshot --verbose \"\u003e=net-dns/dnsmasq-2.78\"\n\nReferences\n==========\n\n[ 1 ] CVE-2017-14491\n      https://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-14491\n[ 2 ] CVE-2017-14492\n      https://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-14492\n[ 3 ] CVE-2017-14493\n      https://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-14493\n[ 4 ] CVE-2017-14494\n      https://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-14494\n[ 5 ] CVE-2017-14495\n      https://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-14495\n[ 6 ] CVE-2017-14496\n      https://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-14496\n\nAvailability\n============\n\nThis GLSA and any updates to it are available for viewing at\nthe Gentoo Security Website:\n\n https://security.gentoo.org/glsa/201710-27\n\nConcerns?\n=========\n\nSecurity is a primary focus of Gentoo Linux and ensuring the\nconfidentiality and security of our users\u0027 machines is of utmost\nimportance to us. Any security concerns should be addressed to\nsecurity@gentoo.org or alternatively, you may file a bug at\nhttps://bugs.gentoo.org. \n\nLicense\n=======\n\nCopyright 2017 Gentoo Foundation, Inc; referenced text\nbelongs to its owner(s). \n\nThe contents of this document are licensed under the\nCreative Commons - Attribution / Share Alike license. \n\nhttp://creativecommons.org/licenses/by-sa/2.5\n",
        "sources": [
          {
            "db": "NVD",
            "id": "CVE-2017-14491"
          },
          {
            "db": "CERT/CC",
            "id": "VU#973527"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2017-008618"
          },
          {
            "db": "VULMON",
            "id": "CVE-2017-14491"
          },
          {
            "db": "PACKETSTORM",
            "id": "145652"
          },
          {
            "db": "PACKETSTORM",
            "id": "144474"
          },
          {
            "db": "PACKETSTORM",
            "id": "144477"
          },
          {
            "db": "PACKETSTORM",
            "id": "144469"
          },
          {
            "db": "PACKETSTORM",
            "id": "144481"
          },
          {
            "db": "PACKETSTORM",
            "id": "144482"
          },
          {
            "db": "PACKETSTORM",
            "id": "144706"
          },
          {
            "db": "PACKETSTORM",
            "id": "144472"
          }
        ],
        "trust": 3.15
      },
      "exploit_availability": {
        "_id": null,
        "data": [
          {
            "reference": "https://vulmon.com/exploitdetails?qidtp=exploitdb\u0026qid=42941",
            "trust": 0.1,
            "type": "exploit"
          }
        ],
        "sources": [
          {
            "db": "VULMON",
            "id": "CVE-2017-14491"
          }
        ]
      },
      "external_ids": {
        "_id": null,
        "data": [
          {
            "db": "NVD",
            "id": "CVE-2017-14491",
            "trust": 4.1
          },
          {
            "db": "CERT/CC",
            "id": "VU#973527",
            "trust": 3.3
          },
          {
            "db": "BID",
            "id": "101085",
            "trust": 1.7
          },
          {
            "db": "BID",
            "id": "101977",
            "trust": 1.7
          },
          {
            "db": "SECTRACK",
            "id": "1039474",
            "trust": 1.7
          },
          {
            "db": "SIEMENS",
            "id": "SSA-689071",
            "trust": 1.7
          },
          {
            "db": "PACKETSTORM",
            "id": "144480",
            "trust": 1.7
          },
          {
            "db": "EXPLOIT-DB",
            "id": "42941",
            "trust": 1.7
          },
          {
            "db": "ICS CERT",
            "id": "ICSA-17-332-01",
            "trust": 1.4
          },
          {
            "db": "ICS CERT",
            "id": "ICSA-24-074-07",
            "trust": 0.8
          },
          {
            "db": "JVN",
            "id": "JVNVU93453933",
            "trust": 0.8
          },
          {
            "db": "JVN",
            "id": "JVNVU93656033",
            "trust": 0.8
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2017-008618",
            "trust": 0.8
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201709-747",
            "trust": 0.6
          },
          {
            "db": "VULMON",
            "id": "CVE-2017-14491",
            "trust": 0.1
          },
          {
            "db": "PACKETSTORM",
            "id": "145652",
            "trust": 0.1
          },
          {
            "db": "PACKETSTORM",
            "id": "144474",
            "trust": 0.1
          },
          {
            "db": "PACKETSTORM",
            "id": "144477",
            "trust": 0.1
          },
          {
            "db": "PACKETSTORM",
            "id": "144469",
            "trust": 0.1
          },
          {
            "db": "PACKETSTORM",
            "id": "144481",
            "trust": 0.1
          },
          {
            "db": "PACKETSTORM",
            "id": "144482",
            "trust": 0.1
          },
          {
            "db": "PACKETSTORM",
            "id": "144706",
            "trust": 0.1
          },
          {
            "db": "PACKETSTORM",
            "id": "144472",
            "trust": 0.1
          }
        ],
        "sources": [
          {
            "db": "CERT/CC",
            "id": "VU#973527"
          },
          {
            "db": "VULMON",
            "id": "CVE-2017-14491"
          },
          {
            "db": "PACKETSTORM",
            "id": "145652"
          },
          {
            "db": "PACKETSTORM",
            "id": "144474"
          },
          {
            "db": "PACKETSTORM",
            "id": "144477"
          },
          {
            "db": "PACKETSTORM",
            "id": "144469"
          },
          {
            "db": "PACKETSTORM",
            "id": "144481"
          },
          {
            "db": "PACKETSTORM",
            "id": "144482"
          },
          {
            "db": "PACKETSTORM",
            "id": "144706"
          },
          {
            "db": "PACKETSTORM",
            "id": "144472"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201709-747"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2017-008618"
          },
          {
            "db": "NVD",
            "id": "CVE-2017-14491"
          }
        ]
      },
      "id": "VAR-201710-1433",
      "iot": {
        "_id": null,
        "data": true,
        "sources": [
          {
            "db": "VARIoT devices database",
            "id": null
          }
        ],
        "trust": 0.4630627775
      },
      "last_update_date": "2026-04-10T23:34:02.101000Z",
      "patch": {
        "_id": null,
        "data": [
          {
            "title": "Multiple\u00a0Critical\u00a0and\u00a0Important\u00a0vulnerabilities",
            "trust": 0.8,
            "url": "https://usn.ubuntu.com/usn/USN-3430-1/"
          },
          {
            "title": "Dnsmasq Buffer error vulnerability fix",
            "trust": 0.6,
            "url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=92843"
          },
          {
            "title": "Red Hat: Critical: dnsmasq security update",
            "trust": 0.1,
            "url": "https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories\u0026qid=RHSA-20172838 - Security Advisory"
          },
          {
            "title": "Red Hat: Critical: dnsmasq security update",
            "trust": 0.1,
            "url": "https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories\u0026qid=RHSA-20172841 - Security Advisory"
          },
          {
            "title": "Red Hat: Critical: dnsmasq security update",
            "trust": 0.1,
            "url": "https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories\u0026qid=RHSA-20172840 - Security Advisory"
          },
          {
            "title": "Red Hat: Critical: dnsmasq security update",
            "trust": 0.1,
            "url": "https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories\u0026qid=RHSA-20172839 - Security Advisory"
          },
          {
            "title": "Red Hat: Critical: dnsmasq security update",
            "trust": 0.1,
            "url": "https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories\u0026qid=RHSA-20172837 - Security Advisory"
          },
          {
            "title": "Red Hat: Critical: dnsmasq security update",
            "trust": 0.1,
            "url": "https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories\u0026qid=RHSA-20172836 - Security Advisory"
          },
          {
            "title": "Debian CVElist Bug Report Logs: dnsmasq: CVE-2017-13704: Size parameter overflow via large DNS query",
            "trust": 0.1,
            "url": "https://vulmon.com/vendoradvisory?qidtp=debian_cvelist_bugreportlogs\u0026qid=fa8aad66cae5df51d49e1cdce2fe4a42"
          },
          {
            "title": "Arch Linux Issues: ",
            "trust": 0.1,
            "url": "https://vulmon.com/vendoradvisory?qidtp=arch_linux_issues\u0026qid=CVE-2017-14491"
          },
          {
            "title": "Ubuntu Security Notice: dnsmasq vulnerabilities",
            "trust": 0.1,
            "url": "https://vulmon.com/vendoradvisory?qidtp=ubuntu_security_notice\u0026qid=USN-3430-2"
          },
          {
            "title": "Ubuntu Security Notice: dnsmasq regression",
            "trust": 0.1,
            "url": "https://vulmon.com/vendoradvisory?qidtp=ubuntu_security_notice\u0026qid=USN-3430-3"
          },
          {
            "title": "Ubuntu Security Notice: dnsmasq vulnerabilities",
            "trust": 0.1,
            "url": "https://vulmon.com/vendoradvisory?qidtp=ubuntu_security_notice\u0026qid=USN-3430-1"
          },
          {
            "title": "Debian Security Advisories: DSA-3989-1 dnsmasq -- security update",
            "trust": 0.1,
            "url": "https://vulmon.com/vendoradvisory?qidtp=debian_security_advisories\u0026qid=5c18698ecfe74c7de381531f8ed44dcf"
          },
          {
            "title": "Siemens Security Advisories: Siemens Security Advisory",
            "trust": 0.1,
            "url": "https://vulmon.com/vendoradvisory?qidtp=siemens_security_advisories\u0026qid=7f490a104360d6f65bee18ec7bfa18a3"
          },
          {
            "title": "Amazon Linux 2: ALAS2-2019-1251",
            "trust": 0.1,
            "url": "https://vulmon.com/vendoradvisory?qidtp=amazon_linux2\u0026qid=ALAS2-2019-1251"
          },
          {
            "title": "Arch Linux Advisories: [ASA-201710-1] dnsmasq: multiple issues",
            "trust": 0.1,
            "url": "https://vulmon.com/vendoradvisory?qidtp=arch_linux_advisories\u0026qid=ASA-201710-1"
          },
          {
            "title": "Amazon Linux AMI: ALAS-2017-907",
            "trust": 0.1,
            "url": "https://vulmon.com/vendoradvisory?qidtp=amazon_linux_ami\u0026qid=ALAS-2017-907"
          },
          {
            "title": "Oracle VM Server for x86 Bulletins: Oracle VM Server for x86 Bulletin - October 2017",
            "trust": 0.1,
            "url": "https://vulmon.com/vendoradvisory?qidtp=oracle_vm_server_for_x86_bulletins\u0026qid=b1921e7bf61366a1d7f889a7cdefa932"
          },
          {
            "title": "Oracle Solaris Third Party Bulletins: Oracle Solaris Third Party Bulletin - October 2017",
            "trust": 0.1,
            "url": "https://vulmon.com/vendoradvisory?qidtp=oracle_solaris_third_party_bulletins\u0026qid=6283337cd31f81f24d445925f2138c0e"
          },
          {
            "title": "Oracle Linux Bulletins: Oracle Linux Bulletin - October 2017",
            "trust": 0.1,
            "url": "https://vulmon.com/vendoradvisory?qidtp=oracle_linux_bulletins\u0026qid=7251d5e5f2b1771951980ad7cfde50ba"
          },
          {
            "title": "Kubernetes setup on Amazon AWS using Kops and Ansible",
            "trust": 0.1,
            "url": "https://github.com/suhaad79/aws-k8s-kops-ansible "
          },
          {
            "title": "Kubernetes setup on Amazon AWS using Kops and Ansible",
            "trust": 0.1,
            "url": "https://github.com/calvinkkd/aws-k8s-kkd-ansible "
          },
          {
            "title": "Kubernetes setup on Amazon AWS using Kops and Ansible",
            "trust": 0.1,
            "url": "https://github.com/simonelle/aws-k8s-kops-ansible "
          },
          {
            "title": "Kubernetes setup on Amazon AWS using Kops and Ansible",
            "trust": 0.1,
            "url": "https://github.com/scholzj/aws-k8s-kops-ansible "
          },
          {
            "title": "Kubernetes setup on Amazon AWS using Kops and Ansible",
            "trust": 0.1,
            "url": "https://github.com/bisiman2/aws-k8s-kops-ansible "
          },
          {
            "title": "Kubernetes setup on Amazon AWS using Kops and Ansible",
            "trust": 0.1,
            "url": "https://github.com/honey336/-aws-k8s-kops-ansible "
          },
          {
            "title": "Kubernetes setup on Amazon AWS using Kops and Ansible -1\naws-k8s-kops-ansible\naws-k8s-kops-ansible\naws-k8s-kops-ansible\naws-k8s-kops-ansible",
            "trust": 0.1,
            "url": "https://github.com/Andreadote/aws-k8s-kops-ansible "
          },
          {
            "title": "Kubernetes setup on Amazon AWS using Kops and Ansible",
            "trust": 0.1,
            "url": "https://github.com/RavitejaAdepudi/KopsCluster "
          },
          {
            "title": "Kubernetes setup on Amazon AWS using Kops and Ansible",
            "trust": 0.1,
            "url": "https://github.com/lorerunner/devops_kubenerates_aws "
          },
          {
            "title": "Kaosagnt\u0027s Ansible Everyday Utils",
            "trust": 0.1,
            "url": "https://github.com/kaosagnt/ansible-everyday "
          },
          {
            "title": "Awesome CVE PoC",
            "trust": 0.1,
            "url": "https://github.com/xbl3/awesome-cve-poc_qazbnm456 "
          },
          {
            "title": "Awesome CVE PoC",
            "trust": 0.1,
            "url": "https://github.com/lnick2023/nicenice "
          },
          {
            "title": "Awesome CVE PoC",
            "trust": 0.1,
            "url": "https://github.com/qazbnm456/awesome-cve-poc "
          },
          {
            "title": "Threatpost",
            "trust": 0.1,
            "url": "https://threatpost.com/google-warns-of-dos-and-rce-bugs-in-dnsmasq/128238/"
          }
        ],
        "sources": [
          {
            "db": "VULMON",
            "id": "CVE-2017-14491"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201709-747"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2017-008618"
          }
        ]
      },
      "problemtype_data": {
        "_id": null,
        "data": [
          {
            "problemtype": "CWE-787",
            "trust": 1.0
          },
          {
            "problemtype": "Buffer error (CWE-119) [NVD evaluation ]",
            "trust": 0.8
          },
          {
            "problemtype": " Heap-based buffer overflow (CWE-122) [IPA evaluation ]",
            "trust": 0.8
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2017-008618"
          },
          {
            "db": "NVD",
            "id": "CVE-2017-14491"
          }
        ]
      },
      "references": {
        "_id": null,
        "data": [
          {
            "trust": 3.2,
            "url": "https://www.kb.cert.org/vuls/id/973527"
          },
          {
            "trust": 2.9,
            "url": "http://www.securityfocus.com/bid/101085"
          },
          {
            "trust": 2.8,
            "url": "https://www.debian.org/security/2017/dsa-3989"
          },
          {
            "trust": 2.5,
            "url": "https://security.googleblog.com/2017/10/behind-masq-yet-more-dns-and-dhcp.html"
          },
          {
            "trust": 2.2,
            "url": "https://access.redhat.com/security/vulnerabilities/3199382"
          },
          {
            "trust": 1.9,
            "url": "https://access.redhat.com/errata/rhsa-2017:2838"
          },
          {
            "trust": 1.9,
            "url": "http://www.ubuntu.com/usn/usn-3430-1"
          },
          {
            "trust": 1.8,
            "url": "https://www.exploit-db.com/exploits/42941/"
          },
          {
            "trust": 1.8,
            "url": "https://access.redhat.com/errata/rhsa-2017:2841"
          },
          {
            "trust": 1.8,
            "url": "https://access.redhat.com/errata/rhsa-2017:2840"
          },
          {
            "trust": 1.8,
            "url": "https://access.redhat.com/errata/rhsa-2017:2839"
          },
          {
            "trust": 1.8,
            "url": "https://access.redhat.com/errata/rhsa-2017:2837"
          },
          {
            "trust": 1.8,
            "url": "https://security.gentoo.org/glsa/201710-27"
          },
          {
            "trust": 1.8,
            "url": "http://www.ubuntu.com/usn/usn-3430-3"
          },
          {
            "trust": 1.7,
            "url": "http://www.securitytracker.com/id/1039474"
          },
          {
            "trust": 1.7,
            "url": "http://thekelleys.org.uk/dnsmasq/changelog"
          },
          {
            "trust": 1.7,
            "url": "https://access.redhat.com/errata/rhsa-2017:2836"
          },
          {
            "trust": 1.7,
            "url": "http://www.ubuntu.com/usn/usn-3430-2"
          },
          {
            "trust": 1.7,
            "url": "http://lists.opensuse.org/opensuse-security-announce/2017-10/msg00006.html"
          },
          {
            "trust": 1.7,
            "url": "http://nvidia.custhelp.com/app/answers/detail/a_id/4561"
          },
          {
            "trust": 1.7,
            "url": "http://www.securityfocus.com/bid/101977"
          },
          {
            "trust": 1.7,
            "url": "https://www.synology.com/support/security/synology_sa_17_59_dnsmasq"
          },
          {
            "trust": 1.7,
            "url": "http://www.arubanetworks.com/assets/alert/aruba-psa-2017-005.txt"
          },
          {
            "trust": 1.7,
            "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-689071.pdf"
          },
          {
            "trust": 1.7,
            "url": "http://nvidia.custhelp.com/app/answers/detail/a_id/4560"
          },
          {
            "trust": 1.7,
            "url": "https://www.broadcom.com/support/fibre-channel-networking/security-advisories/brocade-security-advisory-2017-449/"
          },
          {
            "trust": 1.7,
            "url": "http://lists.opensuse.org/opensuse-security-announce/2017-10/msg00005.html"
          },
          {
            "trust": 1.7,
            "url": "http://lists.opensuse.org/opensuse-security-announce/2017-10/msg00004.html"
          },
          {
            "trust": 1.7,
            "url": "https://www.broadcom.com/support/fibre-channel-networking/security-advisories/brocade-security-advisory-2017-449"
          },
          {
            "trust": 1.7,
            "url": "http://packetstormsecurity.com/files/144480/dnsmasq-2-byte-heap-based-overflow.html"
          },
          {
            "trust": 1.7,
            "url": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20171103-01-dnsmasq-en"
          },
          {
            "trust": 1.7,
            "url": "http://lists.opensuse.org/opensuse-security-announce/2017-10/msg00003.html"
          },
          {
            "trust": 1.7,
            "url": "https://www.arista.com/en/support/advisories-notices/security-advisories/3577-security-advisory-30"
          },
          {
            "trust": 1.6,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2017-14491"
          },
          {
            "trust": 1.4,
            "url": "http://www.thekelleys.org.uk/dnsmasq/doc.html"
          },
          {
            "trust": 1.4,
            "url": "https://ics-cert.us-cert.gov/advisories/icsa-17-332-01"
          },
          {
            "trust": 1.1,
            "url": "http://thekelleys.org.uk/gitweb/?p=dnsmasq.git%3ba=commit%3bh=0549c73b7ea6b22a3c49beb4d432f185a81efcbc"
          },
          {
            "trust": 1.1,
            "url": "https://www.mail-archive.com/dnsmasq-discuss%40lists.thekelleys.org.uk/msg11665.html"
          },
          {
            "trust": 1.1,
            "url": "https://www.mail-archive.com/dnsmasq-discuss%40lists.thekelleys.org.uk/msg11664.html"
          },
          {
            "trust": 1.1,
            "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/5mmpcjoyppl4b5rby4u425pwg7eetdtd/"
          },
          {
            "trust": 1.1,
            "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/yxrz2w6tv6nlujc5nofbsg6pzsmdtypv/"
          },
          {
            "trust": 1.1,
            "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/527knn34rn2sb6mbjg7cksebwye3tjeb/"
          },
          {
            "trust": 1.1,
            "url": "https://access.redhat.com/security/cve/cve-2017-14491"
          },
          {
            "trust": 0.8,
            "url": "https://www.ruckuswireless.com/security"
          },
          {
            "trust": 0.8,
            "url": "https://www.zyxel.com/support/announcement_dnsmasq_vulnerabilities.shtml"
          },
          {
            "trust": 0.8,
            "url": "http://jvn.jp/vu/jvnvu93453933/index.html"
          },
          {
            "trust": 0.8,
            "url": "https://jvn.jp/vu/jvnvu93656033/index.html"
          },
          {
            "trust": 0.8,
            "url": "https://www.cisa.gov/news-events/ics-advisories/icsa-24-074-07"
          },
          {
            "trust": 0.7,
            "url": "https://access.redhat.com/security/cve/cve-2017-14493"
          },
          {
            "trust": 0.7,
            "url": "https://access.redhat.com/security/cve/cve-2017-14494"
          },
          {
            "trust": 0.7,
            "url": "https://access.redhat.com/security/cve/cve-2017-14492"
          },
          {
            "trust": 0.6,
            "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/5mmpcjoyppl4b5rby4u425pwg7eetdtd/"
          },
          {
            "trust": 0.6,
            "url": "https://github.com/google/security-research-pocs/blob/master/vulnerabilities/dnsmasq/cve-2017-14496.py"
          },
          {
            "trust": 0.6,
            "url": "https://access.redhat.com/security/cve/cve-2017-14496"
          },
          {
            "trust": 0.6,
            "url": "https://access.redhat.com/security/cve/cve-2017-14495"
          },
          {
            "trust": 0.6,
            "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1495409bug1495409"
          },
          {
            "trust": 0.6,
            "url": "https://access.redhat.com/security/cve/cve-2017-13704"
          },
          {
            "trust": 0.6,
            "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1495510"
          },
          {
            "trust": 0.6,
            "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1495416"
          },
          {
            "trust": 0.6,
            "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1495415"
          },
          {
            "trust": 0.6,
            "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1495412"
          },
          {
            "trust": 0.6,
            "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1495411"
          },
          {
            "trust": 0.6,
            "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1495410"
          },
          {
            "trust": 0.6,
            "url": "https://source.android.com/security/bulletin/2017-10-01"
          },
          {
            "trust": 0.6,
            "url": "http://www.slackware.com/security/viewer.php?l=slackware-security\u0026y=2017\u0026m=slackware-security.601472"
          },
          {
            "trust": 0.6,
            "url": "https://github.com/kubernetes/kubernetes/blob/master/changelog.md"
          },
          {
            "trust": 0.6,
            "url": "https://github.com/google/security-research-pocs/blob/master/vulnerabilities/dnsmasq/cve-2017-14495.py"
          },
          {
            "trust": 0.6,
            "url": "https://github.com/google/security-research-pocs/blob/master/vulnerabilities/dnsmasq/cve-2017-14494.py"
          },
          {
            "trust": 0.6,
            "url": "https://github.com/google/security-research-pocs/blob/master/vulnerabilities/dnsmasq/cve-2017-14493.py"
          },
          {
            "trust": 0.6,
            "url": "https://github.com/google/security-research-pocs/blob/master/vulnerabilities/dnsmasq/cve-2017-14492.py"
          },
          {
            "trust": 0.6,
            "url": "https://github.com/google/security-research-pocs/blob/master/vulnerabilities/dnsmasq/cve-2017-14491.py"
          },
          {
            "trust": 0.6,
            "url": "http://www.thekelleys.org.uk/dnsmasq/changelog"
          },
          {
            "trust": 0.6,
            "url": "https://www.mail-archive.com/dnsmasq-discuss@lists.thekelleys.org.uk/msg11665.html"
          },
          {
            "trust": 0.6,
            "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/527knn34rn2sb6mbjg7cksebwye3tjeb/"
          },
          {
            "trust": 0.6,
            "url": "http://thekelleys.org.uk/gitweb/?p=dnsmasq.git;a=commit;h=0549c73b7ea6b22a3c49beb4d432f185a81efcbc"
          },
          {
            "trust": 0.6,
            "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/yxrz2w6tv6nlujc5nofbsg6pzsmdtypv/"
          },
          {
            "trust": 0.6,
            "url": "https://www.mail-archive.com/dnsmasq-discuss@lists.thekelleys.org.uk/msg11664.html"
          },
          {
            "trust": 0.6,
            "url": "https://us-cert.cisa.gov/ics/advisories/icsa-17-332-01"
          },
          {
            "trust": 0.5,
            "url": "https://www.redhat.com/mailman/listinfo/rhsa-announce"
          },
          {
            "trust": 0.5,
            "url": "https://access.redhat.com/security/team/contact/"
          },
          {
            "trust": 0.5,
            "url": "https://bugzilla.redhat.com/):"
          },
          {
            "trust": 0.5,
            "url": "https://access.redhat.com/security/team/key/"
          },
          {
            "trust": 0.5,
            "url": "https://access.redhat.com/security/updates/classification/#critical"
          },
          {
            "trust": 0.5,
            "url": "https://access.redhat.com/articles/11258"
          },
          {
            "trust": 0.4,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2017-14494"
          },
          {
            "trust": 0.4,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2017-14492"
          },
          {
            "trust": 0.4,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2017-14493"
          },
          {
            "trust": 0.3,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2017-14496"
          },
          {
            "trust": 0.3,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2017-14495"
          },
          {
            "trust": 0.1,
            "url": "https://cwe.mitre.org/data/definitions/787.html"
          },
          {
            "trust": 0.1,
            "url": "https://github.com/suhaad79/aws-k8s-kops-ansible"
          },
          {
            "trust": 0.1,
            "url": "https://github.com/scholzj/aws-k8s-kops-ansible"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov"
          },
          {
            "trust": 0.1,
            "url": "https://launchpad.net/bugs/1741262"
          },
          {
            "trust": 0.1,
            "url": "https://launchpad.net/ubuntu/+source/dnsmasq/2.76-5ubuntu0.1"
          },
          {
            "trust": 0.1,
            "url": "https://launchpad.net/ubuntu/+source/dnsmasq/2.75-1ubuntu0.16.04.3"
          },
          {
            "trust": 0.1,
            "url": "https://launchpad.net/ubuntu/+source/dnsmasq/2.68-1ubuntu0.2"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/nvd.cfm?cvename=cve-2017-14495"
          },
          {
            "trust": 0.1,
            "url": "http://creativecommons.org/licenses/by-sa/2.5"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/nvd.cfm?cvename=cve-2017-14493"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/nvd.cfm?cvename=cve-2017-14492"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/nvd.cfm?cvename=cve-2017-14491"
          },
          {
            "trust": 0.1,
            "url": "https://security.gentoo.org/"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/nvd.cfm?cvename=cve-2017-14496"
          },
          {
            "trust": 0.1,
            "url": "https://bugs.gentoo.org."
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/nvd.cfm?cvename=cve-2017-14494"
          }
        ],
        "sources": [
          {
            "db": "CERT/CC",
            "id": "VU#973527"
          },
          {
            "db": "VULMON",
            "id": "CVE-2017-14491"
          },
          {
            "db": "PACKETSTORM",
            "id": "145652"
          },
          {
            "db": "PACKETSTORM",
            "id": "144474"
          },
          {
            "db": "PACKETSTORM",
            "id": "144477"
          },
          {
            "db": "PACKETSTORM",
            "id": "144469"
          },
          {
            "db": "PACKETSTORM",
            "id": "144481"
          },
          {
            "db": "PACKETSTORM",
            "id": "144482"
          },
          {
            "db": "PACKETSTORM",
            "id": "144706"
          },
          {
            "db": "PACKETSTORM",
            "id": "144472"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201709-747"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2017-008618"
          },
          {
            "db": "NVD",
            "id": "CVE-2017-14491"
          }
        ]
      },
      "sources": {
        "_id": null,
        "data": [
          {
            "db": "CERT/CC",
            "id": "VU#973527",
            "ident": null
          },
          {
            "db": "VULMON",
            "id": "CVE-2017-14491",
            "ident": null
          },
          {
            "db": "PACKETSTORM",
            "id": "145652",
            "ident": null
          },
          {
            "db": "PACKETSTORM",
            "id": "144474",
            "ident": null
          },
          {
            "db": "PACKETSTORM",
            "id": "144477",
            "ident": null
          },
          {
            "db": "PACKETSTORM",
            "id": "144469",
            "ident": null
          },
          {
            "db": "PACKETSTORM",
            "id": "144481",
            "ident": null
          },
          {
            "db": "PACKETSTORM",
            "id": "144482",
            "ident": null
          },
          {
            "db": "PACKETSTORM",
            "id": "144706",
            "ident": null
          },
          {
            "db": "PACKETSTORM",
            "id": "144472",
            "ident": null
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201709-747",
            "ident": null
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2017-008618",
            "ident": null
          },
          {
            "db": "NVD",
            "id": "CVE-2017-14491",
            "ident": null
          }
        ]
      },
      "sources_release_date": {
        "_id": null,
        "data": [
          {
            "date": "2017-10-02T00:00:00",
            "db": "CERT/CC",
            "id": "VU#973527",
            "ident": null
          },
          {
            "date": "2017-10-04T00:00:00",
            "db": "VULMON",
            "id": "CVE-2017-14491",
            "ident": null
          },
          {
            "date": "2018-01-04T17:50:40",
            "db": "PACKETSTORM",
            "id": "145652",
            "ident": null
          },
          {
            "date": "2017-10-02T08:55:00",
            "db": "PACKETSTORM",
            "id": "144474",
            "ident": null
          },
          {
            "date": "2017-10-02T11:11:00",
            "db": "PACKETSTORM",
            "id": "144477",
            "ident": null
          },
          {
            "date": "2017-10-02T13:13:00",
            "db": "PACKETSTORM",
            "id": "144469",
            "ident": null
          },
          {
            "date": "2017-10-03T05:18:12",
            "db": "PACKETSTORM",
            "id": "144481",
            "ident": null
          },
          {
            "date": "2017-10-03T05:18:27",
            "db": "PACKETSTORM",
            "id": "144482",
            "ident": null
          },
          {
            "date": "2017-10-23T13:54:05",
            "db": "PACKETSTORM",
            "id": "144706",
            "ident": null
          },
          {
            "date": "2017-10-02T08:33:00",
            "db": "PACKETSTORM",
            "id": "144472",
            "ident": null
          },
          {
            "date": "2017-09-18T00:00:00",
            "db": "CNNVD",
            "id": "CNNVD-201709-747",
            "ident": null
          },
          {
            "date": "2017-10-24T00:00:00",
            "db": "JVNDB",
            "id": "JVNDB-2017-008618",
            "ident": null
          },
          {
            "date": "2017-10-04T01:29:02.870000",
            "db": "NVD",
            "id": "CVE-2017-14491",
            "ident": null
          }
        ]
      },
      "sources_update_date": {
        "_id": null,
        "data": [
          {
            "date": "2018-02-02T00:00:00",
            "db": "CERT/CC",
            "id": "VU#973527",
            "ident": null
          },
          {
            "date": "2023-11-07T00:00:00",
            "db": "VULMON",
            "id": "CVE-2017-14491",
            "ident": null
          },
          {
            "date": "2022-04-24T00:00:00",
            "db": "CNNVD",
            "id": "CNNVD-201709-747",
            "ident": null
          },
          {
            "date": "2024-03-22T07:54:00",
            "db": "JVNDB",
            "id": "JVNDB-2017-008618",
            "ident": null
          },
          {
            "date": "2025-04-20T01:37:25.860000",
            "db": "NVD",
            "id": "CVE-2017-14491",
            "ident": null
          }
        ]
      },
      "threat_type": {
        "_id": null,
        "data": "remote",
        "sources": [
          {
            "db": "PACKETSTORM",
            "id": "145652"
          },
          {
            "db": "PACKETSTORM",
            "id": "144469"
          },
          {
            "db": "PACKETSTORM",
            "id": "144706"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201709-747"
          }
        ],
        "trust": 0.9
      },
      "title": {
        "_id": null,
        "data": "Dnsmasq contains multiple vulnerabilities",
        "sources": [
          {
            "db": "CERT/CC",
            "id": "VU#973527"
          }
        ],
        "trust": 0.8
      },
      "type": {
        "_id": null,
        "data": "buffer error",
        "sources": [
          {
            "db": "CNNVD",
            "id": "CNNVD-201709-747"
          }
        ],
        "trust": 0.6
      }
    }

    VAR-201710-0207

    Vulnerability from variot - Updated: 2026-04-10 23:24

    Wi-Fi Protected Access (WPA and WPA2) allows reinstallation of the Group Temporal Key (GTK) during the group key handshake, allowing an attacker within radio range to replay frames from access points to clients. An attacker within range of an affected AP and client may leverage these vulnerabilities to conduct attacks that are dependent on the data confidentiality protocols being used. Attacks may include arbitrary packet decryption and injection, TCP connection hijacking, HTTP content injection, or the replay of unicast and group-addressed frames. These vulnerabilities are referred to as Key Reinstallation Attacks or "KRACK" attacks. WPA (Wi-Fi Protected Access) is a system that protects wireless computer networks (Wi-Fi). The GTK group key reloading vulnerability exists in the WPA2 wireless network. CVE-2017-13804: @qwertyoruiopz at KJC Research Intl. S.R.L. CVE-2017-13080: Mathy Vanhoef of the imec-DistriNet group at KU Leuven

    Installation note:

    Firmware version 7.6.9 is installed on AirPort Express, AirPort Extreme, or AirPort Time Capsule base stations with 802.11n using AirPort Utility for Mac or iOS.

    AirPort Utility for Mac is a free download from https://support.apple.com/downloads/ and AirPort Utility for iOS is a free download from the App Store.

    Software Description: - linux-firmware: Firmware for Linux kernel drivers

    Details:

    Mathy Vanhoef discovered that the firmware for several Intel WLAN devices incorrectly handled WPA2 in relation to Wake on WLAN. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256


    Title: Microsoft Security Update Releases Issued: October 16, 2017


    Summary

    The following CVE has undergone a major revision increment.

    • CVE-2017-13080

    CVE Revision Information:

    CVE-2017-13080

    • Title: CVE-2017-13080 | Windows Wireless WPA Group Key Reinstallation Vulnerability
    • https://portal.msrc.microsoft.com/en-us/security-guidance
    • Reason for Revision: CVE-2017-13080 has been added to the October 2017 security release in lieu of ADV170016, which has been deprecated. CVE-2017-13080 was released as part of a multi-vendor coordinated disclosure. Please see the FAQ for more information.
    • Originally posted: October 16, 2017
    • Updated: N/A
    • CVE Severity Rating: Important
    • Version: 1.0

    Other Information

    Recognize and avoid fraudulent email to Microsoft customers:

    If you receive an email message that claims to be distributing a Microsoft security update, it is a hoax that may contain malware or pointers to malicious websites. Microsoft does not distribute security updates via email.

    The Microsoft Security Response Center (MSRC) uses PGP to digitally sign all security notifications. However, PGP is not required for reading security notifications, reading security bulletins, or installing security updates. You can obtain the MSRC public PGP key at .


    THE INFORMATION PROVIDED IN THIS MICROSOFT COMMUNICATION IS PROVIDED "AS IS" WITHOUT WARRANTY OF ANY KIND. MICROSOFT DISCLAIMS ALL WARRANTIES, EITHER EXPRESS OR IMPLIED, INCLUDING THE WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE. IN NO EVENT SHALL MICROSOFT CORPORATION OR ITS SUPPLIERS BE LIABLE FOR ANY DAMAGES WHATSOEVER INCLUDING DIRECT, INDIRECT, INCIDENTAL, CONSEQUENTIAL, LOSS OF BUSINESS PROFITS OR SPECIAL DAMAGES, EVEN IF MICROSOFT CORPORATION OR ITS SUPPLIERS HAVE BEEN ADVISED OF THE POSSIBILITY OF SUCH DAMAGES. SOME STATES DO NOT ALLOW THE EXCLUSION OR LIMITATION OF LIABILITY FOR CONSEQUENTIAL OR INCIDENTAL DAMAGES SO THE FOREGOING LIMITATION MAY NOT APPLY.


    Microsoft respects your privacy. Please read our online Privacy Statement at .

    If you would prefer not to receive future technical security notification alerts by email from Microsoft and its family of companies please visit the following website to unsubscribe: .

    These settings will not affect any newsletters youave requested or any mandatory service communications that are considered part of certain Microsoft services.

    For legal Information, see: .

    This newsletter was sent by: Microsoft Corporation 1 Microsoft Way Redmond, Washington, USA 98052

    -----BEGIN PGP SIGNATURE----- Version: PGP Desktop 10.2.0 (Build 1950) - not licensed for commercial use: www.pgp.com Charset: utf-8

    wsFVAwUBWeTb2vsCXwi14Wq8AQimsw//UE92KMajVPARF4zMmfyQnbypCJhwOhsG n7uhJwIF8STYnUDQPfjDPGzmJSDIiQTg3PeewAzg+Ib3GZCsPdUQHMEl/DfGLFWy k814Bh158GDGvWIwDYkIgn1cRrdFP63gVg13ImvgCA2i8KOg9gy1LcnJ1tkIuHAJ bv22fe3zT9PgfLArRpm/nb3qMRnx/VRkTeS80y/RW2a2tkPSzyqLBRgZEP7t+RxJ M4G7cFRS0xpLrPE7PYn8f+tdjA04dWPO77eLOG+gDSpK5mFc8ccdjW2VoKJlRT0I i2HESEZipsuVDd4X3lkl5BigtxdKFTNDIFhE/m3pybDTbjClhjSHF+SR7T8yCOO8 fiXm1Nt0201321dhlNrtxGFV5+Q1lixO0+X7XDGCiZFTECs18vpGrDNZGQGqJ7Hj gmdSCNnfW7tashCXAIUtvoHTzK6v0hLh4ufelvdNgw8+qLUB6Z9RmrHzCHRm/i2p IuCtzp4GlPE0cBz3kUPmS0VYrYddEPS/n/vffeQpfAbbFENclTrEwTTxEYkP/vC0 qh2DNFCKnpvs8EUz/dtAdBuDaF3zuENMf/LJJf1EKOnp06b0JsRYDplKKgICgxrF kpFoAwAE14+KYcEUQhP6/jvDJXmWfMRk60Bsbs0qsfTAsFL7O9z0NrjI5xZEjF3j OYE0vOnWj3g= =2086 -----END PGP SIGNATURE----- . ========================================================================== Kernel Live Patch Security Notice LSN-0036-1 April 2, 2018

    linux vulnerability

    A security issue affects these releases of Ubuntu:

    | Series | Base kernel | Arch | flavors | |------------------+--------------+----------+------------------| | Ubuntu 16.04 LTS | 4.4.0 | amd64 | generic | | Ubuntu 16.04 LTS | 4.4.0 | amd64 | lowlatency | | Ubuntu 14.04 LTS | 4.4.0 | amd64 | generic | | Ubuntu 14.04 LTS | 4.4.0 | amd64 | lowlatency |

    Summary:

    Several security issues were fixed in the kernel. (CVE-2017-13080)

    Jann Horn discovered that the Berkeley Packet Filter (BPF) implementation in the Linux kernel improperly performed sign extension in some situations. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2017-16995)

    Update instructions:

    The problem can be corrected by updating your livepatches to the following versions:

    | Kernel | Version | flavors | |-----------------+----------+--------------------------| | 4.4.0-116.140 | 33.2 | generic, lowlatency | | lts-4.4.0-116.140_14.04.1-lts-xenial | 14.04.1 | generic, lowlatency |

    Additionally, you should install an updated kernel with these fixes and reboot at your convienience.

    References: CVE-2017-13080, CVE-2017-16995

    -- ubuntu-security-announce mailing list ubuntu-security-announce@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-security-announce . -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512

    APPLE-SA-2017-12-6-2 iOS 11.2

    iOS 11.2 addresses the following:

    IOKit Available for: iPhone 5s and later, iPad Air and later, and iPod touch 6th generation Impact: An application may be able to execute arbitrary code with system privileges Description: Multiple memory corruption issues were addressed through improved state management. CVE-2017-13847: Ian Beer of Google Project Zero

    IOMobileFrameBuffer Available for: iPhone 5s and later, iPad Air and later, and iPod touch 6th generation Impact: An application may be able to execute arbitrary code with kernel privilege Description: A memory corruption issue was addressed with improved memory handling. CVE-2017-13879: Apple

    IOSurface Available for: iPhone 5s and later, iPad Air and later, and iPod touch 6th generation Impact: An application may be able to execute arbitrary code with kernel privileges Description: A memory corruption issue was addressed with improved memory handling. CVE-2017-13861: Ian Beer of Google Project Zero

    Kernel Available for: iPhone 5s and later, iPad Air and later, and iPod touch 6th generation Impact: An application may be able to execute arbitrary code with kernel privileges Description: A memory corruption issue was addressed with improved memory handling. CVE-2017-13862: Apple CVE-2017-13876: Ian Beer of Google Project Zero

    Kernel Available for: iPhone 5s and later, iPad Air and later, and iPod touch 6th generation Impact: An application may be able to read restricted memory Description: An out-of-bounds read was addressed with improved bounds checking. CVE-2017-13833: Brandon Azad

    Kernel Available for: iPhone 5s and later, iPad Air and later, and iPod touch 6th generation Impact: An application may be able to read restricted memory Description: A type confusion issue was addressed with improved memory handling. CVE-2017-13855: Jann Horn of Google Project Zero

    Kernel Available for: iPhone 5s and later, iPad Air and later, and iPod touch 6th generation Impact: A malicious application may be able to execute arbitrary code with kernel privileges Description: A memory corruption issue was addressed with improved memory handling. CVE-2017-13867: Ian Beer of Google Project Zero

    Kernel Available for: iPhone 5s and later, iPad Air and later, and iPod touch 6th generation Impact: An application may be able to read restricted memory Description: A validation issue was addressed with improved input sanitization. CVE-2017-13865: Ian Beer of Google Project Zero CVE-2017-13868: Brandon Azad CVE-2017-13869: Jann Horn of Google Project Zero

    Mail Available for: iPhone 5s and later, iPad Air and later, and iPod touch 6th generation Impact: Incorrect certificate is used for encryption Description: A S/MIME issue existed in the handling of encrypted email. This issue was addressed through improved selection of the encryption certificate. CVE-2017-13874: an anonymous researcher

    Mail Drafts Available for: iPhone 5s and later, iPad Air and later, and iPod touch 6th generation Impact: An attacker with a privileged network position may be able to intercept mail Description: An encryption issue existed with S/MIME credetials. The issue was addressed with additional checks and user control. CVE-2017-13860: Michael Weishaar of INNEO Solutions GmbH

    Wi-Fi Available for: iPhone 6s, iPhone 6s Plus, iPhone 6, iPhone 6 Plus, iPhone SE, iPhone 5s, 12.9-inch iPad Pro 1st generation, iPad Air 2, iPad Air, iPad 5th generation, iPad mini 4, iPad mini 3, iPad mini 2, and iPod touch 6th generation Released for iPhone 7 and later and iPad Pro 9.7-inch (early 2016) and later in iOS 11.1. This was addressed with improved state management. CVE-2017-13080: Mathy Vanhoef of the imec-DistriNet group at KU Leuven

    Installation note:

    This update is available through iTunes and Software Update on your iOS device, and will not appear in your computer's Software Update application, or in the Apple Downloads site. Make sure you have an Internet connection and have installed the latest version of iTunes from https://www.apple.com/itunes/

    iTunes and Software Update on the device will automatically check Apple's update server on its weekly schedule. When an update is detected, it is downloaded and the option to be installed is presented to the user when the iOS device is docked. We recommend applying the update immediately if possible. Selecting Don't Install will present the option the next time you connect your iOS device.

    The automatic update process may take up to a week depending on the day that iTunes or the device checks for updates. You may manually obtain the update via the Check for Updates button within iTunes, or the Software Update on your device.

    To check that the iPhone, iPod touch, or iPad has been updated:

    • Navigate to Settings
    • Select General
    • Select About. The version after applying this update will be "11.2".

    Information will also be posted to the Apple Security Updates web site: https://support.apple.com/kb/HT201222

    This message is signed with Apple's Product Security PGP key, and details are available at: https://www.apple.com/support/security/pgp/ -----BEGIN PGP SIGNATURE-----

    iQJdBAEBCgBHFiEEcuX4rtoRe4X62yWlg6PvjDRstEYFAlooN+gpHHByb2R1Y3Qt c2VjdXJpdHktbm9yZXBseUBsaXN0cy5hcHBsZS5jb20ACgkQg6PvjDRstEYDcQ// Q65i3ww4QzpeKJFL+7HA/S7GjzL01/Gmw0CirxBIdFVuOlOm5w6PKfXl7U+UPcdf jJZoIF7Jc5A34FR0szXHsy17kDwaT2fLGTkDJkdNvw3Utw2/MmmBFuaS4SIs3y/+ rXeLWfvCpaJcOLGdhHzM8ubP/k5MLTFopWvUdNeb1lrxxd91xnqibe4TrSs2dVBj gwEIBVfIWeLNaaEscujIRHxv/7f2szzxORzrZx+kXY/ar5HQMKqdlx9yuMetkuXx mT7dUV0ZkKlD73gJBtsHOkyGVUJWThg/xkGpXv11pTt2P/Xo/rhrucK5lcBuiUeJ NBb9isZmzBOf1rmfR/7cTMr/guY29kqN24+XYFLOiHlvBl43QZv5Hj2JiSyP8jVr LKLtBMk/2JLdSH4sFH9kgJ2kB0NB5raiS9CxsNiNmhftvSt9iB19vybr7B04SVBw hCsTA4HrdHVgbp4PSs4kAR/kpmT4yj0ms6++RCDggqZsk4M1uzagokAukqp3ou/k 0qkbjw1uciRAHlED6NmzrZ/aRWS+ASJAkLLCRE07IHGQJt8g2UUMipnPhsM+jA6u GnBD6cJHaTIdvHPEii5XVdynrsBG7Zb1txZsVUoNaa2jV4JBNihVv0Q2xjDxC5CI vyQU45YrbuD1sgtMoBdJhCznxWnQLt3A4LsKRsDy/00= =/F1Z -----END PGP SIGNATURE-----

    .

    Alternatively, on your watch, select "My Watch > General > About".

    Here are the details from the Slackware 14.2 ChangeLog: +--------------------------+ patches/packages/wpa_supplicant-2.6-i586-1_slack14.2.txz: Upgraded. This update includes patches to mitigate the WPA2 protocol issues known as "KRACK" (Key Reinstallation AttaCK), which may be used to decrypt data, hijack TCP connections, and to forge and inject packets. This is the list of vulnerabilities that are addressed here: CVE-2017-13077: Reinstallation of the pairwise encryption key (PTK-TK) in the 4-way handshake. CVE-2017-13079: Reinstallation of the integrity group key (IGTK) in the 4-way handshake. CVE-2017-13081: Reinstallation of the integrity group key (IGTK) in the group key handshake. CVE-2017-13082: Accepting a retransmitted Fast BSS Transition (FT) Reassociation Request and reinstalling the pairwise encryption key (PTK-TK) while processing it. CVE-2017-13084: Reinstallation of the STK key in the PeerKey handshake. CVE-2017-13086: reinstallation of the Tunneled Direct-Link Setup (TDLS) PeerKey (TPK) key in the TDLS handshake. For more information, see: https://www.krackattacks.com/ https://w1.fi/security/2017-1/wpa-packet-number-reuse-with-replayed-messages.txt https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-13077 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-13078 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-13079 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-13080 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-13081 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-13082 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-13084 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-13086 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-13087 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-13088 ( Security fix ) +--------------------------+

    Where to find the new packages: +-----------------------------+

    Thanks to the friendly folks at the OSU Open Source Lab (http://osuosl.org) for donating FTP and rsync hosting to the Slackware project! :-)

    Also see the "Get Slack" section on http://slackware.com for additional mirror sites near you.

    Updated package for Slackware 14.0: ftp://ftp.slackware.com/pub/slackware/slackware-14.0/patches/packages/wpa_supplicant-2.6-i486-1_slack14.0.txz

    Updated package for Slackware x86_64 14.0: ftp://ftp.slackware.com/pub/slackware/slackware64-14.0/patches/packages/wpa_supplicant-2.6-x86_64-1_slack14.0.txz

    Updated package for Slackware 14.1: ftp://ftp.slackware.com/pub/slackware/slackware-14.1/patches/packages/wpa_supplicant-2.6-i486-1_slack14.1.txz

    Updated package for Slackware x86_64 14.1: ftp://ftp.slackware.com/pub/slackware/slackware64-14.1/patches/packages/wpa_supplicant-2.6-x86_64-1_slack14.1.txz

    Updated package for Slackware 14.2: ftp://ftp.slackware.com/pub/slackware/slackware-14.2/patches/packages/wpa_supplicant-2.6-i586-1_slack14.2.txz

    Updated package for Slackware x86_64 14.2: ftp://ftp.slackware.com/pub/slackware/slackware64-14.2/patches/packages/wpa_supplicant-2.6-x86_64-1_slack14.2.txz

    Updated package for Slackware -current: ftp://ftp.slackware.com/pub/slackware/slackware-current/slackware/n/wpa_supplicant-2.6-i586-2.txz

    Updated package for Slackware x86_64 -current: ftp://ftp.slackware.com/pub/slackware/slackware64-current/slackware64/n/wpa_supplicant-2.6-x86_64-2.txz

    MD5 signatures: +-------------+

    Slackware 14.0 package: d8ecfaadb50b3547967ab53733ffc019 wpa_supplicant-2.6-i486-1_slack14.0.txz

    Slackware x86_64 14.0 package: f25216d28800504ce498705da7c9a825 wpa_supplicant-2.6-x86_64-1_slack14.0.txz

    Slackware 14.1 package: 15c61050e4bab2581757befd86be74c0 wpa_supplicant-2.6-i486-1_slack14.1.txz

    Slackware x86_64 14.1 package: 49fd537a520338744f7757615556d352 wpa_supplicant-2.6-x86_64-1_slack14.1.txz

    Slackware 14.2 package: c5539f40c8510af89be92945f0f80185 wpa_supplicant-2.6-i586-1_slack14.2.txz

    Slackware x86_64 14.2 package: 4c527ff84fcdfd7839f217bbce2e4ae4 wpa_supplicant-2.6-x86_64-1_slack14.2.txz

    Slackware -current package: 28bd88a54e96368f7a7020c1f5fb67fe n/wpa_supplicant-2.6-i586-2.txz

    Slackware x86_64 -current package: 464fc6b48d1ac077f47e9a3a8534c160 n/wpa_supplicant-2.6-x86_64-2.txz

    Installation instructions: +------------------------+

    Upgrade the package as root:

    upgradepkg wpa_supplicant-2.6-i586-1_slack14.2.txz

    +-----+

    Slackware Linux Security Team http://slackware.com/gpg-key security@slackware.com

    +------------------------------------------------------------------------+ | To leave the slackware-security mailing list: | +------------------------------------------------------------------------+ | Send an email to majordomo@slackware.com with this text in the body of | | the email message: | | | | unsubscribe slackware-security | | | | You will get a confirmation message back containing instructions to | | complete the process. Please do not reply to this email address. | +------------------------------------------------------------------------+ -----BEGIN PGP SIGNATURE-----

    iEYEARECAAYFAlnnrOgACgkQakRjwEAQIjPgvQCfRcXlhuFjrDNPbEUeZrYLxnkW b+4An0l5cZOdtohI7Fq0NbryWajCOnM2 =5HQM -----END PGP SIGNATURE----- . CVE-2017-7156: an anonymous researcher CVE-2017-7157: an anonymous researcher CVE-2017-13856: Jeonghoon Shin CVE-2017-13870: an anonymous researcher CVE-2017-13866: an anonymous researcher Entry added December 13, 2017

    Wi-Fi Available for: Apple TV (4th generation) Released for Apple TV 4K in tvOS 11.1

    Show details on source website

    {
      "affected_products": {
        "_id": null,
        "data": [
          {
            "_id": null,
            "model": "hostapd",
            "scope": "eq",
            "trust": 1.6,
            "vendor": "w1 fi",
            "version": "0.4.10"
          },
          {
            "_id": null,
            "model": "hostapd",
            "scope": "eq",
            "trust": 1.6,
            "vendor": "w1 fi",
            "version": "0.5.9"
          },
          {
            "_id": null,
            "model": "hostapd",
            "scope": "eq",
            "trust": 1.6,
            "vendor": "w1 fi",
            "version": "0.3.11"
          },
          {
            "_id": null,
            "model": "hostapd",
            "scope": "eq",
            "trust": 1.6,
            "vendor": "w1 fi",
            "version": "0.4.8"
          },
          {
            "_id": null,
            "model": "hostapd",
            "scope": "eq",
            "trust": 1.6,
            "vendor": "w1 fi",
            "version": "0.5.10"
          },
          {
            "_id": null,
            "model": "hostapd",
            "scope": "eq",
            "trust": 1.6,
            "vendor": "w1 fi",
            "version": "0.4.7"
          },
          {
            "_id": null,
            "model": "hostapd",
            "scope": "eq",
            "trust": 1.6,
            "vendor": "w1 fi",
            "version": "0.5.7"
          },
          {
            "_id": null,
            "model": "hostapd",
            "scope": "eq",
            "trust": 1.6,
            "vendor": "w1 fi",
            "version": "0.5.8"
          },
          {
            "_id": null,
            "model": "hostapd",
            "scope": "eq",
            "trust": 1.6,
            "vendor": "w1 fi",
            "version": "0.4.11"
          },
          {
            "_id": null,
            "model": "hostapd",
            "scope": "eq",
            "trust": 1.6,
            "vendor": "w1 fi",
            "version": "0.4.9"
          },
          {
            "_id": null,
            "model": "wpa supplicant",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "w1 fi",
            "version": "0.6.9"
          },
          {
            "_id": null,
            "model": "wpa supplicant",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "w1 fi",
            "version": "0.2.5"
          },
          {
            "_id": null,
            "model": "hostapd",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "w1 fi",
            "version": "1.1"
          },
          {
            "_id": null,
            "model": "linux",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "debian",
            "version": "9.0"
          },
          {
            "_id": null,
            "model": "hostapd",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "w1 fi",
            "version": "0.6.8"
          },
          {
            "_id": null,
            "model": "openstack cloud",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "suse",
            "version": "6"
          },
          {
            "_id": null,
            "model": "linux enterprise desktop",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "suse",
            "version": "12"
          },
          {
            "_id": null,
            "model": "hostapd",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "w1 fi",
            "version": "2.0"
          },
          {
            "_id": null,
            "model": "linux enterprise server",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "suse",
            "version": "11"
          },
          {
            "_id": null,
            "model": "hostapd",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "w1 fi",
            "version": "0.6.9"
          },
          {
            "_id": null,
            "model": "ubuntu linux",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "canonical",
            "version": "14.04"
          },
          {
            "_id": null,
            "model": "hostapd",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "w1 fi",
            "version": "0.2.5"
          },
          {
            "_id": null,
            "model": "wpa supplicant",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "w1 fi",
            "version": "0.4.9"
          },
          {
            "_id": null,
            "model": "enterprise linux server",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "redhat",
            "version": "7"
          },
          {
            "_id": null,
            "model": "hostapd",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "w1 fi",
            "version": "0.3.9"
          },
          {
            "_id": null,
            "model": "wpa supplicant",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "w1 fi",
            "version": "0.4.10"
          },
          {
            "_id": null,
            "model": "wpa supplicant",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "w1 fi",
            "version": "0.3.11"
          },
          {
            "_id": null,
            "model": "wpa supplicant",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "w1 fi",
            "version": "0.2.7"
          },
          {
            "_id": null,
            "model": "freebsd",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "freebsd",
            "version": "*"
          },
          {
            "_id": null,
            "model": "wpa supplicant",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "w1 fi",
            "version": "0.4.11"
          },
          {
            "_id": null,
            "model": "wpa supplicant",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "w1 fi",
            "version": "0.3.8"
          },
          {
            "_id": null,
            "model": "wpa supplicant",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "w1 fi",
            "version": "0.2.6"
          },
          {
            "_id": null,
            "model": "freebsd",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "freebsd",
            "version": "10"
          },
          {
            "_id": null,
            "model": "linux",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "debian",
            "version": "8.0"
          },
          {
            "_id": null,
            "model": "wpa supplicant",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "w1 fi",
            "version": "2.2"
          },
          {
            "_id": null,
            "model": "wpa supplicant",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "w1 fi",
            "version": "0.5.7"
          },
          {
            "_id": null,
            "model": "hostapd",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "w1 fi",
            "version": "0.2.6"
          },
          {
            "_id": null,
            "model": "hostapd",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "w1 fi",
            "version": "2.5"
          },
          {
            "_id": null,
            "model": "wpa supplicant",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "w1 fi",
            "version": "2.4"
          },
          {
            "_id": null,
            "model": "wpa supplicant",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "w1 fi",
            "version": "0.5.8"
          },
          {
            "_id": null,
            "model": "wpa supplicant",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "w1 fi",
            "version": "0.3.7"
          },
          {
            "_id": null,
            "model": "wpa supplicant",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "w1 fi",
            "version": "1.1"
          },
          {
            "_id": null,
            "model": "wpa supplicant",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "w1 fi",
            "version": "0.6.10"
          },
          {
            "_id": null,
            "model": "enterprise linux desktop",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "redhat",
            "version": "7"
          },
          {
            "_id": null,
            "model": "wpa supplicant",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "w1 fi",
            "version": "0.7.3"
          },
          {
            "_id": null,
            "model": "wpa supplicant",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "w1 fi",
            "version": "1.0"
          },
          {
            "_id": null,
            "model": "linux enterprise point of sale",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "suse",
            "version": "11"
          },
          {
            "_id": null,
            "model": "hostapd",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "w1 fi",
            "version": "2.4"
          },
          {
            "_id": null,
            "model": "wpa supplicant",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "w1 fi",
            "version": "2.6"
          },
          {
            "_id": null,
            "model": "hostapd",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "w1 fi",
            "version": "0.3.7"
          },
          {
            "_id": null,
            "model": "hostapd",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "w1 fi",
            "version": "0.6.10"
          },
          {
            "_id": null,
            "model": "wpa supplicant",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "w1 fi",
            "version": "0.2.8"
          },
          {
            "_id": null,
            "model": "hostapd",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "w1 fi",
            "version": "0.7.3"
          },
          {
            "_id": null,
            "model": "freebsd",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "freebsd",
            "version": "11.1"
          },
          {
            "_id": null,
            "model": "hostapd",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "w1 fi",
            "version": "1.0"
          },
          {
            "_id": null,
            "model": "wpa supplicant",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "w1 fi",
            "version": "0.3.9"
          },
          {
            "_id": null,
            "model": "hostapd",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "w1 fi",
            "version": "2.6"
          },
          {
            "_id": null,
            "model": "wpa supplicant",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "w1 fi",
            "version": "0.2.4"
          },
          {
            "_id": null,
            "model": "wpa supplicant",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "w1 fi",
            "version": "0.3.10"
          },
          {
            "_id": null,
            "model": "wpa supplicant",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "w1 fi",
            "version": "0.5.10"
          },
          {
            "_id": null,
            "model": "wpa supplicant",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "w1 fi",
            "version": "0.5.9"
          },
          {
            "_id": null,
            "model": "wpa supplicant",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "w1 fi",
            "version": "2.1"
          },
          {
            "_id": null,
            "model": "hostapd",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "w1 fi",
            "version": "0.2.8"
          },
          {
            "_id": null,
            "model": "leap",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "opensuse",
            "version": "42.2"
          },
          {
            "_id": null,
            "model": "wpa supplicant",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "w1 fi",
            "version": "0.4.7"
          },
          {
            "_id": null,
            "model": "ubuntu linux",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "canonical",
            "version": "17.04"
          },
          {
            "_id": null,
            "model": "hostapd",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "w1 fi",
            "version": "0.2.4"
          },
          {
            "_id": null,
            "model": "hostapd",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "w1 fi",
            "version": "0.3.10"
          },
          {
            "_id": null,
            "model": "wpa supplicant",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "w1 fi",
            "version": "2.3"
          },
          {
            "_id": null,
            "model": "freebsd",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "freebsd",
            "version": "10.4"
          },
          {
            "_id": null,
            "model": "hostapd",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "w1 fi",
            "version": "2.1"
          },
          {
            "_id": null,
            "model": "wpa supplicant",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "w1 fi",
            "version": "0.5.11"
          },
          {
            "_id": null,
            "model": "wpa supplicant",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "w1 fi",
            "version": "2.5"
          },
          {
            "_id": null,
            "model": "linux enterprise server",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "suse",
            "version": "12"
          },
          {
            "_id": null,
            "model": "hostapd",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "w1 fi",
            "version": "2.3"
          },
          {
            "_id": null,
            "model": "wpa supplicant",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "w1 fi",
            "version": "0.4.8"
          },
          {
            "_id": null,
            "model": "hostapd",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "w1 fi",
            "version": "0.5.11"
          },
          {
            "_id": null,
            "model": "ubuntu linux",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "canonical",
            "version": "16.04"
          },
          {
            "_id": null,
            "model": "hostapd",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "w1 fi",
            "version": "2.2"
          },
          {
            "_id": null,
            "model": "wpa supplicant",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "w1 fi",
            "version": "0.6.8"
          },
          {
            "_id": null,
            "model": "freebsd",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "freebsd",
            "version": "11"
          },
          {
            "_id": null,
            "model": "wpa supplicant",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "w1 fi",
            "version": "2.0"
          },
          {
            "_id": null,
            "model": "leap",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "opensuse",
            "version": "42.3"
          },
          {
            "_id": null,
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "9front",
            "version": null
          },
          {
            "_id": null,
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "adtran",
            "version": null
          },
          {
            "_id": null,
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "avm",
            "version": null
          },
          {
            "_id": null,
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "actiontec",
            "version": null
          },
          {
            "_id": null,
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "aerohive",
            "version": null
          },
          {
            "_id": null,
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "alcatel lucent",
            "version": null
          },
          {
            "_id": null,
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "android open source",
            "version": null
          },
          {
            "_id": null,
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "apple",
            "version": null
          },
          {
            "_id": null,
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "arch linux",
            "version": null
          },
          {
            "_id": null,
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "aruba",
            "version": null
          },
          {
            "_id": null,
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "asustek computer",
            "version": null
          },
          {
            "_id": null,
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "barracuda",
            "version": null
          },
          {
            "_id": null,
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "broadcom",
            "version": null
          },
          {
            "_id": null,
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "cambium",
            "version": null
          },
          {
            "_id": null,
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "centos",
            "version": null
          },
          {
            "_id": null,
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "cisco",
            "version": null
          },
          {
            "_id": null,
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "cradlepoint",
            "version": null
          },
          {
            "_id": null,
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "cypress semiconductor",
            "version": null
          },
          {
            "_id": null,
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "d link",
            "version": null
          },
          {
            "_id": null,
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "debian gnu linux",
            "version": null
          },
          {
            "_id": null,
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "dell",
            "version": null
          },
          {
            "_id": null,
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "digi",
            "version": null
          },
          {
            "_id": null,
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "draytek",
            "version": null
          },
          {
            "_id": null,
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "edimax computer",
            "version": null
          },
          {
            "_id": null,
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "engenius",
            "version": null
          },
          {
            "_id": null,
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "endian",
            "version": null
          },
          {
            "_id": null,
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "espressif",
            "version": null
          },
          {
            "_id": null,
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "extreme",
            "version": null
          },
          {
            "_id": null,
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "f secure",
            "version": null
          },
          {
            "_id": null,
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "fedora",
            "version": null
          },
          {
            "_id": null,
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "fortinet",
            "version": null
          },
          {
            "_id": null,
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "freebsd",
            "version": null
          },
          {
            "_id": null,
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "gentoo linux",
            "version": null
          },
          {
            "_id": null,
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "google",
            "version": null
          },
          {
            "_id": null,
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "hewlett packard",
            "version": null
          },
          {
            "_id": null,
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "hostap",
            "version": null
          },
          {
            "_id": null,
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "ipfire",
            "version": null
          },
          {
            "_id": null,
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "intel",
            "version": null
          },
          {
            "_id": null,
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "juniper",
            "version": null
          },
          {
            "_id": null,
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "lancom",
            "version": null
          },
          {
            "_id": null,
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "lede",
            "version": null
          },
          {
            "_id": null,
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "lifx",
            "version": null
          },
          {
            "_id": null,
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "lenovo",
            "version": null
          },
          {
            "_id": null,
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "microchip",
            "version": null
          },
          {
            "_id": null,
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "microsoft",
            "version": null
          },
          {
            "_id": null,
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "mojo",
            "version": null
          },
          {
            "_id": null,
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "nest",
            "version": null
          },
          {
            "_id": null,
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "netbsd",
            "version": null
          },
          {
            "_id": null,
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "netgear",
            "version": null
          },
          {
            "_id": null,
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "opnsense",
            "version": null
          },
          {
            "_id": null,
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "omnirom",
            "version": null
          },
          {
            "_id": null,
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "open mesh",
            "version": null
          },
          {
            "_id": null,
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "openbsd",
            "version": null
          },
          {
            "_id": null,
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "peplink",
            "version": null
          },
          {
            "_id": null,
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "red hat",
            "version": null
          },
          {
            "_id": null,
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "riverbed",
            "version": null
          },
          {
            "_id": null,
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "rockwell automation",
            "version": null
          },
          {
            "_id": null,
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "ruckus",
            "version": null
          },
          {
            "_id": null,
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "suse linux",
            "version": null
          },
          {
            "_id": null,
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "samsung mobile",
            "version": null
          },
          {
            "_id": null,
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "sierra",
            "version": null
          },
          {
            "_id": null,
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "slackware linux",
            "version": null
          },
          {
            "_id": null,
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "sonos",
            "version": null
          },
          {
            "_id": null,
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "sony",
            "version": null
          },
          {
            "_id": null,
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "sophos",
            "version": null
          },
          {
            "_id": null,
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "synology",
            "version": null
          },
          {
            "_id": null,
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "tp link",
            "version": null
          },
          {
            "_id": null,
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "technicolor",
            "version": null
          },
          {
            "_id": null,
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "texas instruments",
            "version": null
          },
          {
            "_id": null,
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "toshiba commerce",
            "version": null
          },
          {
            "_id": null,
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "toshiba electronic devices storage",
            "version": null
          },
          {
            "_id": null,
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "toshiba memory",
            "version": null
          },
          {
            "_id": null,
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "turris omnia",
            "version": null
          },
          {
            "_id": null,
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "ubiquiti",
            "version": null
          },
          {
            "_id": null,
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "ubuntu",
            "version": null
          },
          {
            "_id": null,
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "volumio",
            "version": null
          },
          {
            "_id": null,
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "watchguard",
            "version": null
          },
          {
            "_id": null,
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "xiaomi",
            "version": null
          },
          {
            "_id": null,
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "xirrus",
            "version": null
          },
          {
            "_id": null,
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "zebra",
            "version": null
          },
          {
            "_id": null,
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "zyxel",
            "version": null
          },
          {
            "_id": null,
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "dd wrt",
            "version": null
          },
          {
            "_id": null,
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "eero",
            "version": null
          },
          {
            "_id": null,
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "pfsense",
            "version": null
          },
          {
            "_id": null,
            "model": "alliance wi-fi protected access 2",
            "scope": null,
            "trust": 0.6,
            "vendor": "wi fi",
            "version": null
          },
          {
            "_id": null,
            "model": null,
            "scope": "eq",
            "trust": 0.4,
            "vendor": "linux desktop",
            "version": "12"
          },
          {
            "_id": null,
            "model": null,
            "scope": "eq",
            "trust": 0.4,
            "vendor": "linux server",
            "version": "11"
          },
          {
            "_id": null,
            "model": null,
            "scope": "eq",
            "trust": 0.2,
            "vendor": "ubuntu linux",
            "version": "14.04"
          },
          {
            "_id": null,
            "model": null,
            "scope": "eq",
            "trust": 0.2,
            "vendor": "ubuntu linux",
            "version": "16.04"
          },
          {
            "_id": null,
            "model": null,
            "scope": "eq",
            "trust": 0.2,
            "vendor": "ubuntu linux",
            "version": "17.04"
          },
          {
            "_id": null,
            "model": null,
            "scope": "eq",
            "trust": 0.2,
            "vendor": "debian linux",
            "version": "8.0"
          },
          {
            "_id": null,
            "model": null,
            "scope": "eq",
            "trust": 0.2,
            "vendor": "debian linux",
            "version": "9.0"
          },
          {
            "_id": null,
            "model": null,
            "scope": "eq",
            "trust": 0.2,
            "vendor": "freebsd",
            "version": "*"
          },
          {
            "_id": null,
            "model": null,
            "scope": "eq",
            "trust": 0.2,
            "vendor": "freebsd",
            "version": "10"
          },
          {
            "_id": null,
            "model": null,
            "scope": "eq",
            "trust": 0.2,
            "vendor": "freebsd",
            "version": "10.4"
          },
          {
            "_id": null,
            "model": null,
            "scope": "eq",
            "trust": 0.2,
            "vendor": "freebsd",
            "version": "11"
          },
          {
            "_id": null,
            "model": null,
            "scope": "eq",
            "trust": 0.2,
            "vendor": "freebsd",
            "version": "11.1"
          },
          {
            "_id": null,
            "model": null,
            "scope": "eq",
            "trust": 0.2,
            "vendor": "leap",
            "version": "42.2"
          },
          {
            "_id": null,
            "model": null,
            "scope": "eq",
            "trust": 0.2,
            "vendor": "leap",
            "version": "42.3"
          },
          {
            "_id": null,
            "model": null,
            "scope": "eq",
            "trust": 0.2,
            "vendor": "linux desktop",
            "version": "7"
          },
          {
            "_id": null,
            "model": null,
            "scope": "eq",
            "trust": 0.2,
            "vendor": "linux server",
            "version": "7"
          },
          {
            "_id": null,
            "model": null,
            "scope": "eq",
            "trust": 0.2,
            "vendor": "hostapd",
            "version": "0.2.4"
          },
          {
            "_id": null,
            "model": null,
            "scope": "eq",
            "trust": 0.2,
            "vendor": "hostapd",
            "version": "0.2.5"
          },
          {
            "_id": null,
            "model": null,
            "scope": "eq",
            "trust": 0.2,
            "vendor": "hostapd",
            "version": "0.2.6"
          },
          {
            "_id": null,
            "model": null,
            "scope": "eq",
            "trust": 0.2,
            "vendor": "hostapd",
            "version": "0.2.8"
          },
          {
            "_id": null,
            "model": null,
            "scope": "eq",
            "trust": 0.2,
            "vendor": "hostapd",
            "version": "0.3.7"
          },
          {
            "_id": null,
            "model": null,
            "scope": "eq",
            "trust": 0.2,
            "vendor": "hostapd",
            "version": "0.3.9"
          },
          {
            "_id": null,
            "model": null,
            "scope": "eq",
            "trust": 0.2,
            "vendor": "hostapd",
            "version": "0.3.10"
          },
          {
            "_id": null,
            "model": null,
            "scope": "eq",
            "trust": 0.2,
            "vendor": "hostapd",
            "version": "0.3.11"
          },
          {
            "_id": null,
            "model": null,
            "scope": "eq",
            "trust": 0.2,
            "vendor": "hostapd",
            "version": "0.4.7"
          },
          {
            "_id": null,
            "model": null,
            "scope": "eq",
            "trust": 0.2,
            "vendor": "hostapd",
            "version": "0.4.8"
          },
          {
            "_id": null,
            "model": null,
            "scope": "eq",
            "trust": 0.2,
            "vendor": "hostapd",
            "version": "0.4.9"
          },
          {
            "_id": null,
            "model": null,
            "scope": "eq",
            "trust": 0.2,
            "vendor": "hostapd",
            "version": "0.4.10"
          },
          {
            "_id": null,
            "model": null,
            "scope": "eq",
            "trust": 0.2,
            "vendor": "hostapd",
            "version": "0.4.11"
          },
          {
            "_id": null,
            "model": null,
            "scope": "eq",
            "trust": 0.2,
            "vendor": "hostapd",
            "version": "0.5.7"
          },
          {
            "_id": null,
            "model": null,
            "scope": "eq",
            "trust": 0.2,
            "vendor": "hostapd",
            "version": "0.5.8"
          },
          {
            "_id": null,
            "model": null,
            "scope": "eq",
            "trust": 0.2,
            "vendor": "hostapd",
            "version": "0.5.9"
          },
          {
            "_id": null,
            "model": null,
            "scope": "eq",
            "trust": 0.2,
            "vendor": "hostapd",
            "version": "0.5.10"
          },
          {
            "_id": null,
            "model": null,
            "scope": "eq",
            "trust": 0.2,
            "vendor": "hostapd",
            "version": "0.5.11"
          },
          {
            "_id": null,
            "model": null,
            "scope": "eq",
            "trust": 0.2,
            "vendor": "hostapd",
            "version": "0.6.8"
          },
          {
            "_id": null,
            "model": null,
            "scope": "eq",
            "trust": 0.2,
            "vendor": "hostapd",
            "version": "0.6.9"
          },
          {
            "_id": null,
            "model": null,
            "scope": "eq",
            "trust": 0.2,
            "vendor": "hostapd",
            "version": "0.6.10"
          },
          {
            "_id": null,
            "model": null,
            "scope": "eq",
            "trust": 0.2,
            "vendor": "hostapd",
            "version": "0.7.3"
          },
          {
            "_id": null,
            "model": null,
            "scope": "eq",
            "trust": 0.2,
            "vendor": "hostapd",
            "version": "1.0"
          },
          {
            "_id": null,
            "model": null,
            "scope": "eq",
            "trust": 0.2,
            "vendor": "hostapd",
            "version": "1.1"
          },
          {
            "_id": null,
            "model": null,
            "scope": "eq",
            "trust": 0.2,
            "vendor": "hostapd",
            "version": "2.0"
          },
          {
            "_id": null,
            "model": null,
            "scope": "eq",
            "trust": 0.2,
            "vendor": "hostapd",
            "version": "2.1"
          },
          {
            "_id": null,
            "model": null,
            "scope": "eq",
            "trust": 0.2,
            "vendor": "hostapd",
            "version": "2.2"
          },
          {
            "_id": null,
            "model": null,
            "scope": "eq",
            "trust": 0.2,
            "vendor": "hostapd",
            "version": "2.3"
          },
          {
            "_id": null,
            "model": null,
            "scope": "eq",
            "trust": 0.2,
            "vendor": "hostapd",
            "version": "2.4"
          },
          {
            "_id": null,
            "model": null,
            "scope": "eq",
            "trust": 0.2,
            "vendor": "hostapd",
            "version": "2.5"
          },
          {
            "_id": null,
            "model": null,
            "scope": "eq",
            "trust": 0.2,
            "vendor": "hostapd",
            "version": "2.6"
          },
          {
            "_id": null,
            "model": null,
            "scope": "eq",
            "trust": 0.2,
            "vendor": "wpa supplicant",
            "version": "0.2.4"
          },
          {
            "_id": null,
            "model": null,
            "scope": "eq",
            "trust": 0.2,
            "vendor": "wpa supplicant",
            "version": "0.2.5"
          },
          {
            "_id": null,
            "model": null,
            "scope": "eq",
            "trust": 0.2,
            "vendor": "wpa supplicant",
            "version": "0.2.6"
          },
          {
            "_id": null,
            "model": null,
            "scope": "eq",
            "trust": 0.2,
            "vendor": "wpa supplicant",
            "version": "0.2.7"
          },
          {
            "_id": null,
            "model": null,
            "scope": "eq",
            "trust": 0.2,
            "vendor": "wpa supplicant",
            "version": "0.2.8"
          },
          {
            "_id": null,
            "model": null,
            "scope": "eq",
            "trust": 0.2,
            "vendor": "wpa supplicant",
            "version": "0.3.7"
          },
          {
            "_id": null,
            "model": null,
            "scope": "eq",
            "trust": 0.2,
            "vendor": "wpa supplicant",
            "version": "0.3.8"
          },
          {
            "_id": null,
            "model": null,
            "scope": "eq",
            "trust": 0.2,
            "vendor": "wpa supplicant",
            "version": "0.3.9"
          },
          {
            "_id": null,
            "model": null,
            "scope": "eq",
            "trust": 0.2,
            "vendor": "wpa supplicant",
            "version": "0.3.10"
          },
          {
            "_id": null,
            "model": null,
            "scope": "eq",
            "trust": 0.2,
            "vendor": "wpa supplicant",
            "version": "0.3.11"
          },
          {
            "_id": null,
            "model": null,
            "scope": "eq",
            "trust": 0.2,
            "vendor": "wpa supplicant",
            "version": "0.4.7"
          },
          {
            "_id": null,
            "model": null,
            "scope": "eq",
            "trust": 0.2,
            "vendor": "wpa supplicant",
            "version": "0.4.8"
          },
          {
            "_id": null,
            "model": null,
            "scope": "eq",
            "trust": 0.2,
            "vendor": "wpa supplicant",
            "version": "0.4.9"
          },
          {
            "_id": null,
            "model": null,
            "scope": "eq",
            "trust": 0.2,
            "vendor": "wpa supplicant",
            "version": "0.4.10"
          },
          {
            "_id": null,
            "model": null,
            "scope": "eq",
            "trust": 0.2,
            "vendor": "wpa supplicant",
            "version": "0.4.11"
          },
          {
            "_id": null,
            "model": null,
            "scope": "eq",
            "trust": 0.2,
            "vendor": "wpa supplicant",
            "version": "0.5.7"
          },
          {
            "_id": null,
            "model": null,
            "scope": "eq",
            "trust": 0.2,
            "vendor": "wpa supplicant",
            "version": "0.5.8"
          },
          {
            "_id": null,
            "model": null,
            "scope": "eq",
            "trust": 0.2,
            "vendor": "wpa supplicant",
            "version": "0.5.9"
          },
          {
            "_id": null,
            "model": null,
            "scope": "eq",
            "trust": 0.2,
            "vendor": "wpa supplicant",
            "version": "0.5.10"
          },
          {
            "_id": null,
            "model": null,
            "scope": "eq",
            "trust": 0.2,
            "vendor": "wpa supplicant",
            "version": "0.5.11"
          },
          {
            "_id": null,
            "model": null,
            "scope": "eq",
            "trust": 0.2,
            "vendor": "wpa supplicant",
            "version": "0.6.8"
          },
          {
            "_id": null,
            "model": null,
            "scope": "eq",
            "trust": 0.2,
            "vendor": "wpa supplicant",
            "version": "0.6.9"
          },
          {
            "_id": null,
            "model": null,
            "scope": "eq",
            "trust": 0.2,
            "vendor": "wpa supplicant",
            "version": "0.6.10"
          },
          {
            "_id": null,
            "model": null,
            "scope": "eq",
            "trust": 0.2,
            "vendor": "wpa supplicant",
            "version": "0.7.3"
          },
          {
            "_id": null,
            "model": null,
            "scope": "eq",
            "trust": 0.2,
            "vendor": "wpa supplicant",
            "version": "1.0"
          },
          {
            "_id": null,
            "model": null,
            "scope": "eq",
            "trust": 0.2,
            "vendor": "wpa supplicant",
            "version": "1.1"
          },
          {
            "_id": null,
            "model": null,
            "scope": "eq",
            "trust": 0.2,
            "vendor": "wpa supplicant",
            "version": "2.0"
          },
          {
            "_id": null,
            "model": null,
            "scope": "eq",
            "trust": 0.2,
            "vendor": "wpa supplicant",
            "version": "2.1"
          },
          {
            "_id": null,
            "model": null,
            "scope": "eq",
            "trust": 0.2,
            "vendor": "wpa supplicant",
            "version": "2.2"
          },
          {
            "_id": null,
            "model": null,
            "scope": "eq",
            "trust": 0.2,
            "vendor": "wpa supplicant",
            "version": "2.3"
          },
          {
            "_id": null,
            "model": null,
            "scope": "eq",
            "trust": 0.2,
            "vendor": "wpa supplicant",
            "version": "2.4"
          },
          {
            "_id": null,
            "model": null,
            "scope": "eq",
            "trust": 0.2,
            "vendor": "wpa supplicant",
            "version": "2.5"
          },
          {
            "_id": null,
            "model": null,
            "scope": "eq",
            "trust": 0.2,
            "vendor": "wpa supplicant",
            "version": "2.6"
          },
          {
            "_id": null,
            "model": null,
            "scope": "eq",
            "trust": 0.2,
            "vendor": "linux point of sale",
            "version": "11"
          },
          {
            "_id": null,
            "model": null,
            "scope": "eq",
            "trust": 0.2,
            "vendor": "linux server",
            "version": "12"
          },
          {
            "_id": null,
            "model": null,
            "scope": "eq",
            "trust": 0.2,
            "vendor": "openstack cloud",
            "version": "6"
          }
        ],
        "sources": [
          {
            "db": "IVD",
            "id": "52cda2a8-8175-413f-97bb-cf2e4c75f7c4"
          },
          {
            "db": "CERT/CC",
            "id": "VU#228519"
          },
          {
            "db": "CNVD",
            "id": "CNVD-2017-30403"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201710-383"
          },
          {
            "db": "NVD",
            "id": "CVE-2017-13080"
          }
        ]
      },
      "credits": {
        "_id": null,
        "data": "Apple",
        "sources": [
          {
            "db": "PACKETSTORM",
            "id": "144860"
          },
          {
            "db": "PACKETSTORM",
            "id": "145394"
          },
          {
            "db": "PACKETSTORM",
            "id": "148445"
          },
          {
            "db": "PACKETSTORM",
            "id": "144828"
          },
          {
            "db": "PACKETSTORM",
            "id": "145430"
          },
          {
            "db": "PACKETSTORM",
            "id": "145271"
          },
          {
            "db": "PACKETSTORM",
            "id": "144829"
          }
        ],
        "trust": 0.7
      },
      "cve": "CVE-2017-13080",
      "cvss": {
        "_id": null,
        "data": [
          {
            "cvssV2": [
              {
                "accessComplexity": "MEDIUM",
                "accessVector": "ADJACENT_NETWORK",
                "authentication": "NONE",
                "author": "nvd@nist.gov",
                "availabilityImpact": "NONE",
                "baseScore": 2.9,
                "confidentialityImpact": "NONE",
                "exploitabilityScore": 5.5,
                "id": "CVE-2017-13080",
                "impactScore": 2.9,
                "integrityImpact": "PARTIAL",
                "severity": "LOW",
                "trust": 1.1,
                "vectorString": "AV:A/AC:M/Au:N/C:N/I:P/A:N",
                "version": "2.0"
              },
              {
                "accessComplexity": "MEDIUM",
                "accessVector": "ADJACENT_NETWORK",
                "authentication": "NONE",
                "author": "CNVD",
                "availabilityImpact": "PARTIAL",
                "baseScore": 5.4,
                "confidentialityImpact": "PARTIAL",
                "exploitabilityScore": 5.5,
                "id": "CNVD-2017-30403",
                "impactScore": 6.4,
                "integrityImpact": "PARTIAL",
                "severity": "MEDIUM",
                "trust": 0.6,
                "vectorString": "AV:A/AC:M/Au:N/C:P/I:P/A:P",
                "version": "2.0"
              },
              {
                "accessComplexity": "MEDIUM",
                "accessVector": "ADJACENT_NETWORK",
                "authentication": "NONE",
                "author": "IVD",
                "availabilityImpact": "PARTIAL",
                "baseScore": 5.4,
                "confidentialityImpact": "PARTIAL",
                "exploitabilityScore": 5.5,
                "id": "52cda2a8-8175-413f-97bb-cf2e4c75f7c4",
                "impactScore": 6.4,
                "integrityImpact": "PARTIAL",
                "severity": "MEDIUM",
                "trust": 0.2,
                "vectorString": "AV:A/AC:M/Au:N/C:P/I:P/A:P",
                "version": "2.9 [IVD]"
              }
            ],
            "cvssV3": [
              {
                "attackComplexity": "HIGH",
                "attackVector": "ADJACENT",
                "author": "nvd@nist.gov",
                "availabilityImpact": "NONE",
                "baseScore": 5.3,
                "baseSeverity": "MEDIUM",
                "confidentialityImpact": "NONE",
                "exploitabilityScore": 1.6,
                "id": "CVE-2017-13080",
                "impactScore": 3.6,
                "integrityImpact": "HIGH",
                "privilegesRequired": "NONE",
                "scope": "UNCHANGED",
                "trust": 1.0,
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.0/AV:A/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N",
                "version": "3.0"
              }
            ],
            "severity": [
              {
                "author": "nvd@nist.gov",
                "id": "CVE-2017-13080",
                "trust": 1.0,
                "value": "MEDIUM"
              },
              {
                "author": "CNVD",
                "id": "CNVD-2017-30403",
                "trust": 0.6,
                "value": "MEDIUM"
              },
              {
                "author": "CNNVD",
                "id": "CNNVD-201710-383",
                "trust": 0.6,
                "value": "MEDIUM"
              },
              {
                "author": "IVD",
                "id": "52cda2a8-8175-413f-97bb-cf2e4c75f7c4",
                "trust": 0.2,
                "value": "MEDIUM"
              },
              {
                "author": "VULMON",
                "id": "CVE-2017-13080",
                "trust": 0.1,
                "value": "LOW"
              }
            ]
          }
        ],
        "sources": [
          {
            "db": "IVD",
            "id": "52cda2a8-8175-413f-97bb-cf2e4c75f7c4"
          },
          {
            "db": "CNVD",
            "id": "CNVD-2017-30403"
          },
          {
            "db": "VULMON",
            "id": "CVE-2017-13080"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201710-383"
          },
          {
            "db": "NVD",
            "id": "CVE-2017-13080"
          }
        ]
      },
      "description": {
        "_id": null,
        "data": "Wi-Fi Protected Access (WPA and WPA2) allows reinstallation of the Group Temporal Key (GTK) during the group key handshake, allowing an attacker within radio range to replay frames from access points to clients. An attacker within range of an affected AP and client may leverage these vulnerabilities to conduct attacks that are dependent on the data confidentiality protocols being used. Attacks may include arbitrary packet decryption and injection, TCP connection hijacking, HTTP content injection, or the replay of unicast and group-addressed frames. These vulnerabilities are referred to as Key Reinstallation Attacks or \"KRACK\" attacks. WPA (Wi-Fi Protected Access) is a system that protects wireless computer networks (Wi-Fi). The GTK group key reloading vulnerability exists in the WPA2 wireless network. \nCVE-2017-13804: @qwertyoruiopz at KJC Research Intl. S.R.L. \nCVE-2017-13080: Mathy Vanhoef of the imec-DistriNet group at KU\nLeuven\n\nInstallation note:\n\nFirmware version 7.6.9 is installed on AirPort Express, AirPort\nExtreme, or AirPort Time Capsule base stations with 802.11n using\nAirPort Utility for Mac or iOS. \n\nAirPort Utility for Mac is a free download from\nhttps://support.apple.com/downloads/ and AirPort Utility for iOS\nis a free download from the App Store. \n\nSoftware Description:\n- linux-firmware: Firmware for Linux kernel drivers\n\nDetails:\n\nMathy Vanhoef discovered that the firmware for several Intel WLAN\ndevices incorrectly handled WPA2 in relation to Wake on WLAN. -----BEGIN PGP SIGNED MESSAGE-----\nHash: SHA256\n\n********************************************************************\nTitle: Microsoft Security Update Releases\nIssued: October 16, 2017\n********************************************************************\n\nSummary\n=======\n\nThe following CVE has undergone a major revision increment. \n\n* CVE-2017-13080\n\n\nCVE Revision Information:\n=====================\n\nCVE-2017-13080\n\n - Title: CVE-2017-13080 | Windows Wireless WPA Group Key \n Reinstallation Vulnerability\n - https://portal.msrc.microsoft.com/en-us/security-guidance\n - Reason for Revision: CVE-2017-13080 has been added to the October \n 2017 security release in lieu of ADV170016, which has been \n deprecated. CVE-2017-13080 was released as part of a multi-vendor \n coordinated disclosure. Please see the FAQ for more information. \n - Originally posted: October 16, 2017\n - Updated: N/A \n - CVE Severity Rating: Important\n - Version: 1.0\n\n\nOther Information\n=================\n\nRecognize and avoid fraudulent email to Microsoft customers:\n=============================================================\nIf you receive an email message that claims to be distributing \na Microsoft security update, it is a hoax that may contain \nmalware or pointers to malicious websites. Microsoft does \nnot distribute security updates via email. \n\nThe Microsoft Security Response Center (MSRC) uses PGP to digitally \nsign all security notifications. However, PGP is not required for \nreading security notifications, reading security bulletins, or \ninstalling security updates. You can obtain the MSRC public PGP key\nat . \n\n********************************************************************\nTHE INFORMATION PROVIDED IN THIS MICROSOFT COMMUNICATION IS\nPROVIDED \"AS IS\" WITHOUT WARRANTY OF ANY KIND. MICROSOFT\nDISCLAIMS ALL WARRANTIES, EITHER EXPRESS OR IMPLIED, INCLUDING\nTHE WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR\nPURPOSE. \nIN NO EVENT SHALL MICROSOFT CORPORATION OR ITS SUPPLIERS BE\nLIABLE FOR ANY DAMAGES WHATSOEVER INCLUDING DIRECT, INDIRECT,\nINCIDENTAL, CONSEQUENTIAL, LOSS OF BUSINESS PROFITS OR SPECIAL\nDAMAGES, EVEN IF MICROSOFT CORPORATION OR ITS SUPPLIERS HAVE BEEN\nADVISED OF THE POSSIBILITY OF SUCH DAMAGES. \nSOME STATES DO NOT ALLOW THE EXCLUSION OR LIMITATION OF LIABILITY\nFOR CONSEQUENTIAL OR INCIDENTAL DAMAGES SO THE FOREGOING\nLIMITATION MAY NOT APPLY. \n********************************************************************\n\nMicrosoft respects your privacy. Please read our online Privacy\nStatement at . \n\nIf you would prefer not to receive future technical security\nnotification alerts by email from Microsoft and its family of\ncompanies please visit the following website to unsubscribe:\n. \n\nThese settings will not affect any newsletters youave requested or\nany mandatory service communications that are considered part of\ncertain Microsoft services. \n\nFor legal Information, see:\n. \n\nThis newsletter was sent by:\nMicrosoft Corporation\n1 Microsoft Way\nRedmond, Washington, USA\n98052\n\n-----BEGIN PGP SIGNATURE-----\nVersion: PGP Desktop 10.2.0 (Build 1950) - not licensed for commercial use: www.pgp.com\nCharset: utf-8\n\nwsFVAwUBWeTb2vsCXwi14Wq8AQimsw//UE92KMajVPARF4zMmfyQnbypCJhwOhsG\nn7uhJwIF8STYnUDQPfjDPGzmJSDIiQTg3PeewAzg+Ib3GZCsPdUQHMEl/DfGLFWy\nk814Bh158GDGvWIwDYkIgn1cRrdFP63gVg13ImvgCA2i8KOg9gy1LcnJ1tkIuHAJ\nbv22fe3zT9PgfLArRpm/nb3qMRnx/VRkTeS80y/RW2a2tkPSzyqLBRgZEP7t+RxJ\nM4G7cFRS0xpLrPE7PYn8f+tdjA04dWPO77eLOG+gDSpK5mFc8ccdjW2VoKJlRT0I\ni2HESEZipsuVDd4X3lkl5BigtxdKFTNDIFhE/m3pybDTbjClhjSHF+SR7T8yCOO8\nfiXm1Nt0201321dhlNrtxGFV5+Q1lixO0+X7XDGCiZFTECs18vpGrDNZGQGqJ7Hj\ngmdSCNnfW7tashCXAIUtvoHTzK6v0hLh4ufelvdNgw8+qLUB6Z9RmrHzCHRm/i2p\nIuCtzp4GlPE0cBz3kUPmS0VYrYddEPS/n/vffeQpfAbbFENclTrEwTTxEYkP/vC0\nqh2DNFCKnpvs8EUz/dtAdBuDaF3zuENMf/LJJf1EKOnp06b0JsRYDplKKgICgxrF\nkpFoAwAE14+KYcEUQhP6/jvDJXmWfMRk60Bsbs0qsfTAsFL7O9z0NrjI5xZEjF3j\nOYE0vOnWj3g=\n=2086\n-----END PGP SIGNATURE-----\n. ==========================================================================\nKernel Live Patch Security Notice LSN-0036-1\nApril 2, 2018\n\nlinux vulnerability\n==========================================================================\n\nA security issue affects these releases of Ubuntu:\n\n| Series           | Base kernel  | Arch     | flavors          |\n|------------------+--------------+----------+------------------|\n| Ubuntu 16.04 LTS | 4.4.0        | amd64    | generic          |\n| Ubuntu 16.04 LTS | 4.4.0        | amd64    | lowlatency       |\n| Ubuntu 14.04 LTS | 4.4.0        | amd64    | generic          |\n| Ubuntu 14.04 LTS | 4.4.0        | amd64    | lowlatency       |\n\nSummary:\n\nSeveral security issues were fixed in the kernel. (CVE-2017-13080)\n\nJann Horn discovered that the Berkeley Packet Filter (BPF) implementation\nin the Linux kernel improperly performed sign extension in some situations. \nA local attacker could use this to cause a denial of service (system crash)\nor possibly execute arbitrary code. (CVE-2017-16995)\n\nUpdate instructions:\n\nThe problem can be corrected by updating your livepatches to the following\nversions:\n\n| Kernel          | Version  | flavors                  |\n|-----------------+----------+--------------------------|\n| 4.4.0-116.140   | 33.2     | generic, lowlatency      |\n| lts-4.4.0-116.140_14.04.1-lts-xenial | 14.04.1  | generic, lowlatency      |\n\nAdditionally, you should install an updated kernel with these fixes and\nreboot at your convienience. \n\nReferences:\n  CVE-2017-13080, CVE-2017-16995\n\n-- \nubuntu-security-announce mailing list\nubuntu-security-announce@lists.ubuntu.com\nModify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-security-announce\n. -----BEGIN PGP SIGNED MESSAGE-----\nHash: SHA512\n\nAPPLE-SA-2017-12-6-2 iOS 11.2\n\niOS 11.2 addresses the following:\n\nIOKit\nAvailable for: iPhone 5s and later, iPad Air and later, and iPod\ntouch 6th generation\nImpact: An application may be able to execute arbitrary code with\nsystem privileges\nDescription: Multiple memory corruption issues were addressed through\nimproved state management. \nCVE-2017-13847: Ian Beer of Google Project Zero\n\nIOMobileFrameBuffer\nAvailable for: iPhone 5s and later, iPad Air and later, and iPod\ntouch 6th generation\nImpact: An application may be able to execute arbitrary code with\nkernel privilege\nDescription: A memory corruption issue was addressed with improved\nmemory handling. \nCVE-2017-13879: Apple\n\nIOSurface\nAvailable for: iPhone 5s and later, iPad Air and later, and iPod\ntouch 6th generation\nImpact: An application may be able to execute arbitrary code with\nkernel privileges\nDescription: A memory corruption issue was addressed with improved\nmemory handling. \nCVE-2017-13861: Ian Beer of Google Project Zero\n\nKernel\nAvailable for: iPhone 5s and later, iPad Air and later, and iPod\ntouch 6th generation\nImpact: An application may be able to execute arbitrary code with\nkernel privileges\nDescription: A memory corruption issue was addressed with improved\nmemory handling. \nCVE-2017-13862: Apple\nCVE-2017-13876: Ian Beer of Google Project Zero\n\nKernel\nAvailable for: iPhone 5s and later, iPad Air and later, and iPod\ntouch 6th generation\nImpact: An application may be able to read restricted memory\nDescription: An out-of-bounds read was addressed with improved bounds\nchecking. \nCVE-2017-13833: Brandon Azad\n\nKernel\nAvailable for: iPhone 5s and later, iPad Air and later, and iPod\ntouch 6th generation\nImpact: An application may be able to read restricted memory\nDescription: A type confusion issue was addressed with improved\nmemory handling. \nCVE-2017-13855: Jann Horn of Google Project Zero\n\nKernel\nAvailable for: iPhone 5s and later, iPad Air and later, and iPod\ntouch 6th generation\nImpact: A malicious application may be able to execute arbitrary\ncode with kernel privileges\nDescription: A memory corruption issue was addressed with improved\nmemory handling. \nCVE-2017-13867: Ian Beer of Google Project Zero\n\nKernel\nAvailable for: iPhone 5s and later, iPad Air and later, and iPod\ntouch 6th generation\nImpact: An application may be able to read restricted memory\nDescription: A validation issue was addressed with improved input\nsanitization. \nCVE-2017-13865: Ian Beer of Google Project Zero\nCVE-2017-13868: Brandon Azad\nCVE-2017-13869: Jann Horn of Google Project Zero\n\nMail\nAvailable for: iPhone 5s and later, iPad Air and later, and iPod\ntouch 6th generation\nImpact: Incorrect certificate is used for encryption\nDescription: A S/MIME issue existed in the handling of encrypted\nemail. This issue was addressed through improved selection of the\nencryption certificate. \nCVE-2017-13874: an anonymous researcher\n\nMail Drafts\nAvailable for: iPhone 5s and later, iPad Air and later, and iPod\ntouch 6th generation\nImpact: An attacker with a privileged network position may be able to\nintercept mail\nDescription: An encryption issue existed with S/MIME credetials. The\nissue was addressed with additional checks and user control. \nCVE-2017-13860: Michael Weishaar of INNEO Solutions GmbH\n\nWi-Fi\nAvailable for: iPhone 6s, iPhone 6s Plus, iPhone 6, iPhone 6 Plus,\niPhone SE, iPhone 5s, 12.9-inch iPad Pro 1st generation, iPad Air 2,\niPad Air, iPad 5th generation, iPad mini 4, iPad mini 3, iPad mini 2,\nand iPod touch 6th generation\nReleased for iPhone 7 and later and iPad Pro 9.7-inch (early 2016)\nand later in iOS 11.1. This was addressed with improved state management. \nCVE-2017-13080: Mathy Vanhoef of the imec-DistriNet group at KU\nLeuven\n\nInstallation note:\n\nThis update is available through iTunes and Software Update on your\niOS device, and will not appear in your computer\u0027s Software Update\napplication, or in the Apple Downloads site. Make sure you have an\nInternet connection and have installed the latest version of iTunes\nfrom https://www.apple.com/itunes/\n\niTunes and Software Update on the device will automatically check\nApple\u0027s update server on its weekly schedule. When an update is\ndetected, it is downloaded and the option to be installed is\npresented to the user when the iOS device is docked. We recommend\napplying the update immediately if possible. Selecting Don\u0027t Install\nwill present the option the next time you connect your iOS device. \n\nThe automatic update process may take up to a week depending on the\nday that iTunes or the device checks for updates. You may manually\nobtain the update via the Check for Updates button within iTunes, or\nthe Software Update on your device. \n\nTo check that the iPhone, iPod touch, or iPad has been updated:\n\n* Navigate to Settings\n* Select General\n* Select About. The version after applying this update\nwill be \"11.2\". \n\nInformation will also be posted to the Apple Security Updates\nweb site: https://support.apple.com/kb/HT201222\n\nThis message is signed with Apple\u0027s Product Security PGP key,\nand details are available at:\nhttps://www.apple.com/support/security/pgp/\n-----BEGIN PGP SIGNATURE-----\n\niQJdBAEBCgBHFiEEcuX4rtoRe4X62yWlg6PvjDRstEYFAlooN+gpHHByb2R1Y3Qt\nc2VjdXJpdHktbm9yZXBseUBsaXN0cy5hcHBsZS5jb20ACgkQg6PvjDRstEYDcQ//\nQ65i3ww4QzpeKJFL+7HA/S7GjzL01/Gmw0CirxBIdFVuOlOm5w6PKfXl7U+UPcdf\njJZoIF7Jc5A34FR0szXHsy17kDwaT2fLGTkDJkdNvw3Utw2/MmmBFuaS4SIs3y/+\nrXeLWfvCpaJcOLGdhHzM8ubP/k5MLTFopWvUdNeb1lrxxd91xnqibe4TrSs2dVBj\ngwEIBVfIWeLNaaEscujIRHxv/7f2szzxORzrZx+kXY/ar5HQMKqdlx9yuMetkuXx\nmT7dUV0ZkKlD73gJBtsHOkyGVUJWThg/xkGpXv11pTt2P/Xo/rhrucK5lcBuiUeJ\nNBb9isZmzBOf1rmfR/7cTMr/guY29kqN24+XYFLOiHlvBl43QZv5Hj2JiSyP8jVr\nLKLtBMk/2JLdSH4sFH9kgJ2kB0NB5raiS9CxsNiNmhftvSt9iB19vybr7B04SVBw\nhCsTA4HrdHVgbp4PSs4kAR/kpmT4yj0ms6++RCDggqZsk4M1uzagokAukqp3ou/k\n0qkbjw1uciRAHlED6NmzrZ/aRWS+ASJAkLLCRE07IHGQJt8g2UUMipnPhsM+jA6u\nGnBD6cJHaTIdvHPEii5XVdynrsBG7Zb1txZsVUoNaa2jV4JBNihVv0Q2xjDxC5CI\nvyQU45YrbuD1sgtMoBdJhCznxWnQLt3A4LsKRsDy/00=\n=/F1Z\n-----END PGP SIGNATURE-----\n\n\n\n. \n\nAlternatively, on your watch, select \"My Watch \u003e General \u003e About\". \n\n\nHere are the details from the Slackware 14.2 ChangeLog:\n+--------------------------+\npatches/packages/wpa_supplicant-2.6-i586-1_slack14.2.txz:  Upgraded. \n  This update includes patches to mitigate the WPA2 protocol issues known\n  as \"KRACK\" (Key Reinstallation AttaCK), which may be used to decrypt data,\n  hijack TCP connections, and to forge and inject packets. This is the\n  list of vulnerabilities that are addressed here:\n  CVE-2017-13077: Reinstallation of the pairwise encryption key (PTK-TK) in the\n    4-way handshake. \n  CVE-2017-13079: Reinstallation of the integrity group key (IGTK) in the 4-way\n    handshake. \n  CVE-2017-13081: Reinstallation of the integrity group key (IGTK) in the group\n    key handshake. \n  CVE-2017-13082: Accepting a retransmitted Fast BSS Transition (FT)\n    Reassociation Request and reinstalling the pairwise encryption key (PTK-TK)\n    while processing it. \n  CVE-2017-13084: Reinstallation of the STK key in the PeerKey handshake. \n  CVE-2017-13086: reinstallation of the Tunneled Direct-Link Setup (TDLS)\n    PeerKey (TPK) key in the TDLS handshake. \n  For more information, see:\n    https://www.krackattacks.com/\n    https://w1.fi/security/2017-1/wpa-packet-number-reuse-with-replayed-messages.txt\n    https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-13077\n    https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-13078\n    https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-13079\n    https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-13080\n    https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-13081\n    https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-13082\n    https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-13084\n    https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-13086\n    https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-13087\n    https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-13088\n  (* Security fix *)\n+--------------------------+\n\n\nWhere to find the new packages:\n+-----------------------------+\n\nThanks to the friendly folks at the OSU Open Source Lab\n(http://osuosl.org) for donating FTP and rsync hosting\nto the Slackware project!  :-)\n\nAlso see the \"Get Slack\" section on http://slackware.com for\nadditional mirror sites near you. \n\nUpdated package for Slackware 14.0:\nftp://ftp.slackware.com/pub/slackware/slackware-14.0/patches/packages/wpa_supplicant-2.6-i486-1_slack14.0.txz\n\nUpdated package for Slackware x86_64 14.0:\nftp://ftp.slackware.com/pub/slackware/slackware64-14.0/patches/packages/wpa_supplicant-2.6-x86_64-1_slack14.0.txz\n\nUpdated package for Slackware 14.1:\nftp://ftp.slackware.com/pub/slackware/slackware-14.1/patches/packages/wpa_supplicant-2.6-i486-1_slack14.1.txz\n\nUpdated package for Slackware x86_64 14.1:\nftp://ftp.slackware.com/pub/slackware/slackware64-14.1/patches/packages/wpa_supplicant-2.6-x86_64-1_slack14.1.txz\n\nUpdated package for Slackware 14.2:\nftp://ftp.slackware.com/pub/slackware/slackware-14.2/patches/packages/wpa_supplicant-2.6-i586-1_slack14.2.txz\n\nUpdated package for Slackware x86_64 14.2:\nftp://ftp.slackware.com/pub/slackware/slackware64-14.2/patches/packages/wpa_supplicant-2.6-x86_64-1_slack14.2.txz\n\nUpdated package for Slackware -current:\nftp://ftp.slackware.com/pub/slackware/slackware-current/slackware/n/wpa_supplicant-2.6-i586-2.txz\n\nUpdated package for Slackware x86_64 -current:\nftp://ftp.slackware.com/pub/slackware/slackware64-current/slackware64/n/wpa_supplicant-2.6-x86_64-2.txz\n\n\nMD5 signatures:\n+-------------+\n\nSlackware 14.0 package:\nd8ecfaadb50b3547967ab53733ffc019  wpa_supplicant-2.6-i486-1_slack14.0.txz\n\nSlackware x86_64 14.0 package:\nf25216d28800504ce498705da7c9a825  wpa_supplicant-2.6-x86_64-1_slack14.0.txz\n\nSlackware 14.1 package:\n15c61050e4bab2581757befd86be74c0  wpa_supplicant-2.6-i486-1_slack14.1.txz\n\nSlackware x86_64 14.1 package:\n49fd537a520338744f7757615556d352  wpa_supplicant-2.6-x86_64-1_slack14.1.txz\n\nSlackware 14.2 package:\nc5539f40c8510af89be92945f0f80185  wpa_supplicant-2.6-i586-1_slack14.2.txz\n\nSlackware x86_64 14.2 package:\n4c527ff84fcdfd7839f217bbce2e4ae4  wpa_supplicant-2.6-x86_64-1_slack14.2.txz\n\nSlackware -current package:\n28bd88a54e96368f7a7020c1f5fb67fe  n/wpa_supplicant-2.6-i586-2.txz\n\nSlackware x86_64 -current package:\n464fc6b48d1ac077f47e9a3a8534c160  n/wpa_supplicant-2.6-x86_64-2.txz\n\n\nInstallation instructions:\n+------------------------+\n\nUpgrade the package as root:\n# upgradepkg wpa_supplicant-2.6-i586-1_slack14.2.txz\n\n\n+-----+\n\nSlackware Linux Security Team\nhttp://slackware.com/gpg-key\nsecurity@slackware.com\n\n+------------------------------------------------------------------------+\n| To leave the slackware-security mailing list:                          |\n+------------------------------------------------------------------------+\n| Send an email to majordomo@slackware.com with this text in the body of |\n| the email message:                                                     |\n|                                                                        |\n|   unsubscribe slackware-security                                       |\n|                                                                        |\n| You will get a confirmation message back containing instructions to    |\n| complete the process.  Please do not reply to this email address.      |\n+------------------------------------------------------------------------+\n-----BEGIN PGP SIGNATURE-----\n\niEYEARECAAYFAlnnrOgACgkQakRjwEAQIjPgvQCfRcXlhuFjrDNPbEUeZrYLxnkW\nb+4An0l5cZOdtohI7Fq0NbryWajCOnM2\n=5HQM\n-----END PGP SIGNATURE-----\n. \nCVE-2017-7156: an anonymous researcher\nCVE-2017-7157: an anonymous researcher\nCVE-2017-13856: Jeonghoon Shin\nCVE-2017-13870: an anonymous researcher\nCVE-2017-13866: an anonymous researcher\nEntry added December 13, 2017\n\nWi-Fi\nAvailable for: Apple TV (4th generation)\nReleased for Apple TV 4K in tvOS 11.1",
        "sources": [
          {
            "db": "NVD",
            "id": "CVE-2017-13080"
          },
          {
            "db": "CERT/CC",
            "id": "VU#228519"
          },
          {
            "db": "CNVD",
            "id": "CNVD-2017-30403"
          },
          {
            "db": "IVD",
            "id": "52cda2a8-8175-413f-97bb-cf2e4c75f7c4"
          },
          {
            "db": "PACKETSTORM",
            "id": "144860"
          },
          {
            "db": "PACKETSTORM",
            "id": "145394"
          },
          {
            "db": "PACKETSTORM",
            "id": "148445"
          },
          {
            "db": "PACKETSTORM",
            "id": "144828"
          },
          {
            "db": "VULMON",
            "id": "CVE-2017-13080"
          },
          {
            "db": "PACKETSTORM",
            "id": "144666"
          },
          {
            "db": "PACKETSTORM",
            "id": "145228"
          },
          {
            "db": "PACKETSTORM",
            "id": "144636"
          },
          {
            "db": "PACKETSTORM",
            "id": "147010"
          },
          {
            "db": "PACKETSTORM",
            "id": "145271"
          },
          {
            "db": "PACKETSTORM",
            "id": "144829"
          },
          {
            "db": "PACKETSTORM",
            "id": "144663"
          },
          {
            "db": "PACKETSTORM",
            "id": "145430"
          }
        ],
        "trust": 3.51
      },
      "external_ids": {
        "_id": null,
        "data": [
          {
            "db": "NVD",
            "id": "CVE-2017-13080",
            "trust": 3.7
          },
          {
            "db": "CERT/CC",
            "id": "VU#228519",
            "trust": 3.1
          },
          {
            "db": "LENOVO",
            "id": "LEN-17420",
            "trust": 2.5
          },
          {
            "db": "BID",
            "id": "101274",
            "trust": 2.3
          },
          {
            "db": "SECTRACK",
            "id": "1039703",
            "trust": 1.7
          },
          {
            "db": "SECTRACK",
            "id": "1039572",
            "trust": 1.7
          },
          {
            "db": "SECTRACK",
            "id": "1039573",
            "trust": 1.7
          },
          {
            "db": "SECTRACK",
            "id": "1039576",
            "trust": 1.7
          },
          {
            "db": "SECTRACK",
            "id": "1039577",
            "trust": 1.7
          },
          {
            "db": "SECTRACK",
            "id": "1039578",
            "trust": 1.7
          },
          {
            "db": "SECTRACK",
            "id": "1039581",
            "trust": 1.7
          },
          {
            "db": "SECTRACK",
            "id": "1039585",
            "trust": 1.7
          },
          {
            "db": "SIEMENS",
            "id": "SSA-901333",
            "trust": 1.7
          },
          {
            "db": "CERT@VDE",
            "id": "VDE-2017-003",
            "trust": 1.7
          },
          {
            "db": "CERT@VDE",
            "id": "VDE-2017-005",
            "trust": 1.7
          },
          {
            "db": "CNVD",
            "id": "CNVD-2017-30403",
            "trust": 0.8
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201710-383",
            "trust": 0.8
          },
          {
            "db": "JUNIPER",
            "id": "JSA10827",
            "trust": 0.8
          },
          {
            "db": "DLINK",
            "id": "SAP10075",
            "trust": 0.8
          },
          {
            "db": "AUSCERT",
            "id": "ESB-2020.3967",
            "trust": 0.6
          },
          {
            "db": "AUSCERT",
            "id": "ESB-2020.4125",
            "trust": 0.6
          },
          {
            "db": "LENOVO",
            "id": "LEN-45682",
            "trust": 0.6
          },
          {
            "db": "IVD",
            "id": "52CDA2A8-8175-413F-97BB-CF2E4C75F7C4",
            "trust": 0.2
          },
          {
            "db": "ICS CERT",
            "id": "ICSMA-18-114-01",
            "trust": 0.1
          },
          {
            "db": "VULMON",
            "id": "CVE-2017-13080",
            "trust": 0.1
          },
          {
            "db": "PACKETSTORM",
            "id": "144860",
            "trust": 0.1
          },
          {
            "db": "PACKETSTORM",
            "id": "145394",
            "trust": 0.1
          },
          {
            "db": "PACKETSTORM",
            "id": "148445",
            "trust": 0.1
          },
          {
            "db": "PACKETSTORM",
            "id": "144828",
            "trust": 0.1
          },
          {
            "db": "PACKETSTORM",
            "id": "145430",
            "trust": 0.1
          },
          {
            "db": "PACKETSTORM",
            "id": "144666",
            "trust": 0.1
          },
          {
            "db": "PACKETSTORM",
            "id": "145228",
            "trust": 0.1
          },
          {
            "db": "PACKETSTORM",
            "id": "144636",
            "trust": 0.1
          },
          {
            "db": "PACKETSTORM",
            "id": "147010",
            "trust": 0.1
          },
          {
            "db": "PACKETSTORM",
            "id": "145271",
            "trust": 0.1
          },
          {
            "db": "PACKETSTORM",
            "id": "144829",
            "trust": 0.1
          },
          {
            "db": "PACKETSTORM",
            "id": "144663",
            "trust": 0.1
          }
        ],
        "sources": [
          {
            "db": "IVD",
            "id": "52cda2a8-8175-413f-97bb-cf2e4c75f7c4"
          },
          {
            "db": "CERT/CC",
            "id": "VU#228519"
          },
          {
            "db": "CNVD",
            "id": "CNVD-2017-30403"
          },
          {
            "db": "VULMON",
            "id": "CVE-2017-13080"
          },
          {
            "db": "PACKETSTORM",
            "id": "144860"
          },
          {
            "db": "PACKETSTORM",
            "id": "145394"
          },
          {
            "db": "PACKETSTORM",
            "id": "148445"
          },
          {
            "db": "PACKETSTORM",
            "id": "144828"
          },
          {
            "db": "PACKETSTORM",
            "id": "145430"
          },
          {
            "db": "PACKETSTORM",
            "id": "144666"
          },
          {
            "db": "PACKETSTORM",
            "id": "145228"
          },
          {
            "db": "PACKETSTORM",
            "id": "144636"
          },
          {
            "db": "PACKETSTORM",
            "id": "147010"
          },
          {
            "db": "PACKETSTORM",
            "id": "145271"
          },
          {
            "db": "PACKETSTORM",
            "id": "144829"
          },
          {
            "db": "PACKETSTORM",
            "id": "144663"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201710-383"
          },
          {
            "db": "NVD",
            "id": "CVE-2017-13080"
          }
        ]
      },
      "id": "VAR-201710-0207",
      "iot": {
        "_id": null,
        "data": true,
        "sources": [
          {
            "db": "IVD",
            "id": "52cda2a8-8175-413f-97bb-cf2e4c75f7c4"
          },
          {
            "db": "CNVD",
            "id": "CNVD-2017-30403"
          }
        ],
        "trust": 1.6125
      },
      "iot_taxonomy": {
        "_id": null,
        "data": [
          {
            "category": [
              "ICS"
            ],
            "sub_category": null,
            "trust": 0.8
          }
        ],
        "sources": [
          {
            "db": "IVD",
            "id": "52cda2a8-8175-413f-97bb-cf2e4c75f7c4"
          },
          {
            "db": "CNVD",
            "id": "CNVD-2017-30403"
          }
        ]
      },
      "last_update_date": "2026-04-10T23:24:45.096000Z",
      "patch": {
        "_id": null,
        "data": [
          {
            "title": "Patch for WPA2 Wireless Network GTK Group Key Reload Vulnerability (CNVD-2017-30403)",
            "trust": 0.6,
            "url": "https://www.cnvd.org.cn/patchInfo/show/103821"
          },
          {
            "title": "Multiple WiFi product WPA2 Security vulnerabilities",
            "trust": 0.6,
            "url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=75497"
          },
          {
            "title": "Red Hat: Important: wpa_supplicant security update",
            "trust": 0.1,
            "url": "https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories\u0026qid=RHSA-20172911 - Security Advisory"
          },
          {
            "title": "Ubuntu Security Notice: linux-firmware vulnerabilities",
            "trust": 0.1,
            "url": "https://vulmon.com/vendoradvisory?qidtp=ubuntu_security_notice\u0026qid=USN-3505-1"
          },
          {
            "title": "Red Hat: Important: wpa_supplicant security update",
            "trust": 0.1,
            "url": "https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories\u0026qid=RHSA-20172907 - Security Advisory"
          },
          {
            "title": "Red Hat: CVE-2017-13080",
            "trust": 0.1,
            "url": "https://vulmon.com/vendoradvisory?qidtp=red_hat_cve_database\u0026qid=CVE-2017-13080"
          },
          {
            "title": "Arch Linux Issues: ",
            "trust": 0.1,
            "url": "https://vulmon.com/vendoradvisory?qidtp=arch_linux_issues\u0026qid=CVE-2017-13080"
          },
          {
            "title": "Apple: Wi-Fi Update for Boot Camp 6.4.0",
            "trust": 0.1,
            "url": "https://vulmon.com/vendoradvisory?qidtp=apple_security_advisories\u0026qid=4dc3bb86865485e4364fd6b2dc2fc379"
          },
          {
            "title": "Apple: watchOS 4.1",
            "trust": 0.1,
            "url": "https://vulmon.com/vendoradvisory?qidtp=apple_security_advisories\u0026qid=345c3fa8a313cd9a1ced5ef372c465c4"
          },
          {
            "title": "Apple: AirPort Base Station Firmware Update 7.6.9",
            "trust": 0.1,
            "url": "https://vulmon.com/vendoradvisory?qidtp=apple_security_advisories\u0026qid=43d8dcf7961e20b6ec02761d12969c19"
          },
          {
            "title": "Apple: AirPort Base Station Firmware Update 7.7.9",
            "trust": 0.1,
            "url": "https://vulmon.com/vendoradvisory?qidtp=apple_security_advisories\u0026qid=7ca8130f8030911575aa17c0e84114dd"
          },
          {
            "title": "Debian CVElist Bug Report Logs: firmware-brcm80211: BroadPwn vulnerability CVE-2017-9417",
            "trust": 0.1,
            "url": "https://vulmon.com/vendoradvisory?qidtp=debian_cvelist_bugreportlogs\u0026qid=2e0affd9108e95fa2aa2c706c74cd8a9"
          },
          {
            "title": "Ubuntu Security Notice: wpa vulnerabilities",
            "trust": 0.1,
            "url": "https://vulmon.com/vendoradvisory?qidtp=ubuntu_security_notice\u0026qid=USN-3455-1"
          },
          {
            "title": "Debian Security Advisories: DSA-3999-1 wpa -- security update",
            "trust": 0.1,
            "url": "https://vulmon.com/vendoradvisory?qidtp=debian_security_advisories\u0026qid=08990d9925276738bd732fa4d58f9ef0"
          },
          {
            "title": "Apple: tvOS 11.1",
            "trust": 0.1,
            "url": "https://vulmon.com/vendoradvisory?qidtp=apple_security_advisories\u0026qid=7a8e908aff7c02a31b2d335766e6d5c2"
          },
          {
            "title": "HP: HPSBHF03582 rev. 2 - KRACK Vulnerability Affecting WPA2 Wireless Security",
            "trust": 0.1,
            "url": "https://vulmon.com/vendoradvisory?qidtp=hp_bulletin\u0026qid=HPSBHF03582"
          },
          {
            "title": "Arch Linux Advisories: [ASA-201710-23] hostapd: man-in-the-middle",
            "trust": 0.1,
            "url": "https://vulmon.com/vendoradvisory?qidtp=arch_linux_advisories\u0026qid=ASA-201710-23"
          },
          {
            "title": "Arch Linux Advisories: [ASA-201710-22] wpa_supplicant: man-in-the-middle",
            "trust": 0.1,
            "url": "https://vulmon.com/vendoradvisory?qidtp=arch_linux_advisories\u0026qid=ASA-201710-22"
          },
          {
            "title": "HP: HPSBPI03574 rev. 1 - WPA, WPA2 Key Reinstallation Attacks (KRACK attacks) Potential Remote Disclosure of Information: Certain HP Enterprise Printer and MFP products, Certain HP PageWide Printer and MFP Products, HP Jetdirect Accessory Products",
            "trust": 0.1,
            "url": "https://vulmon.com/vendoradvisory?qidtp=hp_bulletin\u0026qid=HPSBPI03574"
          },
          {
            "title": "Siemens Security Advisories: Siemens Security Advisory",
            "trust": 0.1,
            "url": "https://vulmon.com/vendoradvisory?qidtp=siemens_security_advisories\u0026qid=6df91267eee9400a24a98876f50ffe84"
          },
          {
            "title": "Apple: iOS 11.2",
            "trust": 0.1,
            "url": "https://vulmon.com/vendoradvisory?qidtp=apple_security_advisories\u0026qid=75d972e5e0d4b4019a5bb869f1befb00"
          },
          {
            "title": "HP: HPSBHF03697 rev. 1 - Intel\u00ae PROSet/Wireless WiFi Software November 2020 Security Updates",
            "trust": 0.1,
            "url": "https://vulmon.com/vendoradvisory?qidtp=hp_bulletin\u0026qid=HPSBHF03697"
          },
          {
            "title": "Apple: tvOS 11.2",
            "trust": 0.1,
            "url": "https://vulmon.com/vendoradvisory?qidtp=apple_security_advisories\u0026qid=8d9ba2a4e31c3f4387eccea1c1dbc99c"
          },
          {
            "title": "Apple: watchOS 4.2",
            "trust": 0.1,
            "url": "https://vulmon.com/vendoradvisory?qidtp=apple_security_advisories\u0026qid=8658f9579768b2f61d8a0c0f1d03ed58"
          },
          {
            "title": "Apple: iOS 11.1",
            "trust": 0.1,
            "url": "https://vulmon.com/vendoradvisory?qidtp=apple_security_advisories\u0026qid=7814c280e80969d4c4d88f74b13290f2"
          },
          {
            "title": "Android Security Bulletins: Android Security Bulletin\u2014November 2017",
            "trust": 0.1,
            "url": "https://vulmon.com/vendoradvisory?qidtp=android_security_bulletins\u0026qid=8c29eb008bb212762e5cfb25c7c5c0d5"
          },
          {
            "title": "Apple: macOS High Sierra 10.13.4, Security Update 2018-002 Sierra, and Security Update 2018-002 El Capitan",
            "trust": 0.1,
            "url": "https://vulmon.com/vendoradvisory?qidtp=apple_security_advisories\u0026qid=8e90004e437eabc9a0809772bb0707c4"
          },
          {
            "title": "Cisco: Multiple Vulnerabilities in Wi-Fi Protected Access and Wi-Fi Protected Access II",
            "trust": 0.1,
            "url": "https://vulmon.com/vendoradvisory?qidtp=cisco_security_advisories_and_alerts_ciscoproducts\u0026qid=cisco-sa-20171016-wpa"
          },
          {
            "title": "HP: HPSBHF03571 rev. 6  -  Intel Management Engine Cumulative Security update and fix for WPA2 vulnerability",
            "trust": 0.1,
            "url": "https://vulmon.com/vendoradvisory?qidtp=hp_bulletin\u0026qid=HPSBHF03571"
          },
          {
            "title": "Oracle: Oracle Critical Patch Update Advisory - April 2018",
            "trust": 0.1,
            "url": "https://vulmon.com/vendoradvisory?qidtp=oracle_advisories\u0026qid=4019ca77f50c7a34e4d97833e6f3321e"
          },
          {
            "title": "Apple: macOS High Sierra 10.13.1, Security Update 2017-001 Sierra, and Security Update 2017-004 El Capitan",
            "trust": 0.1,
            "url": "https://vulmon.com/vendoradvisory?qidtp=apple_security_advisories\u0026qid=870f3f04ef17f7b183f74ae687a1561d"
          },
          {
            "title": "Oracle Linux Bulletins: Oracle Linux Bulletin - October 2017",
            "trust": 0.1,
            "url": "https://vulmon.com/vendoradvisory?qidtp=oracle_linux_bulletins\u0026qid=7251d5e5f2b1771951980ad7cfde50ba"
          },
          {
            "title": "Oracle: Oracle Critical Patch Update Advisory - January 2018",
            "trust": 0.1,
            "url": "https://vulmon.com/vendoradvisory?qidtp=oracle_advisories\u0026qid=e2a7f287e9acc8c64ab3df71130bc64d"
          },
          {
            "title": "vanhoefm-krackattacks-scripts",
            "trust": 0.1,
            "url": "https://github.com/84KaliPleXon3/vanhoefm-krackattacks-scripts "
          },
          {
            "title": "krankattack",
            "trust": 0.1,
            "url": "https://github.com/DevKosov/krankattack "
          },
          {
            "title": "krackattacks-scripts",
            "trust": 0.1,
            "url": "https://github.com/vanhoefm/krackattacks-scripts "
          },
          {
            "title": "KRACK",
            "trust": 0.1,
            "url": "https://github.com/chinatso/KRACK "
          },
          {
            "title": "krackinfo",
            "trust": 0.1,
            "url": "https://github.com/kristate/krackinfo "
          },
          {
            "title": "nixos-issue-db-example",
            "trust": 0.1,
            "url": "https://github.com/andir/nixos-issue-db-example "
          },
          {
            "title": "The Register",
            "trust": 0.1,
            "url": "https://www.theregister.co.uk/2017/11/07/android_november_security_update/"
          },
          {
            "title": "The Register",
            "trust": 0.1,
            "url": "https://www.theregister.co.uk/2017/10/16/wpa2_inscure_krackattack/"
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2017-30403"
          },
          {
            "db": "VULMON",
            "id": "CVE-2017-13080"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201710-383"
          }
        ]
      },
      "problemtype_data": {
        "_id": null,
        "data": [
          {
            "problemtype": "CWE-323",
            "trust": 1.0
          },
          {
            "problemtype": "CWE-330",
            "trust": 1.0
          }
        ],
        "sources": [
          {
            "db": "NVD",
            "id": "CVE-2017-13080"
          }
        ]
      },
      "references": {
        "_id": null,
        "data": [
          {
            "trust": 3.5,
            "url": "http://www.securityfocus.com/bid/101274"
          },
          {
            "trust": 3.3,
            "url": "https://source.android.com/security/bulletin/2017-11-01"
          },
          {
            "trust": 2.6,
            "url": "https://www.krackattacks.com/"
          },
          {
            "trust": 2.5,
            "url": "http://www.arubanetworks.com/assets/alert/aruba-psa-2017-007.txt"
          },
          {
            "trust": 2.5,
            "url": "https://tools.cisco.com/security/center/content/ciscosecurityadvisory/cisco-sa-20171016-wpa"
          },
          {
            "trust": 2.5,
            "url": "http://www.debian.org/security/2017/dsa-3999"
          },
          {
            "trust": 2.5,
            "url": "https://portal.msrc.microsoft.com/en-us/security-guidance/advisory/cve-2017-13080"
          },
          {
            "trust": 2.5,
            "url": "https://access.redhat.com/security/vulnerabilities/kracks"
          },
          {
            "trust": 1.8,
            "url": "http://www.kb.cert.org/vuls/id/228519"
          },
          {
            "trust": 1.8,
            "url": "https://w1.fi/security/2017-1/wpa-packet-number-reuse-with-replayed-messages.txt"
          },
          {
            "trust": 1.8,
            "url": "https://access.redhat.com/errata/rhsa-2017:2911"
          },
          {
            "trust": 1.7,
            "url": "http://www.securitytracker.com/id/1039585"
          },
          {
            "trust": 1.7,
            "url": "http://www.securitytracker.com/id/1039581"
          },
          {
            "trust": 1.7,
            "url": "http://www.securitytracker.com/id/1039578"
          },
          {
            "trust": 1.7,
            "url": "http://www.securitytracker.com/id/1039577"
          },
          {
            "trust": 1.7,
            "url": "http://www.securitytracker.com/id/1039576"
          },
          {
            "trust": 1.7,
            "url": "http://www.securitytracker.com/id/1039573"
          },
          {
            "trust": 1.7,
            "url": "http://www.securitytracker.com/id/1039572"
          },
          {
            "trust": 1.7,
            "url": "https://support.lenovo.com/us/en/product_security/len-17420"
          },
          {
            "trust": 1.7,
            "url": "https://security.freebsd.org/advisories/freebsd-sa-17:07.wpa.asc"
          },
          {
            "trust": 1.7,
            "url": "https://access.redhat.com/errata/rhsa-2017:2907"
          },
          {
            "trust": 1.7,
            "url": "http://www.ubuntu.com/usn/usn-3455-1"
          },
          {
            "trust": 1.7,
            "url": "http://lists.opensuse.org/opensuse-security-announce/2017-10/msg00024.html"
          },
          {
            "trust": 1.7,
            "url": "http://lists.opensuse.org/opensuse-security-announce/2017-10/msg00023.html"
          },
          {
            "trust": 1.7,
            "url": "http://lists.opensuse.org/opensuse-security-announce/2017-10/msg00020.html"
          },
          {
            "trust": 1.7,
            "url": "http://www.securitytracker.com/id/1039703"
          },
          {
            "trust": 1.7,
            "url": "https://security.gentoo.org/glsa/201711-03"
          },
          {
            "trust": 1.7,
            "url": "https://support.apple.com/ht208222"
          },
          {
            "trust": 1.7,
            "url": "https://support.apple.com/ht208221"
          },
          {
            "trust": 1.7,
            "url": "https://support.apple.com/ht208220"
          },
          {
            "trust": 1.7,
            "url": "https://support.apple.com/ht208219"
          },
          {
            "trust": 1.7,
            "url": "https://support.apple.com/ht208334"
          },
          {
            "trust": 1.7,
            "url": "https://support.apple.com/ht208327"
          },
          {
            "trust": 1.7,
            "url": "https://support.apple.com/ht208325"
          },
          {
            "trust": 1.7,
            "url": "http://www.oracle.com/technetwork/security-advisory/cpujan2018-3236628.html"
          },
          {
            "trust": 1.7,
            "url": "https://lists.debian.org/debian-lts-announce/2017/12/msg00004.html"
          },
          {
            "trust": 1.7,
            "url": "http://www.oracle.com/technetwork/security-advisory/cpuapr2018-3678067.html"
          },
          {
            "trust": 1.7,
            "url": "https://support.hpe.com/hpsc/doc/public/display?doclocale=en_us\u0026docid=emr_na-hpesbhf03792en_us"
          },
          {
            "trust": 1.7,
            "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-901333.pdf"
          },
          {
            "trust": 1.7,
            "url": "https://cert.vde.com/en-us/advisories/vde-2017-005"
          },
          {
            "trust": 1.7,
            "url": "https://cert.vde.com/en-us/advisories/vde-2017-003"
          },
          {
            "trust": 1.7,
            "url": "https://lists.debian.org/debian-lts-announce/2018/11/msg00015.html"
          },
          {
            "trust": 1.7,
            "url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00402.html"
          },
          {
            "trust": 1.2,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2017-13080"
          },
          {
            "trust": 0.8,
            "url": "https://cwe.mitre.org/data/definitions/323.html"
          },
          {
            "trust": 0.8,
            "url": "https://papers.mathyvanhoef.com/ccs2017.pdf"
          },
          {
            "trust": 0.8,
            "url": "https://actiontecsupport.zendesk.com/hc/en-us/articles/115005205283-krack-vulnerability"
          },
          {
            "trust": 0.8,
            "url": "https://www3.aerohive.com/support/security-bulletins/product-security-announcement-aerohives-response-to-krack-10162017.html"
          },
          {
            "trust": 0.8,
            "url": "https://www.al-enterprise.com/en/support/security-alert-krack"
          },
          {
            "trust": 0.8,
            "url": "https://support.apple.com/en-gb/ht208222"
          },
          {
            "trust": 0.8,
            "url": "https://security.archlinux.org/avg-447"
          },
          {
            "trust": 0.8,
            "url": "https://www.asus.com/static_webpage/asus-product-security-advisory/"
          },
          {
            "trust": 0.8,
            "url": "https://community.barracudanetworks.com/forum/index.php?/topic/23525-security-advisories/page-2"
          },
          {
            "trust": 0.8,
            "url": "https://lists.centos.org/pipermail/centos-announce/2017-october/022569.html"
          },
          {
            "trust": 0.8,
            "url": "https://community.cypress.com/docs/doc-13871"
          },
          {
            "trust": 0.8,
            "url": "http://supportannouncement.us.dlink.com/announcement/publication.aspx?name=sap10075"
          },
          {
            "trust": 0.8,
            "url": "http://www.dell.com/support/article/sln307822"
          },
          {
            "trust": 0.8,
            "url": "https://github.com/espressif/esp8266_nonos_sdk"
          },
          {
            "trust": 0.8,
            "url": "https://extremeportal.force.com/extrarticledetail?n=000018005"
          },
          {
            "trust": 0.8,
            "url": "https://bodhi.fedoraproject.org/updates/fedora-2017-60bfb576b7"
          },
          {
            "trust": 0.8,
            "url": "http://www.fortiguard.com/psirt/fg-ir-17-196"
          },
          {
            "trust": 0.8,
            "url": "https://www.freebsd.org/security/advisories/freebsd-sa-17:07.wpa.asc"
          },
          {
            "trust": 0.8,
            "url": "https://bugs.gentoo.org/634440"
          },
          {
            "trust": 0.8,
            "url": "https://support.hpe.com/hpsc/doc/public/display?sp4ts.oid=null\u0026doclocale=en_us\u0026docid=emr_na-a00029151en_us"
          },
          {
            "trust": 0.8,
            "url": "https://w1.fi/security/2017-1/"
          },
          {
            "trust": 0.8,
            "url": "https://security-center.intel.com/advisory.aspx?intelid=intel-sa-00101\u0026languageid=en-fr"
          },
          {
            "trust": 0.8,
            "url": "https://kb.juniper.net/jsa10827"
          },
          {
            "trust": 0.8,
            "url": "https://support.lenovo.com/ca/en/product_security/len-17420"
          },
          {
            "trust": 0.8,
            "url": "http://www.microchip.com/wwwproducts/en/atwinc1500"
          },
          {
            "trust": 0.8,
            "url": "http://mail-index.netbsd.org/source-changes/2017/10/16/msg088877.html"
          },
          {
            "trust": 0.8,
            "url": "https://kb.netgear.com/000049498/security-advisory-for-wpa-2-vulnerabilities-psv-2017-2826-psv-2017-2836-psv-2017-2837"
          },
          {
            "trust": 0.8,
            "url": "https://forum.peplink.com/t/security-advisory-wpa2-vulnerability-vu-228519/12715"
          },
          {
            "trust": 0.8,
            "url": "https://ruckus-www.s3.amazonaws.com/pdf/security/faq-security-advisory-id-101617-v1.0.pdf"
          },
          {
            "trust": 0.8,
            "url": "https://www.suse.com/de-de/support/kb/doc/?id=7022107"
          },
          {
            "trust": 0.8,
            "url": "https://source.sierrawireless.com/resources/airlink/software_reference_docs/technical-bulletin/sierra-wireless-technical-bulletin---wpa-and-wpa2-vulnerabilities/"
          },
          {
            "trust": 0.8,
            "url": "http://www.slackware.com/changelog/stable.php?cpu=x86_64"
          },
          {
            "trust": 0.8,
            "url": "https://community.sophos.com/kb/en-us/127658"
          },
          {
            "trust": 0.8,
            "url": "https://www.toshibacommerce.com/wps/myportal/%21ut/p/a1/rzrnc8igeiz_sw8egqhjcdmmwr8abw2dqcnfoyqotidrrk399uxrrwotuzgws7a87y6z88iuzmcq2u4uwcnlzypjnjj5-exr_wnhya-laxtrid-j3uchdtb8gylmuw6qzgktovtowsrrqlrs6-8dbeqhwc1mykqnlabgdjlf1yjvn7i5af4qtdwsn2tri7j"
          },
          {
            "trust": 0.8,
            "url": "http://www.toshiba-personalstorage.net/en/news/hdd/ot_notice/20171017.htm"
          },
          {
            "trust": 0.8,
            "url": "http://support.toshiba.com/support/staticcontentdetail?contentid=4015875\u0026isfromtoclink=false"
          },
          {
            "trust": 0.8,
            "url": "https://community.ubnt.com/t5/unifi-updates-blog/firmware-3-9-3-7537-for-uap-usw-has-been-released/ba-p/2099365"
          },
          {
            "trust": 0.8,
            "url": "https://usn.ubuntu.com/usn/usn-3455-1/"
          },
          {
            "trust": 0.8,
            "url": "http://en.miui.com/thread-954223-1-1.html"
          },
          {
            "trust": 0.8,
            "url": "https://www.zebra.com/content/dam/zebra_new_ia/en-us/support-and-downloads/lifeguard-security/krack-security-bulletin.pdf"
          },
          {
            "trust": 0.8,
            "url": "http://www.zyxel.com/support/announcement_wpa2_key_management.shtml"
          },
          {
            "trust": 0.8,
            "url": "https://supportcenter.checkpoint.com/supportcenter/portal?eventsubmit_dogoviewsolutiondetails=\u0026solutionid=sk120938"
          },
          {
            "trust": 0.8,
            "url": "https://community.rsa.com/docs/doc-84103"
          },
          {
            "trust": 0.8,
            "url": "https://support.f5.com/csp/article/k23642330"
          },
          {
            "trust": 0.8,
            "url": "https://forum.mikrotik.com/viewtopic.php?f=21\u0026t=126695"
          },
          {
            "trust": 0.8,
            "url": "https://community.linksys.com/t5/wireless-routers/krack-vulnerability/td-p/1218573"
          },
          {
            "trust": 0.6,
            "url": "https://www.kb.cert.org/vuls/id/228519/"
          },
          {
            "trust": 0.6,
            "url": "https://www.apple.com/support/security/pgp/"
          },
          {
            "trust": 0.6,
            "url": "https://support.apple.com/kb/ht201222"
          },
          {
            "trust": 0.6,
            "url": "https://www.auscert.org.au/bulletins/esb-2020.3967/"
          },
          {
            "trust": 0.6,
            "url": "https://www.auscert.org.au/bulletins/esb-2020.4125/"
          },
          {
            "trust": 0.6,
            "url": "https://support.lenovo.com/us/en/product_security/len-45682"
          },
          {
            "trust": 0.3,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2017-13804"
          },
          {
            "trust": 0.3,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2017-13799"
          },
          {
            "trust": 0.3,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2017-13849"
          },
          {
            "trust": 0.3,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2017-13077"
          },
          {
            "trust": 0.3,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2017-13078"
          },
          {
            "trust": 0.2,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2017-13795"
          },
          {
            "trust": 0.2,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2017-13783"
          },
          {
            "trust": 0.2,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2017-13803"
          },
          {
            "trust": 0.2,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2017-13791"
          },
          {
            "trust": 0.2,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2017-13788"
          },
          {
            "trust": 0.2,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2017-13784"
          },
          {
            "trust": 0.2,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2017-13796"
          },
          {
            "trust": 0.2,
            "url": "https://www.apple.com/itunes/"
          },
          {
            "trust": 0.2,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2017-13792"
          },
          {
            "trust": 0.2,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2017-13785"
          },
          {
            "trust": 0.2,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2017-13798"
          },
          {
            "trust": 0.2,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2017-13802"
          },
          {
            "trust": 0.2,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2017-13793"
          },
          {
            "trust": 0.2,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2017-13794"
          },
          {
            "trust": 0.2,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2017-13865"
          },
          {
            "trust": 0.2,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2017-13868"
          },
          {
            "trust": 0.2,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2017-13876"
          },
          {
            "trust": 0.2,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2017-13862"
          },
          {
            "trust": 0.2,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2017-13869"
          },
          {
            "trust": 0.2,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2017-13833"
          },
          {
            "trust": 0.2,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2017-13861"
          },
          {
            "trust": 0.2,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2017-13867"
          },
          {
            "trust": 0.2,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2017-13855"
          },
          {
            "trust": 0.2,
            "url": "https://www.pgp.com"
          },
          {
            "trust": 0.2,
            "url": "https://portal.msrc.microsoft.com/en-us/security-guidance"
          },
          {
            "trust": 0.2,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2017-13081"
          },
          {
            "trust": 0.1,
            "url": "https://cwe.mitre.org/data/definitions/330.html"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov"
          },
          {
            "trust": 0.1,
            "url": "https://usn.ubuntu.com/3505-1/"
          },
          {
            "trust": 0.1,
            "url": "https://ics-cert.us-cert.gov/advisories/icsma-18-114-01"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2017-7113"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2017-13844"
          },
          {
            "trust": 0.1,
            "url": "https://nmap.org/mailman/listinfo/fulldisclosure"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2017-13805"
          },
          {
            "trust": 0.1,
            "url": "http://seclists.org/fulldisclosure/"
          },
          {
            "trust": 0.1,
            "url": "https://support.apple.com/downloads/"
          },
          {
            "trust": 0.1,
            "url": "https://support.apple.com/kb/ht208038"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2017-13866"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2017-7156"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2017-13856"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2017-13870"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2017-7157"
          },
          {
            "trust": 0.1,
            "url": "http://www.microsoft.com/info/legalinfo/default.mspx\u003e."
          },
          {
            "trust": 0.1,
            "url": "http://go.microsoft.com/fwlink/?linkid=81184\u003e."
          },
          {
            "trust": 0.1,
            "url": "https://support.microsoft.com/"
          },
          {
            "trust": 0.1,
            "url": "https://technet.microsoft.com/security/dn753714\u003e."
          },
          {
            "trust": 0.1,
            "url": "https://profile.microsoft.com/regsysprofilecenter/subscriptionwizar"
          },
          {
            "trust": 0.1,
            "url": "https://launchpad.net/ubuntu/+source/linux-firmware/1.169.1"
          },
          {
            "trust": 0.1,
            "url": "https://www.ubuntu.com/usn/usn-3505-1"
          },
          {
            "trust": 0.1,
            "url": "https://launchpad.net/ubuntu/+source/linux-firmware/1.164.2"
          },
          {
            "trust": 0.1,
            "url": "https://launchpad.net/ubuntu/+source/linux-firmware/1.157.14"
          },
          {
            "trust": 0.1,
            "url": "https://launchpad.net/ubuntu/+source/linux-firmware/1.127.24"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2017-16995"
          },
          {
            "trust": 0.1,
            "url": "https://lists.ubuntu.com/mailman/listinfo/ubuntu-security-announce"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2017-13847"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2017-13860"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2017-13879"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2017-13874"
          },
          {
            "trust": 0.1,
            "url": "https://support.apple.com/kb/ht204641"
          },
          {
            "trust": 0.1,
            "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2017-13078"
          },
          {
            "trust": 0.1,
            "url": "http://slackware.com"
          },
          {
            "trust": 0.1,
            "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2017-13080"
          },
          {
            "trust": 0.1,
            "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2017-13082"
          },
          {
            "trust": 0.1,
            "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2017-13077"
          },
          {
            "trust": 0.1,
            "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2017-13087"
          },
          {
            "trust": 0.1,
            "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2017-13081"
          },
          {
            "trust": 0.1,
            "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2017-13084"
          },
          {
            "trust": 0.1,
            "url": "http://slackware.com/gpg-key"
          },
          {
            "trust": 0.1,
            "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2017-13086"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2017-13082"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2017-13087"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2017-13086"
          },
          {
            "trust": 0.1,
            "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2017-13088"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2017-13079"
          },
          {
            "trust": 0.1,
            "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2017-13079"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2017-13088"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2017-13084"
          },
          {
            "trust": 0.1,
            "url": "http://osuosl.org)"
          }
        ],
        "sources": [
          {
            "db": "CERT/CC",
            "id": "VU#228519"
          },
          {
            "db": "CNVD",
            "id": "CNVD-2017-30403"
          },
          {
            "db": "VULMON",
            "id": "CVE-2017-13080"
          },
          {
            "db": "PACKETSTORM",
            "id": "144860"
          },
          {
            "db": "PACKETSTORM",
            "id": "145394"
          },
          {
            "db": "PACKETSTORM",
            "id": "148445"
          },
          {
            "db": "PACKETSTORM",
            "id": "144828"
          },
          {
            "db": "PACKETSTORM",
            "id": "145430"
          },
          {
            "db": "PACKETSTORM",
            "id": "144666"
          },
          {
            "db": "PACKETSTORM",
            "id": "145228"
          },
          {
            "db": "PACKETSTORM",
            "id": "144636"
          },
          {
            "db": "PACKETSTORM",
            "id": "147010"
          },
          {
            "db": "PACKETSTORM",
            "id": "145271"
          },
          {
            "db": "PACKETSTORM",
            "id": "144829"
          },
          {
            "db": "PACKETSTORM",
            "id": "144663"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201710-383"
          },
          {
            "db": "NVD",
            "id": "CVE-2017-13080"
          }
        ]
      },
      "sources": {
        "_id": null,
        "data": [
          {
            "db": "IVD",
            "id": "52cda2a8-8175-413f-97bb-cf2e4c75f7c4",
            "ident": null
          },
          {
            "db": "CERT/CC",
            "id": "VU#228519",
            "ident": null
          },
          {
            "db": "CNVD",
            "id": "CNVD-2017-30403",
            "ident": null
          },
          {
            "db": "VULMON",
            "id": "CVE-2017-13080",
            "ident": null
          },
          {
            "db": "PACKETSTORM",
            "id": "144860",
            "ident": null
          },
          {
            "db": "PACKETSTORM",
            "id": "145394",
            "ident": null
          },
          {
            "db": "PACKETSTORM",
            "id": "148445",
            "ident": null
          },
          {
            "db": "PACKETSTORM",
            "id": "144828",
            "ident": null
          },
          {
            "db": "PACKETSTORM",
            "id": "145430",
            "ident": null
          },
          {
            "db": "PACKETSTORM",
            "id": "144666",
            "ident": null
          },
          {
            "db": "PACKETSTORM",
            "id": "145228",
            "ident": null
          },
          {
            "db": "PACKETSTORM",
            "id": "144636",
            "ident": null
          },
          {
            "db": "PACKETSTORM",
            "id": "147010",
            "ident": null
          },
          {
            "db": "PACKETSTORM",
            "id": "145271",
            "ident": null
          },
          {
            "db": "PACKETSTORM",
            "id": "144829",
            "ident": null
          },
          {
            "db": "PACKETSTORM",
            "id": "144663",
            "ident": null
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201710-383",
            "ident": null
          },
          {
            "db": "NVD",
            "id": "CVE-2017-13080",
            "ident": null
          }
        ]
      },
      "sources_release_date": {
        "_id": null,
        "data": [
          {
            "date": "2017-10-17T00:00:00",
            "db": "IVD",
            "id": "52cda2a8-8175-413f-97bb-cf2e4c75f7c4",
            "ident": null
          },
          {
            "date": "2017-10-16T00:00:00",
            "db": "CERT/CC",
            "id": "VU#228519",
            "ident": null
          },
          {
            "date": "2017-10-18T00:00:00",
            "db": "CNVD",
            "id": "CNVD-2017-30403",
            "ident": null
          },
          {
            "date": "2017-10-17T00:00:00",
            "db": "VULMON",
            "id": "CVE-2017-13080",
            "ident": null
          },
          {
            "date": "2017-11-02T23:31:30",
            "db": "PACKETSTORM",
            "id": "144860",
            "ident": null
          },
          {
            "date": "2017-12-13T03:33:33",
            "db": "PACKETSTORM",
            "id": "145394",
            "ident": null
          },
          {
            "date": "2018-07-05T23:02:22",
            "db": "PACKETSTORM",
            "id": "148445",
            "ident": null
          },
          {
            "date": "2017-11-01T15:44:40",
            "db": "PACKETSTORM",
            "id": "144828",
            "ident": null
          },
          {
            "date": "2017-12-15T04:44:44",
            "db": "PACKETSTORM",
            "id": "145430",
            "ident": null
          },
          {
            "date": "2017-10-18T10:11:11",
            "db": "PACKETSTORM",
            "id": "144666",
            "ident": null
          },
          {
            "date": "2017-12-06T22:22:00",
            "db": "PACKETSTORM",
            "id": "145228",
            "ident": null
          },
          {
            "date": "2017-10-16T15:02:22",
            "db": "PACKETSTORM",
            "id": "144636",
            "ident": null
          },
          {
            "date": "2018-04-02T20:22:22",
            "db": "PACKETSTORM",
            "id": "147010",
            "ident": null
          },
          {
            "date": "2017-12-08T14:44:44",
            "db": "PACKETSTORM",
            "id": "145271",
            "ident": null
          },
          {
            "date": "2017-11-01T15:46:36",
            "db": "PACKETSTORM",
            "id": "144829",
            "ident": null
          },
          {
            "date": "2017-10-18T20:44:00",
            "db": "PACKETSTORM",
            "id": "144663",
            "ident": null
          },
          {
            "date": "2017-10-17T00:00:00",
            "db": "CNNVD",
            "id": "CNNVD-201710-383",
            "ident": null
          },
          {
            "date": "2017-10-17T13:29:00.397000",
            "db": "NVD",
            "id": "CVE-2017-13080",
            "ident": null
          }
        ]
      },
      "sources_update_date": {
        "_id": null,
        "data": [
          {
            "date": "2017-11-16T00:00:00",
            "db": "CERT/CC",
            "id": "VU#228519",
            "ident": null
          },
          {
            "date": "2017-10-17T00:00:00",
            "db": "CNVD",
            "id": "CNVD-2017-30403",
            "ident": null
          },
          {
            "date": "2020-11-10T00:00:00",
            "db": "VULMON",
            "id": "CVE-2017-13080",
            "ident": null
          },
          {
            "date": "2021-12-06T00:00:00",
            "db": "CNNVD",
            "id": "CNNVD-201710-383",
            "ident": null
          },
          {
            "date": "2025-04-20T01:37:25.860000",
            "db": "NVD",
            "id": "CVE-2017-13080",
            "ident": null
          }
        ]
      },
      "threat_type": {
        "_id": null,
        "data": "remote or local",
        "sources": [
          {
            "db": "CNNVD",
            "id": "CNNVD-201710-383"
          }
        ],
        "trust": 0.6
      },
      "title": {
        "_id": null,
        "data": "Wi-Fi Protected Access (WPA) handshake traffic can be manipulated to induce nonce and session key reuse",
        "sources": [
          {
            "db": "CERT/CC",
            "id": "VU#228519"
          }
        ],
        "trust": 0.8
      },
      "type": {
        "_id": null,
        "data": "security feature problem",
        "sources": [
          {
            "db": "CNNVD",
            "id": "CNNVD-201710-383"
          }
        ],
        "trust": 0.6
      }
    }

    VAR-201710-0206

    Vulnerability from variot - Updated: 2026-04-10 22:39

    Wi-Fi Protected Access (WPA and WPA2) allows reinstallation of the Pairwise Transient Key (PTK) Temporal Key (TK) during the four-way handshake, allowing an attacker within radio range to replay, decrypt, or spoof frames. An attacker within range of an affected AP and client may leverage these vulnerabilities to conduct attacks that are dependent on the data confidentiality protocols being used. Attacks may include arbitrary packet decryption and injection, TCP connection hijacking, HTTP content injection, or the replay of unicast and group-addressed frames. These vulnerabilities are referred to as Key Reinstallation Attacks or "KRACK" attacks. WPA (Wi-Fi Protected Access) is a system that protects wireless computer networks (Wi-Fi). The WPA2 wireless network has a PTK-TK key reload vulnerability in the fourth handshake. WPA2 is prone to multiple security weaknesses. Exploiting these issues may allow an unauthorized user to intercept and manipulate data or disclose sensitive information. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1

    ===================================================================== Red Hat Security Advisory

    Synopsis: Important: wpa_supplicant security update Advisory ID: RHSA-2017:2907-01 Product: Red Hat Enterprise Linux Advisory URL: https://access.redhat.com/errata/RHSA-2017:2907 Issue date: 2017-10-17 CVE Names: CVE-2017-13077 CVE-2017-13078 CVE-2017-13080 CVE-2017-13082 CVE-2017-13086 CVE-2017-13087 CVE-2017-13088 =====================================================================

    1. Summary:

    An update for wpa_supplicant is now available for Red Hat Enterprise Linux 7.

    Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. Relevant releases/architectures:

    Red Hat Enterprise Linux Client (v. 7) - x86_64 Red Hat Enterprise Linux ComputeNode (v. 7) - x86_64 Red Hat Enterprise Linux Server (v. 7) - aarch64, ppc64, ppc64le, s390x, x86_64 Red Hat Enterprise Linux Workstation (v. 7) - x86_64

    1. Description:

    The wpa_supplicant packages contain an 802.1X Supplicant with support for WEP, WPA, WPA2 (IEEE 802.11i / RSN), and various EAP authentication methods. They implement key negotiation with a WPA Authenticator for client stations and controls the roaming and IEEE 802.11 authentication and association of the WLAN driver. A remote attacker within Wi-Fi range could exploit these attacks to decrypt Wi-Fi traffic or possibly inject forged Wi-Fi packets by manipulating cryptographic handshakes used by the WPA2 protocol. (CVE-2017-13077, CVE-2017-13078, CVE-2017-13080, CVE-2017-13082, CVE-2017-13086, CVE-2017-13087, CVE-2017-13088)

    Red Hat would like to thank CERT for reporting these issues. Upstream acknowledges Mathy Vanhoef (University of Leuven) as the original reporter of these issues. Solution:

    For details on how to apply this update, which includes the changes described in this advisory, refer to:

    https://access.redhat.com/articles/11258

    1. Bugs fixed (https://bugzilla.redhat.com/):

    1491692 - CVE-2017-13077 wpa_supplicant: Reinstallation of the pairwise key in the 4-way handshake 1491693 - CVE-2017-13078 wpa_supplicant: Reinstallation of the group key in the 4-way handshake 1491696 - CVE-2017-13080 wpa_supplicant: Reinstallation of the group key in the group key handshake 1491698 - CVE-2017-13082 wpa_supplicant: Accepting a retransmitted FT Reassociation Request and reinstalling the pairwise key while processing it 1500302 - CVE-2017-13086 wpa_supplicant: reinstallation of the Tunneled Direct-Link Setup (TDLS) PeerKey (TPK) key in the TDLS handshake 1500303 - CVE-2017-13087 wpa_supplicant: reinstallation of the group key (GTK) when processing a Wireless Network Management (WNM) Sleep Mode Response frame 1500304 - CVE-2017-13088 wpa_supplicant: reinstallation of the integrity group key (IGTK) when processing a Wireless Network Management (WNM) Sleep Mode Response frame

    1. Package List:

    Red Hat Enterprise Linux Client (v. 7):

    Source: wpa_supplicant-2.6-5.el7_4.1.src.rpm

    x86_64: wpa_supplicant-2.6-5.el7_4.1.x86_64.rpm wpa_supplicant-debuginfo-2.6-5.el7_4.1.x86_64.rpm

    Red Hat Enterprise Linux ComputeNode (v. 7):

    Source: wpa_supplicant-2.6-5.el7_4.1.src.rpm

    x86_64: wpa_supplicant-2.6-5.el7_4.1.x86_64.rpm wpa_supplicant-debuginfo-2.6-5.el7_4.1.x86_64.rpm

    Red Hat Enterprise Linux Server (v. 7):

    Source: wpa_supplicant-2.6-5.el7_4.1.src.rpm

    aarch64: wpa_supplicant-2.6-5.el7_4.1.aarch64.rpm wpa_supplicant-debuginfo-2.6-5.el7_4.1.aarch64.rpm

    ppc64: wpa_supplicant-2.6-5.el7_4.1.ppc64.rpm wpa_supplicant-debuginfo-2.6-5.el7_4.1.ppc64.rpm

    ppc64le: wpa_supplicant-2.6-5.el7_4.1.ppc64le.rpm wpa_supplicant-debuginfo-2.6-5.el7_4.1.ppc64le.rpm

    s390x: wpa_supplicant-2.6-5.el7_4.1.s390x.rpm wpa_supplicant-debuginfo-2.6-5.el7_4.1.s390x.rpm

    x86_64: wpa_supplicant-2.6-5.el7_4.1.x86_64.rpm wpa_supplicant-debuginfo-2.6-5.el7_4.1.x86_64.rpm

    Red Hat Enterprise Linux Workstation (v. 7):

    Source: wpa_supplicant-2.6-5.el7_4.1.src.rpm

    x86_64: wpa_supplicant-2.6-5.el7_4.1.x86_64.rpm wpa_supplicant-debuginfo-2.6-5.el7_4.1.x86_64.rpm

    These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key/

    1. References:

    https://access.redhat.com/security/cve/CVE-2017-13077 https://access.redhat.com/security/cve/CVE-2017-13078 https://access.redhat.com/security/cve/CVE-2017-13080 https://access.redhat.com/security/cve/CVE-2017-13082 https://access.redhat.com/security/cve/CVE-2017-13086 https://access.redhat.com/security/cve/CVE-2017-13087 https://access.redhat.com/security/cve/CVE-2017-13088 https://access.redhat.com/security/updates/classification/#important https://access.redhat.com/security/vulnerabilities/kracks

    1. Contact:

    The Red Hat security contact is secalert@redhat.com. More contact details at https://access.redhat.com/security/team/contact/

    Copyright 2017 Red Hat, Inc. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512

    APPLE-SA-2017-12-12-2 AirPort Base Station Firmware Update 7.7.9

    AirPort Base Station Firmware Update 7.7.9 is now available and addresses the following:

    AirPort Base Station Firmware Available for: AirPort Extreme and AirPort Time Capsule base stations with 802.11ac Impact: An attacker within range may be able to execute arbitrary code on the Wi-Fi chip Description: A memory corruption issue was addressed with improved memory handling. CVE-2017-9417: Nitay Artenstein of Exodus Intelligence

    AirPort Base Station Firmware Available for: AirPort Extreme and AirPort Time Capsule base stations with 802.11ac Impact: An attacker in Wi-Fi range may force nonce reuse in WPA unicast/PTK clients (Key Reinstallation Attacks - KRACK) Description: A logic issue existed in the handling of state transitions. This was addressed with improved state management. CVE-2017-13077: Mathy Vanhoef of the imec-DistriNet group at KU Leuven CVE-2017-13078: Mathy Vanhoef of the imec-DistriNet group at KU Leuven

    AirPort Base Station Firmware Available for: AirPort Extreme and AirPort Time Capsule base stations with 802.11ac Impact: An attacker in Wi-Fi range may force nonce reuse in WPA multicast/GTK clients (Key Reinstallation Attacks - KRACK) Description: A logic issue existed in the handling of state transitions. This was addressed with improved state management. CVE-2017-13080: Mathy Vanhoef of the imec-DistriNet group at KU Leuven

    Installation note:

    Firmware version 7.7.9 is installed on AirPort Extreme or AirPort Time Capsule base stations with 802.11ac using AirPort Utility for Mac or iOS.

    AirPort Utility for Mac is a free download from https://support.apple.com/downloads/ and AirPort Utility for iOS is a free download from the App Store. CVE-2017-13080: Mathy Vanhoef of the imec-DistriNet group at KU Leuven

    Installation note:

    Wi-Fi Update for Boot Camp 6.4.0 may be obtained from Apple Software Update for Windows. Those vulnerabilities applies to both the access point (implemented in hostapd) and the station (implemented in wpa_supplicant).

    An attacker exploiting the vulnerabilities could force the vulnerable system to reuse cryptographic session keys, enabling a range of cryptographic attacks against the ciphers used in WPA1 and WPA2.

    For the stable distribution (stretch), these problems have been fixed in version 2:2.4-1+deb9u1.

    For the testing distribution (buster), these problems have been fixed in version 2:2.4-1.1.

    For the unstable distribution (sid), these problems have been fixed in version 2:2.4-1.1.

    We recommend that you upgrade your wpa packages. ========================================================================== Ubuntu Security Notice USN-3455-1 October 16, 2017

    wpa vulnerabilities

    A security issue affects these releases of Ubuntu and its derivatives:

    • Ubuntu 17.04
    • Ubuntu 16.04 LTS
    • Ubuntu 14.04 LTS

    Summary:

    Several security issues were fixed in wpa_supplicant.

    Software Description: - wpa: client support for WPA and WPA2

    Details:

    Mathy Vanhoef discovered that wpa_supplicant and hostapd incorrectly handled WPA2. (CVE-2017-13077, CVE-2017-13078, CVE-2017-13079, CVE-2017-13080, CVE-2017-13081, CVE-2017-13082, CVE-2017-13086, CVE-2017-13087, CVE-2017-13088)

    Imre Rad discovered that wpa_supplicant and hostapd incorrectly handled invalid characters in passphrase parameters. A remote attacker could use this issue to cause a denial of service. (CVE-2016-4476)

    Imre Rad discovered that wpa_supplicant and hostapd incorrectly handled invalid characters in passphrase parameters. A local attacker could use this issue to cause a denial of service, or possibly execute arbitrary code. (CVE-2016-4477)

    Update instructions:

    The problem can be corrected by updating your system to the following package versions:

    Ubuntu 17.04: hostapd 2.4-0ubuntu9.1 wpasupplicant 2.4-0ubuntu9.1

    Ubuntu 16.04 LTS: hostapd 2.4-0ubuntu6.2 wpasupplicant 2.4-0ubuntu6.2

    Ubuntu 14.04 LTS: hostapd 2.1-0ubuntu1.5 wpasupplicant 2.1-0ubuntu1.5

    After a standard system update you need to reboot your computer to make all the necessary changes. - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Gentoo Linux Security Advisory GLSA 201711-03


                                           https://security.gentoo.org/
    

    Severity: Normal Title: hostapd and wpa_supplicant: Key Reinstallation (KRACK) attacks Date: November 10, 2017 Bugs: #634436, #634438 ID: 201711-03


    Synopsis

    A flaw was discovered in the 4-way handshake in hostapd and wpa_supplicant that allows attackers to conduct a Man in the Middle attack.

    Affected packages

    -------------------------------------------------------------------
     Package              /     Vulnerable     /            Unaffected
    -------------------------------------------------------------------
    

    1 net-wireless/hostapd < 2.6-r1 >= 2.6-r1 2 net-wireless/wpa_supplicant < 2.6-r3 >= 2.6-r3 ------------------------------------------------------------------- 2 affected packages

    Description

    WiFi Protected Access (WPA and WPA2) and it's associated technologies are all vulnerable to the KRACK attacks. Please review the referenced CVE identifiers for details.

    Impact

    An attacker can carry out the KRACK attacks on a wireless network in order to gain access to network clients. Once achieved, the attacker can potentially harvest confidential information (e.g. HTTP/HTTPS), inject malware, or perform a myriad of other attacks.

    Workaround

    There is no known workaround at this time.

    Resolution

    All hostapd users should upgrade to the latest version:

    # emerge --sync # emerge --ask --oneshot --verbose ">=net-wireless/hostapd-2.6-r1"

    All wpa_supplicant users should upgrade to the latest version:

    # emerge --sync # emerge --ask --oneshot -v ">=net-wireless/wpa_supplicant-2.6-r3"

    References

    [ 1 ] CVE-2017-13077 https://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-13077 [ 2 ] CVE-2017-13078 https://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-13078 [ 3 ] CVE-2017-13079 https://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-13079 [ 4 ] CVE-2017-13080 . -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512

    ============================================================================= FreeBSD-SA-17:07.wpa Security Advisory The FreeBSD Project

    Topic: WPA2 protocol vulnerability

    Category: contrib Module: wpa Announced: 2017-10-16 Credits: Mathy Vanhoef Affects: All supported versions of FreeBSD. Corrected: 2017-10-17 17:30:18 UTC (stable/11, 11.1-STABLE) 2017-10-17 17:57:18 UTC (releng/11.1, 11.1-RELEASE-p2) 2017-10-17 17:56:03 UTC (releng/11.0, 11.0-RELEASE-p13) 2017-10-19 03:18:22 UTC (stable/10, 10.4-STABLE) 2017-10-19 03:20:17 UTC (releng/10.4, 10.4-RELEASE-p1) 2017-10-19 03:19:42 UTC (releng/10.3, 10.3-RELEASE-p22) CVE Name: CVE-2017-13077, CVE-2017-13078, CVE-2017-13079, CVE-2017-13080, CVE-2017-13081, CVE-2017-13082, CVE-2017-13086, CVE-2017-13087, CVE-2017-13088

    For general information regarding FreeBSD Security Advisories, including descriptions of the fields above, security branches, and the following sections, please visit .

    1. Revision history

    v1.0 2017-10-17 Initial release. v1.1 2017-10-19 Add patches for 10.x releases.

    I.

    hostapd and wpa_supplicant are implementations of user space daemon for access points and wireless client that implements the WPA2 protocol.

    II. Problem Description

    A vulnerability was found in how a number of implementations can be triggered to reconfigure WPA/WPA2/RSN keys (TK, GTK, or IGTK) by replaying a specific frame that is used to manage the keys.

    III. Impact

    Such reinstallation of the encryption key can result in two different types of vulnerabilities: disabling replay protection and significantly reducing the security of encryption to the point of allowing frames to be decrypted or some parts of the keys to be determined by an attacker depending on which cipher is used.

    IV. Workaround

    An updated version of wpa_supplicant is available in the FreeBSD Ports Collection. Install version 2.6_2 or later of the security/wpa_supplicant port/pkg. Once installed, update /etc/rc.conf to use the new binary:

    wpa_supplicant_program="/usr/local/sbin/wpa_supplicant"

    and restart networking.

    An updated version of hostapd is available in the FreeBSD Ports Collection. Install version 2.6_1 or later of the net/hostapd port/pkg. Once installed, update /etc/rc.conf to use the new binary:

    hostapd_program="/usr/local/sbin/hostapd"

    and restart hostapd.

    V. Solution

    Perform one of the following:

    1) Upgrade your vulnerable system to a supported FreeBSD stable or release / security branch (releng) dated after the correction date.

    Restart the Wi-Fi network interfaces/hostapd or reboot the system.

    2) To update your vulnerable system via a binary patch:

    Systems running a RELEASE version of FreeBSD on the i386 or amd64 platforms can be updated via the freebsd-update(8) utility:

    freebsd-update fetch

    freebsd-update install

    Restart the Wi-Fi network interfaces/hostapd or reboot the system.

    3) To update your vulnerable system via a source code patch:

    The following patches have been verified to apply to the applicable FreeBSD release branches.

    a) Download the relevant patch from the location below, and verify the detached PGP signature using your PGP utility.

    [FreeBSD 11.0-RELEASE, 11.1-RELEASE, and 11-STABLE]

    fetch https://security.FreeBSD.org/patches/SA-17:07/wpa-11.patch

    fetch https://security.FreeBSD.org/patches/SA-17:07/wpa-11.patch.asc

    gpg --verify wpa-11.patch.asc

    [FreeBSD 10.3-RELEASE, 10.4-RELEASE, and 10-STABLE]

    fetch https://security.FreeBSD.org/patches/SA-17:07/wpa-10.patch

    fetch https://security.FreeBSD.org/patches/SA-17:07/wpa-10.patch.asc

    gpg --verify wpa-10.patch.asc

    b) Apply the patch. Execute the following commands as root:

    cd /usr/src

    patch < /path/to/patch

    c) Recompile the operating system using buildworld and installworld as described in .

    Restart the applicable daemons, or reboot the system.

    VI. Correction details

    The following list contains the correction revision numbers for each affected branch.

    Branch/path Revision


    stable/11/ r324697 releng/11.0/ r324698 releng/11.1/ r324699 stable/10/ r324739 releng/10.3/ r324740 releng/10.4/ r324741


    To see which files were modified by a particular revision, run the following command, replacing NNNNNN with the revision number, on a machine with Subversion installed:

    svn diff -cNNNNNN --summarize svn://svn.freebsd.org/base

    Or visit the following URL, replacing NNNNNN with the revision number:

    VII. References

    The latest revision of this advisory is available at -----BEGIN PGP SIGNATURE-----

    iQKTBAEBCgB9FiEEHPf/b631yp++G4yy7Wfs1l3PaucFAlnoGpNfFIAAAAAALgAo aXNzdWVyLWZwckBub3RhdGlvbnMub3BlbnBncC5maWZ0aGhvcnNlbWFuLm5ldDFD RjdGRjZGQURGNUNBOUZCRTFCOENCMkVENjdFQ0Q2NURDRjZBRTcACgkQ7Wfs1l3P auc7WBAAm27w+fujv5sJsRxauUMopTVtRh5utwbDuoHTP+L+RCWmQfVBmueNQ0gf uJzMNxBIkbtY9LvyukpRsH3iD7mh26c0pd9rxxkkr4F96C9B5+W0amxJF1gdm54/ F/50FpY+lo7cNs5tiBjypPrg8UOBBI/1G4XR7130XC0HjaTwt1ngZ0oQUWUMSsIp gN5ZfPul81WPWd1NqF+vyObcJhwq/Y1uoexoO27o7GQCFZoL3enZy8c4f1xqMlVM 4HHkTgNGac6E0aW+ArH4J0DFFAOJXPqF8rdt+9XINfoBbtliIyOixJ4oh1n6eAR0 VpBWZKFNyXSlUKIvDGa+LDhxgL1jJXV0ABSyKlUOijdmr3bbbiQE9MW/MNv2AFTd OAFQ0QQtm9KCWp5JLh+FPIb/kR2l7MOUP+yz4zFcJpdGtl9tDLyPN8vRTq60bY8O y7tBcf/SMqkd/AIFdchL4zrOguKnRARydIlwTarp8wtAQI3MKSsa1B0wgsDtlL6K xfdjnwWMKvKKlNOW16e1WXXO0n/ucHV4njBE+bGPro3jLgXP2/WFZpIGAR3I4xrr SdD4AxSNiR9f3bL7LRfMIbugJAylWNSlTLWUOVUv0/ONh85LqbcCj13NI230B64K ETx2QOZgKnCs2oDNiw4aQHb7kvi2w94Iw/R1sAPkkxYJWO3reyE= =h/5q -----END PGP SIGNATURE----- .

    Here are the details from the Slackware 14.2 ChangeLog: +--------------------------+ patches/packages/wpa_supplicant-2.6-i586-1_slack14.2.txz: Upgraded. This update includes patches to mitigate the WPA2 protocol issues known as "KRACK" (Key Reinstallation AttaCK), which may be used to decrypt data, hijack TCP connections, and to forge and inject packets. CVE-2017-13082: Accepting a retransmitted Fast BSS Transition (FT) Reassociation Request and reinstalling the pairwise encryption key (PTK-TK) while processing it. For more information, see: https://www.krackattacks.com/ https://w1.fi/security/2017-1/wpa-packet-number-reuse-with-replayed-messages.txt https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-13077 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-13078 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-13079 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-13080 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-13081 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-13082 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-13084 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-13086 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-13087 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-13088 ( Security fix ) +--------------------------+

    Where to find the new packages: +-----------------------------+

    Thanks to the friendly folks at the OSU Open Source Lab (http://osuosl.org) for donating FTP and rsync hosting to the Slackware project! :-)

    Also see the "Get Slack" section on http://slackware.com for additional mirror sites near you.

    Updated package for Slackware 14.0: ftp://ftp.slackware.com/pub/slackware/slackware-14.0/patches/packages/wpa_supplicant-2.6-i486-1_slack14.0.txz

    Updated package for Slackware x86_64 14.0: ftp://ftp.slackware.com/pub/slackware/slackware64-14.0/patches/packages/wpa_supplicant-2.6-x86_64-1_slack14.0.txz

    Updated package for Slackware 14.1: ftp://ftp.slackware.com/pub/slackware/slackware-14.1/patches/packages/wpa_supplicant-2.6-i486-1_slack14.1.txz

    Updated package for Slackware x86_64 14.1: ftp://ftp.slackware.com/pub/slackware/slackware64-14.1/patches/packages/wpa_supplicant-2.6-x86_64-1_slack14.1.txz

    Updated package for Slackware 14.2: ftp://ftp.slackware.com/pub/slackware/slackware-14.2/patches/packages/wpa_supplicant-2.6-i586-1_slack14.2.txz

    Updated package for Slackware x86_64 14.2: ftp://ftp.slackware.com/pub/slackware/slackware64-14.2/patches/packages/wpa_supplicant-2.6-x86_64-1_slack14.2.txz

    Updated package for Slackware -current: ftp://ftp.slackware.com/pub/slackware/slackware-current/slackware/n/wpa_supplicant-2.6-i586-2.txz

    Updated package for Slackware x86_64 -current: ftp://ftp.slackware.com/pub/slackware/slackware64-current/slackware64/n/wpa_supplicant-2.6-x86_64-2.txz

    MD5 signatures: +-------------+

    Slackware 14.0 package: d8ecfaadb50b3547967ab53733ffc019 wpa_supplicant-2.6-i486-1_slack14.0.txz

    Slackware x86_64 14.0 package: f25216d28800504ce498705da7c9a825 wpa_supplicant-2.6-x86_64-1_slack14.0.txz

    Slackware 14.1 package: 15c61050e4bab2581757befd86be74c0 wpa_supplicant-2.6-i486-1_slack14.1.txz

    Slackware x86_64 14.1 package: 49fd537a520338744f7757615556d352 wpa_supplicant-2.6-x86_64-1_slack14.1.txz

    Slackware 14.2 package: c5539f40c8510af89be92945f0f80185 wpa_supplicant-2.6-i586-1_slack14.2.txz

    Slackware x86_64 14.2 package: 4c527ff84fcdfd7839f217bbce2e4ae4 wpa_supplicant-2.6-x86_64-1_slack14.2.txz

    Slackware -current package: 28bd88a54e96368f7a7020c1f5fb67fe n/wpa_supplicant-2.6-i586-2.txz

    Slackware x86_64 -current package: 464fc6b48d1ac077f47e9a3a8534c160 n/wpa_supplicant-2.6-x86_64-2.txz

    Installation instructions: +------------------------+

    Upgrade the package as root:

    upgradepkg wpa_supplicant-2.6-i586-1_slack14.2.txz

    +-----+

    Slackware Linux Security Team http://slackware.com/gpg-key security@slackware.com

    +------------------------------------------------------------------------+ | To leave the slackware-security mailing list: | +------------------------------------------------------------------------+ | Send an email to majordomo@slackware.com with this text in the body of | | the email message: | | | | unsubscribe slackware-security | | | | You will get a confirmation message back containing instructions to | | complete the process. Please do not reply to this email address

    Show details on source website

    {
      "affected_products": {
        "_id": null,
        "data": [
          {
            "_id": null,
            "model": "linux enterprise point of sale",
            "scope": "eq",
            "trust": 1.6,
            "vendor": "suse",
            "version": "11"
          },
          {
            "_id": null,
            "model": "linux enterprise server",
            "scope": "eq",
            "trust": 1.6,
            "vendor": "suse",
            "version": "11"
          },
          {
            "_id": null,
            "model": "openstack cloud",
            "scope": "eq",
            "trust": 1.6,
            "vendor": "suse",
            "version": "6"
          },
          {
            "_id": null,
            "model": "linux enterprise desktop",
            "scope": "eq",
            "trust": 1.6,
            "vendor": "suse",
            "version": "12"
          },
          {
            "_id": null,
            "model": "linux enterprise server",
            "scope": "eq",
            "trust": 1.6,
            "vendor": "suse",
            "version": "12"
          },
          {
            "_id": null,
            "model": "enterprise linux desktop",
            "scope": "eq",
            "trust": 1.3,
            "vendor": "redhat",
            "version": "7"
          },
          {
            "_id": null,
            "model": "enterprise linux server",
            "scope": "eq",
            "trust": 1.3,
            "vendor": "redhat",
            "version": "7"
          },
          {
            "_id": null,
            "model": "wpa supplicant",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "w1 fi",
            "version": "0.6.9"
          },
          {
            "_id": null,
            "model": "wpa supplicant",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "w1 fi",
            "version": "0.2.5"
          },
          {
            "_id": null,
            "model": "hostapd",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "w1 fi",
            "version": "1.1"
          },
          {
            "_id": null,
            "model": "linux",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "debian",
            "version": "9.0"
          },
          {
            "_id": null,
            "model": "hostapd",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "w1 fi",
            "version": "0.6.8"
          },
          {
            "_id": null,
            "model": "hostapd",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "w1 fi",
            "version": "2.0"
          },
          {
            "_id": null,
            "model": "hostapd",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "w1 fi",
            "version": "0.6.9"
          },
          {
            "_id": null,
            "model": "ubuntu linux",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "canonical",
            "version": "14.04"
          },
          {
            "_id": null,
            "model": "hostapd",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "w1 fi",
            "version": "0.2.5"
          },
          {
            "_id": null,
            "model": "wpa supplicant",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "w1 fi",
            "version": "0.4.9"
          },
          {
            "_id": null,
            "model": "hostapd",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "w1 fi",
            "version": "0.3.9"
          },
          {
            "_id": null,
            "model": "wpa supplicant",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "w1 fi",
            "version": "0.4.10"
          },
          {
            "_id": null,
            "model": "wpa supplicant",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "w1 fi",
            "version": "0.3.11"
          },
          {
            "_id": null,
            "model": "wpa supplicant",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "w1 fi",
            "version": "0.2.7"
          },
          {
            "_id": null,
            "model": "freebsd",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "freebsd",
            "version": "*"
          },
          {
            "_id": null,
            "model": "wpa supplicant",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "w1 fi",
            "version": "0.4.11"
          },
          {
            "_id": null,
            "model": "wpa supplicant",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "w1 fi",
            "version": "0.3.8"
          },
          {
            "_id": null,
            "model": "hostapd",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "w1 fi",
            "version": "0.4.9"
          },
          {
            "_id": null,
            "model": "wpa supplicant",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "w1 fi",
            "version": "0.2.6"
          },
          {
            "_id": null,
            "model": "freebsd",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "freebsd",
            "version": "10"
          },
          {
            "_id": null,
            "model": "hostapd",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "w1 fi",
            "version": "0.4.10"
          },
          {
            "_id": null,
            "model": "linux",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "debian",
            "version": "8.0"
          },
          {
            "_id": null,
            "model": "hostapd",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "w1 fi",
            "version": "0.3.11"
          },
          {
            "_id": null,
            "model": "wpa supplicant",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "w1 fi",
            "version": "2.2"
          },
          {
            "_id": null,
            "model": "hostapd",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "w1 fi",
            "version": "0.4.11"
          },
          {
            "_id": null,
            "model": "wpa supplicant",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "w1 fi",
            "version": "0.5.7"
          },
          {
            "_id": null,
            "model": "hostapd",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "w1 fi",
            "version": "0.2.6"
          },
          {
            "_id": null,
            "model": "hostapd",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "w1 fi",
            "version": "2.5"
          },
          {
            "_id": null,
            "model": "wpa supplicant",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "w1 fi",
            "version": "2.4"
          },
          {
            "_id": null,
            "model": "wpa supplicant",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "w1 fi",
            "version": "0.5.8"
          },
          {
            "_id": null,
            "model": "wpa supplicant",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "w1 fi",
            "version": "0.3.7"
          },
          {
            "_id": null,
            "model": "wpa supplicant",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "w1 fi",
            "version": "1.1"
          },
          {
            "_id": null,
            "model": "wpa supplicant",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "w1 fi",
            "version": "0.6.10"
          },
          {
            "_id": null,
            "model": "hostapd",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "w1 fi",
            "version": "0.5.7"
          },
          {
            "_id": null,
            "model": "wpa supplicant",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "w1 fi",
            "version": "0.7.3"
          },
          {
            "_id": null,
            "model": "wpa supplicant",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "w1 fi",
            "version": "1.0"
          },
          {
            "_id": null,
            "model": "hostapd",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "w1 fi",
            "version": "2.4"
          },
          {
            "_id": null,
            "model": "hostapd",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "w1 fi",
            "version": "0.5.8"
          },
          {
            "_id": null,
            "model": "wpa supplicant",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "w1 fi",
            "version": "2.6"
          },
          {
            "_id": null,
            "model": "hostapd",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "w1 fi",
            "version": "0.3.7"
          },
          {
            "_id": null,
            "model": "hostapd",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "w1 fi",
            "version": "0.6.10"
          },
          {
            "_id": null,
            "model": "wpa supplicant",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "w1 fi",
            "version": "0.2.8"
          },
          {
            "_id": null,
            "model": "hostapd",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "w1 fi",
            "version": "0.7.3"
          },
          {
            "_id": null,
            "model": "freebsd",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "freebsd",
            "version": "11.1"
          },
          {
            "_id": null,
            "model": "hostapd",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "w1 fi",
            "version": "1.0"
          },
          {
            "_id": null,
            "model": "wpa supplicant",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "w1 fi",
            "version": "0.3.9"
          },
          {
            "_id": null,
            "model": "hostapd",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "w1 fi",
            "version": "2.6"
          },
          {
            "_id": null,
            "model": "wpa supplicant",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "w1 fi",
            "version": "0.2.4"
          },
          {
            "_id": null,
            "model": "wpa supplicant",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "w1 fi",
            "version": "0.3.10"
          },
          {
            "_id": null,
            "model": "wpa supplicant",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "w1 fi",
            "version": "0.5.10"
          },
          {
            "_id": null,
            "model": "wpa supplicant",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "w1 fi",
            "version": "0.5.9"
          },
          {
            "_id": null,
            "model": "wpa supplicant",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "w1 fi",
            "version": "2.1"
          },
          {
            "_id": null,
            "model": "hostapd",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "w1 fi",
            "version": "0.2.8"
          },
          {
            "_id": null,
            "model": "leap",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "opensuse",
            "version": "42.2"
          },
          {
            "_id": null,
            "model": "wpa supplicant",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "w1 fi",
            "version": "0.4.7"
          },
          {
            "_id": null,
            "model": "ubuntu linux",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "canonical",
            "version": "17.04"
          },
          {
            "_id": null,
            "model": "hostapd",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "w1 fi",
            "version": "0.2.4"
          },
          {
            "_id": null,
            "model": "hostapd",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "w1 fi",
            "version": "0.3.10"
          },
          {
            "_id": null,
            "model": "wpa supplicant",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "w1 fi",
            "version": "2.3"
          },
          {
            "_id": null,
            "model": "freebsd",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "freebsd",
            "version": "10.4"
          },
          {
            "_id": null,
            "model": "hostapd",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "w1 fi",
            "version": "0.5.10"
          },
          {
            "_id": null,
            "model": "hostapd",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "w1 fi",
            "version": "0.5.9"
          },
          {
            "_id": null,
            "model": "hostapd",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "w1 fi",
            "version": "2.1"
          },
          {
            "_id": null,
            "model": "wpa supplicant",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "w1 fi",
            "version": "0.5.11"
          },
          {
            "_id": null,
            "model": "wpa supplicant",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "w1 fi",
            "version": "2.5"
          },
          {
            "_id": null,
            "model": "hostapd",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "w1 fi",
            "version": "0.4.7"
          },
          {
            "_id": null,
            "model": "hostapd",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "w1 fi",
            "version": "2.3"
          },
          {
            "_id": null,
            "model": "wpa supplicant",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "w1 fi",
            "version": "0.4.8"
          },
          {
            "_id": null,
            "model": "hostapd",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "w1 fi",
            "version": "0.5.11"
          },
          {
            "_id": null,
            "model": "ubuntu linux",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "canonical",
            "version": "16.04"
          },
          {
            "_id": null,
            "model": "hostapd",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "w1 fi",
            "version": "2.2"
          },
          {
            "_id": null,
            "model": "wpa supplicant",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "w1 fi",
            "version": "0.6.8"
          },
          {
            "_id": null,
            "model": "freebsd",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "freebsd",
            "version": "11"
          },
          {
            "_id": null,
            "model": "hostapd",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "w1 fi",
            "version": "0.4.8"
          },
          {
            "_id": null,
            "model": "wpa supplicant",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "w1 fi",
            "version": "2.0"
          },
          {
            "_id": null,
            "model": "leap",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "opensuse",
            "version": "42.3"
          },
          {
            "_id": null,
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "9front",
            "version": null
          },
          {
            "_id": null,
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "adtran",
            "version": null
          },
          {
            "_id": null,
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "avm",
            "version": null
          },
          {
            "_id": null,
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "actiontec",
            "version": null
          },
          {
            "_id": null,
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "aerohive",
            "version": null
          },
          {
            "_id": null,
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "alcatel lucent",
            "version": null
          },
          {
            "_id": null,
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "android open source",
            "version": null
          },
          {
            "_id": null,
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "apple",
            "version": null
          },
          {
            "_id": null,
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "arch linux",
            "version": null
          },
          {
            "_id": null,
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "aruba",
            "version": null
          },
          {
            "_id": null,
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "asustek computer",
            "version": null
          },
          {
            "_id": null,
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "barracuda",
            "version": null
          },
          {
            "_id": null,
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "broadcom",
            "version": null
          },
          {
            "_id": null,
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "cambium",
            "version": null
          },
          {
            "_id": null,
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "centos",
            "version": null
          },
          {
            "_id": null,
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "cisco",
            "version": null
          },
          {
            "_id": null,
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "cradlepoint",
            "version": null
          },
          {
            "_id": null,
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "cypress semiconductor",
            "version": null
          },
          {
            "_id": null,
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "d link",
            "version": null
          },
          {
            "_id": null,
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "debian gnu linux",
            "version": null
          },
          {
            "_id": null,
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "dell",
            "version": null
          },
          {
            "_id": null,
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "digi",
            "version": null
          },
          {
            "_id": null,
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "draytek",
            "version": null
          },
          {
            "_id": null,
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "edimax computer",
            "version": null
          },
          {
            "_id": null,
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "engenius",
            "version": null
          },
          {
            "_id": null,
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "endian",
            "version": null
          },
          {
            "_id": null,
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "espressif",
            "version": null
          },
          {
            "_id": null,
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "extreme",
            "version": null
          },
          {
            "_id": null,
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "f secure",
            "version": null
          },
          {
            "_id": null,
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "fedora",
            "version": null
          },
          {
            "_id": null,
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "fortinet",
            "version": null
          },
          {
            "_id": null,
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "freebsd",
            "version": null
          },
          {
            "_id": null,
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "gentoo linux",
            "version": null
          },
          {
            "_id": null,
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "google",
            "version": null
          },
          {
            "_id": null,
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "hewlett packard",
            "version": null
          },
          {
            "_id": null,
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "hostap",
            "version": null
          },
          {
            "_id": null,
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "ipfire",
            "version": null
          },
          {
            "_id": null,
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "intel",
            "version": null
          },
          {
            "_id": null,
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "juniper",
            "version": null
          },
          {
            "_id": null,
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "lancom",
            "version": null
          },
          {
            "_id": null,
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "lede",
            "version": null
          },
          {
            "_id": null,
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "lifx",
            "version": null
          },
          {
            "_id": null,
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "lenovo",
            "version": null
          },
          {
            "_id": null,
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "microchip",
            "version": null
          },
          {
            "_id": null,
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "microsoft",
            "version": null
          },
          {
            "_id": null,
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "mojo",
            "version": null
          },
          {
            "_id": null,
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "nest",
            "version": null
          },
          {
            "_id": null,
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "netbsd",
            "version": null
          },
          {
            "_id": null,
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "netgear",
            "version": null
          },
          {
            "_id": null,
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "opnsense",
            "version": null
          },
          {
            "_id": null,
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "omnirom",
            "version": null
          },
          {
            "_id": null,
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "open mesh",
            "version": null
          },
          {
            "_id": null,
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "openbsd",
            "version": null
          },
          {
            "_id": null,
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "peplink",
            "version": null
          },
          {
            "_id": null,
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "red hat",
            "version": null
          },
          {
            "_id": null,
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "riverbed",
            "version": null
          },
          {
            "_id": null,
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "rockwell automation",
            "version": null
          },
          {
            "_id": null,
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "ruckus",
            "version": null
          },
          {
            "_id": null,
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "suse linux",
            "version": null
          },
          {
            "_id": null,
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "samsung mobile",
            "version": null
          },
          {
            "_id": null,
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "sierra",
            "version": null
          },
          {
            "_id": null,
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "slackware linux",
            "version": null
          },
          {
            "_id": null,
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "sonos",
            "version": null
          },
          {
            "_id": null,
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "sony",
            "version": null
          },
          {
            "_id": null,
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "sophos",
            "version": null
          },
          {
            "_id": null,
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "synology",
            "version": null
          },
          {
            "_id": null,
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "tp link",
            "version": null
          },
          {
            "_id": null,
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "technicolor",
            "version": null
          },
          {
            "_id": null,
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "texas instruments",
            "version": null
          },
          {
            "_id": null,
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "toshiba commerce",
            "version": null
          },
          {
            "_id": null,
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "toshiba electronic devices storage",
            "version": null
          },
          {
            "_id": null,
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "toshiba memory",
            "version": null
          },
          {
            "_id": null,
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "turris omnia",
            "version": null
          },
          {
            "_id": null,
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "ubiquiti",
            "version": null
          },
          {
            "_id": null,
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "ubuntu",
            "version": null
          },
          {
            "_id": null,
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "volumio",
            "version": null
          },
          {
            "_id": null,
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "watchguard",
            "version": null
          },
          {
            "_id": null,
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "xiaomi",
            "version": null
          },
          {
            "_id": null,
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "xirrus",
            "version": null
          },
          {
            "_id": null,
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "zebra",
            "version": null
          },
          {
            "_id": null,
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "zyxel",
            "version": null
          },
          {
            "_id": null,
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "dd wrt",
            "version": null
          },
          {
            "_id": null,
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "eero",
            "version": null
          },
          {
            "_id": null,
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "pfsense",
            "version": null
          },
          {
            "_id": null,
            "model": "ubuntu",
            "scope": null,
            "trust": 0.8,
            "vendor": "canonical",
            "version": null
          },
          {
            "_id": null,
            "model": "gnu/linux",
            "scope": null,
            "trust": 0.8,
            "vendor": "debian",
            "version": null
          },
          {
            "_id": null,
            "model": "freebsd",
            "scope": null,
            "trust": 0.8,
            "vendor": "freebsd",
            "version": null
          },
          {
            "_id": null,
            "model": "leap",
            "scope": null,
            "trust": 0.8,
            "vendor": "opensuse",
            "version": null
          },
          {
            "_id": null,
            "model": "linux enterprise desktop",
            "scope": null,
            "trust": 0.8,
            "vendor": "suse",
            "version": null
          },
          {
            "_id": null,
            "model": "linux enterprise point of sale",
            "scope": null,
            "trust": 0.8,
            "vendor": "suse",
            "version": null
          },
          {
            "_id": null,
            "model": "linux enterprise server",
            "scope": null,
            "trust": 0.8,
            "vendor": "suse",
            "version": null
          },
          {
            "_id": null,
            "model": "openstack cloud",
            "scope": null,
            "trust": 0.8,
            "vendor": "suse",
            "version": null
          },
          {
            "_id": null,
            "model": "hostapd",
            "scope": null,
            "trust": 0.8,
            "vendor": "w1 fi",
            "version": null
          },
          {
            "_id": null,
            "model": "wpa supplicant",
            "scope": null,
            "trust": 0.8,
            "vendor": "w1 fi",
            "version": null
          },
          {
            "_id": null,
            "model": "enterprise linux desktop",
            "scope": null,
            "trust": 0.8,
            "vendor": "red hat",
            "version": null
          },
          {
            "_id": null,
            "model": "enterprise linux server",
            "scope": null,
            "trust": 0.8,
            "vendor": "red hat",
            "version": null
          },
          {
            "_id": null,
            "model": "edge gateway",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "nec",
            "version": null
          },
          {
            "_id": null,
            "model": "sr-m20ac1",
            "scope": "lte",
            "trust": 0.8,
            "vendor": "fujitsu",
            "version": "v02.10"
          },
          {
            "_id": null,
            "model": "sr-m20ac2",
            "scope": "lte",
            "trust": 0.8,
            "vendor": "fujitsu",
            "version": "v02.10"
          },
          {
            "_id": null,
            "model": "alliance wi-fi protected access 2",
            "scope": null,
            "trust": 0.6,
            "vendor": "wi fi",
            "version": null
          },
          {
            "_id": null,
            "model": "alliance w1.f1 wpa supplicant",
            "scope": "eq",
            "trust": 0.6,
            "vendor": "wi fi",
            "version": "2.6"
          },
          {
            "_id": null,
            "model": "scalance w-700",
            "scope": "eq",
            "trust": 0.6,
            "vendor": "siemens",
            "version": "0"
          },
          {
            "_id": null,
            "model": null,
            "scope": "eq",
            "trust": 0.4,
            "vendor": "linux desktop",
            "version": "12"
          },
          {
            "_id": null,
            "model": null,
            "scope": "eq",
            "trust": 0.4,
            "vendor": "linux server",
            "version": "11"
          },
          {
            "_id": null,
            "model": "atom processor c3200 series for yocto project bsp mr4",
            "scope": null,
            "trust": 0.3,
            "vendor": "intel",
            "version": null
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "10.3.2"
          },
          {
            "_id": null,
            "model": "active management technology",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "intel",
            "version": "6.1"
          },
          {
            "_id": null,
            "model": "pyxis supplystation",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "bd",
            "version": "0"
          },
          {
            "_id": null,
            "model": "sinamics smart access module",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "siemens",
            "version": "v200"
          },
          {
            "_id": null,
            "model": "active management technology",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "intel",
            "version": "11.6.27.3264"
          },
          {
            "_id": null,
            "model": "meraki mr34",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "0"
          },
          {
            "_id": null,
            "model": "ck71a-atex",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "pepperl fuchs",
            "version": "0"
          },
          {
            "_id": null,
            "model": "arubaos",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "arubanetworks",
            "version": "6.5.2.0"
          },
          {
            "_id": null,
            "model": "macbook air",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "0"
          },
          {
            "_id": null,
            "model": "aironet series access points",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "18500"
          },
          {
            "_id": null,
            "model": "active management technology",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "intel",
            "version": "8.0"
          },
          {
            "_id": null,
            "model": "meraki mr26",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "0"
          },
          {
            "_id": null,
            "model": "arubaos",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "arubanetworks",
            "version": "6.4"
          },
          {
            "_id": null,
            "model": "aironet series access points",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "28000"
          },
          {
            "_id": null,
            "model": "enterprise linux for power big endian extended update support",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "redhat",
            "version": "-7.5"
          },
          {
            "_id": null,
            "model": "meraki mr84",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "0"
          },
          {
            "_id": null,
            "model": "contact fl wlan",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "phoenix",
            "version": "510x0"
          },
          {
            "_id": null,
            "model": "windows server r2 for itanium-based systems sp1",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "microsoft",
            "version": "2008"
          },
          {
            "_id": null,
            "model": "contact itc",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "phoenix",
            "version": "81130"
          },
          {
            "_id": null,
            "model": "enterprise linux workstation",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "redhat",
            "version": "7"
          },
          {
            "_id": null,
            "model": "active management technology",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "intel",
            "version": "10.0"
          },
          {
            "_id": null,
            "model": "dual band wireless-ac",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "intel",
            "version": "726519.51.0.0"
          },
          {
            "_id": null,
            "model": "enterprise linux server extended update support",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "redhat",
            "version": "-7.6"
          },
          {
            "_id": null,
            "model": "meraki mr18",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "0"
          },
          {
            "_id": null,
            "model": "arubaos",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "arubanetworks",
            "version": "8.1.0.3"
          },
          {
            "_id": null,
            "model": "scalance w1750d",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "siemens",
            "version": "0"
          },
          {
            "_id": null,
            "model": "secure ii med-surg bed",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "stryker",
            "version": "3002"
          },
          {
            "_id": null,
            "model": "contact fl wlan",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "phoenix",
            "version": "210x0"
          },
          {
            "_id": null,
            "model": "windows version for x64-based systems",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "microsoft",
            "version": "1015110"
          },
          {
            "_id": null,
            "model": "aironet access points",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "0"
          },
          {
            "_id": null,
            "model": "contact fl wlan ap",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "phoenix",
            "version": "24802-110"
          },
          {
            "_id": null,
            "model": "active management technology",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "intel",
            "version": "11.0"
          },
          {
            "_id": null,
            "model": "instantos",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "arubanetworks",
            "version": "6.5.4.1"
          },
          {
            "_id": null,
            "model": "tvos",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "10.2"
          },
          {
            "_id": null,
            "model": "wap371 wireless-ac n access point with single point setup",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "0"
          },
          {
            "_id": null,
            "model": "ex-handy",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "pepperl fuchs",
            "version": "2090"
          },
          {
            "_id": null,
            "model": "arubaos",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "arubanetworks",
            "version": "6.5.3.2"
          },
          {
            "_id": null,
            "model": "contact rad-80211-xd",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "phoenix",
            "version": "0"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "apple",
            "version": "11.2"
          },
          {
            "_id": null,
            "model": "contact fl wlan dap",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "phoenix",
            "version": "24802-110"
          },
          {
            "_id": null,
            "model": "dual band wireless-ac",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "intel",
            "version": "726519.10.9.1"
          },
          {
            "_id": null,
            "model": "arubaos",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "arubanetworks",
            "version": "6.3.1.25"
          },
          {
            "_id": null,
            "model": "pyxis medstation es",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "bd",
            "version": "0"
          },
          {
            "_id": null,
            "model": "wireless ip phone",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "88210"
          },
          {
            "_id": null,
            "model": "pyxis stockstation system",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "bd",
            "version": "0"
          },
          {
            "_id": null,
            "model": "macbook",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "0"
          },
          {
            "_id": null,
            "model": "dual band wireless-ac",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "intel",
            "version": "316819.51.7.1"
          },
          {
            "_id": null,
            "model": "dual band wireless-ac",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "intel",
            "version": "726519.10.9.2"
          },
          {
            "_id": null,
            "model": "scalance wlc712",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "siemens",
            "version": "0"
          },
          {
            "_id": null,
            "model": "contact fl wlan spa",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "phoenix",
            "version": "0"
          },
          {
            "_id": null,
            "model": "meraki mr62",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "0"
          },
          {
            "_id": null,
            "model": "simatic et200 pro im154-6 pn iwlan",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "siemens",
            "version": "0"
          },
          {
            "_id": null,
            "model": "tropos broadband mesh routers and bridges",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "abb",
            "version": "0"
          },
          {
            "_id": null,
            "model": "dual band wireless-ac",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "intel",
            "version": "316819.10.9.2"
          },
          {
            "_id": null,
            "model": "meraki mr33",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "0"
          },
          {
            "_id": null,
            "model": "instantos",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "arubanetworks",
            "version": "6.5.3.3"
          },
          {
            "_id": null,
            "model": "micros handheld terminal",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "oracle",
            "version": "0"
          },
          {
            "_id": null,
            "model": "windows server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "microsoft",
            "version": "20120"
          },
          {
            "_id": null,
            "model": "instantos",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "arubanetworks",
            "version": "6.5.2"
          },
          {
            "_id": null,
            "model": "dual band wireless-ac",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "intel",
            "version": "316018.33.9.2"
          },
          {
            "_id": null,
            "model": "windows version for 32-bit systems",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "microsoft",
            "version": "1017030"
          },
          {
            "_id": null,
            "model": "atom processor c3200 series for yocto project bsp mr4.1",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "intel",
            "version": null
          },
          {
            "_id": null,
            "model": "active management technology",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "intel",
            "version": "2.6"
          },
          {
            "_id": null,
            "model": "android",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "7.1.0"
          },
          {
            "_id": null,
            "model": "contact fl wlan",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "phoenix",
            "version": "110x0"
          },
          {
            "_id": null,
            "model": "windows for 32-bit systems",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "microsoft",
            "version": "100"
          },
          {
            "_id": null,
            "model": "s3 med-surg bed",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "stryker",
            "version": "3002"
          },
          {
            "_id": null,
            "model": "arubaos",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "arubanetworks",
            "version": "6.4.2.4"
          },
          {
            "_id": null,
            "model": "tvos",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "11.1"
          },
          {
            "_id": null,
            "model": "contact fl comserver wlan",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "phoenix",
            "version": "232/422/4850"
          },
          {
            "_id": null,
            "model": "airport base station",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "7.6.8"
          },
          {
            "_id": null,
            "model": "enterprise linux server update services for sap solutions",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "redhat",
            "version": "-7."
          },
          {
            "_id": null,
            "model": "active management technology",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "intel",
            "version": "7.1.91.3272"
          },
          {
            "_id": null,
            "model": "instantos",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "arubanetworks",
            "version": "4.2.4.9"
          },
          {
            "_id": null,
            "model": "contact fl wlan ap",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "phoenix",
            "version": "230802-110"
          },
          {
            "_id": null,
            "model": "android",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "6.1"
          },
          {
            "_id": null,
            "model": "enterprise linux for power little endian extended update supp",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "redhat",
            "version": "-7.6"
          },
          {
            "_id": null,
            "model": "meraki mr14",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "0"
          },
          {
            "_id": null,
            "model": "enterprise linux eus compute node",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "redhat",
            "version": "7.5"
          },
          {
            "_id": null,
            "model": "aironet series access points",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "18150"
          },
          {
            "_id": null,
            "model": "wireless client bridge 2.0.0.1-aruba501-b00",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "arubanetworks",
            "version": "501"
          },
          {
            "_id": null,
            "model": "enterprise linux server extended update support",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "redhat",
            "version": "-7.4"
          },
          {
            "_id": null,
            "model": "enterprise linux server tus",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "redhat",
            "version": "-7.6"
          },
          {
            "_id": null,
            "model": "dual band wireless-ac",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "intel",
            "version": "726018.33.9.2"
          },
          {
            "_id": null,
            "model": "airport express",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "0"
          },
          {
            "_id": null,
            "model": "meraki mr16",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "0"
          },
          {
            "_id": null,
            "model": "clarity engine",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "arubanetworks",
            "version": "1.0"
          },
          {
            "_id": null,
            "model": "meraki mr30h",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "0"
          },
          {
            "_id": null,
            "model": "airport extreme",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "0"
          },
          {
            "_id": null,
            "model": "windows server r2",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "microsoft",
            "version": "20120"
          },
          {
            "_id": null,
            "model": "dual band wireless-ac",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "intel",
            "version": "826520.0.2.3"
          },
          {
            "_id": null,
            "model": "android",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "8.0"
          },
          {
            "_id": null,
            "model": "contact bl2 bpc",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "phoenix",
            "version": "0"
          },
          {
            "_id": null,
            "model": "tvos",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "10.0.1"
          },
          {
            "_id": null,
            "model": "enterprise linux for ibm z systems",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "redhat",
            "version": "7"
          },
          {
            "_id": null,
            "model": "watch",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "0"
          },
          {
            "_id": null,
            "model": "meraki mr32",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "0"
          },
          {
            "_id": null,
            "model": "wpa supplicant",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "w1 f1",
            "version": "2.4"
          },
          {
            "_id": null,
            "model": "active management technology",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "intel",
            "version": "4.0"
          },
          {
            "_id": null,
            "model": "ruggedcom rx1400",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "siemens",
            "version": "0"
          },
          {
            "_id": null,
            "model": "cn70a-atex",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "pepperl fuchs",
            "version": "0"
          },
          {
            "_id": null,
            "model": "windows version for 32-bit systems",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "microsoft",
            "version": "1015110"
          },
          {
            "_id": null,
            "model": "arubaos",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "arubanetworks",
            "version": "6.5.3"
          },
          {
            "_id": null,
            "model": "pyxis parx handheld",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "bd",
            "version": "0"
          },
          {
            "_id": null,
            "model": "dual band wireless-ac",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "intel",
            "version": "726519.10"
          },
          {
            "_id": null,
            "model": "active management technology",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "intel",
            "version": "9.1.40.100"
          },
          {
            "_id": null,
            "model": "tvos",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "10.1.1"
          },
          {
            "_id": null,
            "model": "instantos",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "arubanetworks",
            "version": "6.5.3"
          },
          {
            "_id": null,
            "model": "windows rt",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "microsoft",
            "version": "8.1"
          },
          {
            "_id": null,
            "model": "meraki mr42",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "0"
          },
          {
            "_id": null,
            "model": "instantos",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "arubanetworks",
            "version": "4.3.1.6"
          },
          {
            "_id": null,
            "model": "airport base station",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "7.7.3"
          },
          {
            "_id": null,
            "model": "wap561 wireless-n dual radio selectable band access point",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "0"
          },
          {
            "_id": null,
            "model": "active management technology",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "intel",
            "version": "11.0.26.3000"
          },
          {
            "_id": null,
            "model": "instantos",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "arubanetworks",
            "version": "6.5.4.2"
          },
          {
            "_id": null,
            "model": "active management technology",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "intel",
            "version": "11.6"
          },
          {
            "_id": null,
            "model": "tvos",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "apple",
            "version": "11.2"
          },
          {
            "_id": null,
            "model": "active management technology",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "intel",
            "version": "6.0"
          },
          {
            "_id": null,
            "model": "windows server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "microsoft",
            "version": "2016"
          },
          {
            "_id": null,
            "model": "contact rad-whg/wlan-xd",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "phoenix",
            "version": "0"
          },
          {
            "_id": null,
            "model": "dual band wireless-ac",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "intel",
            "version": "726018.33.9.3"
          },
          {
            "_id": null,
            "model": "wi-fi update for boot camp",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "apple",
            "version": "6.4.0"
          },
          {
            "_id": null,
            "model": "suremark printer 2nr",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "toshiba",
            "version": "4610"
          },
          {
            "_id": null,
            "model": "android",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "7.1.1"
          },
          {
            "_id": null,
            "model": "arubaos",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "arubanetworks",
            "version": "6.5.4.2"
          },
          {
            "_id": null,
            "model": "enterprise linux for power little endian extended update supp",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "redhat",
            "version": "-7.5"
          },
          {
            "_id": null,
            "model": "enterprise linux for power little endian",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "redhat",
            "version": "7"
          },
          {
            "_id": null,
            "model": "dual band wireless-ac",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "intel",
            "version": "826520.0.0.0"
          },
          {
            "_id": null,
            "model": "tvos",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "10.2.1"
          },
          {
            "_id": null,
            "model": "arubaos",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "arubanetworks",
            "version": "6.3.1.8"
          },
          {
            "_id": null,
            "model": "windows server for x64-based systems sp2",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "microsoft",
            "version": "2008"
          },
          {
            "_id": null,
            "model": "pyxis supply roller",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "bd",
            "version": "0"
          },
          {
            "_id": null,
            "model": "airport base station",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "7.6.3"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "10.3"
          },
          {
            "_id": null,
            "model": "telepresence collaboration endpoint",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "0"
          },
          {
            "_id": null,
            "model": "active management technology",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "intel",
            "version": "6.2.61.3535"
          },
          {
            "_id": null,
            "model": "contact vmt",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "phoenix",
            "version": "70xx0"
          },
          {
            "_id": null,
            "model": "imac",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "0"
          },
          {
            "_id": null,
            "model": "meraki mr72",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "0"
          },
          {
            "_id": null,
            "model": "watchos",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "4"
          },
          {
            "_id": null,
            "model": "enterprise linux for power little endian extended update supp",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "redhat",
            "version": "-7.4"
          },
          {
            "_id": null,
            "model": "active management technology",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "intel",
            "version": "11.0.25.3001"
          },
          {
            "_id": null,
            "model": "arubaos",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "arubanetworks",
            "version": "8.1.0.4"
          },
          {
            "_id": null,
            "model": "active management technology",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "intel",
            "version": "9.1"
          },
          {
            "_id": null,
            "model": "enterprise linux server tus",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "redhat",
            "version": "-7.4"
          },
          {
            "_id": null,
            "model": "active management technology",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "intel",
            "version": "6.2"
          },
          {
            "_id": null,
            "model": "meraki mr53",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "0"
          },
          {
            "_id": null,
            "model": "tvos",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "10.1"
          },
          {
            "_id": null,
            "model": "wap551 wireless-n single radio selectable band access point",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "0"
          },
          {
            "_id": null,
            "model": "instantos",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "arubanetworks",
            "version": "4.2"
          },
          {
            "_id": null,
            "model": "instantos",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "arubanetworks",
            "version": "6.5.3.2"
          },
          {
            "_id": null,
            "model": "dual band wireless-ac",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "intel",
            "version": "316519.10"
          },
          {
            "_id": null,
            "model": "dual band wireless-ac",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "intel",
            "version": "826020.0.0.0"
          },
          {
            "_id": null,
            "model": "wap121 wireless-n access point with single point setup",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "0"
          },
          {
            "_id": null,
            "model": "active management technology",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "intel",
            "version": "2.5"
          },
          {
            "_id": null,
            "model": "active management technology",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "intel",
            "version": "11.6.0.1000"
          },
          {
            "_id": null,
            "model": "wireless client bridge 1.0.1.3-hp501-b0012",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "arubanetworks",
            "version": "501"
          },
          {
            "_id": null,
            "model": "i.roc ci70-ex",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "pepperl fuchs",
            "version": "0"
          },
          {
            "_id": null,
            "model": "arubaos",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "arubanetworks",
            "version": "6.5.0.0"
          },
          {
            "_id": null,
            "model": "dual band wireless-ac",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "intel",
            "version": "826020.0.2.2"
          },
          {
            "_id": null,
            "model": "active management technology",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "intel",
            "version": "7.1"
          },
          {
            "_id": null,
            "model": "cn70e-atex",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "pepperl fuchs",
            "version": "0"
          },
          {
            "_id": null,
            "model": "dual band wireless-ac",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "intel",
            "version": "726018.0.0.0"
          },
          {
            "_id": null,
            "model": "meraki mr24",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "0"
          },
          {
            "_id": null,
            "model": "suremark printer 1nr",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "toshiba",
            "version": "4610"
          },
          {
            "_id": null,
            "model": "enterprise linux for ibm z systems extended update support",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "redhat",
            "version": "-7.6"
          },
          {
            "_id": null,
            "model": "contact vmt",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "phoenix",
            "version": "50xx0"
          },
          {
            "_id": null,
            "model": "meraki mr74",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "0"
          },
          {
            "_id": null,
            "model": "ex-handy",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "pepperl fuchs",
            "version": "090"
          },
          {
            "_id": null,
            "model": "arubaos",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "arubanetworks",
            "version": "6.4.4.15"
          },
          {
            "_id": null,
            "model": "dual band wireless-ac",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "intel",
            "version": "316519.51.7.1"
          },
          {
            "_id": null,
            "model": "dual band wireless-ac",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "intel",
            "version": "726519.51.7.20"
          },
          {
            "_id": null,
            "model": "anyconnect secure mobility client",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "0"
          },
          {
            "_id": null,
            "model": "dual band wireless-ac",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "intel",
            "version": "726519.51.7.1"
          },
          {
            "_id": null,
            "model": "systems esp32",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "espressif",
            "version": "0"
          },
          {
            "_id": null,
            "model": "watchos",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "4.1"
          },
          {
            "_id": null,
            "model": "enterprise linux server extended update support",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "redhat",
            "version": "-7.5"
          },
          {
            "_id": null,
            "model": "micros handheld terminal 2.03.0.0.021r",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "oracle",
            "version": null
          },
          {
            "_id": null,
            "model": "aironet series access points",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "38000"
          },
          {
            "_id": null,
            "model": "pyxis parx",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "bd",
            "version": "0"
          },
          {
            "_id": null,
            "model": "dx70",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "0"
          },
          {
            "_id": null,
            "model": "arubaos",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "arubanetworks",
            "version": "6.5.1.9"
          },
          {
            "_id": null,
            "model": "enterprise linux server update services for sap solutions",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "redhat",
            "version": "-7.6"
          },
          {
            "_id": null,
            "model": "intouch critical care bed",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "stryker",
            "version": "2141"
          },
          {
            "_id": null,
            "model": "pyxis anesthesia es",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "bd",
            "version": "0"
          },
          {
            "_id": null,
            "model": "aironet series officeextend access points",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "18100"
          },
          {
            "_id": null,
            "model": "windows for x64-based systems",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "microsoft",
            "version": "8.10"
          },
          {
            "_id": null,
            "model": "dual band wireless-ac",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "intel",
            "version": "316819.10.9.1"
          },
          {
            "_id": null,
            "model": "active management technology",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "intel",
            "version": "10.0.55.3000"
          },
          {
            "_id": null,
            "model": "windows for 32-bit systems",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "microsoft",
            "version": "8.10"
          },
          {
            "_id": null,
            "model": "android",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "6.0"
          },
          {
            "_id": null,
            "model": "meraki mr66",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "0"
          },
          {
            "_id": null,
            "model": "dual band wireless-ac",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "intel",
            "version": "316519.10.9.1"
          },
          {
            "_id": null,
            "model": "airport base station",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "7.6"
          },
          {
            "_id": null,
            "model": "intouch critical care bed",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "stryker",
            "version": "2131"
          },
          {
            "_id": null,
            "model": "android",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "7.1.2"
          },
          {
            "_id": null,
            "model": "aironet series access points",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "18300"
          },
          {
            "_id": null,
            "model": "enterprise linux server aus",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "redhat",
            "version": "-7.6"
          },
          {
            "_id": null,
            "model": "enterprise linux for power big endian extended update support",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "redhat",
            "version": "-7.6"
          },
          {
            "_id": null,
            "model": "active management technology",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "intel",
            "version": "10.0.0.50.1004"
          },
          {
            "_id": null,
            "model": "arubaos",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "arubanetworks",
            "version": "6.4.1.0"
          },
          {
            "_id": null,
            "model": "wap321 wireless-n access point with single point setup",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "0"
          },
          {
            "_id": null,
            "model": "simatic iwlan-pb/link",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "siemens",
            "version": "0"
          },
          {
            "_id": null,
            "model": "aironet 1810w series access points",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "0"
          },
          {
            "_id": null,
            "model": "meraki mr52",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "0"
          },
          {
            "_id": null,
            "model": "enterprise linux for ibm z systems extended update support",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "redhat",
            "version": "-7.5"
          },
          {
            "_id": null,
            "model": "meraki mr12",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "0"
          },
          {
            "_id": null,
            "model": "airmesh msr",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "arubanetworks",
            "version": "0"
          },
          {
            "_id": null,
            "model": "dual band wireless-ac",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "intel",
            "version": "316519.51.7.20"
          },
          {
            "_id": null,
            "model": "watchos",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "apple",
            "version": "4.2"
          },
          {
            "_id": null,
            "model": "contact fl wlan ec",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "phoenix",
            "version": "24802-110"
          },
          {
            "_id": null,
            "model": "instantos",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "arubanetworks",
            "version": "4.2.4.8"
          },
          {
            "_id": null,
            "model": "systems esp8266",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "espressif",
            "version": "0"
          },
          {
            "_id": null,
            "model": "tv",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "0"
          },
          {
            "_id": null,
            "model": "pad-ex",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "pepperl fuchs",
            "version": "010"
          },
          {
            "_id": null,
            "model": "active management technology",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "intel",
            "version": "11.0.0.1205"
          },
          {
            "_id": null,
            "model": "ip phone",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "88610"
          },
          {
            "_id": null,
            "model": "clarity engine",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "arubanetworks",
            "version": "1.0.0.1"
          },
          {
            "_id": null,
            "model": "aironet series access points",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "15600"
          },
          {
            "_id": null,
            "model": "windows for 32-bit systems sp1",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "microsoft",
            "version": "7"
          },
          {
            "_id": null,
            "model": "instantos",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "arubanetworks",
            "version": "4.3.1.5"
          },
          {
            "_id": null,
            "model": "airport base station",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "7.6.2"
          },
          {
            "_id": null,
            "model": "active management technology",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "intel",
            "version": "8.1"
          },
          {
            "_id": null,
            "model": "active management technology",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "intel",
            "version": "11.8"
          },
          {
            "_id": null,
            "model": "windows for x64-based systems sp1",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "microsoft",
            "version": "7"
          },
          {
            "_id": null,
            "model": "enterprise linux for ibm z systems extended update support",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "redhat",
            "version": "-7.4"
          },
          {
            "_id": null,
            "model": "meraki mr58",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "0"
          },
          {
            "_id": null,
            "model": "windows version for 32-bit systems",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "microsoft",
            "version": "1016070"
          },
          {
            "_id": null,
            "model": "dual band wireless-ac",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "intel",
            "version": "316519.10.9.2"
          },
          {
            "_id": null,
            "model": "pyxis parassist system",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "bd",
            "version": "0"
          },
          {
            "_id": null,
            "model": "windows server for 32-bit systems sp2",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "microsoft",
            "version": "2008"
          },
          {
            "_id": null,
            "model": "instantos",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "arubanetworks",
            "version": "4.3"
          },
          {
            "_id": null,
            "model": "android",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "7.0"
          },
          {
            "_id": null,
            "model": "simatic mobile panel 277 iwlan",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "siemens",
            "version": "0"
          },
          {
            "_id": null,
            "model": "pyxis medstation t2",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "bd",
            "version": "40000"
          },
          {
            "_id": null,
            "model": "dual band wireless-ac",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "intel",
            "version": "826020.0.2.3"
          },
          {
            "_id": null,
            "model": "android",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "6.0.1"
          },
          {
            "_id": null,
            "model": "airport base station",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "7.6.1"
          },
          {
            "_id": null,
            "model": "dual band wireless-ac",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "intel",
            "version": "316519.51.0.0"
          },
          {
            "_id": null,
            "model": "wi-fi update for boot camp",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "0"
          },
          {
            "_id": null,
            "model": "enterprise linux server update services for sap solutions",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "redhat",
            "version": "-7.4"
          },
          {
            "_id": null,
            "model": "ipad",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "0"
          },
          {
            "_id": null,
            "model": "contact vmt",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "phoenix",
            "version": "30xx0"
          },
          {
            "_id": null,
            "model": "enterprise linux for power big endian",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "redhat",
            "version": "7"
          },
          {
            "_id": null,
            "model": "wpa supplicant",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "w1 f1",
            "version": "2.6"
          },
          {
            "_id": null,
            "model": "wireless client bridge",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "arubanetworks",
            "version": "5010"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "10.0.1"
          },
          {
            "_id": null,
            "model": "active management technology",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "intel",
            "version": "11.5"
          },
          {
            "_id": null,
            "model": "meraki mr11",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "0"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "10.3.3"
          },
          {
            "_id": null,
            "model": "pyxis anesthesia system",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "bd",
            "version": "40000"
          },
          {
            "_id": null,
            "model": "tvos",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "10.2.2"
          },
          {
            "_id": null,
            "model": "pyxis anesthesia system",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "bd",
            "version": "35000"
          },
          {
            "_id": null,
            "model": "automation stratix 15.3 jc1",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "rockwell",
            "version": "5100"
          },
          {
            "_id": null,
            "model": "enterprise linux server aus",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "redhat",
            "version": "-7.4"
          },
          {
            "_id": null,
            "model": "pyxis ciisafe workstation",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "bd",
            "version": "??0"
          },
          {
            "_id": null,
            "model": "enterprise linux for power big endian extended update support",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "redhat",
            "version": "-7.4"
          },
          {
            "_id": null,
            "model": "airport base station",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "7.6.7"
          },
          {
            "_id": null,
            "model": "dual band wireless-ac",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "intel",
            "version": "316819.51.0.0"
          },
          {
            "_id": null,
            "model": "ipad air",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "0"
          },
          {
            "_id": null,
            "model": "active management technology",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "intel",
            "version": "7.0"
          },
          {
            "_id": null,
            "model": "arubaos",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "arubanetworks",
            "version": "6.5.4.1"
          },
          {
            "_id": null,
            "model": "enterprise linux eus compute node",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "redhat",
            "version": "7.6"
          },
          {
            "_id": null,
            "model": "enterprise linux for scientific computing",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "redhat",
            "version": "7"
          },
          {
            "_id": null,
            "model": "active management technology",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "intel",
            "version": "8.1.71.3608"
          },
          {
            "_id": null,
            "model": "active management technology",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "intel",
            "version": "9.1.41.3024"
          },
          {
            "_id": null,
            "model": "arubaos",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "arubanetworks",
            "version": "6.4.2.1"
          },
          {
            "_id": null,
            "model": "enterprise linux eus compute node",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "redhat",
            "version": "7.4"
          },
          {
            "_id": null,
            "model": "dx80",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "0"
          },
          {
            "_id": null,
            "model": "active management technology",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "intel",
            "version": "9.0"
          },
          {
            "_id": null,
            "model": "contact bl2 ppc",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "phoenix",
            "version": "0"
          },
          {
            "_id": null,
            "model": "contact tpc",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "phoenix",
            "version": "60130"
          },
          {
            "_id": null,
            "model": "ipod touch",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "0"
          },
          {
            "_id": null,
            "model": "arubaos",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "arubanetworks",
            "version": "6.5.1"
          },
          {
            "_id": null,
            "model": "ck70a-atex",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "pepperl fuchs",
            "version": "0"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "10.2.1"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "10.3.1"
          },
          {
            "_id": null,
            "model": "dual band wireless-ac",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "intel",
            "version": "316819.51.7.20"
          },
          {
            "_id": null,
            "model": "macbook pro",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "0"
          },
          {
            "_id": null,
            "model": "dual band wireless-ac",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "intel",
            "version": "316819.10"
          },
          {
            "_id": null,
            "model": "windows for x64-based systems",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "microsoft",
            "version": "100"
          },
          {
            "_id": null,
            "model": "airport base station",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "7.7.8"
          },
          {
            "_id": null,
            "model": "active management technology",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "intel",
            "version": "9.5"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "10.1"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "10.2"
          },
          {
            "_id": null,
            "model": "airport base station",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "7.6.4"
          },
          {
            "_id": null,
            "model": "smart-ex",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "pepperl fuchs",
            "version": "010"
          },
          {
            "_id": null,
            "model": "dual band wireless-ac",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "intel",
            "version": "826520.0.2.2"
          },
          {
            "_id": null,
            "model": "dual band wireless-ac",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "intel",
            "version": "316018.33.9.3"
          },
          {
            "_id": null,
            "model": "tab-ex",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "pepperl fuchs",
            "version": "010"
          },
          {
            "_id": null,
            "model": "arubaos",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "arubanetworks",
            "version": "6.5.3.3"
          },
          {
            "_id": null,
            "model": "iphone",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "0"
          },
          {
            "_id": null,
            "model": "macmini",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "0"
          },
          {
            "_id": null,
            "model": "arubaos",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "arubanetworks",
            "version": "6.4.4.16"
          },
          {
            "_id": null,
            "model": "contact fl wlan epa",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "phoenix",
            "version": "0"
          },
          {
            "_id": null,
            "model": "airport time capsule",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "0"
          },
          {
            "_id": null,
            "model": "alliance wpa2 (wi-fi protected access",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "wi fi",
            "version": "2)0"
          },
          {
            "_id": null,
            "model": "airport base station",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "apple",
            "version": "7.7.9"
          },
          {
            "_id": null,
            "model": "scalance wlc711",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "siemens",
            "version": "0"
          },
          {
            "_id": null,
            "model": "ruggedcom rs9xxw",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "siemens",
            "version": "0"
          },
          {
            "_id": null,
            "model": "arubaos",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "arubanetworks",
            "version": "6.3.1.15"
          },
          {
            "_id": null,
            "model": "networks unifi access point",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ubiquiti",
            "version": "0"
          },
          {
            "_id": null,
            "model": "suremark printer 2cr",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "toshiba",
            "version": "4610"
          },
          {
            "_id": null,
            "model": "ip phone",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "88650"
          },
          {
            "_id": null,
            "model": "arubaos",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "arubanetworks",
            "version": "6.5.4"
          },
          {
            "_id": null,
            "model": "airport base station",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "7.7.7"
          },
          {
            "_id": null,
            "model": "instantos",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "arubanetworks",
            "version": "6.5.4"
          },
          {
            "_id": null,
            "model": "asa 5506w-x w/ firepower services",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "0"
          },
          {
            "_id": null,
            "model": "windows version for x64-based systems",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "microsoft",
            "version": "1016070"
          },
          {
            "_id": null,
            "model": "airport base station",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "apple",
            "version": "7.6.9"
          },
          {
            "_id": null,
            "model": "s3 med-surg bed",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "stryker",
            "version": "3005"
          },
          {
            "_id": null,
            "model": "dual band wireless-ac",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "intel",
            "version": "316018.0.0.0"
          },
          {
            "_id": null,
            "model": "smart-ex",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "pepperl fuchs",
            "version": "2010"
          },
          {
            "_id": null,
            "model": "windows version for x64-based systems",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "microsoft",
            "version": "1017030"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "11.1"
          },
          {
            "_id": null,
            "model": null,
            "scope": "eq",
            "trust": 0.2,
            "vendor": "ubuntu linux",
            "version": "14.04"
          },
          {
            "_id": null,
            "model": null,
            "scope": "eq",
            "trust": 0.2,
            "vendor": "ubuntu linux",
            "version": "16.04"
          },
          {
            "_id": null,
            "model": null,
            "scope": "eq",
            "trust": 0.2,
            "vendor": "ubuntu linux",
            "version": "17.04"
          },
          {
            "_id": null,
            "model": null,
            "scope": "eq",
            "trust": 0.2,
            "vendor": "debian linux",
            "version": "8.0"
          },
          {
            "_id": null,
            "model": null,
            "scope": "eq",
            "trust": 0.2,
            "vendor": "debian linux",
            "version": "9.0"
          },
          {
            "_id": null,
            "model": null,
            "scope": "eq",
            "trust": 0.2,
            "vendor": "freebsd",
            "version": "*"
          },
          {
            "_id": null,
            "model": null,
            "scope": "eq",
            "trust": 0.2,
            "vendor": "freebsd",
            "version": "10"
          },
          {
            "_id": null,
            "model": null,
            "scope": "eq",
            "trust": 0.2,
            "vendor": "freebsd",
            "version": "10.4"
          },
          {
            "_id": null,
            "model": null,
            "scope": "eq",
            "trust": 0.2,
            "vendor": "freebsd",
            "version": "11"
          },
          {
            "_id": null,
            "model": null,
            "scope": "eq",
            "trust": 0.2,
            "vendor": "freebsd",
            "version": "11.1"
          },
          {
            "_id": null,
            "model": null,
            "scope": "eq",
            "trust": 0.2,
            "vendor": "leap",
            "version": "42.2"
          },
          {
            "_id": null,
            "model": null,
            "scope": "eq",
            "trust": 0.2,
            "vendor": "leap",
            "version": "42.3"
          },
          {
            "_id": null,
            "model": null,
            "scope": "eq",
            "trust": 0.2,
            "vendor": "linux desktop",
            "version": "7"
          },
          {
            "_id": null,
            "model": null,
            "scope": "eq",
            "trust": 0.2,
            "vendor": "linux server",
            "version": "7"
          },
          {
            "_id": null,
            "model": null,
            "scope": "eq",
            "trust": 0.2,
            "vendor": "hostapd",
            "version": "0.2.4"
          },
          {
            "_id": null,
            "model": null,
            "scope": "eq",
            "trust": 0.2,
            "vendor": "hostapd",
            "version": "0.2.5"
          },
          {
            "_id": null,
            "model": null,
            "scope": "eq",
            "trust": 0.2,
            "vendor": "hostapd",
            "version": "0.2.6"
          },
          {
            "_id": null,
            "model": null,
            "scope": "eq",
            "trust": 0.2,
            "vendor": "hostapd",
            "version": "0.2.8"
          },
          {
            "_id": null,
            "model": null,
            "scope": "eq",
            "trust": 0.2,
            "vendor": "hostapd",
            "version": "0.3.7"
          },
          {
            "_id": null,
            "model": null,
            "scope": "eq",
            "trust": 0.2,
            "vendor": "hostapd",
            "version": "0.3.9"
          },
          {
            "_id": null,
            "model": null,
            "scope": "eq",
            "trust": 0.2,
            "vendor": "hostapd",
            "version": "0.3.10"
          },
          {
            "_id": null,
            "model": null,
            "scope": "eq",
            "trust": 0.2,
            "vendor": "hostapd",
            "version": "0.3.11"
          },
          {
            "_id": null,
            "model": null,
            "scope": "eq",
            "trust": 0.2,
            "vendor": "hostapd",
            "version": "0.4.7"
          },
          {
            "_id": null,
            "model": null,
            "scope": "eq",
            "trust": 0.2,
            "vendor": "hostapd",
            "version": "0.4.8"
          },
          {
            "_id": null,
            "model": null,
            "scope": "eq",
            "trust": 0.2,
            "vendor": "hostapd",
            "version": "0.4.9"
          },
          {
            "_id": null,
            "model": null,
            "scope": "eq",
            "trust": 0.2,
            "vendor": "hostapd",
            "version": "0.4.10"
          },
          {
            "_id": null,
            "model": null,
            "scope": "eq",
            "trust": 0.2,
            "vendor": "hostapd",
            "version": "0.4.11"
          },
          {
            "_id": null,
            "model": null,
            "scope": "eq",
            "trust": 0.2,
            "vendor": "hostapd",
            "version": "0.5.7"
          },
          {
            "_id": null,
            "model": null,
            "scope": "eq",
            "trust": 0.2,
            "vendor": "hostapd",
            "version": "0.5.8"
          },
          {
            "_id": null,
            "model": null,
            "scope": "eq",
            "trust": 0.2,
            "vendor": "hostapd",
            "version": "0.5.9"
          },
          {
            "_id": null,
            "model": null,
            "scope": "eq",
            "trust": 0.2,
            "vendor": "hostapd",
            "version": "0.5.10"
          },
          {
            "_id": null,
            "model": null,
            "scope": "eq",
            "trust": 0.2,
            "vendor": "hostapd",
            "version": "0.5.11"
          },
          {
            "_id": null,
            "model": null,
            "scope": "eq",
            "trust": 0.2,
            "vendor": "hostapd",
            "version": "0.6.8"
          },
          {
            "_id": null,
            "model": null,
            "scope": "eq",
            "trust": 0.2,
            "vendor": "hostapd",
            "version": "0.6.9"
          },
          {
            "_id": null,
            "model": null,
            "scope": "eq",
            "trust": 0.2,
            "vendor": "hostapd",
            "version": "0.6.10"
          },
          {
            "_id": null,
            "model": null,
            "scope": "eq",
            "trust": 0.2,
            "vendor": "hostapd",
            "version": "0.7.3"
          },
          {
            "_id": null,
            "model": null,
            "scope": "eq",
            "trust": 0.2,
            "vendor": "hostapd",
            "version": "1.0"
          },
          {
            "_id": null,
            "model": null,
            "scope": "eq",
            "trust": 0.2,
            "vendor": "hostapd",
            "version": "1.1"
          },
          {
            "_id": null,
            "model": null,
            "scope": "eq",
            "trust": 0.2,
            "vendor": "hostapd",
            "version": "2.0"
          },
          {
            "_id": null,
            "model": null,
            "scope": "eq",
            "trust": 0.2,
            "vendor": "hostapd",
            "version": "2.1"
          },
          {
            "_id": null,
            "model": null,
            "scope": "eq",
            "trust": 0.2,
            "vendor": "hostapd",
            "version": "2.2"
          },
          {
            "_id": null,
            "model": null,
            "scope": "eq",
            "trust": 0.2,
            "vendor": "hostapd",
            "version": "2.3"
          },
          {
            "_id": null,
            "model": null,
            "scope": "eq",
            "trust": 0.2,
            "vendor": "hostapd",
            "version": "2.4"
          },
          {
            "_id": null,
            "model": null,
            "scope": "eq",
            "trust": 0.2,
            "vendor": "hostapd",
            "version": "2.5"
          },
          {
            "_id": null,
            "model": null,
            "scope": "eq",
            "trust": 0.2,
            "vendor": "hostapd",
            "version": "2.6"
          },
          {
            "_id": null,
            "model": null,
            "scope": "eq",
            "trust": 0.2,
            "vendor": "wpa supplicant",
            "version": "0.2.4"
          },
          {
            "_id": null,
            "model": null,
            "scope": "eq",
            "trust": 0.2,
            "vendor": "wpa supplicant",
            "version": "0.2.5"
          },
          {
            "_id": null,
            "model": null,
            "scope": "eq",
            "trust": 0.2,
            "vendor": "wpa supplicant",
            "version": "0.2.6"
          },
          {
            "_id": null,
            "model": null,
            "scope": "eq",
            "trust": 0.2,
            "vendor": "wpa supplicant",
            "version": "0.2.7"
          },
          {
            "_id": null,
            "model": null,
            "scope": "eq",
            "trust": 0.2,
            "vendor": "wpa supplicant",
            "version": "0.2.8"
          },
          {
            "_id": null,
            "model": null,
            "scope": "eq",
            "trust": 0.2,
            "vendor": "wpa supplicant",
            "version": "0.3.7"
          },
          {
            "_id": null,
            "model": null,
            "scope": "eq",
            "trust": 0.2,
            "vendor": "wpa supplicant",
            "version": "0.3.8"
          },
          {
            "_id": null,
            "model": null,
            "scope": "eq",
            "trust": 0.2,
            "vendor": "wpa supplicant",
            "version": "0.3.9"
          },
          {
            "_id": null,
            "model": null,
            "scope": "eq",
            "trust": 0.2,
            "vendor": "wpa supplicant",
            "version": "0.3.10"
          },
          {
            "_id": null,
            "model": null,
            "scope": "eq",
            "trust": 0.2,
            "vendor": "wpa supplicant",
            "version": "0.3.11"
          },
          {
            "_id": null,
            "model": null,
            "scope": "eq",
            "trust": 0.2,
            "vendor": "wpa supplicant",
            "version": "0.4.7"
          },
          {
            "_id": null,
            "model": null,
            "scope": "eq",
            "trust": 0.2,
            "vendor": "wpa supplicant",
            "version": "0.4.8"
          },
          {
            "_id": null,
            "model": null,
            "scope": "eq",
            "trust": 0.2,
            "vendor": "wpa supplicant",
            "version": "0.4.9"
          },
          {
            "_id": null,
            "model": null,
            "scope": "eq",
            "trust": 0.2,
            "vendor": "wpa supplicant",
            "version": "0.4.10"
          },
          {
            "_id": null,
            "model": null,
            "scope": "eq",
            "trust": 0.2,
            "vendor": "wpa supplicant",
            "version": "0.4.11"
          },
          {
            "_id": null,
            "model": null,
            "scope": "eq",
            "trust": 0.2,
            "vendor": "wpa supplicant",
            "version": "0.5.7"
          },
          {
            "_id": null,
            "model": null,
            "scope": "eq",
            "trust": 0.2,
            "vendor": "wpa supplicant",
            "version": "0.5.8"
          },
          {
            "_id": null,
            "model": null,
            "scope": "eq",
            "trust": 0.2,
            "vendor": "wpa supplicant",
            "version": "0.5.9"
          },
          {
            "_id": null,
            "model": null,
            "scope": "eq",
            "trust": 0.2,
            "vendor": "wpa supplicant",
            "version": "0.5.10"
          },
          {
            "_id": null,
            "model": null,
            "scope": "eq",
            "trust": 0.2,
            "vendor": "wpa supplicant",
            "version": "0.5.11"
          },
          {
            "_id": null,
            "model": null,
            "scope": "eq",
            "trust": 0.2,
            "vendor": "wpa supplicant",
            "version": "0.6.8"
          },
          {
            "_id": null,
            "model": null,
            "scope": "eq",
            "trust": 0.2,
            "vendor": "wpa supplicant",
            "version": "0.6.9"
          },
          {
            "_id": null,
            "model": null,
            "scope": "eq",
            "trust": 0.2,
            "vendor": "wpa supplicant",
            "version": "0.6.10"
          },
          {
            "_id": null,
            "model": null,
            "scope": "eq",
            "trust": 0.2,
            "vendor": "wpa supplicant",
            "version": "0.7.3"
          },
          {
            "_id": null,
            "model": null,
            "scope": "eq",
            "trust": 0.2,
            "vendor": "wpa supplicant",
            "version": "1.0"
          },
          {
            "_id": null,
            "model": null,
            "scope": "eq",
            "trust": 0.2,
            "vendor": "wpa supplicant",
            "version": "1.1"
          },
          {
            "_id": null,
            "model": null,
            "scope": "eq",
            "trust": 0.2,
            "vendor": "wpa supplicant",
            "version": "2.0"
          },
          {
            "_id": null,
            "model": null,
            "scope": "eq",
            "trust": 0.2,
            "vendor": "wpa supplicant",
            "version": "2.1"
          },
          {
            "_id": null,
            "model": null,
            "scope": "eq",
            "trust": 0.2,
            "vendor": "wpa supplicant",
            "version": "2.2"
          },
          {
            "_id": null,
            "model": null,
            "scope": "eq",
            "trust": 0.2,
            "vendor": "wpa supplicant",
            "version": "2.3"
          },
          {
            "_id": null,
            "model": null,
            "scope": "eq",
            "trust": 0.2,
            "vendor": "wpa supplicant",
            "version": "2.4"
          },
          {
            "_id": null,
            "model": null,
            "scope": "eq",
            "trust": 0.2,
            "vendor": "wpa supplicant",
            "version": "2.5"
          },
          {
            "_id": null,
            "model": null,
            "scope": "eq",
            "trust": 0.2,
            "vendor": "wpa supplicant",
            "version": "2.6"
          },
          {
            "_id": null,
            "model": null,
            "scope": "eq",
            "trust": 0.2,
            "vendor": "linux point of sale",
            "version": "11"
          },
          {
            "_id": null,
            "model": null,
            "scope": "eq",
            "trust": 0.2,
            "vendor": "linux server",
            "version": "12"
          },
          {
            "_id": null,
            "model": null,
            "scope": "eq",
            "trust": 0.2,
            "vendor": "openstack cloud",
            "version": "6"
          }
        ],
        "sources": [
          {
            "db": "IVD",
            "id": "69402209-7265-4991-8217-51ff9b4857be"
          },
          {
            "db": "CERT/CC",
            "id": "VU#228519"
          },
          {
            "db": "CNVD",
            "id": "CNVD-2017-30406"
          },
          {
            "db": "BID",
            "id": "101274"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201710-380"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2017-008412"
          },
          {
            "db": "NVD",
            "id": "CVE-2017-13077"
          }
        ]
      },
      "configurations": {
        "_id": null,
        "data": [
          {
            "CVE_data_version": "4.0",
            "nodes": [
              {
                "cpe_match": [
                  {
                    "cpe22Uri": "cpe:/o:canonical:ubuntu",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:debian:debian_linux",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:freebsd:freebsd",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:opensuse_project:leap",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:suse:linux_enterprise_desktop",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:suse:suse_linux_enterprise_point_of_sale",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:suse:linux_enterprise_server",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/a:suse:openstack_cloud",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/a:w1.fi:hostapd",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/a:w1.fi:wpa_supplicant",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:redhat:enterprise_linux_desktop",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:redhat:enterprise_linux_server",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:nec:nec_edge_gateway",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/a:fujitsu:sr-m20ac1",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/a:fujitsu:sr-m20ac2",
                    "vulnerable": true
                  }
                ],
                "operator": "OR"
              }
            ]
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2017-008412"
          }
        ]
      },
      "credits": {
        "_id": null,
        "data": "Mathy Vanhoef from imec-DistriNet and KU Leuven.",
        "sources": [
          {
            "db": "BID",
            "id": "101274"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201710-380"
          }
        ],
        "trust": 0.9
      },
      "cve": "CVE-2017-13077",
      "cvss": {
        "_id": null,
        "data": [
          {
            "cvssV2": [
              {
                "accessComplexity": "MEDIUM",
                "accessVector": "ADJACENT_NETWORK",
                "authentication": "NONE",
                "author": "nvd@nist.gov",
                "availabilityImpact": "PARTIAL",
                "baseScore": 5.4,
                "confidentialityImpact": "PARTIAL",
                "exploitabilityScore": 5.5,
                "id": "CVE-2017-13077",
                "impactScore": 6.4,
                "integrityImpact": "PARTIAL",
                "severity": "MEDIUM",
                "trust": 1.9,
                "vectorString": "AV:A/AC:M/Au:N/C:P/I:P/A:P",
                "version": "2.0"
              },
              {
                "accessComplexity": "MEDIUM",
                "accessVector": "ADJACENT_NETWORK",
                "authentication": "NONE",
                "author": "CNVD",
                "availabilityImpact": "PARTIAL",
                "baseScore": 5.4,
                "confidentialityImpact": "PARTIAL",
                "exploitabilityScore": 5.5,
                "id": "CNVD-2017-30406",
                "impactScore": 6.4,
                "integrityImpact": "PARTIAL",
                "severity": "MEDIUM",
                "trust": 0.6,
                "vectorString": "AV:A/AC:M/Au:N/C:P/I:P/A:P",
                "version": "2.0"
              },
              {
                "accessComplexity": "MEDIUM",
                "accessVector": "ADJACENT_NETWORK",
                "authentication": "NONE",
                "author": "IVD",
                "availabilityImpact": "PARTIAL",
                "baseScore": 5.4,
                "confidentialityImpact": "PARTIAL",
                "exploitabilityScore": 5.5,
                "id": "69402209-7265-4991-8217-51ff9b4857be",
                "impactScore": 6.4,
                "integrityImpact": "PARTIAL",
                "severity": "MEDIUM",
                "trust": 0.2,
                "vectorString": "AV:A/AC:M/Au:N/C:P/I:P/A:P",
                "version": "2.9 [IVD]"
              }
            ],
            "cvssV3": [
              {
                "attackComplexity": "HIGH",
                "attackVector": "ADJACENT",
                "author": "nvd@nist.gov",
                "availabilityImpact": "NONE",
                "baseScore": 6.8,
                "baseSeverity": "MEDIUM",
                "confidentialityImpact": "HIGH",
                "exploitabilityScore": 1.6,
                "id": "CVE-2017-13077",
                "impactScore": 5.2,
                "integrityImpact": "HIGH",
                "privilegesRequired": "NONE",
                "scope": "UNCHANGED",
                "trust": 1.8,
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.0/AV:A/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N",
                "version": "3.0"
              }
            ],
            "severity": [
              {
                "author": "nvd@nist.gov",
                "id": "CVE-2017-13077",
                "trust": 1.0,
                "value": "MEDIUM"
              },
              {
                "author": "NVD",
                "id": "CVE-2017-13077",
                "trust": 0.8,
                "value": "Medium"
              },
              {
                "author": "CNVD",
                "id": "CNVD-2017-30406",
                "trust": 0.6,
                "value": "MEDIUM"
              },
              {
                "author": "CNNVD",
                "id": "CNNVD-201710-380",
                "trust": 0.6,
                "value": "MEDIUM"
              },
              {
                "author": "IVD",
                "id": "69402209-7265-4991-8217-51ff9b4857be",
                "trust": 0.2,
                "value": "MEDIUM"
              },
              {
                "author": "VULMON",
                "id": "CVE-2017-13077",
                "trust": 0.1,
                "value": "MEDIUM"
              }
            ]
          }
        ],
        "sources": [
          {
            "db": "IVD",
            "id": "69402209-7265-4991-8217-51ff9b4857be"
          },
          {
            "db": "CNVD",
            "id": "CNVD-2017-30406"
          },
          {
            "db": "VULMON",
            "id": "CVE-2017-13077"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201710-380"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2017-008412"
          },
          {
            "db": "NVD",
            "id": "CVE-2017-13077"
          }
        ]
      },
      "description": {
        "_id": null,
        "data": "Wi-Fi Protected Access (WPA and WPA2) allows reinstallation of the Pairwise Transient Key (PTK) Temporal Key (TK) during the four-way handshake, allowing an attacker within radio range to replay, decrypt, or spoof frames. An attacker within range of an affected AP and client may leverage these vulnerabilities to conduct attacks that are dependent on the data confidentiality protocols being used. Attacks may include arbitrary packet decryption and injection, TCP connection hijacking, HTTP content injection, or the replay of unicast and group-addressed frames. These vulnerabilities are referred to as Key Reinstallation Attacks or \"KRACK\" attacks. WPA (Wi-Fi Protected Access) is a system that protects wireless computer networks (Wi-Fi). The WPA2 wireless network has a PTK-TK key reload vulnerability in the fourth handshake. WPA2  is prone to multiple security weaknesses. \nExploiting these issues may allow an unauthorized user to intercept and manipulate data or disclose sensitive information. -----BEGIN PGP SIGNED MESSAGE-----\nHash: SHA1\n\n=====================================================================\n                   Red Hat Security Advisory\n\nSynopsis:          Important: wpa_supplicant security update\nAdvisory ID:       RHSA-2017:2907-01\nProduct:           Red Hat Enterprise Linux\nAdvisory URL:      https://access.redhat.com/errata/RHSA-2017:2907\nIssue date:        2017-10-17\nCVE Names:         CVE-2017-13077 CVE-2017-13078 CVE-2017-13080 \n                   CVE-2017-13082 CVE-2017-13086 CVE-2017-13087 \n                   CVE-2017-13088 \n=====================================================================\n\n1. Summary:\n\nAn update for wpa_supplicant is now available for Red Hat Enterprise Linux\n7. \n\nRed Hat Product Security has rated this update as having a security impact\nof Important. A Common Vulnerability Scoring System (CVSS) base score,\nwhich gives a detailed severity rating, is available for each vulnerability\nfrom the CVE link(s) in the References section. Relevant releases/architectures:\n\nRed Hat Enterprise Linux Client (v. 7) - x86_64\nRed Hat Enterprise Linux ComputeNode (v. 7) - x86_64\nRed Hat Enterprise Linux Server (v. 7) - aarch64, ppc64, ppc64le, s390x, x86_64\nRed Hat Enterprise Linux Workstation (v. 7) - x86_64\n\n3. Description:\n\nThe wpa_supplicant packages contain an 802.1X Supplicant with support for\nWEP, WPA, WPA2 (IEEE 802.11i / RSN), and various EAP authentication\nmethods. They implement key negotiation with a WPA Authenticator for client\nstations and controls the roaming and IEEE 802.11 authentication and\nassociation of the WLAN driver. A remote attacker within Wi-Fi range\ncould exploit these attacks to decrypt Wi-Fi traffic or possibly inject\nforged Wi-Fi packets by manipulating cryptographic handshakes used by the\nWPA2 protocol. (CVE-2017-13077, CVE-2017-13078, CVE-2017-13080,\nCVE-2017-13082, CVE-2017-13086, CVE-2017-13087, CVE-2017-13088)\n\nRed Hat would like to thank CERT for reporting these issues. Upstream\nacknowledges Mathy Vanhoef (University of Leuven) as the original reporter\nof these issues. Solution:\n\nFor details on how to apply this update, which includes the changes\ndescribed in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\n5. Bugs fixed (https://bugzilla.redhat.com/):\n\n1491692 - CVE-2017-13077 wpa_supplicant: Reinstallation of the pairwise key in the 4-way handshake\n1491693 - CVE-2017-13078 wpa_supplicant: Reinstallation of the group key in the 4-way handshake\n1491696 - CVE-2017-13080 wpa_supplicant: Reinstallation of the group key in the group key handshake\n1491698 - CVE-2017-13082 wpa_supplicant: Accepting a retransmitted FT Reassociation Request and reinstalling the pairwise key while processing it\n1500302 - CVE-2017-13086 wpa_supplicant: reinstallation of the Tunneled Direct-Link Setup (TDLS) PeerKey (TPK) key in the TDLS handshake\n1500303 - CVE-2017-13087 wpa_supplicant: reinstallation of the group key (GTK) when processing a Wireless Network Management (WNM) Sleep Mode Response frame\n1500304 - CVE-2017-13088 wpa_supplicant: reinstallation of the integrity group key (IGTK) when processing a Wireless Network Management (WNM) Sleep Mode Response frame\n\n6. Package List:\n\nRed Hat Enterprise Linux Client (v. 7):\n\nSource:\nwpa_supplicant-2.6-5.el7_4.1.src.rpm\n\nx86_64:\nwpa_supplicant-2.6-5.el7_4.1.x86_64.rpm\nwpa_supplicant-debuginfo-2.6-5.el7_4.1.x86_64.rpm\n\nRed Hat Enterprise Linux ComputeNode (v. 7):\n\nSource:\nwpa_supplicant-2.6-5.el7_4.1.src.rpm\n\nx86_64:\nwpa_supplicant-2.6-5.el7_4.1.x86_64.rpm\nwpa_supplicant-debuginfo-2.6-5.el7_4.1.x86_64.rpm\n\nRed Hat Enterprise Linux Server (v. 7):\n\nSource:\nwpa_supplicant-2.6-5.el7_4.1.src.rpm\n\naarch64:\nwpa_supplicant-2.6-5.el7_4.1.aarch64.rpm\nwpa_supplicant-debuginfo-2.6-5.el7_4.1.aarch64.rpm\n\nppc64:\nwpa_supplicant-2.6-5.el7_4.1.ppc64.rpm\nwpa_supplicant-debuginfo-2.6-5.el7_4.1.ppc64.rpm\n\nppc64le:\nwpa_supplicant-2.6-5.el7_4.1.ppc64le.rpm\nwpa_supplicant-debuginfo-2.6-5.el7_4.1.ppc64le.rpm\n\ns390x:\nwpa_supplicant-2.6-5.el7_4.1.s390x.rpm\nwpa_supplicant-debuginfo-2.6-5.el7_4.1.s390x.rpm\n\nx86_64:\nwpa_supplicant-2.6-5.el7_4.1.x86_64.rpm\nwpa_supplicant-debuginfo-2.6-5.el7_4.1.x86_64.rpm\n\nRed Hat Enterprise Linux Workstation (v. 7):\n\nSource:\nwpa_supplicant-2.6-5.el7_4.1.src.rpm\n\nx86_64:\nwpa_supplicant-2.6-5.el7_4.1.x86_64.rpm\nwpa_supplicant-debuginfo-2.6-5.el7_4.1.x86_64.rpm\n\nThese packages are GPG signed by Red Hat for security.  Our key and\ndetails on how to verify the signature are available from\nhttps://access.redhat.com/security/team/key/\n\n7. References:\n\nhttps://access.redhat.com/security/cve/CVE-2017-13077\nhttps://access.redhat.com/security/cve/CVE-2017-13078\nhttps://access.redhat.com/security/cve/CVE-2017-13080\nhttps://access.redhat.com/security/cve/CVE-2017-13082\nhttps://access.redhat.com/security/cve/CVE-2017-13086\nhttps://access.redhat.com/security/cve/CVE-2017-13087\nhttps://access.redhat.com/security/cve/CVE-2017-13088\nhttps://access.redhat.com/security/updates/classification/#important\nhttps://access.redhat.com/security/vulnerabilities/kracks\n\n8. Contact:\n\nThe Red Hat security contact is \u003csecalert@redhat.com\u003e. More contact\ndetails at https://access.redhat.com/security/team/contact/\n\nCopyright 2017 Red Hat, Inc. -----BEGIN PGP SIGNED MESSAGE-----\nHash: SHA512\n\nAPPLE-SA-2017-12-12-2 AirPort Base Station Firmware Update 7.7.9\n\nAirPort Base Station Firmware Update 7.7.9 is now available and\naddresses the following:\n\nAirPort Base Station Firmware\nAvailable for: AirPort Extreme and AirPort Time Capsule base stations\nwith 802.11ac\nImpact: An attacker within range may be able to execute arbitrary\ncode on the Wi-Fi chip\nDescription: A memory corruption issue was addressed with improved\nmemory handling. \nCVE-2017-9417: Nitay Artenstein of Exodus Intelligence\n\nAirPort Base Station Firmware\nAvailable for: AirPort Extreme and AirPort Time Capsule base stations\nwith 802.11ac\nImpact: An attacker in Wi-Fi range may force nonce reuse in WPA\nunicast/PTK clients (Key Reinstallation Attacks - KRACK)\nDescription: A logic issue existed in the handling of state\ntransitions. This was addressed with improved state management. \nCVE-2017-13077: Mathy Vanhoef of the imec-DistriNet group at KU\nLeuven\nCVE-2017-13078: Mathy Vanhoef of the imec-DistriNet group at KU\nLeuven\n\nAirPort Base Station Firmware\nAvailable for: AirPort Extreme and AirPort Time Capsule base stations\nwith 802.11ac\nImpact: An attacker in Wi-Fi range may force nonce reuse in WPA\nmulticast/GTK clients (Key Reinstallation Attacks - KRACK)\nDescription: A logic issue existed in the handling of state\ntransitions. This was addressed with improved state management. \nCVE-2017-13080: Mathy Vanhoef of the imec-DistriNet group at KU\nLeuven\n\nInstallation note:\n\nFirmware version 7.7.9 is installed on AirPort Extreme or\nAirPort Time Capsule base stations with 802.11ac using\nAirPort Utility for Mac or iOS. \n\nAirPort Utility for Mac is a free download from\nhttps://support.apple.com/downloads/ and AirPort Utility for iOS\nis a free download from the App Store. \nCVE-2017-13080: Mathy Vanhoef of the imec-DistriNet group at\nKU Leuven\n\nInstallation note:\n\nWi-Fi Update for Boot Camp 6.4.0 may be obtained from Apple Software\nUpdate for Windows. Those vulnerabilities applies to both the access point\n(implemented in hostapd) and the station (implemented in wpa_supplicant). \n\nAn attacker exploiting the vulnerabilities could force the vulnerable system to\nreuse cryptographic session keys, enabling a range of cryptographic attacks\nagainst the ciphers used in WPA1 and WPA2. \n\nFor the stable distribution (stretch), these problems have been fixed in\nversion 2:2.4-1+deb9u1. \n\nFor the testing distribution (buster), these problems have been fixed\nin version 2:2.4-1.1. \n\nFor the unstable distribution (sid), these problems have been fixed in\nversion 2:2.4-1.1. \n\nWe recommend that you upgrade your wpa packages. ==========================================================================\nUbuntu Security Notice USN-3455-1\nOctober 16, 2017\n\nwpa vulnerabilities\n==========================================================================\n\nA security issue affects these releases of Ubuntu and its derivatives:\n\n- Ubuntu 17.04\n- Ubuntu 16.04 LTS\n- Ubuntu 14.04 LTS\n\nSummary:\n\nSeveral security issues were fixed in wpa_supplicant. \n\nSoftware Description:\n- wpa: client support for WPA and WPA2\n\nDetails:\n\nMathy Vanhoef discovered that wpa_supplicant and hostapd incorrectly\nhandled WPA2. (CVE-2017-13077,\nCVE-2017-13078, CVE-2017-13079, CVE-2017-13080, CVE-2017-13081,\nCVE-2017-13082, CVE-2017-13086, CVE-2017-13087, CVE-2017-13088)\n\nImre Rad discovered that wpa_supplicant and hostapd incorrectly handled\ninvalid characters in passphrase parameters. A remote attacker could use\nthis issue to cause a denial of service. (CVE-2016-4476)\n\nImre Rad discovered that wpa_supplicant and hostapd incorrectly handled\ninvalid characters in passphrase parameters. A local attacker could use\nthis issue to cause a denial of service, or possibly execute arbitrary\ncode. (CVE-2016-4477)\n\nUpdate instructions:\n\nThe problem can be corrected by updating your system to the following\npackage versions:\n\nUbuntu 17.04:\n  hostapd                         2.4-0ubuntu9.1\n  wpasupplicant                   2.4-0ubuntu9.1\n\nUbuntu 16.04 LTS:\n  hostapd                         2.4-0ubuntu6.2\n  wpasupplicant                   2.4-0ubuntu6.2\n\nUbuntu 14.04 LTS:\n  hostapd                         2.1-0ubuntu1.5\n  wpasupplicant                   2.1-0ubuntu1.5\n\nAfter a standard system update you need to reboot your computer to make\nall the necessary changes. - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\nGentoo Linux Security Advisory                           GLSA 201711-03\n- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\n                                           https://security.gentoo.org/\n- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\n\n Severity: Normal\n    Title: hostapd and wpa_supplicant: Key Reinstallation (KRACK)\n           attacks\n     Date: November 10, 2017\n     Bugs: #634436, #634438\n       ID: 201711-03\n\n- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\n\nSynopsis\n========\n\nA flaw was discovered in the 4-way handshake in hostapd and\nwpa_supplicant that allows attackers to conduct a Man in the Middle\nattack. \n\nAffected packages\n=================\n\n    -------------------------------------------------------------------\n     Package              /     Vulnerable     /            Unaffected\n    -------------------------------------------------------------------\n  1  net-wireless/hostapd         \u003c 2.6-r1                  \u003e= 2.6-r1 \n  2  net-wireless/wpa_supplicant\n                                  \u003c 2.6-r3                  \u003e= 2.6-r3 \n    -------------------------------------------------------------------\n     2 affected packages\n\nDescription\n===========\n\nWiFi Protected Access (WPA and WPA2) and it\u0027s associated technologies\nare all vulnerable to the KRACK attacks. Please review the referenced\nCVE identifiers for details. \n\nImpact\n======\n\nAn attacker can carry out the KRACK attacks on a wireless network in\norder to gain access to network clients. Once achieved, the attacker\ncan potentially harvest confidential information (e.g. HTTP/HTTPS),\ninject malware, or perform a myriad of other attacks. \n\nWorkaround\n==========\n\nThere is no known workaround at this time. \n\nResolution\n==========\n\nAll hostapd users should upgrade to the latest version:\n\n  # emerge --sync\n  # emerge --ask --oneshot --verbose \"\u003e=net-wireless/hostapd-2.6-r1\"\n\nAll wpa_supplicant users should upgrade to the latest version:\n\n  # emerge --sync\n  # emerge --ask --oneshot -v \"\u003e=net-wireless/wpa_supplicant-2.6-r3\"\n\nReferences\n==========\n\n[  1 ] CVE-2017-13077\n       https://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-13077\n[  2 ] CVE-2017-13078\n       https://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-13078\n[  3 ] CVE-2017-13079\n       https://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-13079\n[  4 ] CVE-2017-13080\n. -----BEGIN PGP SIGNED MESSAGE-----\nHash: SHA512\n\n=============================================================================\nFreeBSD-SA-17:07.wpa                                        Security Advisory\n                                                          The FreeBSD Project\n\nTopic:          WPA2 protocol vulnerability\n\nCategory:       contrib\nModule:         wpa\nAnnounced:      2017-10-16\nCredits:        Mathy Vanhoef\nAffects:        All supported versions of FreeBSD. \nCorrected:      2017-10-17 17:30:18 UTC (stable/11, 11.1-STABLE)\n                2017-10-17 17:57:18 UTC (releng/11.1, 11.1-RELEASE-p2)\n                2017-10-17 17:56:03 UTC (releng/11.0, 11.0-RELEASE-p13)\n                2017-10-19 03:18:22 UTC (stable/10, 10.4-STABLE)\n                2017-10-19 03:20:17 UTC (releng/10.4, 10.4-RELEASE-p1)\n                2017-10-19 03:19:42 UTC (releng/10.3, 10.3-RELEASE-p22)\nCVE Name:       CVE-2017-13077, CVE-2017-13078, CVE-2017-13079,\n                CVE-2017-13080, CVE-2017-13081, CVE-2017-13082,\n                CVE-2017-13086, CVE-2017-13087, CVE-2017-13088\n\nFor general information regarding FreeBSD Security Advisories,\nincluding descriptions of the fields above, security branches, and the\nfollowing sections, please visit \u003cURL:https://security.FreeBSD.org/\u003e. \n\n0.   Revision history\n\nv1.0  2017-10-17 Initial release. \nv1.1  2017-10-19 Add patches for 10.x releases. \n\nI. \n\nhostapd and wpa_supplicant are implementations of user space daemon for\naccess points and wireless client that implements the WPA2 protocol. \n\nII.  Problem Description\n\nA vulnerability was found in how a number of implementations can be\ntriggered to reconfigure WPA/WPA2/RSN keys (TK, GTK, or IGTK) by\nreplaying a specific frame that is used to manage the keys. \n\nIII. Impact\n\nSuch reinstallation of the encryption key can result in two different\ntypes of vulnerabilities: disabling replay protection and significantly\nreducing the security of encryption to the point of allowing frames to\nbe decrypted or some parts of the keys to be determined by an attacker\ndepending on which cipher is used. \n\nIV.  Workaround\n\nAn updated version of wpa_supplicant is available in the FreeBSD Ports\nCollection. Install version 2.6_2 or later of the\nsecurity/wpa_supplicant port/pkg. Once installed, update /etc/rc.conf\nto use the new binary:\n\nwpa_supplicant_program=\"/usr/local/sbin/wpa_supplicant\"\n\nand restart networking. \n\nAn updated version of hostapd is available in the FreeBSD Ports\nCollection. Install version 2.6_1 or later of the net/hostapd port/pkg. \nOnce installed, update /etc/rc.conf to use the new binary:\n\nhostapd_program=\"/usr/local/sbin/hostapd\"\n\nand restart hostapd. \n\nV.   Solution\n\nPerform one of the following:\n\n1) Upgrade your vulnerable system to a supported FreeBSD stable or\nrelease / security branch (releng) dated after the correction date. \n\nRestart the Wi-Fi network interfaces/hostapd or reboot the system. \n\n2) To update your vulnerable system via a binary patch:\n\nSystems running a RELEASE version of FreeBSD on the i386 or amd64\nplatforms can be updated via the freebsd-update(8) utility:\n\n# freebsd-update fetch\n# freebsd-update install\n\nRestart the Wi-Fi network interfaces/hostapd or reboot the system. \n\n3) To update your vulnerable system via a source code patch:\n\nThe following patches have been verified to apply to the applicable\nFreeBSD release branches. \n\na) Download the relevant patch from the location below, and verify the\ndetached PGP signature using your PGP utility. \n\n[FreeBSD 11.0-RELEASE, 11.1-RELEASE, and 11-STABLE]\n# fetch https://security.FreeBSD.org/patches/SA-17:07/wpa-11.patch\n# fetch https://security.FreeBSD.org/patches/SA-17:07/wpa-11.patch.asc\n# gpg --verify wpa-11.patch.asc\n\n[FreeBSD 10.3-RELEASE, 10.4-RELEASE, and 10-STABLE]\n# fetch https://security.FreeBSD.org/patches/SA-17:07/wpa-10.patch\n# fetch https://security.FreeBSD.org/patches/SA-17:07/wpa-10.patch.asc\n# gpg --verify wpa-10.patch.asc\n\nb) Apply the patch.  Execute the following commands as root:\n\n# cd /usr/src\n# patch \u003c /path/to/patch\n\nc) Recompile the operating system using buildworld and installworld as\ndescribed in \u003cURL:https://www.FreeBSD.org/handbook/makeworld.html\u003e. \n\nRestart the applicable daemons, or reboot the system. \n\nVI.  Correction details\n\nThe following list contains the correction revision numbers for each\naffected branch. \n\nBranch/path                                                      Revision\n- -------------------------------------------------------------------------\nstable/11/                                                        r324697\nreleng/11.0/                                                      r324698\nreleng/11.1/                                                      r324699\nstable/10/                                                        r324739\nreleng/10.3/                                                      r324740\nreleng/10.4/                                                      r324741\n- -------------------------------------------------------------------------\n\nTo see which files were modified by a particular revision, run the\nfollowing command, replacing NNNNNN with the revision number, on a\nmachine with Subversion installed:\n\n# svn diff -cNNNNNN --summarize svn://svn.freebsd.org/base\n\nOr visit the following URL, replacing NNNNNN with the revision number:\n\n\u003cURL:https://svnweb.freebsd.org/base?view=revision\u0026revision=NNNNNN\u003e\n\nVII. References\n\n\u003cURL:https://w1.fi/security/2017-1/wpa-packet-number-reuse-with-replayed-messages.txt\u003e\n\u003cURL:https://www.krackattacks.com/\u003e\n\nThe latest revision of this advisory is available at\n\u003cURL:https://security.FreeBSD.org/advisories/FreeBSD-SA-17:07.wpa.asc\u003e\n-----BEGIN PGP SIGNATURE-----\n\niQKTBAEBCgB9FiEEHPf/b631yp++G4yy7Wfs1l3PaucFAlnoGpNfFIAAAAAALgAo\naXNzdWVyLWZwckBub3RhdGlvbnMub3BlbnBncC5maWZ0aGhvcnNlbWFuLm5ldDFD\nRjdGRjZGQURGNUNBOUZCRTFCOENCMkVENjdFQ0Q2NURDRjZBRTcACgkQ7Wfs1l3P\nauc7WBAAm27w+fujv5sJsRxauUMopTVtRh5utwbDuoHTP+L+RCWmQfVBmueNQ0gf\nuJzMNxBIkbtY9LvyukpRsH3iD7mh26c0pd9rxxkkr4F96C9B5+W0amxJF1gdm54/\nF/50FpY+lo7cNs5tiBjypPrg8UOBBI/1G4XR7130XC0HjaTwt1ngZ0oQUWUMSsIp\ngN5ZfPul81WPWd1NqF+vyObcJhwq/Y1uoexoO27o7GQCFZoL3enZy8c4f1xqMlVM\n4HHkTgNGac6E0aW+ArH4J0DFFAOJXPqF8rdt+9XINfoBbtliIyOixJ4oh1n6eAR0\nVpBWZKFNyXSlUKIvDGa+LDhxgL1jJXV0ABSyKlUOijdmr3bbbiQE9MW/MNv2AFTd\nOAFQ0QQtm9KCWp5JLh+FPIb/kR2l7MOUP+yz4zFcJpdGtl9tDLyPN8vRTq60bY8O\ny7tBcf/SMqkd/AIFdchL4zrOguKnRARydIlwTarp8wtAQI3MKSsa1B0wgsDtlL6K\nxfdjnwWMKvKKlNOW16e1WXXO0n/ucHV4njBE+bGPro3jLgXP2/WFZpIGAR3I4xrr\nSdD4AxSNiR9f3bL7LRfMIbugJAylWNSlTLWUOVUv0/ONh85LqbcCj13NI230B64K\nETx2QOZgKnCs2oDNiw4aQHb7kvi2w94Iw/R1sAPkkxYJWO3reyE=\n=h/5q\n-----END PGP SIGNATURE-----\n. \n\n\nHere are the details from the Slackware 14.2 ChangeLog:\n+--------------------------+\npatches/packages/wpa_supplicant-2.6-i586-1_slack14.2.txz:  Upgraded. \n  This update includes patches to mitigate the WPA2 protocol issues known\n  as \"KRACK\" (Key Reinstallation AttaCK), which may be used to decrypt data,\n  hijack TCP connections, and to forge and inject packets. \n  CVE-2017-13082: Accepting a retransmitted Fast BSS Transition (FT)\n    Reassociation Request and reinstalling the pairwise encryption key (PTK-TK)\n    while processing it. \n  For more information, see:\n    https://www.krackattacks.com/\n    https://w1.fi/security/2017-1/wpa-packet-number-reuse-with-replayed-messages.txt\n    https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-13077\n    https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-13078\n    https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-13079\n    https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-13080\n    https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-13081\n    https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-13082\n    https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-13084\n    https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-13086\n    https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-13087\n    https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-13088\n  (* Security fix *)\n+--------------------------+\n\n\nWhere to find the new packages:\n+-----------------------------+\n\nThanks to the friendly folks at the OSU Open Source Lab\n(http://osuosl.org) for donating FTP and rsync hosting\nto the Slackware project!  :-)\n\nAlso see the \"Get Slack\" section on http://slackware.com for\nadditional mirror sites near you. \n\nUpdated package for Slackware 14.0:\nftp://ftp.slackware.com/pub/slackware/slackware-14.0/patches/packages/wpa_supplicant-2.6-i486-1_slack14.0.txz\n\nUpdated package for Slackware x86_64 14.0:\nftp://ftp.slackware.com/pub/slackware/slackware64-14.0/patches/packages/wpa_supplicant-2.6-x86_64-1_slack14.0.txz\n\nUpdated package for Slackware 14.1:\nftp://ftp.slackware.com/pub/slackware/slackware-14.1/patches/packages/wpa_supplicant-2.6-i486-1_slack14.1.txz\n\nUpdated package for Slackware x86_64 14.1:\nftp://ftp.slackware.com/pub/slackware/slackware64-14.1/patches/packages/wpa_supplicant-2.6-x86_64-1_slack14.1.txz\n\nUpdated package for Slackware 14.2:\nftp://ftp.slackware.com/pub/slackware/slackware-14.2/patches/packages/wpa_supplicant-2.6-i586-1_slack14.2.txz\n\nUpdated package for Slackware x86_64 14.2:\nftp://ftp.slackware.com/pub/slackware/slackware64-14.2/patches/packages/wpa_supplicant-2.6-x86_64-1_slack14.2.txz\n\nUpdated package for Slackware -current:\nftp://ftp.slackware.com/pub/slackware/slackware-current/slackware/n/wpa_supplicant-2.6-i586-2.txz\n\nUpdated package for Slackware x86_64 -current:\nftp://ftp.slackware.com/pub/slackware/slackware64-current/slackware64/n/wpa_supplicant-2.6-x86_64-2.txz\n\n\nMD5 signatures:\n+-------------+\n\nSlackware 14.0 package:\nd8ecfaadb50b3547967ab53733ffc019  wpa_supplicant-2.6-i486-1_slack14.0.txz\n\nSlackware x86_64 14.0 package:\nf25216d28800504ce498705da7c9a825  wpa_supplicant-2.6-x86_64-1_slack14.0.txz\n\nSlackware 14.1 package:\n15c61050e4bab2581757befd86be74c0  wpa_supplicant-2.6-i486-1_slack14.1.txz\n\nSlackware x86_64 14.1 package:\n49fd537a520338744f7757615556d352  wpa_supplicant-2.6-x86_64-1_slack14.1.txz\n\nSlackware 14.2 package:\nc5539f40c8510af89be92945f0f80185  wpa_supplicant-2.6-i586-1_slack14.2.txz\n\nSlackware x86_64 14.2 package:\n4c527ff84fcdfd7839f217bbce2e4ae4  wpa_supplicant-2.6-x86_64-1_slack14.2.txz\n\nSlackware -current package:\n28bd88a54e96368f7a7020c1f5fb67fe  n/wpa_supplicant-2.6-i586-2.txz\n\nSlackware x86_64 -current package:\n464fc6b48d1ac077f47e9a3a8534c160  n/wpa_supplicant-2.6-x86_64-2.txz\n\n\nInstallation instructions:\n+------------------------+\n\nUpgrade the package as root:\n# upgradepkg wpa_supplicant-2.6-i586-1_slack14.2.txz\n\n\n+-----+\n\nSlackware Linux Security Team\nhttp://slackware.com/gpg-key\nsecurity@slackware.com\n\n+------------------------------------------------------------------------+\n| To leave the slackware-security mailing list:                          |\n+------------------------------------------------------------------------+\n| Send an email to majordomo@slackware.com with this text in the body of |\n| the email message:                                                     |\n|                                                                        |\n|   unsubscribe slackware-security                                       |\n|                                                                        |\n| You will get a confirmation message back containing instructions to    |\n| complete the process.  Please do not reply to this email address",
        "sources": [
          {
            "db": "NVD",
            "id": "CVE-2017-13077"
          },
          {
            "db": "CERT/CC",
            "id": "VU#228519"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2017-008412"
          },
          {
            "db": "CNVD",
            "id": "CNVD-2017-30406"
          },
          {
            "db": "BID",
            "id": "101274"
          },
          {
            "db": "IVD",
            "id": "69402209-7265-4991-8217-51ff9b4857be"
          },
          {
            "db": "VULMON",
            "id": "CVE-2017-13077"
          },
          {
            "db": "PACKETSTORM",
            "id": "144652"
          },
          {
            "db": "PACKETSTORM",
            "id": "145394"
          },
          {
            "db": "PACKETSTORM",
            "id": "145395"
          },
          {
            "db": "PACKETSTORM",
            "id": "148445"
          },
          {
            "db": "PACKETSTORM",
            "id": "144630"
          },
          {
            "db": "PACKETSTORM",
            "id": "144632"
          },
          {
            "db": "PACKETSTORM",
            "id": "144944"
          },
          {
            "db": "PACKETSTORM",
            "id": "144669"
          },
          {
            "db": "PACKETSTORM",
            "id": "144663"
          }
        ],
        "trust": 4.23
      },
      "external_ids": {
        "_id": null,
        "data": [
          {
            "db": "NVD",
            "id": "CVE-2017-13077",
            "trust": 4.5
          },
          {
            "db": "CERT/CC",
            "id": "VU#228519",
            "trust": 4.2
          },
          {
            "db": "BID",
            "id": "101274",
            "trust": 2.6
          },
          {
            "db": "LENOVO",
            "id": "LEN-17420",
            "trust": 2.5
          },
          {
            "db": "SECTRACK",
            "id": "1039577",
            "trust": 1.7
          },
          {
            "db": "SECTRACK",
            "id": "1039576",
            "trust": 1.7
          },
          {
            "db": "SECTRACK",
            "id": "1039581",
            "trust": 1.7
          },
          {
            "db": "SECTRACK",
            "id": "1039578",
            "trust": 1.7
          },
          {
            "db": "SECTRACK",
            "id": "1039585",
            "trust": 1.7
          },
          {
            "db": "SECTRACK",
            "id": "1039573",
            "trust": 1.7
          },
          {
            "db": "SECTRACK",
            "id": "1041432",
            "trust": 1.7
          },
          {
            "db": "CERT@VDE",
            "id": "VDE-2017-003",
            "trust": 1.7
          },
          {
            "db": "CERT@VDE",
            "id": "VDE-2017-005",
            "trust": 1.7
          },
          {
            "db": "SIEMENS",
            "id": "SSA-901333",
            "trust": 1.7
          },
          {
            "db": "ICS CERT",
            "id": "ICSMA-18-114-01",
            "trust": 1.2
          },
          {
            "db": "ICS CERT",
            "id": "ICSMA-19-029-01",
            "trust": 1.1
          },
          {
            "db": "ICS CERT",
            "id": "ICSA-17-353-02",
            "trust": 1.1
          },
          {
            "db": "ICS CERT",
            "id": "ICSA-17-318-01",
            "trust": 1.1
          },
          {
            "db": "ICS CERT",
            "id": "ICSA-17-325-01",
            "trust": 1.1
          },
          {
            "db": "CNVD",
            "id": "CNVD-2017-30406",
            "trust": 0.8
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201710-380",
            "trust": 0.8
          },
          {
            "db": "JUNIPER",
            "id": "JSA10827",
            "trust": 0.8
          },
          {
            "db": "DLINK",
            "id": "SAP10075",
            "trust": 0.8
          },
          {
            "db": "ICS CERT",
            "id": "ICSA-17-318-02A",
            "trust": 0.8
          },
          {
            "db": "JVN",
            "id": "JVNVU94846424",
            "trust": 0.8
          },
          {
            "db": "JVN",
            "id": "JVNVU90609033",
            "trust": 0.8
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2017-008412",
            "trust": 0.8
          },
          {
            "db": "AUSCERT",
            "id": "ESB-2020.4125",
            "trust": 0.6
          },
          {
            "db": "ICS CERT",
            "id": "ICSA-17-299-02",
            "trust": 0.3
          },
          {
            "db": "ICS CERT",
            "id": "ICSA-17-318-02",
            "trust": 0.3
          },
          {
            "db": "IVD",
            "id": "69402209-7265-4991-8217-51FF9B4857BE",
            "trust": 0.2
          },
          {
            "db": "VULMON",
            "id": "CVE-2017-13077",
            "trust": 0.1
          },
          {
            "db": "PACKETSTORM",
            "id": "144652",
            "trust": 0.1
          },
          {
            "db": "PACKETSTORM",
            "id": "145394",
            "trust": 0.1
          },
          {
            "db": "PACKETSTORM",
            "id": "145395",
            "trust": 0.1
          },
          {
            "db": "PACKETSTORM",
            "id": "148445",
            "trust": 0.1
          },
          {
            "db": "PACKETSTORM",
            "id": "144630",
            "trust": 0.1
          },
          {
            "db": "PACKETSTORM",
            "id": "144632",
            "trust": 0.1
          },
          {
            "db": "PACKETSTORM",
            "id": "144944",
            "trust": 0.1
          },
          {
            "db": "PACKETSTORM",
            "id": "144669",
            "trust": 0.1
          },
          {
            "db": "PACKETSTORM",
            "id": "144663",
            "trust": 0.1
          }
        ],
        "sources": [
          {
            "db": "IVD",
            "id": "69402209-7265-4991-8217-51ff9b4857be"
          },
          {
            "db": "CERT/CC",
            "id": "VU#228519"
          },
          {
            "db": "CNVD",
            "id": "CNVD-2017-30406"
          },
          {
            "db": "VULMON",
            "id": "CVE-2017-13077"
          },
          {
            "db": "BID",
            "id": "101274"
          },
          {
            "db": "PACKETSTORM",
            "id": "144652"
          },
          {
            "db": "PACKETSTORM",
            "id": "145394"
          },
          {
            "db": "PACKETSTORM",
            "id": "145395"
          },
          {
            "db": "PACKETSTORM",
            "id": "148445"
          },
          {
            "db": "PACKETSTORM",
            "id": "144630"
          },
          {
            "db": "PACKETSTORM",
            "id": "144632"
          },
          {
            "db": "PACKETSTORM",
            "id": "144944"
          },
          {
            "db": "PACKETSTORM",
            "id": "144669"
          },
          {
            "db": "PACKETSTORM",
            "id": "144663"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201710-380"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2017-008412"
          },
          {
            "db": "NVD",
            "id": "CVE-2017-13077"
          }
        ]
      },
      "id": "VAR-201710-0206",
      "iot": {
        "_id": null,
        "data": true,
        "sources": [
          {
            "db": "IVD",
            "id": "69402209-7265-4991-8217-51ff9b4857be"
          },
          {
            "db": "CNVD",
            "id": "CNVD-2017-30406"
          }
        ],
        "trust": 1.4306096569230768
      },
      "iot_taxonomy": {
        "_id": null,
        "data": [
          {
            "category": [
              "ICS"
            ],
            "sub_category": null,
            "trust": 0.8
          }
        ],
        "sources": [
          {
            "db": "IVD",
            "id": "69402209-7265-4991-8217-51ff9b4857be"
          },
          {
            "db": "CNVD",
            "id": "CNVD-2017-30406"
          }
        ]
      },
      "last_update_date": "2026-04-10T22:39:00.479000Z",
      "patch": {
        "_id": null,
        "data": [
          {
            "title": "ARUBA-PSA-2017-007",
            "trust": 0.8,
            "url": "http://www.arubanetworks.com/assets/alert/ARUBA-PSA-2017-007.txt"
          },
          {
            "title": "DSA-3999",
            "trust": 0.8,
            "url": "https://www.debian.org/security/2017/dsa-3999"
          },
          {
            "title": "FreeBSD-SA-17:07.wpa",
            "trust": 0.8,
            "url": "https://www.freebsd.org/security/advisories/FreeBSD-SA-17:07.wpa.asc"
          },
          {
            "title": "LEN-17420",
            "trust": 0.8,
            "url": "https://support.lenovo.com/jp/en/product_security/len-17420"
          },
          {
            "title": "NV17-024",
            "trust": 0.8,
            "url": "http://jpn.nec.com/security-info/secinfo/nv17-024.html"
          },
          {
            "title": "KRACKs - wpa_supplicant Multiple Vulnerabilities",
            "trust": 0.8,
            "url": "https://access.redhat.com/security/vulnerabilities/kracks"
          },
          {
            "title": "RHSA-2017:2907",
            "trust": 0.8,
            "url": "https://access.redhat.com/errata/RHSA-2017:2907"
          },
          {
            "title": "RHSA-2017:2911",
            "trust": 0.8,
            "url": "https://access.redhat.com/errata/RHSA-2017:2911"
          },
          {
            "title": "USN-3455-1",
            "trust": 0.8,
            "url": "https://usn.ubuntu.com/usn/USN-3455-1/"
          },
          {
            "title": "WPA packet number reuse with replayed messages and key reinstallation",
            "trust": 0.8,
            "url": "https://w1.fi/security/2017-1/wpa-packet-number-reuse-with-replayed-messages.txt"
          },
          {
            "title": "Wi-Fi\u306e\u8a8d\u8a3c\uff0f\u6697\u53f7\u5316\u6280\u8853WPA2\u304a\u3088\u3073WPA\u306e\u8907\u6570\u306e\u8106\u5f31\u6027\u306b\u3064\u3044\u3066",
            "trust": 0.8,
            "url": "http://www.fujitsu.com/jp/products/network/support/2017/srm-01/index.html"
          },
          {
            "title": "WPA2\u306e\u8106\u5f31\u6027\u306b\u95a2\u3059\u308b\u5f0a\u793e\u8abf\u67fb\u30fb\u5bfe\u5fdc\u72b6\u6cc1\u306b\u3064\u3044\u3066",
            "trust": 0.8,
            "url": "http://www.iodata.jp/support/information/2017/wpa2/"
          },
          {
            "title": "\u7121\u7ddaLAN \u8a8d\u8a3c\uff0f\u6697\u53f7\u5316\u6280\u8853WPA2\u304a\u3088\u3073WPA\u306b\u95a2\u3059\u308b\u8106\u5f31\u6027\u306e\u304a\u77e5\u3089\u305b",
            "trust": 0.8,
            "url": "http://www.fmworld.net/biz/common/info/20171110/"
          },
          {
            "title": "Patch for WPA2 Wireless Network PTK-TK Encryption Key Reload Vulnerability",
            "trust": 0.6,
            "url": "https://www.cnvd.org.cn/patchInfo/show/103818"
          },
          {
            "title": "Multiple WiFi product WPA2 Security vulnerabilities",
            "trust": 0.6,
            "url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=75494"
          },
          {
            "title": "Red Hat: Important: wpa_supplicant security update",
            "trust": 0.1,
            "url": "https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories\u0026qid=RHSA-20172911 - Security Advisory"
          },
          {
            "title": "Red Hat: Important: wpa_supplicant security update",
            "trust": 0.1,
            "url": "https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories\u0026qid=RHSA-20172907 - Security Advisory"
          },
          {
            "title": "Red Hat: CVE-2017-13077",
            "trust": 0.1,
            "url": "https://vulmon.com/vendoradvisory?qidtp=red_hat_cve_database\u0026qid=CVE-2017-13077"
          },
          {
            "title": "Arch Linux Issues: ",
            "trust": 0.1,
            "url": "https://vulmon.com/vendoradvisory?qidtp=arch_linux_issues\u0026qid=CVE-2017-13077"
          },
          {
            "title": "Apple: Wi-Fi Update for Boot Camp 6.4.0",
            "trust": 0.1,
            "url": "https://vulmon.com/vendoradvisory?qidtp=apple_security_advisories\u0026qid=4dc3bb86865485e4364fd6b2dc2fc379"
          },
          {
            "title": "Apple: AirPort Base Station Firmware Update 7.7.9",
            "trust": 0.1,
            "url": "https://vulmon.com/vendoradvisory?qidtp=apple_security_advisories\u0026qid=7ca8130f8030911575aa17c0e84114dd"
          },
          {
            "title": "Apple: watchOS 4.1",
            "trust": 0.1,
            "url": "https://vulmon.com/vendoradvisory?qidtp=apple_security_advisories\u0026qid=345c3fa8a313cd9a1ced5ef372c465c4"
          },
          {
            "title": "Apple: AirPort Base Station Firmware Update 7.6.9",
            "trust": 0.1,
            "url": "https://vulmon.com/vendoradvisory?qidtp=apple_security_advisories\u0026qid=43d8dcf7961e20b6ec02761d12969c19"
          },
          {
            "title": "Debian CVElist Bug Report Logs: firmware-brcm80211: BroadPwn vulnerability CVE-2017-9417",
            "trust": 0.1,
            "url": "https://vulmon.com/vendoradvisory?qidtp=debian_cvelist_bugreportlogs\u0026qid=2e0affd9108e95fa2aa2c706c74cd8a9"
          },
          {
            "title": "Ubuntu Security Notice: wpa vulnerabilities",
            "trust": 0.1,
            "url": "https://vulmon.com/vendoradvisory?qidtp=ubuntu_security_notice\u0026qid=USN-3455-1"
          },
          {
            "title": "Debian Security Advisories: DSA-3999-1 wpa -- security update",
            "trust": 0.1,
            "url": "https://vulmon.com/vendoradvisory?qidtp=debian_security_advisories\u0026qid=08990d9925276738bd732fa4d58f9ef0"
          },
          {
            "title": "Apple: tvOS 11.1",
            "trust": 0.1,
            "url": "https://vulmon.com/vendoradvisory?qidtp=apple_security_advisories\u0026qid=7a8e908aff7c02a31b2d335766e6d5c2"
          },
          {
            "title": "Apple: iOS 11.1",
            "trust": 0.1,
            "url": "https://vulmon.com/vendoradvisory?qidtp=apple_security_advisories\u0026qid=7814c280e80969d4c4d88f74b13290f2"
          },
          {
            "title": "Arch Linux Advisories: [ASA-201710-23] hostapd: man-in-the-middle",
            "trust": 0.1,
            "url": "https://vulmon.com/vendoradvisory?qidtp=arch_linux_advisories\u0026qid=ASA-201710-23"
          },
          {
            "title": "Arch Linux Advisories: [ASA-201710-22] wpa_supplicant: man-in-the-middle",
            "trust": 0.1,
            "url": "https://vulmon.com/vendoradvisory?qidtp=arch_linux_advisories\u0026qid=ASA-201710-22"
          },
          {
            "title": "HP: HPSBPI03574 rev. 1 - WPA, WPA2 Key Reinstallation Attacks (KRACK attacks) Potential Remote Disclosure of Information: Certain HP Enterprise Printer and MFP products, Certain HP PageWide Printer and MFP Products, HP Jetdirect Accessory Products",
            "trust": 0.1,
            "url": "https://vulmon.com/vendoradvisory?qidtp=hp_bulletin\u0026qid=HPSBPI03574"
          },
          {
            "title": "Siemens Security Advisories: Siemens Security Advisory",
            "trust": 0.1,
            "url": "https://vulmon.com/vendoradvisory?qidtp=siemens_security_advisories\u0026qid=6df91267eee9400a24a98876f50ffe84"
          },
          {
            "title": "Android Security Bulletins: Android Security Bulletin\u2014May 2018",
            "trust": 0.1,
            "url": "https://vulmon.com/vendoradvisory?qidtp=android_security_bulletins\u0026qid=170d2de05a0349ffa4f579ee79da1e9d"
          },
          {
            "title": "Android Security Bulletins: Android Security Bulletin\u2014November 2017",
            "trust": 0.1,
            "url": "https://vulmon.com/vendoradvisory?qidtp=android_security_bulletins\u0026qid=8c29eb008bb212762e5cfb25c7c5c0d5"
          },
          {
            "title": "Cisco: Multiple Vulnerabilities in Wi-Fi Protected Access and Wi-Fi Protected Access II",
            "trust": 0.1,
            "url": "https://vulmon.com/vendoradvisory?qidtp=cisco_security_advisories_and_alerts_ciscoproducts\u0026qid=cisco-sa-20171016-wpa"
          },
          {
            "title": "Android Security Bulletins: Android Security Bulletin\u2014July 2018",
            "trust": 0.1,
            "url": "https://vulmon.com/vendoradvisory?qidtp=android_security_bulletins\u0026qid=25584b3d319ca9e7cb2fae9ec5dbf5e0"
          },
          {
            "title": "Android Security Bulletins: Android Security Bulletin\u2014August 2018",
            "trust": 0.1,
            "url": "https://vulmon.com/vendoradvisory?qidtp=android_security_bulletins\u0026qid=746dc14fcd3f5e139648cfdc9d9039a9"
          },
          {
            "title": "Android Security Bulletins: Android Security Bulletin\u2014June 2018",
            "trust": 0.1,
            "url": "https://vulmon.com/vendoradvisory?qidtp=android_security_bulletins\u0026qid=cc496c56e2bf669809bfb568f59af8e1"
          },
          {
            "title": "HP: HPSBHF03571 rev. 6  -  Intel Management Engine Cumulative Security update and fix for WPA2 vulnerability",
            "trust": 0.1,
            "url": "https://vulmon.com/vendoradvisory?qidtp=hp_bulletin\u0026qid=HPSBHF03571"
          },
          {
            "title": "Oracle: Oracle Critical Patch Update Advisory - April 2018",
            "trust": 0.1,
            "url": "https://vulmon.com/vendoradvisory?qidtp=oracle_advisories\u0026qid=4019ca77f50c7a34e4d97833e6f3321e"
          },
          {
            "title": "Apple: macOS High Sierra 10.13.1, Security Update 2017-001 Sierra, and Security Update 2017-004 El Capitan",
            "trust": 0.1,
            "url": "https://vulmon.com/vendoradvisory?qidtp=apple_security_advisories\u0026qid=870f3f04ef17f7b183f74ae687a1561d"
          },
          {
            "title": "Android Security Bulletins: Android Security Bulletin\u2014April 2018",
            "trust": 0.1,
            "url": "https://vulmon.com/vendoradvisory?qidtp=android_security_bulletins\u0026qid=068d787c35ce8cea494780f9a47b5827"
          },
          {
            "title": "Oracle Linux Bulletins: Oracle Linux Bulletin - October 2017",
            "trust": 0.1,
            "url": "https://vulmon.com/vendoradvisory?qidtp=oracle_linux_bulletins\u0026qid=7251d5e5f2b1771951980ad7cfde50ba"
          },
          {
            "title": "Oracle: Oracle Critical Patch Update Advisory - January 2018",
            "trust": 0.1,
            "url": "https://vulmon.com/vendoradvisory?qidtp=oracle_advisories\u0026qid=e2a7f287e9acc8c64ab3df71130bc64d"
          },
          {
            "title": "vanhoefm-krackattacks-scripts",
            "trust": 0.1,
            "url": "https://github.com/84KaliPleXon3/vanhoefm-krackattacks-scripts "
          },
          {
            "title": "krankattack",
            "trust": 0.1,
            "url": "https://github.com/DevKosov/krankattack "
          },
          {
            "title": "krackattacks-scripts",
            "trust": 0.1,
            "url": "https://github.com/vanhoefm/krackattacks-scripts "
          },
          {
            "title": "KRACK",
            "trust": 0.1,
            "url": "https://github.com/chinatso/KRACK "
          },
          {
            "title": "krackinfo",
            "trust": 0.1,
            "url": "https://github.com/kristate/krackinfo "
          },
          {
            "title": "nixos-issue-db-example",
            "trust": 0.1,
            "url": "https://github.com/andir/nixos-issue-db-example "
          },
          {
            "title": "SamsungReleaseNotes",
            "trust": 0.1,
            "url": "https://github.com/samreleasenotes/SamsungReleaseNotes "
          },
          {
            "title": "welivesecurity",
            "trust": 0.1,
            "url": "https://www.welivesecurity.com/2019/10/17/alexa-how-amazon-echo-kindle-got-kracked/"
          },
          {
            "title": "BleepingComputer",
            "trust": 0.1,
            "url": "https://www.bleepingcomputer.com/news/security/millions-of-amazon-echo-and-kindle-devices-affected-by-wifi-bug/"
          },
          {
            "title": "The Register",
            "trust": 0.1,
            "url": "https://www.theregister.co.uk/2017/11/07/android_november_security_update/"
          },
          {
            "title": "The Register",
            "trust": 0.1,
            "url": "https://www.theregister.co.uk/2017/10/16/wpa2_inscure_krackattack/"
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2017-30406"
          },
          {
            "db": "VULMON",
            "id": "CVE-2017-13077"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201710-380"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2017-008412"
          }
        ]
      },
      "problemtype_data": {
        "_id": null,
        "data": [
          {
            "problemtype": "CWE-330",
            "trust": 1.0
          },
          {
            "problemtype": "CWE-254",
            "trust": 0.8
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2017-008412"
          },
          {
            "db": "NVD",
            "id": "CVE-2017-13077"
          }
        ]
      },
      "references": {
        "_id": null,
        "data": [
          {
            "trust": 3.7,
            "url": "https://www.krackattacks.com/"
          },
          {
            "trust": 3.3,
            "url": "https://source.android.com/security/bulletin/2017-11-01"
          },
          {
            "trust": 2.9,
            "url": "http://www.securityfocus.com/bid/101274"
          },
          {
            "trust": 2.8,
            "url": "http://www.arubanetworks.com/assets/alert/aruba-psa-2017-007.txt"
          },
          {
            "trust": 2.8,
            "url": "https://tools.cisco.com/security/center/content/ciscosecurityadvisory/cisco-sa-20171016-wpa"
          },
          {
            "trust": 2.6,
            "url": "https://access.redhat.com/security/vulnerabilities/kracks"
          },
          {
            "trust": 2.5,
            "url": "http://www.debian.org/security/2017/dsa-3999"
          },
          {
            "trust": 2.1,
            "url": "http://www.kb.cert.org/vuls/id/228519"
          },
          {
            "trust": 2.1,
            "url": "https://access.redhat.com/errata/rhsa-2017:2911"
          },
          {
            "trust": 2.1,
            "url": "https://access.redhat.com/errata/rhsa-2017:2907"
          },
          {
            "trust": 2.0,
            "url": "http://www.oracle.com/technetwork/security-advisory/cpuapr2018-3678067.html"
          },
          {
            "trust": 1.8,
            "url": "https://w1.fi/security/2017-1/wpa-packet-number-reuse-with-replayed-messages.txt"
          },
          {
            "trust": 1.8,
            "url": "http://www.ubuntu.com/usn/usn-3455-1"
          },
          {
            "trust": 1.7,
            "url": "http://www.securitytracker.com/id/1039585"
          },
          {
            "trust": 1.7,
            "url": "http://www.securitytracker.com/id/1039581"
          },
          {
            "trust": 1.7,
            "url": "http://www.securitytracker.com/id/1039578"
          },
          {
            "trust": 1.7,
            "url": "http://www.securitytracker.com/id/1039577"
          },
          {
            "trust": 1.7,
            "url": "http://www.securitytracker.com/id/1039576"
          },
          {
            "trust": 1.7,
            "url": "http://www.securitytracker.com/id/1039573"
          },
          {
            "trust": 1.7,
            "url": "https://support.lenovo.com/us/en/product_security/len-17420"
          },
          {
            "trust": 1.7,
            "url": "https://security.freebsd.org/advisories/freebsd-sa-17:07.wpa.asc"
          },
          {
            "trust": 1.7,
            "url": "https://security.gentoo.org/glsa/201711-03"
          },
          {
            "trust": 1.7,
            "url": "https://support.apple.com/ht208222"
          },
          {
            "trust": 1.7,
            "url": "https://support.apple.com/ht208221"
          },
          {
            "trust": 1.7,
            "url": "https://support.apple.com/ht208220"
          },
          {
            "trust": 1.7,
            "url": "https://support.apple.com/ht208219"
          },
          {
            "trust": 1.7,
            "url": "http://www.oracle.com/technetwork/security-advisory/cpujan2018-3236628.html"
          },
          {
            "trust": 1.7,
            "url": "https://source.android.com/security/bulletin/2018-04-01"
          },
          {
            "trust": 1.7,
            "url": "https://support.hpe.com/hpsc/doc/public/display?doclocale=en_us\u0026docid=emr_na-hpesbhf03792en_us"
          },
          {
            "trust": 1.7,
            "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-901333.pdf"
          },
          {
            "trust": 1.7,
            "url": "https://cert.vde.com/en-us/advisories/vde-2017-005"
          },
          {
            "trust": 1.7,
            "url": "https://cert.vde.com/en-us/advisories/vde-2017-003"
          },
          {
            "trust": 1.7,
            "url": "https://source.android.com/security/bulletin/2018-06-01"
          },
          {
            "trust": 1.7,
            "url": "http://www.securitytracker.com/id/1041432"
          },
          {
            "trust": 1.7,
            "url": "https://lists.debian.org/debian-lts-announce/2018/11/msg00015.html"
          },
          {
            "trust": 1.7,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2017-13077"
          },
          {
            "trust": 1.2,
            "url": "https://ics-cert.us-cert.gov/advisories/icsma-18-114-01"
          },
          {
            "trust": 1.1,
            "url": "https://papers.mathyvanhoef.com/ccs2017.pdf"
          },
          {
            "trust": 1.1,
            "url": "https://w1.fi/security/2017-1/"
          },
          {
            "trust": 1.1,
            "url": "https://security-center.intel.com/advisory.aspx?intelid=intel-sa-00101\u0026languageid=en-fr"
          },
          {
            "trust": 1.1,
            "url": "https://portal.msrc.microsoft.com/en-us/security-guidance/advisory/cve-2017-13080"
          },
          {
            "trust": 1.1,
            "url": "https://ics-cert.us-cert.gov/advisories/icsa-17-353-02"
          },
          {
            "trust": 1.1,
            "url": "https://ics-cert.us-cert.gov/advisories/icsa-17-318-01"
          },
          {
            "trust": 1.1,
            "url": "https://ics-cert.us-cert.gov/advisories/icsa-17-325-01"
          },
          {
            "trust": 1.1,
            "url": "https://ics-cert.us-cert.gov/advisories/icsma-19-029-01"
          },
          {
            "trust": 0.9,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2017-13078"
          },
          {
            "trust": 0.9,
            "url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2017-13077"
          },
          {
            "trust": 0.8,
            "url": "https://cwe.mitre.org/data/definitions/323.html"
          },
          {
            "trust": 0.8,
            "url": "https://actiontecsupport.zendesk.com/hc/en-us/articles/115005205283-krack-vulnerability"
          },
          {
            "trust": 0.8,
            "url": "https://www3.aerohive.com/support/security-bulletins/product-security-announcement-aerohives-response-to-krack-10162017.html"
          },
          {
            "trust": 0.8,
            "url": "https://www.al-enterprise.com/en/support/security-alert-krack"
          },
          {
            "trust": 0.8,
            "url": "https://support.apple.com/en-gb/ht208222"
          },
          {
            "trust": 0.8,
            "url": "https://security.archlinux.org/avg-447"
          },
          {
            "trust": 0.8,
            "url": "https://www.asus.com/static_webpage/asus-product-security-advisory/"
          },
          {
            "trust": 0.8,
            "url": "https://community.barracudanetworks.com/forum/index.php?/topic/23525-security-advisories/page-2"
          },
          {
            "trust": 0.8,
            "url": "https://lists.centos.org/pipermail/centos-announce/2017-october/022569.html"
          },
          {
            "trust": 0.8,
            "url": "https://community.cypress.com/docs/doc-13871"
          },
          {
            "trust": 0.8,
            "url": "http://supportannouncement.us.dlink.com/announcement/publication.aspx?name=sap10075"
          },
          {
            "trust": 0.8,
            "url": "http://www.dell.com/support/article/sln307822"
          },
          {
            "trust": 0.8,
            "url": "https://github.com/espressif/esp8266_nonos_sdk"
          },
          {
            "trust": 0.8,
            "url": "https://extremeportal.force.com/extrarticledetail?n=000018005"
          },
          {
            "trust": 0.8,
            "url": "https://bodhi.fedoraproject.org/updates/fedora-2017-60bfb576b7"
          },
          {
            "trust": 0.8,
            "url": "http://www.fortiguard.com/psirt/fg-ir-17-196"
          },
          {
            "trust": 0.8,
            "url": "https://www.freebsd.org/security/advisories/freebsd-sa-17:07.wpa.asc"
          },
          {
            "trust": 0.8,
            "url": "https://bugs.gentoo.org/634440"
          },
          {
            "trust": 0.8,
            "url": "https://support.hpe.com/hpsc/doc/public/display?sp4ts.oid=null\u0026doclocale=en_us\u0026docid=emr_na-a00029151en_us"
          },
          {
            "trust": 0.8,
            "url": "https://kb.juniper.net/jsa10827"
          },
          {
            "trust": 0.8,
            "url": "https://support.lenovo.com/ca/en/product_security/len-17420"
          },
          {
            "trust": 0.8,
            "url": "http://www.microchip.com/wwwproducts/en/atwinc1500"
          },
          {
            "trust": 0.8,
            "url": "http://mail-index.netbsd.org/source-changes/2017/10/16/msg088877.html"
          },
          {
            "trust": 0.8,
            "url": "https://kb.netgear.com/000049498/security-advisory-for-wpa-2-vulnerabilities-psv-2017-2826-psv-2017-2836-psv-2017-2837"
          },
          {
            "trust": 0.8,
            "url": "https://forum.peplink.com/t/security-advisory-wpa2-vulnerability-vu-228519/12715"
          },
          {
            "trust": 0.8,
            "url": "https://ruckus-www.s3.amazonaws.com/pdf/security/faq-security-advisory-id-101617-v1.0.pdf"
          },
          {
            "trust": 0.8,
            "url": "https://www.suse.com/de-de/support/kb/doc/?id=7022107"
          },
          {
            "trust": 0.8,
            "url": "https://source.sierrawireless.com/resources/airlink/software_reference_docs/technical-bulletin/sierra-wireless-technical-bulletin---wpa-and-wpa2-vulnerabilities/"
          },
          {
            "trust": 0.8,
            "url": "http://www.slackware.com/changelog/stable.php?cpu=x86_64"
          },
          {
            "trust": 0.8,
            "url": "https://community.sophos.com/kb/en-us/127658"
          },
          {
            "trust": 0.8,
            "url": "https://www.toshibacommerce.com/wps/myportal/%21ut/p/a1/rzrnc8igeiz_sw8egqhjcdmmwr8abw2dqcnfoyqotidrrk399uxrrwotuzgws7a87y6z88iuzmcq2u4uwcnlzypjnjj5-exr_wnhya-laxtrid-j3uchdtb8gylmuw6qzgktovtowsrrqlrs6-8dbeqhwc1mykqnlabgdjlf1yjvn7i5af4qtdwsn2tri7j"
          },
          {
            "trust": 0.8,
            "url": "http://www.toshiba-personalstorage.net/en/news/hdd/ot_notice/20171017.htm"
          },
          {
            "trust": 0.8,
            "url": "http://support.toshiba.com/support/staticcontentdetail?contentid=4015875\u0026isfromtoclink=false"
          },
          {
            "trust": 0.8,
            "url": "https://community.ubnt.com/t5/unifi-updates-blog/firmware-3-9-3-7537-for-uap-usw-has-been-released/ba-p/2099365"
          },
          {
            "trust": 0.8,
            "url": "https://usn.ubuntu.com/usn/usn-3455-1/"
          },
          {
            "trust": 0.8,
            "url": "http://en.miui.com/thread-954223-1-1.html"
          },
          {
            "trust": 0.8,
            "url": "https://www.zebra.com/content/dam/zebra_new_ia/en-us/support-and-downloads/lifeguard-security/krack-security-bulletin.pdf"
          },
          {
            "trust": 0.8,
            "url": "http://www.zyxel.com/support/announcement_wpa2_key_management.shtml"
          },
          {
            "trust": 0.8,
            "url": "https://supportcenter.checkpoint.com/supportcenter/portal?eventsubmit_dogoviewsolutiondetails=\u0026solutionid=sk120938"
          },
          {
            "trust": 0.8,
            "url": "https://community.rsa.com/docs/doc-84103"
          },
          {
            "trust": 0.8,
            "url": "https://support.f5.com/csp/article/k23642330"
          },
          {
            "trust": 0.8,
            "url": "https://forum.mikrotik.com/viewtopic.php?f=21\u0026t=126695"
          },
          {
            "trust": 0.8,
            "url": "https://community.linksys.com/t5/wireless-routers/krack-vulnerability/td-p/1218573"
          },
          {
            "trust": 0.8,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2017-13080"
          },
          {
            "trust": 0.8,
            "url": "https://ics-cert.us-cert.gov/advisories/icsa-17-318-02a"
          },
          {
            "trust": 0.8,
            "url": "https://www.ipa.go.jp/security/ciadr/vul/20171017_wpa2.html"
          },
          {
            "trust": 0.8,
            "url": "https://jvn.jp/vu/jvnvu94846424/"
          },
          {
            "trust": 0.8,
            "url": "http://jvn.jp/vu/jvnvu90609033/index.html"
          },
          {
            "trust": 0.8,
            "url": "https://www.kb.cert.org/vuls/id/cheu-aqnmyp"
          },
          {
            "trust": 0.6,
            "url": "https://www.kb.cert.org/vuls/id/228519/"
          },
          {
            "trust": 0.6,
            "url": "https://www.auscert.org.au/bulletins/esb-2020.4125/"
          },
          {
            "trust": 0.5,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2017-13082"
          },
          {
            "trust": 0.5,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2017-13087"
          },
          {
            "trust": 0.5,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2017-13086"
          },
          {
            "trust": 0.5,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2017-13088"
          },
          {
            "trust": 0.5,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2017-13079"
          },
          {
            "trust": 0.4,
            "url": "https://access.redhat.com/security/cve/cve-2017-13077"
          },
          {
            "trust": 0.4,
            "url": "https://access.redhat.com/security/cve/cve-2017-13078"
          },
          {
            "trust": 0.4,
            "url": "https://access.redhat.com/security/cve/cve-2017-13080"
          },
          {
            "trust": 0.4,
            "url": "https://access.redhat.com/security/cve/cve-2017-13082"
          },
          {
            "trust": 0.4,
            "url": "https://access.redhat.com/security/cve/cve-2017-13086"
          },
          {
            "trust": 0.4,
            "url": "https://access.redhat.com/security/cve/cve-2017-13087"
          },
          {
            "trust": 0.4,
            "url": "https://access.redhat.com/security/cve/cve-2017-13088"
          },
          {
            "trust": 0.4,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2017-13081"
          },
          {
            "trust": 0.3,
            "url": "https://github.com/stevenhoneyman/wpa_gui/tree/master/wpa_supplicant-2.4"
          },
          {
            "trust": 0.3,
            "url": "http://www.wi-fi.org/index.php"
          },
          {
            "trust": 0.3,
            "url": "https://support.apple.com/en-ie/ht208847"
          },
          {
            "trust": 0.3,
            "url": "https://support.apple.com/en-in/ht208334"
          },
          {
            "trust": 0.3,
            "url": "https://support.apple.com/en-in/ht208327"
          },
          {
            "trust": 0.3,
            "url": "https://support.apple.com/en-in/ht208325"
          },
          {
            "trust": 0.3,
            "url": "https://lists.apple.com/archives/security-announce/2017/dec/msg00009.html"
          },
          {
            "trust": 0.3,
            "url": "https://lists.apple.com/archives/security-announce/2017/dec/msg00008.html"
          },
          {
            "trust": 0.3,
            "url": "https://lists.apple.com/archives/security-announce/2018/jul/msg00000.html"
          },
          {
            "trust": 0.3,
            "url": "https://access.redhat.com/security/cve/cve-2017-13079"
          },
          {
            "trust": 0.3,
            "url": "https://access.redhat.com/security/cve/cve-2017-13081"
          },
          {
            "trust": 0.3,
            "url": "https://access.redhat.com/security/cve/cve-2017-13084"
          },
          {
            "trust": 0.3,
            "url": "http://docs.fortinet.com/uploaded/files/3961/fortiap-v5.6.1-release-notes.pdf"
          },
          {
            "trust": 0.3,
            "url": "https://ics-cert.us-cert.gov/advisories/icsa-17-299-02"
          },
          {
            "trust": 0.3,
            "url": "https://ics-cert.us-cert.gov/advisories/icsa-17-318-02"
          },
          {
            "trust": 0.2,
            "url": "https://support.apple.com/downloads/"
          },
          {
            "trust": 0.1,
            "url": "https://cwe.mitre.org/data/definitions/330.html"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov"
          },
          {
            "trust": 0.1,
            "url": "https://github.com/kristate/krackinfo"
          },
          {
            "trust": 0.1,
            "url": "https://access.redhat.com/security/updates/classification/#important"
          },
          {
            "trust": 0.1,
            "url": "https://access.redhat.com/articles/11258"
          },
          {
            "trust": 0.1,
            "url": "https://access.redhat.com/security/team/contact/"
          },
          {
            "trust": 0.1,
            "url": "https://www.redhat.com/mailman/listinfo/rhsa-announce"
          },
          {
            "trust": 0.1,
            "url": "https://bugzilla.redhat.com/):"
          },
          {
            "trust": 0.1,
            "url": "https://access.redhat.com/security/team/key/"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2017-9417"
          },
          {
            "trust": 0.1,
            "url": "https://support.apple.com/kb/ht201222"
          },
          {
            "trust": 0.1,
            "url": "https://www.apple.com/support/security/pgp/"
          },
          {
            "trust": 0.1,
            "url": "https://support.apple.com/kb/ht208038"
          },
          {
            "trust": 0.1,
            "url": "https://www.debian.org/security/faq"
          },
          {
            "trust": 0.1,
            "url": "https://www.debian.org/security/"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2016-4476"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2016-4477"
          },
          {
            "trust": 0.1,
            "url": "https://launchpad.net/ubuntu/+source/wpa/2.1-0ubuntu1.5"
          },
          {
            "trust": 0.1,
            "url": "https://launchpad.net/ubuntu/+source/wpa/2.4-0ubuntu9.1"
          },
          {
            "trust": 0.1,
            "url": "https://launchpad.net/ubuntu/+source/wpa/2.4-0ubuntu6.2"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/nvd.cfm?cvename=cve-2017-13078"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/nvd.cfm?cvename=cve-2017-13079"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/nvd.cfm?cvename=cve-2017-13077"
          },
          {
            "trust": 0.1,
            "url": "https://security.gentoo.org/"
          },
          {
            "trust": 0.1,
            "url": "https://security.freebsd.org/patches/sa-17:07/wpa-10.patch.asc"
          },
          {
            "trust": 0.1,
            "url": "https://security.freebsd.org/advisories/freebsd-sa-17:07.wpa.asc\u003e"
          },
          {
            "trust": 0.1,
            "url": "https://svnweb.freebsd.org/base?view=revision\u0026revision=nnnnnn\u003e"
          },
          {
            "trust": 0.1,
            "url": "https://www.krackattacks.com/\u003e"
          },
          {
            "trust": 0.1,
            "url": "https://security.freebsd.org/patches/sa-17:07/wpa-11.patch.asc"
          },
          {
            "trust": 0.1,
            "url": "https://security.freebsd.org/\u003e."
          },
          {
            "trust": 0.1,
            "url": "https://security.freebsd.org/patches/sa-17:07/wpa-11.patch"
          },
          {
            "trust": 0.1,
            "url": "https://security.freebsd.org/patches/sa-17:07/wpa-10.patch"
          },
          {
            "trust": 0.1,
            "url": "https://www.freebsd.org/handbook/makeworld.html\u003e."
          },
          {
            "trust": 0.1,
            "url": "https://w1.fi/security/2017-1/wpa-packet-number-reuse-with-replayed-messages.txt\u003e"
          },
          {
            "trust": 0.1,
            "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2017-13078"
          },
          {
            "trust": 0.1,
            "url": "http://slackware.com"
          },
          {
            "trust": 0.1,
            "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2017-13080"
          },
          {
            "trust": 0.1,
            "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2017-13082"
          },
          {
            "trust": 0.1,
            "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2017-13087"
          },
          {
            "trust": 0.1,
            "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2017-13081"
          },
          {
            "trust": 0.1,
            "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2017-13084"
          },
          {
            "trust": 0.1,
            "url": "http://slackware.com/gpg-key"
          },
          {
            "trust": 0.1,
            "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2017-13086"
          },
          {
            "trust": 0.1,
            "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2017-13088"
          },
          {
            "trust": 0.1,
            "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2017-13079"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2017-13084"
          },
          {
            "trust": 0.1,
            "url": "http://osuosl.org)"
          }
        ],
        "sources": [
          {
            "db": "CERT/CC",
            "id": "VU#228519"
          },
          {
            "db": "CNVD",
            "id": "CNVD-2017-30406"
          },
          {
            "db": "VULMON",
            "id": "CVE-2017-13077"
          },
          {
            "db": "BID",
            "id": "101274"
          },
          {
            "db": "PACKETSTORM",
            "id": "144652"
          },
          {
            "db": "PACKETSTORM",
            "id": "145394"
          },
          {
            "db": "PACKETSTORM",
            "id": "145395"
          },
          {
            "db": "PACKETSTORM",
            "id": "148445"
          },
          {
            "db": "PACKETSTORM",
            "id": "144630"
          },
          {
            "db": "PACKETSTORM",
            "id": "144632"
          },
          {
            "db": "PACKETSTORM",
            "id": "144944"
          },
          {
            "db": "PACKETSTORM",
            "id": "144669"
          },
          {
            "db": "PACKETSTORM",
            "id": "144663"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201710-380"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2017-008412"
          },
          {
            "db": "NVD",
            "id": "CVE-2017-13077"
          }
        ]
      },
      "sources": {
        "_id": null,
        "data": [
          {
            "db": "IVD",
            "id": "69402209-7265-4991-8217-51ff9b4857be",
            "ident": null
          },
          {
            "db": "CERT/CC",
            "id": "VU#228519",
            "ident": null
          },
          {
            "db": "CNVD",
            "id": "CNVD-2017-30406",
            "ident": null
          },
          {
            "db": "VULMON",
            "id": "CVE-2017-13077",
            "ident": null
          },
          {
            "db": "BID",
            "id": "101274",
            "ident": null
          },
          {
            "db": "PACKETSTORM",
            "id": "144652",
            "ident": null
          },
          {
            "db": "PACKETSTORM",
            "id": "145394",
            "ident": null
          },
          {
            "db": "PACKETSTORM",
            "id": "145395",
            "ident": null
          },
          {
            "db": "PACKETSTORM",
            "id": "148445",
            "ident": null
          },
          {
            "db": "PACKETSTORM",
            "id": "144630",
            "ident": null
          },
          {
            "db": "PACKETSTORM",
            "id": "144632",
            "ident": null
          },
          {
            "db": "PACKETSTORM",
            "id": "144944",
            "ident": null
          },
          {
            "db": "PACKETSTORM",
            "id": "144669",
            "ident": null
          },
          {
            "db": "PACKETSTORM",
            "id": "144663",
            "ident": null
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201710-380",
            "ident": null
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2017-008412",
            "ident": null
          },
          {
            "db": "NVD",
            "id": "CVE-2017-13077",
            "ident": null
          }
        ]
      },
      "sources_release_date": {
        "_id": null,
        "data": [
          {
            "date": "2017-10-17T00:00:00",
            "db": "IVD",
            "id": "69402209-7265-4991-8217-51ff9b4857be",
            "ident": null
          },
          {
            "date": "2017-10-16T00:00:00",
            "db": "CERT/CC",
            "id": "VU#228519",
            "ident": null
          },
          {
            "date": "2017-10-18T00:00:00",
            "db": "CNVD",
            "id": "CNVD-2017-30406",
            "ident": null
          },
          {
            "date": "2017-10-17T00:00:00",
            "db": "VULMON",
            "id": "CVE-2017-13077",
            "ident": null
          },
          {
            "date": "2017-10-16T00:00:00",
            "db": "BID",
            "id": "101274",
            "ident": null
          },
          {
            "date": "2017-10-17T16:52:00",
            "db": "PACKETSTORM",
            "id": "144652",
            "ident": null
          },
          {
            "date": "2017-12-13T03:33:33",
            "db": "PACKETSTORM",
            "id": "145394",
            "ident": null
          },
          {
            "date": "2017-12-13T04:44:44",
            "db": "PACKETSTORM",
            "id": "145395",
            "ident": null
          },
          {
            "date": "2018-07-05T23:02:22",
            "db": "PACKETSTORM",
            "id": "148445",
            "ident": null
          },
          {
            "date": "2017-10-16T13:49:34",
            "db": "PACKETSTORM",
            "id": "144630",
            "ident": null
          },
          {
            "date": "2017-10-16T23:23:00",
            "db": "PACKETSTORM",
            "id": "144632",
            "ident": null
          },
          {
            "date": "2017-11-10T19:19:00",
            "db": "PACKETSTORM",
            "id": "144944",
            "ident": null
          },
          {
            "date": "2017-10-19T14:28:55",
            "db": "PACKETSTORM",
            "id": "144669",
            "ident": null
          },
          {
            "date": "2017-10-18T20:44:00",
            "db": "PACKETSTORM",
            "id": "144663",
            "ident": null
          },
          {
            "date": "2017-10-17T00:00:00",
            "db": "CNNVD",
            "id": "CNNVD-201710-380",
            "ident": null
          },
          {
            "date": "2017-10-18T00:00:00",
            "db": "JVNDB",
            "id": "JVNDB-2017-008412",
            "ident": null
          },
          {
            "date": "2017-10-17T02:29:00.207000",
            "db": "NVD",
            "id": "CVE-2017-13077",
            "ident": null
          }
        ]
      },
      "sources_update_date": {
        "_id": null,
        "data": [
          {
            "date": "2017-11-16T00:00:00",
            "db": "CERT/CC",
            "id": "VU#228519",
            "ident": null
          },
          {
            "date": "2017-10-17T00:00:00",
            "db": "CNVD",
            "id": "CNVD-2017-30406",
            "ident": null
          },
          {
            "date": "2019-10-03T00:00:00",
            "db": "VULMON",
            "id": "CVE-2017-13077",
            "ident": null
          },
          {
            "date": "2019-02-21T09:00:00",
            "db": "BID",
            "id": "101274",
            "ident": null
          },
          {
            "date": "2020-11-23T00:00:00",
            "db": "CNNVD",
            "id": "CNNVD-201710-380",
            "ident": null
          },
          {
            "date": "2019-02-01T00:00:00",
            "db": "JVNDB",
            "id": "JVNDB-2017-008412",
            "ident": null
          },
          {
            "date": "2025-04-20T01:37:25.860000",
            "db": "NVD",
            "id": "CVE-2017-13077",
            "ident": null
          }
        ]
      },
      "threat_type": {
        "_id": null,
        "data": "remote or local",
        "sources": [
          {
            "db": "CNNVD",
            "id": "CNNVD-201710-380"
          }
        ],
        "trust": 0.6
      },
      "title": {
        "_id": null,
        "data": "Wi-Fi Protected Access (WPA) handshake traffic can be manipulated to induce nonce and session key reuse",
        "sources": [
          {
            "db": "CERT/CC",
            "id": "VU#228519"
          }
        ],
        "trust": 0.8
      },
      "type": {
        "_id": null,
        "data": "security feature problem",
        "sources": [
          {
            "db": "CNNVD",
            "id": "CNNVD-201710-380"
          }
        ],
        "trust": 0.6
      }
    }

    VAR-201710-0974

    Vulnerability from variot - Updated: 2026-04-10 21:53

    Wi-Fi Protected Access (WPA and WPA2) that support 802.11v allows reinstallation of the Group Temporal Key (GTK) when processing a Wireless Network Management (WNM) Sleep Mode Response frame, allowing an attacker within radio range to replay frames from access points to clients. An attacker within range of an affected AP and client may leverage these vulnerabilities to conduct attacks that are dependent on the data confidentiality protocols being used. Attacks may include arbitrary packet decryption and injection, TCP connection hijacking, HTTP content injection, or the replay of unicast and group-addressed frames. These vulnerabilities are referred to as Key Reinstallation Attacks or "KRACK" attacks. WPA (Wi-Fi Protected Access) is a system that protects wireless computer networks (Wi-Fi). A group key reload vulnerability exists in WPA2 wireless network sleep mode. WPA2 is prone to multiple security weaknesses. Exploiting these issues may allow an unauthorized user to intercept and manipulate data or disclose sensitive information. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1

    ===================================================================== Red Hat Security Advisory

    Synopsis: Important: wpa_supplicant security update Advisory ID: RHSA-2017:2907-01 Product: Red Hat Enterprise Linux Advisory URL: https://access.redhat.com/errata/RHSA-2017:2907 Issue date: 2017-10-17 CVE Names: CVE-2017-13077 CVE-2017-13078 CVE-2017-13080 CVE-2017-13082 CVE-2017-13086 CVE-2017-13087 CVE-2017-13088 =====================================================================

    1. Summary:

    An update for wpa_supplicant is now available for Red Hat Enterprise Linux 7.

    Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. Relevant releases/architectures:

    Red Hat Enterprise Linux Client (v. 7) - x86_64 Red Hat Enterprise Linux ComputeNode (v. 7) - x86_64 Red Hat Enterprise Linux Server (v. 7) - aarch64, ppc64, ppc64le, s390x, x86_64 Red Hat Enterprise Linux Workstation (v. 7) - x86_64

    1. Description:

    The wpa_supplicant packages contain an 802.1X Supplicant with support for WEP, WPA, WPA2 (IEEE 802.11i / RSN), and various EAP authentication methods. They implement key negotiation with a WPA Authenticator for client stations and controls the roaming and IEEE 802.11 authentication and association of the WLAN driver. A remote attacker within Wi-Fi range could exploit these attacks to decrypt Wi-Fi traffic or possibly inject forged Wi-Fi packets by manipulating cryptographic handshakes used by the WPA2 protocol. (CVE-2017-13077, CVE-2017-13078, CVE-2017-13080, CVE-2017-13082, CVE-2017-13086, CVE-2017-13087, CVE-2017-13088)

    Red Hat would like to thank CERT for reporting these issues. Upstream acknowledges Mathy Vanhoef (University of Leuven) as the original reporter of these issues. Solution:

    For details on how to apply this update, which includes the changes described in this advisory, refer to:

    https://access.redhat.com/articles/11258

    1. Package List:

    Red Hat Enterprise Linux Client (v. 7):

    Source: wpa_supplicant-2.6-5.el7_4.1.src.rpm

    x86_64: wpa_supplicant-2.6-5.el7_4.1.x86_64.rpm wpa_supplicant-debuginfo-2.6-5.el7_4.1.x86_64.rpm

    Red Hat Enterprise Linux ComputeNode (v. 7):

    Source: wpa_supplicant-2.6-5.el7_4.1.src.rpm

    x86_64: wpa_supplicant-2.6-5.el7_4.1.x86_64.rpm wpa_supplicant-debuginfo-2.6-5.el7_4.1.x86_64.rpm

    Red Hat Enterprise Linux Server (v. 7):

    Source: wpa_supplicant-2.6-5.el7_4.1.src.rpm

    aarch64: wpa_supplicant-2.6-5.el7_4.1.aarch64.rpm wpa_supplicant-debuginfo-2.6-5.el7_4.1.aarch64.rpm

    ppc64: wpa_supplicant-2.6-5.el7_4.1.ppc64.rpm wpa_supplicant-debuginfo-2.6-5.el7_4.1.ppc64.rpm

    ppc64le: wpa_supplicant-2.6-5.el7_4.1.ppc64le.rpm wpa_supplicant-debuginfo-2.6-5.el7_4.1.ppc64le.rpm

    s390x: wpa_supplicant-2.6-5.el7_4.1.s390x.rpm wpa_supplicant-debuginfo-2.6-5.el7_4.1.s390x.rpm

    x86_64: wpa_supplicant-2.6-5.el7_4.1.x86_64.rpm wpa_supplicant-debuginfo-2.6-5.el7_4.1.x86_64.rpm

    Red Hat Enterprise Linux Workstation (v. 7):

    Source: wpa_supplicant-2.6-5.el7_4.1.src.rpm

    x86_64: wpa_supplicant-2.6-5.el7_4.1.x86_64.rpm wpa_supplicant-debuginfo-2.6-5.el7_4.1.x86_64.rpm

    These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key/

    1. References:

    https://access.redhat.com/security/cve/CVE-2017-13077 https://access.redhat.com/security/cve/CVE-2017-13078 https://access.redhat.com/security/cve/CVE-2017-13080 https://access.redhat.com/security/cve/CVE-2017-13082 https://access.redhat.com/security/cve/CVE-2017-13086 https://access.redhat.com/security/cve/CVE-2017-13087 https://access.redhat.com/security/cve/CVE-2017-13088 https://access.redhat.com/security/updates/classification/#important https://access.redhat.com/security/vulnerabilities/kracks

    1. Contact:

    The Red Hat security contact is secalert@redhat.com. More contact details at https://access.redhat.com/security/team/contact/

    Copyright 2017 Red Hat, Inc. Those vulnerabilities applies to both the access point (implemented in hostapd) and the station (implemented in wpa_supplicant).

    An attacker exploiting the vulnerabilities could force the vulnerable system to reuse cryptographic session keys, enabling a range of cryptographic attacks against the ciphers used in WPA1 and WPA2.

    For the stable distribution (stretch), these problems have been fixed in version 2:2.4-1+deb9u1.

    For the testing distribution (buster), these problems have been fixed in version 2:2.4-1.1.

    For the unstable distribution (sid), these problems have been fixed in version 2:2.4-1.1.

    We recommend that you upgrade your wpa packages. ========================================================================== Ubuntu Security Notice USN-3455-1 October 16, 2017

    wpa vulnerabilities

    A security issue affects these releases of Ubuntu and its derivatives:

    • Ubuntu 17.04
    • Ubuntu 16.04 LTS
    • Ubuntu 14.04 LTS

    Summary:

    Several security issues were fixed in wpa_supplicant.

    Software Description: - wpa: client support for WPA and WPA2

    Details:

    Mathy Vanhoef discovered that wpa_supplicant and hostapd incorrectly handled WPA2. (CVE-2017-13077, CVE-2017-13078, CVE-2017-13079, CVE-2017-13080, CVE-2017-13081, CVE-2017-13082, CVE-2017-13086, CVE-2017-13087, CVE-2017-13088)

    Imre Rad discovered that wpa_supplicant and hostapd incorrectly handled invalid characters in passphrase parameters. A remote attacker could use this issue to cause a denial of service. (CVE-2016-4476)

    Imre Rad discovered that wpa_supplicant and hostapd incorrectly handled invalid characters in passphrase parameters. A local attacker could use this issue to cause a denial of service, or possibly execute arbitrary code. (CVE-2016-4477)

    Update instructions:

    The problem can be corrected by updating your system to the following package versions:

    Ubuntu 17.04: hostapd 2.4-0ubuntu9.1 wpasupplicant 2.4-0ubuntu9.1

    Ubuntu 16.04 LTS: hostapd 2.4-0ubuntu6.2 wpasupplicant 2.4-0ubuntu6.2

    Ubuntu 14.04 LTS: hostapd 2.1-0ubuntu1.5 wpasupplicant 2.1-0ubuntu1.5

    After a standard system update you need to reboot your computer to make all the necessary changes. 6) - i386, x86_64

    Here are the details from the Slackware 14.2 ChangeLog: +--------------------------+ patches/packages/wpa_supplicant-2.6-i586-1_slack14.2.txz: Upgraded. This update includes patches to mitigate the WPA2 protocol issues known as "KRACK" (Key Reinstallation AttaCK), which may be used to decrypt data, hijack TCP connections, and to forge and inject packets. CVE-2017-13082: Accepting a retransmitted Fast BSS Transition (FT) Reassociation Request and reinstalling the pairwise encryption key (PTK-TK) while processing it. For more information, see: https://www.krackattacks.com/ https://w1.fi/security/2017-1/wpa-packet-number-reuse-with-replayed-messages.txt https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-13077 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-13078 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-13079 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-13080 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-13081 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-13082 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-13084 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-13086 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-13087 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-13088 ( Security fix ) +--------------------------+

    Where to find the new packages: +-----------------------------+

    Thanks to the friendly folks at the OSU Open Source Lab (http://osuosl.org) for donating FTP and rsync hosting to the Slackware project! :-)

    Also see the "Get Slack" section on http://slackware.com for additional mirror sites near you.

    Updated package for Slackware 14.0: ftp://ftp.slackware.com/pub/slackware/slackware-14.0/patches/packages/wpa_supplicant-2.6-i486-1_slack14.0.txz

    Updated package for Slackware x86_64 14.0: ftp://ftp.slackware.com/pub/slackware/slackware64-14.0/patches/packages/wpa_supplicant-2.6-x86_64-1_slack14.0.txz

    Updated package for Slackware 14.1: ftp://ftp.slackware.com/pub/slackware/slackware-14.1/patches/packages/wpa_supplicant-2.6-i486-1_slack14.1.txz

    Updated package for Slackware x86_64 14.1: ftp://ftp.slackware.com/pub/slackware/slackware64-14.1/patches/packages/wpa_supplicant-2.6-x86_64-1_slack14.1.txz

    Updated package for Slackware 14.2: ftp://ftp.slackware.com/pub/slackware/slackware-14.2/patches/packages/wpa_supplicant-2.6-i586-1_slack14.2.txz

    Updated package for Slackware x86_64 14.2: ftp://ftp.slackware.com/pub/slackware/slackware64-14.2/patches/packages/wpa_supplicant-2.6-x86_64-1_slack14.2.txz

    Updated package for Slackware -current: ftp://ftp.slackware.com/pub/slackware/slackware-current/slackware/n/wpa_supplicant-2.6-i586-2.txz

    Updated package for Slackware x86_64 -current: ftp://ftp.slackware.com/pub/slackware/slackware64-current/slackware64/n/wpa_supplicant-2.6-x86_64-2.txz

    MD5 signatures: +-------------+

    Slackware 14.0 package: d8ecfaadb50b3547967ab53733ffc019 wpa_supplicant-2.6-i486-1_slack14.0.txz

    Slackware x86_64 14.0 package: f25216d28800504ce498705da7c9a825 wpa_supplicant-2.6-x86_64-1_slack14.0.txz

    Slackware 14.1 package: 15c61050e4bab2581757befd86be74c0 wpa_supplicant-2.6-i486-1_slack14.1.txz

    Slackware x86_64 14.1 package: 49fd537a520338744f7757615556d352 wpa_supplicant-2.6-x86_64-1_slack14.1.txz

    Slackware 14.2 package: c5539f40c8510af89be92945f0f80185 wpa_supplicant-2.6-i586-1_slack14.2.txz

    Slackware x86_64 14.2 package: 4c527ff84fcdfd7839f217bbce2e4ae4 wpa_supplicant-2.6-x86_64-1_slack14.2.txz

    Slackware -current package: 28bd88a54e96368f7a7020c1f5fb67fe n/wpa_supplicant-2.6-i586-2.txz

    Slackware x86_64 -current package: 464fc6b48d1ac077f47e9a3a8534c160 n/wpa_supplicant-2.6-x86_64-2.txz

    Installation instructions: +------------------------+

    Upgrade the package as root:

    upgradepkg wpa_supplicant-2.6-i586-1_slack14.2.txz

    +-----+

    Slackware Linux Security Team http://slackware.com/gpg-key security@slackware.com

    +------------------------------------------------------------------------+ | To leave the slackware-security mailing list: | +------------------------------------------------------------------------+ | Send an email to majordomo@slackware.com with this text in the body of | | the email message: | | | | unsubscribe slackware-security | | | | You will get a confirmation message back containing instructions to | | complete the process. Please do not reply to this email address. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512

    ============================================================================= FreeBSD-SA-17:07.wpa Security Advisory The FreeBSD Project

    Topic: WPA2 protocol vulnerability

    Category: contrib Module: wpa Announced: 2017-10-16 Credits: Mathy Vanhoef Affects: All supported versions of FreeBSD. Corrected: 2017-10-17 17:30:18 UTC (stable/11, 11.1-STABLE) 2017-10-17 17:57:18 UTC (releng/11.1, 11.1-RELEASE-p2) 2017-10-17 17:56:03 UTC (releng/11.0, 11.0-RELEASE-p13) 2017-10-19 03:18:22 UTC (stable/10, 10.4-STABLE) 2017-10-19 03:20:17 UTC (releng/10.4, 10.4-RELEASE-p1) 2017-10-19 03:19:42 UTC (releng/10.3, 10.3-RELEASE-p22) CVE Name: CVE-2017-13077, CVE-2017-13078, CVE-2017-13079, CVE-2017-13080, CVE-2017-13081, CVE-2017-13082, CVE-2017-13086, CVE-2017-13087, CVE-2017-13088

    For general information regarding FreeBSD Security Advisories, including descriptions of the fields above, security branches, and the following sections, please visit .

    1. Revision history

    v1.0 2017-10-17 Initial release. v1.1 2017-10-19 Add patches for 10.x releases.

    I.

    hostapd and wpa_supplicant are implementations of user space daemon for access points and wireless client that implements the WPA2 protocol.

    II. Problem Description

    A vulnerability was found in how a number of implementations can be triggered to reconfigure WPA/WPA2/RSN keys (TK, GTK, or IGTK) by replaying a specific frame that is used to manage the keys.

    III. Impact

    Such reinstallation of the encryption key can result in two different types of vulnerabilities: disabling replay protection and significantly reducing the security of encryption to the point of allowing frames to be decrypted or some parts of the keys to be determined by an attacker depending on which cipher is used.

    IV. Workaround

    An updated version of wpa_supplicant is available in the FreeBSD Ports Collection. Install version 2.6_2 or later of the security/wpa_supplicant port/pkg. Once installed, update /etc/rc.conf to use the new binary:

    wpa_supplicant_program="/usr/local/sbin/wpa_supplicant"

    and restart networking.

    An updated version of hostapd is available in the FreeBSD Ports Collection. Install version 2.6_1 or later of the net/hostapd port/pkg. Once installed, update /etc/rc.conf to use the new binary:

    hostapd_program="/usr/local/sbin/hostapd"

    and restart hostapd.

    V. Solution

    Perform one of the following:

    1) Upgrade your vulnerable system to a supported FreeBSD stable or release / security branch (releng) dated after the correction date.

    Restart the Wi-Fi network interfaces/hostapd or reboot the system.

    2) To update your vulnerable system via a binary patch:

    Systems running a RELEASE version of FreeBSD on the i386 or amd64 platforms can be updated via the freebsd-update(8) utility:

    freebsd-update fetch

    freebsd-update install

    Restart the Wi-Fi network interfaces/hostapd or reboot the system.

    3) To update your vulnerable system via a source code patch:

    The following patches have been verified to apply to the applicable FreeBSD release branches.

    a) Download the relevant patch from the location below, and verify the detached PGP signature using your PGP utility.

    [FreeBSD 11.0-RELEASE, 11.1-RELEASE, and 11-STABLE]

    fetch https://security.FreeBSD.org/patches/SA-17:07/wpa-11.patch

    fetch https://security.FreeBSD.org/patches/SA-17:07/wpa-11.patch.asc

    gpg --verify wpa-11.patch.asc

    [FreeBSD 10.3-RELEASE, 10.4-RELEASE, and 10-STABLE]

    fetch https://security.FreeBSD.org/patches/SA-17:07/wpa-10.patch

    fetch https://security.FreeBSD.org/patches/SA-17:07/wpa-10.patch.asc

    gpg --verify wpa-10.patch.asc

    b) Apply the patch. Execute the following commands as root:

    cd /usr/src

    patch < /path/to/patch

    c) Recompile the operating system using buildworld and installworld as described in .

    Restart the applicable daemons, or reboot the system.

    VI. Correction details

    The following list contains the correction revision numbers for each affected branch.

    Branch/path Revision


    stable/11/ r324697 releng/11.0/ r324698 releng/11.1/ r324699 stable/10/ r324739 releng/10.3/ r324740 releng/10.4/ r324741


    To see which files were modified by a particular revision, run the following command, replacing NNNNNN with the revision number, on a machine with Subversion installed:

    svn diff -cNNNNNN --summarize svn://svn.freebsd.org/base

    Or visit the following URL, replacing NNNNNN with the revision number:

    VII. References

    The latest revision of this advisory is available at -----BEGIN PGP SIGNATURE-----

    iQKTBAEBCgB9FiEEHPf/b631yp++G4yy7Wfs1l3PaucFAlnoGpNfFIAAAAAALgAo aXNzdWVyLWZwckBub3RhdGlvbnMub3BlbnBncC5maWZ0aGhvcnNlbWFuLm5ldDFD RjdGRjZGQURGNUNBOUZCRTFCOENCMkVENjdFQ0Q2NURDRjZBRTcACgkQ7Wfs1l3P auc7WBAAm27w+fujv5sJsRxauUMopTVtRh5utwbDuoHTP+L+RCWmQfVBmueNQ0gf uJzMNxBIkbtY9LvyukpRsH3iD7mh26c0pd9rxxkkr4F96C9B5+W0amxJF1gdm54/ F/50FpY+lo7cNs5tiBjypPrg8UOBBI/1G4XR7130XC0HjaTwt1ngZ0oQUWUMSsIp gN5ZfPul81WPWd1NqF+vyObcJhwq/Y1uoexoO27o7GQCFZoL3enZy8c4f1xqMlVM 4HHkTgNGac6E0aW+ArH4J0DFFAOJXPqF8rdt+9XINfoBbtliIyOixJ4oh1n6eAR0 VpBWZKFNyXSlUKIvDGa+LDhxgL1jJXV0ABSyKlUOijdmr3bbbiQE9MW/MNv2AFTd OAFQ0QQtm9KCWp5JLh+FPIb/kR2l7MOUP+yz4zFcJpdGtl9tDLyPN8vRTq60bY8O y7tBcf/SMqkd/AIFdchL4zrOguKnRARydIlwTarp8wtAQI3MKSsa1B0wgsDtlL6K xfdjnwWMKvKKlNOW16e1WXXO0n/ucHV4njBE+bGPro3jLgXP2/WFZpIGAR3I4xrr SdD4AxSNiR9f3bL7LRfMIbugJAylWNSlTLWUOVUv0/ONh85LqbcCj13NI230B64K ETx2QOZgKnCs2oDNiw4aQHb7kvi2w94Iw/R1sAPkkxYJWO3reyE= =h/5q -----END PGP SIGNATURE-----

    Show details on source website

    {
      "affected_products": {
        "_id": null,
        "data": [
          {
            "_id": null,
            "model": "linux enterprise point of sale",
            "scope": "eq",
            "trust": 1.6,
            "vendor": "suse",
            "version": "11"
          },
          {
            "_id": null,
            "model": "linux enterprise server",
            "scope": "eq",
            "trust": 1.6,
            "vendor": "suse",
            "version": "11"
          },
          {
            "_id": null,
            "model": "openstack cloud",
            "scope": "eq",
            "trust": 1.6,
            "vendor": "suse",
            "version": "6"
          },
          {
            "_id": null,
            "model": "linux enterprise desktop",
            "scope": "eq",
            "trust": 1.6,
            "vendor": "suse",
            "version": "12"
          },
          {
            "_id": null,
            "model": "linux enterprise server",
            "scope": "eq",
            "trust": 1.6,
            "vendor": "suse",
            "version": "12"
          },
          {
            "_id": null,
            "model": "enterprise linux desktop",
            "scope": "eq",
            "trust": 1.3,
            "vendor": "redhat",
            "version": "7"
          },
          {
            "_id": null,
            "model": "enterprise linux server",
            "scope": "eq",
            "trust": 1.3,
            "vendor": "redhat",
            "version": "7"
          },
          {
            "_id": null,
            "model": "wpa supplicant",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "w1 fi",
            "version": "0.6.9"
          },
          {
            "_id": null,
            "model": "wpa supplicant",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "w1 fi",
            "version": "0.2.5"
          },
          {
            "_id": null,
            "model": "hostapd",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "w1 fi",
            "version": "1.1"
          },
          {
            "_id": null,
            "model": "linux",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "debian",
            "version": "9.0"
          },
          {
            "_id": null,
            "model": "hostapd",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "w1 fi",
            "version": "0.6.8"
          },
          {
            "_id": null,
            "model": "hostapd",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "w1 fi",
            "version": "2.0"
          },
          {
            "_id": null,
            "model": "hostapd",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "w1 fi",
            "version": "0.6.9"
          },
          {
            "_id": null,
            "model": "ubuntu linux",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "canonical",
            "version": "14.04"
          },
          {
            "_id": null,
            "model": "hostapd",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "w1 fi",
            "version": "0.2.5"
          },
          {
            "_id": null,
            "model": "wpa supplicant",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "w1 fi",
            "version": "0.4.9"
          },
          {
            "_id": null,
            "model": "hostapd",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "w1 fi",
            "version": "0.3.9"
          },
          {
            "_id": null,
            "model": "wpa supplicant",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "w1 fi",
            "version": "0.4.10"
          },
          {
            "_id": null,
            "model": "wpa supplicant",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "w1 fi",
            "version": "0.3.11"
          },
          {
            "_id": null,
            "model": "wpa supplicant",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "w1 fi",
            "version": "0.2.7"
          },
          {
            "_id": null,
            "model": "freebsd",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "freebsd",
            "version": "*"
          },
          {
            "_id": null,
            "model": "wpa supplicant",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "w1 fi",
            "version": "0.4.11"
          },
          {
            "_id": null,
            "model": "wpa supplicant",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "w1 fi",
            "version": "0.3.8"
          },
          {
            "_id": null,
            "model": "hostapd",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "w1 fi",
            "version": "0.4.9"
          },
          {
            "_id": null,
            "model": "wpa supplicant",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "w1 fi",
            "version": "0.2.6"
          },
          {
            "_id": null,
            "model": "freebsd",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "freebsd",
            "version": "10"
          },
          {
            "_id": null,
            "model": "hostapd",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "w1 fi",
            "version": "0.4.10"
          },
          {
            "_id": null,
            "model": "linux",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "debian",
            "version": "8.0"
          },
          {
            "_id": null,
            "model": "hostapd",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "w1 fi",
            "version": "0.3.11"
          },
          {
            "_id": null,
            "model": "wpa supplicant",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "w1 fi",
            "version": "2.2"
          },
          {
            "_id": null,
            "model": "hostapd",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "w1 fi",
            "version": "0.4.11"
          },
          {
            "_id": null,
            "model": "wpa supplicant",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "w1 fi",
            "version": "0.5.7"
          },
          {
            "_id": null,
            "model": "hostapd",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "w1 fi",
            "version": "0.2.6"
          },
          {
            "_id": null,
            "model": "hostapd",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "w1 fi",
            "version": "2.5"
          },
          {
            "_id": null,
            "model": "wpa supplicant",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "w1 fi",
            "version": "2.4"
          },
          {
            "_id": null,
            "model": "wpa supplicant",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "w1 fi",
            "version": "0.5.8"
          },
          {
            "_id": null,
            "model": "wpa supplicant",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "w1 fi",
            "version": "0.3.7"
          },
          {
            "_id": null,
            "model": "wpa supplicant",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "w1 fi",
            "version": "1.1"
          },
          {
            "_id": null,
            "model": "wpa supplicant",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "w1 fi",
            "version": "0.6.10"
          },
          {
            "_id": null,
            "model": "hostapd",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "w1 fi",
            "version": "0.5.7"
          },
          {
            "_id": null,
            "model": "wpa supplicant",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "w1 fi",
            "version": "0.7.3"
          },
          {
            "_id": null,
            "model": "wpa supplicant",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "w1 fi",
            "version": "1.0"
          },
          {
            "_id": null,
            "model": "hostapd",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "w1 fi",
            "version": "2.4"
          },
          {
            "_id": null,
            "model": "hostapd",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "w1 fi",
            "version": "0.5.8"
          },
          {
            "_id": null,
            "model": "wpa supplicant",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "w1 fi",
            "version": "2.6"
          },
          {
            "_id": null,
            "model": "hostapd",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "w1 fi",
            "version": "0.3.7"
          },
          {
            "_id": null,
            "model": "hostapd",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "w1 fi",
            "version": "0.6.10"
          },
          {
            "_id": null,
            "model": "wpa supplicant",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "w1 fi",
            "version": "0.2.8"
          },
          {
            "_id": null,
            "model": "hostapd",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "w1 fi",
            "version": "0.7.3"
          },
          {
            "_id": null,
            "model": "freebsd",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "freebsd",
            "version": "11.1"
          },
          {
            "_id": null,
            "model": "hostapd",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "w1 fi",
            "version": "1.0"
          },
          {
            "_id": null,
            "model": "wpa supplicant",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "w1 fi",
            "version": "0.3.9"
          },
          {
            "_id": null,
            "model": "hostapd",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "w1 fi",
            "version": "2.6"
          },
          {
            "_id": null,
            "model": "wpa supplicant",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "w1 fi",
            "version": "0.2.4"
          },
          {
            "_id": null,
            "model": "wpa supplicant",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "w1 fi",
            "version": "0.3.10"
          },
          {
            "_id": null,
            "model": "wpa supplicant",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "w1 fi",
            "version": "0.5.10"
          },
          {
            "_id": null,
            "model": "wpa supplicant",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "w1 fi",
            "version": "0.5.9"
          },
          {
            "_id": null,
            "model": "wpa supplicant",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "w1 fi",
            "version": "2.1"
          },
          {
            "_id": null,
            "model": "hostapd",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "w1 fi",
            "version": "0.2.8"
          },
          {
            "_id": null,
            "model": "leap",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "opensuse",
            "version": "42.2"
          },
          {
            "_id": null,
            "model": "wpa supplicant",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "w1 fi",
            "version": "0.4.7"
          },
          {
            "_id": null,
            "model": "ubuntu linux",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "canonical",
            "version": "17.04"
          },
          {
            "_id": null,
            "model": "hostapd",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "w1 fi",
            "version": "0.2.4"
          },
          {
            "_id": null,
            "model": "hostapd",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "w1 fi",
            "version": "0.3.10"
          },
          {
            "_id": null,
            "model": "wpa supplicant",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "w1 fi",
            "version": "2.3"
          },
          {
            "_id": null,
            "model": "freebsd",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "freebsd",
            "version": "10.4"
          },
          {
            "_id": null,
            "model": "hostapd",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "w1 fi",
            "version": "0.5.10"
          },
          {
            "_id": null,
            "model": "hostapd",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "w1 fi",
            "version": "0.5.9"
          },
          {
            "_id": null,
            "model": "hostapd",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "w1 fi",
            "version": "2.1"
          },
          {
            "_id": null,
            "model": "wpa supplicant",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "w1 fi",
            "version": "0.5.11"
          },
          {
            "_id": null,
            "model": "wpa supplicant",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "w1 fi",
            "version": "2.5"
          },
          {
            "_id": null,
            "model": "hostapd",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "w1 fi",
            "version": "0.4.7"
          },
          {
            "_id": null,
            "model": "hostapd",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "w1 fi",
            "version": "2.3"
          },
          {
            "_id": null,
            "model": "wpa supplicant",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "w1 fi",
            "version": "0.4.8"
          },
          {
            "_id": null,
            "model": "hostapd",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "w1 fi",
            "version": "0.5.11"
          },
          {
            "_id": null,
            "model": "ubuntu linux",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "canonical",
            "version": "16.04"
          },
          {
            "_id": null,
            "model": "hostapd",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "w1 fi",
            "version": "2.2"
          },
          {
            "_id": null,
            "model": "wpa supplicant",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "w1 fi",
            "version": "0.6.8"
          },
          {
            "_id": null,
            "model": "freebsd",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "freebsd",
            "version": "11"
          },
          {
            "_id": null,
            "model": "hostapd",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "w1 fi",
            "version": "0.4.8"
          },
          {
            "_id": null,
            "model": "wpa supplicant",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "w1 fi",
            "version": "2.0"
          },
          {
            "_id": null,
            "model": "leap",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "opensuse",
            "version": "42.3"
          },
          {
            "_id": null,
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "9front",
            "version": null
          },
          {
            "_id": null,
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "adtran",
            "version": null
          },
          {
            "_id": null,
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "avm",
            "version": null
          },
          {
            "_id": null,
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "actiontec",
            "version": null
          },
          {
            "_id": null,
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "aerohive",
            "version": null
          },
          {
            "_id": null,
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "alcatel lucent",
            "version": null
          },
          {
            "_id": null,
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "android open source",
            "version": null
          },
          {
            "_id": null,
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "apple",
            "version": null
          },
          {
            "_id": null,
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "arch linux",
            "version": null
          },
          {
            "_id": null,
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "aruba",
            "version": null
          },
          {
            "_id": null,
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "asustek computer",
            "version": null
          },
          {
            "_id": null,
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "barracuda",
            "version": null
          },
          {
            "_id": null,
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "broadcom",
            "version": null
          },
          {
            "_id": null,
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "cambium",
            "version": null
          },
          {
            "_id": null,
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "centos",
            "version": null
          },
          {
            "_id": null,
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "cisco",
            "version": null
          },
          {
            "_id": null,
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "cradlepoint",
            "version": null
          },
          {
            "_id": null,
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "cypress semiconductor",
            "version": null
          },
          {
            "_id": null,
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "d link",
            "version": null
          },
          {
            "_id": null,
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "debian gnu linux",
            "version": null
          },
          {
            "_id": null,
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "dell",
            "version": null
          },
          {
            "_id": null,
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "digi",
            "version": null
          },
          {
            "_id": null,
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "draytek",
            "version": null
          },
          {
            "_id": null,
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "edimax computer",
            "version": null
          },
          {
            "_id": null,
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "engenius",
            "version": null
          },
          {
            "_id": null,
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "endian",
            "version": null
          },
          {
            "_id": null,
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "espressif",
            "version": null
          },
          {
            "_id": null,
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "extreme",
            "version": null
          },
          {
            "_id": null,
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "f secure",
            "version": null
          },
          {
            "_id": null,
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "fedora",
            "version": null
          },
          {
            "_id": null,
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "fortinet",
            "version": null
          },
          {
            "_id": null,
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "freebsd",
            "version": null
          },
          {
            "_id": null,
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "gentoo linux",
            "version": null
          },
          {
            "_id": null,
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "google",
            "version": null
          },
          {
            "_id": null,
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "hewlett packard",
            "version": null
          },
          {
            "_id": null,
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "hostap",
            "version": null
          },
          {
            "_id": null,
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "ipfire",
            "version": null
          },
          {
            "_id": null,
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "intel",
            "version": null
          },
          {
            "_id": null,
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "juniper",
            "version": null
          },
          {
            "_id": null,
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "lancom",
            "version": null
          },
          {
            "_id": null,
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "lede",
            "version": null
          },
          {
            "_id": null,
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "lifx",
            "version": null
          },
          {
            "_id": null,
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "lenovo",
            "version": null
          },
          {
            "_id": null,
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "microchip",
            "version": null
          },
          {
            "_id": null,
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "microsoft",
            "version": null
          },
          {
            "_id": null,
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "mojo",
            "version": null
          },
          {
            "_id": null,
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "nest",
            "version": null
          },
          {
            "_id": null,
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "netbsd",
            "version": null
          },
          {
            "_id": null,
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "netgear",
            "version": null
          },
          {
            "_id": null,
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "opnsense",
            "version": null
          },
          {
            "_id": null,
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "omnirom",
            "version": null
          },
          {
            "_id": null,
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "open mesh",
            "version": null
          },
          {
            "_id": null,
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "openbsd",
            "version": null
          },
          {
            "_id": null,
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "peplink",
            "version": null
          },
          {
            "_id": null,
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "red hat",
            "version": null
          },
          {
            "_id": null,
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "riverbed",
            "version": null
          },
          {
            "_id": null,
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "rockwell automation",
            "version": null
          },
          {
            "_id": null,
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "ruckus",
            "version": null
          },
          {
            "_id": null,
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "suse linux",
            "version": null
          },
          {
            "_id": null,
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "samsung mobile",
            "version": null
          },
          {
            "_id": null,
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "sierra",
            "version": null
          },
          {
            "_id": null,
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "slackware linux",
            "version": null
          },
          {
            "_id": null,
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "sonos",
            "version": null
          },
          {
            "_id": null,
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "sony",
            "version": null
          },
          {
            "_id": null,
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "sophos",
            "version": null
          },
          {
            "_id": null,
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "synology",
            "version": null
          },
          {
            "_id": null,
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "tp link",
            "version": null
          },
          {
            "_id": null,
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "technicolor",
            "version": null
          },
          {
            "_id": null,
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "texas instruments",
            "version": null
          },
          {
            "_id": null,
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "toshiba commerce",
            "version": null
          },
          {
            "_id": null,
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "toshiba electronic devices storage",
            "version": null
          },
          {
            "_id": null,
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "toshiba memory",
            "version": null
          },
          {
            "_id": null,
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "turris omnia",
            "version": null
          },
          {
            "_id": null,
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "ubiquiti",
            "version": null
          },
          {
            "_id": null,
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "ubuntu",
            "version": null
          },
          {
            "_id": null,
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "volumio",
            "version": null
          },
          {
            "_id": null,
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "watchguard",
            "version": null
          },
          {
            "_id": null,
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "xiaomi",
            "version": null
          },
          {
            "_id": null,
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "xirrus",
            "version": null
          },
          {
            "_id": null,
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "zebra",
            "version": null
          },
          {
            "_id": null,
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "zyxel",
            "version": null
          },
          {
            "_id": null,
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "dd wrt",
            "version": null
          },
          {
            "_id": null,
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "eero",
            "version": null
          },
          {
            "_id": null,
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "pfsense",
            "version": null
          },
          {
            "_id": null,
            "model": "ubuntu",
            "scope": null,
            "trust": 0.8,
            "vendor": "canonical",
            "version": null
          },
          {
            "_id": null,
            "model": "gnu/linux",
            "scope": null,
            "trust": 0.8,
            "vendor": "debian",
            "version": null
          },
          {
            "_id": null,
            "model": "freebsd",
            "scope": null,
            "trust": 0.8,
            "vendor": "freebsd",
            "version": null
          },
          {
            "_id": null,
            "model": "leap",
            "scope": null,
            "trust": 0.8,
            "vendor": "opensuse",
            "version": null
          },
          {
            "_id": null,
            "model": "linux enterprise desktop",
            "scope": null,
            "trust": 0.8,
            "vendor": "suse",
            "version": null
          },
          {
            "_id": null,
            "model": "linux enterprise point of sale",
            "scope": null,
            "trust": 0.8,
            "vendor": "suse",
            "version": null
          },
          {
            "_id": null,
            "model": "linux enterprise server",
            "scope": null,
            "trust": 0.8,
            "vendor": "suse",
            "version": null
          },
          {
            "_id": null,
            "model": "openstack cloud",
            "scope": null,
            "trust": 0.8,
            "vendor": "suse",
            "version": null
          },
          {
            "_id": null,
            "model": "hostapd",
            "scope": null,
            "trust": 0.8,
            "vendor": "w1 fi",
            "version": null
          },
          {
            "_id": null,
            "model": "wpa supplicant",
            "scope": null,
            "trust": 0.8,
            "vendor": "w1 fi",
            "version": null
          },
          {
            "_id": null,
            "model": "enterprise linux desktop",
            "scope": null,
            "trust": 0.8,
            "vendor": "red hat",
            "version": null
          },
          {
            "_id": null,
            "model": "enterprise linux server",
            "scope": null,
            "trust": 0.8,
            "vendor": "red hat",
            "version": null
          },
          {
            "_id": null,
            "model": "edge gateway",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "nec",
            "version": null
          },
          {
            "_id": null,
            "model": "sr-m20ac1",
            "scope": "lte",
            "trust": 0.8,
            "vendor": "fujitsu",
            "version": "v02.10"
          },
          {
            "_id": null,
            "model": "sr-m20ac2",
            "scope": "lte",
            "trust": 0.8,
            "vendor": "fujitsu",
            "version": "v02.10"
          },
          {
            "_id": null,
            "model": "alliance wi-fi protected access 2",
            "scope": null,
            "trust": 0.6,
            "vendor": "wi fi",
            "version": null
          },
          {
            "_id": null,
            "model": "scalance w-700",
            "scope": "eq",
            "trust": 0.6,
            "vendor": "siemens",
            "version": "0"
          },
          {
            "_id": null,
            "model": null,
            "scope": "eq",
            "trust": 0.4,
            "vendor": "linux desktop",
            "version": "12"
          },
          {
            "_id": null,
            "model": null,
            "scope": "eq",
            "trust": 0.4,
            "vendor": "linux server",
            "version": "11"
          },
          {
            "_id": null,
            "model": "atom processor c3200 series for yocto project bsp mr4",
            "scope": null,
            "trust": 0.3,
            "vendor": "intel",
            "version": null
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "10.3.2"
          },
          {
            "_id": null,
            "model": "active management technology",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "intel",
            "version": "6.1"
          },
          {
            "_id": null,
            "model": "pyxis supplystation",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "bd",
            "version": "0"
          },
          {
            "_id": null,
            "model": "sinamics smart access module",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "siemens",
            "version": "v200"
          },
          {
            "_id": null,
            "model": "active management technology",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "intel",
            "version": "11.6.27.3264"
          },
          {
            "_id": null,
            "model": "meraki mr34",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "0"
          },
          {
            "_id": null,
            "model": "ck71a-atex",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "pepperl fuchs",
            "version": "0"
          },
          {
            "_id": null,
            "model": "arubaos",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "arubanetworks",
            "version": "6.5.2.0"
          },
          {
            "_id": null,
            "model": "macbook air",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "0"
          },
          {
            "_id": null,
            "model": "aironet series access points",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "18500"
          },
          {
            "_id": null,
            "model": "active management technology",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "intel",
            "version": "8.0"
          },
          {
            "_id": null,
            "model": "meraki mr26",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "0"
          },
          {
            "_id": null,
            "model": "arubaos",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "arubanetworks",
            "version": "6.4"
          },
          {
            "_id": null,
            "model": "aironet series access points",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "28000"
          },
          {
            "_id": null,
            "model": "enterprise linux for power big endian extended update support",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "redhat",
            "version": "-7.5"
          },
          {
            "_id": null,
            "model": "meraki mr84",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "0"
          },
          {
            "_id": null,
            "model": "contact fl wlan",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "phoenix",
            "version": "510x0"
          },
          {
            "_id": null,
            "model": "windows server r2 for itanium-based systems sp1",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "microsoft",
            "version": "2008"
          },
          {
            "_id": null,
            "model": "contact itc",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "phoenix",
            "version": "81130"
          },
          {
            "_id": null,
            "model": "enterprise linux workstation",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "redhat",
            "version": "7"
          },
          {
            "_id": null,
            "model": "active management technology",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "intel",
            "version": "10.0"
          },
          {
            "_id": null,
            "model": "dual band wireless-ac",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "intel",
            "version": "726519.51.0.0"
          },
          {
            "_id": null,
            "model": "enterprise linux server extended update support",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "redhat",
            "version": "-7.6"
          },
          {
            "_id": null,
            "model": "meraki mr18",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "0"
          },
          {
            "_id": null,
            "model": "arubaos",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "arubanetworks",
            "version": "8.1.0.3"
          },
          {
            "_id": null,
            "model": "scalance w1750d",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "siemens",
            "version": "0"
          },
          {
            "_id": null,
            "model": "secure ii med-surg bed",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "stryker",
            "version": "3002"
          },
          {
            "_id": null,
            "model": "contact fl wlan",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "phoenix",
            "version": "210x0"
          },
          {
            "_id": null,
            "model": "windows version for x64-based systems",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "microsoft",
            "version": "1015110"
          },
          {
            "_id": null,
            "model": "aironet access points",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "0"
          },
          {
            "_id": null,
            "model": "contact fl wlan ap",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "phoenix",
            "version": "24802-110"
          },
          {
            "_id": null,
            "model": "active management technology",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "intel",
            "version": "11.0"
          },
          {
            "_id": null,
            "model": "instantos",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "arubanetworks",
            "version": "6.5.4.1"
          },
          {
            "_id": null,
            "model": "tvos",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "10.2"
          },
          {
            "_id": null,
            "model": "wap371 wireless-ac n access point with single point setup",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "0"
          },
          {
            "_id": null,
            "model": "ex-handy",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "pepperl fuchs",
            "version": "2090"
          },
          {
            "_id": null,
            "model": "arubaos",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "arubanetworks",
            "version": "6.5.3.2"
          },
          {
            "_id": null,
            "model": "contact rad-80211-xd",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "phoenix",
            "version": "0"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "apple",
            "version": "11.2"
          },
          {
            "_id": null,
            "model": "contact fl wlan dap",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "phoenix",
            "version": "24802-110"
          },
          {
            "_id": null,
            "model": "dual band wireless-ac",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "intel",
            "version": "726519.10.9.1"
          },
          {
            "_id": null,
            "model": "arubaos",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "arubanetworks",
            "version": "6.3.1.25"
          },
          {
            "_id": null,
            "model": "pyxis medstation es",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "bd",
            "version": "0"
          },
          {
            "_id": null,
            "model": "wireless ip phone",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "88210"
          },
          {
            "_id": null,
            "model": "pyxis stockstation system",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "bd",
            "version": "0"
          },
          {
            "_id": null,
            "model": "macbook",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "0"
          },
          {
            "_id": null,
            "model": "dual band wireless-ac",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "intel",
            "version": "316819.51.7.1"
          },
          {
            "_id": null,
            "model": "dual band wireless-ac",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "intel",
            "version": "726519.10.9.2"
          },
          {
            "_id": null,
            "model": "scalance wlc712",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "siemens",
            "version": "0"
          },
          {
            "_id": null,
            "model": "contact fl wlan spa",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "phoenix",
            "version": "0"
          },
          {
            "_id": null,
            "model": "meraki mr62",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "0"
          },
          {
            "_id": null,
            "model": "simatic et200 pro im154-6 pn iwlan",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "siemens",
            "version": "0"
          },
          {
            "_id": null,
            "model": "tropos broadband mesh routers and bridges",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "abb",
            "version": "0"
          },
          {
            "_id": null,
            "model": "dual band wireless-ac",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "intel",
            "version": "316819.10.9.2"
          },
          {
            "_id": null,
            "model": "meraki mr33",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "0"
          },
          {
            "_id": null,
            "model": "instantos",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "arubanetworks",
            "version": "6.5.3.3"
          },
          {
            "_id": null,
            "model": "micros handheld terminal",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "oracle",
            "version": "0"
          },
          {
            "_id": null,
            "model": "windows server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "microsoft",
            "version": "20120"
          },
          {
            "_id": null,
            "model": "instantos",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "arubanetworks",
            "version": "6.5.2"
          },
          {
            "_id": null,
            "model": "dual band wireless-ac",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "intel",
            "version": "316018.33.9.2"
          },
          {
            "_id": null,
            "model": "windows version for 32-bit systems",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "microsoft",
            "version": "1017030"
          },
          {
            "_id": null,
            "model": "atom processor c3200 series for yocto project bsp mr4.1",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "intel",
            "version": null
          },
          {
            "_id": null,
            "model": "active management technology",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "intel",
            "version": "2.6"
          },
          {
            "_id": null,
            "model": "android",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "7.1.0"
          },
          {
            "_id": null,
            "model": "contact fl wlan",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "phoenix",
            "version": "110x0"
          },
          {
            "_id": null,
            "model": "windows for 32-bit systems",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "microsoft",
            "version": "100"
          },
          {
            "_id": null,
            "model": "s3 med-surg bed",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "stryker",
            "version": "3002"
          },
          {
            "_id": null,
            "model": "arubaos",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "arubanetworks",
            "version": "6.4.2.4"
          },
          {
            "_id": null,
            "model": "tvos",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "11.1"
          },
          {
            "_id": null,
            "model": "contact fl comserver wlan",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "phoenix",
            "version": "232/422/4850"
          },
          {
            "_id": null,
            "model": "airport base station",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "7.6.8"
          },
          {
            "_id": null,
            "model": "enterprise linux server update services for sap solutions",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "redhat",
            "version": "-7."
          },
          {
            "_id": null,
            "model": "active management technology",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "intel",
            "version": "7.1.91.3272"
          },
          {
            "_id": null,
            "model": "instantos",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "arubanetworks",
            "version": "4.2.4.9"
          },
          {
            "_id": null,
            "model": "contact fl wlan ap",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "phoenix",
            "version": "230802-110"
          },
          {
            "_id": null,
            "model": "android",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "6.1"
          },
          {
            "_id": null,
            "model": "enterprise linux for power little endian extended update supp",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "redhat",
            "version": "-7.6"
          },
          {
            "_id": null,
            "model": "meraki mr14",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "0"
          },
          {
            "_id": null,
            "model": "enterprise linux eus compute node",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "redhat",
            "version": "7.5"
          },
          {
            "_id": null,
            "model": "aironet series access points",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "18150"
          },
          {
            "_id": null,
            "model": "wireless client bridge 2.0.0.1-aruba501-b00",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "arubanetworks",
            "version": "501"
          },
          {
            "_id": null,
            "model": "enterprise linux server extended update support",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "redhat",
            "version": "-7.4"
          },
          {
            "_id": null,
            "model": "enterprise linux server tus",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "redhat",
            "version": "-7.6"
          },
          {
            "_id": null,
            "model": "dual band wireless-ac",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "intel",
            "version": "726018.33.9.2"
          },
          {
            "_id": null,
            "model": "airport express",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "0"
          },
          {
            "_id": null,
            "model": "meraki mr16",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "0"
          },
          {
            "_id": null,
            "model": "clarity engine",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "arubanetworks",
            "version": "1.0"
          },
          {
            "_id": null,
            "model": "meraki mr30h",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "0"
          },
          {
            "_id": null,
            "model": "airport extreme",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "0"
          },
          {
            "_id": null,
            "model": "windows server r2",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "microsoft",
            "version": "20120"
          },
          {
            "_id": null,
            "model": "dual band wireless-ac",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "intel",
            "version": "826520.0.2.3"
          },
          {
            "_id": null,
            "model": "android",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "8.0"
          },
          {
            "_id": null,
            "model": "contact bl2 bpc",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "phoenix",
            "version": "0"
          },
          {
            "_id": null,
            "model": "tvos",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "10.0.1"
          },
          {
            "_id": null,
            "model": "enterprise linux for ibm z systems",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "redhat",
            "version": "7"
          },
          {
            "_id": null,
            "model": "watch",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "0"
          },
          {
            "_id": null,
            "model": "meraki mr32",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "0"
          },
          {
            "_id": null,
            "model": "wpa supplicant",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "w1 f1",
            "version": "2.4"
          },
          {
            "_id": null,
            "model": "active management technology",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "intel",
            "version": "4.0"
          },
          {
            "_id": null,
            "model": "ruggedcom rx1400",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "siemens",
            "version": "0"
          },
          {
            "_id": null,
            "model": "cn70a-atex",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "pepperl fuchs",
            "version": "0"
          },
          {
            "_id": null,
            "model": "windows version for 32-bit systems",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "microsoft",
            "version": "1015110"
          },
          {
            "_id": null,
            "model": "arubaos",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "arubanetworks",
            "version": "6.5.3"
          },
          {
            "_id": null,
            "model": "pyxis parx handheld",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "bd",
            "version": "0"
          },
          {
            "_id": null,
            "model": "dual band wireless-ac",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "intel",
            "version": "726519.10"
          },
          {
            "_id": null,
            "model": "active management technology",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "intel",
            "version": "9.1.40.100"
          },
          {
            "_id": null,
            "model": "tvos",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "10.1.1"
          },
          {
            "_id": null,
            "model": "instantos",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "arubanetworks",
            "version": "6.5.3"
          },
          {
            "_id": null,
            "model": "windows rt",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "microsoft",
            "version": "8.1"
          },
          {
            "_id": null,
            "model": "meraki mr42",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "0"
          },
          {
            "_id": null,
            "model": "instantos",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "arubanetworks",
            "version": "4.3.1.6"
          },
          {
            "_id": null,
            "model": "airport base station",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "7.7.3"
          },
          {
            "_id": null,
            "model": "wap561 wireless-n dual radio selectable band access point",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "0"
          },
          {
            "_id": null,
            "model": "active management technology",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "intel",
            "version": "11.0.26.3000"
          },
          {
            "_id": null,
            "model": "instantos",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "arubanetworks",
            "version": "6.5.4.2"
          },
          {
            "_id": null,
            "model": "active management technology",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "intel",
            "version": "11.6"
          },
          {
            "_id": null,
            "model": "tvos",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "apple",
            "version": "11.2"
          },
          {
            "_id": null,
            "model": "active management technology",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "intel",
            "version": "6.0"
          },
          {
            "_id": null,
            "model": "windows server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "microsoft",
            "version": "2016"
          },
          {
            "_id": null,
            "model": "contact rad-whg/wlan-xd",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "phoenix",
            "version": "0"
          },
          {
            "_id": null,
            "model": "dual band wireless-ac",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "intel",
            "version": "726018.33.9.3"
          },
          {
            "_id": null,
            "model": "wi-fi update for boot camp",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "apple",
            "version": "6.4.0"
          },
          {
            "_id": null,
            "model": "suremark printer 2nr",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "toshiba",
            "version": "4610"
          },
          {
            "_id": null,
            "model": "android",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "7.1.1"
          },
          {
            "_id": null,
            "model": "arubaos",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "arubanetworks",
            "version": "6.5.4.2"
          },
          {
            "_id": null,
            "model": "enterprise linux for power little endian extended update supp",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "redhat",
            "version": "-7.5"
          },
          {
            "_id": null,
            "model": "enterprise linux for power little endian",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "redhat",
            "version": "7"
          },
          {
            "_id": null,
            "model": "dual band wireless-ac",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "intel",
            "version": "826520.0.0.0"
          },
          {
            "_id": null,
            "model": "tvos",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "10.2.1"
          },
          {
            "_id": null,
            "model": "arubaos",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "arubanetworks",
            "version": "6.3.1.8"
          },
          {
            "_id": null,
            "model": "windows server for x64-based systems sp2",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "microsoft",
            "version": "2008"
          },
          {
            "_id": null,
            "model": "pyxis supply roller",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "bd",
            "version": "0"
          },
          {
            "_id": null,
            "model": "airport base station",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "7.6.3"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "10.3"
          },
          {
            "_id": null,
            "model": "telepresence collaboration endpoint",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "0"
          },
          {
            "_id": null,
            "model": "active management technology",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "intel",
            "version": "6.2.61.3535"
          },
          {
            "_id": null,
            "model": "contact vmt",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "phoenix",
            "version": "70xx0"
          },
          {
            "_id": null,
            "model": "imac",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "0"
          },
          {
            "_id": null,
            "model": "meraki mr72",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "0"
          },
          {
            "_id": null,
            "model": "watchos",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "4"
          },
          {
            "_id": null,
            "model": "enterprise linux for power little endian extended update supp",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "redhat",
            "version": "-7.4"
          },
          {
            "_id": null,
            "model": "active management technology",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "intel",
            "version": "11.0.25.3001"
          },
          {
            "_id": null,
            "model": "arubaos",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "arubanetworks",
            "version": "8.1.0.4"
          },
          {
            "_id": null,
            "model": "active management technology",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "intel",
            "version": "9.1"
          },
          {
            "_id": null,
            "model": "enterprise linux server tus",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "redhat",
            "version": "-7.4"
          },
          {
            "_id": null,
            "model": "active management technology",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "intel",
            "version": "6.2"
          },
          {
            "_id": null,
            "model": "meraki mr53",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "0"
          },
          {
            "_id": null,
            "model": "tvos",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "10.1"
          },
          {
            "_id": null,
            "model": "wap551 wireless-n single radio selectable band access point",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "0"
          },
          {
            "_id": null,
            "model": "instantos",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "arubanetworks",
            "version": "4.2"
          },
          {
            "_id": null,
            "model": "instantos",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "arubanetworks",
            "version": "6.5.3.2"
          },
          {
            "_id": null,
            "model": "dual band wireless-ac",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "intel",
            "version": "316519.10"
          },
          {
            "_id": null,
            "model": "dual band wireless-ac",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "intel",
            "version": "826020.0.0.0"
          },
          {
            "_id": null,
            "model": "wap121 wireless-n access point with single point setup",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "0"
          },
          {
            "_id": null,
            "model": "active management technology",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "intel",
            "version": "2.5"
          },
          {
            "_id": null,
            "model": "active management technology",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "intel",
            "version": "11.6.0.1000"
          },
          {
            "_id": null,
            "model": "wireless client bridge 1.0.1.3-hp501-b0012",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "arubanetworks",
            "version": "501"
          },
          {
            "_id": null,
            "model": "i.roc ci70-ex",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "pepperl fuchs",
            "version": "0"
          },
          {
            "_id": null,
            "model": "arubaos",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "arubanetworks",
            "version": "6.5.0.0"
          },
          {
            "_id": null,
            "model": "dual band wireless-ac",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "intel",
            "version": "826020.0.2.2"
          },
          {
            "_id": null,
            "model": "active management technology",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "intel",
            "version": "7.1"
          },
          {
            "_id": null,
            "model": "cn70e-atex",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "pepperl fuchs",
            "version": "0"
          },
          {
            "_id": null,
            "model": "dual band wireless-ac",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "intel",
            "version": "726018.0.0.0"
          },
          {
            "_id": null,
            "model": "meraki mr24",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "0"
          },
          {
            "_id": null,
            "model": "suremark printer 1nr",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "toshiba",
            "version": "4610"
          },
          {
            "_id": null,
            "model": "enterprise linux for ibm z systems extended update support",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "redhat",
            "version": "-7.6"
          },
          {
            "_id": null,
            "model": "contact vmt",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "phoenix",
            "version": "50xx0"
          },
          {
            "_id": null,
            "model": "meraki mr74",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "0"
          },
          {
            "_id": null,
            "model": "ex-handy",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "pepperl fuchs",
            "version": "090"
          },
          {
            "_id": null,
            "model": "arubaos",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "arubanetworks",
            "version": "6.4.4.15"
          },
          {
            "_id": null,
            "model": "dual band wireless-ac",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "intel",
            "version": "316519.51.7.1"
          },
          {
            "_id": null,
            "model": "dual band wireless-ac",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "intel",
            "version": "726519.51.7.20"
          },
          {
            "_id": null,
            "model": "anyconnect secure mobility client",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "0"
          },
          {
            "_id": null,
            "model": "dual band wireless-ac",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "intel",
            "version": "726519.51.7.1"
          },
          {
            "_id": null,
            "model": "systems esp32",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "espressif",
            "version": "0"
          },
          {
            "_id": null,
            "model": "watchos",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "4.1"
          },
          {
            "_id": null,
            "model": "enterprise linux server extended update support",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "redhat",
            "version": "-7.5"
          },
          {
            "_id": null,
            "model": "micros handheld terminal 2.03.0.0.021r",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "oracle",
            "version": null
          },
          {
            "_id": null,
            "model": "aironet series access points",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "38000"
          },
          {
            "_id": null,
            "model": "pyxis parx",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "bd",
            "version": "0"
          },
          {
            "_id": null,
            "model": "dx70",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "0"
          },
          {
            "_id": null,
            "model": "arubaos",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "arubanetworks",
            "version": "6.5.1.9"
          },
          {
            "_id": null,
            "model": "enterprise linux server update services for sap solutions",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "redhat",
            "version": "-7.6"
          },
          {
            "_id": null,
            "model": "intouch critical care bed",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "stryker",
            "version": "2141"
          },
          {
            "_id": null,
            "model": "pyxis anesthesia es",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "bd",
            "version": "0"
          },
          {
            "_id": null,
            "model": "aironet series officeextend access points",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "18100"
          },
          {
            "_id": null,
            "model": "windows for x64-based systems",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "microsoft",
            "version": "8.10"
          },
          {
            "_id": null,
            "model": "dual band wireless-ac",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "intel",
            "version": "316819.10.9.1"
          },
          {
            "_id": null,
            "model": "active management technology",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "intel",
            "version": "10.0.55.3000"
          },
          {
            "_id": null,
            "model": "windows for 32-bit systems",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "microsoft",
            "version": "8.10"
          },
          {
            "_id": null,
            "model": "android",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "6.0"
          },
          {
            "_id": null,
            "model": "meraki mr66",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "0"
          },
          {
            "_id": null,
            "model": "dual band wireless-ac",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "intel",
            "version": "316519.10.9.1"
          },
          {
            "_id": null,
            "model": "airport base station",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "7.6"
          },
          {
            "_id": null,
            "model": "intouch critical care bed",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "stryker",
            "version": "2131"
          },
          {
            "_id": null,
            "model": "android",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "7.1.2"
          },
          {
            "_id": null,
            "model": "aironet series access points",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "18300"
          },
          {
            "_id": null,
            "model": "enterprise linux server aus",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "redhat",
            "version": "-7.6"
          },
          {
            "_id": null,
            "model": "enterprise linux for power big endian extended update support",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "redhat",
            "version": "-7.6"
          },
          {
            "_id": null,
            "model": "active management technology",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "intel",
            "version": "10.0.0.50.1004"
          },
          {
            "_id": null,
            "model": "arubaos",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "arubanetworks",
            "version": "6.4.1.0"
          },
          {
            "_id": null,
            "model": "wap321 wireless-n access point with single point setup",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "0"
          },
          {
            "_id": null,
            "model": "simatic iwlan-pb/link",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "siemens",
            "version": "0"
          },
          {
            "_id": null,
            "model": "aironet 1810w series access points",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "0"
          },
          {
            "_id": null,
            "model": "meraki mr52",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "0"
          },
          {
            "_id": null,
            "model": "enterprise linux for ibm z systems extended update support",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "redhat",
            "version": "-7.5"
          },
          {
            "_id": null,
            "model": "meraki mr12",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "0"
          },
          {
            "_id": null,
            "model": "airmesh msr",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "arubanetworks",
            "version": "0"
          },
          {
            "_id": null,
            "model": "dual band wireless-ac",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "intel",
            "version": "316519.51.7.20"
          },
          {
            "_id": null,
            "model": "watchos",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "apple",
            "version": "4.2"
          },
          {
            "_id": null,
            "model": "contact fl wlan ec",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "phoenix",
            "version": "24802-110"
          },
          {
            "_id": null,
            "model": "instantos",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "arubanetworks",
            "version": "4.2.4.8"
          },
          {
            "_id": null,
            "model": "systems esp8266",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "espressif",
            "version": "0"
          },
          {
            "_id": null,
            "model": "tv",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "0"
          },
          {
            "_id": null,
            "model": "pad-ex",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "pepperl fuchs",
            "version": "010"
          },
          {
            "_id": null,
            "model": "active management technology",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "intel",
            "version": "11.0.0.1205"
          },
          {
            "_id": null,
            "model": "ip phone",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "88610"
          },
          {
            "_id": null,
            "model": "clarity engine",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "arubanetworks",
            "version": "1.0.0.1"
          },
          {
            "_id": null,
            "model": "aironet series access points",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "15600"
          },
          {
            "_id": null,
            "model": "windows for 32-bit systems sp1",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "microsoft",
            "version": "7"
          },
          {
            "_id": null,
            "model": "instantos",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "arubanetworks",
            "version": "4.3.1.5"
          },
          {
            "_id": null,
            "model": "airport base station",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "7.6.2"
          },
          {
            "_id": null,
            "model": "active management technology",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "intel",
            "version": "8.1"
          },
          {
            "_id": null,
            "model": "active management technology",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "intel",
            "version": "11.8"
          },
          {
            "_id": null,
            "model": "windows for x64-based systems sp1",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "microsoft",
            "version": "7"
          },
          {
            "_id": null,
            "model": "enterprise linux for ibm z systems extended update support",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "redhat",
            "version": "-7.4"
          },
          {
            "_id": null,
            "model": "meraki mr58",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "0"
          },
          {
            "_id": null,
            "model": "windows version for 32-bit systems",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "microsoft",
            "version": "1016070"
          },
          {
            "_id": null,
            "model": "dual band wireless-ac",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "intel",
            "version": "316519.10.9.2"
          },
          {
            "_id": null,
            "model": "pyxis parassist system",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "bd",
            "version": "0"
          },
          {
            "_id": null,
            "model": "windows server for 32-bit systems sp2",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "microsoft",
            "version": "2008"
          },
          {
            "_id": null,
            "model": "instantos",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "arubanetworks",
            "version": "4.3"
          },
          {
            "_id": null,
            "model": "android",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "7.0"
          },
          {
            "_id": null,
            "model": "simatic mobile panel 277 iwlan",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "siemens",
            "version": "0"
          },
          {
            "_id": null,
            "model": "pyxis medstation t2",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "bd",
            "version": "40000"
          },
          {
            "_id": null,
            "model": "dual band wireless-ac",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "intel",
            "version": "826020.0.2.3"
          },
          {
            "_id": null,
            "model": "android",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "6.0.1"
          },
          {
            "_id": null,
            "model": "airport base station",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "7.6.1"
          },
          {
            "_id": null,
            "model": "dual band wireless-ac",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "intel",
            "version": "316519.51.0.0"
          },
          {
            "_id": null,
            "model": "wi-fi update for boot camp",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "0"
          },
          {
            "_id": null,
            "model": "enterprise linux server update services for sap solutions",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "redhat",
            "version": "-7.4"
          },
          {
            "_id": null,
            "model": "ipad",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "0"
          },
          {
            "_id": null,
            "model": "contact vmt",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "phoenix",
            "version": "30xx0"
          },
          {
            "_id": null,
            "model": "enterprise linux for power big endian",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "redhat",
            "version": "7"
          },
          {
            "_id": null,
            "model": "wpa supplicant",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "w1 f1",
            "version": "2.6"
          },
          {
            "_id": null,
            "model": "wireless client bridge",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "arubanetworks",
            "version": "5010"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "10.0.1"
          },
          {
            "_id": null,
            "model": "active management technology",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "intel",
            "version": "11.5"
          },
          {
            "_id": null,
            "model": "meraki mr11",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "0"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "10.3.3"
          },
          {
            "_id": null,
            "model": "pyxis anesthesia system",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "bd",
            "version": "40000"
          },
          {
            "_id": null,
            "model": "tvos",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "10.2.2"
          },
          {
            "_id": null,
            "model": "pyxis anesthesia system",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "bd",
            "version": "35000"
          },
          {
            "_id": null,
            "model": "automation stratix 15.3 jc1",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "rockwell",
            "version": "5100"
          },
          {
            "_id": null,
            "model": "enterprise linux server aus",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "redhat",
            "version": "-7.4"
          },
          {
            "_id": null,
            "model": "pyxis ciisafe workstation",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "bd",
            "version": "??0"
          },
          {
            "_id": null,
            "model": "enterprise linux for power big endian extended update support",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "redhat",
            "version": "-7.4"
          },
          {
            "_id": null,
            "model": "airport base station",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "7.6.7"
          },
          {
            "_id": null,
            "model": "dual band wireless-ac",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "intel",
            "version": "316819.51.0.0"
          },
          {
            "_id": null,
            "model": "ipad air",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "0"
          },
          {
            "_id": null,
            "model": "active management technology",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "intel",
            "version": "7.0"
          },
          {
            "_id": null,
            "model": "arubaos",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "arubanetworks",
            "version": "6.5.4.1"
          },
          {
            "_id": null,
            "model": "enterprise linux eus compute node",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "redhat",
            "version": "7.6"
          },
          {
            "_id": null,
            "model": "enterprise linux for scientific computing",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "redhat",
            "version": "7"
          },
          {
            "_id": null,
            "model": "active management technology",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "intel",
            "version": "8.1.71.3608"
          },
          {
            "_id": null,
            "model": "active management technology",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "intel",
            "version": "9.1.41.3024"
          },
          {
            "_id": null,
            "model": "arubaos",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "arubanetworks",
            "version": "6.4.2.1"
          },
          {
            "_id": null,
            "model": "enterprise linux eus compute node",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "redhat",
            "version": "7.4"
          },
          {
            "_id": null,
            "model": "dx80",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "0"
          },
          {
            "_id": null,
            "model": "active management technology",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "intel",
            "version": "9.0"
          },
          {
            "_id": null,
            "model": "contact bl2 ppc",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "phoenix",
            "version": "0"
          },
          {
            "_id": null,
            "model": "contact tpc",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "phoenix",
            "version": "60130"
          },
          {
            "_id": null,
            "model": "ipod touch",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "0"
          },
          {
            "_id": null,
            "model": "arubaos",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "arubanetworks",
            "version": "6.5.1"
          },
          {
            "_id": null,
            "model": "ck70a-atex",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "pepperl fuchs",
            "version": "0"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "10.2.1"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "10.3.1"
          },
          {
            "_id": null,
            "model": "dual band wireless-ac",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "intel",
            "version": "316819.51.7.20"
          },
          {
            "_id": null,
            "model": "macbook pro",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "0"
          },
          {
            "_id": null,
            "model": "dual band wireless-ac",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "intel",
            "version": "316819.10"
          },
          {
            "_id": null,
            "model": "windows for x64-based systems",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "microsoft",
            "version": "100"
          },
          {
            "_id": null,
            "model": "airport base station",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "7.7.8"
          },
          {
            "_id": null,
            "model": "active management technology",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "intel",
            "version": "9.5"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "10.1"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "10.2"
          },
          {
            "_id": null,
            "model": "airport base station",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "7.6.4"
          },
          {
            "_id": null,
            "model": "smart-ex",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "pepperl fuchs",
            "version": "010"
          },
          {
            "_id": null,
            "model": "dual band wireless-ac",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "intel",
            "version": "826520.0.2.2"
          },
          {
            "_id": null,
            "model": "dual band wireless-ac",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "intel",
            "version": "316018.33.9.3"
          },
          {
            "_id": null,
            "model": "tab-ex",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "pepperl fuchs",
            "version": "010"
          },
          {
            "_id": null,
            "model": "arubaos",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "arubanetworks",
            "version": "6.5.3.3"
          },
          {
            "_id": null,
            "model": "iphone",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "0"
          },
          {
            "_id": null,
            "model": "macmini",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "0"
          },
          {
            "_id": null,
            "model": "arubaos",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "arubanetworks",
            "version": "6.4.4.16"
          },
          {
            "_id": null,
            "model": "contact fl wlan epa",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "phoenix",
            "version": "0"
          },
          {
            "_id": null,
            "model": "airport time capsule",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "0"
          },
          {
            "_id": null,
            "model": "alliance wpa2 (wi-fi protected access",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "wi fi",
            "version": "2)0"
          },
          {
            "_id": null,
            "model": "airport base station",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "apple",
            "version": "7.7.9"
          },
          {
            "_id": null,
            "model": "scalance wlc711",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "siemens",
            "version": "0"
          },
          {
            "_id": null,
            "model": "ruggedcom rs9xxw",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "siemens",
            "version": "0"
          },
          {
            "_id": null,
            "model": "arubaos",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "arubanetworks",
            "version": "6.3.1.15"
          },
          {
            "_id": null,
            "model": "networks unifi access point",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ubiquiti",
            "version": "0"
          },
          {
            "_id": null,
            "model": "suremark printer 2cr",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "toshiba",
            "version": "4610"
          },
          {
            "_id": null,
            "model": "ip phone",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "88650"
          },
          {
            "_id": null,
            "model": "arubaos",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "arubanetworks",
            "version": "6.5.4"
          },
          {
            "_id": null,
            "model": "airport base station",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "7.7.7"
          },
          {
            "_id": null,
            "model": "instantos",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "arubanetworks",
            "version": "6.5.4"
          },
          {
            "_id": null,
            "model": "asa 5506w-x w/ firepower services",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "0"
          },
          {
            "_id": null,
            "model": "windows version for x64-based systems",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "microsoft",
            "version": "1016070"
          },
          {
            "_id": null,
            "model": "airport base station",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "apple",
            "version": "7.6.9"
          },
          {
            "_id": null,
            "model": "s3 med-surg bed",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "stryker",
            "version": "3005"
          },
          {
            "_id": null,
            "model": "dual band wireless-ac",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "intel",
            "version": "316018.0.0.0"
          },
          {
            "_id": null,
            "model": "smart-ex",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "pepperl fuchs",
            "version": "2010"
          },
          {
            "_id": null,
            "model": "windows version for x64-based systems",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "microsoft",
            "version": "1017030"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "11.1"
          },
          {
            "_id": null,
            "model": null,
            "scope": "eq",
            "trust": 0.2,
            "vendor": "ubuntu linux",
            "version": "14.04"
          },
          {
            "_id": null,
            "model": null,
            "scope": "eq",
            "trust": 0.2,
            "vendor": "ubuntu linux",
            "version": "16.04"
          },
          {
            "_id": null,
            "model": null,
            "scope": "eq",
            "trust": 0.2,
            "vendor": "ubuntu linux",
            "version": "17.04"
          },
          {
            "_id": null,
            "model": null,
            "scope": "eq",
            "trust": 0.2,
            "vendor": "debian linux",
            "version": "8.0"
          },
          {
            "_id": null,
            "model": null,
            "scope": "eq",
            "trust": 0.2,
            "vendor": "debian linux",
            "version": "9.0"
          },
          {
            "_id": null,
            "model": null,
            "scope": "eq",
            "trust": 0.2,
            "vendor": "freebsd",
            "version": "*"
          },
          {
            "_id": null,
            "model": null,
            "scope": "eq",
            "trust": 0.2,
            "vendor": "freebsd",
            "version": "10"
          },
          {
            "_id": null,
            "model": null,
            "scope": "eq",
            "trust": 0.2,
            "vendor": "freebsd",
            "version": "10.4"
          },
          {
            "_id": null,
            "model": null,
            "scope": "eq",
            "trust": 0.2,
            "vendor": "freebsd",
            "version": "11"
          },
          {
            "_id": null,
            "model": null,
            "scope": "eq",
            "trust": 0.2,
            "vendor": "freebsd",
            "version": "11.1"
          },
          {
            "_id": null,
            "model": null,
            "scope": "eq",
            "trust": 0.2,
            "vendor": "leap",
            "version": "42.2"
          },
          {
            "_id": null,
            "model": null,
            "scope": "eq",
            "trust": 0.2,
            "vendor": "leap",
            "version": "42.3"
          },
          {
            "_id": null,
            "model": null,
            "scope": "eq",
            "trust": 0.2,
            "vendor": "linux desktop",
            "version": "7"
          },
          {
            "_id": null,
            "model": null,
            "scope": "eq",
            "trust": 0.2,
            "vendor": "linux server",
            "version": "7"
          },
          {
            "_id": null,
            "model": null,
            "scope": "eq",
            "trust": 0.2,
            "vendor": "hostapd",
            "version": "0.2.4"
          },
          {
            "_id": null,
            "model": null,
            "scope": "eq",
            "trust": 0.2,
            "vendor": "hostapd",
            "version": "0.2.5"
          },
          {
            "_id": null,
            "model": null,
            "scope": "eq",
            "trust": 0.2,
            "vendor": "hostapd",
            "version": "0.2.6"
          },
          {
            "_id": null,
            "model": null,
            "scope": "eq",
            "trust": 0.2,
            "vendor": "hostapd",
            "version": "0.2.8"
          },
          {
            "_id": null,
            "model": null,
            "scope": "eq",
            "trust": 0.2,
            "vendor": "hostapd",
            "version": "0.3.7"
          },
          {
            "_id": null,
            "model": null,
            "scope": "eq",
            "trust": 0.2,
            "vendor": "hostapd",
            "version": "0.3.9"
          },
          {
            "_id": null,
            "model": null,
            "scope": "eq",
            "trust": 0.2,
            "vendor": "hostapd",
            "version": "0.3.10"
          },
          {
            "_id": null,
            "model": null,
            "scope": "eq",
            "trust": 0.2,
            "vendor": "hostapd",
            "version": "0.3.11"
          },
          {
            "_id": null,
            "model": null,
            "scope": "eq",
            "trust": 0.2,
            "vendor": "hostapd",
            "version": "0.4.7"
          },
          {
            "_id": null,
            "model": null,
            "scope": "eq",
            "trust": 0.2,
            "vendor": "hostapd",
            "version": "0.4.8"
          },
          {
            "_id": null,
            "model": null,
            "scope": "eq",
            "trust": 0.2,
            "vendor": "hostapd",
            "version": "0.4.9"
          },
          {
            "_id": null,
            "model": null,
            "scope": "eq",
            "trust": 0.2,
            "vendor": "hostapd",
            "version": "0.4.10"
          },
          {
            "_id": null,
            "model": null,
            "scope": "eq",
            "trust": 0.2,
            "vendor": "hostapd",
            "version": "0.4.11"
          },
          {
            "_id": null,
            "model": null,
            "scope": "eq",
            "trust": 0.2,
            "vendor": "hostapd",
            "version": "0.5.7"
          },
          {
            "_id": null,
            "model": null,
            "scope": "eq",
            "trust": 0.2,
            "vendor": "hostapd",
            "version": "0.5.8"
          },
          {
            "_id": null,
            "model": null,
            "scope": "eq",
            "trust": 0.2,
            "vendor": "hostapd",
            "version": "0.5.9"
          },
          {
            "_id": null,
            "model": null,
            "scope": "eq",
            "trust": 0.2,
            "vendor": "hostapd",
            "version": "0.5.10"
          },
          {
            "_id": null,
            "model": null,
            "scope": "eq",
            "trust": 0.2,
            "vendor": "hostapd",
            "version": "0.5.11"
          },
          {
            "_id": null,
            "model": null,
            "scope": "eq",
            "trust": 0.2,
            "vendor": "hostapd",
            "version": "0.6.8"
          },
          {
            "_id": null,
            "model": null,
            "scope": "eq",
            "trust": 0.2,
            "vendor": "hostapd",
            "version": "0.6.9"
          },
          {
            "_id": null,
            "model": null,
            "scope": "eq",
            "trust": 0.2,
            "vendor": "hostapd",
            "version": "0.6.10"
          },
          {
            "_id": null,
            "model": null,
            "scope": "eq",
            "trust": 0.2,
            "vendor": "hostapd",
            "version": "0.7.3"
          },
          {
            "_id": null,
            "model": null,
            "scope": "eq",
            "trust": 0.2,
            "vendor": "hostapd",
            "version": "1.0"
          },
          {
            "_id": null,
            "model": null,
            "scope": "eq",
            "trust": 0.2,
            "vendor": "hostapd",
            "version": "1.1"
          },
          {
            "_id": null,
            "model": null,
            "scope": "eq",
            "trust": 0.2,
            "vendor": "hostapd",
            "version": "2.0"
          },
          {
            "_id": null,
            "model": null,
            "scope": "eq",
            "trust": 0.2,
            "vendor": "hostapd",
            "version": "2.1"
          },
          {
            "_id": null,
            "model": null,
            "scope": "eq",
            "trust": 0.2,
            "vendor": "hostapd",
            "version": "2.2"
          },
          {
            "_id": null,
            "model": null,
            "scope": "eq",
            "trust": 0.2,
            "vendor": "hostapd",
            "version": "2.3"
          },
          {
            "_id": null,
            "model": null,
            "scope": "eq",
            "trust": 0.2,
            "vendor": "hostapd",
            "version": "2.4"
          },
          {
            "_id": null,
            "model": null,
            "scope": "eq",
            "trust": 0.2,
            "vendor": "hostapd",
            "version": "2.5"
          },
          {
            "_id": null,
            "model": null,
            "scope": "eq",
            "trust": 0.2,
            "vendor": "hostapd",
            "version": "2.6"
          },
          {
            "_id": null,
            "model": null,
            "scope": "eq",
            "trust": 0.2,
            "vendor": "wpa supplicant",
            "version": "0.2.4"
          },
          {
            "_id": null,
            "model": null,
            "scope": "eq",
            "trust": 0.2,
            "vendor": "wpa supplicant",
            "version": "0.2.5"
          },
          {
            "_id": null,
            "model": null,
            "scope": "eq",
            "trust": 0.2,
            "vendor": "wpa supplicant",
            "version": "0.2.6"
          },
          {
            "_id": null,
            "model": null,
            "scope": "eq",
            "trust": 0.2,
            "vendor": "wpa supplicant",
            "version": "0.2.7"
          },
          {
            "_id": null,
            "model": null,
            "scope": "eq",
            "trust": 0.2,
            "vendor": "wpa supplicant",
            "version": "0.2.8"
          },
          {
            "_id": null,
            "model": null,
            "scope": "eq",
            "trust": 0.2,
            "vendor": "wpa supplicant",
            "version": "0.3.7"
          },
          {
            "_id": null,
            "model": null,
            "scope": "eq",
            "trust": 0.2,
            "vendor": "wpa supplicant",
            "version": "0.3.8"
          },
          {
            "_id": null,
            "model": null,
            "scope": "eq",
            "trust": 0.2,
            "vendor": "wpa supplicant",
            "version": "0.3.9"
          },
          {
            "_id": null,
            "model": null,
            "scope": "eq",
            "trust": 0.2,
            "vendor": "wpa supplicant",
            "version": "0.3.10"
          },
          {
            "_id": null,
            "model": null,
            "scope": "eq",
            "trust": 0.2,
            "vendor": "wpa supplicant",
            "version": "0.3.11"
          },
          {
            "_id": null,
            "model": null,
            "scope": "eq",
            "trust": 0.2,
            "vendor": "wpa supplicant",
            "version": "0.4.7"
          },
          {
            "_id": null,
            "model": null,
            "scope": "eq",
            "trust": 0.2,
            "vendor": "wpa supplicant",
            "version": "0.4.8"
          },
          {
            "_id": null,
            "model": null,
            "scope": "eq",
            "trust": 0.2,
            "vendor": "wpa supplicant",
            "version": "0.4.9"
          },
          {
            "_id": null,
            "model": null,
            "scope": "eq",
            "trust": 0.2,
            "vendor": "wpa supplicant",
            "version": "0.4.10"
          },
          {
            "_id": null,
            "model": null,
            "scope": "eq",
            "trust": 0.2,
            "vendor": "wpa supplicant",
            "version": "0.4.11"
          },
          {
            "_id": null,
            "model": null,
            "scope": "eq",
            "trust": 0.2,
            "vendor": "wpa supplicant",
            "version": "0.5.7"
          },
          {
            "_id": null,
            "model": null,
            "scope": "eq",
            "trust": 0.2,
            "vendor": "wpa supplicant",
            "version": "0.5.8"
          },
          {
            "_id": null,
            "model": null,
            "scope": "eq",
            "trust": 0.2,
            "vendor": "wpa supplicant",
            "version": "0.5.9"
          },
          {
            "_id": null,
            "model": null,
            "scope": "eq",
            "trust": 0.2,
            "vendor": "wpa supplicant",
            "version": "0.5.10"
          },
          {
            "_id": null,
            "model": null,
            "scope": "eq",
            "trust": 0.2,
            "vendor": "wpa supplicant",
            "version": "0.5.11"
          },
          {
            "_id": null,
            "model": null,
            "scope": "eq",
            "trust": 0.2,
            "vendor": "wpa supplicant",
            "version": "0.6.8"
          },
          {
            "_id": null,
            "model": null,
            "scope": "eq",
            "trust": 0.2,
            "vendor": "wpa supplicant",
            "version": "0.6.9"
          },
          {
            "_id": null,
            "model": null,
            "scope": "eq",
            "trust": 0.2,
            "vendor": "wpa supplicant",
            "version": "0.6.10"
          },
          {
            "_id": null,
            "model": null,
            "scope": "eq",
            "trust": 0.2,
            "vendor": "wpa supplicant",
            "version": "0.7.3"
          },
          {
            "_id": null,
            "model": null,
            "scope": "eq",
            "trust": 0.2,
            "vendor": "wpa supplicant",
            "version": "1.0"
          },
          {
            "_id": null,
            "model": null,
            "scope": "eq",
            "trust": 0.2,
            "vendor": "wpa supplicant",
            "version": "1.1"
          },
          {
            "_id": null,
            "model": null,
            "scope": "eq",
            "trust": 0.2,
            "vendor": "wpa supplicant",
            "version": "2.0"
          },
          {
            "_id": null,
            "model": null,
            "scope": "eq",
            "trust": 0.2,
            "vendor": "wpa supplicant",
            "version": "2.1"
          },
          {
            "_id": null,
            "model": null,
            "scope": "eq",
            "trust": 0.2,
            "vendor": "wpa supplicant",
            "version": "2.2"
          },
          {
            "_id": null,
            "model": null,
            "scope": "eq",
            "trust": 0.2,
            "vendor": "wpa supplicant",
            "version": "2.3"
          },
          {
            "_id": null,
            "model": null,
            "scope": "eq",
            "trust": 0.2,
            "vendor": "wpa supplicant",
            "version": "2.4"
          },
          {
            "_id": null,
            "model": null,
            "scope": "eq",
            "trust": 0.2,
            "vendor": "wpa supplicant",
            "version": "2.5"
          },
          {
            "_id": null,
            "model": null,
            "scope": "eq",
            "trust": 0.2,
            "vendor": "wpa supplicant",
            "version": "2.6"
          },
          {
            "_id": null,
            "model": null,
            "scope": "eq",
            "trust": 0.2,
            "vendor": "linux point of sale",
            "version": "11"
          },
          {
            "_id": null,
            "model": null,
            "scope": "eq",
            "trust": 0.2,
            "vendor": "linux server",
            "version": "12"
          },
          {
            "_id": null,
            "model": null,
            "scope": "eq",
            "trust": 0.2,
            "vendor": "openstack cloud",
            "version": "6"
          }
        ],
        "sources": [
          {
            "db": "IVD",
            "id": "aa0be958-12f8-4c92-ba4f-8046a72e7fe0"
          },
          {
            "db": "CERT/CC",
            "id": "VU#228519"
          },
          {
            "db": "CNVD",
            "id": "CNVD-2017-30398"
          },
          {
            "db": "BID",
            "id": "101274"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201710-388"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2017-009178"
          },
          {
            "db": "NVD",
            "id": "CVE-2017-13087"
          }
        ]
      },
      "configurations": {
        "_id": null,
        "data": [
          {
            "CVE_data_version": "4.0",
            "nodes": [
              {
                "cpe_match": [
                  {
                    "cpe22Uri": "cpe:/o:canonical:ubuntu",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:debian:debian_linux",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:freebsd:freebsd",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:opensuse_project:leap",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:suse:linux_enterprise_desktop",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:suse:suse_linux_enterprise_point_of_sale",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:suse:linux_enterprise_server",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/a:suse:openstack_cloud",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/a:w1.fi:hostapd",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/a:w1.fi:wpa_supplicant",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:redhat:enterprise_linux_desktop",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:redhat:enterprise_linux_server",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:nec:nec_edge_gateway",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/a:fujitsu:sr-m20ac1",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/a:fujitsu:sr-m20ac2",
                    "vulnerable": true
                  }
                ],
                "operator": "OR"
              }
            ]
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2017-009178"
          }
        ]
      },
      "credits": {
        "_id": null,
        "data": "Mathy Vanhoef from imec-DistriNet and KU Leuven.",
        "sources": [
          {
            "db": "BID",
            "id": "101274"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201710-388"
          }
        ],
        "trust": 0.9
      },
      "cve": "CVE-2017-13087",
      "cvss": {
        "_id": null,
        "data": [
          {
            "cvssV2": [
              {
                "accessComplexity": "MEDIUM",
                "accessVector": "ADJACENT_NETWORK",
                "authentication": "NONE",
                "author": "nvd@nist.gov",
                "availabilityImpact": "NONE",
                "baseScore": 2.9,
                "confidentialityImpact": "NONE",
                "exploitabilityScore": 5.5,
                "id": "CVE-2017-13087",
                "impactScore": 2.9,
                "integrityImpact": "PARTIAL",
                "severity": "LOW",
                "trust": 1.9,
                "vectorString": "AV:A/AC:M/Au:N/C:N/I:P/A:N",
                "version": "2.0"
              },
              {
                "accessComplexity": "MEDIUM",
                "accessVector": "ADJACENT_NETWORK",
                "authentication": "NONE",
                "author": "CNVD",
                "availabilityImpact": "PARTIAL",
                "baseScore": 5.4,
                "confidentialityImpact": "PARTIAL",
                "exploitabilityScore": 5.5,
                "id": "CNVD-2017-30398",
                "impactScore": 6.4,
                "integrityImpact": "PARTIAL",
                "severity": "MEDIUM",
                "trust": 0.6,
                "vectorString": "AV:A/AC:M/Au:N/C:P/I:P/A:P",
                "version": "2.0"
              },
              {
                "accessComplexity": "MEDIUM",
                "accessVector": "ADJACENT_NETWORK",
                "authentication": "NONE",
                "author": "IVD",
                "availabilityImpact": "PARTIAL",
                "baseScore": 5.4,
                "confidentialityImpact": "PARTIAL",
                "exploitabilityScore": 5.5,
                "id": "aa0be958-12f8-4c92-ba4f-8046a72e7fe0",
                "impactScore": 6.4,
                "integrityImpact": "PARTIAL",
                "severity": "MEDIUM",
                "trust": 0.2,
                "vectorString": "AV:A/AC:M/Au:N/C:P/I:P/A:P",
                "version": "2.9 [IVD]"
              }
            ],
            "cvssV3": [
              {
                "attackComplexity": "HIGH",
                "attackVector": "ADJACENT",
                "author": "nvd@nist.gov",
                "availabilityImpact": "NONE",
                "baseScore": 5.3,
                "baseSeverity": "MEDIUM",
                "confidentialityImpact": "NONE",
                "exploitabilityScore": 1.6,
                "id": "CVE-2017-13087",
                "impactScore": 3.6,
                "integrityImpact": "HIGH",
                "privilegesRequired": "NONE",
                "scope": "UNCHANGED",
                "trust": 1.8,
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.0/AV:A/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N",
                "version": "3.0"
              }
            ],
            "severity": [
              {
                "author": "nvd@nist.gov",
                "id": "CVE-2017-13087",
                "trust": 1.0,
                "value": "MEDIUM"
              },
              {
                "author": "NVD",
                "id": "CVE-2017-13087",
                "trust": 0.8,
                "value": "Medium"
              },
              {
                "author": "CNVD",
                "id": "CNVD-2017-30398",
                "trust": 0.6,
                "value": "MEDIUM"
              },
              {
                "author": "CNNVD",
                "id": "CNNVD-201710-388",
                "trust": 0.6,
                "value": "MEDIUM"
              },
              {
                "author": "IVD",
                "id": "aa0be958-12f8-4c92-ba4f-8046a72e7fe0",
                "trust": 0.2,
                "value": "MEDIUM"
              },
              {
                "author": "VULMON",
                "id": "CVE-2017-13087",
                "trust": 0.1,
                "value": "LOW"
              }
            ]
          }
        ],
        "sources": [
          {
            "db": "IVD",
            "id": "aa0be958-12f8-4c92-ba4f-8046a72e7fe0"
          },
          {
            "db": "CNVD",
            "id": "CNVD-2017-30398"
          },
          {
            "db": "VULMON",
            "id": "CVE-2017-13087"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201710-388"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2017-009178"
          },
          {
            "db": "NVD",
            "id": "CVE-2017-13087"
          }
        ]
      },
      "description": {
        "_id": null,
        "data": "Wi-Fi Protected Access (WPA and WPA2) that support 802.11v allows reinstallation of the Group Temporal Key (GTK) when processing a Wireless Network Management (WNM) Sleep Mode Response frame, allowing an attacker within radio range to replay frames from access points to clients. An attacker within range of an affected AP and client may leverage these vulnerabilities to conduct attacks that are dependent on the data confidentiality protocols being used. Attacks may include arbitrary packet decryption and injection, TCP connection hijacking, HTTP content injection, or the replay of unicast and group-addressed frames. These vulnerabilities are referred to as Key Reinstallation Attacks or \"KRACK\" attacks. WPA (Wi-Fi Protected Access) is a system that protects wireless computer networks (Wi-Fi). A group key reload vulnerability exists in WPA2 wireless network sleep mode. WPA2  is prone to multiple security weaknesses. \nExploiting these issues may allow an unauthorized user to intercept and manipulate data or disclose sensitive information. -----BEGIN PGP SIGNED MESSAGE-----\nHash: SHA1\n\n=====================================================================\n                   Red Hat Security Advisory\n\nSynopsis:          Important: wpa_supplicant security update\nAdvisory ID:       RHSA-2017:2907-01\nProduct:           Red Hat Enterprise Linux\nAdvisory URL:      https://access.redhat.com/errata/RHSA-2017:2907\nIssue date:        2017-10-17\nCVE Names:         CVE-2017-13077 CVE-2017-13078 CVE-2017-13080 \n                   CVE-2017-13082 CVE-2017-13086 CVE-2017-13087 \n                   CVE-2017-13088 \n=====================================================================\n\n1. Summary:\n\nAn update for wpa_supplicant is now available for Red Hat Enterprise Linux\n7. \n\nRed Hat Product Security has rated this update as having a security impact\nof Important. A Common Vulnerability Scoring System (CVSS) base score,\nwhich gives a detailed severity rating, is available for each vulnerability\nfrom the CVE link(s) in the References section. Relevant releases/architectures:\n\nRed Hat Enterprise Linux Client (v. 7) - x86_64\nRed Hat Enterprise Linux ComputeNode (v. 7) - x86_64\nRed Hat Enterprise Linux Server (v. 7) - aarch64, ppc64, ppc64le, s390x, x86_64\nRed Hat Enterprise Linux Workstation (v. 7) - x86_64\n\n3. Description:\n\nThe wpa_supplicant packages contain an 802.1X Supplicant with support for\nWEP, WPA, WPA2 (IEEE 802.11i / RSN), and various EAP authentication\nmethods. They implement key negotiation with a WPA Authenticator for client\nstations and controls the roaming and IEEE 802.11 authentication and\nassociation of the WLAN driver. A remote attacker within Wi-Fi range\ncould exploit these attacks to decrypt Wi-Fi traffic or possibly inject\nforged Wi-Fi packets by manipulating cryptographic handshakes used by the\nWPA2 protocol. (CVE-2017-13077, CVE-2017-13078, CVE-2017-13080,\nCVE-2017-13082, CVE-2017-13086, CVE-2017-13087, CVE-2017-13088)\n\nRed Hat would like to thank CERT for reporting these issues. Upstream\nacknowledges Mathy Vanhoef (University of Leuven) as the original reporter\nof these issues. Solution:\n\nFor details on how to apply this update, which includes the changes\ndescribed in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\n5. Package List:\n\nRed Hat Enterprise Linux Client (v. 7):\n\nSource:\nwpa_supplicant-2.6-5.el7_4.1.src.rpm\n\nx86_64:\nwpa_supplicant-2.6-5.el7_4.1.x86_64.rpm\nwpa_supplicant-debuginfo-2.6-5.el7_4.1.x86_64.rpm\n\nRed Hat Enterprise Linux ComputeNode (v. 7):\n\nSource:\nwpa_supplicant-2.6-5.el7_4.1.src.rpm\n\nx86_64:\nwpa_supplicant-2.6-5.el7_4.1.x86_64.rpm\nwpa_supplicant-debuginfo-2.6-5.el7_4.1.x86_64.rpm\n\nRed Hat Enterprise Linux Server (v. 7):\n\nSource:\nwpa_supplicant-2.6-5.el7_4.1.src.rpm\n\naarch64:\nwpa_supplicant-2.6-5.el7_4.1.aarch64.rpm\nwpa_supplicant-debuginfo-2.6-5.el7_4.1.aarch64.rpm\n\nppc64:\nwpa_supplicant-2.6-5.el7_4.1.ppc64.rpm\nwpa_supplicant-debuginfo-2.6-5.el7_4.1.ppc64.rpm\n\nppc64le:\nwpa_supplicant-2.6-5.el7_4.1.ppc64le.rpm\nwpa_supplicant-debuginfo-2.6-5.el7_4.1.ppc64le.rpm\n\ns390x:\nwpa_supplicant-2.6-5.el7_4.1.s390x.rpm\nwpa_supplicant-debuginfo-2.6-5.el7_4.1.s390x.rpm\n\nx86_64:\nwpa_supplicant-2.6-5.el7_4.1.x86_64.rpm\nwpa_supplicant-debuginfo-2.6-5.el7_4.1.x86_64.rpm\n\nRed Hat Enterprise Linux Workstation (v. 7):\n\nSource:\nwpa_supplicant-2.6-5.el7_4.1.src.rpm\n\nx86_64:\nwpa_supplicant-2.6-5.el7_4.1.x86_64.rpm\nwpa_supplicant-debuginfo-2.6-5.el7_4.1.x86_64.rpm\n\nThese packages are GPG signed by Red Hat for security.  Our key and\ndetails on how to verify the signature are available from\nhttps://access.redhat.com/security/team/key/\n\n7. References:\n\nhttps://access.redhat.com/security/cve/CVE-2017-13077\nhttps://access.redhat.com/security/cve/CVE-2017-13078\nhttps://access.redhat.com/security/cve/CVE-2017-13080\nhttps://access.redhat.com/security/cve/CVE-2017-13082\nhttps://access.redhat.com/security/cve/CVE-2017-13086\nhttps://access.redhat.com/security/cve/CVE-2017-13087\nhttps://access.redhat.com/security/cve/CVE-2017-13088\nhttps://access.redhat.com/security/updates/classification/#important\nhttps://access.redhat.com/security/vulnerabilities/kracks\n\n8. Contact:\n\nThe Red Hat security contact is \u003csecalert@redhat.com\u003e. More contact\ndetails at https://access.redhat.com/security/team/contact/\n\nCopyright 2017 Red Hat, Inc. Those vulnerabilities applies to both the access point\n(implemented in hostapd) and the station (implemented in wpa_supplicant). \n\nAn attacker exploiting the vulnerabilities could force the vulnerable system to\nreuse cryptographic session keys, enabling a range of cryptographic attacks\nagainst the ciphers used in WPA1 and WPA2. \n\nFor the stable distribution (stretch), these problems have been fixed in\nversion 2:2.4-1+deb9u1. \n\nFor the testing distribution (buster), these problems have been fixed\nin version 2:2.4-1.1. \n\nFor the unstable distribution (sid), these problems have been fixed in\nversion 2:2.4-1.1. \n\nWe recommend that you upgrade your wpa packages. ==========================================================================\nUbuntu Security Notice USN-3455-1\nOctober 16, 2017\n\nwpa vulnerabilities\n==========================================================================\n\nA security issue affects these releases of Ubuntu and its derivatives:\n\n- Ubuntu 17.04\n- Ubuntu 16.04 LTS\n- Ubuntu 14.04 LTS\n\nSummary:\n\nSeveral security issues were fixed in wpa_supplicant. \n\nSoftware Description:\n- wpa: client support for WPA and WPA2\n\nDetails:\n\nMathy Vanhoef discovered that wpa_supplicant and hostapd incorrectly\nhandled WPA2. (CVE-2017-13077,\nCVE-2017-13078, CVE-2017-13079, CVE-2017-13080, CVE-2017-13081,\nCVE-2017-13082, CVE-2017-13086, CVE-2017-13087, CVE-2017-13088)\n\nImre Rad discovered that wpa_supplicant and hostapd incorrectly handled\ninvalid characters in passphrase parameters. A remote attacker could use\nthis issue to cause a denial of service. (CVE-2016-4476)\n\nImre Rad discovered that wpa_supplicant and hostapd incorrectly handled\ninvalid characters in passphrase parameters. A local attacker could use\nthis issue to cause a denial of service, or possibly execute arbitrary\ncode. (CVE-2016-4477)\n\nUpdate instructions:\n\nThe problem can be corrected by updating your system to the following\npackage versions:\n\nUbuntu 17.04:\n  hostapd                         2.4-0ubuntu9.1\n  wpasupplicant                   2.4-0ubuntu9.1\n\nUbuntu 16.04 LTS:\n  hostapd                         2.4-0ubuntu6.2\n  wpasupplicant                   2.4-0ubuntu6.2\n\nUbuntu 14.04 LTS:\n  hostapd                         2.1-0ubuntu1.5\n  wpasupplicant                   2.1-0ubuntu1.5\n\nAfter a standard system update you need to reboot your computer to make\nall the necessary changes. 6) - i386, x86_64\n\n3. \n\n\nHere are the details from the Slackware 14.2 ChangeLog:\n+--------------------------+\npatches/packages/wpa_supplicant-2.6-i586-1_slack14.2.txz:  Upgraded. \n  This update includes patches to mitigate the WPA2 protocol issues known\n  as \"KRACK\" (Key Reinstallation AttaCK), which may be used to decrypt data,\n  hijack TCP connections, and to forge and inject packets. \n  CVE-2017-13082: Accepting a retransmitted Fast BSS Transition (FT)\n    Reassociation Request and reinstalling the pairwise encryption key (PTK-TK)\n    while processing it. \n  For more information, see:\n    https://www.krackattacks.com/\n    https://w1.fi/security/2017-1/wpa-packet-number-reuse-with-replayed-messages.txt\n    https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-13077\n    https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-13078\n    https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-13079\n    https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-13080\n    https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-13081\n    https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-13082\n    https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-13084\n    https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-13086\n    https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-13087\n    https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-13088\n  (* Security fix *)\n+--------------------------+\n\n\nWhere to find the new packages:\n+-----------------------------+\n\nThanks to the friendly folks at the OSU Open Source Lab\n(http://osuosl.org) for donating FTP and rsync hosting\nto the Slackware project!  :-)\n\nAlso see the \"Get Slack\" section on http://slackware.com for\nadditional mirror sites near you. \n\nUpdated package for Slackware 14.0:\nftp://ftp.slackware.com/pub/slackware/slackware-14.0/patches/packages/wpa_supplicant-2.6-i486-1_slack14.0.txz\n\nUpdated package for Slackware x86_64 14.0:\nftp://ftp.slackware.com/pub/slackware/slackware64-14.0/patches/packages/wpa_supplicant-2.6-x86_64-1_slack14.0.txz\n\nUpdated package for Slackware 14.1:\nftp://ftp.slackware.com/pub/slackware/slackware-14.1/patches/packages/wpa_supplicant-2.6-i486-1_slack14.1.txz\n\nUpdated package for Slackware x86_64 14.1:\nftp://ftp.slackware.com/pub/slackware/slackware64-14.1/patches/packages/wpa_supplicant-2.6-x86_64-1_slack14.1.txz\n\nUpdated package for Slackware 14.2:\nftp://ftp.slackware.com/pub/slackware/slackware-14.2/patches/packages/wpa_supplicant-2.6-i586-1_slack14.2.txz\n\nUpdated package for Slackware x86_64 14.2:\nftp://ftp.slackware.com/pub/slackware/slackware64-14.2/patches/packages/wpa_supplicant-2.6-x86_64-1_slack14.2.txz\n\nUpdated package for Slackware -current:\nftp://ftp.slackware.com/pub/slackware/slackware-current/slackware/n/wpa_supplicant-2.6-i586-2.txz\n\nUpdated package for Slackware x86_64 -current:\nftp://ftp.slackware.com/pub/slackware/slackware64-current/slackware64/n/wpa_supplicant-2.6-x86_64-2.txz\n\n\nMD5 signatures:\n+-------------+\n\nSlackware 14.0 package:\nd8ecfaadb50b3547967ab53733ffc019  wpa_supplicant-2.6-i486-1_slack14.0.txz\n\nSlackware x86_64 14.0 package:\nf25216d28800504ce498705da7c9a825  wpa_supplicant-2.6-x86_64-1_slack14.0.txz\n\nSlackware 14.1 package:\n15c61050e4bab2581757befd86be74c0  wpa_supplicant-2.6-i486-1_slack14.1.txz\n\nSlackware x86_64 14.1 package:\n49fd537a520338744f7757615556d352  wpa_supplicant-2.6-x86_64-1_slack14.1.txz\n\nSlackware 14.2 package:\nc5539f40c8510af89be92945f0f80185  wpa_supplicant-2.6-i586-1_slack14.2.txz\n\nSlackware x86_64 14.2 package:\n4c527ff84fcdfd7839f217bbce2e4ae4  wpa_supplicant-2.6-x86_64-1_slack14.2.txz\n\nSlackware -current package:\n28bd88a54e96368f7a7020c1f5fb67fe  n/wpa_supplicant-2.6-i586-2.txz\n\nSlackware x86_64 -current package:\n464fc6b48d1ac077f47e9a3a8534c160  n/wpa_supplicant-2.6-x86_64-2.txz\n\n\nInstallation instructions:\n+------------------------+\n\nUpgrade the package as root:\n# upgradepkg wpa_supplicant-2.6-i586-1_slack14.2.txz\n\n\n+-----+\n\nSlackware Linux Security Team\nhttp://slackware.com/gpg-key\nsecurity@slackware.com\n\n+------------------------------------------------------------------------+\n| To leave the slackware-security mailing list:                          |\n+------------------------------------------------------------------------+\n| Send an email to majordomo@slackware.com with this text in the body of |\n| the email message:                                                     |\n|                                                                        |\n|   unsubscribe slackware-security                                       |\n|                                                                        |\n| You will get a confirmation message back containing instructions to    |\n| complete the process.  Please do not reply to this email address. -----BEGIN PGP SIGNED MESSAGE-----\nHash: SHA512\n\n=============================================================================\nFreeBSD-SA-17:07.wpa                                        Security Advisory\n                                                          The FreeBSD Project\n\nTopic:          WPA2 protocol vulnerability\n\nCategory:       contrib\nModule:         wpa\nAnnounced:      2017-10-16\nCredits:        Mathy Vanhoef\nAffects:        All supported versions of FreeBSD. \nCorrected:      2017-10-17 17:30:18 UTC (stable/11, 11.1-STABLE)\n                2017-10-17 17:57:18 UTC (releng/11.1, 11.1-RELEASE-p2)\n                2017-10-17 17:56:03 UTC (releng/11.0, 11.0-RELEASE-p13)\n                2017-10-19 03:18:22 UTC (stable/10, 10.4-STABLE)\n                2017-10-19 03:20:17 UTC (releng/10.4, 10.4-RELEASE-p1)\n                2017-10-19 03:19:42 UTC (releng/10.3, 10.3-RELEASE-p22)\nCVE Name:       CVE-2017-13077, CVE-2017-13078, CVE-2017-13079,\n                CVE-2017-13080, CVE-2017-13081, CVE-2017-13082,\n                CVE-2017-13086, CVE-2017-13087, CVE-2017-13088\n\nFor general information regarding FreeBSD Security Advisories,\nincluding descriptions of the fields above, security branches, and the\nfollowing sections, please visit \u003cURL:https://security.FreeBSD.org/\u003e. \n\n0.   Revision history\n\nv1.0  2017-10-17 Initial release. \nv1.1  2017-10-19 Add patches for 10.x releases. \n\nI. \n\nhostapd and wpa_supplicant are implementations of user space daemon for\naccess points and wireless client that implements the WPA2 protocol. \n\nII.  Problem Description\n\nA vulnerability was found in how a number of implementations can be\ntriggered to reconfigure WPA/WPA2/RSN keys (TK, GTK, or IGTK) by\nreplaying a specific frame that is used to manage the keys. \n\nIII. Impact\n\nSuch reinstallation of the encryption key can result in two different\ntypes of vulnerabilities: disabling replay protection and significantly\nreducing the security of encryption to the point of allowing frames to\nbe decrypted or some parts of the keys to be determined by an attacker\ndepending on which cipher is used. \n\nIV.  Workaround\n\nAn updated version of wpa_supplicant is available in the FreeBSD Ports\nCollection. Install version 2.6_2 or later of the\nsecurity/wpa_supplicant port/pkg. Once installed, update /etc/rc.conf\nto use the new binary:\n\nwpa_supplicant_program=\"/usr/local/sbin/wpa_supplicant\"\n\nand restart networking. \n\nAn updated version of hostapd is available in the FreeBSD Ports\nCollection. Install version 2.6_1 or later of the net/hostapd port/pkg. \nOnce installed, update /etc/rc.conf to use the new binary:\n\nhostapd_program=\"/usr/local/sbin/hostapd\"\n\nand restart hostapd. \n\nV.   Solution\n\nPerform one of the following:\n\n1) Upgrade your vulnerable system to a supported FreeBSD stable or\nrelease / security branch (releng) dated after the correction date. \n\nRestart the Wi-Fi network interfaces/hostapd or reboot the system. \n\n2) To update your vulnerable system via a binary patch:\n\nSystems running a RELEASE version of FreeBSD on the i386 or amd64\nplatforms can be updated via the freebsd-update(8) utility:\n\n# freebsd-update fetch\n# freebsd-update install\n\nRestart the Wi-Fi network interfaces/hostapd or reboot the system. \n\n3) To update your vulnerable system via a source code patch:\n\nThe following patches have been verified to apply to the applicable\nFreeBSD release branches. \n\na) Download the relevant patch from the location below, and verify the\ndetached PGP signature using your PGP utility. \n\n[FreeBSD 11.0-RELEASE, 11.1-RELEASE, and 11-STABLE]\n# fetch https://security.FreeBSD.org/patches/SA-17:07/wpa-11.patch\n# fetch https://security.FreeBSD.org/patches/SA-17:07/wpa-11.patch.asc\n# gpg --verify wpa-11.patch.asc\n\n[FreeBSD 10.3-RELEASE, 10.4-RELEASE, and 10-STABLE]\n# fetch https://security.FreeBSD.org/patches/SA-17:07/wpa-10.patch\n# fetch https://security.FreeBSD.org/patches/SA-17:07/wpa-10.patch.asc\n# gpg --verify wpa-10.patch.asc\n\nb) Apply the patch.  Execute the following commands as root:\n\n# cd /usr/src\n# patch \u003c /path/to/patch\n\nc) Recompile the operating system using buildworld and installworld as\ndescribed in \u003cURL:https://www.FreeBSD.org/handbook/makeworld.html\u003e. \n\nRestart the applicable daemons, or reboot the system. \n\nVI.  Correction details\n\nThe following list contains the correction revision numbers for each\naffected branch. \n\nBranch/path                                                      Revision\n- -------------------------------------------------------------------------\nstable/11/                                                        r324697\nreleng/11.0/                                                      r324698\nreleng/11.1/                                                      r324699\nstable/10/                                                        r324739\nreleng/10.3/                                                      r324740\nreleng/10.4/                                                      r324741\n- -------------------------------------------------------------------------\n\nTo see which files were modified by a particular revision, run the\nfollowing command, replacing NNNNNN with the revision number, on a\nmachine with Subversion installed:\n\n# svn diff -cNNNNNN --summarize svn://svn.freebsd.org/base\n\nOr visit the following URL, replacing NNNNNN with the revision number:\n\n\u003cURL:https://svnweb.freebsd.org/base?view=revision\u0026revision=NNNNNN\u003e\n\nVII. References\n\n\u003cURL:https://w1.fi/security/2017-1/wpa-packet-number-reuse-with-replayed-messages.txt\u003e\n\u003cURL:https://www.krackattacks.com/\u003e\n\nThe latest revision of this advisory is available at\n\u003cURL:https://security.FreeBSD.org/advisories/FreeBSD-SA-17:07.wpa.asc\u003e\n-----BEGIN PGP SIGNATURE-----\n\niQKTBAEBCgB9FiEEHPf/b631yp++G4yy7Wfs1l3PaucFAlnoGpNfFIAAAAAALgAo\naXNzdWVyLWZwckBub3RhdGlvbnMub3BlbnBncC5maWZ0aGhvcnNlbWFuLm5ldDFD\nRjdGRjZGQURGNUNBOUZCRTFCOENCMkVENjdFQ0Q2NURDRjZBRTcACgkQ7Wfs1l3P\nauc7WBAAm27w+fujv5sJsRxauUMopTVtRh5utwbDuoHTP+L+RCWmQfVBmueNQ0gf\nuJzMNxBIkbtY9LvyukpRsH3iD7mh26c0pd9rxxkkr4F96C9B5+W0amxJF1gdm54/\nF/50FpY+lo7cNs5tiBjypPrg8UOBBI/1G4XR7130XC0HjaTwt1ngZ0oQUWUMSsIp\ngN5ZfPul81WPWd1NqF+vyObcJhwq/Y1uoexoO27o7GQCFZoL3enZy8c4f1xqMlVM\n4HHkTgNGac6E0aW+ArH4J0DFFAOJXPqF8rdt+9XINfoBbtliIyOixJ4oh1n6eAR0\nVpBWZKFNyXSlUKIvDGa+LDhxgL1jJXV0ABSyKlUOijdmr3bbbiQE9MW/MNv2AFTd\nOAFQ0QQtm9KCWp5JLh+FPIb/kR2l7MOUP+yz4zFcJpdGtl9tDLyPN8vRTq60bY8O\ny7tBcf/SMqkd/AIFdchL4zrOguKnRARydIlwTarp8wtAQI3MKSsa1B0wgsDtlL6K\nxfdjnwWMKvKKlNOW16e1WXXO0n/ucHV4njBE+bGPro3jLgXP2/WFZpIGAR3I4xrr\nSdD4AxSNiR9f3bL7LRfMIbugJAylWNSlTLWUOVUv0/ONh85LqbcCj13NI230B64K\nETx2QOZgKnCs2oDNiw4aQHb7kvi2w94Iw/R1sAPkkxYJWO3reyE=\n=h/5q\n-----END PGP SIGNATURE-----\n",
        "sources": [
          {
            "db": "NVD",
            "id": "CVE-2017-13087"
          },
          {
            "db": "CERT/CC",
            "id": "VU#228519"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2017-009178"
          },
          {
            "db": "CNVD",
            "id": "CNVD-2017-30398"
          },
          {
            "db": "BID",
            "id": "101274"
          },
          {
            "db": "IVD",
            "id": "aa0be958-12f8-4c92-ba4f-8046a72e7fe0"
          },
          {
            "db": "VULMON",
            "id": "CVE-2017-13087"
          },
          {
            "db": "PACKETSTORM",
            "id": "144652"
          },
          {
            "db": "PACKETSTORM",
            "id": "144630"
          },
          {
            "db": "PACKETSTORM",
            "id": "144632"
          },
          {
            "db": "PACKETSTORM",
            "id": "144659"
          },
          {
            "db": "PACKETSTORM",
            "id": "144663"
          },
          {
            "db": "PACKETSTORM",
            "id": "144669"
          }
        ],
        "trust": 3.96
      },
      "external_ids": {
        "_id": null,
        "data": [
          {
            "db": "NVD",
            "id": "CVE-2017-13087",
            "trust": 4.2
          },
          {
            "db": "CERT/CC",
            "id": "VU#228519",
            "trust": 4.2
          },
          {
            "db": "BID",
            "id": "101274",
            "trust": 2.6
          },
          {
            "db": "LENOVO",
            "id": "LEN-17420",
            "trust": 2.5
          },
          {
            "db": "SECTRACK",
            "id": "1039577",
            "trust": 1.7
          },
          {
            "db": "SECTRACK",
            "id": "1039576",
            "trust": 1.7
          },
          {
            "db": "SECTRACK",
            "id": "1039581",
            "trust": 1.7
          },
          {
            "db": "SECTRACK",
            "id": "1039578",
            "trust": 1.7
          },
          {
            "db": "SECTRACK",
            "id": "1039573",
            "trust": 1.7
          },
          {
            "db": "SIEMENS",
            "id": "SSA-901333",
            "trust": 1.7
          },
          {
            "db": "CERT@VDE",
            "id": "VDE-2017-005",
            "trust": 1.7
          },
          {
            "db": "ICS CERT",
            "id": "ICSMA-18-114-01",
            "trust": 1.2
          },
          {
            "db": "ICS CERT",
            "id": "ICSMA-19-029-01",
            "trust": 1.1
          },
          {
            "db": "ICS CERT",
            "id": "ICSA-17-353-02",
            "trust": 1.1
          },
          {
            "db": "ICS CERT",
            "id": "ICSA-17-318-01",
            "trust": 1.1
          },
          {
            "db": "CNVD",
            "id": "CNVD-2017-30398",
            "trust": 0.8
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201710-388",
            "trust": 0.8
          },
          {
            "db": "JUNIPER",
            "id": "JSA10827",
            "trust": 0.8
          },
          {
            "db": "DLINK",
            "id": "SAP10075",
            "trust": 0.8
          },
          {
            "db": "ICS CERT",
            "id": "ICSA-17-318-02A",
            "trust": 0.8
          },
          {
            "db": "JVN",
            "id": "JVNVU90609033",
            "trust": 0.8
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2017-009178",
            "trust": 0.8
          },
          {
            "db": "AUSCERT",
            "id": "ESB-2020.4125",
            "trust": 0.6
          },
          {
            "db": "ICS CERT",
            "id": "ICSA-17-299-02",
            "trust": 0.3
          },
          {
            "db": "ICS CERT",
            "id": "ICSA-17-318-02",
            "trust": 0.3
          },
          {
            "db": "ICS CERT",
            "id": "ICSA-17-325-01",
            "trust": 0.3
          },
          {
            "db": "IVD",
            "id": "AA0BE958-12F8-4C92-BA4F-8046A72E7FE0",
            "trust": 0.2
          },
          {
            "db": "VULMON",
            "id": "CVE-2017-13087",
            "trust": 0.1
          },
          {
            "db": "PACKETSTORM",
            "id": "144652",
            "trust": 0.1
          },
          {
            "db": "PACKETSTORM",
            "id": "144630",
            "trust": 0.1
          },
          {
            "db": "PACKETSTORM",
            "id": "144632",
            "trust": 0.1
          },
          {
            "db": "PACKETSTORM",
            "id": "144659",
            "trust": 0.1
          },
          {
            "db": "PACKETSTORM",
            "id": "144663",
            "trust": 0.1
          },
          {
            "db": "PACKETSTORM",
            "id": "144669",
            "trust": 0.1
          }
        ],
        "sources": [
          {
            "db": "IVD",
            "id": "aa0be958-12f8-4c92-ba4f-8046a72e7fe0"
          },
          {
            "db": "CERT/CC",
            "id": "VU#228519"
          },
          {
            "db": "CNVD",
            "id": "CNVD-2017-30398"
          },
          {
            "db": "VULMON",
            "id": "CVE-2017-13087"
          },
          {
            "db": "BID",
            "id": "101274"
          },
          {
            "db": "PACKETSTORM",
            "id": "144652"
          },
          {
            "db": "PACKETSTORM",
            "id": "144630"
          },
          {
            "db": "PACKETSTORM",
            "id": "144632"
          },
          {
            "db": "PACKETSTORM",
            "id": "144659"
          },
          {
            "db": "PACKETSTORM",
            "id": "144663"
          },
          {
            "db": "PACKETSTORM",
            "id": "144669"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201710-388"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2017-009178"
          },
          {
            "db": "NVD",
            "id": "CVE-2017-13087"
          }
        ]
      },
      "id": "VAR-201710-0974",
      "iot": {
        "_id": null,
        "data": true,
        "sources": [
          {
            "db": "IVD",
            "id": "aa0be958-12f8-4c92-ba4f-8046a72e7fe0"
          },
          {
            "db": "CNVD",
            "id": "CNVD-2017-30398"
          }
        ],
        "trust": 1.3998271283333334
      },
      "iot_taxonomy": {
        "_id": null,
        "data": [
          {
            "category": [
              "ICS"
            ],
            "sub_category": null,
            "trust": 0.8
          }
        ],
        "sources": [
          {
            "db": "IVD",
            "id": "aa0be958-12f8-4c92-ba4f-8046a72e7fe0"
          },
          {
            "db": "CNVD",
            "id": "CNVD-2017-30398"
          }
        ]
      },
      "last_update_date": "2026-04-10T21:53:19.111000Z",
      "patch": {
        "_id": null,
        "data": [
          {
            "title": "ARUBA-PSA-2017-007",
            "trust": 0.8,
            "url": "http://www.arubanetworks.com/assets/alert/ARUBA-PSA-2017-007.txt"
          },
          {
            "title": "DSA-3999",
            "trust": 0.8,
            "url": "https://www.debian.org/security/2017/dsa-3999"
          },
          {
            "title": "FreeBSD-SA-17:07.wpa",
            "trust": 0.8,
            "url": "https://www.freebsd.org/security/advisories/FreeBSD-SA-17:07.wpa.asc"
          },
          {
            "title": "LEN-17420",
            "trust": 0.8,
            "url": "https://support.lenovo.com/jp/en/product_security/len-17420"
          },
          {
            "title": "NV17-024",
            "trust": 0.8,
            "url": "http://jpn.nec.com/security-info/secinfo/nv17-024.html"
          },
          {
            "title": "openSUSE-SU-2017:2755",
            "trust": 0.8,
            "url": "https://lists.opensuse.org/opensuse-security-announce/2017-10/msg00024.html"
          },
          {
            "title": "SUSE-SU-2017:2745",
            "trust": 0.8,
            "url": "https://lists.opensuse.org/opensuse-security-announce/2017-10/msg00020.html"
          },
          {
            "title": "SUSE-SU-2017:2752",
            "trust": 0.8,
            "url": "https://lists.opensuse.org/opensuse-security-announce/2017-10/msg00023.html"
          },
          {
            "title": "KRACKs - wpa_supplicant Multiple Vulnerabilities",
            "trust": 0.8,
            "url": "https://access.redhat.com/security/vulnerabilities/kracks"
          },
          {
            "title": "RHSA-2017:2907",
            "trust": 0.8,
            "url": "https://access.redhat.com/errata/RHSA-2017:2907"
          },
          {
            "title": "RHSA-2017:2911",
            "trust": 0.8,
            "url": "https://access.redhat.com/errata/RHSA-2017:2911"
          },
          {
            "title": "USN-3455-1",
            "trust": 0.8,
            "url": "https://usn.ubuntu.com/usn/USN-3455-1/"
          },
          {
            "title": "WPA packet number reuse with replayed messages and key reinstallation",
            "trust": 0.8,
            "url": "https://w1.fi/security/2017-1/wpa-packet-number-reuse-with-replayed-messages.txt"
          },
          {
            "title": "Wi-Fi\u306e\u8a8d\u8a3c\uff0f\u6697\u53f7\u5316\u6280\u8853WPA2\u304a\u3088\u3073WPA\u306e\u8907\u6570\u306e\u8106\u5f31\u6027\u306b\u3064\u3044\u3066  ",
            "trust": 0.8,
            "url": "http://www.fujitsu.com/jp/products/network/support/2017/srm-01/index.html"
          },
          {
            "title": "WPA2\u306e\u8106\u5f31\u6027\u306b\u95a2\u3059\u308b\u5f0a\u793e\u8abf\u67fb\u30fb\u5bfe\u5fdc\u72b6\u6cc1\u306b\u3064\u3044\u3066",
            "trust": 0.8,
            "url": "http://www.iodata.jp/support/information/2017/wpa2/"
          },
          {
            "title": "\u7121\u7ddaLAN \u8a8d\u8a3c\uff0f\u6697\u53f7\u5316\u6280\u8853WPA2\u304a\u3088\u3073WPA\u306b\u95a2\u3059\u308b\u8106\u5f31\u6027\u306e\u304a\u77e5\u3089\u305b ",
            "trust": 0.8,
            "url": "http://www.fmworld.net/biz/common/info/20171110/"
          },
          {
            "title": "Patch for WPA2 Wireless Network Sleep Mode Group Key Reload Vulnerability",
            "trust": 0.6,
            "url": "https://www.cnvd.org.cn/patchInfo/show/103826"
          },
          {
            "title": "Multiple WiFi product WPA2 Security vulnerabilities",
            "trust": 0.6,
            "url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=75502"
          },
          {
            "title": "Red Hat: Important: wpa_supplicant security update",
            "trust": 0.1,
            "url": "https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories\u0026qid=RHSA-20172911 - Security Advisory"
          },
          {
            "title": "Red Hat: Important: wpa_supplicant security update",
            "trust": 0.1,
            "url": "https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories\u0026qid=RHSA-20172907 - Security Advisory"
          },
          {
            "title": "Red Hat: CVE-2017-13087",
            "trust": 0.1,
            "url": "https://vulmon.com/vendoradvisory?qidtp=red_hat_cve_database\u0026qid=CVE-2017-13087"
          },
          {
            "title": "Arch Linux Issues: ",
            "trust": 0.1,
            "url": "https://vulmon.com/vendoradvisory?qidtp=arch_linux_issues\u0026qid=CVE-2017-13087"
          },
          {
            "title": "Ubuntu Security Notice: wpa vulnerabilities",
            "trust": 0.1,
            "url": "https://vulmon.com/vendoradvisory?qidtp=ubuntu_security_notice\u0026qid=USN-3455-1"
          },
          {
            "title": "Debian Security Advisories: DSA-3999-1 wpa -- security update",
            "trust": 0.1,
            "url": "https://vulmon.com/vendoradvisory?qidtp=debian_security_advisories\u0026qid=08990d9925276738bd732fa4d58f9ef0"
          },
          {
            "title": "Arch Linux Advisories: [ASA-201710-23] hostapd: man-in-the-middle",
            "trust": 0.1,
            "url": "https://vulmon.com/vendoradvisory?qidtp=arch_linux_advisories\u0026qid=ASA-201710-23"
          },
          {
            "title": "Arch Linux Advisories: [ASA-201710-22] wpa_supplicant: man-in-the-middle",
            "trust": 0.1,
            "url": "https://vulmon.com/vendoradvisory?qidtp=arch_linux_advisories\u0026qid=ASA-201710-22"
          },
          {
            "title": "Siemens Security Advisories: Siemens Security Advisory",
            "trust": 0.1,
            "url": "https://vulmon.com/vendoradvisory?qidtp=siemens_security_advisories\u0026qid=6df91267eee9400a24a98876f50ffe84"
          },
          {
            "title": "Android Security Bulletins: Android Security Bulletin\u2014November 2017",
            "trust": 0.1,
            "url": "https://vulmon.com/vendoradvisory?qidtp=android_security_bulletins\u0026qid=8c29eb008bb212762e5cfb25c7c5c0d5"
          },
          {
            "title": "Cisco: Multiple Vulnerabilities in Wi-Fi Protected Access and Wi-Fi Protected Access II",
            "trust": 0.1,
            "url": "https://vulmon.com/vendoradvisory?qidtp=cisco_security_advisories_and_alerts_ciscoproducts\u0026qid=cisco-sa-20171016-wpa"
          },
          {
            "title": "Oracle Linux Bulletins: Oracle Linux Bulletin - October 2017",
            "trust": 0.1,
            "url": "https://vulmon.com/vendoradvisory?qidtp=oracle_linux_bulletins\u0026qid=7251d5e5f2b1771951980ad7cfde50ba"
          },
          {
            "title": "KRACK",
            "trust": 0.1,
            "url": "https://github.com/chinatso/KRACK "
          },
          {
            "title": "krackinfo",
            "trust": 0.1,
            "url": "https://github.com/kristate/krackinfo "
          },
          {
            "title": "nixos-issue-db-example",
            "trust": 0.1,
            "url": "https://github.com/andir/nixos-issue-db-example "
          },
          {
            "title": "The Register",
            "trust": 0.1,
            "url": "https://www.theregister.co.uk/2017/11/07/android_november_security_update/"
          },
          {
            "title": "The Register",
            "trust": 0.1,
            "url": "https://www.theregister.co.uk/2017/10/16/wpa2_inscure_krackattack/"
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2017-30398"
          },
          {
            "db": "VULMON",
            "id": "CVE-2017-13087"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201710-388"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2017-009178"
          }
        ]
      },
      "problemtype_data": {
        "_id": null,
        "data": [
          {
            "problemtype": "CWE-330",
            "trust": 1.0
          },
          {
            "problemtype": "CWE-254",
            "trust": 0.8
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2017-009178"
          },
          {
            "db": "NVD",
            "id": "CVE-2017-13087"
          }
        ]
      },
      "references": {
        "_id": null,
        "data": [
          {
            "trust": 3.7,
            "url": "https://www.krackattacks.com/"
          },
          {
            "trust": 3.3,
            "url": "https://source.android.com/security/bulletin/2017-11-01"
          },
          {
            "trust": 2.9,
            "url": "http://www.securityfocus.com/bid/101274"
          },
          {
            "trust": 2.8,
            "url": "http://www.arubanetworks.com/assets/alert/aruba-psa-2017-007.txt"
          },
          {
            "trust": 2.8,
            "url": "https://tools.cisco.com/security/center/content/ciscosecurityadvisory/cisco-sa-20171016-wpa"
          },
          {
            "trust": 2.7,
            "url": "https://access.redhat.com/security/vulnerabilities/kracks"
          },
          {
            "trust": 2.5,
            "url": "http://www.debian.org/security/2017/dsa-3999"
          },
          {
            "trust": 2.2,
            "url": "https://access.redhat.com/errata/rhsa-2017:2911"
          },
          {
            "trust": 2.1,
            "url": "http://www.kb.cert.org/vuls/id/228519"
          },
          {
            "trust": 2.1,
            "url": "https://access.redhat.com/errata/rhsa-2017:2907"
          },
          {
            "trust": 1.8,
            "url": "https://w1.fi/security/2017-1/wpa-packet-number-reuse-with-replayed-messages.txt"
          },
          {
            "trust": 1.8,
            "url": "http://www.ubuntu.com/usn/usn-3455-1"
          },
          {
            "trust": 1.7,
            "url": "http://www.securitytracker.com/id/1039581"
          },
          {
            "trust": 1.7,
            "url": "http://www.securitytracker.com/id/1039578"
          },
          {
            "trust": 1.7,
            "url": "http://www.securitytracker.com/id/1039577"
          },
          {
            "trust": 1.7,
            "url": "http://www.securitytracker.com/id/1039576"
          },
          {
            "trust": 1.7,
            "url": "http://www.securitytracker.com/id/1039573"
          },
          {
            "trust": 1.7,
            "url": "https://support.lenovo.com/us/en/product_security/len-17420"
          },
          {
            "trust": 1.7,
            "url": "https://security.freebsd.org/advisories/freebsd-sa-17:07.wpa.asc"
          },
          {
            "trust": 1.7,
            "url": "http://lists.opensuse.org/opensuse-security-announce/2017-10/msg00024.html"
          },
          {
            "trust": 1.7,
            "url": "http://lists.opensuse.org/opensuse-security-announce/2017-10/msg00023.html"
          },
          {
            "trust": 1.7,
            "url": "http://lists.opensuse.org/opensuse-security-announce/2017-10/msg00020.html"
          },
          {
            "trust": 1.7,
            "url": "https://security.gentoo.org/glsa/201711-03"
          },
          {
            "trust": 1.7,
            "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-901333.pdf"
          },
          {
            "trust": 1.7,
            "url": "https://cert.vde.com/en-us/advisories/vde-2017-005"
          },
          {
            "trust": 1.4,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2017-13087"
          },
          {
            "trust": 1.2,
            "url": "https://ics-cert.us-cert.gov/advisories/icsma-18-114-01"
          },
          {
            "trust": 1.1,
            "url": "https://papers.mathyvanhoef.com/ccs2017.pdf"
          },
          {
            "trust": 1.1,
            "url": "https://w1.fi/security/2017-1/"
          },
          {
            "trust": 1.1,
            "url": "https://security-center.intel.com/advisory.aspx?intelid=intel-sa-00101\u0026languageid=en-fr"
          },
          {
            "trust": 1.1,
            "url": "https://portal.msrc.microsoft.com/en-us/security-guidance/advisory/cve-2017-13080"
          },
          {
            "trust": 1.1,
            "url": "https://ics-cert.us-cert.gov/advisories/icsa-17-353-02"
          },
          {
            "trust": 1.1,
            "url": "https://ics-cert.us-cert.gov/advisories/icsa-17-318-01"
          },
          {
            "trust": 1.1,
            "url": "https://ics-cert.us-cert.gov/advisories/icsma-19-029-01"
          },
          {
            "trust": 0.9,
            "url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2017-13087"
          },
          {
            "trust": 0.8,
            "url": "https://cwe.mitre.org/data/definitions/323.html"
          },
          {
            "trust": 0.8,
            "url": "https://actiontecsupport.zendesk.com/hc/en-us/articles/115005205283-krack-vulnerability"
          },
          {
            "trust": 0.8,
            "url": "https://www3.aerohive.com/support/security-bulletins/product-security-announcement-aerohives-response-to-krack-10162017.html"
          },
          {
            "trust": 0.8,
            "url": "https://www.al-enterprise.com/en/support/security-alert-krack"
          },
          {
            "trust": 0.8,
            "url": "https://support.apple.com/en-gb/ht208222"
          },
          {
            "trust": 0.8,
            "url": "https://security.archlinux.org/avg-447"
          },
          {
            "trust": 0.8,
            "url": "https://www.asus.com/static_webpage/asus-product-security-advisory/"
          },
          {
            "trust": 0.8,
            "url": "https://community.barracudanetworks.com/forum/index.php?/topic/23525-security-advisories/page-2"
          },
          {
            "trust": 0.8,
            "url": "https://lists.centos.org/pipermail/centos-announce/2017-october/022569.html"
          },
          {
            "trust": 0.8,
            "url": "https://community.cypress.com/docs/doc-13871"
          },
          {
            "trust": 0.8,
            "url": "http://supportannouncement.us.dlink.com/announcement/publication.aspx?name=sap10075"
          },
          {
            "trust": 0.8,
            "url": "http://www.dell.com/support/article/sln307822"
          },
          {
            "trust": 0.8,
            "url": "https://github.com/espressif/esp8266_nonos_sdk"
          },
          {
            "trust": 0.8,
            "url": "https://extremeportal.force.com/extrarticledetail?n=000018005"
          },
          {
            "trust": 0.8,
            "url": "https://bodhi.fedoraproject.org/updates/fedora-2017-60bfb576b7"
          },
          {
            "trust": 0.8,
            "url": "http://www.fortiguard.com/psirt/fg-ir-17-196"
          },
          {
            "trust": 0.8,
            "url": "https://www.freebsd.org/security/advisories/freebsd-sa-17:07.wpa.asc"
          },
          {
            "trust": 0.8,
            "url": "https://bugs.gentoo.org/634440"
          },
          {
            "trust": 0.8,
            "url": "https://support.hpe.com/hpsc/doc/public/display?sp4ts.oid=null\u0026doclocale=en_us\u0026docid=emr_na-a00029151en_us"
          },
          {
            "trust": 0.8,
            "url": "https://kb.juniper.net/jsa10827"
          },
          {
            "trust": 0.8,
            "url": "https://support.lenovo.com/ca/en/product_security/len-17420"
          },
          {
            "trust": 0.8,
            "url": "http://www.microchip.com/wwwproducts/en/atwinc1500"
          },
          {
            "trust": 0.8,
            "url": "http://mail-index.netbsd.org/source-changes/2017/10/16/msg088877.html"
          },
          {
            "trust": 0.8,
            "url": "https://kb.netgear.com/000049498/security-advisory-for-wpa-2-vulnerabilities-psv-2017-2826-psv-2017-2836-psv-2017-2837"
          },
          {
            "trust": 0.8,
            "url": "https://forum.peplink.com/t/security-advisory-wpa2-vulnerability-vu-228519/12715"
          },
          {
            "trust": 0.8,
            "url": "https://ruckus-www.s3.amazonaws.com/pdf/security/faq-security-advisory-id-101617-v1.0.pdf"
          },
          {
            "trust": 0.8,
            "url": "https://www.suse.com/de-de/support/kb/doc/?id=7022107"
          },
          {
            "trust": 0.8,
            "url": "https://source.sierrawireless.com/resources/airlink/software_reference_docs/technical-bulletin/sierra-wireless-technical-bulletin---wpa-and-wpa2-vulnerabilities/"
          },
          {
            "trust": 0.8,
            "url": "http://www.slackware.com/changelog/stable.php?cpu=x86_64"
          },
          {
            "trust": 0.8,
            "url": "https://community.sophos.com/kb/en-us/127658"
          },
          {
            "trust": 0.8,
            "url": "https://www.toshibacommerce.com/wps/myportal/%21ut/p/a1/rzrnc8igeiz_sw8egqhjcdmmwr8abw2dqcnfoyqotidrrk399uxrrwotuzgws7a87y6z88iuzmcq2u4uwcnlzypjnjj5-exr_wnhya-laxtrid-j3uchdtb8gylmuw6qzgktovtowsrrqlrs6-8dbeqhwc1mykqnlabgdjlf1yjvn7i5af4qtdwsn2tri7j"
          },
          {
            "trust": 0.8,
            "url": "http://www.toshiba-personalstorage.net/en/news/hdd/ot_notice/20171017.htm"
          },
          {
            "trust": 0.8,
            "url": "http://support.toshiba.com/support/staticcontentdetail?contentid=4015875\u0026isfromtoclink=false"
          },
          {
            "trust": 0.8,
            "url": "https://community.ubnt.com/t5/unifi-updates-blog/firmware-3-9-3-7537-for-uap-usw-has-been-released/ba-p/2099365"
          },
          {
            "trust": 0.8,
            "url": "https://usn.ubuntu.com/usn/usn-3455-1/"
          },
          {
            "trust": 0.8,
            "url": "http://en.miui.com/thread-954223-1-1.html"
          },
          {
            "trust": 0.8,
            "url": "https://www.zebra.com/content/dam/zebra_new_ia/en-us/support-and-downloads/lifeguard-security/krack-security-bulletin.pdf"
          },
          {
            "trust": 0.8,
            "url": "http://www.zyxel.com/support/announcement_wpa2_key_management.shtml"
          },
          {
            "trust": 0.8,
            "url": "https://supportcenter.checkpoint.com/supportcenter/portal?eventsubmit_dogoviewsolutiondetails=\u0026solutionid=sk120938"
          },
          {
            "trust": 0.8,
            "url": "https://community.rsa.com/docs/doc-84103"
          },
          {
            "trust": 0.8,
            "url": "https://support.f5.com/csp/article/k23642330"
          },
          {
            "trust": 0.8,
            "url": "https://forum.mikrotik.com/viewtopic.php?f=21\u0026t=126695"
          },
          {
            "trust": 0.8,
            "url": "https://community.linksys.com/t5/wireless-routers/krack-vulnerability/td-p/1218573"
          },
          {
            "trust": 0.8,
            "url": "https://ics-cert.us-cert.gov/advisories/icsa-17-318-02a"
          },
          {
            "trust": 0.8,
            "url": "https://www.ipa.go.jp/security/ciadr/vul/20171017_wpa2.html"
          },
          {
            "trust": 0.8,
            "url": "http://jvn.jp/vu/jvnvu90609033/index.html"
          },
          {
            "trust": 0.8,
            "url": "https://www.kb.cert.org/vuls/id/cheu-aqnmyp"
          },
          {
            "trust": 0.6,
            "url": "https://www.kb.cert.org/vuls/id/228519/"
          },
          {
            "trust": 0.6,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2017-13078"
          },
          {
            "trust": 0.6,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2017-13077"
          },
          {
            "trust": 0.6,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2017-13080"
          },
          {
            "trust": 0.6,
            "url": "https://www.auscert.org.au/bulletins/esb-2020.4125/"
          },
          {
            "trust": 0.5,
            "url": "https://access.redhat.com/security/cve/cve-2017-13077"
          },
          {
            "trust": 0.5,
            "url": "https://access.redhat.com/security/cve/cve-2017-13078"
          },
          {
            "trust": 0.5,
            "url": "https://access.redhat.com/security/cve/cve-2017-13080"
          },
          {
            "trust": 0.5,
            "url": "https://access.redhat.com/security/cve/cve-2017-13087"
          },
          {
            "trust": 0.5,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2017-13082"
          },
          {
            "trust": 0.5,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2017-13086"
          },
          {
            "trust": 0.5,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2017-13088"
          },
          {
            "trust": 0.4,
            "url": "https://access.redhat.com/security/cve/cve-2017-13082"
          },
          {
            "trust": 0.4,
            "url": "https://access.redhat.com/security/cve/cve-2017-13086"
          },
          {
            "trust": 0.4,
            "url": "https://access.redhat.com/security/cve/cve-2017-13088"
          },
          {
            "trust": 0.4,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2017-13081"
          },
          {
            "trust": 0.4,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2017-13079"
          },
          {
            "trust": 0.3,
            "url": "https://github.com/stevenhoneyman/wpa_gui/tree/master/wpa_supplicant-2.4"
          },
          {
            "trust": 0.3,
            "url": "http://www.wi-fi.org/index.php"
          },
          {
            "trust": 0.3,
            "url": "https://support.apple.com/en-ie/ht208847"
          },
          {
            "trust": 0.3,
            "url": "https://support.apple.com/en-in/ht208334"
          },
          {
            "trust": 0.3,
            "url": "https://support.apple.com/en-in/ht208327"
          },
          {
            "trust": 0.3,
            "url": "https://support.apple.com/en-in/ht208325"
          },
          {
            "trust": 0.3,
            "url": "https://lists.apple.com/archives/security-announce/2017/dec/msg00009.html"
          },
          {
            "trust": 0.3,
            "url": "https://lists.apple.com/archives/security-announce/2017/dec/msg00008.html"
          },
          {
            "trust": 0.3,
            "url": "https://lists.apple.com/archives/security-announce/2018/jul/msg00000.html"
          },
          {
            "trust": 0.3,
            "url": "https://access.redhat.com/security/cve/cve-2017-13079"
          },
          {
            "trust": 0.3,
            "url": "https://access.redhat.com/security/cve/cve-2017-13081"
          },
          {
            "trust": 0.3,
            "url": "https://access.redhat.com/security/cve/cve-2017-13084"
          },
          {
            "trust": 0.3,
            "url": "http://docs.fortinet.com/uploaded/files/3961/fortiap-v5.6.1-release-notes.pdf"
          },
          {
            "trust": 0.3,
            "url": "https://ics-cert.us-cert.gov/advisories/icsa-17-299-02"
          },
          {
            "trust": 0.3,
            "url": "https://ics-cert.us-cert.gov/advisories/icsa-17-318-02"
          },
          {
            "trust": 0.3,
            "url": "https://ics-cert.us-cert.gov/advisories/icsa-17-325-01"
          },
          {
            "trust": 0.3,
            "url": "http://www.oracle.com/technetwork/security-advisory/cpuapr2018-3678067.html"
          },
          {
            "trust": 0.2,
            "url": "https://access.redhat.com/security/updates/classification/#important"
          },
          {
            "trust": 0.2,
            "url": "https://access.redhat.com/articles/11258"
          },
          {
            "trust": 0.2,
            "url": "https://access.redhat.com/security/team/contact/"
          },
          {
            "trust": 0.2,
            "url": "https://www.redhat.com/mailman/listinfo/rhsa-announce"
          },
          {
            "trust": 0.2,
            "url": "https://bugzilla.redhat.com/):"
          },
          {
            "trust": 0.2,
            "url": "https://access.redhat.com/security/team/key/"
          },
          {
            "trust": 0.1,
            "url": "https://cwe.mitre.org/data/definitions/330.html"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov"
          },
          {
            "trust": 0.1,
            "url": "https://github.com/kristate/krackinfo"
          },
          {
            "trust": 0.1,
            "url": "https://www.debian.org/security/faq"
          },
          {
            "trust": 0.1,
            "url": "https://www.debian.org/security/"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2016-4476"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2016-4477"
          },
          {
            "trust": 0.1,
            "url": "https://launchpad.net/ubuntu/+source/wpa/2.1-0ubuntu1.5"
          },
          {
            "trust": 0.1,
            "url": "https://launchpad.net/ubuntu/+source/wpa/2.4-0ubuntu9.1"
          },
          {
            "trust": 0.1,
            "url": "https://launchpad.net/ubuntu/+source/wpa/2.4-0ubuntu6.2"
          },
          {
            "trust": 0.1,
            "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2017-13078"
          },
          {
            "trust": 0.1,
            "url": "http://slackware.com"
          },
          {
            "trust": 0.1,
            "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2017-13080"
          },
          {
            "trust": 0.1,
            "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2017-13082"
          },
          {
            "trust": 0.1,
            "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2017-13077"
          },
          {
            "trust": 0.1,
            "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2017-13081"
          },
          {
            "trust": 0.1,
            "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2017-13084"
          },
          {
            "trust": 0.1,
            "url": "http://slackware.com/gpg-key"
          },
          {
            "trust": 0.1,
            "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2017-13086"
          },
          {
            "trust": 0.1,
            "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2017-13088"
          },
          {
            "trust": 0.1,
            "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2017-13079"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2017-13084"
          },
          {
            "trust": 0.1,
            "url": "http://osuosl.org)"
          },
          {
            "trust": 0.1,
            "url": "https://security.freebsd.org/patches/sa-17:07/wpa-10.patch.asc"
          },
          {
            "trust": 0.1,
            "url": "https://security.freebsd.org/advisories/freebsd-sa-17:07.wpa.asc\u003e"
          },
          {
            "trust": 0.1,
            "url": "https://svnweb.freebsd.org/base?view=revision\u0026revision=nnnnnn\u003e"
          },
          {
            "trust": 0.1,
            "url": "https://www.krackattacks.com/\u003e"
          },
          {
            "trust": 0.1,
            "url": "https://security.freebsd.org/patches/sa-17:07/wpa-11.patch.asc"
          },
          {
            "trust": 0.1,
            "url": "https://security.freebsd.org/\u003e."
          },
          {
            "trust": 0.1,
            "url": "https://security.freebsd.org/patches/sa-17:07/wpa-11.patch"
          },
          {
            "trust": 0.1,
            "url": "https://security.freebsd.org/patches/sa-17:07/wpa-10.patch"
          },
          {
            "trust": 0.1,
            "url": "https://www.freebsd.org/handbook/makeworld.html\u003e."
          },
          {
            "trust": 0.1,
            "url": "https://w1.fi/security/2017-1/wpa-packet-number-reuse-with-replayed-messages.txt\u003e"
          }
        ],
        "sources": [
          {
            "db": "CERT/CC",
            "id": "VU#228519"
          },
          {
            "db": "CNVD",
            "id": "CNVD-2017-30398"
          },
          {
            "db": "VULMON",
            "id": "CVE-2017-13087"
          },
          {
            "db": "BID",
            "id": "101274"
          },
          {
            "db": "PACKETSTORM",
            "id": "144652"
          },
          {
            "db": "PACKETSTORM",
            "id": "144630"
          },
          {
            "db": "PACKETSTORM",
            "id": "144632"
          },
          {
            "db": "PACKETSTORM",
            "id": "144659"
          },
          {
            "db": "PACKETSTORM",
            "id": "144663"
          },
          {
            "db": "PACKETSTORM",
            "id": "144669"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201710-388"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2017-009178"
          },
          {
            "db": "NVD",
            "id": "CVE-2017-13087"
          }
        ]
      },
      "sources": {
        "_id": null,
        "data": [
          {
            "db": "IVD",
            "id": "aa0be958-12f8-4c92-ba4f-8046a72e7fe0",
            "ident": null
          },
          {
            "db": "CERT/CC",
            "id": "VU#228519",
            "ident": null
          },
          {
            "db": "CNVD",
            "id": "CNVD-2017-30398",
            "ident": null
          },
          {
            "db": "VULMON",
            "id": "CVE-2017-13087",
            "ident": null
          },
          {
            "db": "BID",
            "id": "101274",
            "ident": null
          },
          {
            "db": "PACKETSTORM",
            "id": "144652",
            "ident": null
          },
          {
            "db": "PACKETSTORM",
            "id": "144630",
            "ident": null
          },
          {
            "db": "PACKETSTORM",
            "id": "144632",
            "ident": null
          },
          {
            "db": "PACKETSTORM",
            "id": "144659",
            "ident": null
          },
          {
            "db": "PACKETSTORM",
            "id": "144663",
            "ident": null
          },
          {
            "db": "PACKETSTORM",
            "id": "144669",
            "ident": null
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201710-388",
            "ident": null
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2017-009178",
            "ident": null
          },
          {
            "db": "NVD",
            "id": "CVE-2017-13087",
            "ident": null
          }
        ]
      },
      "sources_release_date": {
        "_id": null,
        "data": [
          {
            "date": "2017-10-17T00:00:00",
            "db": "IVD",
            "id": "aa0be958-12f8-4c92-ba4f-8046a72e7fe0",
            "ident": null
          },
          {
            "date": "2017-10-16T00:00:00",
            "db": "CERT/CC",
            "id": "VU#228519",
            "ident": null
          },
          {
            "date": "2017-10-18T00:00:00",
            "db": "CNVD",
            "id": "CNVD-2017-30398",
            "ident": null
          },
          {
            "date": "2017-10-17T00:00:00",
            "db": "VULMON",
            "id": "CVE-2017-13087",
            "ident": null
          },
          {
            "date": "2017-10-16T00:00:00",
            "db": "BID",
            "id": "101274",
            "ident": null
          },
          {
            "date": "2017-10-17T16:52:00",
            "db": "PACKETSTORM",
            "id": "144652",
            "ident": null
          },
          {
            "date": "2017-10-16T13:49:34",
            "db": "PACKETSTORM",
            "id": "144630",
            "ident": null
          },
          {
            "date": "2017-10-16T23:23:00",
            "db": "PACKETSTORM",
            "id": "144632",
            "ident": null
          },
          {
            "date": "2017-10-18T20:20:00",
            "db": "PACKETSTORM",
            "id": "144659",
            "ident": null
          },
          {
            "date": "2017-10-18T20:44:00",
            "db": "PACKETSTORM",
            "id": "144663",
            "ident": null
          },
          {
            "date": "2017-10-19T14:28:55",
            "db": "PACKETSTORM",
            "id": "144669",
            "ident": null
          },
          {
            "date": "2017-10-17T00:00:00",
            "db": "CNNVD",
            "id": "CNNVD-201710-388",
            "ident": null
          },
          {
            "date": "2017-11-06T00:00:00",
            "db": "JVNDB",
            "id": "JVNDB-2017-009178",
            "ident": null
          },
          {
            "date": "2017-10-17T13:29:00.600000",
            "db": "NVD",
            "id": "CVE-2017-13087",
            "ident": null
          }
        ]
      },
      "sources_update_date": {
        "_id": null,
        "data": [
          {
            "date": "2017-11-16T00:00:00",
            "db": "CERT/CC",
            "id": "VU#228519",
            "ident": null
          },
          {
            "date": "2017-10-19T00:00:00",
            "db": "CNVD",
            "id": "CNVD-2017-30398",
            "ident": null
          },
          {
            "date": "2019-10-03T00:00:00",
            "db": "VULMON",
            "id": "CVE-2017-13087",
            "ident": null
          },
          {
            "date": "2019-02-21T09:00:00",
            "db": "BID",
            "id": "101274",
            "ident": null
          },
          {
            "date": "2020-11-23T00:00:00",
            "db": "CNNVD",
            "id": "CNNVD-201710-388",
            "ident": null
          },
          {
            "date": "2019-02-01T00:00:00",
            "db": "JVNDB",
            "id": "JVNDB-2017-009178",
            "ident": null
          },
          {
            "date": "2025-04-20T01:37:25.860000",
            "db": "NVD",
            "id": "CVE-2017-13087",
            "ident": null
          }
        ]
      },
      "threat_type": {
        "_id": null,
        "data": "remote or local",
        "sources": [
          {
            "db": "CNNVD",
            "id": "CNNVD-201710-388"
          }
        ],
        "trust": 0.6
      },
      "title": {
        "_id": null,
        "data": "Wi-Fi Protected Access (WPA) handshake traffic can be manipulated to induce nonce and session key reuse",
        "sources": [
          {
            "db": "CERT/CC",
            "id": "VU#228519"
          }
        ],
        "trust": 0.8
      },
      "type": {
        "_id": null,
        "data": "security feature problem",
        "sources": [
          {
            "db": "CNNVD",
            "id": "CNNVD-201710-388"
          }
        ],
        "trust": 0.6
      }
    }

    VAR-201710-0211

    Vulnerability from variot - Updated: 2026-03-09 20:10

    Wi-Fi Protected Access (WPA and WPA2) allows reinstallation of the Group Temporal Key (GTK) during the four-way handshake, allowing an attacker within radio range to replay frames from access points to clients. An attacker within range of an affected AP and client may leverage these vulnerabilities to conduct attacks that are dependent on the data confidentiality protocols being used. Attacks may include arbitrary packet decryption and injection, TCP connection hijacking, HTTP content injection, or the replay of unicast and group-addressed frames. These vulnerabilities are referred to as Key Reinstallation Attacks or "KRACK" attacks. WPA (Wi-Fi Protected Access) is a system that protects wireless computer networks (Wi-Fi). The WPA2 wireless network has a GTK group key reload vulnerability in the fourth handshake. WPA2 is prone to multiple security weaknesses. Exploiting these issues may allow an unauthorized user to intercept and manipulate data or disclose sensitive information. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1

    ===================================================================== Red Hat Security Advisory

    Synopsis: Important: wpa_supplicant security update Advisory ID: RHSA-2017:2907-01 Product: Red Hat Enterprise Linux Advisory URL: https://access.redhat.com/errata/RHSA-2017:2907 Issue date: 2017-10-17 CVE Names: CVE-2017-13077 CVE-2017-13078 CVE-2017-13080 CVE-2017-13082 CVE-2017-13086 CVE-2017-13087 CVE-2017-13088 =====================================================================

    1. Summary:

    An update for wpa_supplicant is now available for Red Hat Enterprise Linux 7.

    Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. Relevant releases/architectures:

    Red Hat Enterprise Linux Client (v. 7) - x86_64 Red Hat Enterprise Linux ComputeNode (v. 7) - x86_64 Red Hat Enterprise Linux Server (v. 7) - aarch64, ppc64, ppc64le, s390x, x86_64 Red Hat Enterprise Linux Workstation (v. 7) - x86_64

    1. Description:

    The wpa_supplicant packages contain an 802.1X Supplicant with support for WEP, WPA, WPA2 (IEEE 802.11i / RSN), and various EAP authentication methods. They implement key negotiation with a WPA Authenticator for client stations and controls the roaming and IEEE 802.11 authentication and association of the WLAN driver. A remote attacker within Wi-Fi range could exploit these attacks to decrypt Wi-Fi traffic or possibly inject forged Wi-Fi packets by manipulating cryptographic handshakes used by the WPA2 protocol. (CVE-2017-13077, CVE-2017-13078, CVE-2017-13080, CVE-2017-13082, CVE-2017-13086, CVE-2017-13087, CVE-2017-13088)

    Red Hat would like to thank CERT for reporting these issues. Upstream acknowledges Mathy Vanhoef (University of Leuven) as the original reporter of these issues. Solution:

    For details on how to apply this update, which includes the changes described in this advisory, refer to:

    https://access.redhat.com/articles/11258

    1. Package List:

    Red Hat Enterprise Linux Client (v. 7):

    Source: wpa_supplicant-2.6-5.el7_4.1.src.rpm

    x86_64: wpa_supplicant-2.6-5.el7_4.1.x86_64.rpm wpa_supplicant-debuginfo-2.6-5.el7_4.1.x86_64.rpm

    Red Hat Enterprise Linux ComputeNode (v. 7):

    Source: wpa_supplicant-2.6-5.el7_4.1.src.rpm

    x86_64: wpa_supplicant-2.6-5.el7_4.1.x86_64.rpm wpa_supplicant-debuginfo-2.6-5.el7_4.1.x86_64.rpm

    Red Hat Enterprise Linux Server (v. 7):

    Source: wpa_supplicant-2.6-5.el7_4.1.src.rpm

    aarch64: wpa_supplicant-2.6-5.el7_4.1.aarch64.rpm wpa_supplicant-debuginfo-2.6-5.el7_4.1.aarch64.rpm

    ppc64: wpa_supplicant-2.6-5.el7_4.1.ppc64.rpm wpa_supplicant-debuginfo-2.6-5.el7_4.1.ppc64.rpm

    ppc64le: wpa_supplicant-2.6-5.el7_4.1.ppc64le.rpm wpa_supplicant-debuginfo-2.6-5.el7_4.1.ppc64le.rpm

    s390x: wpa_supplicant-2.6-5.el7_4.1.s390x.rpm wpa_supplicant-debuginfo-2.6-5.el7_4.1.s390x.rpm

    x86_64: wpa_supplicant-2.6-5.el7_4.1.x86_64.rpm wpa_supplicant-debuginfo-2.6-5.el7_4.1.x86_64.rpm

    Red Hat Enterprise Linux Workstation (v. 7):

    Source: wpa_supplicant-2.6-5.el7_4.1.src.rpm

    x86_64: wpa_supplicant-2.6-5.el7_4.1.x86_64.rpm wpa_supplicant-debuginfo-2.6-5.el7_4.1.x86_64.rpm

    These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key/

    1. References:

    https://access.redhat.com/security/cve/CVE-2017-13077 https://access.redhat.com/security/cve/CVE-2017-13078 https://access.redhat.com/security/cve/CVE-2017-13080 https://access.redhat.com/security/cve/CVE-2017-13082 https://access.redhat.com/security/cve/CVE-2017-13086 https://access.redhat.com/security/cve/CVE-2017-13087 https://access.redhat.com/security/cve/CVE-2017-13088 https://access.redhat.com/security/updates/classification/#important https://access.redhat.com/security/vulnerabilities/kracks

    1. Contact:

    The Red Hat security contact is secalert@redhat.com. More contact details at https://access.redhat.com/security/team/contact/

    Copyright 2017 Red Hat, Inc. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512

    APPLE-SA-2017-12-12-2 AirPort Base Station Firmware Update 7.7.9

    AirPort Base Station Firmware Update 7.7.9 is now available and addresses the following:

    AirPort Base Station Firmware Available for: AirPort Extreme and AirPort Time Capsule base stations with 802.11ac Impact: An attacker within range may be able to execute arbitrary code on the Wi-Fi chip Description: A memory corruption issue was addressed with improved memory handling. CVE-2017-9417: Nitay Artenstein of Exodus Intelligence

    AirPort Base Station Firmware Available for: AirPort Extreme and AirPort Time Capsule base stations with 802.11ac Impact: An attacker in Wi-Fi range may force nonce reuse in WPA unicast/PTK clients (Key Reinstallation Attacks - KRACK) Description: A logic issue existed in the handling of state transitions. This was addressed with improved state management. CVE-2017-13077: Mathy Vanhoef of the imec-DistriNet group at KU Leuven CVE-2017-13078: Mathy Vanhoef of the imec-DistriNet group at KU Leuven

    AirPort Base Station Firmware Available for: AirPort Extreme and AirPort Time Capsule base stations with 802.11ac Impact: An attacker in Wi-Fi range may force nonce reuse in WPA multicast/GTK clients (Key Reinstallation Attacks - KRACK) Description: A logic issue existed in the handling of state transitions. This was addressed with improved state management. CVE-2017-13080: Mathy Vanhoef of the imec-DistriNet group at KU Leuven

    Installation note:

    Firmware version 7.7.9 is installed on AirPort Extreme or AirPort Time Capsule base stations with 802.11ac using AirPort Utility for Mac or iOS.

    AirPort Utility for Mac is a free download from https://support.apple.com/downloads/ and AirPort Utility for iOS is a free download from the App Store. CVE-2017-13080: Mathy Vanhoef of the imec-DistriNet group at KU Leuven

    Installation note:

    Wi-Fi Update for Boot Camp 6.4.0 may be obtained from Apple Software Update for Windows. Those vulnerabilities applies to both the access point (implemented in hostapd) and the station (implemented in wpa_supplicant).

    An attacker exploiting the vulnerabilities could force the vulnerable system to reuse cryptographic session keys, enabling a range of cryptographic attacks against the ciphers used in WPA1 and WPA2.

    For the stable distribution (stretch), these problems have been fixed in version 2:2.4-1+deb9u1.

    For the testing distribution (buster), these problems have been fixed in version 2:2.4-1.1.

    For the unstable distribution (sid), these problems have been fixed in version 2:2.4-1.1.

    We recommend that you upgrade your wpa packages. ========================================================================== Ubuntu Security Notice USN-3455-1 October 16, 2017

    wpa vulnerabilities

    A security issue affects these releases of Ubuntu and its derivatives:

    • Ubuntu 17.04
    • Ubuntu 16.04 LTS
    • Ubuntu 14.04 LTS

    Summary:

    Several security issues were fixed in wpa_supplicant.

    Software Description: - wpa: client support for WPA and WPA2

    Details:

    Mathy Vanhoef discovered that wpa_supplicant and hostapd incorrectly handled WPA2. (CVE-2017-13077, CVE-2017-13078, CVE-2017-13079, CVE-2017-13080, CVE-2017-13081, CVE-2017-13082, CVE-2017-13086, CVE-2017-13087, CVE-2017-13088)

    Imre Rad discovered that wpa_supplicant and hostapd incorrectly handled invalid characters in passphrase parameters. A remote attacker could use this issue to cause a denial of service. (CVE-2016-4476)

    Imre Rad discovered that wpa_supplicant and hostapd incorrectly handled invalid characters in passphrase parameters. A local attacker could use this issue to cause a denial of service, or possibly execute arbitrary code. (CVE-2016-4477)

    Update instructions:

    The problem can be corrected by updating your system to the following package versions:

    Ubuntu 17.04: hostapd 2.4-0ubuntu9.1 wpasupplicant 2.4-0ubuntu9.1

    Ubuntu 16.04 LTS: hostapd 2.4-0ubuntu6.2 wpasupplicant 2.4-0ubuntu6.2

    Ubuntu 14.04 LTS: hostapd 2.1-0ubuntu1.5 wpasupplicant 2.1-0ubuntu1.5

    After a standard system update you need to reboot your computer to make all the necessary changes. - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Gentoo Linux Security Advisory GLSA 201711-03


                                           https://security.gentoo.org/
    

    Severity: Normal Title: hostapd and wpa_supplicant: Key Reinstallation (KRACK) attacks Date: November 10, 2017 Bugs: #634436, #634438 ID: 201711-03


    Synopsis

    A flaw was discovered in the 4-way handshake in hostapd and wpa_supplicant that allows attackers to conduct a Man in the Middle attack.

    Affected packages

    -------------------------------------------------------------------
     Package              /     Vulnerable     /            Unaffected
    -------------------------------------------------------------------
    

    1 net-wireless/hostapd < 2.6-r1 >= 2.6-r1 2 net-wireless/wpa_supplicant < 2.6-r3 >= 2.6-r3 ------------------------------------------------------------------- 2 affected packages

    Description

    WiFi Protected Access (WPA and WPA2) and it's associated technologies are all vulnerable to the KRACK attacks. Please review the referenced CVE identifiers for details.

    Impact

    An attacker can carry out the KRACK attacks on a wireless network in order to gain access to network clients. Once achieved, the attacker can potentially harvest confidential information (e.g. HTTP/HTTPS), inject malware, or perform a myriad of other attacks.

    Workaround

    There is no known workaround at this time.

    Resolution

    All hostapd users should upgrade to the latest version:

    # emerge --sync # emerge --ask --oneshot --verbose ">=net-wireless/hostapd-2.6-r1"

    All wpa_supplicant users should upgrade to the latest version:

    # emerge --sync # emerge --ask --oneshot -v ">=net-wireless/wpa_supplicant-2.6-r3"

    References

    [ 1 ] CVE-2017-13077 https://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-13077 [ 2 ] CVE-2017-13078 https://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-13078 [ 3 ] CVE-2017-13079 https://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-13079 [ 4 ] CVE-2017-13080 . -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512

    ============================================================================= FreeBSD-SA-17:07.wpa Security Advisory The FreeBSD Project

    Topic: WPA2 protocol vulnerability

    Category: contrib Module: wpa Announced: 2017-10-16 Credits: Mathy Vanhoef Affects: All supported versions of FreeBSD. Corrected: 2017-10-17 17:30:18 UTC (stable/11, 11.1-STABLE) 2017-10-17 17:57:18 UTC (releng/11.1, 11.1-RELEASE-p2) 2017-10-17 17:56:03 UTC (releng/11.0, 11.0-RELEASE-p13) 2017-10-19 03:18:22 UTC (stable/10, 10.4-STABLE) 2017-10-19 03:20:17 UTC (releng/10.4, 10.4-RELEASE-p1) 2017-10-19 03:19:42 UTC (releng/10.3, 10.3-RELEASE-p22) CVE Name: CVE-2017-13077, CVE-2017-13078, CVE-2017-13079, CVE-2017-13080, CVE-2017-13081, CVE-2017-13082, CVE-2017-13086, CVE-2017-13087, CVE-2017-13088

    For general information regarding FreeBSD Security Advisories, including descriptions of the fields above, security branches, and the following sections, please visit .

    1. Revision history

    v1.0 2017-10-17 Initial release. v1.1 2017-10-19 Add patches for 10.x releases.

    I.

    hostapd and wpa_supplicant are implementations of user space daemon for access points and wireless client that implements the WPA2 protocol.

    II. Problem Description

    A vulnerability was found in how a number of implementations can be triggered to reconfigure WPA/WPA2/RSN keys (TK, GTK, or IGTK) by replaying a specific frame that is used to manage the keys.

    III. Impact

    Such reinstallation of the encryption key can result in two different types of vulnerabilities: disabling replay protection and significantly reducing the security of encryption to the point of allowing frames to be decrypted or some parts of the keys to be determined by an attacker depending on which cipher is used.

    IV. Workaround

    An updated version of wpa_supplicant is available in the FreeBSD Ports Collection. Install version 2.6_2 or later of the security/wpa_supplicant port/pkg. Once installed, update /etc/rc.conf to use the new binary:

    wpa_supplicant_program="/usr/local/sbin/wpa_supplicant"

    and restart networking.

    An updated version of hostapd is available in the FreeBSD Ports Collection. Install version 2.6_1 or later of the net/hostapd port/pkg. Once installed, update /etc/rc.conf to use the new binary:

    hostapd_program="/usr/local/sbin/hostapd"

    and restart hostapd.

    V. Solution

    Perform one of the following:

    1) Upgrade your vulnerable system to a supported FreeBSD stable or release / security branch (releng) dated after the correction date.

    Restart the Wi-Fi network interfaces/hostapd or reboot the system.

    2) To update your vulnerable system via a binary patch:

    Systems running a RELEASE version of FreeBSD on the i386 or amd64 platforms can be updated via the freebsd-update(8) utility:

    freebsd-update fetch

    freebsd-update install

    Restart the Wi-Fi network interfaces/hostapd or reboot the system.

    3) To update your vulnerable system via a source code patch:

    The following patches have been verified to apply to the applicable FreeBSD release branches.

    a) Download the relevant patch from the location below, and verify the detached PGP signature using your PGP utility.

    [FreeBSD 11.0-RELEASE, 11.1-RELEASE, and 11-STABLE]

    fetch https://security.FreeBSD.org/patches/SA-17:07/wpa-11.patch

    fetch https://security.FreeBSD.org/patches/SA-17:07/wpa-11.patch.asc

    gpg --verify wpa-11.patch.asc

    [FreeBSD 10.3-RELEASE, 10.4-RELEASE, and 10-STABLE]

    fetch https://security.FreeBSD.org/patches/SA-17:07/wpa-10.patch

    fetch https://security.FreeBSD.org/patches/SA-17:07/wpa-10.patch.asc

    gpg --verify wpa-10.patch.asc

    b) Apply the patch. Execute the following commands as root:

    cd /usr/src

    patch < /path/to/patch

    c) Recompile the operating system using buildworld and installworld as described in .

    Restart the applicable daemons, or reboot the system.

    VI. Correction details

    The following list contains the correction revision numbers for each affected branch.

    Branch/path Revision


    stable/11/ r324697 releng/11.0/ r324698 releng/11.1/ r324699 stable/10/ r324739 releng/10.3/ r324740 releng/10.4/ r324741


    To see which files were modified by a particular revision, run the following command, replacing NNNNNN with the revision number, on a machine with Subversion installed:

    svn diff -cNNNNNN --summarize svn://svn.freebsd.org/base

    Or visit the following URL, replacing NNNNNN with the revision number:

    VII. References

    The latest revision of this advisory is available at -----BEGIN PGP SIGNATURE-----

    iQKTBAEBCgB9FiEEHPf/b631yp++G4yy7Wfs1l3PaucFAlnoGpNfFIAAAAAALgAo aXNzdWVyLWZwckBub3RhdGlvbnMub3BlbnBncC5maWZ0aGhvcnNlbWFuLm5ldDFD RjdGRjZGQURGNUNBOUZCRTFCOENCMkVENjdFQ0Q2NURDRjZBRTcACgkQ7Wfs1l3P auc7WBAAm27w+fujv5sJsRxauUMopTVtRh5utwbDuoHTP+L+RCWmQfVBmueNQ0gf uJzMNxBIkbtY9LvyukpRsH3iD7mh26c0pd9rxxkkr4F96C9B5+W0amxJF1gdm54/ F/50FpY+lo7cNs5tiBjypPrg8UOBBI/1G4XR7130XC0HjaTwt1ngZ0oQUWUMSsIp gN5ZfPul81WPWd1NqF+vyObcJhwq/Y1uoexoO27o7GQCFZoL3enZy8c4f1xqMlVM 4HHkTgNGac6E0aW+ArH4J0DFFAOJXPqF8rdt+9XINfoBbtliIyOixJ4oh1n6eAR0 VpBWZKFNyXSlUKIvDGa+LDhxgL1jJXV0ABSyKlUOijdmr3bbbiQE9MW/MNv2AFTd OAFQ0QQtm9KCWp5JLh+FPIb/kR2l7MOUP+yz4zFcJpdGtl9tDLyPN8vRTq60bY8O y7tBcf/SMqkd/AIFdchL4zrOguKnRARydIlwTarp8wtAQI3MKSsa1B0wgsDtlL6K xfdjnwWMKvKKlNOW16e1WXXO0n/ucHV4njBE+bGPro3jLgXP2/WFZpIGAR3I4xrr SdD4AxSNiR9f3bL7LRfMIbugJAylWNSlTLWUOVUv0/ONh85LqbcCj13NI230B64K ETx2QOZgKnCs2oDNiw4aQHb7kvi2w94Iw/R1sAPkkxYJWO3reyE= =h/5q -----END PGP SIGNATURE----- .

    Here are the details from the Slackware 14.2 ChangeLog: +--------------------------+ patches/packages/wpa_supplicant-2.6-i586-1_slack14.2.txz: Upgraded. This update includes patches to mitigate the WPA2 protocol issues known as "KRACK" (Key Reinstallation AttaCK), which may be used to decrypt data, hijack TCP connections, and to forge and inject packets. CVE-2017-13082: Accepting a retransmitted Fast BSS Transition (FT) Reassociation Request and reinstalling the pairwise encryption key (PTK-TK) while processing it. For more information, see: https://www.krackattacks.com/ https://w1.fi/security/2017-1/wpa-packet-number-reuse-with-replayed-messages.txt https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-13077 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-13078 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-13079 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-13080 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-13081 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-13082 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-13084 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-13086 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-13087 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-13088 ( Security fix ) +--------------------------+

    Where to find the new packages: +-----------------------------+

    Thanks to the friendly folks at the OSU Open Source Lab (http://osuosl.org) for donating FTP and rsync hosting to the Slackware project! :-)

    Also see the "Get Slack" section on http://slackware.com for additional mirror sites near you.

    Updated package for Slackware 14.0: ftp://ftp.slackware.com/pub/slackware/slackware-14.0/patches/packages/wpa_supplicant-2.6-i486-1_slack14.0.txz

    Updated package for Slackware x86_64 14.0: ftp://ftp.slackware.com/pub/slackware/slackware64-14.0/patches/packages/wpa_supplicant-2.6-x86_64-1_slack14.0.txz

    Updated package for Slackware 14.1: ftp://ftp.slackware.com/pub/slackware/slackware-14.1/patches/packages/wpa_supplicant-2.6-i486-1_slack14.1.txz

    Updated package for Slackware x86_64 14.1: ftp://ftp.slackware.com/pub/slackware/slackware64-14.1/patches/packages/wpa_supplicant-2.6-x86_64-1_slack14.1.txz

    Updated package for Slackware 14.2: ftp://ftp.slackware.com/pub/slackware/slackware-14.2/patches/packages/wpa_supplicant-2.6-i586-1_slack14.2.txz

    Updated package for Slackware x86_64 14.2: ftp://ftp.slackware.com/pub/slackware/slackware64-14.2/patches/packages/wpa_supplicant-2.6-x86_64-1_slack14.2.txz

    Updated package for Slackware -current: ftp://ftp.slackware.com/pub/slackware/slackware-current/slackware/n/wpa_supplicant-2.6-i586-2.txz

    Updated package for Slackware x86_64 -current: ftp://ftp.slackware.com/pub/slackware/slackware64-current/slackware64/n/wpa_supplicant-2.6-x86_64-2.txz

    MD5 signatures: +-------------+

    Slackware 14.0 package: d8ecfaadb50b3547967ab53733ffc019 wpa_supplicant-2.6-i486-1_slack14.0.txz

    Slackware x86_64 14.0 package: f25216d28800504ce498705da7c9a825 wpa_supplicant-2.6-x86_64-1_slack14.0.txz

    Slackware 14.1 package: 15c61050e4bab2581757befd86be74c0 wpa_supplicant-2.6-i486-1_slack14.1.txz

    Slackware x86_64 14.1 package: 49fd537a520338744f7757615556d352 wpa_supplicant-2.6-x86_64-1_slack14.1.txz

    Slackware 14.2 package: c5539f40c8510af89be92945f0f80185 wpa_supplicant-2.6-i586-1_slack14.2.txz

    Slackware x86_64 14.2 package: 4c527ff84fcdfd7839f217bbce2e4ae4 wpa_supplicant-2.6-x86_64-1_slack14.2.txz

    Slackware -current package: 28bd88a54e96368f7a7020c1f5fb67fe n/wpa_supplicant-2.6-i586-2.txz

    Slackware x86_64 -current package: 464fc6b48d1ac077f47e9a3a8534c160 n/wpa_supplicant-2.6-x86_64-2.txz

    Installation instructions: +------------------------+

    Upgrade the package as root:

    upgradepkg wpa_supplicant-2.6-i586-1_slack14.2.txz

    +-----+

    Slackware Linux Security Team http://slackware.com/gpg-key security@slackware.com

    +------------------------------------------------------------------------+ | To leave the slackware-security mailing list: | +------------------------------------------------------------------------+ | Send an email to majordomo@slackware.com with this text in the body of | | the email message: | | | | unsubscribe slackware-security | | | | You will get a confirmation message back containing instructions to | | complete the process. Please do not reply to this email address

    Show details on source website

    {
      "affected_products": {
        "_id": null,
        "data": [
          {
            "_id": null,
            "model": "hostapd",
            "scope": "eq",
            "trust": 1.6,
            "vendor": "w1 fi",
            "version": "0.4.10"
          },
          {
            "_id": null,
            "model": "hostapd",
            "scope": "eq",
            "trust": 1.6,
            "vendor": "w1 fi",
            "version": "0.5.9"
          },
          {
            "_id": null,
            "model": "hostapd",
            "scope": "eq",
            "trust": 1.6,
            "vendor": "w1 fi",
            "version": "0.4.8"
          },
          {
            "_id": null,
            "model": "hostapd",
            "scope": "eq",
            "trust": 1.6,
            "vendor": "w1 fi",
            "version": "0.5.10"
          },
          {
            "_id": null,
            "model": "hostapd",
            "scope": "eq",
            "trust": 1.6,
            "vendor": "w1 fi",
            "version": "0.6.8"
          },
          {
            "_id": null,
            "model": "hostapd",
            "scope": "eq",
            "trust": 1.6,
            "vendor": "w1 fi",
            "version": "0.5.11"
          },
          {
            "_id": null,
            "model": "hostapd",
            "scope": "eq",
            "trust": 1.6,
            "vendor": "w1 fi",
            "version": "0.5.7"
          },
          {
            "_id": null,
            "model": "hostapd",
            "scope": "eq",
            "trust": 1.6,
            "vendor": "w1 fi",
            "version": "0.5.8"
          },
          {
            "_id": null,
            "model": "hostapd",
            "scope": "eq",
            "trust": 1.6,
            "vendor": "w1 fi",
            "version": "0.4.11"
          },
          {
            "_id": null,
            "model": "hostapd",
            "scope": "eq",
            "trust": 1.6,
            "vendor": "w1 fi",
            "version": "0.4.9"
          },
          {
            "_id": null,
            "model": "enterprise linux desktop",
            "scope": "eq",
            "trust": 1.3,
            "vendor": "redhat",
            "version": "7"
          },
          {
            "_id": null,
            "model": "enterprise linux server",
            "scope": "eq",
            "trust": 1.3,
            "vendor": "redhat",
            "version": "7"
          },
          {
            "_id": null,
            "model": "wpa supplicant",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "w1 fi",
            "version": "0.6.9"
          },
          {
            "_id": null,
            "model": "wpa supplicant",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "w1 fi",
            "version": "0.2.5"
          },
          {
            "_id": null,
            "model": "hostapd",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "w1 fi",
            "version": "1.1"
          },
          {
            "_id": null,
            "model": "linux",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "debian",
            "version": "9.0"
          },
          {
            "_id": null,
            "model": "openstack cloud",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "suse",
            "version": "6"
          },
          {
            "_id": null,
            "model": "linux enterprise desktop",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "suse",
            "version": "12"
          },
          {
            "_id": null,
            "model": "hostapd",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "w1 fi",
            "version": "2.0"
          },
          {
            "_id": null,
            "model": "linux enterprise server",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "suse",
            "version": "11"
          },
          {
            "_id": null,
            "model": "hostapd",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "w1 fi",
            "version": "0.6.9"
          },
          {
            "_id": null,
            "model": "ubuntu linux",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "canonical",
            "version": "14.04"
          },
          {
            "_id": null,
            "model": "hostapd",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "w1 fi",
            "version": "0.2.5"
          },
          {
            "_id": null,
            "model": "wpa supplicant",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "w1 fi",
            "version": "0.4.9"
          },
          {
            "_id": null,
            "model": "hostapd",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "w1 fi",
            "version": "0.3.9"
          },
          {
            "_id": null,
            "model": "wpa supplicant",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "w1 fi",
            "version": "0.4.10"
          },
          {
            "_id": null,
            "model": "wpa supplicant",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "w1 fi",
            "version": "0.3.11"
          },
          {
            "_id": null,
            "model": "wpa supplicant",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "w1 fi",
            "version": "0.2.7"
          },
          {
            "_id": null,
            "model": "freebsd",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "freebsd",
            "version": "*"
          },
          {
            "_id": null,
            "model": "wpa supplicant",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "w1 fi",
            "version": "0.4.11"
          },
          {
            "_id": null,
            "model": "wpa supplicant",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "w1 fi",
            "version": "0.3.8"
          },
          {
            "_id": null,
            "model": "wpa supplicant",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "w1 fi",
            "version": "0.2.6"
          },
          {
            "_id": null,
            "model": "freebsd",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "freebsd",
            "version": "10"
          },
          {
            "_id": null,
            "model": "linux",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "debian",
            "version": "8.0"
          },
          {
            "_id": null,
            "model": "hostapd",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "w1 fi",
            "version": "0.3.11"
          },
          {
            "_id": null,
            "model": "wpa supplicant",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "w1 fi",
            "version": "2.2"
          },
          {
            "_id": null,
            "model": "wpa supplicant",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "w1 fi",
            "version": "0.5.7"
          },
          {
            "_id": null,
            "model": "hostapd",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "w1 fi",
            "version": "0.2.6"
          },
          {
            "_id": null,
            "model": "hostapd",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "w1 fi",
            "version": "2.5"
          },
          {
            "_id": null,
            "model": "wpa supplicant",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "w1 fi",
            "version": "2.4"
          },
          {
            "_id": null,
            "model": "wpa supplicant",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "w1 fi",
            "version": "0.5.8"
          },
          {
            "_id": null,
            "model": "wpa supplicant",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "w1 fi",
            "version": "0.3.7"
          },
          {
            "_id": null,
            "model": "wpa supplicant",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "w1 fi",
            "version": "1.1"
          },
          {
            "_id": null,
            "model": "wpa supplicant",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "w1 fi",
            "version": "0.6.10"
          },
          {
            "_id": null,
            "model": "wpa supplicant",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "w1 fi",
            "version": "0.7.3"
          },
          {
            "_id": null,
            "model": "wpa supplicant",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "w1 fi",
            "version": "1.0"
          },
          {
            "_id": null,
            "model": "linux enterprise point of sale",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "suse",
            "version": "11"
          },
          {
            "_id": null,
            "model": "hostapd",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "w1 fi",
            "version": "2.4"
          },
          {
            "_id": null,
            "model": "wpa supplicant",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "w1 fi",
            "version": "2.6"
          },
          {
            "_id": null,
            "model": "hostapd",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "w1 fi",
            "version": "0.3.7"
          },
          {
            "_id": null,
            "model": "hostapd",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "w1 fi",
            "version": "0.6.10"
          },
          {
            "_id": null,
            "model": "wpa supplicant",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "w1 fi",
            "version": "0.2.8"
          },
          {
            "_id": null,
            "model": "hostapd",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "w1 fi",
            "version": "0.7.3"
          },
          {
            "_id": null,
            "model": "freebsd",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "freebsd",
            "version": "11.1"
          },
          {
            "_id": null,
            "model": "hostapd",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "w1 fi",
            "version": "1.0"
          },
          {
            "_id": null,
            "model": "wpa supplicant",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "w1 fi",
            "version": "0.3.9"
          },
          {
            "_id": null,
            "model": "hostapd",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "w1 fi",
            "version": "2.6"
          },
          {
            "_id": null,
            "model": "wpa supplicant",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "w1 fi",
            "version": "0.2.4"
          },
          {
            "_id": null,
            "model": "wpa supplicant",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "w1 fi",
            "version": "0.3.10"
          },
          {
            "_id": null,
            "model": "wpa supplicant",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "w1 fi",
            "version": "0.5.10"
          },
          {
            "_id": null,
            "model": "wpa supplicant",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "w1 fi",
            "version": "0.5.9"
          },
          {
            "_id": null,
            "model": "wpa supplicant",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "w1 fi",
            "version": "2.1"
          },
          {
            "_id": null,
            "model": "hostapd",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "w1 fi",
            "version": "0.2.8"
          },
          {
            "_id": null,
            "model": "leap",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "opensuse",
            "version": "42.2"
          },
          {
            "_id": null,
            "model": "wpa supplicant",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "w1 fi",
            "version": "0.4.7"
          },
          {
            "_id": null,
            "model": "ubuntu linux",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "canonical",
            "version": "17.04"
          },
          {
            "_id": null,
            "model": "hostapd",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "w1 fi",
            "version": "0.2.4"
          },
          {
            "_id": null,
            "model": "hostapd",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "w1 fi",
            "version": "0.3.10"
          },
          {
            "_id": null,
            "model": "wpa supplicant",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "w1 fi",
            "version": "2.3"
          },
          {
            "_id": null,
            "model": "freebsd",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "freebsd",
            "version": "10.4"
          },
          {
            "_id": null,
            "model": "hostapd",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "w1 fi",
            "version": "2.1"
          },
          {
            "_id": null,
            "model": "wpa supplicant",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "w1 fi",
            "version": "0.5.11"
          },
          {
            "_id": null,
            "model": "wpa supplicant",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "w1 fi",
            "version": "2.5"
          },
          {
            "_id": null,
            "model": "linux enterprise server",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "suse",
            "version": "12"
          },
          {
            "_id": null,
            "model": "hostapd",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "w1 fi",
            "version": "0.4.7"
          },
          {
            "_id": null,
            "model": "hostapd",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "w1 fi",
            "version": "2.3"
          },
          {
            "_id": null,
            "model": "wpa supplicant",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "w1 fi",
            "version": "0.4.8"
          },
          {
            "_id": null,
            "model": "ubuntu linux",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "canonical",
            "version": "16.04"
          },
          {
            "_id": null,
            "model": "hostapd",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "w1 fi",
            "version": "2.2"
          },
          {
            "_id": null,
            "model": "wpa supplicant",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "w1 fi",
            "version": "0.6.8"
          },
          {
            "_id": null,
            "model": "freebsd",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "freebsd",
            "version": "11"
          },
          {
            "_id": null,
            "model": "wpa supplicant",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "w1 fi",
            "version": "2.0"
          },
          {
            "_id": null,
            "model": "leap",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "opensuse",
            "version": "42.3"
          },
          {
            "_id": null,
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "9front",
            "version": null
          },
          {
            "_id": null,
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "adtran",
            "version": null
          },
          {
            "_id": null,
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "avm",
            "version": null
          },
          {
            "_id": null,
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "actiontec",
            "version": null
          },
          {
            "_id": null,
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "aerohive",
            "version": null
          },
          {
            "_id": null,
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "alcatel lucent",
            "version": null
          },
          {
            "_id": null,
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "android open source",
            "version": null
          },
          {
            "_id": null,
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "apple",
            "version": null
          },
          {
            "_id": null,
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "arch linux",
            "version": null
          },
          {
            "_id": null,
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "aruba",
            "version": null
          },
          {
            "_id": null,
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "asustek computer",
            "version": null
          },
          {
            "_id": null,
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "barracuda",
            "version": null
          },
          {
            "_id": null,
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "broadcom",
            "version": null
          },
          {
            "_id": null,
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "cambium",
            "version": null
          },
          {
            "_id": null,
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "centos",
            "version": null
          },
          {
            "_id": null,
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "cisco",
            "version": null
          },
          {
            "_id": null,
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "cradlepoint",
            "version": null
          },
          {
            "_id": null,
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "cypress semiconductor",
            "version": null
          },
          {
            "_id": null,
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "d link",
            "version": null
          },
          {
            "_id": null,
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "debian gnu linux",
            "version": null
          },
          {
            "_id": null,
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "dell",
            "version": null
          },
          {
            "_id": null,
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "digi",
            "version": null
          },
          {
            "_id": null,
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "draytek",
            "version": null
          },
          {
            "_id": null,
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "edimax computer",
            "version": null
          },
          {
            "_id": null,
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "engenius",
            "version": null
          },
          {
            "_id": null,
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "endian",
            "version": null
          },
          {
            "_id": null,
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "espressif",
            "version": null
          },
          {
            "_id": null,
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "extreme",
            "version": null
          },
          {
            "_id": null,
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "f secure",
            "version": null
          },
          {
            "_id": null,
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "fedora",
            "version": null
          },
          {
            "_id": null,
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "fortinet",
            "version": null
          },
          {
            "_id": null,
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "freebsd",
            "version": null
          },
          {
            "_id": null,
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "gentoo linux",
            "version": null
          },
          {
            "_id": null,
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "google",
            "version": null
          },
          {
            "_id": null,
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "hewlett packard",
            "version": null
          },
          {
            "_id": null,
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "hostap",
            "version": null
          },
          {
            "_id": null,
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "ipfire",
            "version": null
          },
          {
            "_id": null,
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "intel",
            "version": null
          },
          {
            "_id": null,
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "juniper",
            "version": null
          },
          {
            "_id": null,
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "lancom",
            "version": null
          },
          {
            "_id": null,
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "lede",
            "version": null
          },
          {
            "_id": null,
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "lifx",
            "version": null
          },
          {
            "_id": null,
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "lenovo",
            "version": null
          },
          {
            "_id": null,
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "microchip",
            "version": null
          },
          {
            "_id": null,
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "microsoft",
            "version": null
          },
          {
            "_id": null,
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "mojo",
            "version": null
          },
          {
            "_id": null,
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "nest",
            "version": null
          },
          {
            "_id": null,
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "netbsd",
            "version": null
          },
          {
            "_id": null,
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "netgear",
            "version": null
          },
          {
            "_id": null,
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "opnsense",
            "version": null
          },
          {
            "_id": null,
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "omnirom",
            "version": null
          },
          {
            "_id": null,
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "open mesh",
            "version": null
          },
          {
            "_id": null,
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "openbsd",
            "version": null
          },
          {
            "_id": null,
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "peplink",
            "version": null
          },
          {
            "_id": null,
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "red hat",
            "version": null
          },
          {
            "_id": null,
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "riverbed",
            "version": null
          },
          {
            "_id": null,
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "rockwell automation",
            "version": null
          },
          {
            "_id": null,
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "ruckus",
            "version": null
          },
          {
            "_id": null,
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "suse linux",
            "version": null
          },
          {
            "_id": null,
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "samsung mobile",
            "version": null
          },
          {
            "_id": null,
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "sierra",
            "version": null
          },
          {
            "_id": null,
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "slackware linux",
            "version": null
          },
          {
            "_id": null,
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "sonos",
            "version": null
          },
          {
            "_id": null,
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "sony",
            "version": null
          },
          {
            "_id": null,
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "sophos",
            "version": null
          },
          {
            "_id": null,
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "synology",
            "version": null
          },
          {
            "_id": null,
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "tp link",
            "version": null
          },
          {
            "_id": null,
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "technicolor",
            "version": null
          },
          {
            "_id": null,
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "texas instruments",
            "version": null
          },
          {
            "_id": null,
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "toshiba commerce",
            "version": null
          },
          {
            "_id": null,
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "toshiba electronic devices storage",
            "version": null
          },
          {
            "_id": null,
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "toshiba memory",
            "version": null
          },
          {
            "_id": null,
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "turris omnia",
            "version": null
          },
          {
            "_id": null,
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "ubiquiti",
            "version": null
          },
          {
            "_id": null,
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "ubuntu",
            "version": null
          },
          {
            "_id": null,
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "volumio",
            "version": null
          },
          {
            "_id": null,
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "watchguard",
            "version": null
          },
          {
            "_id": null,
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "xiaomi",
            "version": null
          },
          {
            "_id": null,
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "xirrus",
            "version": null
          },
          {
            "_id": null,
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "zebra",
            "version": null
          },
          {
            "_id": null,
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "zyxel",
            "version": null
          },
          {
            "_id": null,
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "dd wrt",
            "version": null
          },
          {
            "_id": null,
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "eero",
            "version": null
          },
          {
            "_id": null,
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "pfsense",
            "version": null
          },
          {
            "_id": null,
            "model": "ubuntu",
            "scope": null,
            "trust": 0.8,
            "vendor": "canonical",
            "version": null
          },
          {
            "_id": null,
            "model": "gnu/linux",
            "scope": null,
            "trust": 0.8,
            "vendor": "debian",
            "version": null
          },
          {
            "_id": null,
            "model": "freebsd",
            "scope": null,
            "trust": 0.8,
            "vendor": "freebsd",
            "version": null
          },
          {
            "_id": null,
            "model": "leap",
            "scope": null,
            "trust": 0.8,
            "vendor": "opensuse",
            "version": null
          },
          {
            "_id": null,
            "model": "linux enterprise desktop",
            "scope": null,
            "trust": 0.8,
            "vendor": "suse",
            "version": null
          },
          {
            "_id": null,
            "model": "linux enterprise point of sale",
            "scope": null,
            "trust": 0.8,
            "vendor": "suse",
            "version": null
          },
          {
            "_id": null,
            "model": "linux enterprise server",
            "scope": null,
            "trust": 0.8,
            "vendor": "suse",
            "version": null
          },
          {
            "_id": null,
            "model": "openstack cloud",
            "scope": null,
            "trust": 0.8,
            "vendor": "suse",
            "version": null
          },
          {
            "_id": null,
            "model": "hostapd",
            "scope": null,
            "trust": 0.8,
            "vendor": "w1 fi",
            "version": null
          },
          {
            "_id": null,
            "model": "wpa supplicant",
            "scope": null,
            "trust": 0.8,
            "vendor": "w1 fi",
            "version": null
          },
          {
            "_id": null,
            "model": "enterprise linux desktop",
            "scope": null,
            "trust": 0.8,
            "vendor": "red hat",
            "version": null
          },
          {
            "_id": null,
            "model": "enterprise linux server",
            "scope": null,
            "trust": 0.8,
            "vendor": "red hat",
            "version": null
          },
          {
            "_id": null,
            "model": "edge gateway",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "nec",
            "version": null
          },
          {
            "_id": null,
            "model": "sr-m20ac1",
            "scope": "lte",
            "trust": 0.8,
            "vendor": "fujitsu",
            "version": "v02.10"
          },
          {
            "_id": null,
            "model": "sr-m20ac2",
            "scope": "lte",
            "trust": 0.8,
            "vendor": "fujitsu",
            "version": "v02.10"
          },
          {
            "_id": null,
            "model": "alliance wi-fi protected access 2",
            "scope": null,
            "trust": 0.6,
            "vendor": "wi fi",
            "version": null
          },
          {
            "_id": null,
            "model": "scalance w-700",
            "scope": "eq",
            "trust": 0.6,
            "vendor": "siemens",
            "version": "0"
          },
          {
            "_id": null,
            "model": null,
            "scope": "eq",
            "trust": 0.4,
            "vendor": "linux desktop",
            "version": "12"
          },
          {
            "_id": null,
            "model": null,
            "scope": "eq",
            "trust": 0.4,
            "vendor": "linux server",
            "version": "11"
          },
          {
            "_id": null,
            "model": "atom processor c3200 series for yocto project bsp mr4",
            "scope": null,
            "trust": 0.3,
            "vendor": "intel",
            "version": null
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "10.3.2"
          },
          {
            "_id": null,
            "model": "active management technology",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "intel",
            "version": "6.1"
          },
          {
            "_id": null,
            "model": "pyxis supplystation",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "bd",
            "version": "0"
          },
          {
            "_id": null,
            "model": "sinamics smart access module",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "siemens",
            "version": "v200"
          },
          {
            "_id": null,
            "model": "active management technology",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "intel",
            "version": "11.6.27.3264"
          },
          {
            "_id": null,
            "model": "meraki mr34",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "0"
          },
          {
            "_id": null,
            "model": "ck71a-atex",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "pepperl fuchs",
            "version": "0"
          },
          {
            "_id": null,
            "model": "arubaos",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "arubanetworks",
            "version": "6.5.2.0"
          },
          {
            "_id": null,
            "model": "macbook air",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "0"
          },
          {
            "_id": null,
            "model": "aironet series access points",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "18500"
          },
          {
            "_id": null,
            "model": "active management technology",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "intel",
            "version": "8.0"
          },
          {
            "_id": null,
            "model": "meraki mr26",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "0"
          },
          {
            "_id": null,
            "model": "arubaos",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "arubanetworks",
            "version": "6.4"
          },
          {
            "_id": null,
            "model": "aironet series access points",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "28000"
          },
          {
            "_id": null,
            "model": "enterprise linux for power big endian extended update support",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "redhat",
            "version": "-7.5"
          },
          {
            "_id": null,
            "model": "meraki mr84",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "0"
          },
          {
            "_id": null,
            "model": "contact fl wlan",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "phoenix",
            "version": "510x0"
          },
          {
            "_id": null,
            "model": "windows server r2 for itanium-based systems sp1",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "microsoft",
            "version": "2008"
          },
          {
            "_id": null,
            "model": "contact itc",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "phoenix",
            "version": "81130"
          },
          {
            "_id": null,
            "model": "enterprise linux workstation",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "redhat",
            "version": "7"
          },
          {
            "_id": null,
            "model": "active management technology",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "intel",
            "version": "10.0"
          },
          {
            "_id": null,
            "model": "dual band wireless-ac",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "intel",
            "version": "726519.51.0.0"
          },
          {
            "_id": null,
            "model": "enterprise linux server extended update support",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "redhat",
            "version": "-7.6"
          },
          {
            "_id": null,
            "model": "meraki mr18",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "0"
          },
          {
            "_id": null,
            "model": "arubaos",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "arubanetworks",
            "version": "8.1.0.3"
          },
          {
            "_id": null,
            "model": "scalance w1750d",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "siemens",
            "version": "0"
          },
          {
            "_id": null,
            "model": "secure ii med-surg bed",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "stryker",
            "version": "3002"
          },
          {
            "_id": null,
            "model": "contact fl wlan",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "phoenix",
            "version": "210x0"
          },
          {
            "_id": null,
            "model": "windows version for x64-based systems",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "microsoft",
            "version": "1015110"
          },
          {
            "_id": null,
            "model": "aironet access points",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "0"
          },
          {
            "_id": null,
            "model": "contact fl wlan ap",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "phoenix",
            "version": "24802-110"
          },
          {
            "_id": null,
            "model": "active management technology",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "intel",
            "version": "11.0"
          },
          {
            "_id": null,
            "model": "instantos",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "arubanetworks",
            "version": "6.5.4.1"
          },
          {
            "_id": null,
            "model": "tvos",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "10.2"
          },
          {
            "_id": null,
            "model": "wap371 wireless-ac n access point with single point setup",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "0"
          },
          {
            "_id": null,
            "model": "ex-handy",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "pepperl fuchs",
            "version": "2090"
          },
          {
            "_id": null,
            "model": "arubaos",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "arubanetworks",
            "version": "6.5.3.2"
          },
          {
            "_id": null,
            "model": "contact rad-80211-xd",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "phoenix",
            "version": "0"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "apple",
            "version": "11.2"
          },
          {
            "_id": null,
            "model": "contact fl wlan dap",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "phoenix",
            "version": "24802-110"
          },
          {
            "_id": null,
            "model": "dual band wireless-ac",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "intel",
            "version": "726519.10.9.1"
          },
          {
            "_id": null,
            "model": "arubaos",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "arubanetworks",
            "version": "6.3.1.25"
          },
          {
            "_id": null,
            "model": "pyxis medstation es",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "bd",
            "version": "0"
          },
          {
            "_id": null,
            "model": "wireless ip phone",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "88210"
          },
          {
            "_id": null,
            "model": "pyxis stockstation system",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "bd",
            "version": "0"
          },
          {
            "_id": null,
            "model": "macbook",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "0"
          },
          {
            "_id": null,
            "model": "dual band wireless-ac",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "intel",
            "version": "316819.51.7.1"
          },
          {
            "_id": null,
            "model": "dual band wireless-ac",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "intel",
            "version": "726519.10.9.2"
          },
          {
            "_id": null,
            "model": "scalance wlc712",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "siemens",
            "version": "0"
          },
          {
            "_id": null,
            "model": "contact fl wlan spa",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "phoenix",
            "version": "0"
          },
          {
            "_id": null,
            "model": "meraki mr62",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "0"
          },
          {
            "_id": null,
            "model": "simatic et200 pro im154-6 pn iwlan",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "siemens",
            "version": "0"
          },
          {
            "_id": null,
            "model": "tropos broadband mesh routers and bridges",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "abb",
            "version": "0"
          },
          {
            "_id": null,
            "model": "dual band wireless-ac",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "intel",
            "version": "316819.10.9.2"
          },
          {
            "_id": null,
            "model": "meraki mr33",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "0"
          },
          {
            "_id": null,
            "model": "instantos",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "arubanetworks",
            "version": "6.5.3.3"
          },
          {
            "_id": null,
            "model": "micros handheld terminal",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "oracle",
            "version": "0"
          },
          {
            "_id": null,
            "model": "windows server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "microsoft",
            "version": "20120"
          },
          {
            "_id": null,
            "model": "instantos",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "arubanetworks",
            "version": "6.5.2"
          },
          {
            "_id": null,
            "model": "dual band wireless-ac",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "intel",
            "version": "316018.33.9.2"
          },
          {
            "_id": null,
            "model": "windows version for 32-bit systems",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "microsoft",
            "version": "1017030"
          },
          {
            "_id": null,
            "model": "atom processor c3200 series for yocto project bsp mr4.1",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "intel",
            "version": null
          },
          {
            "_id": null,
            "model": "active management technology",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "intel",
            "version": "2.6"
          },
          {
            "_id": null,
            "model": "android",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "7.1.0"
          },
          {
            "_id": null,
            "model": "contact fl wlan",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "phoenix",
            "version": "110x0"
          },
          {
            "_id": null,
            "model": "windows for 32-bit systems",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "microsoft",
            "version": "100"
          },
          {
            "_id": null,
            "model": "s3 med-surg bed",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "stryker",
            "version": "3002"
          },
          {
            "_id": null,
            "model": "arubaos",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "arubanetworks",
            "version": "6.4.2.4"
          },
          {
            "_id": null,
            "model": "tvos",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "11.1"
          },
          {
            "_id": null,
            "model": "contact fl comserver wlan",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "phoenix",
            "version": "232/422/4850"
          },
          {
            "_id": null,
            "model": "airport base station",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "7.6.8"
          },
          {
            "_id": null,
            "model": "enterprise linux server update services for sap solutions",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "redhat",
            "version": "-7."
          },
          {
            "_id": null,
            "model": "active management technology",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "intel",
            "version": "7.1.91.3272"
          },
          {
            "_id": null,
            "model": "instantos",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "arubanetworks",
            "version": "4.2.4.9"
          },
          {
            "_id": null,
            "model": "contact fl wlan ap",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "phoenix",
            "version": "230802-110"
          },
          {
            "_id": null,
            "model": "android",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "6.1"
          },
          {
            "_id": null,
            "model": "enterprise linux for power little endian extended update supp",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "redhat",
            "version": "-7.6"
          },
          {
            "_id": null,
            "model": "meraki mr14",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "0"
          },
          {
            "_id": null,
            "model": "enterprise linux eus compute node",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "redhat",
            "version": "7.5"
          },
          {
            "_id": null,
            "model": "aironet series access points",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "18150"
          },
          {
            "_id": null,
            "model": "wireless client bridge 2.0.0.1-aruba501-b00",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "arubanetworks",
            "version": "501"
          },
          {
            "_id": null,
            "model": "enterprise linux server extended update support",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "redhat",
            "version": "-7.4"
          },
          {
            "_id": null,
            "model": "enterprise linux server tus",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "redhat",
            "version": "-7.6"
          },
          {
            "_id": null,
            "model": "dual band wireless-ac",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "intel",
            "version": "726018.33.9.2"
          },
          {
            "_id": null,
            "model": "airport express",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "0"
          },
          {
            "_id": null,
            "model": "meraki mr16",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "0"
          },
          {
            "_id": null,
            "model": "clarity engine",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "arubanetworks",
            "version": "1.0"
          },
          {
            "_id": null,
            "model": "meraki mr30h",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "0"
          },
          {
            "_id": null,
            "model": "airport extreme",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "0"
          },
          {
            "_id": null,
            "model": "windows server r2",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "microsoft",
            "version": "20120"
          },
          {
            "_id": null,
            "model": "dual band wireless-ac",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "intel",
            "version": "826520.0.2.3"
          },
          {
            "_id": null,
            "model": "android",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "8.0"
          },
          {
            "_id": null,
            "model": "contact bl2 bpc",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "phoenix",
            "version": "0"
          },
          {
            "_id": null,
            "model": "tvos",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "10.0.1"
          },
          {
            "_id": null,
            "model": "enterprise linux for ibm z systems",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "redhat",
            "version": "7"
          },
          {
            "_id": null,
            "model": "watch",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "0"
          },
          {
            "_id": null,
            "model": "meraki mr32",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "0"
          },
          {
            "_id": null,
            "model": "wpa supplicant",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "w1 f1",
            "version": "2.4"
          },
          {
            "_id": null,
            "model": "active management technology",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "intel",
            "version": "4.0"
          },
          {
            "_id": null,
            "model": "ruggedcom rx1400",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "siemens",
            "version": "0"
          },
          {
            "_id": null,
            "model": "cn70a-atex",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "pepperl fuchs",
            "version": "0"
          },
          {
            "_id": null,
            "model": "windows version for 32-bit systems",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "microsoft",
            "version": "1015110"
          },
          {
            "_id": null,
            "model": "arubaos",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "arubanetworks",
            "version": "6.5.3"
          },
          {
            "_id": null,
            "model": "pyxis parx handheld",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "bd",
            "version": "0"
          },
          {
            "_id": null,
            "model": "dual band wireless-ac",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "intel",
            "version": "726519.10"
          },
          {
            "_id": null,
            "model": "active management technology",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "intel",
            "version": "9.1.40.100"
          },
          {
            "_id": null,
            "model": "tvos",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "10.1.1"
          },
          {
            "_id": null,
            "model": "instantos",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "arubanetworks",
            "version": "6.5.3"
          },
          {
            "_id": null,
            "model": "windows rt",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "microsoft",
            "version": "8.1"
          },
          {
            "_id": null,
            "model": "meraki mr42",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "0"
          },
          {
            "_id": null,
            "model": "instantos",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "arubanetworks",
            "version": "4.3.1.6"
          },
          {
            "_id": null,
            "model": "airport base station",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "7.7.3"
          },
          {
            "_id": null,
            "model": "wap561 wireless-n dual radio selectable band access point",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "0"
          },
          {
            "_id": null,
            "model": "active management technology",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "intel",
            "version": "11.0.26.3000"
          },
          {
            "_id": null,
            "model": "instantos",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "arubanetworks",
            "version": "6.5.4.2"
          },
          {
            "_id": null,
            "model": "active management technology",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "intel",
            "version": "11.6"
          },
          {
            "_id": null,
            "model": "tvos",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "apple",
            "version": "11.2"
          },
          {
            "_id": null,
            "model": "active management technology",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "intel",
            "version": "6.0"
          },
          {
            "_id": null,
            "model": "windows server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "microsoft",
            "version": "2016"
          },
          {
            "_id": null,
            "model": "contact rad-whg/wlan-xd",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "phoenix",
            "version": "0"
          },
          {
            "_id": null,
            "model": "dual band wireless-ac",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "intel",
            "version": "726018.33.9.3"
          },
          {
            "_id": null,
            "model": "wi-fi update for boot camp",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "apple",
            "version": "6.4.0"
          },
          {
            "_id": null,
            "model": "suremark printer 2nr",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "toshiba",
            "version": "4610"
          },
          {
            "_id": null,
            "model": "android",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "7.1.1"
          },
          {
            "_id": null,
            "model": "arubaos",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "arubanetworks",
            "version": "6.5.4.2"
          },
          {
            "_id": null,
            "model": "enterprise linux for power little endian extended update supp",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "redhat",
            "version": "-7.5"
          },
          {
            "_id": null,
            "model": "enterprise linux for power little endian",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "redhat",
            "version": "7"
          },
          {
            "_id": null,
            "model": "dual band wireless-ac",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "intel",
            "version": "826520.0.0.0"
          },
          {
            "_id": null,
            "model": "tvos",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "10.2.1"
          },
          {
            "_id": null,
            "model": "arubaos",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "arubanetworks",
            "version": "6.3.1.8"
          },
          {
            "_id": null,
            "model": "windows server for x64-based systems sp2",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "microsoft",
            "version": "2008"
          },
          {
            "_id": null,
            "model": "pyxis supply roller",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "bd",
            "version": "0"
          },
          {
            "_id": null,
            "model": "airport base station",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "7.6.3"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "10.3"
          },
          {
            "_id": null,
            "model": "telepresence collaboration endpoint",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "0"
          },
          {
            "_id": null,
            "model": "active management technology",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "intel",
            "version": "6.2.61.3535"
          },
          {
            "_id": null,
            "model": "contact vmt",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "phoenix",
            "version": "70xx0"
          },
          {
            "_id": null,
            "model": "imac",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "0"
          },
          {
            "_id": null,
            "model": "meraki mr72",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "0"
          },
          {
            "_id": null,
            "model": "watchos",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "4"
          },
          {
            "_id": null,
            "model": "enterprise linux for power little endian extended update supp",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "redhat",
            "version": "-7.4"
          },
          {
            "_id": null,
            "model": "active management technology",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "intel",
            "version": "11.0.25.3001"
          },
          {
            "_id": null,
            "model": "arubaos",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "arubanetworks",
            "version": "8.1.0.4"
          },
          {
            "_id": null,
            "model": "active management technology",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "intel",
            "version": "9.1"
          },
          {
            "_id": null,
            "model": "enterprise linux server tus",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "redhat",
            "version": "-7.4"
          },
          {
            "_id": null,
            "model": "active management technology",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "intel",
            "version": "6.2"
          },
          {
            "_id": null,
            "model": "meraki mr53",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "0"
          },
          {
            "_id": null,
            "model": "tvos",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "10.1"
          },
          {
            "_id": null,
            "model": "wap551 wireless-n single radio selectable band access point",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "0"
          },
          {
            "_id": null,
            "model": "instantos",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "arubanetworks",
            "version": "4.2"
          },
          {
            "_id": null,
            "model": "instantos",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "arubanetworks",
            "version": "6.5.3.2"
          },
          {
            "_id": null,
            "model": "dual band wireless-ac",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "intel",
            "version": "316519.10"
          },
          {
            "_id": null,
            "model": "dual band wireless-ac",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "intel",
            "version": "826020.0.0.0"
          },
          {
            "_id": null,
            "model": "wap121 wireless-n access point with single point setup",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "0"
          },
          {
            "_id": null,
            "model": "active management technology",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "intel",
            "version": "2.5"
          },
          {
            "_id": null,
            "model": "active management technology",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "intel",
            "version": "11.6.0.1000"
          },
          {
            "_id": null,
            "model": "wireless client bridge 1.0.1.3-hp501-b0012",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "arubanetworks",
            "version": "501"
          },
          {
            "_id": null,
            "model": "i.roc ci70-ex",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "pepperl fuchs",
            "version": "0"
          },
          {
            "_id": null,
            "model": "arubaos",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "arubanetworks",
            "version": "6.5.0.0"
          },
          {
            "_id": null,
            "model": "dual band wireless-ac",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "intel",
            "version": "826020.0.2.2"
          },
          {
            "_id": null,
            "model": "active management technology",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "intel",
            "version": "7.1"
          },
          {
            "_id": null,
            "model": "cn70e-atex",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "pepperl fuchs",
            "version": "0"
          },
          {
            "_id": null,
            "model": "dual band wireless-ac",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "intel",
            "version": "726018.0.0.0"
          },
          {
            "_id": null,
            "model": "meraki mr24",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "0"
          },
          {
            "_id": null,
            "model": "suremark printer 1nr",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "toshiba",
            "version": "4610"
          },
          {
            "_id": null,
            "model": "enterprise linux for ibm z systems extended update support",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "redhat",
            "version": "-7.6"
          },
          {
            "_id": null,
            "model": "contact vmt",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "phoenix",
            "version": "50xx0"
          },
          {
            "_id": null,
            "model": "meraki mr74",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "0"
          },
          {
            "_id": null,
            "model": "ex-handy",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "pepperl fuchs",
            "version": "090"
          },
          {
            "_id": null,
            "model": "arubaos",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "arubanetworks",
            "version": "6.4.4.15"
          },
          {
            "_id": null,
            "model": "dual band wireless-ac",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "intel",
            "version": "316519.51.7.1"
          },
          {
            "_id": null,
            "model": "dual band wireless-ac",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "intel",
            "version": "726519.51.7.20"
          },
          {
            "_id": null,
            "model": "anyconnect secure mobility client",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "0"
          },
          {
            "_id": null,
            "model": "dual band wireless-ac",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "intel",
            "version": "726519.51.7.1"
          },
          {
            "_id": null,
            "model": "systems esp32",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "espressif",
            "version": "0"
          },
          {
            "_id": null,
            "model": "watchos",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "4.1"
          },
          {
            "_id": null,
            "model": "enterprise linux server extended update support",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "redhat",
            "version": "-7.5"
          },
          {
            "_id": null,
            "model": "micros handheld terminal 2.03.0.0.021r",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "oracle",
            "version": null
          },
          {
            "_id": null,
            "model": "aironet series access points",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "38000"
          },
          {
            "_id": null,
            "model": "pyxis parx",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "bd",
            "version": "0"
          },
          {
            "_id": null,
            "model": "dx70",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "0"
          },
          {
            "_id": null,
            "model": "arubaos",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "arubanetworks",
            "version": "6.5.1.9"
          },
          {
            "_id": null,
            "model": "enterprise linux server update services for sap solutions",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "redhat",
            "version": "-7.6"
          },
          {
            "_id": null,
            "model": "intouch critical care bed",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "stryker",
            "version": "2141"
          },
          {
            "_id": null,
            "model": "pyxis anesthesia es",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "bd",
            "version": "0"
          },
          {
            "_id": null,
            "model": "aironet series officeextend access points",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "18100"
          },
          {
            "_id": null,
            "model": "windows for x64-based systems",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "microsoft",
            "version": "8.10"
          },
          {
            "_id": null,
            "model": "dual band wireless-ac",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "intel",
            "version": "316819.10.9.1"
          },
          {
            "_id": null,
            "model": "active management technology",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "intel",
            "version": "10.0.55.3000"
          },
          {
            "_id": null,
            "model": "windows for 32-bit systems",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "microsoft",
            "version": "8.10"
          },
          {
            "_id": null,
            "model": "android",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "6.0"
          },
          {
            "_id": null,
            "model": "meraki mr66",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "0"
          },
          {
            "_id": null,
            "model": "dual band wireless-ac",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "intel",
            "version": "316519.10.9.1"
          },
          {
            "_id": null,
            "model": "airport base station",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "7.6"
          },
          {
            "_id": null,
            "model": "intouch critical care bed",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "stryker",
            "version": "2131"
          },
          {
            "_id": null,
            "model": "android",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "7.1.2"
          },
          {
            "_id": null,
            "model": "aironet series access points",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "18300"
          },
          {
            "_id": null,
            "model": "enterprise linux server aus",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "redhat",
            "version": "-7.6"
          },
          {
            "_id": null,
            "model": "enterprise linux for power big endian extended update support",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "redhat",
            "version": "-7.6"
          },
          {
            "_id": null,
            "model": "active management technology",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "intel",
            "version": "10.0.0.50.1004"
          },
          {
            "_id": null,
            "model": "arubaos",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "arubanetworks",
            "version": "6.4.1.0"
          },
          {
            "_id": null,
            "model": "wap321 wireless-n access point with single point setup",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "0"
          },
          {
            "_id": null,
            "model": "simatic iwlan-pb/link",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "siemens",
            "version": "0"
          },
          {
            "_id": null,
            "model": "aironet 1810w series access points",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "0"
          },
          {
            "_id": null,
            "model": "meraki mr52",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "0"
          },
          {
            "_id": null,
            "model": "enterprise linux for ibm z systems extended update support",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "redhat",
            "version": "-7.5"
          },
          {
            "_id": null,
            "model": "meraki mr12",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "0"
          },
          {
            "_id": null,
            "model": "airmesh msr",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "arubanetworks",
            "version": "0"
          },
          {
            "_id": null,
            "model": "dual band wireless-ac",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "intel",
            "version": "316519.51.7.20"
          },
          {
            "_id": null,
            "model": "watchos",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "apple",
            "version": "4.2"
          },
          {
            "_id": null,
            "model": "contact fl wlan ec",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "phoenix",
            "version": "24802-110"
          },
          {
            "_id": null,
            "model": "instantos",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "arubanetworks",
            "version": "4.2.4.8"
          },
          {
            "_id": null,
            "model": "systems esp8266",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "espressif",
            "version": "0"
          },
          {
            "_id": null,
            "model": "tv",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "0"
          },
          {
            "_id": null,
            "model": "pad-ex",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "pepperl fuchs",
            "version": "010"
          },
          {
            "_id": null,
            "model": "active management technology",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "intel",
            "version": "11.0.0.1205"
          },
          {
            "_id": null,
            "model": "ip phone",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "88610"
          },
          {
            "_id": null,
            "model": "clarity engine",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "arubanetworks",
            "version": "1.0.0.1"
          },
          {
            "_id": null,
            "model": "aironet series access points",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "15600"
          },
          {
            "_id": null,
            "model": "windows for 32-bit systems sp1",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "microsoft",
            "version": "7"
          },
          {
            "_id": null,
            "model": "instantos",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "arubanetworks",
            "version": "4.3.1.5"
          },
          {
            "_id": null,
            "model": "airport base station",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "7.6.2"
          },
          {
            "_id": null,
            "model": "active management technology",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "intel",
            "version": "8.1"
          },
          {
            "_id": null,
            "model": "active management technology",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "intel",
            "version": "11.8"
          },
          {
            "_id": null,
            "model": "windows for x64-based systems sp1",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "microsoft",
            "version": "7"
          },
          {
            "_id": null,
            "model": "enterprise linux for ibm z systems extended update support",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "redhat",
            "version": "-7.4"
          },
          {
            "_id": null,
            "model": "meraki mr58",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "0"
          },
          {
            "_id": null,
            "model": "windows version for 32-bit systems",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "microsoft",
            "version": "1016070"
          },
          {
            "_id": null,
            "model": "dual band wireless-ac",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "intel",
            "version": "316519.10.9.2"
          },
          {
            "_id": null,
            "model": "pyxis parassist system",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "bd",
            "version": "0"
          },
          {
            "_id": null,
            "model": "windows server for 32-bit systems sp2",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "microsoft",
            "version": "2008"
          },
          {
            "_id": null,
            "model": "instantos",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "arubanetworks",
            "version": "4.3"
          },
          {
            "_id": null,
            "model": "android",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "7.0"
          },
          {
            "_id": null,
            "model": "simatic mobile panel 277 iwlan",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "siemens",
            "version": "0"
          },
          {
            "_id": null,
            "model": "pyxis medstation t2",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "bd",
            "version": "40000"
          },
          {
            "_id": null,
            "model": "dual band wireless-ac",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "intel",
            "version": "826020.0.2.3"
          },
          {
            "_id": null,
            "model": "android",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "6.0.1"
          },
          {
            "_id": null,
            "model": "airport base station",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "7.6.1"
          },
          {
            "_id": null,
            "model": "dual band wireless-ac",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "intel",
            "version": "316519.51.0.0"
          },
          {
            "_id": null,
            "model": "wi-fi update for boot camp",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "0"
          },
          {
            "_id": null,
            "model": "enterprise linux server update services for sap solutions",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "redhat",
            "version": "-7.4"
          },
          {
            "_id": null,
            "model": "ipad",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "0"
          },
          {
            "_id": null,
            "model": "contact vmt",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "phoenix",
            "version": "30xx0"
          },
          {
            "_id": null,
            "model": "enterprise linux for power big endian",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "redhat",
            "version": "7"
          },
          {
            "_id": null,
            "model": "wpa supplicant",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "w1 f1",
            "version": "2.6"
          },
          {
            "_id": null,
            "model": "wireless client bridge",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "arubanetworks",
            "version": "5010"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "10.0.1"
          },
          {
            "_id": null,
            "model": "active management technology",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "intel",
            "version": "11.5"
          },
          {
            "_id": null,
            "model": "meraki mr11",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "0"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "10.3.3"
          },
          {
            "_id": null,
            "model": "pyxis anesthesia system",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "bd",
            "version": "40000"
          },
          {
            "_id": null,
            "model": "tvos",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "10.2.2"
          },
          {
            "_id": null,
            "model": "pyxis anesthesia system",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "bd",
            "version": "35000"
          },
          {
            "_id": null,
            "model": "automation stratix 15.3 jc1",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "rockwell",
            "version": "5100"
          },
          {
            "_id": null,
            "model": "enterprise linux server aus",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "redhat",
            "version": "-7.4"
          },
          {
            "_id": null,
            "model": "pyxis ciisafe workstation",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "bd",
            "version": "??0"
          },
          {
            "_id": null,
            "model": "enterprise linux for power big endian extended update support",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "redhat",
            "version": "-7.4"
          },
          {
            "_id": null,
            "model": "airport base station",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "7.6.7"
          },
          {
            "_id": null,
            "model": "dual band wireless-ac",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "intel",
            "version": "316819.51.0.0"
          },
          {
            "_id": null,
            "model": "ipad air",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "0"
          },
          {
            "_id": null,
            "model": "active management technology",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "intel",
            "version": "7.0"
          },
          {
            "_id": null,
            "model": "arubaos",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "arubanetworks",
            "version": "6.5.4.1"
          },
          {
            "_id": null,
            "model": "enterprise linux eus compute node",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "redhat",
            "version": "7.6"
          },
          {
            "_id": null,
            "model": "enterprise linux for scientific computing",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "redhat",
            "version": "7"
          },
          {
            "_id": null,
            "model": "active management technology",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "intel",
            "version": "8.1.71.3608"
          },
          {
            "_id": null,
            "model": "active management technology",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "intel",
            "version": "9.1.41.3024"
          },
          {
            "_id": null,
            "model": "arubaos",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "arubanetworks",
            "version": "6.4.2.1"
          },
          {
            "_id": null,
            "model": "enterprise linux eus compute node",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "redhat",
            "version": "7.4"
          },
          {
            "_id": null,
            "model": "dx80",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "0"
          },
          {
            "_id": null,
            "model": "active management technology",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "intel",
            "version": "9.0"
          },
          {
            "_id": null,
            "model": "contact bl2 ppc",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "phoenix",
            "version": "0"
          },
          {
            "_id": null,
            "model": "contact tpc",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "phoenix",
            "version": "60130"
          },
          {
            "_id": null,
            "model": "ipod touch",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "0"
          },
          {
            "_id": null,
            "model": "arubaos",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "arubanetworks",
            "version": "6.5.1"
          },
          {
            "_id": null,
            "model": "ck70a-atex",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "pepperl fuchs",
            "version": "0"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "10.2.1"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "10.3.1"
          },
          {
            "_id": null,
            "model": "dual band wireless-ac",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "intel",
            "version": "316819.51.7.20"
          },
          {
            "_id": null,
            "model": "macbook pro",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "0"
          },
          {
            "_id": null,
            "model": "dual band wireless-ac",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "intel",
            "version": "316819.10"
          },
          {
            "_id": null,
            "model": "windows for x64-based systems",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "microsoft",
            "version": "100"
          },
          {
            "_id": null,
            "model": "airport base station",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "7.7.8"
          },
          {
            "_id": null,
            "model": "active management technology",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "intel",
            "version": "9.5"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "10.1"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "10.2"
          },
          {
            "_id": null,
            "model": "airport base station",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "7.6.4"
          },
          {
            "_id": null,
            "model": "smart-ex",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "pepperl fuchs",
            "version": "010"
          },
          {
            "_id": null,
            "model": "dual band wireless-ac",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "intel",
            "version": "826520.0.2.2"
          },
          {
            "_id": null,
            "model": "dual band wireless-ac",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "intel",
            "version": "316018.33.9.3"
          },
          {
            "_id": null,
            "model": "tab-ex",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "pepperl fuchs",
            "version": "010"
          },
          {
            "_id": null,
            "model": "arubaos",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "arubanetworks",
            "version": "6.5.3.3"
          },
          {
            "_id": null,
            "model": "iphone",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "0"
          },
          {
            "_id": null,
            "model": "macmini",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "0"
          },
          {
            "_id": null,
            "model": "arubaos",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "arubanetworks",
            "version": "6.4.4.16"
          },
          {
            "_id": null,
            "model": "contact fl wlan epa",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "phoenix",
            "version": "0"
          },
          {
            "_id": null,
            "model": "airport time capsule",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "0"
          },
          {
            "_id": null,
            "model": "alliance wpa2 (wi-fi protected access",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "wi fi",
            "version": "2)0"
          },
          {
            "_id": null,
            "model": "airport base station",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "apple",
            "version": "7.7.9"
          },
          {
            "_id": null,
            "model": "scalance wlc711",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "siemens",
            "version": "0"
          },
          {
            "_id": null,
            "model": "ruggedcom rs9xxw",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "siemens",
            "version": "0"
          },
          {
            "_id": null,
            "model": "arubaos",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "arubanetworks",
            "version": "6.3.1.15"
          },
          {
            "_id": null,
            "model": "networks unifi access point",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ubiquiti",
            "version": "0"
          },
          {
            "_id": null,
            "model": "suremark printer 2cr",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "toshiba",
            "version": "4610"
          },
          {
            "_id": null,
            "model": "ip phone",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "88650"
          },
          {
            "_id": null,
            "model": "arubaos",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "arubanetworks",
            "version": "6.5.4"
          },
          {
            "_id": null,
            "model": "airport base station",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "7.7.7"
          },
          {
            "_id": null,
            "model": "instantos",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "arubanetworks",
            "version": "6.5.4"
          },
          {
            "_id": null,
            "model": "asa 5506w-x w/ firepower services",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "0"
          },
          {
            "_id": null,
            "model": "windows version for x64-based systems",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "microsoft",
            "version": "1016070"
          },
          {
            "_id": null,
            "model": "airport base station",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "apple",
            "version": "7.6.9"
          },
          {
            "_id": null,
            "model": "s3 med-surg bed",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "stryker",
            "version": "3005"
          },
          {
            "_id": null,
            "model": "dual band wireless-ac",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "intel",
            "version": "316018.0.0.0"
          },
          {
            "_id": null,
            "model": "smart-ex",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "pepperl fuchs",
            "version": "2010"
          },
          {
            "_id": null,
            "model": "windows version for x64-based systems",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "microsoft",
            "version": "1017030"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "11.1"
          },
          {
            "_id": null,
            "model": null,
            "scope": "eq",
            "trust": 0.2,
            "vendor": "ubuntu linux",
            "version": "14.04"
          },
          {
            "_id": null,
            "model": null,
            "scope": "eq",
            "trust": 0.2,
            "vendor": "ubuntu linux",
            "version": "16.04"
          },
          {
            "_id": null,
            "model": null,
            "scope": "eq",
            "trust": 0.2,
            "vendor": "ubuntu linux",
            "version": "17.04"
          },
          {
            "_id": null,
            "model": null,
            "scope": "eq",
            "trust": 0.2,
            "vendor": "debian linux",
            "version": "8.0"
          },
          {
            "_id": null,
            "model": null,
            "scope": "eq",
            "trust": 0.2,
            "vendor": "debian linux",
            "version": "9.0"
          },
          {
            "_id": null,
            "model": null,
            "scope": "eq",
            "trust": 0.2,
            "vendor": "freebsd",
            "version": "*"
          },
          {
            "_id": null,
            "model": null,
            "scope": "eq",
            "trust": 0.2,
            "vendor": "freebsd",
            "version": "10"
          },
          {
            "_id": null,
            "model": null,
            "scope": "eq",
            "trust": 0.2,
            "vendor": "freebsd",
            "version": "10.4"
          },
          {
            "_id": null,
            "model": null,
            "scope": "eq",
            "trust": 0.2,
            "vendor": "freebsd",
            "version": "11"
          },
          {
            "_id": null,
            "model": null,
            "scope": "eq",
            "trust": 0.2,
            "vendor": "freebsd",
            "version": "11.1"
          },
          {
            "_id": null,
            "model": null,
            "scope": "eq",
            "trust": 0.2,
            "vendor": "leap",
            "version": "42.2"
          },
          {
            "_id": null,
            "model": null,
            "scope": "eq",
            "trust": 0.2,
            "vendor": "leap",
            "version": "42.3"
          },
          {
            "_id": null,
            "model": null,
            "scope": "eq",
            "trust": 0.2,
            "vendor": "linux desktop",
            "version": "7"
          },
          {
            "_id": null,
            "model": null,
            "scope": "eq",
            "trust": 0.2,
            "vendor": "linux server",
            "version": "7"
          },
          {
            "_id": null,
            "model": null,
            "scope": "eq",
            "trust": 0.2,
            "vendor": "hostapd",
            "version": "0.2.4"
          },
          {
            "_id": null,
            "model": null,
            "scope": "eq",
            "trust": 0.2,
            "vendor": "hostapd",
            "version": "0.2.5"
          },
          {
            "_id": null,
            "model": null,
            "scope": "eq",
            "trust": 0.2,
            "vendor": "hostapd",
            "version": "0.2.6"
          },
          {
            "_id": null,
            "model": null,
            "scope": "eq",
            "trust": 0.2,
            "vendor": "hostapd",
            "version": "0.2.8"
          },
          {
            "_id": null,
            "model": null,
            "scope": "eq",
            "trust": 0.2,
            "vendor": "hostapd",
            "version": "0.3.7"
          },
          {
            "_id": null,
            "model": null,
            "scope": "eq",
            "trust": 0.2,
            "vendor": "hostapd",
            "version": "0.3.9"
          },
          {
            "_id": null,
            "model": null,
            "scope": "eq",
            "trust": 0.2,
            "vendor": "hostapd",
            "version": "0.3.10"
          },
          {
            "_id": null,
            "model": null,
            "scope": "eq",
            "trust": 0.2,
            "vendor": "hostapd",
            "version": "0.3.11"
          },
          {
            "_id": null,
            "model": null,
            "scope": "eq",
            "trust": 0.2,
            "vendor": "hostapd",
            "version": "0.4.7"
          },
          {
            "_id": null,
            "model": null,
            "scope": "eq",
            "trust": 0.2,
            "vendor": "hostapd",
            "version": "0.4.8"
          },
          {
            "_id": null,
            "model": null,
            "scope": "eq",
            "trust": 0.2,
            "vendor": "hostapd",
            "version": "0.4.9"
          },
          {
            "_id": null,
            "model": null,
            "scope": "eq",
            "trust": 0.2,
            "vendor": "hostapd",
            "version": "0.4.10"
          },
          {
            "_id": null,
            "model": null,
            "scope": "eq",
            "trust": 0.2,
            "vendor": "hostapd",
            "version": "0.4.11"
          },
          {
            "_id": null,
            "model": null,
            "scope": "eq",
            "trust": 0.2,
            "vendor": "hostapd",
            "version": "0.5.7"
          },
          {
            "_id": null,
            "model": null,
            "scope": "eq",
            "trust": 0.2,
            "vendor": "hostapd",
            "version": "0.5.8"
          },
          {
            "_id": null,
            "model": null,
            "scope": "eq",
            "trust": 0.2,
            "vendor": "hostapd",
            "version": "0.5.9"
          },
          {
            "_id": null,
            "model": null,
            "scope": "eq",
            "trust": 0.2,
            "vendor": "hostapd",
            "version": "0.5.10"
          },
          {
            "_id": null,
            "model": null,
            "scope": "eq",
            "trust": 0.2,
            "vendor": "hostapd",
            "version": "0.5.11"
          },
          {
            "_id": null,
            "model": null,
            "scope": "eq",
            "trust": 0.2,
            "vendor": "hostapd",
            "version": "0.6.8"
          },
          {
            "_id": null,
            "model": null,
            "scope": "eq",
            "trust": 0.2,
            "vendor": "hostapd",
            "version": "0.6.9"
          },
          {
            "_id": null,
            "model": null,
            "scope": "eq",
            "trust": 0.2,
            "vendor": "hostapd",
            "version": "0.6.10"
          },
          {
            "_id": null,
            "model": null,
            "scope": "eq",
            "trust": 0.2,
            "vendor": "hostapd",
            "version": "0.7.3"
          },
          {
            "_id": null,
            "model": null,
            "scope": "eq",
            "trust": 0.2,
            "vendor": "hostapd",
            "version": "1.0"
          },
          {
            "_id": null,
            "model": null,
            "scope": "eq",
            "trust": 0.2,
            "vendor": "hostapd",
            "version": "1.1"
          },
          {
            "_id": null,
            "model": null,
            "scope": "eq",
            "trust": 0.2,
            "vendor": "hostapd",
            "version": "2.0"
          },
          {
            "_id": null,
            "model": null,
            "scope": "eq",
            "trust": 0.2,
            "vendor": "hostapd",
            "version": "2.1"
          },
          {
            "_id": null,
            "model": null,
            "scope": "eq",
            "trust": 0.2,
            "vendor": "hostapd",
            "version": "2.2"
          },
          {
            "_id": null,
            "model": null,
            "scope": "eq",
            "trust": 0.2,
            "vendor": "hostapd",
            "version": "2.3"
          },
          {
            "_id": null,
            "model": null,
            "scope": "eq",
            "trust": 0.2,
            "vendor": "hostapd",
            "version": "2.4"
          },
          {
            "_id": null,
            "model": null,
            "scope": "eq",
            "trust": 0.2,
            "vendor": "hostapd",
            "version": "2.5"
          },
          {
            "_id": null,
            "model": null,
            "scope": "eq",
            "trust": 0.2,
            "vendor": "hostapd",
            "version": "2.6"
          },
          {
            "_id": null,
            "model": null,
            "scope": "eq",
            "trust": 0.2,
            "vendor": "wpa supplicant",
            "version": "0.2.4"
          },
          {
            "_id": null,
            "model": null,
            "scope": "eq",
            "trust": 0.2,
            "vendor": "wpa supplicant",
            "version": "0.2.5"
          },
          {
            "_id": null,
            "model": null,
            "scope": "eq",
            "trust": 0.2,
            "vendor": "wpa supplicant",
            "version": "0.2.6"
          },
          {
            "_id": null,
            "model": null,
            "scope": "eq",
            "trust": 0.2,
            "vendor": "wpa supplicant",
            "version": "0.2.7"
          },
          {
            "_id": null,
            "model": null,
            "scope": "eq",
            "trust": 0.2,
            "vendor": "wpa supplicant",
            "version": "0.2.8"
          },
          {
            "_id": null,
            "model": null,
            "scope": "eq",
            "trust": 0.2,
            "vendor": "wpa supplicant",
            "version": "0.3.7"
          },
          {
            "_id": null,
            "model": null,
            "scope": "eq",
            "trust": 0.2,
            "vendor": "wpa supplicant",
            "version": "0.3.8"
          },
          {
            "_id": null,
            "model": null,
            "scope": "eq",
            "trust": 0.2,
            "vendor": "wpa supplicant",
            "version": "0.3.9"
          },
          {
            "_id": null,
            "model": null,
            "scope": "eq",
            "trust": 0.2,
            "vendor": "wpa supplicant",
            "version": "0.3.10"
          },
          {
            "_id": null,
            "model": null,
            "scope": "eq",
            "trust": 0.2,
            "vendor": "wpa supplicant",
            "version": "0.3.11"
          },
          {
            "_id": null,
            "model": null,
            "scope": "eq",
            "trust": 0.2,
            "vendor": "wpa supplicant",
            "version": "0.4.7"
          },
          {
            "_id": null,
            "model": null,
            "scope": "eq",
            "trust": 0.2,
            "vendor": "wpa supplicant",
            "version": "0.4.8"
          },
          {
            "_id": null,
            "model": null,
            "scope": "eq",
            "trust": 0.2,
            "vendor": "wpa supplicant",
            "version": "0.4.9"
          },
          {
            "_id": null,
            "model": null,
            "scope": "eq",
            "trust": 0.2,
            "vendor": "wpa supplicant",
            "version": "0.4.10"
          },
          {
            "_id": null,
            "model": null,
            "scope": "eq",
            "trust": 0.2,
            "vendor": "wpa supplicant",
            "version": "0.4.11"
          },
          {
            "_id": null,
            "model": null,
            "scope": "eq",
            "trust": 0.2,
            "vendor": "wpa supplicant",
            "version": "0.5.7"
          },
          {
            "_id": null,
            "model": null,
            "scope": "eq",
            "trust": 0.2,
            "vendor": "wpa supplicant",
            "version": "0.5.8"
          },
          {
            "_id": null,
            "model": null,
            "scope": "eq",
            "trust": 0.2,
            "vendor": "wpa supplicant",
            "version": "0.5.9"
          },
          {
            "_id": null,
            "model": null,
            "scope": "eq",
            "trust": 0.2,
            "vendor": "wpa supplicant",
            "version": "0.5.10"
          },
          {
            "_id": null,
            "model": null,
            "scope": "eq",
            "trust": 0.2,
            "vendor": "wpa supplicant",
            "version": "0.5.11"
          },
          {
            "_id": null,
            "model": null,
            "scope": "eq",
            "trust": 0.2,
            "vendor": "wpa supplicant",
            "version": "0.6.8"
          },
          {
            "_id": null,
            "model": null,
            "scope": "eq",
            "trust": 0.2,
            "vendor": "wpa supplicant",
            "version": "0.6.9"
          },
          {
            "_id": null,
            "model": null,
            "scope": "eq",
            "trust": 0.2,
            "vendor": "wpa supplicant",
            "version": "0.6.10"
          },
          {
            "_id": null,
            "model": null,
            "scope": "eq",
            "trust": 0.2,
            "vendor": "wpa supplicant",
            "version": "0.7.3"
          },
          {
            "_id": null,
            "model": null,
            "scope": "eq",
            "trust": 0.2,
            "vendor": "wpa supplicant",
            "version": "1.0"
          },
          {
            "_id": null,
            "model": null,
            "scope": "eq",
            "trust": 0.2,
            "vendor": "wpa supplicant",
            "version": "1.1"
          },
          {
            "_id": null,
            "model": null,
            "scope": "eq",
            "trust": 0.2,
            "vendor": "wpa supplicant",
            "version": "2.0"
          },
          {
            "_id": null,
            "model": null,
            "scope": "eq",
            "trust": 0.2,
            "vendor": "wpa supplicant",
            "version": "2.1"
          },
          {
            "_id": null,
            "model": null,
            "scope": "eq",
            "trust": 0.2,
            "vendor": "wpa supplicant",
            "version": "2.2"
          },
          {
            "_id": null,
            "model": null,
            "scope": "eq",
            "trust": 0.2,
            "vendor": "wpa supplicant",
            "version": "2.3"
          },
          {
            "_id": null,
            "model": null,
            "scope": "eq",
            "trust": 0.2,
            "vendor": "wpa supplicant",
            "version": "2.4"
          },
          {
            "_id": null,
            "model": null,
            "scope": "eq",
            "trust": 0.2,
            "vendor": "wpa supplicant",
            "version": "2.5"
          },
          {
            "_id": null,
            "model": null,
            "scope": "eq",
            "trust": 0.2,
            "vendor": "wpa supplicant",
            "version": "2.6"
          },
          {
            "_id": null,
            "model": null,
            "scope": "eq",
            "trust": 0.2,
            "vendor": "linux point of sale",
            "version": "11"
          },
          {
            "_id": null,
            "model": null,
            "scope": "eq",
            "trust": 0.2,
            "vendor": "linux server",
            "version": "12"
          },
          {
            "_id": null,
            "model": null,
            "scope": "eq",
            "trust": 0.2,
            "vendor": "openstack cloud",
            "version": "6"
          }
        ],
        "sources": [
          {
            "db": "IVD",
            "id": "d6bbedba-ffb0-46fc-8b8d-fc2a4fce19b2"
          },
          {
            "db": "CERT/CC",
            "id": "VU#228519"
          },
          {
            "db": "CNVD",
            "id": "CNVD-2017-30405"
          },
          {
            "db": "BID",
            "id": "101274"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201710-381"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2017-009171"
          },
          {
            "db": "NVD",
            "id": "CVE-2017-13078"
          }
        ]
      },
      "configurations": {
        "_id": null,
        "data": [
          {
            "CVE_data_version": "4.0",
            "nodes": [
              {
                "cpe_match": [
                  {
                    "cpe22Uri": "cpe:/o:canonical:ubuntu",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:debian:debian_linux",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:freebsd:freebsd",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:opensuse_project:leap",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:suse:linux_enterprise_desktop",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:suse:suse_linux_enterprise_point_of_sale",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:suse:linux_enterprise_server",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/a:suse:openstack_cloud",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/a:w1.fi:hostapd",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/a:w1.fi:wpa_supplicant",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:redhat:enterprise_linux_desktop",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:redhat:enterprise_linux_server",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:nec:nec_edge_gateway",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/a:fujitsu:sr-m20ac1",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/a:fujitsu:sr-m20ac2",
                    "vulnerable": true
                  }
                ],
                "operator": "OR"
              }
            ]
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2017-009171"
          }
        ]
      },
      "credits": {
        "_id": null,
        "data": "Mathy Vanhoef from imec-DistriNet and KU Leuven.",
        "sources": [
          {
            "db": "BID",
            "id": "101274"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201710-381"
          }
        ],
        "trust": 0.9
      },
      "cve": "CVE-2017-13078",
      "cvss": {
        "_id": null,
        "data": [
          {
            "cvssV2": [
              {
                "accessComplexity": "MEDIUM",
                "accessVector": "ADJACENT_NETWORK",
                "authentication": "NONE",
                "author": "nvd@nist.gov",
                "availabilityImpact": "NONE",
                "baseScore": 2.9,
                "confidentialityImpact": "NONE",
                "exploitabilityScore": 5.5,
                "id": "CVE-2017-13078",
                "impactScore": 2.9,
                "integrityImpact": "PARTIAL",
                "severity": "LOW",
                "trust": 1.9,
                "vectorString": "AV:A/AC:M/Au:N/C:N/I:P/A:N",
                "version": "2.0"
              },
              {
                "accessComplexity": "MEDIUM",
                "accessVector": "ADJACENT_NETWORK",
                "authentication": "NONE",
                "author": "CNVD",
                "availabilityImpact": "PARTIAL",
                "baseScore": 5.4,
                "confidentialityImpact": "PARTIAL",
                "exploitabilityScore": 5.5,
                "id": "CNVD-2017-30405",
                "impactScore": 6.4,
                "integrityImpact": "PARTIAL",
                "severity": "MEDIUM",
                "trust": 0.6,
                "vectorString": "AV:A/AC:M/Au:N/C:P/I:P/A:P",
                "version": "2.0"
              },
              {
                "accessComplexity": "MEDIUM",
                "accessVector": "ADJACENT_NETWORK",
                "authentication": "NONE",
                "author": "IVD",
                "availabilityImpact": "PARTIAL",
                "baseScore": 5.4,
                "confidentialityImpact": "PARTIAL",
                "exploitabilityScore": 5.5,
                "id": "d6bbedba-ffb0-46fc-8b8d-fc2a4fce19b2",
                "impactScore": 6.4,
                "integrityImpact": "PARTIAL",
                "severity": "MEDIUM",
                "trust": 0.2,
                "vectorString": "AV:A/AC:M/Au:N/C:P/I:P/A:P",
                "version": "2.9 [IVD]"
              }
            ],
            "cvssV3": [
              {
                "attackComplexity": "HIGH",
                "attackVector": "ADJACENT",
                "author": "nvd@nist.gov",
                "availabilityImpact": "NONE",
                "baseScore": 5.3,
                "baseSeverity": "MEDIUM",
                "confidentialityImpact": "NONE",
                "exploitabilityScore": 1.6,
                "id": "CVE-2017-13078",
                "impactScore": 3.6,
                "integrityImpact": "HIGH",
                "privilegesRequired": "NONE",
                "scope": "UNCHANGED",
                "trust": 1.8,
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.0/AV:A/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N",
                "version": "3.0"
              }
            ],
            "severity": [
              {
                "author": "nvd@nist.gov",
                "id": "CVE-2017-13078",
                "trust": 1.0,
                "value": "MEDIUM"
              },
              {
                "author": "NVD",
                "id": "CVE-2017-13078",
                "trust": 0.8,
                "value": "Medium"
              },
              {
                "author": "CNVD",
                "id": "CNVD-2017-30405",
                "trust": 0.6,
                "value": "MEDIUM"
              },
              {
                "author": "CNNVD",
                "id": "CNNVD-201710-381",
                "trust": 0.6,
                "value": "MEDIUM"
              },
              {
                "author": "IVD",
                "id": "d6bbedba-ffb0-46fc-8b8d-fc2a4fce19b2",
                "trust": 0.2,
                "value": "MEDIUM"
              },
              {
                "author": "VULMON",
                "id": "CVE-2017-13078",
                "trust": 0.1,
                "value": "LOW"
              }
            ]
          }
        ],
        "sources": [
          {
            "db": "IVD",
            "id": "d6bbedba-ffb0-46fc-8b8d-fc2a4fce19b2"
          },
          {
            "db": "CNVD",
            "id": "CNVD-2017-30405"
          },
          {
            "db": "VULMON",
            "id": "CVE-2017-13078"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201710-381"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2017-009171"
          },
          {
            "db": "NVD",
            "id": "CVE-2017-13078"
          }
        ]
      },
      "description": {
        "_id": null,
        "data": "Wi-Fi Protected Access (WPA and WPA2) allows reinstallation of the Group Temporal Key (GTK) during the four-way handshake, allowing an attacker within radio range to replay frames from access points to clients. An attacker within range of an affected AP and client may leverage these vulnerabilities to conduct attacks that are dependent on the data confidentiality protocols being used. Attacks may include arbitrary packet decryption and injection, TCP connection hijacking, HTTP content injection, or the replay of unicast and group-addressed frames. These vulnerabilities are referred to as Key Reinstallation Attacks or \"KRACK\" attacks. WPA (Wi-Fi Protected Access) is a system that protects wireless computer networks (Wi-Fi). The WPA2 wireless network has a GTK group key reload vulnerability in the fourth handshake. WPA2  is prone to multiple security weaknesses. \nExploiting these issues may allow an unauthorized user to intercept and manipulate data or disclose sensitive information. -----BEGIN PGP SIGNED MESSAGE-----\nHash: SHA1\n\n=====================================================================\n                   Red Hat Security Advisory\n\nSynopsis:          Important: wpa_supplicant security update\nAdvisory ID:       RHSA-2017:2907-01\nProduct:           Red Hat Enterprise Linux\nAdvisory URL:      https://access.redhat.com/errata/RHSA-2017:2907\nIssue date:        2017-10-17\nCVE Names:         CVE-2017-13077 CVE-2017-13078 CVE-2017-13080 \n                   CVE-2017-13082 CVE-2017-13086 CVE-2017-13087 \n                   CVE-2017-13088 \n=====================================================================\n\n1. Summary:\n\nAn update for wpa_supplicant is now available for Red Hat Enterprise Linux\n7. \n\nRed Hat Product Security has rated this update as having a security impact\nof Important. A Common Vulnerability Scoring System (CVSS) base score,\nwhich gives a detailed severity rating, is available for each vulnerability\nfrom the CVE link(s) in the References section. Relevant releases/architectures:\n\nRed Hat Enterprise Linux Client (v. 7) - x86_64\nRed Hat Enterprise Linux ComputeNode (v. 7) - x86_64\nRed Hat Enterprise Linux Server (v. 7) - aarch64, ppc64, ppc64le, s390x, x86_64\nRed Hat Enterprise Linux Workstation (v. 7) - x86_64\n\n3. Description:\n\nThe wpa_supplicant packages contain an 802.1X Supplicant with support for\nWEP, WPA, WPA2 (IEEE 802.11i / RSN), and various EAP authentication\nmethods. They implement key negotiation with a WPA Authenticator for client\nstations and controls the roaming and IEEE 802.11 authentication and\nassociation of the WLAN driver. A remote attacker within Wi-Fi range\ncould exploit these attacks to decrypt Wi-Fi traffic or possibly inject\nforged Wi-Fi packets by manipulating cryptographic handshakes used by the\nWPA2 protocol. (CVE-2017-13077, CVE-2017-13078, CVE-2017-13080,\nCVE-2017-13082, CVE-2017-13086, CVE-2017-13087, CVE-2017-13088)\n\nRed Hat would like to thank CERT for reporting these issues. Upstream\nacknowledges Mathy Vanhoef (University of Leuven) as the original reporter\nof these issues. Solution:\n\nFor details on how to apply this update, which includes the changes\ndescribed in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\n5. Package List:\n\nRed Hat Enterprise Linux Client (v. 7):\n\nSource:\nwpa_supplicant-2.6-5.el7_4.1.src.rpm\n\nx86_64:\nwpa_supplicant-2.6-5.el7_4.1.x86_64.rpm\nwpa_supplicant-debuginfo-2.6-5.el7_4.1.x86_64.rpm\n\nRed Hat Enterprise Linux ComputeNode (v. 7):\n\nSource:\nwpa_supplicant-2.6-5.el7_4.1.src.rpm\n\nx86_64:\nwpa_supplicant-2.6-5.el7_4.1.x86_64.rpm\nwpa_supplicant-debuginfo-2.6-5.el7_4.1.x86_64.rpm\n\nRed Hat Enterprise Linux Server (v. 7):\n\nSource:\nwpa_supplicant-2.6-5.el7_4.1.src.rpm\n\naarch64:\nwpa_supplicant-2.6-5.el7_4.1.aarch64.rpm\nwpa_supplicant-debuginfo-2.6-5.el7_4.1.aarch64.rpm\n\nppc64:\nwpa_supplicant-2.6-5.el7_4.1.ppc64.rpm\nwpa_supplicant-debuginfo-2.6-5.el7_4.1.ppc64.rpm\n\nppc64le:\nwpa_supplicant-2.6-5.el7_4.1.ppc64le.rpm\nwpa_supplicant-debuginfo-2.6-5.el7_4.1.ppc64le.rpm\n\ns390x:\nwpa_supplicant-2.6-5.el7_4.1.s390x.rpm\nwpa_supplicant-debuginfo-2.6-5.el7_4.1.s390x.rpm\n\nx86_64:\nwpa_supplicant-2.6-5.el7_4.1.x86_64.rpm\nwpa_supplicant-debuginfo-2.6-5.el7_4.1.x86_64.rpm\n\nRed Hat Enterprise Linux Workstation (v. 7):\n\nSource:\nwpa_supplicant-2.6-5.el7_4.1.src.rpm\n\nx86_64:\nwpa_supplicant-2.6-5.el7_4.1.x86_64.rpm\nwpa_supplicant-debuginfo-2.6-5.el7_4.1.x86_64.rpm\n\nThese packages are GPG signed by Red Hat for security.  Our key and\ndetails on how to verify the signature are available from\nhttps://access.redhat.com/security/team/key/\n\n7. References:\n\nhttps://access.redhat.com/security/cve/CVE-2017-13077\nhttps://access.redhat.com/security/cve/CVE-2017-13078\nhttps://access.redhat.com/security/cve/CVE-2017-13080\nhttps://access.redhat.com/security/cve/CVE-2017-13082\nhttps://access.redhat.com/security/cve/CVE-2017-13086\nhttps://access.redhat.com/security/cve/CVE-2017-13087\nhttps://access.redhat.com/security/cve/CVE-2017-13088\nhttps://access.redhat.com/security/updates/classification/#important\nhttps://access.redhat.com/security/vulnerabilities/kracks\n\n8. Contact:\n\nThe Red Hat security contact is \u003csecalert@redhat.com\u003e. More contact\ndetails at https://access.redhat.com/security/team/contact/\n\nCopyright 2017 Red Hat, Inc. -----BEGIN PGP SIGNED MESSAGE-----\nHash: SHA512\n\nAPPLE-SA-2017-12-12-2 AirPort Base Station Firmware Update 7.7.9\n\nAirPort Base Station Firmware Update 7.7.9 is now available and\naddresses the following:\n\nAirPort Base Station Firmware\nAvailable for: AirPort Extreme and AirPort Time Capsule base stations\nwith 802.11ac\nImpact: An attacker within range may be able to execute arbitrary\ncode on the Wi-Fi chip\nDescription: A memory corruption issue was addressed with improved\nmemory handling. \nCVE-2017-9417: Nitay Artenstein of Exodus Intelligence\n\nAirPort Base Station Firmware\nAvailable for: AirPort Extreme and AirPort Time Capsule base stations\nwith 802.11ac\nImpact: An attacker in Wi-Fi range may force nonce reuse in WPA\nunicast/PTK clients (Key Reinstallation Attacks - KRACK)\nDescription: A logic issue existed in the handling of state\ntransitions. This was addressed with improved state management. \nCVE-2017-13077: Mathy Vanhoef of the imec-DistriNet group at KU\nLeuven\nCVE-2017-13078: Mathy Vanhoef of the imec-DistriNet group at KU\nLeuven\n\nAirPort Base Station Firmware\nAvailable for: AirPort Extreme and AirPort Time Capsule base stations\nwith 802.11ac\nImpact: An attacker in Wi-Fi range may force nonce reuse in WPA\nmulticast/GTK clients (Key Reinstallation Attacks - KRACK)\nDescription: A logic issue existed in the handling of state\ntransitions. This was addressed with improved state management. \nCVE-2017-13080: Mathy Vanhoef of the imec-DistriNet group at KU\nLeuven\n\nInstallation note:\n\nFirmware version 7.7.9 is installed on AirPort Extreme or\nAirPort Time Capsule base stations with 802.11ac using\nAirPort Utility for Mac or iOS. \n\nAirPort Utility for Mac is a free download from\nhttps://support.apple.com/downloads/ and AirPort Utility for iOS\nis a free download from the App Store. \nCVE-2017-13080: Mathy Vanhoef of the imec-DistriNet group at\nKU Leuven\n\nInstallation note:\n\nWi-Fi Update for Boot Camp 6.4.0 may be obtained from Apple Software\nUpdate for Windows. Those vulnerabilities applies to both the access point\n(implemented in hostapd) and the station (implemented in wpa_supplicant). \n\nAn attacker exploiting the vulnerabilities could force the vulnerable system to\nreuse cryptographic session keys, enabling a range of cryptographic attacks\nagainst the ciphers used in WPA1 and WPA2. \n\nFor the stable distribution (stretch), these problems have been fixed in\nversion 2:2.4-1+deb9u1. \n\nFor the testing distribution (buster), these problems have been fixed\nin version 2:2.4-1.1. \n\nFor the unstable distribution (sid), these problems have been fixed in\nversion 2:2.4-1.1. \n\nWe recommend that you upgrade your wpa packages. ==========================================================================\nUbuntu Security Notice USN-3455-1\nOctober 16, 2017\n\nwpa vulnerabilities\n==========================================================================\n\nA security issue affects these releases of Ubuntu and its derivatives:\n\n- Ubuntu 17.04\n- Ubuntu 16.04 LTS\n- Ubuntu 14.04 LTS\n\nSummary:\n\nSeveral security issues were fixed in wpa_supplicant. \n\nSoftware Description:\n- wpa: client support for WPA and WPA2\n\nDetails:\n\nMathy Vanhoef discovered that wpa_supplicant and hostapd incorrectly\nhandled WPA2. (CVE-2017-13077,\nCVE-2017-13078, CVE-2017-13079, CVE-2017-13080, CVE-2017-13081,\nCVE-2017-13082, CVE-2017-13086, CVE-2017-13087, CVE-2017-13088)\n\nImre Rad discovered that wpa_supplicant and hostapd incorrectly handled\ninvalid characters in passphrase parameters. A remote attacker could use\nthis issue to cause a denial of service. (CVE-2016-4476)\n\nImre Rad discovered that wpa_supplicant and hostapd incorrectly handled\ninvalid characters in passphrase parameters. A local attacker could use\nthis issue to cause a denial of service, or possibly execute arbitrary\ncode. (CVE-2016-4477)\n\nUpdate instructions:\n\nThe problem can be corrected by updating your system to the following\npackage versions:\n\nUbuntu 17.04:\n  hostapd                         2.4-0ubuntu9.1\n  wpasupplicant                   2.4-0ubuntu9.1\n\nUbuntu 16.04 LTS:\n  hostapd                         2.4-0ubuntu6.2\n  wpasupplicant                   2.4-0ubuntu6.2\n\nUbuntu 14.04 LTS:\n  hostapd                         2.1-0ubuntu1.5\n  wpasupplicant                   2.1-0ubuntu1.5\n\nAfter a standard system update you need to reboot your computer to make\nall the necessary changes. - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\nGentoo Linux Security Advisory                           GLSA 201711-03\n- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\n                                           https://security.gentoo.org/\n- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\n\n Severity: Normal\n    Title: hostapd and wpa_supplicant: Key Reinstallation (KRACK)\n           attacks\n     Date: November 10, 2017\n     Bugs: #634436, #634438\n       ID: 201711-03\n\n- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\n\nSynopsis\n========\n\nA flaw was discovered in the 4-way handshake in hostapd and\nwpa_supplicant that allows attackers to conduct a Man in the Middle\nattack. \n\nAffected packages\n=================\n\n    -------------------------------------------------------------------\n     Package              /     Vulnerable     /            Unaffected\n    -------------------------------------------------------------------\n  1  net-wireless/hostapd         \u003c 2.6-r1                  \u003e= 2.6-r1 \n  2  net-wireless/wpa_supplicant\n                                  \u003c 2.6-r3                  \u003e= 2.6-r3 \n    -------------------------------------------------------------------\n     2 affected packages\n\nDescription\n===========\n\nWiFi Protected Access (WPA and WPA2) and it\u0027s associated technologies\nare all vulnerable to the KRACK attacks. Please review the referenced\nCVE identifiers for details. \n\nImpact\n======\n\nAn attacker can carry out the KRACK attacks on a wireless network in\norder to gain access to network clients. Once achieved, the attacker\ncan potentially harvest confidential information (e.g. HTTP/HTTPS),\ninject malware, or perform a myriad of other attacks. \n\nWorkaround\n==========\n\nThere is no known workaround at this time. \n\nResolution\n==========\n\nAll hostapd users should upgrade to the latest version:\n\n  # emerge --sync\n  # emerge --ask --oneshot --verbose \"\u003e=net-wireless/hostapd-2.6-r1\"\n\nAll wpa_supplicant users should upgrade to the latest version:\n\n  # emerge --sync\n  # emerge --ask --oneshot -v \"\u003e=net-wireless/wpa_supplicant-2.6-r3\"\n\nReferences\n==========\n\n[  1 ] CVE-2017-13077\n       https://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-13077\n[  2 ] CVE-2017-13078\n       https://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-13078\n[  3 ] CVE-2017-13079\n       https://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-13079\n[  4 ] CVE-2017-13080\n. -----BEGIN PGP SIGNED MESSAGE-----\nHash: SHA512\n\n=============================================================================\nFreeBSD-SA-17:07.wpa                                        Security Advisory\n                                                          The FreeBSD Project\n\nTopic:          WPA2 protocol vulnerability\n\nCategory:       contrib\nModule:         wpa\nAnnounced:      2017-10-16\nCredits:        Mathy Vanhoef\nAffects:        All supported versions of FreeBSD. \nCorrected:      2017-10-17 17:30:18 UTC (stable/11, 11.1-STABLE)\n                2017-10-17 17:57:18 UTC (releng/11.1, 11.1-RELEASE-p2)\n                2017-10-17 17:56:03 UTC (releng/11.0, 11.0-RELEASE-p13)\n                2017-10-19 03:18:22 UTC (stable/10, 10.4-STABLE)\n                2017-10-19 03:20:17 UTC (releng/10.4, 10.4-RELEASE-p1)\n                2017-10-19 03:19:42 UTC (releng/10.3, 10.3-RELEASE-p22)\nCVE Name:       CVE-2017-13077, CVE-2017-13078, CVE-2017-13079,\n                CVE-2017-13080, CVE-2017-13081, CVE-2017-13082,\n                CVE-2017-13086, CVE-2017-13087, CVE-2017-13088\n\nFor general information regarding FreeBSD Security Advisories,\nincluding descriptions of the fields above, security branches, and the\nfollowing sections, please visit \u003cURL:https://security.FreeBSD.org/\u003e. \n\n0.   Revision history\n\nv1.0  2017-10-17 Initial release. \nv1.1  2017-10-19 Add patches for 10.x releases. \n\nI. \n\nhostapd and wpa_supplicant are implementations of user space daemon for\naccess points and wireless client that implements the WPA2 protocol. \n\nII.  Problem Description\n\nA vulnerability was found in how a number of implementations can be\ntriggered to reconfigure WPA/WPA2/RSN keys (TK, GTK, or IGTK) by\nreplaying a specific frame that is used to manage the keys. \n\nIII. Impact\n\nSuch reinstallation of the encryption key can result in two different\ntypes of vulnerabilities: disabling replay protection and significantly\nreducing the security of encryption to the point of allowing frames to\nbe decrypted or some parts of the keys to be determined by an attacker\ndepending on which cipher is used. \n\nIV.  Workaround\n\nAn updated version of wpa_supplicant is available in the FreeBSD Ports\nCollection. Install version 2.6_2 or later of the\nsecurity/wpa_supplicant port/pkg. Once installed, update /etc/rc.conf\nto use the new binary:\n\nwpa_supplicant_program=\"/usr/local/sbin/wpa_supplicant\"\n\nand restart networking. \n\nAn updated version of hostapd is available in the FreeBSD Ports\nCollection. Install version 2.6_1 or later of the net/hostapd port/pkg. \nOnce installed, update /etc/rc.conf to use the new binary:\n\nhostapd_program=\"/usr/local/sbin/hostapd\"\n\nand restart hostapd. \n\nV.   Solution\n\nPerform one of the following:\n\n1) Upgrade your vulnerable system to a supported FreeBSD stable or\nrelease / security branch (releng) dated after the correction date. \n\nRestart the Wi-Fi network interfaces/hostapd or reboot the system. \n\n2) To update your vulnerable system via a binary patch:\n\nSystems running a RELEASE version of FreeBSD on the i386 or amd64\nplatforms can be updated via the freebsd-update(8) utility:\n\n# freebsd-update fetch\n# freebsd-update install\n\nRestart the Wi-Fi network interfaces/hostapd or reboot the system. \n\n3) To update your vulnerable system via a source code patch:\n\nThe following patches have been verified to apply to the applicable\nFreeBSD release branches. \n\na) Download the relevant patch from the location below, and verify the\ndetached PGP signature using your PGP utility. \n\n[FreeBSD 11.0-RELEASE, 11.1-RELEASE, and 11-STABLE]\n# fetch https://security.FreeBSD.org/patches/SA-17:07/wpa-11.patch\n# fetch https://security.FreeBSD.org/patches/SA-17:07/wpa-11.patch.asc\n# gpg --verify wpa-11.patch.asc\n\n[FreeBSD 10.3-RELEASE, 10.4-RELEASE, and 10-STABLE]\n# fetch https://security.FreeBSD.org/patches/SA-17:07/wpa-10.patch\n# fetch https://security.FreeBSD.org/patches/SA-17:07/wpa-10.patch.asc\n# gpg --verify wpa-10.patch.asc\n\nb) Apply the patch.  Execute the following commands as root:\n\n# cd /usr/src\n# patch \u003c /path/to/patch\n\nc) Recompile the operating system using buildworld and installworld as\ndescribed in \u003cURL:https://www.FreeBSD.org/handbook/makeworld.html\u003e. \n\nRestart the applicable daemons, or reboot the system. \n\nVI.  Correction details\n\nThe following list contains the correction revision numbers for each\naffected branch. \n\nBranch/path                                                      Revision\n- -------------------------------------------------------------------------\nstable/11/                                                        r324697\nreleng/11.0/                                                      r324698\nreleng/11.1/                                                      r324699\nstable/10/                                                        r324739\nreleng/10.3/                                                      r324740\nreleng/10.4/                                                      r324741\n- -------------------------------------------------------------------------\n\nTo see which files were modified by a particular revision, run the\nfollowing command, replacing NNNNNN with the revision number, on a\nmachine with Subversion installed:\n\n# svn diff -cNNNNNN --summarize svn://svn.freebsd.org/base\n\nOr visit the following URL, replacing NNNNNN with the revision number:\n\n\u003cURL:https://svnweb.freebsd.org/base?view=revision\u0026revision=NNNNNN\u003e\n\nVII. References\n\n\u003cURL:https://w1.fi/security/2017-1/wpa-packet-number-reuse-with-replayed-messages.txt\u003e\n\u003cURL:https://www.krackattacks.com/\u003e\n\nThe latest revision of this advisory is available at\n\u003cURL:https://security.FreeBSD.org/advisories/FreeBSD-SA-17:07.wpa.asc\u003e\n-----BEGIN PGP SIGNATURE-----\n\niQKTBAEBCgB9FiEEHPf/b631yp++G4yy7Wfs1l3PaucFAlnoGpNfFIAAAAAALgAo\naXNzdWVyLWZwckBub3RhdGlvbnMub3BlbnBncC5maWZ0aGhvcnNlbWFuLm5ldDFD\nRjdGRjZGQURGNUNBOUZCRTFCOENCMkVENjdFQ0Q2NURDRjZBRTcACgkQ7Wfs1l3P\nauc7WBAAm27w+fujv5sJsRxauUMopTVtRh5utwbDuoHTP+L+RCWmQfVBmueNQ0gf\nuJzMNxBIkbtY9LvyukpRsH3iD7mh26c0pd9rxxkkr4F96C9B5+W0amxJF1gdm54/\nF/50FpY+lo7cNs5tiBjypPrg8UOBBI/1G4XR7130XC0HjaTwt1ngZ0oQUWUMSsIp\ngN5ZfPul81WPWd1NqF+vyObcJhwq/Y1uoexoO27o7GQCFZoL3enZy8c4f1xqMlVM\n4HHkTgNGac6E0aW+ArH4J0DFFAOJXPqF8rdt+9XINfoBbtliIyOixJ4oh1n6eAR0\nVpBWZKFNyXSlUKIvDGa+LDhxgL1jJXV0ABSyKlUOijdmr3bbbiQE9MW/MNv2AFTd\nOAFQ0QQtm9KCWp5JLh+FPIb/kR2l7MOUP+yz4zFcJpdGtl9tDLyPN8vRTq60bY8O\ny7tBcf/SMqkd/AIFdchL4zrOguKnRARydIlwTarp8wtAQI3MKSsa1B0wgsDtlL6K\nxfdjnwWMKvKKlNOW16e1WXXO0n/ucHV4njBE+bGPro3jLgXP2/WFZpIGAR3I4xrr\nSdD4AxSNiR9f3bL7LRfMIbugJAylWNSlTLWUOVUv0/ONh85LqbcCj13NI230B64K\nETx2QOZgKnCs2oDNiw4aQHb7kvi2w94Iw/R1sAPkkxYJWO3reyE=\n=h/5q\n-----END PGP SIGNATURE-----\n. \n\n\nHere are the details from the Slackware 14.2 ChangeLog:\n+--------------------------+\npatches/packages/wpa_supplicant-2.6-i586-1_slack14.2.txz:  Upgraded. \n  This update includes patches to mitigate the WPA2 protocol issues known\n  as \"KRACK\" (Key Reinstallation AttaCK), which may be used to decrypt data,\n  hijack TCP connections, and to forge and inject packets. \n  CVE-2017-13082: Accepting a retransmitted Fast BSS Transition (FT)\n    Reassociation Request and reinstalling the pairwise encryption key (PTK-TK)\n    while processing it. \n  For more information, see:\n    https://www.krackattacks.com/\n    https://w1.fi/security/2017-1/wpa-packet-number-reuse-with-replayed-messages.txt\n    https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-13077\n    https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-13078\n    https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-13079\n    https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-13080\n    https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-13081\n    https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-13082\n    https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-13084\n    https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-13086\n    https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-13087\n    https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-13088\n  (* Security fix *)\n+--------------------------+\n\n\nWhere to find the new packages:\n+-----------------------------+\n\nThanks to the friendly folks at the OSU Open Source Lab\n(http://osuosl.org) for donating FTP and rsync hosting\nto the Slackware project!  :-)\n\nAlso see the \"Get Slack\" section on http://slackware.com for\nadditional mirror sites near you. \n\nUpdated package for Slackware 14.0:\nftp://ftp.slackware.com/pub/slackware/slackware-14.0/patches/packages/wpa_supplicant-2.6-i486-1_slack14.0.txz\n\nUpdated package for Slackware x86_64 14.0:\nftp://ftp.slackware.com/pub/slackware/slackware64-14.0/patches/packages/wpa_supplicant-2.6-x86_64-1_slack14.0.txz\n\nUpdated package for Slackware 14.1:\nftp://ftp.slackware.com/pub/slackware/slackware-14.1/patches/packages/wpa_supplicant-2.6-i486-1_slack14.1.txz\n\nUpdated package for Slackware x86_64 14.1:\nftp://ftp.slackware.com/pub/slackware/slackware64-14.1/patches/packages/wpa_supplicant-2.6-x86_64-1_slack14.1.txz\n\nUpdated package for Slackware 14.2:\nftp://ftp.slackware.com/pub/slackware/slackware-14.2/patches/packages/wpa_supplicant-2.6-i586-1_slack14.2.txz\n\nUpdated package for Slackware x86_64 14.2:\nftp://ftp.slackware.com/pub/slackware/slackware64-14.2/patches/packages/wpa_supplicant-2.6-x86_64-1_slack14.2.txz\n\nUpdated package for Slackware -current:\nftp://ftp.slackware.com/pub/slackware/slackware-current/slackware/n/wpa_supplicant-2.6-i586-2.txz\n\nUpdated package for Slackware x86_64 -current:\nftp://ftp.slackware.com/pub/slackware/slackware64-current/slackware64/n/wpa_supplicant-2.6-x86_64-2.txz\n\n\nMD5 signatures:\n+-------------+\n\nSlackware 14.0 package:\nd8ecfaadb50b3547967ab53733ffc019  wpa_supplicant-2.6-i486-1_slack14.0.txz\n\nSlackware x86_64 14.0 package:\nf25216d28800504ce498705da7c9a825  wpa_supplicant-2.6-x86_64-1_slack14.0.txz\n\nSlackware 14.1 package:\n15c61050e4bab2581757befd86be74c0  wpa_supplicant-2.6-i486-1_slack14.1.txz\n\nSlackware x86_64 14.1 package:\n49fd537a520338744f7757615556d352  wpa_supplicant-2.6-x86_64-1_slack14.1.txz\n\nSlackware 14.2 package:\nc5539f40c8510af89be92945f0f80185  wpa_supplicant-2.6-i586-1_slack14.2.txz\n\nSlackware x86_64 14.2 package:\n4c527ff84fcdfd7839f217bbce2e4ae4  wpa_supplicant-2.6-x86_64-1_slack14.2.txz\n\nSlackware -current package:\n28bd88a54e96368f7a7020c1f5fb67fe  n/wpa_supplicant-2.6-i586-2.txz\n\nSlackware x86_64 -current package:\n464fc6b48d1ac077f47e9a3a8534c160  n/wpa_supplicant-2.6-x86_64-2.txz\n\n\nInstallation instructions:\n+------------------------+\n\nUpgrade the package as root:\n# upgradepkg wpa_supplicant-2.6-i586-1_slack14.2.txz\n\n\n+-----+\n\nSlackware Linux Security Team\nhttp://slackware.com/gpg-key\nsecurity@slackware.com\n\n+------------------------------------------------------------------------+\n| To leave the slackware-security mailing list:                          |\n+------------------------------------------------------------------------+\n| Send an email to majordomo@slackware.com with this text in the body of |\n| the email message:                                                     |\n|                                                                        |\n|   unsubscribe slackware-security                                       |\n|                                                                        |\n| You will get a confirmation message back containing instructions to    |\n| complete the process.  Please do not reply to this email address",
        "sources": [
          {
            "db": "NVD",
            "id": "CVE-2017-13078"
          },
          {
            "db": "CERT/CC",
            "id": "VU#228519"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2017-009171"
          },
          {
            "db": "CNVD",
            "id": "CNVD-2017-30405"
          },
          {
            "db": "BID",
            "id": "101274"
          },
          {
            "db": "IVD",
            "id": "d6bbedba-ffb0-46fc-8b8d-fc2a4fce19b2"
          },
          {
            "db": "VULMON",
            "id": "CVE-2017-13078"
          },
          {
            "db": "PACKETSTORM",
            "id": "144652"
          },
          {
            "db": "PACKETSTORM",
            "id": "145394"
          },
          {
            "db": "PACKETSTORM",
            "id": "145395"
          },
          {
            "db": "PACKETSTORM",
            "id": "148445"
          },
          {
            "db": "PACKETSTORM",
            "id": "144630"
          },
          {
            "db": "PACKETSTORM",
            "id": "144632"
          },
          {
            "db": "PACKETSTORM",
            "id": "144944"
          },
          {
            "db": "PACKETSTORM",
            "id": "144669"
          },
          {
            "db": "PACKETSTORM",
            "id": "144663"
          }
        ],
        "trust": 4.23
      },
      "external_ids": {
        "_id": null,
        "data": [
          {
            "db": "NVD",
            "id": "CVE-2017-13078",
            "trust": 4.5
          },
          {
            "db": "CERT/CC",
            "id": "VU#228519",
            "trust": 4.2
          },
          {
            "db": "BID",
            "id": "101274",
            "trust": 2.6
          },
          {
            "db": "LENOVO",
            "id": "LEN-17420",
            "trust": 2.5
          },
          {
            "db": "SECTRACK",
            "id": "1039577",
            "trust": 1.7
          },
          {
            "db": "SECTRACK",
            "id": "1039576",
            "trust": 1.7
          },
          {
            "db": "SECTRACK",
            "id": "1039581",
            "trust": 1.7
          },
          {
            "db": "SECTRACK",
            "id": "1039578",
            "trust": 1.7
          },
          {
            "db": "SECTRACK",
            "id": "1039585",
            "trust": 1.7
          },
          {
            "db": "SECTRACK",
            "id": "1039573",
            "trust": 1.7
          },
          {
            "db": "CERT@VDE",
            "id": "VDE-2017-003",
            "trust": 1.7
          },
          {
            "db": "CERT@VDE",
            "id": "VDE-2017-005",
            "trust": 1.7
          },
          {
            "db": "SIEMENS",
            "id": "SSA-901333",
            "trust": 1.7
          },
          {
            "db": "ICS CERT",
            "id": "ICSMA-18-114-01",
            "trust": 1.2
          },
          {
            "db": "ICS CERT",
            "id": "ICSMA-19-029-01",
            "trust": 1.1
          },
          {
            "db": "ICS CERT",
            "id": "ICSA-17-353-02",
            "trust": 1.1
          },
          {
            "db": "ICS CERT",
            "id": "ICSA-17-318-01",
            "trust": 1.1
          },
          {
            "db": "ICS CERT",
            "id": "ICSA-17-325-01",
            "trust": 1.1
          },
          {
            "db": "CNVD",
            "id": "CNVD-2017-30405",
            "trust": 0.8
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201710-381",
            "trust": 0.8
          },
          {
            "db": "JUNIPER",
            "id": "JSA10827",
            "trust": 0.8
          },
          {
            "db": "DLINK",
            "id": "SAP10075",
            "trust": 0.8
          },
          {
            "db": "ICS CERT",
            "id": "ICSA-17-318-02A",
            "trust": 0.8
          },
          {
            "db": "JVN",
            "id": "JVNVU94846424",
            "trust": 0.8
          },
          {
            "db": "JVN",
            "id": "JVNVU90609033",
            "trust": 0.8
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2017-009171",
            "trust": 0.8
          },
          {
            "db": "AUSCERT",
            "id": "ESB-2020.4125",
            "trust": 0.6
          },
          {
            "db": "ICS CERT",
            "id": "ICSA-17-299-02",
            "trust": 0.3
          },
          {
            "db": "ICS CERT",
            "id": "ICSA-17-318-02",
            "trust": 0.3
          },
          {
            "db": "IVD",
            "id": "D6BBEDBA-FFB0-46FC-8B8D-FC2A4FCE19B2",
            "trust": 0.2
          },
          {
            "db": "VULMON",
            "id": "CVE-2017-13078",
            "trust": 0.1
          },
          {
            "db": "PACKETSTORM",
            "id": "144652",
            "trust": 0.1
          },
          {
            "db": "PACKETSTORM",
            "id": "145394",
            "trust": 0.1
          },
          {
            "db": "PACKETSTORM",
            "id": "145395",
            "trust": 0.1
          },
          {
            "db": "PACKETSTORM",
            "id": "148445",
            "trust": 0.1
          },
          {
            "db": "PACKETSTORM",
            "id": "144630",
            "trust": 0.1
          },
          {
            "db": "PACKETSTORM",
            "id": "144632",
            "trust": 0.1
          },
          {
            "db": "PACKETSTORM",
            "id": "144944",
            "trust": 0.1
          },
          {
            "db": "PACKETSTORM",
            "id": "144669",
            "trust": 0.1
          },
          {
            "db": "PACKETSTORM",
            "id": "144663",
            "trust": 0.1
          }
        ],
        "sources": [
          {
            "db": "IVD",
            "id": "d6bbedba-ffb0-46fc-8b8d-fc2a4fce19b2"
          },
          {
            "db": "CERT/CC",
            "id": "VU#228519"
          },
          {
            "db": "CNVD",
            "id": "CNVD-2017-30405"
          },
          {
            "db": "VULMON",
            "id": "CVE-2017-13078"
          },
          {
            "db": "BID",
            "id": "101274"
          },
          {
            "db": "PACKETSTORM",
            "id": "144652"
          },
          {
            "db": "PACKETSTORM",
            "id": "145394"
          },
          {
            "db": "PACKETSTORM",
            "id": "145395"
          },
          {
            "db": "PACKETSTORM",
            "id": "148445"
          },
          {
            "db": "PACKETSTORM",
            "id": "144630"
          },
          {
            "db": "PACKETSTORM",
            "id": "144632"
          },
          {
            "db": "PACKETSTORM",
            "id": "144944"
          },
          {
            "db": "PACKETSTORM",
            "id": "144669"
          },
          {
            "db": "PACKETSTORM",
            "id": "144663"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201710-381"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2017-009171"
          },
          {
            "db": "NVD",
            "id": "CVE-2017-13078"
          }
        ]
      },
      "id": "VAR-201710-0211",
      "iot": {
        "_id": null,
        "data": true,
        "sources": [
          {
            "db": "IVD",
            "id": "d6bbedba-ffb0-46fc-8b8d-fc2a4fce19b2"
          },
          {
            "db": "CNVD",
            "id": "CNVD-2017-30405"
          }
        ],
        "trust": 1.3998271283333334
      },
      "iot_taxonomy": {
        "_id": null,
        "data": [
          {
            "category": [
              "ICS"
            ],
            "sub_category": null,
            "trust": 0.8
          }
        ],
        "sources": [
          {
            "db": "IVD",
            "id": "d6bbedba-ffb0-46fc-8b8d-fc2a4fce19b2"
          },
          {
            "db": "CNVD",
            "id": "CNVD-2017-30405"
          }
        ]
      },
      "last_update_date": "2026-03-09T20:10:48.478000Z",
      "patch": {
        "_id": null,
        "data": [
          {
            "title": "ARUBA-PSA-2017-007",
            "trust": 0.8,
            "url": "http://www.arubanetworks.com/assets/alert/ARUBA-PSA-2017-007.txt"
          },
          {
            "title": "DSA-3999",
            "trust": 0.8,
            "url": "https://www.debian.org/security/2017/dsa-3999"
          },
          {
            "title": "FreeBSD-SA-17:07.wpa",
            "trust": 0.8,
            "url": "https://www.freebsd.org/security/advisories/FreeBSD-SA-17:07.wpa.asc"
          },
          {
            "title": "LEN-17420",
            "trust": 0.8,
            "url": "https://support.lenovo.com/jp/en/product_security/len-17420"
          },
          {
            "title": "NV17-024",
            "trust": 0.8,
            "url": "http://jpn.nec.com/security-info/secinfo/nv17-024.html"
          },
          {
            "title": "openSUSE-SU-2017:2755",
            "trust": 0.8,
            "url": "https://lists.opensuse.org/opensuse-security-announce/2017-10/msg00024.html"
          },
          {
            "title": "SUSE-SU-2017:2745",
            "trust": 0.8,
            "url": "https://lists.opensuse.org/opensuse-security-announce/2017-10/msg00020.html"
          },
          {
            "title": "SUSE-SU-2017:2752",
            "trust": 0.8,
            "url": "https://lists.opensuse.org/opensuse-security-announce/2017-10/msg00023.html"
          },
          {
            "title": "KRACKs - wpa_supplicant Multiple Vulnerabilities",
            "trust": 0.8,
            "url": "https://access.redhat.com/security/vulnerabilities/kracks"
          },
          {
            "title": "RHSA-2017:2907",
            "trust": 0.8,
            "url": "https://access.redhat.com/errata/RHSA-2017:2907"
          },
          {
            "title": "RHSA-2017:2911",
            "trust": 0.8,
            "url": "https://access.redhat.com/errata/RHSA-2017:2911"
          },
          {
            "title": "USN-3455-1",
            "trust": 0.8,
            "url": "https://usn.ubuntu.com/usn/USN-3455-1/"
          },
          {
            "title": "WPA packet number reuse with replayed messages and key reinstallation",
            "trust": 0.8,
            "url": "https://w1.fi/security/2017-1/wpa-packet-number-reuse-with-replayed-messages.txt"
          },
          {
            "title": "Wi-Fi\u306e\u8a8d\u8a3c\uff0f\u6697\u53f7\u5316\u6280\u8853WPA2\u304a\u3088\u3073WPA\u306e\u8907\u6570\u306e\u8106\u5f31\u6027\u306b\u3064\u3044\u3066",
            "trust": 0.8,
            "url": "http://www.fujitsu.com/jp/products/network/support/2017/srm-01/index.html"
          },
          {
            "title": "WPA2\u306e\u8106\u5f31\u6027\u306b\u95a2\u3059\u308b\u5f0a\u793e\u8abf\u67fb\u30fb\u5bfe\u5fdc\u72b6\u6cc1\u306b\u3064\u3044\u3066",
            "trust": 0.8,
            "url": "http://www.iodata.jp/support/information/2017/wpa2/"
          },
          {
            "title": "\u7121\u7ddaLAN \u8a8d\u8a3c\uff0f\u6697\u53f7\u5316\u6280\u8853WPA2\u304a\u3088\u3073WPA\u306b\u95a2\u3059\u308b\u8106\u5f31\u6027\u306e\u304a\u77e5\u3089\u305b",
            "trust": 0.8,
            "url": "http://www.fmworld.net/biz/common/info/20171110/"
          },
          {
            "title": "Patch for WPA2 Wireless Network GTK Group Key Reload Vulnerability",
            "trust": 0.6,
            "url": "https://www.cnvd.org.cn/patchInfo/show/103819"
          },
          {
            "title": "Multiple WiFi product WPA2 Security vulnerabilities",
            "trust": 0.6,
            "url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=75495"
          },
          {
            "title": "Red Hat: Important: wpa_supplicant security update",
            "trust": 0.1,
            "url": "https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories\u0026qid=RHSA-20172911 - Security Advisory"
          },
          {
            "title": "Red Hat: Important: wpa_supplicant security update",
            "trust": 0.1,
            "url": "https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories\u0026qid=RHSA-20172907 - Security Advisory"
          },
          {
            "title": "Red Hat: CVE-2017-13078",
            "trust": 0.1,
            "url": "https://vulmon.com/vendoradvisory?qidtp=red_hat_cve_database\u0026qid=CVE-2017-13078"
          },
          {
            "title": "Arch Linux Issues: ",
            "trust": 0.1,
            "url": "https://vulmon.com/vendoradvisory?qidtp=arch_linux_issues\u0026qid=CVE-2017-13078"
          },
          {
            "title": "Apple: Wi-Fi Update for Boot Camp 6.4.0",
            "trust": 0.1,
            "url": "https://vulmon.com/vendoradvisory?qidtp=apple_security_advisories\u0026qid=4dc3bb86865485e4364fd6b2dc2fc379"
          },
          {
            "title": "Apple: AirPort Base Station Firmware Update 7.7.9",
            "trust": 0.1,
            "url": "https://vulmon.com/vendoradvisory?qidtp=apple_security_advisories\u0026qid=7ca8130f8030911575aa17c0e84114dd"
          },
          {
            "title": "Apple: watchOS 4.1",
            "trust": 0.1,
            "url": "https://vulmon.com/vendoradvisory?qidtp=apple_security_advisories\u0026qid=345c3fa8a313cd9a1ced5ef372c465c4"
          },
          {
            "title": "Apple: AirPort Base Station Firmware Update 7.6.9",
            "trust": 0.1,
            "url": "https://vulmon.com/vendoradvisory?qidtp=apple_security_advisories\u0026qid=43d8dcf7961e20b6ec02761d12969c19"
          },
          {
            "title": "Debian CVElist Bug Report Logs: firmware-brcm80211: BroadPwn vulnerability CVE-2017-9417",
            "trust": 0.1,
            "url": "https://vulmon.com/vendoradvisory?qidtp=debian_cvelist_bugreportlogs\u0026qid=2e0affd9108e95fa2aa2c706c74cd8a9"
          },
          {
            "title": "Ubuntu Security Notice: wpa vulnerabilities",
            "trust": 0.1,
            "url": "https://vulmon.com/vendoradvisory?qidtp=ubuntu_security_notice\u0026qid=USN-3455-1"
          },
          {
            "title": "Debian Security Advisories: DSA-3999-1 wpa -- security update",
            "trust": 0.1,
            "url": "https://vulmon.com/vendoradvisory?qidtp=debian_security_advisories\u0026qid=08990d9925276738bd732fa4d58f9ef0"
          },
          {
            "title": "Apple: tvOS 11.1",
            "trust": 0.1,
            "url": "https://vulmon.com/vendoradvisory?qidtp=apple_security_advisories\u0026qid=7a8e908aff7c02a31b2d335766e6d5c2"
          },
          {
            "title": "Apple: iOS 11.1",
            "trust": 0.1,
            "url": "https://vulmon.com/vendoradvisory?qidtp=apple_security_advisories\u0026qid=7814c280e80969d4c4d88f74b13290f2"
          },
          {
            "title": "Arch Linux Advisories: [ASA-201710-23] hostapd: man-in-the-middle",
            "trust": 0.1,
            "url": "https://vulmon.com/vendoradvisory?qidtp=arch_linux_advisories\u0026qid=ASA-201710-23"
          },
          {
            "title": "Arch Linux Advisories: [ASA-201710-22] wpa_supplicant: man-in-the-middle",
            "trust": 0.1,
            "url": "https://vulmon.com/vendoradvisory?qidtp=arch_linux_advisories\u0026qid=ASA-201710-22"
          },
          {
            "title": "HP: HPSBPI03574 rev. 1 - WPA, WPA2 Key Reinstallation Attacks (KRACK attacks) Potential Remote Disclosure of Information: Certain HP Enterprise Printer and MFP products, Certain HP PageWide Printer and MFP Products, HP Jetdirect Accessory Products",
            "trust": 0.1,
            "url": "https://vulmon.com/vendoradvisory?qidtp=hp_bulletin\u0026qid=HPSBPI03574"
          },
          {
            "title": "Siemens Security Advisories: Siemens Security Advisory",
            "trust": 0.1,
            "url": "https://vulmon.com/vendoradvisory?qidtp=siemens_security_advisories\u0026qid=6df91267eee9400a24a98876f50ffe84"
          },
          {
            "title": "Android Security Bulletins: Android Security Bulletin\u2014November 2017",
            "trust": 0.1,
            "url": "https://vulmon.com/vendoradvisory?qidtp=android_security_bulletins\u0026qid=8c29eb008bb212762e5cfb25c7c5c0d5"
          },
          {
            "title": "Cisco: Multiple Vulnerabilities in Wi-Fi Protected Access and Wi-Fi Protected Access II",
            "trust": 0.1,
            "url": "https://vulmon.com/vendoradvisory?qidtp=cisco_security_advisories_and_alerts_ciscoproducts\u0026qid=cisco-sa-20171016-wpa"
          },
          {
            "title": "Android Security Bulletins: Android Security Bulletin\u2014July 2018",
            "trust": 0.1,
            "url": "https://vulmon.com/vendoradvisory?qidtp=android_security_bulletins\u0026qid=25584b3d319ca9e7cb2fae9ec5dbf5e0"
          },
          {
            "title": "HP: HPSBHF03571 rev. 6  -  Intel Management Engine Cumulative Security update and fix for WPA2 vulnerability",
            "trust": 0.1,
            "url": "https://vulmon.com/vendoradvisory?qidtp=hp_bulletin\u0026qid=HPSBHF03571"
          },
          {
            "title": "Oracle: Oracle Critical Patch Update Advisory - April 2018",
            "trust": 0.1,
            "url": "https://vulmon.com/vendoradvisory?qidtp=oracle_advisories\u0026qid=4019ca77f50c7a34e4d97833e6f3321e"
          },
          {
            "title": "Apple: macOS High Sierra 10.13.1, Security Update 2017-001 Sierra, and Security Update 2017-004 El Capitan",
            "trust": 0.1,
            "url": "https://vulmon.com/vendoradvisory?qidtp=apple_security_advisories\u0026qid=870f3f04ef17f7b183f74ae687a1561d"
          },
          {
            "title": "Oracle Linux Bulletins: Oracle Linux Bulletin - October 2017",
            "trust": 0.1,
            "url": "https://vulmon.com/vendoradvisory?qidtp=oracle_linux_bulletins\u0026qid=7251d5e5f2b1771951980ad7cfde50ba"
          },
          {
            "title": "Oracle: Oracle Critical Patch Update Advisory - January 2018",
            "trust": 0.1,
            "url": "https://vulmon.com/vendoradvisory?qidtp=oracle_advisories\u0026qid=e2a7f287e9acc8c64ab3df71130bc64d"
          },
          {
            "title": "vanhoefm-krackattacks-scripts",
            "trust": 0.1,
            "url": "https://github.com/84KaliPleXon3/vanhoefm-krackattacks-scripts "
          },
          {
            "title": "krankattack",
            "trust": 0.1,
            "url": "https://github.com/DevKosov/krankattack "
          },
          {
            "title": "krackattacks-scripts",
            "trust": 0.1,
            "url": "https://github.com/vanhoefm/krackattacks-scripts "
          },
          {
            "title": "KRACK",
            "trust": 0.1,
            "url": "https://github.com/chinatso/KRACK "
          },
          {
            "title": "krackinfo",
            "trust": 0.1,
            "url": "https://github.com/kristate/krackinfo "
          },
          {
            "title": "nixos-issue-db-example",
            "trust": 0.1,
            "url": "https://github.com/andir/nixos-issue-db-example "
          },
          {
            "title": "SamsungReleaseNotes",
            "trust": 0.1,
            "url": "https://github.com/samreleasenotes/SamsungReleaseNotes "
          },
          {
            "title": "welivesecurity",
            "trust": 0.1,
            "url": "https://www.welivesecurity.com/2019/10/17/alexa-how-amazon-echo-kindle-got-kracked/"
          },
          {
            "title": "BleepingComputer",
            "trust": 0.1,
            "url": "https://www.bleepingcomputer.com/news/security/millions-of-amazon-echo-and-kindle-devices-affected-by-wifi-bug/"
          },
          {
            "title": "The Register",
            "trust": 0.1,
            "url": "https://www.theregister.co.uk/2017/11/07/android_november_security_update/"
          },
          {
            "title": "The Register",
            "trust": 0.1,
            "url": "https://www.theregister.co.uk/2017/10/16/wpa2_inscure_krackattack/"
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2017-30405"
          },
          {
            "db": "VULMON",
            "id": "CVE-2017-13078"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201710-381"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2017-009171"
          }
        ]
      },
      "problemtype_data": {
        "_id": null,
        "data": [
          {
            "problemtype": "CWE-323",
            "trust": 1.0
          },
          {
            "problemtype": "CWE-330",
            "trust": 1.0
          },
          {
            "problemtype": "CWE-254",
            "trust": 0.8
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2017-009171"
          },
          {
            "db": "NVD",
            "id": "CVE-2017-13078"
          }
        ]
      },
      "references": {
        "_id": null,
        "data": [
          {
            "trust": 3.7,
            "url": "https://www.krackattacks.com/"
          },
          {
            "trust": 3.3,
            "url": "https://source.android.com/security/bulletin/2017-11-01"
          },
          {
            "trust": 2.9,
            "url": "http://www.securityfocus.com/bid/101274"
          },
          {
            "trust": 2.8,
            "url": "http://www.arubanetworks.com/assets/alert/aruba-psa-2017-007.txt"
          },
          {
            "trust": 2.8,
            "url": "https://tools.cisco.com/security/center/content/ciscosecurityadvisory/cisco-sa-20171016-wpa"
          },
          {
            "trust": 2.6,
            "url": "https://access.redhat.com/security/vulnerabilities/kracks"
          },
          {
            "trust": 2.5,
            "url": "http://www.debian.org/security/2017/dsa-3999"
          },
          {
            "trust": 2.1,
            "url": "http://www.kb.cert.org/vuls/id/228519"
          },
          {
            "trust": 2.1,
            "url": "https://access.redhat.com/errata/rhsa-2017:2911"
          },
          {
            "trust": 2.1,
            "url": "https://access.redhat.com/errata/rhsa-2017:2907"
          },
          {
            "trust": 2.0,
            "url": "http://www.oracle.com/technetwork/security-advisory/cpuapr2018-3678067.html"
          },
          {
            "trust": 1.8,
            "url": "https://w1.fi/security/2017-1/wpa-packet-number-reuse-with-replayed-messages.txt"
          },
          {
            "trust": 1.8,
            "url": "http://www.ubuntu.com/usn/usn-3455-1"
          },
          {
            "trust": 1.7,
            "url": "http://www.securitytracker.com/id/1039585"
          },
          {
            "trust": 1.7,
            "url": "http://www.securitytracker.com/id/1039581"
          },
          {
            "trust": 1.7,
            "url": "http://www.securitytracker.com/id/1039578"
          },
          {
            "trust": 1.7,
            "url": "http://www.securitytracker.com/id/1039577"
          },
          {
            "trust": 1.7,
            "url": "http://www.securitytracker.com/id/1039576"
          },
          {
            "trust": 1.7,
            "url": "http://www.securitytracker.com/id/1039573"
          },
          {
            "trust": 1.7,
            "url": "https://support.lenovo.com/us/en/product_security/len-17420"
          },
          {
            "trust": 1.7,
            "url": "https://security.freebsd.org/advisories/freebsd-sa-17:07.wpa.asc"
          },
          {
            "trust": 1.7,
            "url": "http://lists.opensuse.org/opensuse-security-announce/2017-10/msg00024.html"
          },
          {
            "trust": 1.7,
            "url": "http://lists.opensuse.org/opensuse-security-announce/2017-10/msg00023.html"
          },
          {
            "trust": 1.7,
            "url": "http://lists.opensuse.org/opensuse-security-announce/2017-10/msg00020.html"
          },
          {
            "trust": 1.7,
            "url": "https://security.gentoo.org/glsa/201711-03"
          },
          {
            "trust": 1.7,
            "url": "https://support.apple.com/ht208222"
          },
          {
            "trust": 1.7,
            "url": "https://support.apple.com/ht208221"
          },
          {
            "trust": 1.7,
            "url": "https://support.apple.com/ht208220"
          },
          {
            "trust": 1.7,
            "url": "https://support.apple.com/ht208219"
          },
          {
            "trust": 1.7,
            "url": "http://www.oracle.com/technetwork/security-advisory/cpujan2018-3236628.html"
          },
          {
            "trust": 1.7,
            "url": "https://support.hpe.com/hpsc/doc/public/display?doclocale=en_us\u0026docid=emr_na-hpesbhf03792en_us"
          },
          {
            "trust": 1.7,
            "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-901333.pdf"
          },
          {
            "trust": 1.7,
            "url": "https://cert.vde.com/en-us/advisories/vde-2017-005"
          },
          {
            "trust": 1.7,
            "url": "https://cert.vde.com/en-us/advisories/vde-2017-003"
          },
          {
            "trust": 1.7,
            "url": "https://lists.debian.org/debian-lts-announce/2018/11/msg00015.html"
          },
          {
            "trust": 1.7,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2017-13078"
          },
          {
            "trust": 1.2,
            "url": "https://ics-cert.us-cert.gov/advisories/icsma-18-114-01"
          },
          {
            "trust": 1.1,
            "url": "https://papers.mathyvanhoef.com/ccs2017.pdf"
          },
          {
            "trust": 1.1,
            "url": "https://w1.fi/security/2017-1/"
          },
          {
            "trust": 1.1,
            "url": "https://security-center.intel.com/advisory.aspx?intelid=intel-sa-00101\u0026languageid=en-fr"
          },
          {
            "trust": 1.1,
            "url": "https://portal.msrc.microsoft.com/en-us/security-guidance/advisory/cve-2017-13080"
          },
          {
            "trust": 1.1,
            "url": "https://ics-cert.us-cert.gov/advisories/icsa-17-353-02"
          },
          {
            "trust": 1.1,
            "url": "https://ics-cert.us-cert.gov/advisories/icsa-17-318-01"
          },
          {
            "trust": 1.1,
            "url": "https://ics-cert.us-cert.gov/advisories/icsa-17-325-01"
          },
          {
            "trust": 1.1,
            "url": "https://ics-cert.us-cert.gov/advisories/icsma-19-029-01"
          },
          {
            "trust": 0.9,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2017-13077"
          },
          {
            "trust": 0.9,
            "url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2017-13078"
          },
          {
            "trust": 0.8,
            "url": "https://cwe.mitre.org/data/definitions/323.html"
          },
          {
            "trust": 0.8,
            "url": "https://actiontecsupport.zendesk.com/hc/en-us/articles/115005205283-krack-vulnerability"
          },
          {
            "trust": 0.8,
            "url": "https://www3.aerohive.com/support/security-bulletins/product-security-announcement-aerohives-response-to-krack-10162017.html"
          },
          {
            "trust": 0.8,
            "url": "https://www.al-enterprise.com/en/support/security-alert-krack"
          },
          {
            "trust": 0.8,
            "url": "https://support.apple.com/en-gb/ht208222"
          },
          {
            "trust": 0.8,
            "url": "https://security.archlinux.org/avg-447"
          },
          {
            "trust": 0.8,
            "url": "https://www.asus.com/static_webpage/asus-product-security-advisory/"
          },
          {
            "trust": 0.8,
            "url": "https://community.barracudanetworks.com/forum/index.php?/topic/23525-security-advisories/page-2"
          },
          {
            "trust": 0.8,
            "url": "https://lists.centos.org/pipermail/centos-announce/2017-october/022569.html"
          },
          {
            "trust": 0.8,
            "url": "https://community.cypress.com/docs/doc-13871"
          },
          {
            "trust": 0.8,
            "url": "http://supportannouncement.us.dlink.com/announcement/publication.aspx?name=sap10075"
          },
          {
            "trust": 0.8,
            "url": "http://www.dell.com/support/article/sln307822"
          },
          {
            "trust": 0.8,
            "url": "https://github.com/espressif/esp8266_nonos_sdk"
          },
          {
            "trust": 0.8,
            "url": "https://extremeportal.force.com/extrarticledetail?n=000018005"
          },
          {
            "trust": 0.8,
            "url": "https://bodhi.fedoraproject.org/updates/fedora-2017-60bfb576b7"
          },
          {
            "trust": 0.8,
            "url": "http://www.fortiguard.com/psirt/fg-ir-17-196"
          },
          {
            "trust": 0.8,
            "url": "https://www.freebsd.org/security/advisories/freebsd-sa-17:07.wpa.asc"
          },
          {
            "trust": 0.8,
            "url": "https://bugs.gentoo.org/634440"
          },
          {
            "trust": 0.8,
            "url": "https://support.hpe.com/hpsc/doc/public/display?sp4ts.oid=null\u0026doclocale=en_us\u0026docid=emr_na-a00029151en_us"
          },
          {
            "trust": 0.8,
            "url": "https://kb.juniper.net/jsa10827"
          },
          {
            "trust": 0.8,
            "url": "https://support.lenovo.com/ca/en/product_security/len-17420"
          },
          {
            "trust": 0.8,
            "url": "http://www.microchip.com/wwwproducts/en/atwinc1500"
          },
          {
            "trust": 0.8,
            "url": "http://mail-index.netbsd.org/source-changes/2017/10/16/msg088877.html"
          },
          {
            "trust": 0.8,
            "url": "https://kb.netgear.com/000049498/security-advisory-for-wpa-2-vulnerabilities-psv-2017-2826-psv-2017-2836-psv-2017-2837"
          },
          {
            "trust": 0.8,
            "url": "https://forum.peplink.com/t/security-advisory-wpa2-vulnerability-vu-228519/12715"
          },
          {
            "trust": 0.8,
            "url": "https://ruckus-www.s3.amazonaws.com/pdf/security/faq-security-advisory-id-101617-v1.0.pdf"
          },
          {
            "trust": 0.8,
            "url": "https://www.suse.com/de-de/support/kb/doc/?id=7022107"
          },
          {
            "trust": 0.8,
            "url": "https://source.sierrawireless.com/resources/airlink/software_reference_docs/technical-bulletin/sierra-wireless-technical-bulletin---wpa-and-wpa2-vulnerabilities/"
          },
          {
            "trust": 0.8,
            "url": "http://www.slackware.com/changelog/stable.php?cpu=x86_64"
          },
          {
            "trust": 0.8,
            "url": "https://community.sophos.com/kb/en-us/127658"
          },
          {
            "trust": 0.8,
            "url": "https://www.toshibacommerce.com/wps/myportal/%21ut/p/a1/rzrnc8igeiz_sw8egqhjcdmmwr8abw2dqcnfoyqotidrrk399uxrrwotuzgws7a87y6z88iuzmcq2u4uwcnlzypjnjj5-exr_wnhya-laxtrid-j3uchdtb8gylmuw6qzgktovtowsrrqlrs6-8dbeqhwc1mykqnlabgdjlf1yjvn7i5af4qtdwsn2tri7j"
          },
          {
            "trust": 0.8,
            "url": "http://www.toshiba-personalstorage.net/en/news/hdd/ot_notice/20171017.htm"
          },
          {
            "trust": 0.8,
            "url": "http://support.toshiba.com/support/staticcontentdetail?contentid=4015875\u0026isfromtoclink=false"
          },
          {
            "trust": 0.8,
            "url": "https://community.ubnt.com/t5/unifi-updates-blog/firmware-3-9-3-7537-for-uap-usw-has-been-released/ba-p/2099365"
          },
          {
            "trust": 0.8,
            "url": "https://usn.ubuntu.com/usn/usn-3455-1/"
          },
          {
            "trust": 0.8,
            "url": "http://en.miui.com/thread-954223-1-1.html"
          },
          {
            "trust": 0.8,
            "url": "https://www.zebra.com/content/dam/zebra_new_ia/en-us/support-and-downloads/lifeguard-security/krack-security-bulletin.pdf"
          },
          {
            "trust": 0.8,
            "url": "http://www.zyxel.com/support/announcement_wpa2_key_management.shtml"
          },
          {
            "trust": 0.8,
            "url": "https://supportcenter.checkpoint.com/supportcenter/portal?eventsubmit_dogoviewsolutiondetails=\u0026solutionid=sk120938"
          },
          {
            "trust": 0.8,
            "url": "https://community.rsa.com/docs/doc-84103"
          },
          {
            "trust": 0.8,
            "url": "https://support.f5.com/csp/article/k23642330"
          },
          {
            "trust": 0.8,
            "url": "https://forum.mikrotik.com/viewtopic.php?f=21\u0026t=126695"
          },
          {
            "trust": 0.8,
            "url": "https://community.linksys.com/t5/wireless-routers/krack-vulnerability/td-p/1218573"
          },
          {
            "trust": 0.8,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2017-13080"
          },
          {
            "trust": 0.8,
            "url": "https://ics-cert.us-cert.gov/advisories/icsa-17-318-02a"
          },
          {
            "trust": 0.8,
            "url": "https://www.ipa.go.jp/security/ciadr/vul/20171017_wpa2.html"
          },
          {
            "trust": 0.8,
            "url": "https://jvn.jp/vu/jvnvu94846424/"
          },
          {
            "trust": 0.8,
            "url": "http://jvn.jp/vu/jvnvu90609033/index.html"
          },
          {
            "trust": 0.8,
            "url": "https://www.kb.cert.org/vuls/id/cheu-aqnmyp"
          },
          {
            "trust": 0.6,
            "url": "https://www.kb.cert.org/vuls/id/228519/"
          },
          {
            "trust": 0.6,
            "url": "https://www.auscert.org.au/bulletins/esb-2020.4125/"
          },
          {
            "trust": 0.5,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2017-13082"
          },
          {
            "trust": 0.5,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2017-13087"
          },
          {
            "trust": 0.5,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2017-13086"
          },
          {
            "trust": 0.5,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2017-13088"
          },
          {
            "trust": 0.5,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2017-13079"
          },
          {
            "trust": 0.4,
            "url": "https://access.redhat.com/security/cve/cve-2017-13077"
          },
          {
            "trust": 0.4,
            "url": "https://access.redhat.com/security/cve/cve-2017-13078"
          },
          {
            "trust": 0.4,
            "url": "https://access.redhat.com/security/cve/cve-2017-13080"
          },
          {
            "trust": 0.4,
            "url": "https://access.redhat.com/security/cve/cve-2017-13082"
          },
          {
            "trust": 0.4,
            "url": "https://access.redhat.com/security/cve/cve-2017-13086"
          },
          {
            "trust": 0.4,
            "url": "https://access.redhat.com/security/cve/cve-2017-13087"
          },
          {
            "trust": 0.4,
            "url": "https://access.redhat.com/security/cve/cve-2017-13088"
          },
          {
            "trust": 0.4,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2017-13081"
          },
          {
            "trust": 0.3,
            "url": "https://github.com/stevenhoneyman/wpa_gui/tree/master/wpa_supplicant-2.4"
          },
          {
            "trust": 0.3,
            "url": "http://www.wi-fi.org/index.php"
          },
          {
            "trust": 0.3,
            "url": "https://support.apple.com/en-ie/ht208847"
          },
          {
            "trust": 0.3,
            "url": "https://support.apple.com/en-in/ht208334"
          },
          {
            "trust": 0.3,
            "url": "https://support.apple.com/en-in/ht208327"
          },
          {
            "trust": 0.3,
            "url": "https://support.apple.com/en-in/ht208325"
          },
          {
            "trust": 0.3,
            "url": "https://lists.apple.com/archives/security-announce/2017/dec/msg00009.html"
          },
          {
            "trust": 0.3,
            "url": "https://lists.apple.com/archives/security-announce/2017/dec/msg00008.html"
          },
          {
            "trust": 0.3,
            "url": "https://lists.apple.com/archives/security-announce/2018/jul/msg00000.html"
          },
          {
            "trust": 0.3,
            "url": "https://access.redhat.com/security/cve/cve-2017-13079"
          },
          {
            "trust": 0.3,
            "url": "https://access.redhat.com/security/cve/cve-2017-13081"
          },
          {
            "trust": 0.3,
            "url": "https://access.redhat.com/security/cve/cve-2017-13084"
          },
          {
            "trust": 0.3,
            "url": "http://docs.fortinet.com/uploaded/files/3961/fortiap-v5.6.1-release-notes.pdf"
          },
          {
            "trust": 0.3,
            "url": "https://ics-cert.us-cert.gov/advisories/icsa-17-299-02"
          },
          {
            "trust": 0.3,
            "url": "https://ics-cert.us-cert.gov/advisories/icsa-17-318-02"
          },
          {
            "trust": 0.2,
            "url": "https://support.apple.com/downloads/"
          },
          {
            "trust": 0.1,
            "url": "https://cwe.mitre.org/data/definitions/330.html"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov"
          },
          {
            "trust": 0.1,
            "url": "https://github.com/kristate/krackinfo"
          },
          {
            "trust": 0.1,
            "url": "https://access.redhat.com/security/updates/classification/#important"
          },
          {
            "trust": 0.1,
            "url": "https://access.redhat.com/articles/11258"
          },
          {
            "trust": 0.1,
            "url": "https://access.redhat.com/security/team/contact/"
          },
          {
            "trust": 0.1,
            "url": "https://www.redhat.com/mailman/listinfo/rhsa-announce"
          },
          {
            "trust": 0.1,
            "url": "https://bugzilla.redhat.com/):"
          },
          {
            "trust": 0.1,
            "url": "https://access.redhat.com/security/team/key/"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2017-9417"
          },
          {
            "trust": 0.1,
            "url": "https://support.apple.com/kb/ht201222"
          },
          {
            "trust": 0.1,
            "url": "https://www.apple.com/support/security/pgp/"
          },
          {
            "trust": 0.1,
            "url": "https://support.apple.com/kb/ht208038"
          },
          {
            "trust": 0.1,
            "url": "https://www.debian.org/security/faq"
          },
          {
            "trust": 0.1,
            "url": "https://www.debian.org/security/"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2016-4476"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2016-4477"
          },
          {
            "trust": 0.1,
            "url": "https://launchpad.net/ubuntu/+source/wpa/2.1-0ubuntu1.5"
          },
          {
            "trust": 0.1,
            "url": "https://launchpad.net/ubuntu/+source/wpa/2.4-0ubuntu9.1"
          },
          {
            "trust": 0.1,
            "url": "https://launchpad.net/ubuntu/+source/wpa/2.4-0ubuntu6.2"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/nvd.cfm?cvename=cve-2017-13078"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/nvd.cfm?cvename=cve-2017-13079"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/nvd.cfm?cvename=cve-2017-13077"
          },
          {
            "trust": 0.1,
            "url": "https://security.gentoo.org/"
          },
          {
            "trust": 0.1,
            "url": "https://security.freebsd.org/patches/sa-17:07/wpa-10.patch.asc"
          },
          {
            "trust": 0.1,
            "url": "https://security.freebsd.org/advisories/freebsd-sa-17:07.wpa.asc\u003e"
          },
          {
            "trust": 0.1,
            "url": "https://svnweb.freebsd.org/base?view=revision\u0026revision=nnnnnn\u003e"
          },
          {
            "trust": 0.1,
            "url": "https://www.krackattacks.com/\u003e"
          },
          {
            "trust": 0.1,
            "url": "https://security.freebsd.org/patches/sa-17:07/wpa-11.patch.asc"
          },
          {
            "trust": 0.1,
            "url": "https://security.freebsd.org/\u003e."
          },
          {
            "trust": 0.1,
            "url": "https://security.freebsd.org/patches/sa-17:07/wpa-11.patch"
          },
          {
            "trust": 0.1,
            "url": "https://security.freebsd.org/patches/sa-17:07/wpa-10.patch"
          },
          {
            "trust": 0.1,
            "url": "https://www.freebsd.org/handbook/makeworld.html\u003e."
          },
          {
            "trust": 0.1,
            "url": "https://w1.fi/security/2017-1/wpa-packet-number-reuse-with-replayed-messages.txt\u003e"
          },
          {
            "trust": 0.1,
            "url": "http://slackware.com"
          },
          {
            "trust": 0.1,
            "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2017-13080"
          },
          {
            "trust": 0.1,
            "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2017-13082"
          },
          {
            "trust": 0.1,
            "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2017-13077"
          },
          {
            "trust": 0.1,
            "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2017-13087"
          },
          {
            "trust": 0.1,
            "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2017-13081"
          },
          {
            "trust": 0.1,
            "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2017-13084"
          },
          {
            "trust": 0.1,
            "url": "http://slackware.com/gpg-key"
          },
          {
            "trust": 0.1,
            "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2017-13086"
          },
          {
            "trust": 0.1,
            "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2017-13088"
          },
          {
            "trust": 0.1,
            "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2017-13079"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2017-13084"
          },
          {
            "trust": 0.1,
            "url": "http://osuosl.org)"
          }
        ],
        "sources": [
          {
            "db": "CERT/CC",
            "id": "VU#228519"
          },
          {
            "db": "CNVD",
            "id": "CNVD-2017-30405"
          },
          {
            "db": "VULMON",
            "id": "CVE-2017-13078"
          },
          {
            "db": "BID",
            "id": "101274"
          },
          {
            "db": "PACKETSTORM",
            "id": "144652"
          },
          {
            "db": "PACKETSTORM",
            "id": "145394"
          },
          {
            "db": "PACKETSTORM",
            "id": "145395"
          },
          {
            "db": "PACKETSTORM",
            "id": "148445"
          },
          {
            "db": "PACKETSTORM",
            "id": "144630"
          },
          {
            "db": "PACKETSTORM",
            "id": "144632"
          },
          {
            "db": "PACKETSTORM",
            "id": "144944"
          },
          {
            "db": "PACKETSTORM",
            "id": "144669"
          },
          {
            "db": "PACKETSTORM",
            "id": "144663"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201710-381"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2017-009171"
          },
          {
            "db": "NVD",
            "id": "CVE-2017-13078"
          }
        ]
      },
      "sources": {
        "_id": null,
        "data": [
          {
            "db": "IVD",
            "id": "d6bbedba-ffb0-46fc-8b8d-fc2a4fce19b2",
            "ident": null
          },
          {
            "db": "CERT/CC",
            "id": "VU#228519",
            "ident": null
          },
          {
            "db": "CNVD",
            "id": "CNVD-2017-30405",
            "ident": null
          },
          {
            "db": "VULMON",
            "id": "CVE-2017-13078",
            "ident": null
          },
          {
            "db": "BID",
            "id": "101274",
            "ident": null
          },
          {
            "db": "PACKETSTORM",
            "id": "144652",
            "ident": null
          },
          {
            "db": "PACKETSTORM",
            "id": "145394",
            "ident": null
          },
          {
            "db": "PACKETSTORM",
            "id": "145395",
            "ident": null
          },
          {
            "db": "PACKETSTORM",
            "id": "148445",
            "ident": null
          },
          {
            "db": "PACKETSTORM",
            "id": "144630",
            "ident": null
          },
          {
            "db": "PACKETSTORM",
            "id": "144632",
            "ident": null
          },
          {
            "db": "PACKETSTORM",
            "id": "144944",
            "ident": null
          },
          {
            "db": "PACKETSTORM",
            "id": "144669",
            "ident": null
          },
          {
            "db": "PACKETSTORM",
            "id": "144663",
            "ident": null
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201710-381",
            "ident": null
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2017-009171",
            "ident": null
          },
          {
            "db": "NVD",
            "id": "CVE-2017-13078",
            "ident": null
          }
        ]
      },
      "sources_release_date": {
        "_id": null,
        "data": [
          {
            "date": "2017-10-17T00:00:00",
            "db": "IVD",
            "id": "d6bbedba-ffb0-46fc-8b8d-fc2a4fce19b2",
            "ident": null
          },
          {
            "date": "2017-10-16T00:00:00",
            "db": "CERT/CC",
            "id": "VU#228519",
            "ident": null
          },
          {
            "date": "2017-10-18T00:00:00",
            "db": "CNVD",
            "id": "CNVD-2017-30405",
            "ident": null
          },
          {
            "date": "2017-10-17T00:00:00",
            "db": "VULMON",
            "id": "CVE-2017-13078",
            "ident": null
          },
          {
            "date": "2017-10-16T00:00:00",
            "db": "BID",
            "id": "101274",
            "ident": null
          },
          {
            "date": "2017-10-17T16:52:00",
            "db": "PACKETSTORM",
            "id": "144652",
            "ident": null
          },
          {
            "date": "2017-12-13T03:33:33",
            "db": "PACKETSTORM",
            "id": "145394",
            "ident": null
          },
          {
            "date": "2017-12-13T04:44:44",
            "db": "PACKETSTORM",
            "id": "145395",
            "ident": null
          },
          {
            "date": "2018-07-05T23:02:22",
            "db": "PACKETSTORM",
            "id": "148445",
            "ident": null
          },
          {
            "date": "2017-10-16T13:49:34",
            "db": "PACKETSTORM",
            "id": "144630",
            "ident": null
          },
          {
            "date": "2017-10-16T23:23:00",
            "db": "PACKETSTORM",
            "id": "144632",
            "ident": null
          },
          {
            "date": "2017-11-10T19:19:00",
            "db": "PACKETSTORM",
            "id": "144944",
            "ident": null
          },
          {
            "date": "2017-10-19T14:28:55",
            "db": "PACKETSTORM",
            "id": "144669",
            "ident": null
          },
          {
            "date": "2017-10-18T20:44:00",
            "db": "PACKETSTORM",
            "id": "144663",
            "ident": null
          },
          {
            "date": "2017-10-17T00:00:00",
            "db": "CNNVD",
            "id": "CNNVD-201710-381",
            "ident": null
          },
          {
            "date": "2017-11-06T00:00:00",
            "db": "JVNDB",
            "id": "JVNDB-2017-009171",
            "ident": null
          },
          {
            "date": "2017-10-17T13:29:00.193000",
            "db": "NVD",
            "id": "CVE-2017-13078",
            "ident": null
          }
        ]
      },
      "sources_update_date": {
        "_id": null,
        "data": [
          {
            "date": "2017-11-16T00:00:00",
            "db": "CERT/CC",
            "id": "VU#228519",
            "ident": null
          },
          {
            "date": "2017-10-17T00:00:00",
            "db": "CNVD",
            "id": "CNVD-2017-30405",
            "ident": null
          },
          {
            "date": "2019-10-03T00:00:00",
            "db": "VULMON",
            "id": "CVE-2017-13078",
            "ident": null
          },
          {
            "date": "2019-02-21T09:00:00",
            "db": "BID",
            "id": "101274",
            "ident": null
          },
          {
            "date": "2020-11-23T00:00:00",
            "db": "CNNVD",
            "id": "CNNVD-201710-381",
            "ident": null
          },
          {
            "date": "2019-02-01T00:00:00",
            "db": "JVNDB",
            "id": "JVNDB-2017-009171",
            "ident": null
          },
          {
            "date": "2025-04-20T01:37:25.860000",
            "db": "NVD",
            "id": "CVE-2017-13078",
            "ident": null
          }
        ]
      },
      "threat_type": {
        "_id": null,
        "data": "remote or local",
        "sources": [
          {
            "db": "CNNVD",
            "id": "CNNVD-201710-381"
          }
        ],
        "trust": 0.6
      },
      "title": {
        "_id": null,
        "data": "Wi-Fi Protected Access (WPA) handshake traffic can be manipulated to induce nonce and session key reuse",
        "sources": [
          {
            "db": "CERT/CC",
            "id": "VU#228519"
          }
        ],
        "trust": 0.8
      },
      "type": {
        "_id": null,
        "data": "security feature problem",
        "sources": [
          {
            "db": "CNNVD",
            "id": "CNNVD-201710-381"
          }
        ],
        "trust": 0.6
      }
    }

    VAR-201707-0484

    Vulnerability from variot - Updated: 2025-04-20 23:36

    Technicolor DPC3928AD DOCSIS devices allow remote attackers to read arbitrary files via a request starting with "GET /../" on TCP port 4321. TechnicolorDPC3928ADDOCSIS is a wireless router from Technicolor, France. An information disclosure vulnerability exists in TechnicolorDPC3928ADDOCSIS

    Show details on source website

    {
      "@context": {
        "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
        "affected_products": {
          "@id": "https://www.variotdbs.pl/ref/affected_products"
        },
        "configurations": {
          "@id": "https://www.variotdbs.pl/ref/configurations"
        },
        "credits": {
          "@id": "https://www.variotdbs.pl/ref/credits"
        },
        "cvss": {
          "@id": "https://www.variotdbs.pl/ref/cvss/"
        },
        "description": {
          "@id": "https://www.variotdbs.pl/ref/description/"
        },
        "exploit_availability": {
          "@id": "https://www.variotdbs.pl/ref/exploit_availability/"
        },
        "external_ids": {
          "@id": "https://www.variotdbs.pl/ref/external_ids/"
        },
        "iot": {
          "@id": "https://www.variotdbs.pl/ref/iot/"
        },
        "iot_taxonomy": {
          "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
        },
        "patch": {
          "@id": "https://www.variotdbs.pl/ref/patch/"
        },
        "problemtype_data": {
          "@id": "https://www.variotdbs.pl/ref/problemtype_data/"
        },
        "references": {
          "@id": "https://www.variotdbs.pl/ref/references/"
        },
        "sources": {
          "@id": "https://www.variotdbs.pl/ref/sources/"
        },
        "sources_release_date": {
          "@id": "https://www.variotdbs.pl/ref/sources_release_date/"
        },
        "sources_update_date": {
          "@id": "https://www.variotdbs.pl/ref/sources_update_date/"
        },
        "threat_type": {
          "@id": "https://www.variotdbs.pl/ref/threat_type/"
        },
        "title": {
          "@id": "https://www.variotdbs.pl/ref/title/"
        },
        "type": {
          "@id": "https://www.variotdbs.pl/ref/type/"
        }
      },
      "@id": "https://www.variotdbs.pl/vuln/VAR-201707-0484",
      "affected_products": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/affected_products#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            },
            "@id": "https://www.variotdbs.pl/ref/sources"
          }
        },
        "data": [
          {
            "model": "dpc3928ad docsis wireless router",
            "scope": "eq",
            "trust": 1.6,
            "vendor": "cisco",
            "version": null
          },
          {
            "model": "dpc3928ad docsis wireless router",
            "scope": null,
            "trust": 0.8,
            "vendor": "technicolor",
            "version": null
          },
          {
            "model": "dpc3928ad docsis",
            "scope": null,
            "trust": 0.6,
            "vendor": "technicolor",
            "version": null
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2017-37825"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2017-005954"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201711-450"
          },
          {
            "db": "NVD",
            "id": "CVE-2017-11502"
          }
        ]
      },
      "configurations": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/configurations#",
          "children": {
            "@container": "@list"
          },
          "cpe_match": {
            "@container": "@list"
          },
          "data": {
            "@container": "@list"
          },
          "nodes": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "CVE_data_version": "4.0",
            "nodes": [
              {
                "cpe_match": [
                  {
                    "cpe22Uri": "cpe:/o:technicolor:dpc3928ad_docsis_wireless_router_firmware",
                    "vulnerable": true
                  }
                ],
                "operator": "OR"
              }
            ]
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2017-005954"
          }
        ]
      },
      "cve": "CVE-2017-11502",
      "cvss": {
        "@context": {
          "cvssV2": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
          },
          "cvssV3": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
          },
          "severity": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/cvss/severity#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/severity"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            },
            "@id": "https://www.variotdbs.pl/ref/sources"
          }
        },
        "data": [
          {
            "cvssV2": [
              {
                "accessComplexity": "LOW",
                "accessVector": "NETWORK",
                "authentication": "NONE",
                "author": "nvd@nist.gov",
                "availabilityImpact": "NONE",
                "baseScore": 5.0,
                "confidentialityImpact": "PARTIAL",
                "exploitabilityScore": 10.0,
                "id": "CVE-2017-11502",
                "impactScore": 2.9,
                "integrityImpact": "NONE",
                "severity": "MEDIUM",
                "trust": 1.8,
                "vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N",
                "version": "2.0"
              },
              {
                "accessComplexity": "LOW",
                "accessVector": "NETWORK",
                "authentication": "NONE",
                "author": "CNVD",
                "availabilityImpact": "NONE",
                "baseScore": 5.0,
                "confidentialityImpact": "PARTIAL",
                "exploitabilityScore": 10.0,
                "id": "CNVD-2017-37825",
                "impactScore": 2.9,
                "integrityImpact": "NONE",
                "severity": "MEDIUM",
                "trust": 0.6,
                "vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N",
                "version": "2.0"
              },
              {
                "accessComplexity": "LOW",
                "accessVector": "NETWORK",
                "authentication": "NONE",
                "author": "VULHUB",
                "availabilityImpact": "NONE",
                "baseScore": 5.0,
                "confidentialityImpact": "PARTIAL",
                "exploitabilityScore": 10.0,
                "id": "VHN-101931",
                "impactScore": 2.9,
                "integrityImpact": "NONE",
                "severity": "MEDIUM",
                "trust": 0.1,
                "vectorString": "AV:N/AC:L/AU:N/C:P/I:N/A:N",
                "version": "2.0"
              }
            ],
            "cvssV3": [
              {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "author": "nvd@nist.gov",
                "availabilityImpact": "HIGH",
                "baseScore": 9.8,
                "baseSeverity": "CRITICAL",
                "confidentialityImpact": "HIGH",
                "exploitabilityScore": 3.9,
                "id": "CVE-2017-11502",
                "impactScore": 5.9,
                "integrityImpact": "HIGH",
                "privilegesRequired": "NONE",
                "scope": "UNCHANGED",
                "trust": 1.8,
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
                "version": "3.0"
              }
            ],
            "severity": [
              {
                "author": "nvd@nist.gov",
                "id": "CVE-2017-11502",
                "trust": 1.0,
                "value": "CRITICAL"
              },
              {
                "author": "NVD",
                "id": "CVE-2017-11502",
                "trust": 0.8,
                "value": "Critical"
              },
              {
                "author": "CNVD",
                "id": "CNVD-2017-37825",
                "trust": 0.6,
                "value": "MEDIUM"
              },
              {
                "author": "CNNVD",
                "id": "CNNVD-201711-450",
                "trust": 0.6,
                "value": "MEDIUM"
              },
              {
                "author": "VULHUB",
                "id": "VHN-101931",
                "trust": 0.1,
                "value": "MEDIUM"
              }
            ]
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2017-37825"
          },
          {
            "db": "VULHUB",
            "id": "VHN-101931"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2017-005954"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201711-450"
          },
          {
            "db": "NVD",
            "id": "CVE-2017-11502"
          }
        ]
      },
      "description": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/description#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "Technicolor DPC3928AD DOCSIS devices allow remote attackers to read arbitrary files via a request starting with \"GET /../\" on TCP port 4321. TechnicolorDPC3928ADDOCSIS is a wireless router from Technicolor, France. An information disclosure vulnerability exists in TechnicolorDPC3928ADDOCSIS",
        "sources": [
          {
            "db": "NVD",
            "id": "CVE-2017-11502"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2017-005954"
          },
          {
            "db": "CNVD",
            "id": "CNVD-2017-37825"
          },
          {
            "db": "VULHUB",
            "id": "VHN-101931"
          }
        ],
        "trust": 2.25
      },
      "exploit_availability": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/exploit_availability#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "reference": "https://www.scap.org.cn/vuln/vhn-101931",
            "trust": 0.1,
            "type": "unknown"
          }
        ],
        "sources": [
          {
            "db": "VULHUB",
            "id": "VHN-101931"
          }
        ]
      },
      "external_ids": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/external_ids#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "db": "NVD",
            "id": "CVE-2017-11502",
            "trust": 3.1
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2017-005954",
            "trust": 0.8
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201711-450",
            "trust": 0.7
          },
          {
            "db": "CNVD",
            "id": "CNVD-2017-37825",
            "trust": 0.6
          },
          {
            "db": "EXPLOIT-DB",
            "id": "44070",
            "trust": 0.1
          },
          {
            "db": "VULHUB",
            "id": "VHN-101931",
            "trust": 0.1
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2017-37825"
          },
          {
            "db": "VULHUB",
            "id": "VHN-101931"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2017-005954"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201711-450"
          },
          {
            "db": "NVD",
            "id": "CVE-2017-11502"
          }
        ]
      },
      "id": "VAR-201707-0484",
      "iot": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/iot#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": true,
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2017-37825"
          },
          {
            "db": "VULHUB",
            "id": "VHN-101931"
          }
        ],
        "trust": 1.7
      },
      "iot_taxonomy": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "category": [
              "Network device"
            ],
            "sub_category": null,
            "trust": 0.6
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2017-37825"
          }
        ]
      },
      "last_update_date": "2025-04-20T23:36:49.444000Z",
      "patch": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/patch#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "title": "Top Page",
            "trust": 0.8,
            "url": "http://www.technicolor.com/"
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2017-005954"
          }
        ]
      },
      "problemtype_data": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "problemtype": "CWE-200",
            "trust": 1.9
          }
        ],
        "sources": [
          {
            "db": "VULHUB",
            "id": "VHN-101931"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2017-005954"
          },
          {
            "db": "NVD",
            "id": "CVE-2017-11502"
          }
        ]
      },
      "references": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/references#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "trust": 1.7,
            "url": "https://blogs.securiteam.com/index.php/archives/2911#more-2911"
          },
          {
            "trust": 0.8,
            "url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2017-11502"
          },
          {
            "trust": 0.8,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2017-11502"
          },
          {
            "trust": 0.8,
            "url": "https://blogs.securiteam.com/index.php/archives/3039"
          },
          {
            "trust": 0.6,
            "url": "https://blogs.securiteam.com/index.php/archives/2911#more"
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2017-37825"
          },
          {
            "db": "VULHUB",
            "id": "VHN-101931"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2017-005954"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201711-450"
          },
          {
            "db": "NVD",
            "id": "CVE-2017-11502"
          }
        ]
      },
      "sources": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "db": "CNVD",
            "id": "CNVD-2017-37825"
          },
          {
            "db": "VULHUB",
            "id": "VHN-101931"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2017-005954"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201711-450"
          },
          {
            "db": "NVD",
            "id": "CVE-2017-11502"
          }
        ]
      },
      "sources_release_date": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "date": "2017-12-22T00:00:00",
            "db": "CNVD",
            "id": "CNVD-2017-37825"
          },
          {
            "date": "2017-07-20T00:00:00",
            "db": "VULHUB",
            "id": "VHN-101931"
          },
          {
            "date": "2017-08-10T00:00:00",
            "db": "JVNDB",
            "id": "JVNDB-2017-005954"
          },
          {
            "date": "2017-11-21T00:00:00",
            "db": "CNNVD",
            "id": "CNNVD-201711-450"
          },
          {
            "date": "2017-07-20T23:29:00.277000",
            "db": "NVD",
            "id": "CVE-2017-11502"
          }
        ]
      },
      "sources_update_date": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "date": "2017-12-22T00:00:00",
            "db": "CNVD",
            "id": "CNVD-2017-37825"
          },
          {
            "date": "2017-07-25T00:00:00",
            "db": "VULHUB",
            "id": "VHN-101931"
          },
          {
            "date": "2017-08-10T00:00:00",
            "db": "JVNDB",
            "id": "JVNDB-2017-005954"
          },
          {
            "date": "2017-11-21T00:00:00",
            "db": "CNNVD",
            "id": "CNNVD-201711-450"
          },
          {
            "date": "2025-04-20T01:37:25.860000",
            "db": "NVD",
            "id": "CVE-2017-11502"
          }
        ]
      },
      "threat_type": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/threat_type#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "remote",
        "sources": [
          {
            "db": "CNNVD",
            "id": "CNNVD-201711-450"
          }
        ],
        "trust": 0.6
      },
      "title": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/title#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "Technicolor DPC3928AD DOCSIS Information Disclosure Vulnerability",
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2017-37825"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201711-450"
          }
        ],
        "trust": 1.2
      },
      "type": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/type#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "information disclosure",
        "sources": [
          {
            "db": "CNNVD",
            "id": "CNNVD-201711-450"
          }
        ],
        "trust": 0.6
      }
    }

    VAR-201704-0432

    Vulnerability from variot - Updated: 2025-04-20 23:34

    Technicolor TC7200 with firmware STD6.01.12 could allow remote attackers to obtain sensitive information. The Technicolor TC7200 is a next-generation wireless home gateway device. Technicolor TC7200 is prone to an information-disclosure vulnerability. This may aid in further attacks. Technicolor TC7200 STD6.01.12 is vulnerable; other versions may also be affected. Technicolor (formerly known as Thomson, Thomson) TC7200 is a modem and router product of the French Technicolor Group

    Show details on source website

    {
      "@context": {
        "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
        "affected_products": {
          "@id": "https://www.variotdbs.pl/ref/affected_products"
        },
        "configurations": {
          "@id": "https://www.variotdbs.pl/ref/configurations"
        },
        "credits": {
          "@id": "https://www.variotdbs.pl/ref/credits"
        },
        "cvss": {
          "@id": "https://www.variotdbs.pl/ref/cvss/"
        },
        "description": {
          "@id": "https://www.variotdbs.pl/ref/description/"
        },
        "exploit_availability": {
          "@id": "https://www.variotdbs.pl/ref/exploit_availability/"
        },
        "external_ids": {
          "@id": "https://www.variotdbs.pl/ref/external_ids/"
        },
        "iot": {
          "@id": "https://www.variotdbs.pl/ref/iot/"
        },
        "iot_taxonomy": {
          "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
        },
        "patch": {
          "@id": "https://www.variotdbs.pl/ref/patch/"
        },
        "problemtype_data": {
          "@id": "https://www.variotdbs.pl/ref/problemtype_data/"
        },
        "references": {
          "@id": "https://www.variotdbs.pl/ref/references/"
        },
        "sources": {
          "@id": "https://www.variotdbs.pl/ref/sources/"
        },
        "sources_release_date": {
          "@id": "https://www.variotdbs.pl/ref/sources_release_date/"
        },
        "sources_update_date": {
          "@id": "https://www.variotdbs.pl/ref/sources_update_date/"
        },
        "threat_type": {
          "@id": "https://www.variotdbs.pl/ref/threat_type/"
        },
        "title": {
          "@id": "https://www.variotdbs.pl/ref/title/"
        },
        "type": {
          "@id": "https://www.variotdbs.pl/ref/type/"
        }
      },
      "@id": "https://www.variotdbs.pl/vuln/VAR-201704-0432",
      "affected_products": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/affected_products#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            },
            "@id": "https://www.variotdbs.pl/ref/sources"
          }
        },
        "data": [
          {
            "model": "tc7200",
            "scope": "eq",
            "trust": 2.4,
            "vendor": "technicolor",
            "version": "std6.01.12"
          },
          {
            "model": "tc7200 std6.01.12",
            "scope": null,
            "trust": 0.6,
            "vendor": "technicolor",
            "version": null
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2014-01306"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2014-008291"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201406-481"
          },
          {
            "db": "NVD",
            "id": "CVE-2014-1677"
          }
        ]
      },
      "configurations": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/configurations#",
          "children": {
            "@container": "@list"
          },
          "cpe_match": {
            "@container": "@list"
          },
          "data": {
            "@container": "@list"
          },
          "nodes": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "CVE_data_version": "4.0",
            "nodes": [
              {
                "cpe_match": [
                  {
                    "cpe22Uri": "cpe:/o:technicolor:tc7200_firmware",
                    "vulnerable": true
                  }
                ],
                "operator": "OR"
              }
            ]
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2014-008291"
          }
        ]
      },
      "credits": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/credits#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "Jeroen - IT Nerdbox",
        "sources": [
          {
            "db": "BID",
            "id": "65774"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201406-481"
          }
        ],
        "trust": 0.9
      },
      "cve": "CVE-2014-1677",
      "cvss": {
        "@context": {
          "cvssV2": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
          },
          "cvssV3": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
          },
          "severity": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/cvss/severity#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/severity"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            },
            "@id": "https://www.variotdbs.pl/ref/sources"
          }
        },
        "data": [
          {
            "cvssV2": [
              {
                "accessComplexity": "LOW",
                "accessVector": "NETWORK",
                "authentication": "NONE",
                "author": "nvd@nist.gov",
                "availabilityImpact": "NONE",
                "baseScore": 5.0,
                "confidentialityImpact": "PARTIAL",
                "exploitabilityScore": 10.0,
                "id": "CVE-2014-1677",
                "impactScore": 2.9,
                "integrityImpact": "NONE",
                "severity": "MEDIUM",
                "trust": 1.8,
                "vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N",
                "version": "2.0"
              },
              {
                "accessComplexity": "LOW",
                "accessVector": "NETWORK",
                "authentication": "NONE",
                "author": "CNVD",
                "availabilityImpact": "NONE",
                "baseScore": 5.0,
                "confidentialityImpact": "PARTIAL",
                "exploitabilityScore": 10.0,
                "id": "CNVD-2014-01306",
                "impactScore": 2.9,
                "integrityImpact": "NONE",
                "severity": "MEDIUM",
                "trust": 0.6,
                "vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N",
                "version": "2.0"
              },
              {
                "accessComplexity": "LOW",
                "accessVector": "NETWORK",
                "authentication": "NONE",
                "author": "VULHUB",
                "availabilityImpact": "NONE",
                "baseScore": 5.0,
                "confidentialityImpact": "PARTIAL",
                "exploitabilityScore": 10.0,
                "id": "VHN-69616",
                "impactScore": 2.9,
                "integrityImpact": "NONE",
                "severity": "MEDIUM",
                "trust": 0.1,
                "vectorString": "AV:N/AC:L/AU:N/C:P/I:N/A:N",
                "version": "2.0"
              }
            ],
            "cvssV3": [
              {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "author": "nvd@nist.gov",
                "availabilityImpact": "NONE",
                "baseScore": 7.5,
                "baseSeverity": "HIGH",
                "confidentialityImpact": "HIGH",
                "exploitabilityScore": 3.9,
                "id": "CVE-2014-1677",
                "impactScore": 3.6,
                "integrityImpact": "NONE",
                "privilegesRequired": "NONE",
                "scope": "UNCHANGED",
                "trust": 1.8,
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
                "version": "3.0"
              }
            ],
            "severity": [
              {
                "author": "nvd@nist.gov",
                "id": "CVE-2014-1677",
                "trust": 1.0,
                "value": "HIGH"
              },
              {
                "author": "NVD",
                "id": "CVE-2014-1677",
                "trust": 0.8,
                "value": "High"
              },
              {
                "author": "CNVD",
                "id": "CNVD-2014-01306",
                "trust": 0.6,
                "value": "MEDIUM"
              },
              {
                "author": "CNNVD",
                "id": "CNNVD-201406-481",
                "trust": 0.6,
                "value": "MEDIUM"
              },
              {
                "author": "VULHUB",
                "id": "VHN-69616",
                "trust": 0.1,
                "value": "MEDIUM"
              }
            ]
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2014-01306"
          },
          {
            "db": "VULHUB",
            "id": "VHN-69616"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2014-008291"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201406-481"
          },
          {
            "db": "NVD",
            "id": "CVE-2014-1677"
          }
        ]
      },
      "description": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/description#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "Technicolor TC7200 with firmware STD6.01.12 could allow remote attackers to obtain sensitive information. The Technicolor TC7200 is a next-generation wireless home gateway device. Technicolor TC7200 is prone to an information-disclosure vulnerability. This may aid in further attacks. \nTechnicolor TC7200 STD6.01.12 is vulnerable; other versions may also be affected. Technicolor (formerly known as Thomson, Thomson) TC7200 is a modem and router product of the French Technicolor Group",
        "sources": [
          {
            "db": "NVD",
            "id": "CVE-2014-1677"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2014-008291"
          },
          {
            "db": "CNVD",
            "id": "CNVD-2014-01306"
          },
          {
            "db": "BID",
            "id": "65774"
          },
          {
            "db": "VULHUB",
            "id": "VHN-69616"
          }
        ],
        "trust": 2.52
      },
      "exploit_availability": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/exploit_availability#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "reference": "https://www.scap.org.cn/vuln/vhn-69616",
            "trust": 0.1,
            "type": "unknown"
          }
        ],
        "sources": [
          {
            "db": "VULHUB",
            "id": "VHN-69616"
          }
        ]
      },
      "external_ids": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/external_ids#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "db": "NVD",
            "id": "CVE-2014-1677",
            "trust": 3.4
          },
          {
            "db": "PACKETSTORM",
            "id": "125388",
            "trust": 2.5
          },
          {
            "db": "EXPLOIT-DB",
            "id": "31894",
            "trust": 2.3
          },
          {
            "db": "BID",
            "id": "65774",
            "trust": 1.6
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2014-008291",
            "trust": 0.8
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201406-481",
            "trust": 0.7
          },
          {
            "db": "CNVD",
            "id": "CNVD-2014-01306",
            "trust": 0.6
          },
          {
            "db": "NSFOCUS",
            "id": "26123",
            "trust": 0.6
          },
          {
            "db": "XF",
            "id": "91578",
            "trust": 0.6
          },
          {
            "db": "SEEBUG",
            "id": "SSVID-85208",
            "trust": 0.1
          },
          {
            "db": "SEEBUG",
            "id": "SSVID-61581",
            "trust": 0.1
          },
          {
            "db": "VULHUB",
            "id": "VHN-69616",
            "trust": 0.1
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2014-01306"
          },
          {
            "db": "VULHUB",
            "id": "VHN-69616"
          },
          {
            "db": "BID",
            "id": "65774"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2014-008291"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201406-481"
          },
          {
            "db": "NVD",
            "id": "CVE-2014-1677"
          }
        ]
      },
      "id": "VAR-201704-0432",
      "iot": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/iot#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": true,
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2014-01306"
          },
          {
            "db": "VULHUB",
            "id": "VHN-69616"
          }
        ],
        "trust": 1.3071428699999998
      },
      "iot_taxonomy": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "category": [
              "Network device"
            ],
            "sub_category": null,
            "trust": 0.6
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2014-01306"
          }
        ]
      },
      "last_update_date": "2025-04-20T23:34:27.674000Z",
      "patch": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/patch#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "title": "Cable Modem - Cable Gateway - Technicolor",
            "trust": 0.8,
            "url": "http://www.technicolor.com/en/solutions-services/connected-home/broadband-devices/cable-modems-gateways"
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2014-008291"
          }
        ]
      },
      "problemtype_data": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "problemtype": "CWE-200",
            "trust": 1.9
          }
        ],
        "sources": [
          {
            "db": "VULHUB",
            "id": "VHN-69616"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2014-008291"
          },
          {
            "db": "NVD",
            "id": "CVE-2014-1677"
          }
        ]
      },
      "references": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/references#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "trust": 2.5,
            "url": "https://packetstormsecurity.com/files/125388"
          },
          {
            "trust": 1.7,
            "url": "http://www.exploit-db.com/exploits/31894"
          },
          {
            "trust": 1.7,
            "url": "http://seclists.org/fulldisclosure/2016/jul/67"
          },
          {
            "trust": 1.1,
            "url": "http://www.securityfocus.com/archive/1/538955/100/0/threaded"
          },
          {
            "trust": 1.1,
            "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/91578"
          },
          {
            "trust": 0.8,
            "url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2014-1677"
          },
          {
            "trust": 0.8,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2014-1677"
          },
          {
            "trust": 0.6,
            "url": "http://www.exploit-db.com/exploits/31894/"
          },
          {
            "trust": 0.6,
            "url": "http://www.securityfocus.com/bid/65774"
          },
          {
            "trust": 0.6,
            "url": "http://www.securityfocus.com/archive/1/archive/1/538955/100/0/threaded"
          },
          {
            "trust": 0.6,
            "url": "http://xforce.iss.net/xforce/xfdb/91578"
          },
          {
            "trust": 0.6,
            "url": "http://www.nsfocus.net/vulndb/26123"
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2014-01306"
          },
          {
            "db": "VULHUB",
            "id": "VHN-69616"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2014-008291"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201406-481"
          },
          {
            "db": "NVD",
            "id": "CVE-2014-1677"
          }
        ]
      },
      "sources": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "db": "CNVD",
            "id": "CNVD-2014-01306"
          },
          {
            "db": "VULHUB",
            "id": "VHN-69616"
          },
          {
            "db": "BID",
            "id": "65774"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2014-008291"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201406-481"
          },
          {
            "db": "NVD",
            "id": "CVE-2014-1677"
          }
        ]
      },
      "sources_release_date": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "date": "2014-02-27T00:00:00",
            "db": "CNVD",
            "id": "CNVD-2014-01306"
          },
          {
            "date": "2017-04-03T00:00:00",
            "db": "VULHUB",
            "id": "VHN-69616"
          },
          {
            "date": "2014-02-25T00:00:00",
            "db": "BID",
            "id": "65774"
          },
          {
            "date": "2017-05-10T00:00:00",
            "db": "JVNDB",
            "id": "JVNDB-2014-008291"
          },
          {
            "date": "2014-02-25T00:00:00",
            "db": "CNNVD",
            "id": "CNNVD-201406-481"
          },
          {
            "date": "2017-04-03T15:59:00.207000",
            "db": "NVD",
            "id": "CVE-2014-1677"
          }
        ]
      },
      "sources_update_date": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "date": "2014-02-27T00:00:00",
            "db": "CNVD",
            "id": "CNVD-2014-01306"
          },
          {
            "date": "2018-10-09T00:00:00",
            "db": "VULHUB",
            "id": "VHN-69616"
          },
          {
            "date": "2014-02-25T00:00:00",
            "db": "BID",
            "id": "65774"
          },
          {
            "date": "2017-05-10T00:00:00",
            "db": "JVNDB",
            "id": "JVNDB-2014-008291"
          },
          {
            "date": "2017-04-07T00:00:00",
            "db": "CNNVD",
            "id": "CNNVD-201406-481"
          },
          {
            "date": "2025-04-20T01:37:25.860000",
            "db": "NVD",
            "id": "CVE-2014-1677"
          }
        ]
      },
      "threat_type": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/threat_type#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "remote",
        "sources": [
          {
            "db": "CNNVD",
            "id": "CNNVD-201406-481"
          }
        ],
        "trust": 0.6
      },
      "title": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/title#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "Technicolor TC7200 Vulnerability in which important information is obtained in the firmware of",
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2014-008291"
          }
        ],
        "trust": 0.8
      },
      "type": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/type#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "information disclosure",
        "sources": [
          {
            "db": "CNNVD",
            "id": "CNNVD-201406-481"
          }
        ],
        "trust": 0.6
      }
    }

    VAR-201709-0303

    Vulnerability from variot - Updated: 2025-04-20 23:23

    Command Injection in the Ping Module in the Web Interface on Technicolor TD5336 OI_Fw_v7 devices allows remote attackers to execute arbitrary OS commands as root via shell metacharacters in the pingAddr parameter to mnt_ping.cgi. Technicolor TD5336 Is OS A command injection vulnerability exists.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. TechnicolorTD5336OI_Fw_v7devices is a modem from Technicolor, France. A command injection vulnerability exists in the WebModface's PingModule on the TechnicolorTD5336OI_Fw_v7 device

    Show details on source website

    {
      "@context": {
        "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
        "affected_products": {
          "@id": "https://www.variotdbs.pl/ref/affected_products"
        },
        "configurations": {
          "@id": "https://www.variotdbs.pl/ref/configurations"
        },
        "credits": {
          "@id": "https://www.variotdbs.pl/ref/credits"
        },
        "cvss": {
          "@id": "https://www.variotdbs.pl/ref/cvss/"
        },
        "description": {
          "@id": "https://www.variotdbs.pl/ref/description/"
        },
        "exploit_availability": {
          "@id": "https://www.variotdbs.pl/ref/exploit_availability/"
        },
        "external_ids": {
          "@id": "https://www.variotdbs.pl/ref/external_ids/"
        },
        "iot": {
          "@id": "https://www.variotdbs.pl/ref/iot/"
        },
        "iot_taxonomy": {
          "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
        },
        "patch": {
          "@id": "https://www.variotdbs.pl/ref/patch/"
        },
        "problemtype_data": {
          "@id": "https://www.variotdbs.pl/ref/problemtype_data/"
        },
        "references": {
          "@id": "https://www.variotdbs.pl/ref/references/"
        },
        "sources": {
          "@id": "https://www.variotdbs.pl/ref/sources/"
        },
        "sources_release_date": {
          "@id": "https://www.variotdbs.pl/ref/sources_release_date/"
        },
        "sources_update_date": {
          "@id": "https://www.variotdbs.pl/ref/sources_update_date/"
        },
        "threat_type": {
          "@id": "https://www.variotdbs.pl/ref/threat_type/"
        },
        "title": {
          "@id": "https://www.variotdbs.pl/ref/title/"
        },
        "type": {
          "@id": "https://www.variotdbs.pl/ref/type/"
        }
      },
      "@id": "https://www.variotdbs.pl/vuln/VAR-201709-0303",
      "affected_products": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/affected_products#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            },
            "@id": "https://www.variotdbs.pl/ref/sources"
          }
        },
        "data": [
          {
            "model": "td5336",
            "scope": "eq",
            "trust": 1.6,
            "vendor": "technicolor",
            "version": "7.0"
          },
          {
            "model": "td5336",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "technicolor",
            "version": "7"
          },
          {
            "model": "td5336 oi fw v7",
            "scope": null,
            "trust": 0.6,
            "vendor": "technicolor",
            "version": null
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2017-31563"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2017-007686"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201709-074"
          },
          {
            "db": "NVD",
            "id": "CVE-2017-14127"
          }
        ]
      },
      "configurations": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/configurations#",
          "children": {
            "@container": "@list"
          },
          "cpe_match": {
            "@container": "@list"
          },
          "data": {
            "@container": "@list"
          },
          "nodes": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "CVE_data_version": "4.0",
            "nodes": [
              {
                "cpe_match": [
                  {
                    "cpe22Uri": "cpe:/o:technicolor:td5336_firmware",
                    "vulnerable": true
                  }
                ],
                "operator": "OR"
              }
            ]
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2017-007686"
          }
        ]
      },
      "cve": "CVE-2017-14127",
      "cvss": {
        "@context": {
          "cvssV2": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
          },
          "cvssV3": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
          },
          "severity": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/cvss/severity#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/severity"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            },
            "@id": "https://www.variotdbs.pl/ref/sources"
          }
        },
        "data": [
          {
            "cvssV2": [
              {
                "accessComplexity": "LOW",
                "accessVector": "NETWORK",
                "authentication": "NONE",
                "author": "nvd@nist.gov",
                "availabilityImpact": "COMPLETE",
                "baseScore": 10.0,
                "confidentialityImpact": "COMPLETE",
                "exploitabilityScore": 10.0,
                "id": "CVE-2017-14127",
                "impactScore": 10.0,
                "integrityImpact": "COMPLETE",
                "severity": "HIGH",
                "trust": 1.9,
                "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
                "version": "2.0"
              },
              {
                "accessComplexity": "LOW",
                "accessVector": "NETWORK",
                "authentication": "NONE",
                "author": "CNVD",
                "availabilityImpact": "COMPLETE",
                "baseScore": 10.0,
                "confidentialityImpact": "COMPLETE",
                "exploitabilityScore": 10.0,
                "id": "CNVD-2017-31563",
                "impactScore": 10.0,
                "integrityImpact": "COMPLETE",
                "severity": "HIGH",
                "trust": 0.6,
                "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
                "version": "2.0"
              },
              {
                "accessComplexity": "LOW",
                "accessVector": "NETWORK",
                "authentication": "NONE",
                "author": "VULHUB",
                "availabilityImpact": "COMPLETE",
                "baseScore": 10.0,
                "confidentialityImpact": "COMPLETE",
                "exploitabilityScore": 10.0,
                "id": "VHN-104818",
                "impactScore": 10.0,
                "integrityImpact": "COMPLETE",
                "severity": "HIGH",
                "trust": 0.1,
                "vectorString": "AV:N/AC:L/AU:N/C:C/I:C/A:C",
                "version": "2.0"
              }
            ],
            "cvssV3": [
              {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "author": "nvd@nist.gov",
                "availabilityImpact": "HIGH",
                "baseScore": 9.8,
                "baseSeverity": "CRITICAL",
                "confidentialityImpact": "HIGH",
                "exploitabilityScore": 3.9,
                "id": "CVE-2017-14127",
                "impactScore": 5.9,
                "integrityImpact": "HIGH",
                "privilegesRequired": "NONE",
                "scope": "UNCHANGED",
                "trust": 1.8,
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
                "version": "3.0"
              }
            ],
            "severity": [
              {
                "author": "nvd@nist.gov",
                "id": "CVE-2017-14127",
                "trust": 1.0,
                "value": "CRITICAL"
              },
              {
                "author": "NVD",
                "id": "CVE-2017-14127",
                "trust": 0.8,
                "value": "Critical"
              },
              {
                "author": "CNVD",
                "id": "CNVD-2017-31563",
                "trust": 0.6,
                "value": "HIGH"
              },
              {
                "author": "CNNVD",
                "id": "CNNVD-201709-074",
                "trust": 0.6,
                "value": "CRITICAL"
              },
              {
                "author": "VULHUB",
                "id": "VHN-104818",
                "trust": 0.1,
                "value": "HIGH"
              },
              {
                "author": "VULMON",
                "id": "CVE-2017-14127",
                "trust": 0.1,
                "value": "HIGH"
              }
            ]
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2017-31563"
          },
          {
            "db": "VULHUB",
            "id": "VHN-104818"
          },
          {
            "db": "VULMON",
            "id": "CVE-2017-14127"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2017-007686"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201709-074"
          },
          {
            "db": "NVD",
            "id": "CVE-2017-14127"
          }
        ]
      },
      "description": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/description#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "Command Injection in the Ping Module in the Web Interface on Technicolor TD5336 OI_Fw_v7 devices allows remote attackers to execute arbitrary OS commands as root via shell metacharacters in the pingAddr parameter to mnt_ping.cgi. Technicolor TD5336 Is OS A command injection vulnerability exists.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. TechnicolorTD5336OI_Fw_v7devices is a modem from Technicolor, France. A command injection vulnerability exists in the WebModface\u0027s PingModule on the TechnicolorTD5336OI_Fw_v7 device",
        "sources": [
          {
            "db": "NVD",
            "id": "CVE-2017-14127"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2017-007686"
          },
          {
            "db": "CNVD",
            "id": "CNVD-2017-31563"
          },
          {
            "db": "VULHUB",
            "id": "VHN-104818"
          },
          {
            "db": "VULMON",
            "id": "CVE-2017-14127"
          }
        ],
        "trust": 2.34
      },
      "external_ids": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/external_ids#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "db": "NVD",
            "id": "CVE-2017-14127",
            "trust": 3.2
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2017-007686",
            "trust": 0.8
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201709-074",
            "trust": 0.7
          },
          {
            "db": "CNVD",
            "id": "CNVD-2017-31563",
            "trust": 0.6
          },
          {
            "db": "VULHUB",
            "id": "VHN-104818",
            "trust": 0.1
          },
          {
            "db": "VULMON",
            "id": "CVE-2017-14127",
            "trust": 0.1
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2017-31563"
          },
          {
            "db": "VULHUB",
            "id": "VHN-104818"
          },
          {
            "db": "VULMON",
            "id": "CVE-2017-14127"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2017-007686"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201709-074"
          },
          {
            "db": "NVD",
            "id": "CVE-2017-14127"
          }
        ]
      },
      "id": "VAR-201709-0303",
      "iot": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/iot#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": true,
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2017-31563"
          },
          {
            "db": "VULHUB",
            "id": "VHN-104818"
          }
        ],
        "trust": 1.7
      },
      "iot_taxonomy": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "category": [
              "Network device"
            ],
            "sub_category": null,
            "trust": 0.6
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2017-31563"
          }
        ]
      },
      "last_update_date": "2025-04-20T23:23:37.331000Z",
      "patch": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/patch#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "title": "Top Page",
            "trust": 0.8,
            "url": "http://www.technicolor.com/"
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2017-007686"
          }
        ]
      },
      "problemtype_data": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "problemtype": "CWE-78",
            "trust": 1.9
          }
        ],
        "sources": [
          {
            "db": "VULHUB",
            "id": "VHN-104818"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2017-007686"
          },
          {
            "db": "NVD",
            "id": "CVE-2017-14127"
          }
        ]
      },
      "references": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/references#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "trust": 3.2,
            "url": "http://jordyf.me/2017/09/02/technicolor-pwn.html"
          },
          {
            "trust": 0.8,
            "url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2017-14127"
          },
          {
            "trust": 0.8,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2017-14127"
          },
          {
            "trust": 0.1,
            "url": "https://cwe.mitre.org/data/definitions/78.html"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov"
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2017-31563"
          },
          {
            "db": "VULHUB",
            "id": "VHN-104818"
          },
          {
            "db": "VULMON",
            "id": "CVE-2017-14127"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2017-007686"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201709-074"
          },
          {
            "db": "NVD",
            "id": "CVE-2017-14127"
          }
        ]
      },
      "sources": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "db": "CNVD",
            "id": "CNVD-2017-31563"
          },
          {
            "db": "VULHUB",
            "id": "VHN-104818"
          },
          {
            "db": "VULMON",
            "id": "CVE-2017-14127"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2017-007686"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201709-074"
          },
          {
            "db": "NVD",
            "id": "CVE-2017-14127"
          }
        ]
      },
      "sources_release_date": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "date": "2017-10-26T00:00:00",
            "db": "CNVD",
            "id": "CNVD-2017-31563"
          },
          {
            "date": "2017-09-04T00:00:00",
            "db": "VULHUB",
            "id": "VHN-104818"
          },
          {
            "date": "2017-09-04T00:00:00",
            "db": "VULMON",
            "id": "CVE-2017-14127"
          },
          {
            "date": "2017-09-28T00:00:00",
            "db": "JVNDB",
            "id": "JVNDB-2017-007686"
          },
          {
            "date": "2017-09-05T00:00:00",
            "db": "CNNVD",
            "id": "CNNVD-201709-074"
          },
          {
            "date": "2017-09-04T20:29:00.290000",
            "db": "NVD",
            "id": "CVE-2017-14127"
          }
        ]
      },
      "sources_update_date": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "date": "2017-10-26T00:00:00",
            "db": "CNVD",
            "id": "CNVD-2017-31563"
          },
          {
            "date": "2017-09-08T00:00:00",
            "db": "VULHUB",
            "id": "VHN-104818"
          },
          {
            "date": "2017-09-08T00:00:00",
            "db": "VULMON",
            "id": "CVE-2017-14127"
          },
          {
            "date": "2017-09-28T00:00:00",
            "db": "JVNDB",
            "id": "JVNDB-2017-007686"
          },
          {
            "date": "2017-09-05T00:00:00",
            "db": "CNNVD",
            "id": "CNNVD-201709-074"
          },
          {
            "date": "2025-04-20T01:37:25.860000",
            "db": "NVD",
            "id": "CVE-2017-14127"
          }
        ]
      },
      "threat_type": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/threat_type#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "remote",
        "sources": [
          {
            "db": "CNNVD",
            "id": "CNNVD-201709-074"
          }
        ],
        "trust": 0.6
      },
      "title": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/title#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "Technicolor TD5336 OI_Fw_v7 Command Injection Vulnerability",
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2017-31563"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201709-074"
          }
        ],
        "trust": 1.2
      },
      "type": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/type#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "operating system commend injection",
        "sources": [
          {
            "db": "CNNVD",
            "id": "CNNVD-201709-074"
          }
        ],
        "trust": 0.6
      }
    }

    VAR-201709-0051

    Vulnerability from variot - Updated: 2025-04-20 23:21

    OpenStage 60 and OpenScape Desk Phone IP 55G SIP V3, OpenStage 15, 20E, 20 and 40 and OpenScape Desk Phone IP 35G SIP V3, OpenScape Desk Phone IP 35G Eco SIP V3, OpenStage 60 and OpenScape Desk Phone IP 55G HFA V3, OpenStage 15, 20E, 20, and 40 and OpenScape Desk Phone IP 35G HFA V3, and OpenScape Desk Phone IP 35G Eco HFA V3 use non-unique X.509 certificates and SSH host keys. Many embedded devices are not unique X.509 Certificate and SSH Spoofing and intermediary because host key is used (man-in-the-middle) There is a possibility of being attacked and attacks such as decryption of communication contents. The encryption key is hard-coded (CWE-321) SEC Consult of Stefan Viehböck According to the survey, many embedded devices are not unique X.509 Certificate and SSH It is said that it is accessible from the Internet using a host key. A hard-coded key in a firmware image or a repository stored by scanning the Internet scans.io ( In particular SSH And the result of SSL Certificate ) A device that uses a certificate whose fingerprint matches the data of can be determined to be vulnerable. Affected devices include household routers and IP From the camera VoIP Wide range of products. CWE-321: Use of Hard-coded Cryptographic Key http://cwe.mitre.org/data/definitions/321.html scans.io https://scans.io/ SSH Result of https://scans.io/series/ssh-rsa-full-ipv4 SSL Certificate https://scans.io/study/sonar.ssl In many vulnerable devices, certificate and key reuse is limited to a limited product line by a specific developer, but there are several examples where multiple developers use the same certificate or key. Or exist. These are common SDK Firmware developed using, or ISP Provided by OEM The root cause is the use of device firmware. Vulnerable equipment is impersonation and intermediary (man-in-the-middle) There is a possibility of being attacked or deciphering the communication contents. Perhaps the attacker can obtain authentication information and other sensitive information and use it for further attacks. Survey results and certificates SSH For more information on systems affected by host key issues, see SEC Consult See the blog post. Certificate https://www.sec-consult.com/download/certificates.html SSH Host key https://www.sec-consult.com/download/ssh_host_keys.html SEC Consult http://blog.sec-consult.com/2015/11/house-of-keys-industry-wide-https.htmlA remote attacker impersonates a user or intermediary (man-in-the-middle) There is a possibility of being attacked or deciphering the communication contents. As a result, confidential information may be leaked. UnifyOpenStage60 and so on are all IP phones from Unify. A remote attacker could exploit the vulnerability to exploit a man-in-the-middle attack or decrypt communication between legitimate users and devices

    Show details on source website

    {
      "@context": {
        "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
        "affected_products": {
          "@id": "https://www.variotdbs.pl/ref/affected_products"
        },
        "configurations": {
          "@id": "https://www.variotdbs.pl/ref/configurations"
        },
        "credits": {
          "@id": "https://www.variotdbs.pl/ref/credits"
        },
        "cvss": {
          "@id": "https://www.variotdbs.pl/ref/cvss/"
        },
        "description": {
          "@id": "https://www.variotdbs.pl/ref/description/"
        },
        "exploit_availability": {
          "@id": "https://www.variotdbs.pl/ref/exploit_availability/"
        },
        "external_ids": {
          "@id": "https://www.variotdbs.pl/ref/external_ids/"
        },
        "iot": {
          "@id": "https://www.variotdbs.pl/ref/iot/"
        },
        "iot_taxonomy": {
          "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
        },
        "patch": {
          "@id": "https://www.variotdbs.pl/ref/patch/"
        },
        "problemtype_data": {
          "@id": "https://www.variotdbs.pl/ref/problemtype_data/"
        },
        "references": {
          "@id": "https://www.variotdbs.pl/ref/references/"
        },
        "sources": {
          "@id": "https://www.variotdbs.pl/ref/sources/"
        },
        "sources_release_date": {
          "@id": "https://www.variotdbs.pl/ref/sources_release_date/"
        },
        "sources_update_date": {
          "@id": "https://www.variotdbs.pl/ref/sources_update_date/"
        },
        "threat_type": {
          "@id": "https://www.variotdbs.pl/ref/threat_type/"
        },
        "title": {
          "@id": "https://www.variotdbs.pl/ref/title/"
        },
        "type": {
          "@id": "https://www.variotdbs.pl/ref/type/"
        }
      },
      "@id": "https://www.variotdbs.pl/vuln/VAR-201709-0051",
      "affected_products": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/affected_products#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            },
            "@id": "https://www.variotdbs.pl/ref/sources"
          }
        },
        "data": [
          {
            "model": "openscape desk phone ip 35g hfa",
            "scope": "eq",
            "trust": 1.6,
            "vendor": "unify",
            "version": "3.0"
          },
          {
            "model": "openscape desk phone ip 55g sip",
            "scope": "eq",
            "trust": 1.6,
            "vendor": "unify",
            "version": "3.0"
          },
          {
            "model": "openstage 60",
            "scope": "eq",
            "trust": 1.6,
            "vendor": "unify",
            "version": "3.0"
          },
          {
            "model": "openstage 20",
            "scope": "eq",
            "trust": 1.6,
            "vendor": "unify",
            "version": "3.0"
          },
          {
            "model": "openscape desk phone ip 35g eco sip",
            "scope": "eq",
            "trust": 1.6,
            "vendor": "unify",
            "version": "3.0"
          },
          {
            "model": "openstage 40",
            "scope": "eq",
            "trust": 1.6,
            "vendor": "unify",
            "version": "3.0"
          },
          {
            "model": "openscape desk phone ip 55g hfa",
            "scope": "eq",
            "trust": 1.6,
            "vendor": "unify",
            "version": "3.0"
          },
          {
            "model": "openstage 20e",
            "scope": "eq",
            "trust": 1.6,
            "vendor": "unify",
            "version": "3.0"
          },
          {
            "model": "openscape desk phone ip 35g sip",
            "scope": "eq",
            "trust": 1.6,
            "vendor": "unify",
            "version": "3.0"
          },
          {
            "model": "openstage 15",
            "scope": "eq",
            "trust": 1.6,
            "vendor": "unify",
            "version": "3.0"
          },
          {
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "actiontec",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "cisco",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "d link",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "general electric",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "huawei",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "netcomm",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "sierra",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "technicolor",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "ubiquiti",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "unify",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "zte",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "zyxel",
            "version": null
          },
          {
            "model": "c1000z",
            "scope": null,
            "trust": 0.8,
            "vendor": "zyxel",
            "version": null
          },
          {
            "model": "fr1000z",
            "scope": null,
            "trust": 0.8,
            "vendor": "zyxel",
            "version": null
          },
          {
            "model": "gs1900-24",
            "scope": null,
            "trust": 0.8,
            "vendor": "zyxel",
            "version": null
          },
          {
            "model": "gs1900-8",
            "scope": null,
            "trust": 0.8,
            "vendor": "zyxel",
            "version": null
          },
          {
            "model": "nwa1100-n",
            "scope": null,
            "trust": 0.8,
            "vendor": "zyxel",
            "version": null
          },
          {
            "model": "nwa1100-nh",
            "scope": null,
            "trust": 0.8,
            "vendor": "zyxel",
            "version": null
          },
          {
            "model": "nwa1121-ni",
            "scope": null,
            "trust": 0.8,
            "vendor": "zyxel",
            "version": null
          },
          {
            "model": "nwa1123-ac",
            "scope": null,
            "trust": 0.8,
            "vendor": "zyxel",
            "version": null
          },
          {
            "model": "nwa1123-ni",
            "scope": null,
            "trust": 0.8,
            "vendor": "zyxel",
            "version": null
          },
          {
            "model": "p-660hn-51",
            "scope": null,
            "trust": 0.8,
            "vendor": "zyxel",
            "version": null
          },
          {
            "model": "p-663hn-51",
            "scope": null,
            "trust": 0.8,
            "vendor": "zyxel",
            "version": null
          },
          {
            "model": "p8702n",
            "scope": null,
            "trust": 0.8,
            "vendor": "zyxel",
            "version": null
          },
          {
            "model": "pmg5318-b20a",
            "scope": null,
            "trust": 0.8,
            "vendor": "zyxel",
            "version": null
          },
          {
            "model": "q1000",
            "scope": null,
            "trust": 0.8,
            "vendor": "zyxel",
            "version": null
          },
          {
            "model": "sbg3300-n000",
            "scope": null,
            "trust": 0.8,
            "vendor": "zyxel",
            "version": null
          },
          {
            "model": "sbg3300-nb00",
            "scope": null,
            "trust": 0.8,
            "vendor": "zyxel",
            "version": null
          },
          {
            "model": "sbg3500-n000",
            "scope": null,
            "trust": 0.8,
            "vendor": "zyxel",
            "version": null
          },
          {
            "model": "vmg1312-b10a",
            "scope": null,
            "trust": 0.8,
            "vendor": "zyxel",
            "version": null
          },
          {
            "model": "vmg1312-b30a",
            "scope": null,
            "trust": 0.8,
            "vendor": "zyxel",
            "version": null
          },
          {
            "model": "vmg1312-b30b",
            "scope": null,
            "trust": 0.8,
            "vendor": "zyxel",
            "version": null
          },
          {
            "model": "vmg4380-b10a",
            "scope": null,
            "trust": 0.8,
            "vendor": "zyxel",
            "version": null
          },
          {
            "model": "vmg8324-b10a",
            "scope": null,
            "trust": 0.8,
            "vendor": "zyxel",
            "version": null
          },
          {
            "model": "vmg8924-b10a",
            "scope": null,
            "trust": 0.8,
            "vendor": "zyxel",
            "version": null
          },
          {
            "model": "vmg8924-b30a",
            "scope": null,
            "trust": 0.8,
            "vendor": "zyxel",
            "version": null
          },
          {
            "model": "vsg1435-b101",
            "scope": null,
            "trust": 0.8,
            "vendor": "zyxel",
            "version": null
          },
          {
            "model": "",
            "scope": null,
            "trust": 0.8,
            "vendor": "multiple vendors",
            "version": null
          },
          {
            "model": "openstage",
            "scope": "eq",
            "trust": 0.6,
            "vendor": "unify",
            "version": "60"
          },
          {
            "model": "openscape desk phone ip 55g sip",
            "scope": "eq",
            "trust": 0.6,
            "vendor": "unify",
            "version": "v3"
          },
          {
            "model": "openscape desk phone ip 35g sip",
            "scope": "eq",
            "trust": 0.6,
            "vendor": "unify",
            "version": "v3"
          },
          {
            "model": "openstage",
            "scope": "eq",
            "trust": 0.6,
            "vendor": "unify",
            "version": "40"
          },
          {
            "model": "openstage",
            "scope": "eq",
            "trust": 0.6,
            "vendor": "unify",
            "version": "20"
          },
          {
            "model": "openstage 20e",
            "scope": null,
            "trust": 0.6,
            "vendor": "unify",
            "version": null
          },
          {
            "model": "openstage",
            "scope": "eq",
            "trust": 0.6,
            "vendor": "unify",
            "version": "15"
          },
          {
            "model": "openscape desk phone ip 55g hfa",
            "scope": "eq",
            "trust": 0.6,
            "vendor": "unify",
            "version": "v3"
          },
          {
            "model": "openscape desk phone ip 35g hfa",
            "scope": "eq",
            "trust": 0.6,
            "vendor": "unify",
            "version": "v3"
          },
          {
            "model": "openscape desk phone ip 35g eco hfa",
            "scope": "eq",
            "trust": 0.6,
            "vendor": "unify",
            "version": "v3"
          }
        ],
        "sources": [
          {
            "db": "CERT/CC",
            "id": "VU#566724"
          },
          {
            "db": "CNVD",
            "id": "CNVD-2017-33799"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2015-006907"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201709-1157"
          },
          {
            "db": "NVD",
            "id": "CVE-2015-8251"
          }
        ]
      },
      "configurations": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/configurations#",
          "children": {
            "@container": "@list"
          },
          "cpe_match": {
            "@container": "@list"
          },
          "data": {
            "@container": "@list"
          },
          "nodes": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "CVE_data_version": "4.0",
            "nodes": [
              {
                "cpe_match": [
                  {
                    "cpe22Uri": "cpe:/o:zyxel:c1000z_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:zyxel:fr1000z_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:zyxel:gs1900-24_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:zyxel:gs1900-8_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:zyxel:nwa1100-n_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:zyxel:nwa1100-nh_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:zyxel:nwa1121-ni_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:zyxel:nwa1123-ac_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:zyxel:nwa1123-ni_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:zyxel:p-660hn-51_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:zyxel:p-663hn-51_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:zyxel:p8702n_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:zyxel:pmg5318-b20a_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:zyxel:q1000_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:zyxel:sbg3300-n000_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:zyxel:sbg3300-nb00_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:zyxel:sbg3500-n000_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:zyxel:vmg1312-b10a_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:zyxel:vmg1312-b30a_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:zyxel:vmg1312-b30b_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:zyxel:vmg4380-b10a_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:zyxel:vmg8324-b10a_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:zyxel:vmg8924-b10a_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:zyxel:vmg8924-b30a_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:zyxel:vsg1435-b101_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/a:misc:multiple_vendors",
                    "vulnerable": true
                  }
                ],
                "operator": "OR"
              }
            ]
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2015-006907"
          }
        ]
      },
      "cve": "CVE-2015-8251",
      "cvss": {
        "@context": {
          "cvssV2": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
          },
          "cvssV3": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
          },
          "severity": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/cvss/severity#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/severity"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            },
            "@id": "https://www.variotdbs.pl/ref/sources"
          }
        },
        "data": [
          {
            "cvssV2": [
              {
                "accessComplexity": "MEDIUM",
                "accessVector": "NETWORK",
                "authentication": "NONE",
                "author": "nvd@nist.gov",
                "availabilityImpact": "NONE",
                "baseScore": 4.3,
                "confidentialityImpact": "PARTIAL",
                "exploitabilityScore": 8.6,
                "id": "CVE-2015-8251",
                "impactScore": 2.9,
                "integrityImpact": "NONE",
                "severity": "MEDIUM",
                "trust": 1.0,
                "vectorString": "AV:N/AC:M/Au:N/C:P/I:N/A:N",
                "version": "2.0"
              },
              {
                "acInsufInfo": null,
                "accessComplexity": "Low",
                "accessVector": "Network",
                "authentication": "None",
                "author": "NVD",
                "availabilityImpact": "None",
                "baseScore": 5.0,
                "confidentialityImpact": "Partial",
                "exploitabilityScore": null,
                "id": "CVE-2015-8251",
                "impactScore": null,
                "integrityImpact": "None",
                "obtainAllPrivilege": null,
                "obtainOtherPrivilege": null,
                "obtainUserPrivilege": null,
                "severity": "Medium",
                "trust": 0.8,
                "userInteractionRequired": null,
                "vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N",
                "version": "2.0"
              },
              {
                "accessComplexity": "MEDIUM",
                "accessVector": "NETWORK",
                "authentication": "NONE",
                "author": "CNVD",
                "availabilityImpact": "NONE",
                "baseScore": 4.3,
                "confidentialityImpact": "PARTIAL",
                "exploitabilityScore": 8.6,
                "id": "CNVD-2017-33799",
                "impactScore": 2.9,
                "integrityImpact": "NONE",
                "severity": "MEDIUM",
                "trust": 0.6,
                "vectorString": "AV:N/AC:M/Au:N/C:P/I:N/A:N",
                "version": "2.0"
              },
              {
                "accessComplexity": "MEDIUM",
                "accessVector": "NETWORK",
                "authentication": "NONE",
                "author": "VULHUB",
                "availabilityImpact": "NONE",
                "baseScore": 4.3,
                "confidentialityImpact": "PARTIAL",
                "exploitabilityScore": 8.6,
                "id": "VHN-86212",
                "impactScore": 2.9,
                "integrityImpact": "NONE",
                "severity": "MEDIUM",
                "trust": 0.1,
                "vectorString": "AV:N/AC:M/AU:N/C:P/I:N/A:N",
                "version": "2.0"
              }
            ],
            "cvssV3": [
              {
                "attackComplexity": "HIGH",
                "attackVector": "NETWORK",
                "author": "nvd@nist.gov",
                "availabilityImpact": "NONE",
                "baseScore": 5.9,
                "baseSeverity": "MEDIUM",
                "confidentialityImpact": "HIGH",
                "exploitabilityScore": 2.2,
                "id": "CVE-2015-8251",
                "impactScore": 3.6,
                "integrityImpact": "NONE",
                "privilegesRequired": "NONE",
                "scope": "UNCHANGED",
                "trust": 1.0,
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N",
                "version": "3.0"
              }
            ],
            "severity": [
              {
                "author": "nvd@nist.gov",
                "id": "CVE-2015-8251",
                "trust": 1.0,
                "value": "MEDIUM"
              },
              {
                "author": "NVD",
                "id": "CVE-2015-8251",
                "trust": 0.8,
                "value": "Medium"
              },
              {
                "author": "CNVD",
                "id": "CNVD-2017-33799",
                "trust": 0.6,
                "value": "MEDIUM"
              },
              {
                "author": "CNNVD",
                "id": "CNNVD-201709-1157",
                "trust": 0.6,
                "value": "MEDIUM"
              },
              {
                "author": "VULHUB",
                "id": "VHN-86212",
                "trust": 0.1,
                "value": "MEDIUM"
              }
            ]
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2017-33799"
          },
          {
            "db": "VULHUB",
            "id": "VHN-86212"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2015-006907"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201709-1157"
          },
          {
            "db": "NVD",
            "id": "CVE-2015-8251"
          }
        ]
      },
      "description": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/description#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "OpenStage 60 and OpenScape Desk Phone IP 55G SIP V3, OpenStage 15, 20E, 20 and 40 and OpenScape Desk Phone IP 35G SIP V3, OpenScape Desk Phone IP 35G Eco SIP V3, OpenStage 60 and OpenScape Desk Phone IP 55G HFA V3, OpenStage 15, 20E, 20, and 40 and OpenScape Desk Phone IP 35G HFA V3, and OpenScape Desk Phone IP 35G Eco HFA V3 use non-unique X.509 certificates and SSH host keys. Many embedded devices are not unique X.509 Certificate and SSH Spoofing and intermediary because host key is used (man-in-the-middle) There is a possibility of being attacked and attacks such as decryption of communication contents. The encryption key is hard-coded (CWE-321) SEC Consult of Stefan Viehb\u0026#246;ck According to the survey, many embedded devices are not unique X.509 Certificate and SSH It is said that it is accessible from the Internet using a host key. A hard-coded key in a firmware image or a repository stored by scanning the Internet scans.io ( In particular SSH And the result of SSL Certificate ) A device that uses a certificate whose fingerprint matches the data of can be determined to be vulnerable. Affected devices include household routers and IP From the camera VoIP Wide range of products. CWE-321: Use of Hard-coded Cryptographic Key http://cwe.mitre.org/data/definitions/321.html scans.io https://scans.io/ SSH Result of https://scans.io/series/ssh-rsa-full-ipv4 SSL Certificate https://scans.io/study/sonar.ssl In many vulnerable devices, certificate and key reuse is limited to a limited product line by a specific developer, but there are several examples where multiple developers use the same certificate or key. Or exist. These are common SDK Firmware developed using, or ISP Provided by OEM The root cause is the use of device firmware. Vulnerable equipment is impersonation and intermediary (man-in-the-middle) There is a possibility of being attacked or deciphering the communication contents. Perhaps the attacker can obtain authentication information and other sensitive information and use it for further attacks. Survey results and certificates SSH For more information on systems affected by host key issues, see SEC Consult See the blog post. Certificate https://www.sec-consult.com/download/certificates.html SSH Host key https://www.sec-consult.com/download/ssh_host_keys.html SEC Consult http://blog.sec-consult.com/2015/11/house-of-keys-industry-wide-https.htmlA remote attacker impersonates a user or intermediary (man-in-the-middle) There is a possibility of being attacked or deciphering the communication contents. As a result, confidential information may be leaked. UnifyOpenStage60 and so on are all IP phones from Unify. A remote attacker could exploit the vulnerability to exploit a man-in-the-middle attack or decrypt communication between legitimate users and devices",
        "sources": [
          {
            "db": "NVD",
            "id": "CVE-2015-8251"
          },
          {
            "db": "CERT/CC",
            "id": "VU#566724"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2015-006907"
          },
          {
            "db": "CNVD",
            "id": "CNVD-2017-33799"
          },
          {
            "db": "VULHUB",
            "id": "VHN-86212"
          }
        ],
        "trust": 2.97
      },
      "external_ids": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/external_ids#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "db": "CERT/CC",
            "id": "VU#566724",
            "trust": 3.9
          },
          {
            "db": "NVD",
            "id": "CVE-2015-8251",
            "trust": 3.1
          },
          {
            "db": "JVN",
            "id": "JVNVU96100360",
            "trust": 0.8
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2015-006907",
            "trust": 0.8
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201709-1157",
            "trust": 0.7
          },
          {
            "db": "CNVD",
            "id": "CNVD-2017-33799",
            "trust": 0.6
          },
          {
            "db": "BID",
            "id": "84118",
            "trust": 0.1
          },
          {
            "db": "VULHUB",
            "id": "VHN-86212",
            "trust": 0.1
          }
        ],
        "sources": [
          {
            "db": "CERT/CC",
            "id": "VU#566724"
          },
          {
            "db": "CNVD",
            "id": "CNVD-2017-33799"
          },
          {
            "db": "VULHUB",
            "id": "VHN-86212"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2015-006907"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201709-1157"
          },
          {
            "db": "NVD",
            "id": "CVE-2015-8251"
          }
        ]
      },
      "id": "VAR-201709-0051",
      "iot": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/iot#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": true,
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2017-33799"
          },
          {
            "db": "VULHUB",
            "id": "VHN-86212"
          }
        ],
        "trust": 1.192671785
      },
      "iot_taxonomy": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "category": [
              "Network device"
            ],
            "sub_category": null,
            "trust": 0.6
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2017-33799"
          }
        ]
      },
      "last_update_date": "2025-04-20T23:21:26.580000Z",
      "patch": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/patch#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "title": "Zyxel to Fix SSH Private Key and Certificate Vulnerability (CVE-2015-7256)",
            "trust": 0.8,
            "url": "http://www.zyxel.com/support/announcement_SSH_private_key_and_certificate_vulnerability.shtml"
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2015-006907"
          }
        ]
      },
      "problemtype_data": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "problemtype": "CWE-200",
            "trust": 1.1
          }
        ],
        "sources": [
          {
            "db": "VULHUB",
            "id": "VHN-86212"
          },
          {
            "db": "NVD",
            "id": "CVE-2015-8251"
          }
        ]
      },
      "references": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/references#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "trust": 3.1,
            "url": "http://www.kb.cert.org/vuls/id/566724"
          },
          {
            "trust": 1.7,
            "url": "https://networks.unify.com/security/advisories/obso-1511-02-a.pdf"
          },
          {
            "trust": 1.7,
            "url": "https://networks.unify.com/security/advisories/obso-1511-02.pdf"
          },
          {
            "trust": 1.7,
            "url": "https://www.kb.cert.org/vuls/id/bluu-a2ppze"
          },
          {
            "trust": 1.6,
            "url": "http://blog.sec-consult.com/2015/11/house-of-keys-industry-wide-https.html"
          },
          {
            "trust": 0.8,
            "url": "http://blog.sec-consult.com/2016/09/house-of-keys-9-months-later-40-worse.html"
          },
          {
            "trust": 0.8,
            "url": "https://www.sec-consult.com/download/certificates.html"
          },
          {
            "trust": 0.8,
            "url": "https://www.sec-consult.com/download/ssh_host_keys.html"
          },
          {
            "trust": 0.8,
            "url": "https://scans.io/"
          },
          {
            "trust": 0.8,
            "url": "https://scans.io/series/ssh-rsa-full-ipv4"
          },
          {
            "trust": 0.8,
            "url": "https://scans.io/study/sonar.ssl"
          },
          {
            "trust": 0.8,
            "url": "https://censys.io"
          },
          {
            "trust": 0.8,
            "url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2015-6358"
          },
          {
            "trust": 0.8,
            "url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2015-7255"
          },
          {
            "trust": 0.8,
            "url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2015-7256"
          },
          {
            "trust": 0.8,
            "url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2015-7276"
          },
          {
            "trust": 0.8,
            "url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2015-8251"
          },
          {
            "trust": 0.8,
            "url": "http://jvn.jp/vu/jvnvu96100360/index.html"
          },
          {
            "trust": 0.8,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2015-7256"
          },
          {
            "trust": 0.8,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2015-6358"
          },
          {
            "trust": 0.8,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2015-7255"
          },
          {
            "trust": 0.8,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2015-7276"
          },
          {
            "trust": 0.8,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2015-8251"
          }
        ],
        "sources": [
          {
            "db": "CERT/CC",
            "id": "VU#566724"
          },
          {
            "db": "CNVD",
            "id": "CNVD-2017-33799"
          },
          {
            "db": "VULHUB",
            "id": "VHN-86212"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2015-006907"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201709-1157"
          },
          {
            "db": "NVD",
            "id": "CVE-2015-8251"
          }
        ]
      },
      "sources": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "db": "CERT/CC",
            "id": "VU#566724"
          },
          {
            "db": "CNVD",
            "id": "CNVD-2017-33799"
          },
          {
            "db": "VULHUB",
            "id": "VHN-86212"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2015-006907"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201709-1157"
          },
          {
            "db": "NVD",
            "id": "CVE-2015-8251"
          }
        ]
      },
      "sources_release_date": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "date": "2015-11-25T00:00:00",
            "db": "CERT/CC",
            "id": "VU#566724"
          },
          {
            "date": "2017-11-14T00:00:00",
            "db": "CNVD",
            "id": "CNVD-2017-33799"
          },
          {
            "date": "2017-09-25T00:00:00",
            "db": "VULHUB",
            "id": "VHN-86212"
          },
          {
            "date": "2016-02-29T00:00:00",
            "db": "JVNDB",
            "id": "JVNDB-2015-006907"
          },
          {
            "date": "2017-09-25T00:00:00",
            "db": "CNNVD",
            "id": "CNNVD-201709-1157"
          },
          {
            "date": "2017-09-25T21:29:00.913000",
            "db": "NVD",
            "id": "CVE-2015-8251"
          }
        ]
      },
      "sources_update_date": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "date": "2016-09-06T00:00:00",
            "db": "CERT/CC",
            "id": "VU#566724"
          },
          {
            "date": "2017-11-14T00:00:00",
            "db": "CNVD",
            "id": "CNVD-2017-33799"
          },
          {
            "date": "2017-10-11T00:00:00",
            "db": "VULHUB",
            "id": "VHN-86212"
          },
          {
            "date": "2018-02-28T00:00:00",
            "db": "JVNDB",
            "id": "JVNDB-2015-006907"
          },
          {
            "date": "2017-11-10T00:00:00",
            "db": "CNNVD",
            "id": "CNNVD-201709-1157"
          },
          {
            "date": "2025-04-20T01:37:25.860000",
            "db": "NVD",
            "id": "CVE-2015-8251"
          }
        ]
      },
      "threat_type": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/threat_type#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "remote",
        "sources": [
          {
            "db": "CNNVD",
            "id": "CNNVD-201709-1157"
          }
        ],
        "trust": 0.6
      },
      "title": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/title#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "Embedded devices use non-unique X.509 certificates and SSH host keys",
        "sources": [
          {
            "db": "CERT/CC",
            "id": "VU#566724"
          }
        ],
        "trust": 0.8
      },
      "type": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/type#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "information disclosure",
        "sources": [
          {
            "db": "CNNVD",
            "id": "CNNVD-201709-1157"
          }
        ],
        "trust": 0.6
      }
    }

    VAR-201710-0035

    Vulnerability from variot - Updated: 2025-04-20 23:21

    Multiple Cisco embedded devices use hardcoded X.509 certificates and SSH host keys embedded in the firmware, which allows remote attackers to defeat cryptographic protection mechanisms and conduct man-in-the-middle attacks by leveraging knowledge of these certificates and keys from another installation, aka Bug IDs CSCuw46610, CSCuw46620, CSCuw46637, CSCuw46654, CSCuw46665, CSCuw46672, CSCuw46677, CSCuw46682, CSCuw46705, CSCuw46716, CSCuw46979, CSCuw47005, CSCuw47028, CSCuw47040, CSCuw47048, CSCuw47061, CSCuw90860, CSCuw90869, CSCuw90875, CSCuw90881, CSCuw90899, and CSCuw90913. The encryption key is hard-coded (CWE-321) SEC Consult of Stefan Viehböck According to the survey, many embedded devices are not unique X.509 Certificate and SSH It is said that it is accessible from the Internet using a host key. A hard-coded key in a firmware image or a repository stored by scanning the Internet scans.io ( In particular SSH And the result of SSL Certificate ) A device that uses a certificate whose fingerprint matches the data of can be determined to be vulnerable. Affected devices include household routers and IP From the camera VoIP Wide range of products. CWE-321: Use of Hard-coded Cryptographic Key http://cwe.mitre.org/data/definitions/321.html scans.io https://scans.io/ SSH Result of https://scans.io/series/ssh-rsa-full-ipv4 SSL Certificate https://scans.io/study/sonar.ssl In many vulnerable devices, certificate and key reuse is limited to a limited product line by a specific developer, but there are several examples where multiple developers use the same certificate or key. Or exist. These are common SDK Firmware developed using, or ISP Provided by OEM The root cause is the use of device firmware. Vulnerable equipment is impersonation and intermediary (man-in-the-middle) There is a possibility of being attacked or deciphering the communication contents. Perhaps the attacker can obtain authentication information and other sensitive information and use it for further attacks. Survey results and certificates SSH For more information on systems affected by host key issues, see SEC Consult See the blog post. Certificate https://www.sec-consult.com/download/certificates.html SSH Host key https://www.sec-consult.com/download/ssh_host_keys.html SEC Consult http://blog.sec-consult.com/2015/11/house-of-keys-industry-wide-https.htmlA remote attacker impersonates a user or intermediary (man-in-the-middle) There is a possibility of being attacked or deciphering the communication contents. As a result, confidential information may be leaked. The Cisco RV320 Dual Gigabit WAN VPN is a router product from Cisco Systems, USA. Multiple Cisco Products are prone to an information-disclosure vulnerability. Successful exploits will lead to other attacks. This issue is being tracked by Cisco Bug IDs CSCuw46610, CSCuw46620, CSCuw46637, CSCuw46654, CSCuw46665, CSCuw46672, CSCuw46677, CSCuw46682, CSCuw46705, CSCuw46716, CSCuw46979, CSCuw47005, CSCuw47028, CSCuw47040, CSCuw47048, CSCuw47061, CSCuw90860, CSCuw90869, CSCuw90875, CSCuw90881, CSCuw90899, and CSCuw90913. The flaw stems from the fact that the program does not generate unique keys and certificates

    Show details on source website

    {
      "@context": {
        "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
        "affected_products": {
          "@id": "https://www.variotdbs.pl/ref/affected_products"
        },
        "configurations": {
          "@id": "https://www.variotdbs.pl/ref/configurations"
        },
        "credits": {
          "@id": "https://www.variotdbs.pl/ref/credits"
        },
        "cvss": {
          "@id": "https://www.variotdbs.pl/ref/cvss/"
        },
        "description": {
          "@id": "https://www.variotdbs.pl/ref/description/"
        },
        "exploit_availability": {
          "@id": "https://www.variotdbs.pl/ref/exploit_availability/"
        },
        "external_ids": {
          "@id": "https://www.variotdbs.pl/ref/external_ids/"
        },
        "iot": {
          "@id": "https://www.variotdbs.pl/ref/iot/"
        },
        "iot_taxonomy": {
          "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
        },
        "patch": {
          "@id": "https://www.variotdbs.pl/ref/patch/"
        },
        "problemtype_data": {
          "@id": "https://www.variotdbs.pl/ref/problemtype_data/"
        },
        "references": {
          "@id": "https://www.variotdbs.pl/ref/references/"
        },
        "sources": {
          "@id": "https://www.variotdbs.pl/ref/sources/"
        },
        "sources_release_date": {
          "@id": "https://www.variotdbs.pl/ref/sources_release_date/"
        },
        "sources_update_date": {
          "@id": "https://www.variotdbs.pl/ref/sources_update_date/"
        },
        "threat_type": {
          "@id": "https://www.variotdbs.pl/ref/threat_type/"
        },
        "title": {
          "@id": "https://www.variotdbs.pl/ref/title/"
        },
        "type": {
          "@id": "https://www.variotdbs.pl/ref/type/"
        }
      },
      "@id": "https://www.variotdbs.pl/vuln/VAR-201710-0035",
      "affected_products": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/affected_products#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            },
            "@id": "https://www.variotdbs.pl/ref/sources"
          }
        },
        "data": [
          {
            "model": "srp520-u",
            "scope": "lte",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "1.2.6"
          },
          {
            "model": "rv180w",
            "scope": "lte",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "1.0.5.4"
          },
          {
            "model": "srp520",
            "scope": "lte",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "1.01.29"
          },
          {
            "model": "spa400",
            "scope": "lte",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "1.1.2.2"
          },
          {
            "model": "wap4410n",
            "scope": "lte",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "2.0.7.8"
          },
          {
            "model": "rv220w",
            "scope": "lte",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "1.0.4.17"
          },
          {
            "model": "pvc2300",
            "scope": "lte",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "1.1.2.6"
          },
          {
            "model": "rv120w",
            "scope": "lte",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "1.0.5.9"
          },
          {
            "model": "wrv210",
            "scope": "lte",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "2.0.1.5"
          },
          {
            "model": "rvs4000",
            "scope": "lte",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "2.0.3.4"
          },
          {
            "model": "wrv200",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "1.0.39"
          },
          {
            "model": "wvc2300",
            "scope": "lte",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "1.1.2.6"
          },
          {
            "model": "srw224p",
            "scope": "lte",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "2.0.2.4"
          },
          {
            "model": "wap2000",
            "scope": "lte",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "2.0.8.0"
          },
          {
            "model": "rv180",
            "scope": "lte",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "1.0.5.4"
          },
          {
            "model": "wrp500",
            "scope": "lte",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "1.0.1.002"
          },
          {
            "model": "wap4400n",
            "scope": "lte",
            "trust": 1.0,
            "vendor": "cisco",
            "version": null
          },
          {
            "model": "rv325",
            "scope": "lte",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "1.3.1.10"
          },
          {
            "model": "rtp300",
            "scope": "lte",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "3.1.24"
          },
          {
            "model": "wrvs4400n",
            "scope": "lte",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "2.0.2.2"
          },
          {
            "model": "rv320",
            "scope": "lte",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "1.3.1.10"
          },
          {
            "model": "wap200",
            "scope": "lte",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "2.0.6.0"
          },
          {
            "model": "wet200",
            "scope": "lte",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "2.0.8.0"
          },
          {
            "model": "rv315w",
            "scope": "lte",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "1.01.03"
          },
          {
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "actiontec",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "cisco",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "d link",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "general electric",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "huawei",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "netcomm",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "sierra",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "technicolor",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "ubiquiti",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "unify",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "zte",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "zyxel",
            "version": null
          },
          {
            "model": "c1000z",
            "scope": null,
            "trust": 0.8,
            "vendor": "zyxel",
            "version": null
          },
          {
            "model": "fr1000z",
            "scope": null,
            "trust": 0.8,
            "vendor": "zyxel",
            "version": null
          },
          {
            "model": "gs1900-24",
            "scope": null,
            "trust": 0.8,
            "vendor": "zyxel",
            "version": null
          },
          {
            "model": "gs1900-8",
            "scope": null,
            "trust": 0.8,
            "vendor": "zyxel",
            "version": null
          },
          {
            "model": "nwa1100-n",
            "scope": null,
            "trust": 0.8,
            "vendor": "zyxel",
            "version": null
          },
          {
            "model": "nwa1100-nh",
            "scope": null,
            "trust": 0.8,
            "vendor": "zyxel",
            "version": null
          },
          {
            "model": "nwa1121-ni",
            "scope": null,
            "trust": 0.8,
            "vendor": "zyxel",
            "version": null
          },
          {
            "model": "nwa1123-ac",
            "scope": null,
            "trust": 0.8,
            "vendor": "zyxel",
            "version": null
          },
          {
            "model": "nwa1123-ni",
            "scope": null,
            "trust": 0.8,
            "vendor": "zyxel",
            "version": null
          },
          {
            "model": "p-660hn-51",
            "scope": null,
            "trust": 0.8,
            "vendor": "zyxel",
            "version": null
          },
          {
            "model": "p-663hn-51",
            "scope": null,
            "trust": 0.8,
            "vendor": "zyxel",
            "version": null
          },
          {
            "model": "p8702n",
            "scope": null,
            "trust": 0.8,
            "vendor": "zyxel",
            "version": null
          },
          {
            "model": "pmg5318-b20a",
            "scope": null,
            "trust": 0.8,
            "vendor": "zyxel",
            "version": null
          },
          {
            "model": "q1000",
            "scope": null,
            "trust": 0.8,
            "vendor": "zyxel",
            "version": null
          },
          {
            "model": "sbg3300-n000",
            "scope": null,
            "trust": 0.8,
            "vendor": "zyxel",
            "version": null
          },
          {
            "model": "sbg3300-nb00",
            "scope": null,
            "trust": 0.8,
            "vendor": "zyxel",
            "version": null
          },
          {
            "model": "sbg3500-n000",
            "scope": null,
            "trust": 0.8,
            "vendor": "zyxel",
            "version": null
          },
          {
            "model": "vmg1312-b10a",
            "scope": null,
            "trust": 0.8,
            "vendor": "zyxel",
            "version": null
          },
          {
            "model": "vmg1312-b30a",
            "scope": null,
            "trust": 0.8,
            "vendor": "zyxel",
            "version": null
          },
          {
            "model": "vmg1312-b30b",
            "scope": null,
            "trust": 0.8,
            "vendor": "zyxel",
            "version": null
          },
          {
            "model": "vmg4380-b10a",
            "scope": null,
            "trust": 0.8,
            "vendor": "zyxel",
            "version": null
          },
          {
            "model": "vmg8324-b10a",
            "scope": null,
            "trust": 0.8,
            "vendor": "zyxel",
            "version": null
          },
          {
            "model": "vmg8924-b10a",
            "scope": null,
            "trust": 0.8,
            "vendor": "zyxel",
            "version": null
          },
          {
            "model": "vmg8924-b30a",
            "scope": null,
            "trust": 0.8,
            "vendor": "zyxel",
            "version": null
          },
          {
            "model": "vsg1435-b101",
            "scope": null,
            "trust": 0.8,
            "vendor": "zyxel",
            "version": null
          },
          {
            "model": "",
            "scope": null,
            "trust": 0.8,
            "vendor": "multiple vendors",
            "version": null
          },
          {
            "model": "rv320 dual gigabit wan vpn router",
            "scope": null,
            "trust": 0.6,
            "vendor": "cisco",
            "version": null
          },
          {
            "model": "rv325 dual gigabit wan vpn router",
            "scope": null,
            "trust": 0.6,
            "vendor": "cisco",
            "version": null
          },
          {
            "model": "rv325 dual wan gigabit vpn router",
            "scope": null,
            "trust": 0.6,
            "vendor": "cisco",
            "version": null
          },
          {
            "model": "rvs4000 4-port gigabit security router vpn",
            "scope": "eq",
            "trust": 0.6,
            "vendor": "cisco",
            "version": null
          },
          {
            "model": "wrv210 wireless-g vpn router rangebooster",
            "scope": "eq",
            "trust": 0.6,
            "vendor": "cisco",
            "version": null
          },
          {
            "model": "wap4410n wireless-n access point poe/advanced security",
            "scope": "eq",
            "trust": 0.6,
            "vendor": "cisco",
            "version": null
          },
          {
            "model": "wrv200 wireless-g vpn router rangebooster",
            "scope": "eq",
            "trust": 0.6,
            "vendor": "cisco",
            "version": null
          },
          {
            "model": "wrvs4400n wireless",
            "scope": null,
            "trust": 0.6,
            "vendor": "cisco",
            "version": null
          },
          {
            "model": "srw224p",
            "scope": "eq",
            "trust": 0.6,
            "vendor": "cisco",
            "version": "2.0.2.4"
          },
          {
            "model": "wap4400n",
            "scope": "eq",
            "trust": 0.6,
            "vendor": "cisco",
            "version": null
          },
          {
            "model": "wvc2300",
            "scope": "eq",
            "trust": 0.6,
            "vendor": "cisco",
            "version": "1.1.2.6"
          },
          {
            "model": "rv180",
            "scope": "eq",
            "trust": 0.6,
            "vendor": "cisco",
            "version": "1.0.5.4"
          },
          {
            "model": "wap200",
            "scope": "eq",
            "trust": 0.6,
            "vendor": "cisco",
            "version": "2.0.6.0"
          },
          {
            "model": "wrvs4400n",
            "scope": "eq",
            "trust": 0.6,
            "vendor": "cisco",
            "version": "2.0.2.2"
          },
          {
            "model": "rv180w",
            "scope": "eq",
            "trust": 0.6,
            "vendor": "cisco",
            "version": "1.0.5.4"
          },
          {
            "model": "wap2000",
            "scope": "eq",
            "trust": 0.6,
            "vendor": "cisco",
            "version": "2.0.8.0"
          },
          {
            "model": "pvc2300",
            "scope": "eq",
            "trust": 0.6,
            "vendor": "cisco",
            "version": "1.1.2.6"
          },
          {
            "model": "wet200",
            "scope": "eq",
            "trust": 0.6,
            "vendor": "cisco",
            "version": "2.0.8.0"
          },
          {
            "model": "wvc2300 wireless-g business internet video camera audio",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "-0"
          },
          {
            "model": "wrvs4400n wireless-n gigabit security router vpn",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "-2.0"
          },
          {
            "model": "wrv210 wireless-g vpn router rangebooster",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "-0"
          },
          {
            "model": "wrv200 wireless-g vpn router rangebooster",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "-0"
          },
          {
            "model": "wrp500 wireless-ac broadband router with phone ports",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "20"
          },
          {
            "model": "wet200 wireless-g business ethernet bridge",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "0"
          },
          {
            "model": "wap4410n wireless-n access point poe/advanced security",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "-0"
          },
          {
            "model": "wap4400n wireless-n access point poe",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "-0"
          },
          {
            "model": "wap2000 wireless-g access point poe",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "-0"
          },
          {
            "model": "wap200 wireless-g access point poe/rangebooster",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "-0"
          },
          {
            "model": "srw224p 24-port 2-port gigabit switch webview/poe",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "10/100+-0"
          },
          {
            "model": "spa400 internet telephony gateway with fxo ports",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "40"
          },
          {
            "model": "small business srp520-u models",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "0"
          },
          {
            "model": "small business srp520 models",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "0"
          },
          {
            "model": "rvs4000 4-port gigabit security router vpn",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "-0"
          },
          {
            "model": "rv325 dual wan gigabit vpn router",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "0"
          },
          {
            "model": "rv325 dual gigabit wan vpn router",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "0"
          },
          {
            "model": "rv320 dual gigabit wan vpn router",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "0"
          },
          {
            "model": "rv315w wireless-n vpn router",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "0"
          },
          {
            "model": "rv220w wireless network security firewall",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "0"
          },
          {
            "model": "rv180w wireless-n multifunction vpn router",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "0"
          },
          {
            "model": "rv180 vpn router",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "0"
          },
          {
            "model": "rv120w wireless-n vpn firewall",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "0"
          },
          {
            "model": "rtp300 broadband router",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "0"
          },
          {
            "model": "pvc2300 business internet video camera audio/poe",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "-0"
          }
        ],
        "sources": [
          {
            "db": "CERT/CC",
            "id": "VU#566724"
          },
          {
            "db": "CNVD",
            "id": "CNVD-2015-07863"
          },
          {
            "db": "BID",
            "id": "78047"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2015-006907"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201511-426"
          },
          {
            "db": "NVD",
            "id": "CVE-2015-6358"
          }
        ]
      },
      "configurations": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/configurations#",
          "children": {
            "@container": "@list"
          },
          "cpe_match": {
            "@container": "@list"
          },
          "data": {
            "@container": "@list"
          },
          "nodes": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "CVE_data_version": "4.0",
            "nodes": [
              {
                "cpe_match": [
                  {
                    "cpe22Uri": "cpe:/o:zyxel:c1000z_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:zyxel:fr1000z_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:zyxel:gs1900-24_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:zyxel:gs1900-8_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:zyxel:nwa1100-n_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:zyxel:nwa1100-nh_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:zyxel:nwa1121-ni_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:zyxel:nwa1123-ac_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:zyxel:nwa1123-ni_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:zyxel:p-660hn-51_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:zyxel:p-663hn-51_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:zyxel:p8702n_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:zyxel:pmg5318-b20a_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:zyxel:q1000_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:zyxel:sbg3300-n000_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:zyxel:sbg3300-nb00_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:zyxel:sbg3500-n000_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:zyxel:vmg1312-b10a_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:zyxel:vmg1312-b30a_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:zyxel:vmg1312-b30b_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:zyxel:vmg4380-b10a_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:zyxel:vmg8324-b10a_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:zyxel:vmg8924-b10a_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:zyxel:vmg8924-b30a_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:zyxel:vsg1435-b101_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/a:misc:multiple_vendors",
                    "vulnerable": true
                  }
                ],
                "operator": "OR"
              }
            ]
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2015-006907"
          }
        ]
      },
      "credits": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/credits#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "Stefan Viehb\u00f6ck of SEC Consult.",
        "sources": [
          {
            "db": "BID",
            "id": "78047"
          }
        ],
        "trust": 0.3
      },
      "cve": "CVE-2015-6358",
      "cvss": {
        "@context": {
          "cvssV2": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
          },
          "cvssV3": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
          },
          "severity": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/cvss/severity#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/severity"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            },
            "@id": "https://www.variotdbs.pl/ref/sources"
          }
        },
        "data": [
          {
            "cvssV2": [
              {
                "accessComplexity": "MEDIUM",
                "accessVector": "NETWORK",
                "authentication": "NONE",
                "author": "nvd@nist.gov",
                "availabilityImpact": "NONE",
                "baseScore": 4.3,
                "confidentialityImpact": "PARTIAL",
                "exploitabilityScore": 8.6,
                "id": "CVE-2015-6358",
                "impactScore": 2.9,
                "integrityImpact": "NONE",
                "severity": "MEDIUM",
                "trust": 1.0,
                "vectorString": "AV:N/AC:M/Au:N/C:P/I:N/A:N",
                "version": "2.0"
              },
              {
                "acInsufInfo": null,
                "accessComplexity": "Low",
                "accessVector": "Network",
                "authentication": "None",
                "author": "NVD",
                "availabilityImpact": "None",
                "baseScore": 5.0,
                "confidentialityImpact": "Partial",
                "exploitabilityScore": null,
                "id": "CVE-2015-6358",
                "impactScore": null,
                "integrityImpact": "None",
                "obtainAllPrivilege": null,
                "obtainOtherPrivilege": null,
                "obtainUserPrivilege": null,
                "severity": "Medium",
                "trust": 0.8,
                "userInteractionRequired": null,
                "vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N",
                "version": "2.0"
              },
              {
                "accessComplexity": "LOW",
                "accessVector": "NETWORK",
                "authentication": "NONE",
                "author": "CNVD",
                "availabilityImpact": "NONE",
                "baseScore": 5.0,
                "confidentialityImpact": "PARTIAL",
                "exploitabilityScore": 10.0,
                "id": "CNVD-2015-07863",
                "impactScore": 2.9,
                "integrityImpact": "NONE",
                "severity": "MEDIUM",
                "trust": 0.6,
                "vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N",
                "version": "2.0"
              },
              {
                "accessComplexity": "MEDIUM",
                "accessVector": "NETWORK",
                "authentication": "NONE",
                "author": "VULHUB",
                "availabilityImpact": "NONE",
                "baseScore": 4.3,
                "confidentialityImpact": "PARTIAL",
                "exploitabilityScore": 8.6,
                "id": "VHN-84319",
                "impactScore": 2.9,
                "integrityImpact": "NONE",
                "severity": "MEDIUM",
                "trust": 0.1,
                "vectorString": "AV:N/AC:M/AU:N/C:P/I:N/A:N",
                "version": "2.0"
              }
            ],
            "cvssV3": [
              {
                "attackComplexity": "HIGH",
                "attackVector": "NETWORK",
                "author": "nvd@nist.gov",
                "availabilityImpact": "NONE",
                "baseScore": 5.9,
                "baseSeverity": "MEDIUM",
                "confidentialityImpact": "HIGH",
                "exploitabilityScore": 2.2,
                "id": "CVE-2015-6358",
                "impactScore": 3.6,
                "integrityImpact": "NONE",
                "privilegesRequired": "NONE",
                "scope": "UNCHANGED",
                "trust": 1.0,
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N",
                "version": "3.0"
              }
            ],
            "severity": [
              {
                "author": "nvd@nist.gov",
                "id": "CVE-2015-6358",
                "trust": 1.0,
                "value": "MEDIUM"
              },
              {
                "author": "NVD",
                "id": "CVE-2015-6358",
                "trust": 0.8,
                "value": "Medium"
              },
              {
                "author": "CNVD",
                "id": "CNVD-2015-07863",
                "trust": 0.6,
                "value": "MEDIUM"
              },
              {
                "author": "CNNVD",
                "id": "CNNVD-201511-426",
                "trust": 0.6,
                "value": "MEDIUM"
              },
              {
                "author": "VULHUB",
                "id": "VHN-84319",
                "trust": 0.1,
                "value": "MEDIUM"
              }
            ]
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2015-07863"
          },
          {
            "db": "VULHUB",
            "id": "VHN-84319"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2015-006907"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201511-426"
          },
          {
            "db": "NVD",
            "id": "CVE-2015-6358"
          }
        ]
      },
      "description": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/description#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "Multiple Cisco embedded devices use hardcoded X.509 certificates and SSH host keys embedded in the firmware, which allows remote attackers to defeat cryptographic protection mechanisms and conduct man-in-the-middle attacks by leveraging knowledge of these certificates and keys from another installation, aka Bug IDs CSCuw46610, CSCuw46620, CSCuw46637, CSCuw46654, CSCuw46665, CSCuw46672, CSCuw46677, CSCuw46682, CSCuw46705, CSCuw46716, CSCuw46979, CSCuw47005, CSCuw47028, CSCuw47040, CSCuw47048, CSCuw47061, CSCuw90860, CSCuw90869, CSCuw90875, CSCuw90881, CSCuw90899, and CSCuw90913. The encryption key is hard-coded (CWE-321) SEC Consult of Stefan Viehb\u0026#246;ck According to the survey, many embedded devices are not unique X.509 Certificate and SSH It is said that it is accessible from the Internet using a host key. A hard-coded key in a firmware image or a repository stored by scanning the Internet scans.io ( In particular SSH And the result of SSL Certificate ) A device that uses a certificate whose fingerprint matches the data of can be determined to be vulnerable. Affected devices include household routers and IP From the camera VoIP Wide range of products. CWE-321: Use of Hard-coded Cryptographic Key http://cwe.mitre.org/data/definitions/321.html scans.io https://scans.io/ SSH Result of https://scans.io/series/ssh-rsa-full-ipv4 SSL Certificate https://scans.io/study/sonar.ssl In many vulnerable devices, certificate and key reuse is limited to a limited product line by a specific developer, but there are several examples where multiple developers use the same certificate or key. Or exist. These are common SDK Firmware developed using, or ISP Provided by OEM The root cause is the use of device firmware. Vulnerable equipment is impersonation and intermediary (man-in-the-middle) There is a possibility of being attacked or deciphering the communication contents. Perhaps the attacker can obtain authentication information and other sensitive information and use it for further attacks. Survey results and certificates SSH For more information on systems affected by host key issues, see SEC Consult See the blog post. Certificate https://www.sec-consult.com/download/certificates.html SSH Host key https://www.sec-consult.com/download/ssh_host_keys.html SEC Consult http://blog.sec-consult.com/2015/11/house-of-keys-industry-wide-https.htmlA remote attacker impersonates a user or intermediary (man-in-the-middle) There is a possibility of being attacked or deciphering the communication contents. As a result, confidential information may be leaked. The Cisco RV320 Dual Gigabit WAN VPN is a router product from Cisco Systems, USA. Multiple Cisco Products are prone to an information-disclosure vulnerability. Successful exploits will lead to other attacks. \nThis issue is being tracked by Cisco Bug IDs CSCuw46610, CSCuw46620, CSCuw46637, CSCuw46654, CSCuw46665, CSCuw46672, CSCuw46677, CSCuw46682, CSCuw46705, CSCuw46716, CSCuw46979, CSCuw47005, CSCuw47028, CSCuw47040, CSCuw47048, CSCuw47061, CSCuw90860, CSCuw90869, CSCuw90875, CSCuw90881, CSCuw90899, and CSCuw90913. The flaw stems from the fact that the program does not generate unique keys and certificates",
        "sources": [
          {
            "db": "NVD",
            "id": "CVE-2015-6358"
          },
          {
            "db": "CERT/CC",
            "id": "VU#566724"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2015-006907"
          },
          {
            "db": "CNVD",
            "id": "CNVD-2015-07863"
          },
          {
            "db": "BID",
            "id": "78047"
          },
          {
            "db": "VULHUB",
            "id": "VHN-84319"
          }
        ],
        "trust": 3.24
      },
      "external_ids": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/external_ids#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "db": "CERT/CC",
            "id": "VU#566724",
            "trust": 3.6
          },
          {
            "db": "NVD",
            "id": "CVE-2015-6358",
            "trust": 3.4
          },
          {
            "db": "BID",
            "id": "78047",
            "trust": 2.0
          },
          {
            "db": "SECTRACK",
            "id": "1034257",
            "trust": 1.7
          },
          {
            "db": "SECTRACK",
            "id": "1034255",
            "trust": 1.7
          },
          {
            "db": "SECTRACK",
            "id": "1034258",
            "trust": 1.7
          },
          {
            "db": "SECTRACK",
            "id": "1034256",
            "trust": 1.7
          },
          {
            "db": "JVN",
            "id": "JVNVU96100360",
            "trust": 0.8
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2015-006907",
            "trust": 0.8
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201511-426",
            "trust": 0.7
          },
          {
            "db": "CNVD",
            "id": "CNVD-2015-07863",
            "trust": 0.6
          },
          {
            "db": "VULHUB",
            "id": "VHN-84319",
            "trust": 0.1
          }
        ],
        "sources": [
          {
            "db": "CERT/CC",
            "id": "VU#566724"
          },
          {
            "db": "CNVD",
            "id": "CNVD-2015-07863"
          },
          {
            "db": "VULHUB",
            "id": "VHN-84319"
          },
          {
            "db": "BID",
            "id": "78047"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2015-006907"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201511-426"
          },
          {
            "db": "NVD",
            "id": "CVE-2015-6358"
          }
        ]
      },
      "id": "VAR-201710-0035",
      "iot": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/iot#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": true,
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2015-07863"
          },
          {
            "db": "VULHUB",
            "id": "VHN-84319"
          }
        ],
        "trust": 1.365750996923077
      },
      "iot_taxonomy": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "category": [
              "Network device"
            ],
            "sub_category": null,
            "trust": 0.6
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2015-07863"
          }
        ]
      },
      "last_update_date": "2025-04-20T23:21:26.541000Z",
      "patch": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/patch#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "title": "Zyxel to Fix SSH Private Key and Certificate Vulnerability (CVE-2015-7256)",
            "trust": 0.8,
            "url": "http://www.zyxel.com/support/announcement_SSH_private_key_and_certificate_vulnerability.shtml"
          },
          {
            "title": "Patches for multiple Cisco product information disclosure vulnerabilities",
            "trust": 0.6,
            "url": "https://www.cnvd.org.cn/patchInfo/show/67387"
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2015-07863"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2015-006907"
          }
        ]
      },
      "problemtype_data": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "problemtype": "CWE-295",
            "trust": 1.1
          }
        ],
        "sources": [
          {
            "db": "VULHUB",
            "id": "VHN-84319"
          },
          {
            "db": "NVD",
            "id": "CVE-2015-6358"
          }
        ]
      },
      "references": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/references#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "trust": 2.8,
            "url": "http://www.kb.cert.org/vuls/id/566724"
          },
          {
            "trust": 2.6,
            "url": "http://tools.cisco.com/security/center/content/ciscosecurityadvisory/cisco-sa-20151125-ci"
          },
          {
            "trust": 1.7,
            "url": "http://www.securityfocus.com/bid/78047"
          },
          {
            "trust": 1.7,
            "url": "http://www.securitytracker.com/id/1034255"
          },
          {
            "trust": 1.7,
            "url": "http://www.securitytracker.com/id/1034256"
          },
          {
            "trust": 1.7,
            "url": "http://www.securitytracker.com/id/1034257"
          },
          {
            "trust": 1.7,
            "url": "http://www.securitytracker.com/id/1034258"
          },
          {
            "trust": 1.6,
            "url": "http://blog.sec-consult.com/2015/11/house-of-keys-industry-wide-https.html"
          },
          {
            "trust": 0.8,
            "url": "http://blog.sec-consult.com/2016/09/house-of-keys-9-months-later-40-worse.html"
          },
          {
            "trust": 0.8,
            "url": "https://www.sec-consult.com/download/certificates.html"
          },
          {
            "trust": 0.8,
            "url": "https://www.sec-consult.com/download/ssh_host_keys.html"
          },
          {
            "trust": 0.8,
            "url": "https://scans.io/"
          },
          {
            "trust": 0.8,
            "url": "https://scans.io/series/ssh-rsa-full-ipv4"
          },
          {
            "trust": 0.8,
            "url": "https://scans.io/study/sonar.ssl"
          },
          {
            "trust": 0.8,
            "url": "https://censys.io"
          },
          {
            "trust": 0.8,
            "url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2015-6358"
          },
          {
            "trust": 0.8,
            "url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2015-7255"
          },
          {
            "trust": 0.8,
            "url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2015-7256"
          },
          {
            "trust": 0.8,
            "url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2015-7276"
          },
          {
            "trust": 0.8,
            "url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2015-8251"
          },
          {
            "trust": 0.8,
            "url": "http://jvn.jp/vu/jvnvu96100360/index.html"
          },
          {
            "trust": 0.8,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2015-7256"
          },
          {
            "trust": 0.8,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2015-6358"
          },
          {
            "trust": 0.8,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2015-7255"
          },
          {
            "trust": 0.8,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2015-7276"
          },
          {
            "trust": 0.8,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2015-8251"
          },
          {
            "trust": 0.3,
            "url": "http://www.cisco.com/"
          },
          {
            "trust": 0.3,
            "url": "http://www.kb.cert.org/vuls/id/bluu-a2nqxj"
          }
        ],
        "sources": [
          {
            "db": "CERT/CC",
            "id": "VU#566724"
          },
          {
            "db": "CNVD",
            "id": "CNVD-2015-07863"
          },
          {
            "db": "VULHUB",
            "id": "VHN-84319"
          },
          {
            "db": "BID",
            "id": "78047"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2015-006907"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201511-426"
          },
          {
            "db": "NVD",
            "id": "CVE-2015-6358"
          }
        ]
      },
      "sources": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "db": "CERT/CC",
            "id": "VU#566724"
          },
          {
            "db": "CNVD",
            "id": "CNVD-2015-07863"
          },
          {
            "db": "VULHUB",
            "id": "VHN-84319"
          },
          {
            "db": "BID",
            "id": "78047"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2015-006907"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201511-426"
          },
          {
            "db": "NVD",
            "id": "CVE-2015-6358"
          }
        ]
      },
      "sources_release_date": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "date": "2015-11-25T00:00:00",
            "db": "CERT/CC",
            "id": "VU#566724"
          },
          {
            "date": "2015-12-01T00:00:00",
            "db": "CNVD",
            "id": "CNVD-2015-07863"
          },
          {
            "date": "2017-10-12T00:00:00",
            "db": "VULHUB",
            "id": "VHN-84319"
          },
          {
            "date": "2015-11-25T00:00:00",
            "db": "BID",
            "id": "78047"
          },
          {
            "date": "2016-02-29T00:00:00",
            "db": "JVNDB",
            "id": "JVNDB-2015-006907"
          },
          {
            "date": "2015-11-26T00:00:00",
            "db": "CNNVD",
            "id": "CNNVD-201511-426"
          },
          {
            "date": "2017-10-12T15:29:00.217000",
            "db": "NVD",
            "id": "CVE-2015-6358"
          }
        ]
      },
      "sources_update_date": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "date": "2016-09-06T00:00:00",
            "db": "CERT/CC",
            "id": "VU#566724"
          },
          {
            "date": "2015-12-01T00:00:00",
            "db": "CNVD",
            "id": "CNVD-2015-07863"
          },
          {
            "date": "2017-11-03T00:00:00",
            "db": "VULHUB",
            "id": "VHN-84319"
          },
          {
            "date": "2015-11-25T00:00:00",
            "db": "BID",
            "id": "78047"
          },
          {
            "date": "2018-02-28T00:00:00",
            "db": "JVNDB",
            "id": "JVNDB-2015-006907"
          },
          {
            "date": "2017-10-13T00:00:00",
            "db": "CNNVD",
            "id": "CNNVD-201511-426"
          },
          {
            "date": "2025-04-20T01:37:25.860000",
            "db": "NVD",
            "id": "CVE-2015-6358"
          }
        ]
      },
      "threat_type": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/threat_type#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "remote",
        "sources": [
          {
            "db": "CNNVD",
            "id": "CNNVD-201511-426"
          }
        ],
        "trust": 0.6
      },
      "title": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/title#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "Embedded devices use non-unique X.509 certificates and SSH host keys",
        "sources": [
          {
            "db": "CERT/CC",
            "id": "VU#566724"
          }
        ],
        "trust": 0.8
      },
      "type": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/type#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "lack of information",
        "sources": [
          {
            "db": "CNNVD",
            "id": "CNNVD-201511-426"
          }
        ],
        "trust": 0.6
      }
    }

    VAR-201709-0027

    Vulnerability from variot - Updated: 2025-04-20 23:21

    ZyXEL NWA1100-N, NWA1100-NH, NWA1121-NI, NWA1123-AC, and NWA1123-NI access points; P-660HN-51, P-663HN-51, VMG1312-B10A, VMG1312-B30A, VMG1312-B30B, VMG4380-B10A, VMG8324-B10A, VMG8924-B10A, VMG8924-B30A, and VSG1435-B101 DSL CPEs; PMG5318-B20A GPONs; SBG3300-N000, SBG3300-NB00, and SBG3500-N000 small business gateways; GS1900-8 and GS1900-24 switches; and C1000Z, Q1000, FR1000Z, and P8702N project models use non-unique X.509 certificates and SSH host keys. Many embedded devices are not unique X.509 Certificate and SSH Spoofing and intermediary because host key is used (man-in-the-middle) There is a possibility of being attacked and attacks such as decryption of communication contents. The encryption key is hard-coded (CWE-321) SEC Consult of Stefan Viehböck According to the survey, many embedded devices are not unique X.509 Certificate and SSH It is said that it is accessible from the Internet using a host key. A hard-coded key in a firmware image or a repository stored by scanning the Internet scans.io ( In particular SSH And the result of SSL Certificate ) A device that uses a certificate whose fingerprint matches the data of can be determined to be vulnerable. Affected devices include household routers and IP From the camera VoIP Wide range of products. CWE-321: Use of Hard-coded Cryptographic Key http://cwe.mitre.org/data/definitions/321.html scans.io https://scans.io/ SSH Result of https://scans.io/series/ssh-rsa-full-ipv4 SSL Certificate https://scans.io/study/sonar.ssl In many vulnerable devices, certificate and key reuse is limited to a limited product line by a specific developer, but there are several examples where multiple developers use the same certificate or key. Or exist. These are common SDK Firmware developed using, or ISP Provided by OEM The root cause is the use of device firmware. Vulnerable equipment is impersonation and intermediary (man-in-the-middle) There is a possibility of being attacked or deciphering the communication contents. Perhaps the attacker can obtain authentication information and other sensitive information and use it for further attacks. Survey results and certificates SSH For more information on systems affected by host key issues, see SEC Consult See the blog post. Certificate https://www.sec-consult.com/download/certificates.html SSH Host key https://www.sec-consult.com/download/ssh_host_keys.html SEC Consult http://blog.sec-consult.com/2015/11/house-of-keys-industry-wide-https.htmlA remote attacker impersonates a user or intermediary (man-in-the-middle) There is a possibility of being attacked or deciphering the communication contents. As a result, confidential information may be leaked. ZyXEL Access Point NWA1100-N is a wireless network receiving device from ZyXEL Technology. Multiple ZyXEL Products are prone to an information-disclosure vulnerability. Successful exploits will lead to other attacks

    Show details on source website

    {
      "@context": {
        "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
        "affected_products": {
          "@id": "https://www.variotdbs.pl/ref/affected_products"
        },
        "configurations": {
          "@id": "https://www.variotdbs.pl/ref/configurations"
        },
        "credits": {
          "@id": "https://www.variotdbs.pl/ref/credits"
        },
        "cvss": {
          "@id": "https://www.variotdbs.pl/ref/cvss/"
        },
        "description": {
          "@id": "https://www.variotdbs.pl/ref/description/"
        },
        "exploit_availability": {
          "@id": "https://www.variotdbs.pl/ref/exploit_availability/"
        },
        "external_ids": {
          "@id": "https://www.variotdbs.pl/ref/external_ids/"
        },
        "iot": {
          "@id": "https://www.variotdbs.pl/ref/iot/"
        },
        "iot_taxonomy": {
          "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
        },
        "patch": {
          "@id": "https://www.variotdbs.pl/ref/patch/"
        },
        "problemtype_data": {
          "@id": "https://www.variotdbs.pl/ref/problemtype_data/"
        },
        "references": {
          "@id": "https://www.variotdbs.pl/ref/references/"
        },
        "sources": {
          "@id": "https://www.variotdbs.pl/ref/sources/"
        },
        "sources_release_date": {
          "@id": "https://www.variotdbs.pl/ref/sources_release_date/"
        },
        "sources_update_date": {
          "@id": "https://www.variotdbs.pl/ref/sources_update_date/"
        },
        "threat_type": {
          "@id": "https://www.variotdbs.pl/ref/threat_type/"
        },
        "title": {
          "@id": "https://www.variotdbs.pl/ref/title/"
        },
        "type": {
          "@id": "https://www.variotdbs.pl/ref/type/"
        }
      },
      "@id": "https://www.variotdbs.pl/vuln/VAR-201709-0027",
      "affected_products": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/affected_products#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            },
            "@id": "https://www.variotdbs.pl/ref/sources"
          }
        },
        "data": [
          {
            "model": "gs1900-8",
            "scope": "eq",
            "trust": 1.6,
            "vendor": "zyxel",
            "version": null
          },
          {
            "model": "gs1900-24",
            "scope": "eq",
            "trust": 1.6,
            "vendor": "zyxel",
            "version": null
          },
          {
            "model": "sbg3500-n000",
            "scope": "eq",
            "trust": 1.6,
            "vendor": "zyxel",
            "version": null
          },
          {
            "model": "p8702n",
            "scope": "eq",
            "trust": 1.6,
            "vendor": "zyxel",
            "version": null
          },
          {
            "model": "pmg5318-b20a",
            "scope": "eq",
            "trust": 1.6,
            "vendor": "zyxel",
            "version": null
          },
          {
            "model": "c1000z",
            "scope": "eq",
            "trust": 1.6,
            "vendor": "zyxel",
            "version": null
          },
          {
            "model": "q1000",
            "scope": "eq",
            "trust": 1.6,
            "vendor": "zyxel",
            "version": null
          },
          {
            "model": "sbg3300-nb00",
            "scope": "eq",
            "trust": 1.6,
            "vendor": "zyxel",
            "version": null
          },
          {
            "model": "fr1000z",
            "scope": "eq",
            "trust": 1.6,
            "vendor": "zyxel",
            "version": null
          },
          {
            "model": "sbg3300-n000",
            "scope": "eq",
            "trust": 1.6,
            "vendor": "zyxel",
            "version": null
          },
          {
            "model": "vmg4380-b10a",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "zyxel",
            "version": null
          },
          {
            "model": "nwa1123-ac",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "zyxel",
            "version": null
          },
          {
            "model": "vmg1312-b30b",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "zyxel",
            "version": null
          },
          {
            "model": "vsg1435-b101",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "zyxel",
            "version": null
          },
          {
            "model": "nwa1123-ni",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "zyxel",
            "version": null
          },
          {
            "model": "vmg1312-b30a",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "zyxel",
            "version": null
          },
          {
            "model": "nwa1121-ni",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "zyxel",
            "version": null
          },
          {
            "model": "vmg8924-b30a",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "zyxel",
            "version": null
          },
          {
            "model": "vmg1312-b10a",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "zyxel",
            "version": null
          },
          {
            "model": "nwa1100-nh",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "zyxel",
            "version": null
          },
          {
            "model": "nwa1100-n",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "zyxel",
            "version": null
          },
          {
            "model": "vmg8924-b10a",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "zyxel",
            "version": null
          },
          {
            "model": "p-660hn-51",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "zyxel",
            "version": null
          },
          {
            "model": "p-663hn-51",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "zyxel",
            "version": null
          },
          {
            "model": "vmg8324-b10a",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "zyxel",
            "version": null
          },
          {
            "model": "access point nwa1100-n",
            "scope": null,
            "trust": 0.9,
            "vendor": "zyxel",
            "version": null
          },
          {
            "model": "access point nwa1100-nh",
            "scope": null,
            "trust": 0.9,
            "vendor": "zyxel",
            "version": null
          },
          {
            "model": "access point nwa1123-ac",
            "scope": null,
            "trust": 0.9,
            "vendor": "zyxel",
            "version": null
          },
          {
            "model": "access point nwa1121-ni",
            "scope": null,
            "trust": 0.9,
            "vendor": "zyxel",
            "version": null
          },
          {
            "model": "dsl cpe p-660hn-51",
            "scope": null,
            "trust": 0.9,
            "vendor": "zyxel",
            "version": null
          },
          {
            "model": "dsl cpe p-663hn-51",
            "scope": null,
            "trust": 0.9,
            "vendor": "zyxel",
            "version": null
          },
          {
            "model": "dsl cpe vmg1312-b10a",
            "scope": null,
            "trust": 0.9,
            "vendor": "zyxel",
            "version": null
          },
          {
            "model": "dsl cpe vmg1312-b30a",
            "scope": null,
            "trust": 0.9,
            "vendor": "zyxel",
            "version": null
          },
          {
            "model": "dsl cpe vmg1312-b30b",
            "scope": null,
            "trust": 0.9,
            "vendor": "zyxel",
            "version": null
          },
          {
            "model": "dsl cpe vmg4380-b10a",
            "scope": null,
            "trust": 0.9,
            "vendor": "zyxel",
            "version": null
          },
          {
            "model": "dsl cpe vmg8324-b10a",
            "scope": null,
            "trust": 0.9,
            "vendor": "zyxel",
            "version": null
          },
          {
            "model": "dsl cpe vmg8924-b10a",
            "scope": null,
            "trust": 0.9,
            "vendor": "zyxel",
            "version": null
          },
          {
            "model": "dsl cpe vmg8924-b30a",
            "scope": null,
            "trust": 0.9,
            "vendor": "zyxel",
            "version": null
          },
          {
            "model": "dsl cpe vsg1435-b101",
            "scope": null,
            "trust": 0.9,
            "vendor": "zyxel",
            "version": null
          },
          {
            "model": "gpon pmg1006-b20a",
            "scope": null,
            "trust": 0.9,
            "vendor": "zyxel",
            "version": null
          },
          {
            "model": "gpon pmg5318-b20a",
            "scope": null,
            "trust": 0.9,
            "vendor": "zyxel",
            "version": null
          },
          {
            "model": "small business gateway sbg3300-n000",
            "scope": null,
            "trust": 0.9,
            "vendor": "zyxel",
            "version": null
          },
          {
            "model": "small business gateway sbg3300-nb00",
            "scope": null,
            "trust": 0.9,
            "vendor": "zyxel",
            "version": null
          },
          {
            "model": "small business gateway sbg3500-n000",
            "scope": null,
            "trust": 0.9,
            "vendor": "zyxel",
            "version": null
          },
          {
            "model": "switch gs1900-8",
            "scope": null,
            "trust": 0.9,
            "vendor": "zyxel",
            "version": null
          },
          {
            "model": "switch gs1900-24",
            "scope": null,
            "trust": 0.9,
            "vendor": "zyxel",
            "version": null
          },
          {
            "model": "wimax max208m2w",
            "scope": null,
            "trust": 0.9,
            "vendor": "zyxel",
            "version": null
          },
          {
            "model": "wimax max218m2w",
            "scope": null,
            "trust": 0.9,
            "vendor": "zyxel",
            "version": null
          },
          {
            "model": "wimax max218mw",
            "scope": null,
            "trust": 0.9,
            "vendor": "zyxel",
            "version": null
          },
          {
            "model": "wimax max308m",
            "scope": null,
            "trust": 0.9,
            "vendor": "zyxel",
            "version": null
          },
          {
            "model": "project model c1000z",
            "scope": null,
            "trust": 0.9,
            "vendor": "zyxel",
            "version": null
          },
          {
            "model": "project model q1000",
            "scope": null,
            "trust": 0.9,
            "vendor": "zyxel",
            "version": null
          },
          {
            "model": "project model fr1000z",
            "scope": null,
            "trust": 0.9,
            "vendor": "zyxel",
            "version": null
          },
          {
            "model": "project model p8702n",
            "scope": null,
            "trust": 0.9,
            "vendor": "zyxel",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "actiontec",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "cisco",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "d link",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "general electric",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "huawei",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "netcomm",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "sierra",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "technicolor",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "ubiquiti",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "unify",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "zte",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "zyxel",
            "version": null
          },
          {
            "model": "c1000z",
            "scope": null,
            "trust": 0.8,
            "vendor": "zyxel",
            "version": null
          },
          {
            "model": "fr1000z",
            "scope": null,
            "trust": 0.8,
            "vendor": "zyxel",
            "version": null
          },
          {
            "model": "gs1900-24",
            "scope": null,
            "trust": 0.8,
            "vendor": "zyxel",
            "version": null
          },
          {
            "model": "gs1900-8",
            "scope": null,
            "trust": 0.8,
            "vendor": "zyxel",
            "version": null
          },
          {
            "model": "nwa1100-n",
            "scope": null,
            "trust": 0.8,
            "vendor": "zyxel",
            "version": null
          },
          {
            "model": "nwa1100-nh",
            "scope": null,
            "trust": 0.8,
            "vendor": "zyxel",
            "version": null
          },
          {
            "model": "nwa1121-ni",
            "scope": null,
            "trust": 0.8,
            "vendor": "zyxel",
            "version": null
          },
          {
            "model": "nwa1123-ac",
            "scope": null,
            "trust": 0.8,
            "vendor": "zyxel",
            "version": null
          },
          {
            "model": "nwa1123-ni",
            "scope": null,
            "trust": 0.8,
            "vendor": "zyxel",
            "version": null
          },
          {
            "model": "p-660hn-51",
            "scope": null,
            "trust": 0.8,
            "vendor": "zyxel",
            "version": null
          },
          {
            "model": "p-663hn-51",
            "scope": null,
            "trust": 0.8,
            "vendor": "zyxel",
            "version": null
          },
          {
            "model": "p8702n",
            "scope": null,
            "trust": 0.8,
            "vendor": "zyxel",
            "version": null
          },
          {
            "model": "pmg5318-b20a",
            "scope": null,
            "trust": 0.8,
            "vendor": "zyxel",
            "version": null
          },
          {
            "model": "q1000",
            "scope": null,
            "trust": 0.8,
            "vendor": "zyxel",
            "version": null
          },
          {
            "model": "sbg3300-n000",
            "scope": null,
            "trust": 0.8,
            "vendor": "zyxel",
            "version": null
          },
          {
            "model": "sbg3300-nb00",
            "scope": null,
            "trust": 0.8,
            "vendor": "zyxel",
            "version": null
          },
          {
            "model": "sbg3500-n000",
            "scope": null,
            "trust": 0.8,
            "vendor": "zyxel",
            "version": null
          },
          {
            "model": "vmg1312-b10a",
            "scope": null,
            "trust": 0.8,
            "vendor": "zyxel",
            "version": null
          },
          {
            "model": "vmg1312-b30a",
            "scope": null,
            "trust": 0.8,
            "vendor": "zyxel",
            "version": null
          },
          {
            "model": "vmg1312-b30b",
            "scope": null,
            "trust": 0.8,
            "vendor": "zyxel",
            "version": null
          },
          {
            "model": "vmg4380-b10a",
            "scope": null,
            "trust": 0.8,
            "vendor": "zyxel",
            "version": null
          },
          {
            "model": "vmg8324-b10a",
            "scope": null,
            "trust": 0.8,
            "vendor": "zyxel",
            "version": null
          },
          {
            "model": "vmg8924-b10a",
            "scope": null,
            "trust": 0.8,
            "vendor": "zyxel",
            "version": null
          },
          {
            "model": "vmg8924-b30a",
            "scope": null,
            "trust": 0.8,
            "vendor": "zyxel",
            "version": null
          },
          {
            "model": "vsg1435-b101",
            "scope": null,
            "trust": 0.8,
            "vendor": "zyxel",
            "version": null
          },
          {
            "model": "",
            "scope": null,
            "trust": 0.8,
            "vendor": "multiple vendors",
            "version": null
          }
        ],
        "sources": [
          {
            "db": "CERT/CC",
            "id": "VU#566724"
          },
          {
            "db": "CNVD",
            "id": "CNVD-2015-08082"
          },
          {
            "db": "BID",
            "id": "78214"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2015-006907"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201512-204"
          },
          {
            "db": "NVD",
            "id": "CVE-2015-7256"
          }
        ]
      },
      "configurations": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/configurations#",
          "children": {
            "@container": "@list"
          },
          "cpe_match": {
            "@container": "@list"
          },
          "data": {
            "@container": "@list"
          },
          "nodes": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "CVE_data_version": "4.0",
            "nodes": [
              {
                "cpe_match": [
                  {
                    "cpe22Uri": "cpe:/o:zyxel:c1000z_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:zyxel:fr1000z_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:zyxel:gs1900-24_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:zyxel:gs1900-8_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:zyxel:nwa1100-n_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:zyxel:nwa1100-nh_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:zyxel:nwa1121-ni_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:zyxel:nwa1123-ac_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:zyxel:nwa1123-ni_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:zyxel:p-660hn-51_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:zyxel:p-663hn-51_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:zyxel:p8702n_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:zyxel:pmg5318-b20a_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:zyxel:q1000_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:zyxel:sbg3300-n000_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:zyxel:sbg3300-nb00_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:zyxel:sbg3500-n000_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:zyxel:vmg1312-b10a_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:zyxel:vmg1312-b30a_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:zyxel:vmg1312-b30b_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:zyxel:vmg4380-b10a_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:zyxel:vmg8324-b10a_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:zyxel:vmg8924-b10a_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:zyxel:vmg8924-b30a_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:zyxel:vsg1435-b101_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/a:misc:multiple_vendors",
                    "vulnerable": true
                  }
                ],
                "operator": "OR"
              }
            ]
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2015-006907"
          }
        ]
      },
      "credits": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/credits#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "Stefan Viehb?ck of SEC Consult.",
        "sources": [
          {
            "db": "CNNVD",
            "id": "CNNVD-201512-204"
          }
        ],
        "trust": 0.6
      },
      "cve": "CVE-2015-7256",
      "cvss": {
        "@context": {
          "cvssV2": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
          },
          "cvssV3": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
          },
          "severity": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/cvss/severity#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/severity"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            },
            "@id": "https://www.variotdbs.pl/ref/sources"
          }
        },
        "data": [
          {
            "cvssV2": [
              {
                "accessComplexity": "MEDIUM",
                "accessVector": "NETWORK",
                "authentication": "NONE",
                "author": "nvd@nist.gov",
                "availabilityImpact": "NONE",
                "baseScore": 4.3,
                "confidentialityImpact": "PARTIAL",
                "exploitabilityScore": 8.6,
                "id": "CVE-2015-7256",
                "impactScore": 2.9,
                "integrityImpact": "NONE",
                "severity": "MEDIUM",
                "trust": 1.0,
                "vectorString": "AV:N/AC:M/Au:N/C:P/I:N/A:N",
                "version": "2.0"
              },
              {
                "acInsufInfo": null,
                "accessComplexity": "Low",
                "accessVector": "Network",
                "authentication": "None",
                "author": "NVD",
                "availabilityImpact": "None",
                "baseScore": 5.0,
                "confidentialityImpact": "Partial",
                "exploitabilityScore": null,
                "id": "CVE-2015-7256",
                "impactScore": null,
                "integrityImpact": "None",
                "obtainAllPrivilege": null,
                "obtainOtherPrivilege": null,
                "obtainUserPrivilege": null,
                "severity": "Medium",
                "trust": 0.8,
                "userInteractionRequired": null,
                "vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N",
                "version": "2.0"
              },
              {
                "accessComplexity": "LOW",
                "accessVector": "NETWORK",
                "authentication": "NONE",
                "author": "CNVD",
                "availabilityImpact": "NONE",
                "baseScore": 5.0,
                "confidentialityImpact": "PARTIAL",
                "exploitabilityScore": 10.0,
                "id": "CNVD-2015-08082",
                "impactScore": 2.9,
                "integrityImpact": "NONE",
                "severity": "MEDIUM",
                "trust": 0.6,
                "vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N",
                "version": "2.0"
              },
              {
                "accessComplexity": "MEDIUM",
                "accessVector": "NETWORK",
                "authentication": "NONE",
                "author": "VULHUB",
                "availabilityImpact": "NONE",
                "baseScore": 4.3,
                "confidentialityImpact": "PARTIAL",
                "exploitabilityScore": 8.6,
                "id": "VHN-85217",
                "impactScore": 2.9,
                "integrityImpact": "NONE",
                "severity": "MEDIUM",
                "trust": 0.1,
                "vectorString": "AV:N/AC:M/AU:N/C:P/I:N/A:N",
                "version": "2.0"
              }
            ],
            "cvssV3": [
              {
                "attackComplexity": "HIGH",
                "attackVector": "NETWORK",
                "author": "nvd@nist.gov",
                "availabilityImpact": "NONE",
                "baseScore": 5.9,
                "baseSeverity": "MEDIUM",
                "confidentialityImpact": "HIGH",
                "exploitabilityScore": 2.2,
                "id": "CVE-2015-7256",
                "impactScore": 3.6,
                "integrityImpact": "NONE",
                "privilegesRequired": "NONE",
                "scope": "UNCHANGED",
                "trust": 1.0,
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N",
                "version": "3.0"
              }
            ],
            "severity": [
              {
                "author": "nvd@nist.gov",
                "id": "CVE-2015-7256",
                "trust": 1.0,
                "value": "MEDIUM"
              },
              {
                "author": "NVD",
                "id": "CVE-2015-7256",
                "trust": 0.8,
                "value": "Medium"
              },
              {
                "author": "CNVD",
                "id": "CNVD-2015-08082",
                "trust": 0.6,
                "value": "MEDIUM"
              },
              {
                "author": "CNNVD",
                "id": "CNNVD-201512-204",
                "trust": 0.6,
                "value": "MEDIUM"
              },
              {
                "author": "VULHUB",
                "id": "VHN-85217",
                "trust": 0.1,
                "value": "MEDIUM"
              }
            ]
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2015-08082"
          },
          {
            "db": "VULHUB",
            "id": "VHN-85217"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2015-006907"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201512-204"
          },
          {
            "db": "NVD",
            "id": "CVE-2015-7256"
          }
        ]
      },
      "description": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/description#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "ZyXEL NWA1100-N, NWA1100-NH, NWA1121-NI, NWA1123-AC, and NWA1123-NI access points; P-660HN-51, P-663HN-51, VMG1312-B10A, VMG1312-B30A, VMG1312-B30B, VMG4380-B10A, VMG8324-B10A, VMG8924-B10A, VMG8924-B30A, and VSG1435-B101 DSL CPEs; PMG5318-B20A GPONs; SBG3300-N000, SBG3300-NB00, and SBG3500-N000 small business gateways; GS1900-8 and GS1900-24 switches; and C1000Z, Q1000, FR1000Z, and P8702N project models use non-unique X.509 certificates and SSH host keys. Many embedded devices are not unique X.509 Certificate and SSH Spoofing and intermediary because host key is used (man-in-the-middle) There is a possibility of being attacked and attacks such as decryption of communication contents. The encryption key is hard-coded (CWE-321) SEC Consult of Stefan Viehb\u0026#246;ck According to the survey, many embedded devices are not unique X.509 Certificate and SSH It is said that it is accessible from the Internet using a host key. A hard-coded key in a firmware image or a repository stored by scanning the Internet scans.io ( In particular SSH And the result of SSL Certificate ) A device that uses a certificate whose fingerprint matches the data of can be determined to be vulnerable. Affected devices include household routers and IP From the camera VoIP Wide range of products. CWE-321: Use of Hard-coded Cryptographic Key http://cwe.mitre.org/data/definitions/321.html scans.io https://scans.io/ SSH Result of https://scans.io/series/ssh-rsa-full-ipv4 SSL Certificate https://scans.io/study/sonar.ssl In many vulnerable devices, certificate and key reuse is limited to a limited product line by a specific developer, but there are several examples where multiple developers use the same certificate or key. Or exist. These are common SDK Firmware developed using, or ISP Provided by OEM The root cause is the use of device firmware. Vulnerable equipment is impersonation and intermediary (man-in-the-middle) There is a possibility of being attacked or deciphering the communication contents. Perhaps the attacker can obtain authentication information and other sensitive information and use it for further attacks. Survey results and certificates SSH For more information on systems affected by host key issues, see SEC Consult See the blog post. Certificate https://www.sec-consult.com/download/certificates.html SSH Host key https://www.sec-consult.com/download/ssh_host_keys.html SEC Consult http://blog.sec-consult.com/2015/11/house-of-keys-industry-wide-https.htmlA remote attacker impersonates a user or intermediary (man-in-the-middle) There is a possibility of being attacked or deciphering the communication contents. As a result, confidential information may be leaked. ZyXEL Access Point NWA1100-N is a wireless network receiving device from ZyXEL Technology. Multiple ZyXEL Products are prone to an information-disclosure vulnerability. Successful exploits will lead to other attacks",
        "sources": [
          {
            "db": "NVD",
            "id": "CVE-2015-7256"
          },
          {
            "db": "CERT/CC",
            "id": "VU#566724"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2015-006907"
          },
          {
            "db": "CNVD",
            "id": "CNVD-2015-08082"
          },
          {
            "db": "BID",
            "id": "78214"
          },
          {
            "db": "VULHUB",
            "id": "VHN-85217"
          }
        ],
        "trust": 3.24
      },
      "external_ids": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/external_ids#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "db": "CERT/CC",
            "id": "VU#566724",
            "trust": 3.6
          },
          {
            "db": "NVD",
            "id": "CVE-2015-7256",
            "trust": 3.4
          },
          {
            "db": "BID",
            "id": "78214",
            "trust": 1.6
          },
          {
            "db": "JVN",
            "id": "JVNVU96100360",
            "trust": 0.8
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2015-006907",
            "trust": 0.8
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201512-204",
            "trust": 0.7
          },
          {
            "db": "CNVD",
            "id": "CNVD-2015-08082",
            "trust": 0.6
          },
          {
            "db": "VULHUB",
            "id": "VHN-85217",
            "trust": 0.1
          }
        ],
        "sources": [
          {
            "db": "CERT/CC",
            "id": "VU#566724"
          },
          {
            "db": "CNVD",
            "id": "CNVD-2015-08082"
          },
          {
            "db": "VULHUB",
            "id": "VHN-85217"
          },
          {
            "db": "BID",
            "id": "78214"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2015-006907"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201512-204"
          },
          {
            "db": "NVD",
            "id": "CVE-2015-7256"
          }
        ]
      },
      "id": "VAR-201709-0027",
      "iot": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/iot#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": true,
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2015-08082"
          },
          {
            "db": "VULHUB",
            "id": "VHN-85217"
          }
        ],
        "trust": 1.4433235866666667
      },
      "iot_taxonomy": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "category": [
              "Network device"
            ],
            "sub_category": null,
            "trust": 0.6
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2015-08082"
          }
        ]
      },
      "last_update_date": "2025-04-20T23:21:26.498000Z",
      "patch": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/patch#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "title": "Zyxel to Fix SSH Private Key and Certificate Vulnerability (CVE-2015-7256)",
            "trust": 0.8,
            "url": "http://www.zyxel.com/support/announcement_SSH_private_key_and_certificate_vulnerability.shtml"
          },
          {
            "title": "Patches for multiple ZyXEL product information disclosure vulnerabilities",
            "trust": 0.6,
            "url": "https://www.cnvd.org.cn/patchInfo/show/68153"
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2015-08082"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2015-006907"
          }
        ]
      },
      "problemtype_data": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "problemtype": "CWE-310",
            "trust": 1.1
          }
        ],
        "sources": [
          {
            "db": "VULHUB",
            "id": "VHN-85217"
          },
          {
            "db": "NVD",
            "id": "CVE-2015-7256"
          }
        ]
      },
      "references": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/references#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "trust": 2.8,
            "url": "http://www.kb.cert.org/vuls/id/566724"
          },
          {
            "trust": 2.0,
            "url": "http://www.zyxel.com/support/announcement_ssh_private_key_and_certificate_vulnerability.shtml"
          },
          {
            "trust": 1.6,
            "url": "http://blog.sec-consult.com/2015/11/house-of-keys-industry-wide-https.html"
          },
          {
            "trust": 1.2,
            "url": "http://www.securityfocus.com/bid/78214"
          },
          {
            "trust": 0.8,
            "url": "http://blog.sec-consult.com/2016/09/house-of-keys-9-months-later-40-worse.html"
          },
          {
            "trust": 0.8,
            "url": "https://www.sec-consult.com/download/certificates.html"
          },
          {
            "trust": 0.8,
            "url": "https://www.sec-consult.com/download/ssh_host_keys.html"
          },
          {
            "trust": 0.8,
            "url": "https://scans.io/"
          },
          {
            "trust": 0.8,
            "url": "https://scans.io/series/ssh-rsa-full-ipv4"
          },
          {
            "trust": 0.8,
            "url": "https://scans.io/study/sonar.ssl"
          },
          {
            "trust": 0.8,
            "url": "https://censys.io"
          },
          {
            "trust": 0.8,
            "url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2015-6358"
          },
          {
            "trust": 0.8,
            "url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2015-7255"
          },
          {
            "trust": 0.8,
            "url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2015-7256"
          },
          {
            "trust": 0.8,
            "url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2015-7276"
          },
          {
            "trust": 0.8,
            "url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2015-8251"
          },
          {
            "trust": 0.8,
            "url": "http://jvn.jp/vu/jvnvu96100360/index.html"
          },
          {
            "trust": 0.8,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2015-7256"
          },
          {
            "trust": 0.8,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2015-6358"
          },
          {
            "trust": 0.8,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2015-7255"
          },
          {
            "trust": 0.8,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2015-7276"
          },
          {
            "trust": 0.8,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2015-8251"
          },
          {
            "trust": 0.3,
            "url": "http://www.zyxel.com/th/th/"
          },
          {
            "trust": 0.3,
            "url": "http://www.kb.cert.org/vuls/id/bluu-a2nqyp"
          }
        ],
        "sources": [
          {
            "db": "CERT/CC",
            "id": "VU#566724"
          },
          {
            "db": "CNVD",
            "id": "CNVD-2015-08082"
          },
          {
            "db": "VULHUB",
            "id": "VHN-85217"
          },
          {
            "db": "BID",
            "id": "78214"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2015-006907"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201512-204"
          },
          {
            "db": "NVD",
            "id": "CVE-2015-7256"
          }
        ]
      },
      "sources": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "db": "CERT/CC",
            "id": "VU#566724"
          },
          {
            "db": "CNVD",
            "id": "CNVD-2015-08082"
          },
          {
            "db": "VULHUB",
            "id": "VHN-85217"
          },
          {
            "db": "BID",
            "id": "78214"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2015-006907"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201512-204"
          },
          {
            "db": "NVD",
            "id": "CVE-2015-7256"
          }
        ]
      },
      "sources_release_date": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "date": "2015-11-25T00:00:00",
            "db": "CERT/CC",
            "id": "VU#566724"
          },
          {
            "date": "2015-12-14T00:00:00",
            "db": "CNVD",
            "id": "CNVD-2015-08082"
          },
          {
            "date": "2017-09-28T00:00:00",
            "db": "VULHUB",
            "id": "VHN-85217"
          },
          {
            "date": "2015-11-25T00:00:00",
            "db": "BID",
            "id": "78214"
          },
          {
            "date": "2016-02-29T00:00:00",
            "db": "JVNDB",
            "id": "JVNDB-2015-006907"
          },
          {
            "date": "2015-11-25T00:00:00",
            "db": "CNNVD",
            "id": "CNNVD-201512-204"
          },
          {
            "date": "2017-09-28T01:29:00.670000",
            "db": "NVD",
            "id": "CVE-2015-7256"
          }
        ]
      },
      "sources_update_date": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "date": "2016-09-06T00:00:00",
            "db": "CERT/CC",
            "id": "VU#566724"
          },
          {
            "date": "2015-12-14T00:00:00",
            "db": "CNVD",
            "id": "CNVD-2015-08082"
          },
          {
            "date": "2017-10-11T00:00:00",
            "db": "VULHUB",
            "id": "VHN-85217"
          },
          {
            "date": "2015-11-25T00:00:00",
            "db": "BID",
            "id": "78214"
          },
          {
            "date": "2018-02-28T00:00:00",
            "db": "JVNDB",
            "id": "JVNDB-2015-006907"
          },
          {
            "date": "2015-12-10T00:00:00",
            "db": "CNNVD",
            "id": "CNNVD-201512-204"
          },
          {
            "date": "2025-04-20T01:37:25.860000",
            "db": "NVD",
            "id": "CVE-2015-7256"
          }
        ]
      },
      "threat_type": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/threat_type#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "remote",
        "sources": [
          {
            "db": "CNNVD",
            "id": "CNNVD-201512-204"
          }
        ],
        "trust": 0.6
      },
      "title": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/title#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "Embedded devices use non-unique X.509 certificates and SSH host keys",
        "sources": [
          {
            "db": "CERT/CC",
            "id": "VU#566724"
          }
        ],
        "trust": 0.8
      },
      "type": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/type#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "encryption problem",
        "sources": [
          {
            "db": "CNNVD",
            "id": "CNNVD-201512-204"
          }
        ],
        "trust": 0.6
      }
    }

    VAR-201708-0143

    Vulnerability from variot - Updated: 2025-04-20 23:21

    ZTE OX-330P, ZXHN H108N, W300V1.0.0S_ZRD_TR1_D68, HG110, GAN9.8T101A-B, MF28G, ZXHN H108N use non-unique X.509 certificates and SSH host keys, which might allow remote attackers to obtain credentials or other sensitive information via a man-in-the-middle attack, passive decryption attack, or impersonating a legitimate device. The encryption key is hard-coded (CWE-321) SEC Consult of Stefan Viehböck According to the survey, many embedded devices are not unique X.509 Certificate and SSH It is said that it is accessible from the Internet using a host key. A hard-coded key in a firmware image or a repository stored by scanning the Internet scans.io ( In particular SSH And the result of SSL Certificate ) A device that uses a certificate whose fingerprint matches the data of can be determined to be vulnerable. Affected devices include household routers and IP From the camera VoIP Wide range of products. CWE-321: Use of Hard-coded Cryptographic Key http://cwe.mitre.org/data/definitions/321.html scans.io https://scans.io/ SSH Result of https://scans.io/series/ssh-rsa-full-ipv4 SSL Certificate https://scans.io/study/sonar.ssl In many vulnerable devices, certificate and key reuse is limited to a limited product line by a specific developer, but there are several examples where multiple developers use the same certificate or key. Or exist. These are common SDK Firmware developed using, or ISP Provided by OEM The root cause is the use of device firmware. Vulnerable equipment is impersonation and intermediary (man-in-the-middle) There is a possibility of being attacked or deciphering the communication contents. Perhaps the attacker can obtain authentication information and other sensitive information and use it for further attacks. Survey results and certificates SSH For more information on systems affected by host key issues, see SEC Consult See the blog post. As a result, confidential information may be leaked. ZTEOX-330P and others are wireless router products of China ZTE Corporation (ZTE). An information disclosure vulnerability exists in several ZTE products. The following products are affected: ZTE OX-330P; ZXHN H108N; W300V1.0.0S_ZRD_TR1_D68; HG110; GAN9.8T101A-B; MF28G;

    Show details on source website

    {
      "@context": {
        "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
        "affected_products": {
          "@id": "https://www.variotdbs.pl/ref/affected_products"
        },
        "configurations": {
          "@id": "https://www.variotdbs.pl/ref/configurations"
        },
        "credits": {
          "@id": "https://www.variotdbs.pl/ref/credits"
        },
        "cvss": {
          "@id": "https://www.variotdbs.pl/ref/cvss/"
        },
        "description": {
          "@id": "https://www.variotdbs.pl/ref/description/"
        },
        "exploit_availability": {
          "@id": "https://www.variotdbs.pl/ref/exploit_availability/"
        },
        "external_ids": {
          "@id": "https://www.variotdbs.pl/ref/external_ids/"
        },
        "iot": {
          "@id": "https://www.variotdbs.pl/ref/iot/"
        },
        "iot_taxonomy": {
          "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
        },
        "patch": {
          "@id": "https://www.variotdbs.pl/ref/patch/"
        },
        "problemtype_data": {
          "@id": "https://www.variotdbs.pl/ref/problemtype_data/"
        },
        "references": {
          "@id": "https://www.variotdbs.pl/ref/references/"
        },
        "sources": {
          "@id": "https://www.variotdbs.pl/ref/sources/"
        },
        "sources_release_date": {
          "@id": "https://www.variotdbs.pl/ref/sources_release_date/"
        },
        "sources_update_date": {
          "@id": "https://www.variotdbs.pl/ref/sources_update_date/"
        },
        "threat_type": {
          "@id": "https://www.variotdbs.pl/ref/threat_type/"
        },
        "title": {
          "@id": "https://www.variotdbs.pl/ref/title/"
        },
        "type": {
          "@id": "https://www.variotdbs.pl/ref/type/"
        }
      },
      "@id": "https://www.variotdbs.pl/vuln/VAR-201708-0143",
      "affected_products": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/affected_products#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            },
            "@id": "https://www.variotdbs.pl/ref/sources"
          }
        },
        "data": [
          {
            "model": "mf28g",
            "scope": "eq",
            "trust": 1.6,
            "vendor": "zte",
            "version": null
          },
          {
            "model": "hg110",
            "scope": "eq",
            "trust": 1.6,
            "vendor": "zte",
            "version": null
          },
          {
            "model": "zxhn h108n",
            "scope": "eq",
            "trust": 1.6,
            "vendor": "zte",
            "version": null
          },
          {
            "model": "gan9.8t101a-b",
            "scope": "eq",
            "trust": 1.6,
            "vendor": "zte",
            "version": null
          },
          {
            "model": "ox-330p",
            "scope": "eq",
            "trust": 1.6,
            "vendor": "zte",
            "version": null
          },
          {
            "model": "w300v1.0.0s zrd tr1 d68",
            "scope": "eq",
            "trust": 1.6,
            "vendor": "zte",
            "version": null
          },
          {
            "model": "zxhn h108n",
            "scope": null,
            "trust": 1.2,
            "vendor": "zte",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "actiontec",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "cisco",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "d link",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "general electric",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "huawei",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "netcomm",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "sierra",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "technicolor",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "ubiquiti",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "unify",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "zte",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "zyxel",
            "version": null
          },
          {
            "model": "c1000z",
            "scope": null,
            "trust": 0.8,
            "vendor": "zyxel",
            "version": null
          },
          {
            "model": "fr1000z",
            "scope": null,
            "trust": 0.8,
            "vendor": "zyxel",
            "version": null
          },
          {
            "model": "gs1900-24",
            "scope": null,
            "trust": 0.8,
            "vendor": "zyxel",
            "version": null
          },
          {
            "model": "gs1900-8",
            "scope": null,
            "trust": 0.8,
            "vendor": "zyxel",
            "version": null
          },
          {
            "model": "nwa1100-n",
            "scope": null,
            "trust": 0.8,
            "vendor": "zyxel",
            "version": null
          },
          {
            "model": "nwa1100-nh",
            "scope": null,
            "trust": 0.8,
            "vendor": "zyxel",
            "version": null
          },
          {
            "model": "nwa1121-ni",
            "scope": null,
            "trust": 0.8,
            "vendor": "zyxel",
            "version": null
          },
          {
            "model": "nwa1123-ac",
            "scope": null,
            "trust": 0.8,
            "vendor": "zyxel",
            "version": null
          },
          {
            "model": "nwa1123-ni",
            "scope": null,
            "trust": 0.8,
            "vendor": "zyxel",
            "version": null
          },
          {
            "model": "p-660hn-51",
            "scope": null,
            "trust": 0.8,
            "vendor": "zyxel",
            "version": null
          },
          {
            "model": "p-663hn-51",
            "scope": null,
            "trust": 0.8,
            "vendor": "zyxel",
            "version": null
          },
          {
            "model": "p8702n",
            "scope": null,
            "trust": 0.8,
            "vendor": "zyxel",
            "version": null
          },
          {
            "model": "pmg5318-b20a",
            "scope": null,
            "trust": 0.8,
            "vendor": "zyxel",
            "version": null
          },
          {
            "model": "q1000",
            "scope": null,
            "trust": 0.8,
            "vendor": "zyxel",
            "version": null
          },
          {
            "model": "sbg3300-n000",
            "scope": null,
            "trust": 0.8,
            "vendor": "zyxel",
            "version": null
          },
          {
            "model": "sbg3300-nb00",
            "scope": null,
            "trust": 0.8,
            "vendor": "zyxel",
            "version": null
          },
          {
            "model": "sbg3500-n000",
            "scope": null,
            "trust": 0.8,
            "vendor": "zyxel",
            "version": null
          },
          {
            "model": "vmg1312-b10a",
            "scope": null,
            "trust": 0.8,
            "vendor": "zyxel",
            "version": null
          },
          {
            "model": "vmg1312-b30a",
            "scope": null,
            "trust": 0.8,
            "vendor": "zyxel",
            "version": null
          },
          {
            "model": "vmg1312-b30b",
            "scope": null,
            "trust": 0.8,
            "vendor": "zyxel",
            "version": null
          },
          {
            "model": "vmg4380-b10a",
            "scope": null,
            "trust": 0.8,
            "vendor": "zyxel",
            "version": null
          },
          {
            "model": "vmg8324-b10a",
            "scope": null,
            "trust": 0.8,
            "vendor": "zyxel",
            "version": null
          },
          {
            "model": "vmg8924-b10a",
            "scope": null,
            "trust": 0.8,
            "vendor": "zyxel",
            "version": null
          },
          {
            "model": "vmg8924-b30a",
            "scope": null,
            "trust": 0.8,
            "vendor": "zyxel",
            "version": null
          },
          {
            "model": "vsg1435-b101",
            "scope": null,
            "trust": 0.8,
            "vendor": "zyxel",
            "version": null
          },
          {
            "model": "",
            "scope": null,
            "trust": 0.8,
            "vendor": "multiple vendors",
            "version": null
          },
          {
            "model": "ox-330p",
            "scope": null,
            "trust": 0.6,
            "vendor": "zte",
            "version": null
          },
          {
            "model": "w300v1.0.0s zrd tr1 d68",
            "scope": null,
            "trust": 0.6,
            "vendor": "zte",
            "version": null
          },
          {
            "model": "hg110",
            "scope": null,
            "trust": 0.6,
            "vendor": "zte",
            "version": null
          },
          {
            "model": "gan9.8t101a-b",
            "scope": null,
            "trust": 0.6,
            "vendor": "zte",
            "version": null
          },
          {
            "model": "mf28g",
            "scope": null,
            "trust": 0.6,
            "vendor": "zte",
            "version": null
          }
        ],
        "sources": [
          {
            "db": "CERT/CC",
            "id": "VU#566724"
          },
          {
            "db": "CNVD",
            "id": "CNVD-2017-33516"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2015-006907"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201708-1334"
          },
          {
            "db": "NVD",
            "id": "CVE-2015-7255"
          }
        ]
      },
      "configurations": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/configurations#",
          "children": {
            "@container": "@list"
          },
          "cpe_match": {
            "@container": "@list"
          },
          "data": {
            "@container": "@list"
          },
          "nodes": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "CVE_data_version": "4.0",
            "nodes": [
              {
                "cpe_match": [
                  {
                    "cpe22Uri": "cpe:/o:zyxel:c1000z_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:zyxel:fr1000z_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:zyxel:gs1900-24_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:zyxel:gs1900-8_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:zyxel:nwa1100-n_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:zyxel:nwa1100-nh_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:zyxel:nwa1121-ni_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:zyxel:nwa1123-ac_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:zyxel:nwa1123-ni_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:zyxel:p-660hn-51_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:zyxel:p-663hn-51_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:zyxel:p8702n_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:zyxel:pmg5318-b20a_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:zyxel:q1000_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:zyxel:sbg3300-n000_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:zyxel:sbg3300-nb00_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:zyxel:sbg3500-n000_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:zyxel:vmg1312-b10a_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:zyxel:vmg1312-b30a_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:zyxel:vmg1312-b30b_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:zyxel:vmg4380-b10a_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:zyxel:vmg8324-b10a_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:zyxel:vmg8924-b10a_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:zyxel:vmg8924-b30a_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:zyxel:vsg1435-b101_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/a:misc:multiple_vendors",
                    "vulnerable": true
                  }
                ],
                "operator": "OR"
              }
            ]
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2015-006907"
          }
        ]
      },
      "cve": "CVE-2015-7255",
      "cvss": {
        "@context": {
          "cvssV2": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
          },
          "cvssV3": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
          },
          "severity": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/cvss/severity#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/severity"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            },
            "@id": "https://www.variotdbs.pl/ref/sources"
          }
        },
        "data": [
          {
            "cvssV2": [
              {
                "accessComplexity": "LOW",
                "accessVector": "NETWORK",
                "authentication": "NONE",
                "author": "nvd@nist.gov",
                "availabilityImpact": "NONE",
                "baseScore": 5.0,
                "confidentialityImpact": "PARTIAL",
                "exploitabilityScore": 10.0,
                "id": "CVE-2015-7255",
                "impactScore": 2.9,
                "integrityImpact": "NONE",
                "severity": "MEDIUM",
                "trust": 1.8,
                "vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N",
                "version": "2.0"
              },
              {
                "accessComplexity": "LOW",
                "accessVector": "NETWORK",
                "authentication": "NONE",
                "author": "CNVD",
                "availabilityImpact": "NONE",
                "baseScore": 5.0,
                "confidentialityImpact": "PARTIAL",
                "exploitabilityScore": 10.0,
                "id": "CNVD-2017-33516",
                "impactScore": 2.9,
                "integrityImpact": "NONE",
                "severity": "MEDIUM",
                "trust": 0.6,
                "vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N",
                "version": "2.0"
              },
              {
                "accessComplexity": "LOW",
                "accessVector": "NETWORK",
                "authentication": "NONE",
                "author": "VULHUB",
                "availabilityImpact": "NONE",
                "baseScore": 5.0,
                "confidentialityImpact": "PARTIAL",
                "exploitabilityScore": 10.0,
                "id": "VHN-85216",
                "impactScore": 2.9,
                "integrityImpact": "NONE",
                "severity": "MEDIUM",
                "trust": 0.1,
                "vectorString": "AV:N/AC:L/AU:N/C:P/I:N/A:N",
                "version": "2.0"
              }
            ],
            "cvssV3": [
              {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "author": "nvd@nist.gov",
                "availabilityImpact": "NONE",
                "baseScore": 7.5,
                "baseSeverity": "HIGH",
                "confidentialityImpact": "HIGH",
                "exploitabilityScore": 3.9,
                "id": "CVE-2015-7255",
                "impactScore": 3.6,
                "integrityImpact": "NONE",
                "privilegesRequired": "NONE",
                "scope": "UNCHANGED",
                "trust": 1.0,
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
                "version": "3.0"
              }
            ],
            "severity": [
              {
                "author": "nvd@nist.gov",
                "id": "CVE-2015-7255",
                "trust": 1.0,
                "value": "HIGH"
              },
              {
                "author": "NVD",
                "id": "CVE-2015-7255",
                "trust": 0.8,
                "value": "Medium"
              },
              {
                "author": "CNVD",
                "id": "CNVD-2017-33516",
                "trust": 0.6,
                "value": "MEDIUM"
              },
              {
                "author": "CNNVD",
                "id": "CNNVD-201708-1334",
                "trust": 0.6,
                "value": "MEDIUM"
              },
              {
                "author": "VULHUB",
                "id": "VHN-85216",
                "trust": 0.1,
                "value": "MEDIUM"
              }
            ]
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2017-33516"
          },
          {
            "db": "VULHUB",
            "id": "VHN-85216"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2015-006907"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201708-1334"
          },
          {
            "db": "NVD",
            "id": "CVE-2015-7255"
          }
        ]
      },
      "description": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/description#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "ZTE OX-330P, ZXHN H108N, W300V1.0.0S_ZRD_TR1_D68, HG110, GAN9.8T101A-B, MF28G, ZXHN H108N use non-unique X.509 certificates and SSH host keys, which might allow remote attackers to obtain credentials or other sensitive information via a man-in-the-middle attack, passive decryption attack, or impersonating a legitimate device. The encryption key is hard-coded (CWE-321) SEC Consult of Stefan Viehb\u0026#246;ck According to the survey, many embedded devices are not unique X.509 Certificate and SSH It is said that it is accessible from the Internet using a host key. A hard-coded key in a firmware image or a repository stored by scanning the Internet scans.io ( In particular SSH And the result of SSL Certificate ) A device that uses a certificate whose fingerprint matches the data of can be determined to be vulnerable. Affected devices include household routers and IP From the camera VoIP Wide range of products. CWE-321: Use of Hard-coded Cryptographic Key http://cwe.mitre.org/data/definitions/321.html scans.io https://scans.io/ SSH Result of https://scans.io/series/ssh-rsa-full-ipv4 SSL Certificate https://scans.io/study/sonar.ssl In many vulnerable devices, certificate and key reuse is limited to a limited product line by a specific developer, but there are several examples where multiple developers use the same certificate or key. Or exist. These are common SDK Firmware developed using, or ISP Provided by OEM The root cause is the use of device firmware. Vulnerable equipment is impersonation and intermediary (man-in-the-middle) There is a possibility of being attacked or deciphering the communication contents. Perhaps the attacker can obtain authentication information and other sensitive information and use it for further attacks. Survey results and certificates SSH For more information on systems affected by host key issues, see SEC Consult See the blog post. As a result, confidential information may be leaked. ZTEOX-330P and others are wireless router products of China ZTE Corporation (ZTE). An information disclosure vulnerability exists in several ZTE products. The following products are affected: ZTE OX-330P; ZXHN H108N; W300V1.0.0S_ZRD_TR1_D68; HG110; GAN9.8T101A-B; MF28G;",
        "sources": [
          {
            "db": "NVD",
            "id": "CVE-2015-7255"
          },
          {
            "db": "CERT/CC",
            "id": "VU#566724"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2015-006907"
          },
          {
            "db": "CNVD",
            "id": "CNVD-2017-33516"
          },
          {
            "db": "VULHUB",
            "id": "VHN-85216"
          }
        ],
        "trust": 2.97
      },
      "external_ids": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/external_ids#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "db": "CERT/CC",
            "id": "VU#566724",
            "trust": 3.9
          },
          {
            "db": "NVD",
            "id": "CVE-2015-7255",
            "trust": 3.1
          },
          {
            "db": "JVN",
            "id": "JVNVU96100360",
            "trust": 0.8
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2015-006907",
            "trust": 0.8
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201708-1334",
            "trust": 0.7
          },
          {
            "db": "CNVD",
            "id": "CNVD-2017-33516",
            "trust": 0.6
          },
          {
            "db": "VULHUB",
            "id": "VHN-85216",
            "trust": 0.1
          }
        ],
        "sources": [
          {
            "db": "CERT/CC",
            "id": "VU#566724"
          },
          {
            "db": "CNVD",
            "id": "CNVD-2017-33516"
          },
          {
            "db": "VULHUB",
            "id": "VHN-85216"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2015-006907"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201708-1334"
          },
          {
            "db": "NVD",
            "id": "CVE-2015-7255"
          }
        ]
      },
      "id": "VAR-201708-0143",
      "iot": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/iot#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": true,
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2017-33516"
          },
          {
            "db": "VULHUB",
            "id": "VHN-85216"
          }
        ],
        "trust": 1.28941403
      },
      "iot_taxonomy": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "category": [
              "Network device"
            ],
            "sub_category": null,
            "trust": 0.6
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2017-33516"
          }
        ]
      },
      "last_update_date": "2025-04-20T23:21:26.460000Z",
      "patch": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/patch#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "title": "Zyxel to Fix SSH Private Key and Certificate Vulnerability (CVE-2015-7256)",
            "trust": 0.8,
            "url": "http://www.zyxel.com/support/announcement_SSH_private_key_and_certificate_vulnerability.shtml"
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2015-006907"
          }
        ]
      },
      "problemtype_data": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "problemtype": "CWE-200",
            "trust": 1.1
          }
        ],
        "sources": [
          {
            "db": "VULHUB",
            "id": "VHN-85216"
          },
          {
            "db": "NVD",
            "id": "CVE-2015-7255"
          }
        ]
      },
      "references": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/references#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "trust": 3.1,
            "url": "http://www.kb.cert.org/vuls/id/566724"
          },
          {
            "trust": 1.7,
            "url": "https://www.kb.cert.org/vuls/id/bluu-a2nqyr"
          },
          {
            "trust": 1.6,
            "url": "http://blog.sec-consult.com/2015/11/house-of-keys-industry-wide-https.html"
          },
          {
            "trust": 1.6,
            "url": "https://github.com/sec-consult/houseofkeys/search?p=3\u0026q=zte\u0026type=\u0026utf8=%e2%9c%93"
          },
          {
            "trust": 0.8,
            "url": "http://blog.sec-consult.com/2016/09/house-of-keys-9-months-later-40-worse.html"
          },
          {
            "trust": 0.8,
            "url": "https://www.sec-consult.com/download/certificates.html"
          },
          {
            "trust": 0.8,
            "url": "https://www.sec-consult.com/download/ssh_host_keys.html"
          },
          {
            "trust": 0.8,
            "url": "https://scans.io/"
          },
          {
            "trust": 0.8,
            "url": "https://scans.io/series/ssh-rsa-full-ipv4"
          },
          {
            "trust": 0.8,
            "url": "https://scans.io/study/sonar.ssl"
          },
          {
            "trust": 0.8,
            "url": "https://censys.io"
          },
          {
            "trust": 0.8,
            "url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2015-6358"
          },
          {
            "trust": 0.8,
            "url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2015-7255"
          },
          {
            "trust": 0.8,
            "url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2015-7256"
          },
          {
            "trust": 0.8,
            "url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2015-7276"
          },
          {
            "trust": 0.8,
            "url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2015-8251"
          },
          {
            "trust": 0.8,
            "url": "http://jvn.jp/vu/jvnvu96100360/index.html"
          },
          {
            "trust": 0.8,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2015-7256"
          },
          {
            "trust": 0.8,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2015-6358"
          },
          {
            "trust": 0.8,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2015-7255"
          },
          {
            "trust": 0.8,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2015-7276"
          },
          {
            "trust": 0.8,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2015-8251"
          },
          {
            "trust": 0.1,
            "url": "https://github.com/sec-consult/houseofkeys/search?p=3\u0026amp;q=zte\u0026amp;type=\u0026amp;utf8=%e2%9c%93"
          }
        ],
        "sources": [
          {
            "db": "CERT/CC",
            "id": "VU#566724"
          },
          {
            "db": "CNVD",
            "id": "CNVD-2017-33516"
          },
          {
            "db": "VULHUB",
            "id": "VHN-85216"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2015-006907"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201708-1334"
          },
          {
            "db": "NVD",
            "id": "CVE-2015-7255"
          }
        ]
      },
      "sources": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "db": "CERT/CC",
            "id": "VU#566724"
          },
          {
            "db": "CNVD",
            "id": "CNVD-2017-33516"
          },
          {
            "db": "VULHUB",
            "id": "VHN-85216"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2015-006907"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201708-1334"
          },
          {
            "db": "NVD",
            "id": "CVE-2015-7255"
          }
        ]
      },
      "sources_release_date": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "date": "2015-11-25T00:00:00",
            "db": "CERT/CC",
            "id": "VU#566724"
          },
          {
            "date": "2017-11-10T00:00:00",
            "db": "CNVD",
            "id": "CNVD-2017-33516"
          },
          {
            "date": "2017-08-29T00:00:00",
            "db": "VULHUB",
            "id": "VHN-85216"
          },
          {
            "date": "2016-02-29T00:00:00",
            "db": "JVNDB",
            "id": "JVNDB-2015-006907"
          },
          {
            "date": "2017-08-29T00:00:00",
            "db": "CNNVD",
            "id": "CNNVD-201708-1334"
          },
          {
            "date": "2017-08-29T15:29:00.517000",
            "db": "NVD",
            "id": "CVE-2015-7255"
          }
        ]
      },
      "sources_update_date": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "date": "2016-09-06T00:00:00",
            "db": "CERT/CC",
            "id": "VU#566724"
          },
          {
            "date": "2017-11-10T00:00:00",
            "db": "CNVD",
            "id": "CNVD-2017-33516"
          },
          {
            "date": "2017-09-12T00:00:00",
            "db": "VULHUB",
            "id": "VHN-85216"
          },
          {
            "date": "2018-02-28T00:00:00",
            "db": "JVNDB",
            "id": "JVNDB-2015-006907"
          },
          {
            "date": "2017-10-09T00:00:00",
            "db": "CNNVD",
            "id": "CNNVD-201708-1334"
          },
          {
            "date": "2025-04-20T01:37:25.860000",
            "db": "NVD",
            "id": "CVE-2015-7255"
          }
        ]
      },
      "threat_type": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/threat_type#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "remote",
        "sources": [
          {
            "db": "CNNVD",
            "id": "CNNVD-201708-1334"
          }
        ],
        "trust": 0.6
      },
      "title": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/title#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "Embedded devices use non-unique X.509 certificates and SSH host keys",
        "sources": [
          {
            "db": "CERT/CC",
            "id": "VU#566724"
          }
        ],
        "trust": 0.8
      },
      "type": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/type#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "information disclosure",
        "sources": [
          {
            "db": "CNNVD",
            "id": "CNNVD-201708-1334"
          }
        ],
        "trust": 0.6
      }
    }

    VAR-201704-0602

    Vulnerability from variot - Updated: 2025-04-20 23:05

    Certain Technicolor devices have an SNMP access-control bypass, possibly involving an ISP customization in some cases. The Technicolor (formerly Cisco) DPC3928SL with firmware D3928SL-P15-13-A386-c3420r55105-160127a could be reached by any SNMP community string from the Internet; also, you can write in the MIB because it provides write properties, aka Stringbleed. NOTE: the string-bleed/StringBleed-CVE-2017-5135 GitHub repository is not a valid reference as of 2017-04-27; it contains Trojan horse code purported to exploit this vulnerability. Technicolor ( Old Cisco) DPC3928SL There is an access control vulnerability in the firmware. In addition, GitHub Repository string-bleed/StringBleed-CVE-2017-5135 Is 2017 Year 4 Moon 27 Not valid as of the day. It may contain trojan code that exploits this vulnerability.Information may be obtained and information may be altered. Technicolor DPC3928SL is prone to an authentication-bypass vulnerability. Exploiting this issue may allow an attacker to bypass certain security restrictions and perform unauthorized actions. Technicolor DPC3928SL is a cable modem from the French Technicolor Group. A remote attacker could exploit this vulnerability to bypass access controls and execute code

    Show details on source website

    {
      "@context": {
        "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
        "affected_products": {
          "@id": "https://www.variotdbs.pl/ref/affected_products"
        },
        "configurations": {
          "@id": "https://www.variotdbs.pl/ref/configurations"
        },
        "credits": {
          "@id": "https://www.variotdbs.pl/ref/credits"
        },
        "cvss": {
          "@id": "https://www.variotdbs.pl/ref/cvss/"
        },
        "description": {
          "@id": "https://www.variotdbs.pl/ref/description/"
        },
        "exploit_availability": {
          "@id": "https://www.variotdbs.pl/ref/exploit_availability/"
        },
        "external_ids": {
          "@id": "https://www.variotdbs.pl/ref/external_ids/"
        },
        "iot": {
          "@id": "https://www.variotdbs.pl/ref/iot/"
        },
        "iot_taxonomy": {
          "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
        },
        "patch": {
          "@id": "https://www.variotdbs.pl/ref/patch/"
        },
        "problemtype_data": {
          "@id": "https://www.variotdbs.pl/ref/problemtype_data/"
        },
        "references": {
          "@id": "https://www.variotdbs.pl/ref/references/"
        },
        "sources": {
          "@id": "https://www.variotdbs.pl/ref/sources/"
        },
        "sources_release_date": {
          "@id": "https://www.variotdbs.pl/ref/sources_release_date/"
        },
        "sources_update_date": {
          "@id": "https://www.variotdbs.pl/ref/sources_update_date/"
        },
        "threat_type": {
          "@id": "https://www.variotdbs.pl/ref/threat_type/"
        },
        "title": {
          "@id": "https://www.variotdbs.pl/ref/title/"
        },
        "type": {
          "@id": "https://www.variotdbs.pl/ref/type/"
        }
      },
      "@id": "https://www.variotdbs.pl/vuln/VAR-201704-0602",
      "affected_products": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/affected_products#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            },
            "@id": "https://www.variotdbs.pl/ref/sources"
          }
        },
        "data": [
          {
            "model": "dpc3928sl",
            "scope": "eq",
            "trust": 2.4,
            "vendor": "technicolor",
            "version": "d3928sl-p15-13-a386-c3420r55105-160127a"
          },
          {
            "model": "dpc3928sl d3928sl-p15-13-a386-",
            "scope": null,
            "trust": 0.3,
            "vendor": "technicolor",
            "version": null
          }
        ],
        "sources": [
          {
            "db": "BID",
            "id": "98092"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2017-003673"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201704-1498"
          },
          {
            "db": "NVD",
            "id": "CVE-2017-5135"
          }
        ]
      },
      "configurations": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/configurations#",
          "children": {
            "@container": "@list"
          },
          "cpe_match": {
            "@container": "@list"
          },
          "data": {
            "@container": "@list"
          },
          "nodes": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "CVE_data_version": "4.0",
            "nodes": [
              {
                "cpe_match": [
                  {
                    "cpe22Uri": "cpe:/o:technicolor:dpc3928sl_firmware",
                    "vulnerable": true
                  }
                ],
                "operator": "OR"
              }
            ]
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2017-003673"
          }
        ]
      },
      "credits": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/credits#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "Ezequiel Fernandez (Argentina) and Bertin Bervis (Costa Rica).",
        "sources": [
          {
            "db": "BID",
            "id": "98092"
          }
        ],
        "trust": 0.3
      },
      "cve": "CVE-2017-5135",
      "cvss": {
        "@context": {
          "cvssV2": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
          },
          "cvssV3": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
          },
          "severity": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/cvss/severity#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/severity"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            },
            "@id": "https://www.variotdbs.pl/ref/sources"
          }
        },
        "data": [
          {
            "cvssV2": [
              {
                "accessComplexity": "LOW",
                "accessVector": "NETWORK",
                "authentication": "NONE",
                "author": "nvd@nist.gov",
                "availabilityImpact": "NONE",
                "baseScore": 6.4,
                "confidentialityImpact": "PARTIAL",
                "exploitabilityScore": 10.0,
                "id": "CVE-2017-5135",
                "impactScore": 4.9,
                "integrityImpact": "PARTIAL",
                "severity": "MEDIUM",
                "trust": 1.9,
                "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:N",
                "version": "2.0"
              },
              {
                "accessComplexity": "LOW",
                "accessVector": "NETWORK",
                "authentication": "NONE",
                "author": "VULHUB",
                "availabilityImpact": "NONE",
                "baseScore": 6.4,
                "confidentialityImpact": "PARTIAL",
                "exploitabilityScore": 10.0,
                "id": "VHN-113338",
                "impactScore": 4.9,
                "integrityImpact": "PARTIAL",
                "severity": "MEDIUM",
                "trust": 0.1,
                "vectorString": "AV:N/AC:L/AU:N/C:P/I:P/A:N",
                "version": "2.0"
              }
            ],
            "cvssV3": [
              {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "author": "nvd@nist.gov",
                "availabilityImpact": "NONE",
                "baseScore": 9.1,
                "baseSeverity": "CRITICAL",
                "confidentialityImpact": "HIGH",
                "exploitabilityScore": 3.9,
                "id": "CVE-2017-5135",
                "impactScore": 5.2,
                "integrityImpact": "HIGH",
                "privilegesRequired": "NONE",
                "scope": "UNCHANGED",
                "trust": 1.8,
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N",
                "version": "3.0"
              }
            ],
            "severity": [
              {
                "author": "nvd@nist.gov",
                "id": "CVE-2017-5135",
                "trust": 1.0,
                "value": "CRITICAL"
              },
              {
                "author": "NVD",
                "id": "CVE-2017-5135",
                "trust": 0.8,
                "value": "Critical"
              },
              {
                "author": "CNNVD",
                "id": "CNNVD-201704-1498",
                "trust": 0.6,
                "value": "CRITICAL"
              },
              {
                "author": "VULHUB",
                "id": "VHN-113338",
                "trust": 0.1,
                "value": "MEDIUM"
              },
              {
                "author": "VULMON",
                "id": "CVE-2017-5135",
                "trust": 0.1,
                "value": "MEDIUM"
              }
            ]
          }
        ],
        "sources": [
          {
            "db": "VULHUB",
            "id": "VHN-113338"
          },
          {
            "db": "VULMON",
            "id": "CVE-2017-5135"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2017-003673"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201704-1498"
          },
          {
            "db": "NVD",
            "id": "CVE-2017-5135"
          }
        ]
      },
      "description": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/description#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "Certain Technicolor devices have an SNMP access-control bypass, possibly involving an ISP customization in some cases. The Technicolor (formerly Cisco) DPC3928SL with firmware D3928SL-P15-13-A386-c3420r55105-160127a could be reached by any SNMP community string from the Internet; also, you can write in the MIB because it provides write properties, aka Stringbleed. NOTE: the string-bleed/StringBleed-CVE-2017-5135 GitHub repository is not a valid reference as of 2017-04-27; it contains Trojan horse code purported to exploit this vulnerability. Technicolor ( Old Cisco) DPC3928SL There is an access control vulnerability in the firmware. In addition, GitHub Repository string-bleed/StringBleed-CVE-2017-5135 Is 2017 Year 4 Moon 27 Not valid as of the day. It may contain trojan code that exploits this vulnerability.Information may be obtained and information may be altered. Technicolor DPC3928SL is prone to an authentication-bypass vulnerability. \nExploiting this issue may allow an attacker to bypass certain security restrictions and perform unauthorized actions. Technicolor DPC3928SL is a cable modem from the French Technicolor Group. A remote attacker could exploit this vulnerability to bypass access controls and execute code",
        "sources": [
          {
            "db": "NVD",
            "id": "CVE-2017-5135"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2017-003673"
          },
          {
            "db": "BID",
            "id": "98092"
          },
          {
            "db": "VULHUB",
            "id": "VHN-113338"
          },
          {
            "db": "VULMON",
            "id": "CVE-2017-5135"
          }
        ],
        "trust": 2.07
      },
      "exploit_availability": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/exploit_availability#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "reference": "https://www.scap.org.cn/vuln/vhn-113338",
            "trust": 0.1,
            "type": "unknown"
          },
          {
            "reference": "https://vulmon.com/exploitdetails?qidtp=exploitdb\u0026qid=43384",
            "trust": 0.1,
            "type": "exploit"
          }
        ],
        "sources": [
          {
            "db": "VULHUB",
            "id": "VHN-113338"
          },
          {
            "db": "VULMON",
            "id": "CVE-2017-5135"
          }
        ]
      },
      "external_ids": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/external_ids#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "db": "BID",
            "id": "98092",
            "trust": 2.9
          },
          {
            "db": "NVD",
            "id": "CVE-2017-5135",
            "trust": 2.9
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2017-003673",
            "trust": 0.8
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201704-1498",
            "trust": 0.7
          },
          {
            "db": "EXPLOIT-DB",
            "id": "43384",
            "trust": 0.2
          },
          {
            "db": "VULHUB",
            "id": "VHN-113338",
            "trust": 0.1
          },
          {
            "db": "VULMON",
            "id": "CVE-2017-5135",
            "trust": 0.1
          }
        ],
        "sources": [
          {
            "db": "VULHUB",
            "id": "VHN-113338"
          },
          {
            "db": "VULMON",
            "id": "CVE-2017-5135"
          },
          {
            "db": "BID",
            "id": "98092"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2017-003673"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201704-1498"
          },
          {
            "db": "NVD",
            "id": "CVE-2017-5135"
          }
        ]
      },
      "id": "VAR-201704-0602",
      "iot": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/iot#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": true,
        "sources": [
          {
            "db": "VULHUB",
            "id": "VHN-113338"
          }
        ],
        "trust": 0.01
      },
      "last_update_date": "2025-04-20T23:05:10.165000Z",
      "patch": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/patch#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "title": "Top Page",
            "trust": 0.8,
            "url": "http://www.technicolor.com/"
          },
          {
            "title": "Brocade Security Advisories: BSA-2017-316",
            "trust": 0.1,
            "url": "https://vulmon.com/vendoradvisory?qidtp=brocade_security_advisories\u0026qid=c2dee36877418c50b2cd2d6753b1608f"
          },
          {
            "title": "MS17-010",
            "trust": 0.1,
            "url": "https://github.com/oneplus-x/MS17-010 "
          },
          {
            "title": "awesome-hacking-lists",
            "trust": 0.1,
            "url": "https://github.com/udpsec/awesome-hacking-lists "
          },
          {
            "title": "awesome-hacking-lists",
            "trust": 0.1,
            "url": "https://github.com/NetW0rK1le3r/awesome-hacking-lists "
          },
          {
            "title": "awesome-hacking-lists",
            "trust": 0.1,
            "url": "https://github.com/taielab/awesome-hacking-lists "
          },
          {
            "title": "Exp101tsArchiv30thers",
            "trust": 0.1,
            "url": "https://github.com/nu11secur1ty/Exp101tsArchiv30thers "
          },
          {
            "title": "awesome-cve-poc_qazbnm456",
            "trust": 0.1,
            "url": "https://github.com/xbl3/awesome-cve-poc_qazbnm456 "
          },
          {
            "title": "BleepingComputer",
            "trust": 0.1,
            "url": "https://www.bleepingcomputer.com/news/security/several-cable-modem-models-affected-by-snmp-god-mode-flaw/"
          }
        ],
        "sources": [
          {
            "db": "VULMON",
            "id": "CVE-2017-5135"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2017-003673"
          }
        ]
      },
      "problemtype_data": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "problemtype": "NVD-CWE-noinfo",
            "trust": 1.0
          },
          {
            "problemtype": "CWE-284",
            "trust": 0.9
          }
        ],
        "sources": [
          {
            "db": "VULHUB",
            "id": "VHN-113338"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2017-003673"
          },
          {
            "db": "NVD",
            "id": "CVE-2017-5135"
          }
        ]
      },
      "references": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/references#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "trust": 2.1,
            "url": "https://stringbleed.github.io/"
          },
          {
            "trust": 2.1,
            "url": "https://www.reddit.com/r/netsec/comments/67qt6u/cve_20175135_snmp_authentication_bypass/"
          },
          {
            "trust": 1.9,
            "url": "http://www.securityfocus.com/bid/98092"
          },
          {
            "trust": 0.8,
            "url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2017-5135"
          },
          {
            "trust": 0.8,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2017-5135"
          },
          {
            "trust": 0.8,
            "url": "http://www.securityfocus.com/bid/98092/info"
          },
          {
            "trust": 0.3,
            "url": "http://www.technicolorbroadbandpartner.com/"
          },
          {
            "trust": 0.3,
            "url": "https://github.com/string-bleed/stringbleed-cve-2017-5135"
          },
          {
            "trust": 0.1,
            "url": "https://cwe.mitre.org/data/definitions/.html"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov"
          },
          {
            "trust": 0.1,
            "url": "https://www.exploit-db.com/exploits/43384/"
          },
          {
            "trust": 0.1,
            "url": "https://github.com/oneplus-x/ms17-010"
          },
          {
            "trust": 0.1,
            "url": "https://www.broadcom.com/support/fibre-channel-networking/security-advisories/brocade-security-advisory-2017-316/"
          }
        ],
        "sources": [
          {
            "db": "VULHUB",
            "id": "VHN-113338"
          },
          {
            "db": "VULMON",
            "id": "CVE-2017-5135"
          },
          {
            "db": "BID",
            "id": "98092"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2017-003673"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201704-1498"
          },
          {
            "db": "NVD",
            "id": "CVE-2017-5135"
          }
        ]
      },
      "sources": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "db": "VULHUB",
            "id": "VHN-113338"
          },
          {
            "db": "VULMON",
            "id": "CVE-2017-5135"
          },
          {
            "db": "BID",
            "id": "98092"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2017-003673"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201704-1498"
          },
          {
            "db": "NVD",
            "id": "CVE-2017-5135"
          }
        ]
      },
      "sources_release_date": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "date": "2017-04-27T00:00:00",
            "db": "VULHUB",
            "id": "VHN-113338"
          },
          {
            "date": "2017-04-27T00:00:00",
            "db": "VULMON",
            "id": "CVE-2017-5135"
          },
          {
            "date": "2017-04-04T00:00:00",
            "db": "BID",
            "id": "98092"
          },
          {
            "date": "2017-06-02T00:00:00",
            "db": "JVNDB",
            "id": "JVNDB-2017-003673"
          },
          {
            "date": "2017-04-28T00:00:00",
            "db": "CNNVD",
            "id": "CNNVD-201704-1498"
          },
          {
            "date": "2017-04-27T15:59:00.150000",
            "db": "NVD",
            "id": "CVE-2017-5135"
          }
        ]
      },
      "sources_update_date": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "date": "2019-10-03T00:00:00",
            "db": "VULHUB",
            "id": "VHN-113338"
          },
          {
            "date": "2019-10-03T00:00:00",
            "db": "VULMON",
            "id": "CVE-2017-5135"
          },
          {
            "date": "2017-05-02T00:11:00",
            "db": "BID",
            "id": "98092"
          },
          {
            "date": "2017-06-02T00:00:00",
            "db": "JVNDB",
            "id": "JVNDB-2017-003673"
          },
          {
            "date": "2019-10-23T00:00:00",
            "db": "CNNVD",
            "id": "CNNVD-201704-1498"
          },
          {
            "date": "2025-04-20T01:37:25.860000",
            "db": "NVD",
            "id": "CVE-2017-5135"
          }
        ]
      },
      "threat_type": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/threat_type#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "remote",
        "sources": [
          {
            "db": "CNNVD",
            "id": "CNNVD-201704-1498"
          }
        ],
        "trust": 0.6
      },
      "title": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/title#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "Technicolor DPC3928SL Vulnerabilities related to access control in firmware",
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2017-003673"
          }
        ],
        "trust": 0.8
      },
      "type": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/type#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "access control error",
        "sources": [
          {
            "db": "CNNVD",
            "id": "CNNVD-201704-1498"
          }
        ],
        "trust": 0.6
      }
    }

    VAR-201707-1026

    Vulnerability from variot - Updated: 2025-04-20 23:04

    The Time Warner firmware on Technicolor TC8717T devices sets the default Wi-Fi passphrase to a combination of the SSID and BSSID, which makes it easier for remote attackers to obtain network access by reading a beacon frame. Technicolor TC8717T Contains vulnerabilities related to security features.Information may be obtained. TechnicolorTC8717Tdevices is a router from Technicolor, France. TimeWarner is the firmware that runs in it. There is a security hole in the TimeWarner firmware on the TechnicolorTC8717T device. A remote attacker can exploit this vulnerability to gain network access by reading beacon frames

    Show details on source website

    {
      "@context": {
        "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
        "affected_products": {
          "@id": "https://www.variotdbs.pl/ref/affected_products"
        },
        "configurations": {
          "@id": "https://www.variotdbs.pl/ref/configurations"
        },
        "credits": {
          "@id": "https://www.variotdbs.pl/ref/credits"
        },
        "cvss": {
          "@id": "https://www.variotdbs.pl/ref/cvss/"
        },
        "description": {
          "@id": "https://www.variotdbs.pl/ref/description/"
        },
        "exploit_availability": {
          "@id": "https://www.variotdbs.pl/ref/exploit_availability/"
        },
        "external_ids": {
          "@id": "https://www.variotdbs.pl/ref/external_ids/"
        },
        "iot": {
          "@id": "https://www.variotdbs.pl/ref/iot/"
        },
        "iot_taxonomy": {
          "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
        },
        "patch": {
          "@id": "https://www.variotdbs.pl/ref/patch/"
        },
        "problemtype_data": {
          "@id": "https://www.variotdbs.pl/ref/problemtype_data/"
        },
        "references": {
          "@id": "https://www.variotdbs.pl/ref/references/"
        },
        "sources": {
          "@id": "https://www.variotdbs.pl/ref/sources/"
        },
        "sources_release_date": {
          "@id": "https://www.variotdbs.pl/ref/sources_release_date/"
        },
        "sources_update_date": {
          "@id": "https://www.variotdbs.pl/ref/sources_update_date/"
        },
        "threat_type": {
          "@id": "https://www.variotdbs.pl/ref/threat_type/"
        },
        "title": {
          "@id": "https://www.variotdbs.pl/ref/title/"
        },
        "type": {
          "@id": "https://www.variotdbs.pl/ref/type/"
        }
      },
      "@id": "https://www.variotdbs.pl/vuln/VAR-201707-1026",
      "affected_products": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/affected_products#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            },
            "@id": "https://www.variotdbs.pl/ref/sources"
          }
        },
        "data": [
          {
            "model": "tc8717t",
            "scope": "eq",
            "trust": 1.6,
            "vendor": "spectrum",
            "version": null
          },
          {
            "model": "tc8717t",
            "scope": null,
            "trust": 1.4,
            "vendor": "technicolor",
            "version": null
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2017-19467"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2017-006770"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201706-275"
          },
          {
            "db": "NVD",
            "id": "CVE-2017-9522"
          }
        ]
      },
      "configurations": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/configurations#",
          "children": {
            "@container": "@list"
          },
          "cpe_match": {
            "@container": "@list"
          },
          "data": {
            "@container": "@list"
          },
          "nodes": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "CVE_data_version": "4.0",
            "nodes": [
              {
                "cpe_match": [
                  {
                    "cpe22Uri": "cpe:/h:technicolor:tc8717t",
                    "vulnerable": true
                  }
                ],
                "operator": "OR"
              }
            ]
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2017-006770"
          }
        ]
      },
      "cve": "CVE-2017-9522",
      "cvss": {
        "@context": {
          "cvssV2": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
          },
          "cvssV3": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
          },
          "severity": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/cvss/severity#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/severity"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            },
            "@id": "https://www.variotdbs.pl/ref/sources"
          }
        },
        "data": [
          {
            "cvssV2": [
              {
                "accessComplexity": "LOW",
                "accessVector": "NETWORK",
                "authentication": "NONE",
                "author": "nvd@nist.gov",
                "availabilityImpact": "NONE",
                "baseScore": 5.0,
                "confidentialityImpact": "PARTIAL",
                "exploitabilityScore": 10.0,
                "id": "CVE-2017-9522",
                "impactScore": 2.9,
                "integrityImpact": "NONE",
                "severity": "MEDIUM",
                "trust": 1.8,
                "vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N",
                "version": "2.0"
              },
              {
                "accessComplexity": "MEDIUM",
                "accessVector": "NETWORK",
                "authentication": "NONE",
                "author": "CNVD",
                "availabilityImpact": "NONE",
                "baseScore": 5.8,
                "confidentialityImpact": "PARTIAL",
                "exploitabilityScore": 8.6,
                "id": "CNVD-2017-19467",
                "impactScore": 4.9,
                "integrityImpact": "PARTIAL",
                "severity": "MEDIUM",
                "trust": 0.6,
                "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:N",
                "version": "2.0"
              },
              {
                "accessComplexity": "LOW",
                "accessVector": "NETWORK",
                "authentication": "NONE",
                "author": "VULHUB",
                "availabilityImpact": "NONE",
                "baseScore": 5.0,
                "confidentialityImpact": "PARTIAL",
                "exploitabilityScore": 10.0,
                "id": "VHN-117725",
                "impactScore": 2.9,
                "integrityImpact": "NONE",
                "severity": "MEDIUM",
                "trust": 0.1,
                "vectorString": "AV:N/AC:L/AU:N/C:P/I:N/A:N",
                "version": "2.0"
              }
            ],
            "cvssV3": [
              {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "author": "nvd@nist.gov",
                "availabilityImpact": "NONE",
                "baseScore": 7.5,
                "baseSeverity": "HIGH",
                "confidentialityImpact": "HIGH",
                "exploitabilityScore": 3.9,
                "id": "CVE-2017-9522",
                "impactScore": 3.6,
                "integrityImpact": "NONE",
                "privilegesRequired": "NONE",
                "scope": "UNCHANGED",
                "trust": 1.8,
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
                "version": "3.0"
              }
            ],
            "severity": [
              {
                "author": "nvd@nist.gov",
                "id": "CVE-2017-9522",
                "trust": 1.0,
                "value": "HIGH"
              },
              {
                "author": "NVD",
                "id": "CVE-2017-9522",
                "trust": 0.8,
                "value": "High"
              },
              {
                "author": "CNVD",
                "id": "CNVD-2017-19467",
                "trust": 0.6,
                "value": "MEDIUM"
              },
              {
                "author": "CNNVD",
                "id": "CNNVD-201706-275",
                "trust": 0.6,
                "value": "HIGH"
              },
              {
                "author": "VULHUB",
                "id": "VHN-117725",
                "trust": 0.1,
                "value": "MEDIUM"
              }
            ]
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2017-19467"
          },
          {
            "db": "VULHUB",
            "id": "VHN-117725"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2017-006770"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201706-275"
          },
          {
            "db": "NVD",
            "id": "CVE-2017-9522"
          }
        ]
      },
      "description": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/description#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "The Time Warner firmware on Technicolor TC8717T devices sets the default Wi-Fi passphrase to a combination of the SSID and BSSID, which makes it easier for remote attackers to obtain network access by reading a beacon frame. Technicolor TC8717T Contains vulnerabilities related to security features.Information may be obtained. TechnicolorTC8717Tdevices is a router from Technicolor, France. TimeWarner is the firmware that runs in it. There is a security hole in the TimeWarner firmware on the TechnicolorTC8717T device. A remote attacker can exploit this vulnerability to gain network access by reading beacon frames",
        "sources": [
          {
            "db": "NVD",
            "id": "CVE-2017-9522"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2017-006770"
          },
          {
            "db": "CNVD",
            "id": "CNVD-2017-19467"
          },
          {
            "db": "VULHUB",
            "id": "VHN-117725"
          }
        ],
        "trust": 2.25
      },
      "external_ids": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/external_ids#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "db": "NVD",
            "id": "CVE-2017-9522",
            "trust": 3.1
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2017-006770",
            "trust": 0.8
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201706-275",
            "trust": 0.7
          },
          {
            "db": "CNVD",
            "id": "CNVD-2017-19467",
            "trust": 0.6
          },
          {
            "db": "VULHUB",
            "id": "VHN-117725",
            "trust": 0.1
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2017-19467"
          },
          {
            "db": "VULHUB",
            "id": "VHN-117725"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2017-006770"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201706-275"
          },
          {
            "db": "NVD",
            "id": "CVE-2017-9522"
          }
        ]
      },
      "id": "VAR-201707-1026",
      "iot": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/iot#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": true,
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2017-19467"
          },
          {
            "db": "VULHUB",
            "id": "VHN-117725"
          }
        ],
        "trust": 1.45
      },
      "iot_taxonomy": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "category": [
              "Network device"
            ],
            "sub_category": null,
            "trust": 0.6
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2017-19467"
          }
        ]
      },
      "last_update_date": "2025-04-20T23:04:41.593000Z",
      "patch": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/patch#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "title": "TC8717T - SETUP AND USER GUIDE",
            "trust": 0.8,
            "url": "https://www.timewarnercable.com/content/dam/residential/pdfs/support/internet/ModemUserGuides/technicolor-tc8717t-userguide.pdf"
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2017-006770"
          }
        ]
      },
      "problemtype_data": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "problemtype": "NVD-CWE-noinfo",
            "trust": 1.0
          },
          {
            "problemtype": "CWE-254",
            "trust": 0.9
          }
        ],
        "sources": [
          {
            "db": "VULHUB",
            "id": "VHN-117725"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2017-006770"
          },
          {
            "db": "NVD",
            "id": "CVE-2017-9522"
          }
        ]
      },
      "references": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/references#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "trust": 3.1,
            "url": "https://github.com/bastilleresearch/cabletap/blob/master/doc/advisories/bastille-21.default-wifi-credentials.txt"
          },
          {
            "trust": 0.8,
            "url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2017-9522"
          },
          {
            "trust": 0.8,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2017-9522"
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2017-19467"
          },
          {
            "db": "VULHUB",
            "id": "VHN-117725"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2017-006770"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201706-275"
          },
          {
            "db": "NVD",
            "id": "CVE-2017-9522"
          }
        ]
      },
      "sources": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "db": "CNVD",
            "id": "CNVD-2017-19467"
          },
          {
            "db": "VULHUB",
            "id": "VHN-117725"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2017-006770"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201706-275"
          },
          {
            "db": "NVD",
            "id": "CVE-2017-9522"
          }
        ]
      },
      "sources_release_date": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "date": "2017-08-08T00:00:00",
            "db": "CNVD",
            "id": "CNVD-2017-19467"
          },
          {
            "date": "2017-07-31T00:00:00",
            "db": "VULHUB",
            "id": "VHN-117725"
          },
          {
            "date": "2017-09-04T00:00:00",
            "db": "JVNDB",
            "id": "JVNDB-2017-006770"
          },
          {
            "date": "2017-06-09T00:00:00",
            "db": "CNNVD",
            "id": "CNNVD-201706-275"
          },
          {
            "date": "2017-07-31T03:29:01.003000",
            "db": "NVD",
            "id": "CVE-2017-9522"
          }
        ]
      },
      "sources_update_date": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "date": "2017-08-08T00:00:00",
            "db": "CNVD",
            "id": "CNVD-2017-19467"
          },
          {
            "date": "2019-10-03T00:00:00",
            "db": "VULHUB",
            "id": "VHN-117725"
          },
          {
            "date": "2017-09-04T00:00:00",
            "db": "JVNDB",
            "id": "JVNDB-2017-006770"
          },
          {
            "date": "2019-10-23T00:00:00",
            "db": "CNNVD",
            "id": "CNNVD-201706-275"
          },
          {
            "date": "2025-04-20T01:37:25.860000",
            "db": "NVD",
            "id": "CVE-2017-9522"
          }
        ]
      },
      "threat_type": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/threat_type#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "remote",
        "sources": [
          {
            "db": "CNNVD",
            "id": "CNNVD-201706-275"
          }
        ],
        "trust": 0.6
      },
      "title": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/title#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "Technicolor TC8717T Vulnerabilities related to security functions",
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2017-006770"
          }
        ],
        "trust": 0.8
      },
      "type": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/type#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "lack of information",
        "sources": [
          {
            "db": "CNNVD",
            "id": "CNNVD-201706-275"
          }
        ],
        "trust": 0.6
      }
    }

    VAR-201710-0208

    Vulnerability from variot - Updated: 2025-04-20 23:00

    Wi-Fi Protected Access (WPA and WPA2) that supports IEEE 802.11w allows reinstallation of the Integrity Group Temporal Key (IGTK) during the group key handshake, allowing an attacker within radio range to spoof frames from access points to clients. An attacker within range of an affected AP and client may leverage these vulnerabilities to conduct attacks that are dependent on the data confidentiality protocols being used. Attacks may include arbitrary packet decryption and injection, TCP connection hijacking, HTTP content injection, or the replay of unicast and group-addressed frames. These vulnerabilities are referred to as Key Reinstallation Attacks or "KRACK" attacks. WPA (Wi-Fi Protected Access) is a system that protects wireless computer networks (Wi-Fi). The IGTK group key reloading vulnerability exists in the WPA2 wireless network. WPA2 is prone to multiple security weaknesses. Exploiting these issues may allow an unauthorized user to intercept and manipulate data or disclose sensitive information. Those vulnerabilities applies to both the access point (implemented in hostapd) and the station (implemented in wpa_supplicant).

    An attacker exploiting the vulnerabilities could force the vulnerable system to reuse cryptographic session keys, enabling a range of cryptographic attacks against the ciphers used in WPA1 and WPA2.

    For the stable distribution (stretch), these problems have been fixed in version 2:2.4-1+deb9u1.

    For the testing distribution (buster), these problems have been fixed in version 2:2.4-1.1.

    For the unstable distribution (sid), these problems have been fixed in version 2:2.4-1.1.

    We recommend that you upgrade your wpa packages. ========================================================================== Ubuntu Security Notice USN-3455-1 October 16, 2017

    wpa vulnerabilities

    A security issue affects these releases of Ubuntu and its derivatives:

    • Ubuntu 17.04
    • Ubuntu 16.04 LTS
    • Ubuntu 14.04 LTS

    Summary:

    Several security issues were fixed in wpa_supplicant.

    Software Description: - wpa: client support for WPA and WPA2

    Details:

    Mathy Vanhoef discovered that wpa_supplicant and hostapd incorrectly handled WPA2. (CVE-2017-13077, CVE-2017-13078, CVE-2017-13079, CVE-2017-13080, CVE-2017-13081, CVE-2017-13082, CVE-2017-13086, CVE-2017-13087, CVE-2017-13088)

    Imre Rad discovered that wpa_supplicant and hostapd incorrectly handled invalid characters in passphrase parameters. A remote attacker could use this issue to cause a denial of service. (CVE-2016-4476)

    Imre Rad discovered that wpa_supplicant and hostapd incorrectly handled invalid characters in passphrase parameters. A local attacker could use this issue to cause a denial of service, or possibly execute arbitrary code. (CVE-2016-4477)

    Update instructions:

    The problem can be corrected by updating your system to the following package versions:

    Ubuntu 17.04: hostapd 2.4-0ubuntu9.1 wpasupplicant 2.4-0ubuntu9.1

    Ubuntu 16.04 LTS: hostapd 2.4-0ubuntu6.2 wpasupplicant 2.4-0ubuntu6.2

    Ubuntu 14.04 LTS: hostapd 2.1-0ubuntu1.5 wpasupplicant 2.1-0ubuntu1.5

    After a standard system update you need to reboot your computer to make all the necessary changes.

    References: https://www.ubuntu.com/usn/usn-3455-1 CVE-2016-4476, CVE-2016-4477, CVE-2017-13077, CVE-2017-13078, CVE-2017-13079, CVE-2017-13080, CVE-2017-13081, CVE-2017-13082, CVE-2017-13086, CVE-2017-13087, CVE-2017-13088

    Package Information: https://launchpad.net/ubuntu/+source/wpa/2.4-0ubuntu9.1 https://launchpad.net/ubuntu/+source/wpa/2.4-0ubuntu6.2 https://launchpad.net/ubuntu/+source/wpa/2.1-0ubuntu1.5

    .

    Here are the details from the Slackware 14.2 ChangeLog: +--------------------------+ patches/packages/wpa_supplicant-2.6-i586-1_slack14.2.txz: Upgraded. This update includes patches to mitigate the WPA2 protocol issues known as "KRACK" (Key Reinstallation AttaCK), which may be used to decrypt data, hijack TCP connections, and to forge and inject packets. This is the list of vulnerabilities that are addressed here: CVE-2017-13077: Reinstallation of the pairwise encryption key (PTK-TK) in the 4-way handshake. CVE-2017-13078: Reinstallation of the group key (GTK) in the 4-way handshake. CVE-2017-13080: Reinstallation of the group key (GTK) in the group key handshake. CVE-2017-13082: Accepting a retransmitted Fast BSS Transition (FT) Reassociation Request and reinstalling the pairwise encryption key (PTK-TK) while processing it. CVE-2017-13084: Reinstallation of the STK key in the PeerKey handshake. CVE-2017-13086: reinstallation of the Tunneled Direct-Link Setup (TDLS) PeerKey (TPK) key in the TDLS handshake. For more information, see: https://www.krackattacks.com/ https://w1.fi/security/2017-1/wpa-packet-number-reuse-with-replayed-messages.txt https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-13077 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-13078 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-13079 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-13080 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-13081 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-13082 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-13084 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-13086 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-13087 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-13088 ( Security fix ) +--------------------------+

    Where to find the new packages: +-----------------------------+

    Thanks to the friendly folks at the OSU Open Source Lab (http://osuosl.org) for donating FTP and rsync hosting to the Slackware project! :-)

    Also see the "Get Slack" section on http://slackware.com for additional mirror sites near you.

    Updated package for Slackware 14.0: ftp://ftp.slackware.com/pub/slackware/slackware-14.0/patches/packages/wpa_supplicant-2.6-i486-1_slack14.0.txz

    Updated package for Slackware x86_64 14.0: ftp://ftp.slackware.com/pub/slackware/slackware64-14.0/patches/packages/wpa_supplicant-2.6-x86_64-1_slack14.0.txz

    Updated package for Slackware 14.1: ftp://ftp.slackware.com/pub/slackware/slackware-14.1/patches/packages/wpa_supplicant-2.6-i486-1_slack14.1.txz

    Updated package for Slackware x86_64 14.1: ftp://ftp.slackware.com/pub/slackware/slackware64-14.1/patches/packages/wpa_supplicant-2.6-x86_64-1_slack14.1.txz

    Updated package for Slackware 14.2: ftp://ftp.slackware.com/pub/slackware/slackware-14.2/patches/packages/wpa_supplicant-2.6-i586-1_slack14.2.txz

    Updated package for Slackware x86_64 14.2: ftp://ftp.slackware.com/pub/slackware/slackware64-14.2/patches/packages/wpa_supplicant-2.6-x86_64-1_slack14.2.txz

    Updated package for Slackware -current: ftp://ftp.slackware.com/pub/slackware/slackware-current/slackware/n/wpa_supplicant-2.6-i586-2.txz

    Updated package for Slackware x86_64 -current: ftp://ftp.slackware.com/pub/slackware/slackware64-current/slackware64/n/wpa_supplicant-2.6-x86_64-2.txz

    MD5 signatures: +-------------+

    Slackware 14.0 package: d8ecfaadb50b3547967ab53733ffc019 wpa_supplicant-2.6-i486-1_slack14.0.txz

    Slackware x86_64 14.0 package: f25216d28800504ce498705da7c9a825 wpa_supplicant-2.6-x86_64-1_slack14.0.txz

    Slackware 14.1 package: 15c61050e4bab2581757befd86be74c0 wpa_supplicant-2.6-i486-1_slack14.1.txz

    Slackware x86_64 14.1 package: 49fd537a520338744f7757615556d352 wpa_supplicant-2.6-x86_64-1_slack14.1.txz

    Slackware 14.2 package: c5539f40c8510af89be92945f0f80185 wpa_supplicant-2.6-i586-1_slack14.2.txz

    Slackware x86_64 14.2 package: 4c527ff84fcdfd7839f217bbce2e4ae4 wpa_supplicant-2.6-x86_64-1_slack14.2.txz

    Slackware -current package: 28bd88a54e96368f7a7020c1f5fb67fe n/wpa_supplicant-2.6-i586-2.txz

    Slackware x86_64 -current package: 464fc6b48d1ac077f47e9a3a8534c160 n/wpa_supplicant-2.6-x86_64-2.txz

    Installation instructions: +------------------------+

    Upgrade the package as root:

    upgradepkg wpa_supplicant-2.6-i586-1_slack14.2.txz

    +-----+

    Slackware Linux Security Team http://slackware.com/gpg-key security@slackware.com

    +------------------------------------------------------------------------+ | To leave the slackware-security mailing list: | +------------------------------------------------------------------------+ | Send an email to majordomo@slackware.com with this text in the body of | | the email message: | | | | unsubscribe slackware-security | | | | You will get a confirmation message back containing instructions to | | complete the process. Please do not reply to this email address. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512

    ============================================================================= FreeBSD-SA-17:07.wpa Security Advisory The FreeBSD Project

    Topic: WPA2 protocol vulnerability

    Category: contrib Module: wpa Announced: 2017-10-16 Credits: Mathy Vanhoef Affects: All supported versions of FreeBSD. Corrected: 2017-10-17 17:30:18 UTC (stable/11, 11.1-STABLE) 2017-10-17 17:57:18 UTC (releng/11.1, 11.1-RELEASE-p2) 2017-10-17 17:56:03 UTC (releng/11.0, 11.0-RELEASE-p13) 2017-10-19 03:18:22 UTC (stable/10, 10.4-STABLE) 2017-10-19 03:20:17 UTC (releng/10.4, 10.4-RELEASE-p1) 2017-10-19 03:19:42 UTC (releng/10.3, 10.3-RELEASE-p22) CVE Name: CVE-2017-13077, CVE-2017-13078, CVE-2017-13079, CVE-2017-13080, CVE-2017-13081, CVE-2017-13082, CVE-2017-13086, CVE-2017-13087, CVE-2017-13088

    For general information regarding FreeBSD Security Advisories, including descriptions of the fields above, security branches, and the following sections, please visit .

    1. Revision history

    v1.0 2017-10-17 Initial release. v1.1 2017-10-19 Add patches for 10.x releases.

    I.

    hostapd and wpa_supplicant are implementations of user space daemon for access points and wireless client that implements the WPA2 protocol.

    II. Problem Description

    A vulnerability was found in how a number of implementations can be triggered to reconfigure WPA/WPA2/RSN keys (TK, GTK, or IGTK) by replaying a specific frame that is used to manage the keys.

    III. Impact

    Such reinstallation of the encryption key can result in two different types of vulnerabilities: disabling replay protection and significantly reducing the security of encryption to the point of allowing frames to be decrypted or some parts of the keys to be determined by an attacker depending on which cipher is used.

    IV. Workaround

    An updated version of wpa_supplicant is available in the FreeBSD Ports Collection. Install version 2.6_2 or later of the security/wpa_supplicant port/pkg. Once installed, update /etc/rc.conf to use the new binary:

    wpa_supplicant_program="/usr/local/sbin/wpa_supplicant"

    and restart networking.

    An updated version of hostapd is available in the FreeBSD Ports Collection. Install version 2.6_1 or later of the net/hostapd port/pkg. Once installed, update /etc/rc.conf to use the new binary:

    hostapd_program="/usr/local/sbin/hostapd"

    and restart hostapd.

    V. Solution

    Perform one of the following:

    1) Upgrade your vulnerable system to a supported FreeBSD stable or release / security branch (releng) dated after the correction date.

    Restart the Wi-Fi network interfaces/hostapd or reboot the system.

    2) To update your vulnerable system via a binary patch:

    Systems running a RELEASE version of FreeBSD on the i386 or amd64 platforms can be updated via the freebsd-update(8) utility:

    freebsd-update fetch

    freebsd-update install

    Restart the Wi-Fi network interfaces/hostapd or reboot the system.

    3) To update your vulnerable system via a source code patch:

    The following patches have been verified to apply to the applicable FreeBSD release branches.

    a) Download the relevant patch from the location below, and verify the detached PGP signature using your PGP utility.

    [FreeBSD 11.0-RELEASE, 11.1-RELEASE, and 11-STABLE]

    fetch https://security.FreeBSD.org/patches/SA-17:07/wpa-11.patch

    fetch https://security.FreeBSD.org/patches/SA-17:07/wpa-11.patch.asc

    gpg --verify wpa-11.patch.asc

    [FreeBSD 10.3-RELEASE, 10.4-RELEASE, and 10-STABLE]

    fetch https://security.FreeBSD.org/patches/SA-17:07/wpa-10.patch

    fetch https://security.FreeBSD.org/patches/SA-17:07/wpa-10.patch.asc

    gpg --verify wpa-10.patch.asc

    b) Apply the patch. Execute the following commands as root:

    cd /usr/src

    patch < /path/to/patch

    c) Recompile the operating system using buildworld and installworld as described in .

    Restart the applicable daemons, or reboot the system.

    VI. Correction details

    The following list contains the correction revision numbers for each affected branch.

    Branch/path Revision


    stable/11/ r324697 releng/11.0/ r324698 releng/11.1/ r324699 stable/10/ r324739 releng/10.3/ r324740 releng/10.4/ r324741


    To see which files were modified by a particular revision, run the following command, replacing NNNNNN with the revision number, on a machine with Subversion installed:

    svn diff -cNNNNNN --summarize svn://svn.freebsd.org/base

    Or visit the following URL, replacing NNNNNN with the revision number:

    VII. References

    The latest revision of this advisory is available at -----BEGIN PGP SIGNATURE-----

    iQKTBAEBCgB9FiEEHPf/b631yp++G4yy7Wfs1l3PaucFAlnoGpNfFIAAAAAALgAo aXNzdWVyLWZwckBub3RhdGlvbnMub3BlbnBncC5maWZ0aGhvcnNlbWFuLm5ldDFD RjdGRjZGQURGNUNBOUZCRTFCOENCMkVENjdFQ0Q2NURDRjZBRTcACgkQ7Wfs1l3P auc7WBAAm27w+fujv5sJsRxauUMopTVtRh5utwbDuoHTP+L+RCWmQfVBmueNQ0gf uJzMNxBIkbtY9LvyukpRsH3iD7mh26c0pd9rxxkkr4F96C9B5+W0amxJF1gdm54/ F/50FpY+lo7cNs5tiBjypPrg8UOBBI/1G4XR7130XC0HjaTwt1ngZ0oQUWUMSsIp gN5ZfPul81WPWd1NqF+vyObcJhwq/Y1uoexoO27o7GQCFZoL3enZy8c4f1xqMlVM 4HHkTgNGac6E0aW+ArH4J0DFFAOJXPqF8rdt+9XINfoBbtliIyOixJ4oh1n6eAR0 VpBWZKFNyXSlUKIvDGa+LDhxgL1jJXV0ABSyKlUOijdmr3bbbiQE9MW/MNv2AFTd OAFQ0QQtm9KCWp5JLh+FPIb/kR2l7MOUP+yz4zFcJpdGtl9tDLyPN8vRTq60bY8O y7tBcf/SMqkd/AIFdchL4zrOguKnRARydIlwTarp8wtAQI3MKSsa1B0wgsDtlL6K xfdjnwWMKvKKlNOW16e1WXXO0n/ucHV4njBE+bGPro3jLgXP2/WFZpIGAR3I4xrr SdD4AxSNiR9f3bL7LRfMIbugJAylWNSlTLWUOVUv0/ONh85LqbcCj13NI230B64K ETx2QOZgKnCs2oDNiw4aQHb7kvi2w94Iw/R1sAPkkxYJWO3reyE= =h/5q -----END PGP SIGNATURE-----

    Show details on source website

    {
      "@context": {
        "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
        "affected_products": {
          "@id": "https://www.variotdbs.pl/ref/affected_products"
        },
        "configurations": {
          "@id": "https://www.variotdbs.pl/ref/configurations"
        },
        "credits": {
          "@id": "https://www.variotdbs.pl/ref/credits"
        },
        "cvss": {
          "@id": "https://www.variotdbs.pl/ref/cvss/"
        },
        "description": {
          "@id": "https://www.variotdbs.pl/ref/description/"
        },
        "exploit_availability": {
          "@id": "https://www.variotdbs.pl/ref/exploit_availability/"
        },
        "external_ids": {
          "@id": "https://www.variotdbs.pl/ref/external_ids/"
        },
        "iot": {
          "@id": "https://www.variotdbs.pl/ref/iot/"
        },
        "iot_taxonomy": {
          "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
        },
        "patch": {
          "@id": "https://www.variotdbs.pl/ref/patch/"
        },
        "problemtype_data": {
          "@id": "https://www.variotdbs.pl/ref/problemtype_data/"
        },
        "references": {
          "@id": "https://www.variotdbs.pl/ref/references/"
        },
        "sources": {
          "@id": "https://www.variotdbs.pl/ref/sources/"
        },
        "sources_release_date": {
          "@id": "https://www.variotdbs.pl/ref/sources_release_date/"
        },
        "sources_update_date": {
          "@id": "https://www.variotdbs.pl/ref/sources_update_date/"
        },
        "threat_type": {
          "@id": "https://www.variotdbs.pl/ref/threat_type/"
        },
        "title": {
          "@id": "https://www.variotdbs.pl/ref/title/"
        },
        "type": {
          "@id": "https://www.variotdbs.pl/ref/type/"
        }
      },
      "@id": "https://www.variotdbs.pl/vuln/VAR-201710-0208",
      "affected_products": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/affected_products#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            },
            "@id": "https://www.variotdbs.pl/ref/sources"
          }
        },
        "data": [
          {
            "model": "linux enterprise point of sale",
            "scope": "eq",
            "trust": 1.6,
            "vendor": "suse",
            "version": "11"
          },
          {
            "model": "linux enterprise server",
            "scope": "eq",
            "trust": 1.6,
            "vendor": "suse",
            "version": "11"
          },
          {
            "model": "openstack cloud",
            "scope": "eq",
            "trust": 1.6,
            "vendor": "suse",
            "version": "6"
          },
          {
            "model": "linux enterprise desktop",
            "scope": "eq",
            "trust": 1.6,
            "vendor": "suse",
            "version": "12"
          },
          {
            "model": "linux enterprise server",
            "scope": "eq",
            "trust": 1.6,
            "vendor": "suse",
            "version": "12"
          },
          {
            "model": "enterprise linux desktop",
            "scope": "eq",
            "trust": 1.3,
            "vendor": "redhat",
            "version": "7"
          },
          {
            "model": "enterprise linux server",
            "scope": "eq",
            "trust": 1.3,
            "vendor": "redhat",
            "version": "7"
          },
          {
            "model": "wpa supplicant",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "w1 fi",
            "version": "0.6.9"
          },
          {
            "model": "wpa supplicant",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "w1 fi",
            "version": "0.2.5"
          },
          {
            "model": "hostapd",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "w1 fi",
            "version": "1.1"
          },
          {
            "model": "linux",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "debian",
            "version": "9.0"
          },
          {
            "model": "hostapd",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "w1 fi",
            "version": "0.6.8"
          },
          {
            "model": "hostapd",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "w1 fi",
            "version": "2.0"
          },
          {
            "model": "hostapd",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "w1 fi",
            "version": "0.6.9"
          },
          {
            "model": "ubuntu linux",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "canonical",
            "version": "14.04"
          },
          {
            "model": "hostapd",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "w1 fi",
            "version": "0.2.5"
          },
          {
            "model": "wpa supplicant",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "w1 fi",
            "version": "0.4.9"
          },
          {
            "model": "hostapd",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "w1 fi",
            "version": "0.3.9"
          },
          {
            "model": "wpa supplicant",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "w1 fi",
            "version": "0.4.10"
          },
          {
            "model": "wpa supplicant",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "w1 fi",
            "version": "0.3.11"
          },
          {
            "model": "wpa supplicant",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "w1 fi",
            "version": "0.2.7"
          },
          {
            "model": "freebsd",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "freebsd",
            "version": "*"
          },
          {
            "model": "wpa supplicant",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "w1 fi",
            "version": "0.4.11"
          },
          {
            "model": "wpa supplicant",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "w1 fi",
            "version": "0.3.8"
          },
          {
            "model": "hostapd",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "w1 fi",
            "version": "0.4.9"
          },
          {
            "model": "wpa supplicant",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "w1 fi",
            "version": "0.2.6"
          },
          {
            "model": "freebsd",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "freebsd",
            "version": "10"
          },
          {
            "model": "hostapd",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "w1 fi",
            "version": "0.4.10"
          },
          {
            "model": "linux",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "debian",
            "version": "8.0"
          },
          {
            "model": "hostapd",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "w1 fi",
            "version": "0.3.11"
          },
          {
            "model": "wpa supplicant",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "w1 fi",
            "version": "2.2"
          },
          {
            "model": "hostapd",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "w1 fi",
            "version": "0.4.11"
          },
          {
            "model": "wpa supplicant",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "w1 fi",
            "version": "0.5.7"
          },
          {
            "model": "hostapd",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "w1 fi",
            "version": "0.2.6"
          },
          {
            "model": "hostapd",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "w1 fi",
            "version": "2.5"
          },
          {
            "model": "wpa supplicant",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "w1 fi",
            "version": "2.4"
          },
          {
            "model": "wpa supplicant",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "w1 fi",
            "version": "0.5.8"
          },
          {
            "model": "wpa supplicant",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "w1 fi",
            "version": "0.3.7"
          },
          {
            "model": "wpa supplicant",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "w1 fi",
            "version": "1.1"
          },
          {
            "model": "wpa supplicant",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "w1 fi",
            "version": "0.6.10"
          },
          {
            "model": "hostapd",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "w1 fi",
            "version": "0.5.7"
          },
          {
            "model": "wpa supplicant",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "w1 fi",
            "version": "0.7.3"
          },
          {
            "model": "wpa supplicant",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "w1 fi",
            "version": "1.0"
          },
          {
            "model": "hostapd",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "w1 fi",
            "version": "2.4"
          },
          {
            "model": "hostapd",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "w1 fi",
            "version": "0.5.8"
          },
          {
            "model": "wpa supplicant",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "w1 fi",
            "version": "2.6"
          },
          {
            "model": "hostapd",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "w1 fi",
            "version": "0.3.7"
          },
          {
            "model": "hostapd",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "w1 fi",
            "version": "0.6.10"
          },
          {
            "model": "wpa supplicant",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "w1 fi",
            "version": "0.2.8"
          },
          {
            "model": "hostapd",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "w1 fi",
            "version": "0.7.3"
          },
          {
            "model": "freebsd",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "freebsd",
            "version": "11.1"
          },
          {
            "model": "hostapd",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "w1 fi",
            "version": "1.0"
          },
          {
            "model": "wpa supplicant",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "w1 fi",
            "version": "0.3.9"
          },
          {
            "model": "hostapd",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "w1 fi",
            "version": "2.6"
          },
          {
            "model": "wpa supplicant",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "w1 fi",
            "version": "0.2.4"
          },
          {
            "model": "wpa supplicant",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "w1 fi",
            "version": "0.3.10"
          },
          {
            "model": "wpa supplicant",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "w1 fi",
            "version": "0.5.10"
          },
          {
            "model": "wpa supplicant",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "w1 fi",
            "version": "0.5.9"
          },
          {
            "model": "wpa supplicant",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "w1 fi",
            "version": "2.1"
          },
          {
            "model": "hostapd",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "w1 fi",
            "version": "0.2.8"
          },
          {
            "model": "leap",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "opensuse",
            "version": "42.2"
          },
          {
            "model": "wpa supplicant",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "w1 fi",
            "version": "0.4.7"
          },
          {
            "model": "ubuntu linux",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "canonical",
            "version": "17.04"
          },
          {
            "model": "hostapd",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "w1 fi",
            "version": "0.2.4"
          },
          {
            "model": "hostapd",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "w1 fi",
            "version": "0.3.10"
          },
          {
            "model": "wpa supplicant",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "w1 fi",
            "version": "2.3"
          },
          {
            "model": "freebsd",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "freebsd",
            "version": "10.4"
          },
          {
            "model": "hostapd",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "w1 fi",
            "version": "0.5.10"
          },
          {
            "model": "hostapd",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "w1 fi",
            "version": "0.5.9"
          },
          {
            "model": "hostapd",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "w1 fi",
            "version": "2.1"
          },
          {
            "model": "wpa supplicant",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "w1 fi",
            "version": "0.5.11"
          },
          {
            "model": "wpa supplicant",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "w1 fi",
            "version": "2.5"
          },
          {
            "model": "hostapd",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "w1 fi",
            "version": "0.4.7"
          },
          {
            "model": "hostapd",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "w1 fi",
            "version": "2.3"
          },
          {
            "model": "wpa supplicant",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "w1 fi",
            "version": "0.4.8"
          },
          {
            "model": "hostapd",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "w1 fi",
            "version": "0.5.11"
          },
          {
            "model": "ubuntu linux",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "canonical",
            "version": "16.04"
          },
          {
            "model": "hostapd",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "w1 fi",
            "version": "2.2"
          },
          {
            "model": "wpa supplicant",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "w1 fi",
            "version": "0.6.8"
          },
          {
            "model": "freebsd",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "freebsd",
            "version": "11"
          },
          {
            "model": "hostapd",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "w1 fi",
            "version": "0.4.8"
          },
          {
            "model": "wpa supplicant",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "w1 fi",
            "version": "2.0"
          },
          {
            "model": "leap",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "opensuse",
            "version": "42.3"
          },
          {
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "9front",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "adtran",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "avm",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "actiontec",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "aerohive",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "alcatel lucent",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "android open source",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "apple",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "arch linux",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "aruba",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "asustek computer",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "barracuda",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "broadcom",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "cambium",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "centos",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "cisco",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "cradlepoint",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "cypress semiconductor",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "d link",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "debian gnu linux",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "dell",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "digi",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "draytek",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "edimax computer",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "engenius",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "endian",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "espressif",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "extreme",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "f secure",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "fedora",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "fortinet",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "freebsd",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "gentoo linux",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "google",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "hewlett packard",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "hostap",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "ipfire",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "intel",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "juniper",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "lancom",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "lede",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "lifx",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "lenovo",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "microchip",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "microsoft",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "mojo",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "nest",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "netbsd",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "netgear",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "opnsense",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "omnirom",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "open mesh",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "openbsd",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "peplink",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "red hat",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "riverbed",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "rockwell automation",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "ruckus",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "suse linux",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "samsung mobile",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "sierra",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "slackware linux",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "sonos",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "sony",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "sophos",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "synology",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "tp link",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "technicolor",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "texas instruments",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "toshiba commerce",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "toshiba electronic devices storage",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "toshiba memory",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "turris omnia",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "ubiquiti",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "ubuntu",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "volumio",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "watchguard",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "xiaomi",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "xirrus",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "zebra",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "zyxel",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "dd wrt",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "eero",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "pfsense",
            "version": null
          },
          {
            "model": "ubuntu",
            "scope": null,
            "trust": 0.8,
            "vendor": "canonical",
            "version": null
          },
          {
            "model": "gnu/linux",
            "scope": null,
            "trust": 0.8,
            "vendor": "debian",
            "version": null
          },
          {
            "model": "freebsd",
            "scope": null,
            "trust": 0.8,
            "vendor": "freebsd",
            "version": null
          },
          {
            "model": "leap",
            "scope": null,
            "trust": 0.8,
            "vendor": "opensuse",
            "version": null
          },
          {
            "model": "linux enterprise desktop",
            "scope": null,
            "trust": 0.8,
            "vendor": "suse",
            "version": null
          },
          {
            "model": "linux enterprise point of sale",
            "scope": null,
            "trust": 0.8,
            "vendor": "suse",
            "version": null
          },
          {
            "model": "linux enterprise server",
            "scope": null,
            "trust": 0.8,
            "vendor": "suse",
            "version": null
          },
          {
            "model": "openstack cloud",
            "scope": null,
            "trust": 0.8,
            "vendor": "suse",
            "version": null
          },
          {
            "model": "hostapd",
            "scope": null,
            "trust": 0.8,
            "vendor": "w1 fi",
            "version": null
          },
          {
            "model": "wpa supplicant",
            "scope": null,
            "trust": 0.8,
            "vendor": "w1 fi",
            "version": null
          },
          {
            "model": "enterprise linux desktop",
            "scope": null,
            "trust": 0.8,
            "vendor": "red hat",
            "version": null
          },
          {
            "model": "enterprise linux server",
            "scope": null,
            "trust": 0.8,
            "vendor": "red hat",
            "version": null
          },
          {
            "model": "edge gateway",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "nec",
            "version": null
          },
          {
            "model": "sr-m20ac1",
            "scope": "lte",
            "trust": 0.8,
            "vendor": "fujitsu",
            "version": "v02.10"
          },
          {
            "model": "sr-m20ac2",
            "scope": "lte",
            "trust": 0.8,
            "vendor": "fujitsu",
            "version": "v02.10"
          },
          {
            "model": "alliance wi-fi protected access 2",
            "scope": null,
            "trust": 0.6,
            "vendor": "wi fi",
            "version": null
          },
          {
            "model": "scalance w-700",
            "scope": "eq",
            "trust": 0.6,
            "vendor": "siemens",
            "version": "0"
          },
          {
            "model": null,
            "scope": "eq",
            "trust": 0.4,
            "vendor": "linux desktop",
            "version": "12"
          },
          {
            "model": null,
            "scope": "eq",
            "trust": 0.4,
            "vendor": "linux server",
            "version": "11"
          },
          {
            "model": "atom processor c3200 series for yocto project bsp mr4",
            "scope": null,
            "trust": 0.3,
            "vendor": "intel",
            "version": null
          },
          {
            "model": "ios",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "10.3.2"
          },
          {
            "model": "active management technology",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "intel",
            "version": "6.1"
          },
          {
            "model": "pyxis supplystation",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "bd",
            "version": "0"
          },
          {
            "model": "sinamics smart access module",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "siemens",
            "version": "v200"
          },
          {
            "model": "active management technology",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "intel",
            "version": "11.6.27.3264"
          },
          {
            "model": "meraki mr34",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "0"
          },
          {
            "model": "ck71a-atex",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "pepperl fuchs",
            "version": "0"
          },
          {
            "model": "arubaos",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "arubanetworks",
            "version": "6.5.2.0"
          },
          {
            "model": "macbook air",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "0"
          },
          {
            "model": "aironet series access points",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "18500"
          },
          {
            "model": "active management technology",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "intel",
            "version": "8.0"
          },
          {
            "model": "meraki mr26",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "0"
          },
          {
            "model": "arubaos",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "arubanetworks",
            "version": "6.4"
          },
          {
            "model": "aironet series access points",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "28000"
          },
          {
            "model": "enterprise linux for power big endian extended update support",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "redhat",
            "version": "-7.5"
          },
          {
            "model": "meraki mr84",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "0"
          },
          {
            "model": "contact fl wlan",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "phoenix",
            "version": "510x0"
          },
          {
            "model": "windows server r2 for itanium-based systems sp1",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "microsoft",
            "version": "2008"
          },
          {
            "model": "contact itc",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "phoenix",
            "version": "81130"
          },
          {
            "model": "enterprise linux workstation",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "redhat",
            "version": "7"
          },
          {
            "model": "active management technology",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "intel",
            "version": "10.0"
          },
          {
            "model": "dual band wireless-ac",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "intel",
            "version": "726519.51.0.0"
          },
          {
            "model": "enterprise linux server extended update support",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "redhat",
            "version": "-7.6"
          },
          {
            "model": "meraki mr18",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "0"
          },
          {
            "model": "arubaos",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "arubanetworks",
            "version": "8.1.0.3"
          },
          {
            "model": "scalance w1750d",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "siemens",
            "version": "0"
          },
          {
            "model": "secure ii med-surg bed",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "stryker",
            "version": "3002"
          },
          {
            "model": "contact fl wlan",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "phoenix",
            "version": "210x0"
          },
          {
            "model": "windows version for x64-based systems",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "microsoft",
            "version": "1015110"
          },
          {
            "model": "aironet access points",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "0"
          },
          {
            "model": "contact fl wlan ap",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "phoenix",
            "version": "24802-110"
          },
          {
            "model": "active management technology",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "intel",
            "version": "11.0"
          },
          {
            "model": "instantos",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "arubanetworks",
            "version": "6.5.4.1"
          },
          {
            "model": "tvos",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "10.2"
          },
          {
            "model": "wap371 wireless-ac n access point with single point setup",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "0"
          },
          {
            "model": "ex-handy",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "pepperl fuchs",
            "version": "2090"
          },
          {
            "model": "arubaos",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "arubanetworks",
            "version": "6.5.3.2"
          },
          {
            "model": "contact rad-80211-xd",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "phoenix",
            "version": "0"
          },
          {
            "model": "ios",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "apple",
            "version": "11.2"
          },
          {
            "model": "contact fl wlan dap",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "phoenix",
            "version": "24802-110"
          },
          {
            "model": "dual band wireless-ac",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "intel",
            "version": "726519.10.9.1"
          },
          {
            "model": "arubaos",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "arubanetworks",
            "version": "6.3.1.25"
          },
          {
            "model": "pyxis medstation es",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "bd",
            "version": "0"
          },
          {
            "model": "wireless ip phone",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "88210"
          },
          {
            "model": "pyxis stockstation system",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "bd",
            "version": "0"
          },
          {
            "model": "macbook",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "0"
          },
          {
            "model": "dual band wireless-ac",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "intel",
            "version": "316819.51.7.1"
          },
          {
            "model": "dual band wireless-ac",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "intel",
            "version": "726519.10.9.2"
          },
          {
            "model": "scalance wlc712",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "siemens",
            "version": "0"
          },
          {
            "model": "contact fl wlan spa",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "phoenix",
            "version": "0"
          },
          {
            "model": "meraki mr62",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "0"
          },
          {
            "model": "simatic et200 pro im154-6 pn iwlan",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "siemens",
            "version": "0"
          },
          {
            "model": "tropos broadband mesh routers and bridges",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "abb",
            "version": "0"
          },
          {
            "model": "dual band wireless-ac",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "intel",
            "version": "316819.10.9.2"
          },
          {
            "model": "meraki mr33",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "0"
          },
          {
            "model": "instantos",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "arubanetworks",
            "version": "6.5.3.3"
          },
          {
            "model": "micros handheld terminal",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "oracle",
            "version": "0"
          },
          {
            "model": "windows server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "microsoft",
            "version": "20120"
          },
          {
            "model": "instantos",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "arubanetworks",
            "version": "6.5.2"
          },
          {
            "model": "dual band wireless-ac",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "intel",
            "version": "316018.33.9.2"
          },
          {
            "model": "windows version for 32-bit systems",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "microsoft",
            "version": "1017030"
          },
          {
            "model": "atom processor c3200 series for yocto project bsp mr4.1",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "intel",
            "version": null
          },
          {
            "model": "active management technology",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "intel",
            "version": "2.6"
          },
          {
            "model": "android",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "7.1.0"
          },
          {
            "model": "contact fl wlan",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "phoenix",
            "version": "110x0"
          },
          {
            "model": "windows for 32-bit systems",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "microsoft",
            "version": "100"
          },
          {
            "model": "s3 med-surg bed",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "stryker",
            "version": "3002"
          },
          {
            "model": "arubaos",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "arubanetworks",
            "version": "6.4.2.4"
          },
          {
            "model": "tvos",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "11.1"
          },
          {
            "model": "contact fl comserver wlan",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "phoenix",
            "version": "232/422/4850"
          },
          {
            "model": "airport base station",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "7.6.8"
          },
          {
            "model": "enterprise linux server update services for sap solutions",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "redhat",
            "version": "-7."
          },
          {
            "model": "active management technology",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "intel",
            "version": "7.1.91.3272"
          },
          {
            "model": "instantos",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "arubanetworks",
            "version": "4.2.4.9"
          },
          {
            "model": "contact fl wlan ap",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "phoenix",
            "version": "230802-110"
          },
          {
            "model": "android",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "6.1"
          },
          {
            "model": "enterprise linux for power little endian extended update supp",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "redhat",
            "version": "-7.6"
          },
          {
            "model": "meraki mr14",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "0"
          },
          {
            "model": "enterprise linux eus compute node",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "redhat",
            "version": "7.5"
          },
          {
            "model": "aironet series access points",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "18150"
          },
          {
            "model": "wireless client bridge 2.0.0.1-aruba501-b00",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "arubanetworks",
            "version": "501"
          },
          {
            "model": "enterprise linux server extended update support",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "redhat",
            "version": "-7.4"
          },
          {
            "model": "enterprise linux server tus",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "redhat",
            "version": "-7.6"
          },
          {
            "model": "dual band wireless-ac",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "intel",
            "version": "726018.33.9.2"
          },
          {
            "model": "airport express",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "0"
          },
          {
            "model": "meraki mr16",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "0"
          },
          {
            "model": "clarity engine",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "arubanetworks",
            "version": "1.0"
          },
          {
            "model": "meraki mr30h",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "0"
          },
          {
            "model": "airport extreme",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "0"
          },
          {
            "model": "windows server r2",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "microsoft",
            "version": "20120"
          },
          {
            "model": "dual band wireless-ac",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "intel",
            "version": "826520.0.2.3"
          },
          {
            "model": "android",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "8.0"
          },
          {
            "model": "contact bl2 bpc",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "phoenix",
            "version": "0"
          },
          {
            "model": "tvos",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "10.0.1"
          },
          {
            "model": "enterprise linux for ibm z systems",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "redhat",
            "version": "7"
          },
          {
            "model": "watch",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "0"
          },
          {
            "model": "meraki mr32",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "0"
          },
          {
            "model": "wpa supplicant",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "w1 f1",
            "version": "2.4"
          },
          {
            "model": "active management technology",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "intel",
            "version": "4.0"
          },
          {
            "model": "ruggedcom rx1400",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "siemens",
            "version": "0"
          },
          {
            "model": "cn70a-atex",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "pepperl fuchs",
            "version": "0"
          },
          {
            "model": "windows version for 32-bit systems",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "microsoft",
            "version": "1015110"
          },
          {
            "model": "arubaos",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "arubanetworks",
            "version": "6.5.3"
          },
          {
            "model": "pyxis parx handheld",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "bd",
            "version": "0"
          },
          {
            "model": "dual band wireless-ac",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "intel",
            "version": "726519.10"
          },
          {
            "model": "active management technology",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "intel",
            "version": "9.1.40.100"
          },
          {
            "model": "tvos",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "10.1.1"
          },
          {
            "model": "instantos",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "arubanetworks",
            "version": "6.5.3"
          },
          {
            "model": "windows rt",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "microsoft",
            "version": "8.1"
          },
          {
            "model": "meraki mr42",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "0"
          },
          {
            "model": "instantos",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "arubanetworks",
            "version": "4.3.1.6"
          },
          {
            "model": "airport base station",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "7.7.3"
          },
          {
            "model": "wap561 wireless-n dual radio selectable band access point",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "0"
          },
          {
            "model": "active management technology",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "intel",
            "version": "11.0.26.3000"
          },
          {
            "model": "instantos",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "arubanetworks",
            "version": "6.5.4.2"
          },
          {
            "model": "active management technology",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "intel",
            "version": "11.6"
          },
          {
            "model": "tvos",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "apple",
            "version": "11.2"
          },
          {
            "model": "active management technology",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "intel",
            "version": "6.0"
          },
          {
            "model": "windows server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "microsoft",
            "version": "2016"
          },
          {
            "model": "contact rad-whg/wlan-xd",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "phoenix",
            "version": "0"
          },
          {
            "model": "dual band wireless-ac",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "intel",
            "version": "726018.33.9.3"
          },
          {
            "model": "wi-fi update for boot camp",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "apple",
            "version": "6.4.0"
          },
          {
            "model": "suremark printer 2nr",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "toshiba",
            "version": "4610"
          },
          {
            "model": "android",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "7.1.1"
          },
          {
            "model": "arubaos",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "arubanetworks",
            "version": "6.5.4.2"
          },
          {
            "model": "enterprise linux for power little endian extended update supp",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "redhat",
            "version": "-7.5"
          },
          {
            "model": "enterprise linux for power little endian",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "redhat",
            "version": "7"
          },
          {
            "model": "dual band wireless-ac",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "intel",
            "version": "826520.0.0.0"
          },
          {
            "model": "tvos",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "10.2.1"
          },
          {
            "model": "arubaos",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "arubanetworks",
            "version": "6.3.1.8"
          },
          {
            "model": "windows server for x64-based systems sp2",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "microsoft",
            "version": "2008"
          },
          {
            "model": "pyxis supply roller",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "bd",
            "version": "0"
          },
          {
            "model": "airport base station",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "7.6.3"
          },
          {
            "model": "ios",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "10.3"
          },
          {
            "model": "telepresence collaboration endpoint",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "0"
          },
          {
            "model": "active management technology",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "intel",
            "version": "6.2.61.3535"
          },
          {
            "model": "contact vmt",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "phoenix",
            "version": "70xx0"
          },
          {
            "model": "imac",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "0"
          },
          {
            "model": "meraki mr72",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "0"
          },
          {
            "model": "watchos",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "4"
          },
          {
            "model": "enterprise linux for power little endian extended update supp",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "redhat",
            "version": "-7.4"
          },
          {
            "model": "active management technology",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "intel",
            "version": "11.0.25.3001"
          },
          {
            "model": "arubaos",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "arubanetworks",
            "version": "8.1.0.4"
          },
          {
            "model": "active management technology",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "intel",
            "version": "9.1"
          },
          {
            "model": "enterprise linux server tus",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "redhat",
            "version": "-7.4"
          },
          {
            "model": "active management technology",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "intel",
            "version": "6.2"
          },
          {
            "model": "meraki mr53",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "0"
          },
          {
            "model": "tvos",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "10.1"
          },
          {
            "model": "wap551 wireless-n single radio selectable band access point",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "0"
          },
          {
            "model": "instantos",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "arubanetworks",
            "version": "4.2"
          },
          {
            "model": "instantos",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "arubanetworks",
            "version": "6.5.3.2"
          },
          {
            "model": "dual band wireless-ac",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "intel",
            "version": "316519.10"
          },
          {
            "model": "dual band wireless-ac",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "intel",
            "version": "826020.0.0.0"
          },
          {
            "model": "wap121 wireless-n access point with single point setup",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "0"
          },
          {
            "model": "active management technology",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "intel",
            "version": "2.5"
          },
          {
            "model": "active management technology",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "intel",
            "version": "11.6.0.1000"
          },
          {
            "model": "wireless client bridge 1.0.1.3-hp501-b0012",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "arubanetworks",
            "version": "501"
          },
          {
            "model": "i.roc ci70-ex",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "pepperl fuchs",
            "version": "0"
          },
          {
            "model": "arubaos",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "arubanetworks",
            "version": "6.5.0.0"
          },
          {
            "model": "dual band wireless-ac",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "intel",
            "version": "826020.0.2.2"
          },
          {
            "model": "active management technology",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "intel",
            "version": "7.1"
          },
          {
            "model": "cn70e-atex",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "pepperl fuchs",
            "version": "0"
          },
          {
            "model": "dual band wireless-ac",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "intel",
            "version": "726018.0.0.0"
          },
          {
            "model": "meraki mr24",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "0"
          },
          {
            "model": "suremark printer 1nr",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "toshiba",
            "version": "4610"
          },
          {
            "model": "enterprise linux for ibm z systems extended update support",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "redhat",
            "version": "-7.6"
          },
          {
            "model": "contact vmt",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "phoenix",
            "version": "50xx0"
          },
          {
            "model": "meraki mr74",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "0"
          },
          {
            "model": "ex-handy",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "pepperl fuchs",
            "version": "090"
          },
          {
            "model": "arubaos",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "arubanetworks",
            "version": "6.4.4.15"
          },
          {
            "model": "dual band wireless-ac",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "intel",
            "version": "316519.51.7.1"
          },
          {
            "model": "dual band wireless-ac",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "intel",
            "version": "726519.51.7.20"
          },
          {
            "model": "anyconnect secure mobility client",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "0"
          },
          {
            "model": "dual band wireless-ac",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "intel",
            "version": "726519.51.7.1"
          },
          {
            "model": "systems esp32",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "espressif",
            "version": "0"
          },
          {
            "model": "watchos",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "4.1"
          },
          {
            "model": "enterprise linux server extended update support",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "redhat",
            "version": "-7.5"
          },
          {
            "model": "micros handheld terminal 2.03.0.0.021r",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "oracle",
            "version": null
          },
          {
            "model": "aironet series access points",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "38000"
          },
          {
            "model": "pyxis parx",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "bd",
            "version": "0"
          },
          {
            "model": "dx70",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "0"
          },
          {
            "model": "arubaos",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "arubanetworks",
            "version": "6.5.1.9"
          },
          {
            "model": "enterprise linux server update services for sap solutions",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "redhat",
            "version": "-7.6"
          },
          {
            "model": "intouch critical care bed",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "stryker",
            "version": "2141"
          },
          {
            "model": "pyxis anesthesia es",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "bd",
            "version": "0"
          },
          {
            "model": "aironet series officeextend access points",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "18100"
          },
          {
            "model": "windows for x64-based systems",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "microsoft",
            "version": "8.10"
          },
          {
            "model": "dual band wireless-ac",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "intel",
            "version": "316819.10.9.1"
          },
          {
            "model": "active management technology",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "intel",
            "version": "10.0.55.3000"
          },
          {
            "model": "windows for 32-bit systems",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "microsoft",
            "version": "8.10"
          },
          {
            "model": "android",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "6.0"
          },
          {
            "model": "meraki mr66",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "0"
          },
          {
            "model": "dual band wireless-ac",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "intel",
            "version": "316519.10.9.1"
          },
          {
            "model": "airport base station",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "7.6"
          },
          {
            "model": "intouch critical care bed",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "stryker",
            "version": "2131"
          },
          {
            "model": "android",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "7.1.2"
          },
          {
            "model": "aironet series access points",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "18300"
          },
          {
            "model": "enterprise linux server aus",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "redhat",
            "version": "-7.6"
          },
          {
            "model": "enterprise linux for power big endian extended update support",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "redhat",
            "version": "-7.6"
          },
          {
            "model": "active management technology",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "intel",
            "version": "10.0.0.50.1004"
          },
          {
            "model": "arubaos",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "arubanetworks",
            "version": "6.4.1.0"
          },
          {
            "model": "wap321 wireless-n access point with single point setup",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "0"
          },
          {
            "model": "simatic iwlan-pb/link",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "siemens",
            "version": "0"
          },
          {
            "model": "aironet 1810w series access points",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "0"
          },
          {
            "model": "meraki mr52",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "0"
          },
          {
            "model": "enterprise linux for ibm z systems extended update support",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "redhat",
            "version": "-7.5"
          },
          {
            "model": "meraki mr12",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "0"
          },
          {
            "model": "airmesh msr",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "arubanetworks",
            "version": "0"
          },
          {
            "model": "dual band wireless-ac",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "intel",
            "version": "316519.51.7.20"
          },
          {
            "model": "watchos",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "apple",
            "version": "4.2"
          },
          {
            "model": "contact fl wlan ec",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "phoenix",
            "version": "24802-110"
          },
          {
            "model": "instantos",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "arubanetworks",
            "version": "4.2.4.8"
          },
          {
            "model": "systems esp8266",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "espressif",
            "version": "0"
          },
          {
            "model": "tv",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "0"
          },
          {
            "model": "pad-ex",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "pepperl fuchs",
            "version": "010"
          },
          {
            "model": "active management technology",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "intel",
            "version": "11.0.0.1205"
          },
          {
            "model": "ip phone",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "88610"
          },
          {
            "model": "clarity engine",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "arubanetworks",
            "version": "1.0.0.1"
          },
          {
            "model": "aironet series access points",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "15600"
          },
          {
            "model": "windows for 32-bit systems sp1",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "microsoft",
            "version": "7"
          },
          {
            "model": "instantos",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "arubanetworks",
            "version": "4.3.1.5"
          },
          {
            "model": "airport base station",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "7.6.2"
          },
          {
            "model": "active management technology",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "intel",
            "version": "8.1"
          },
          {
            "model": "active management technology",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "intel",
            "version": "11.8"
          },
          {
            "model": "windows for x64-based systems sp1",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "microsoft",
            "version": "7"
          },
          {
            "model": "enterprise linux for ibm z systems extended update support",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "redhat",
            "version": "-7.4"
          },
          {
            "model": "meraki mr58",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "0"
          },
          {
            "model": "windows version for 32-bit systems",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "microsoft",
            "version": "1016070"
          },
          {
            "model": "dual band wireless-ac",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "intel",
            "version": "316519.10.9.2"
          },
          {
            "model": "pyxis parassist system",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "bd",
            "version": "0"
          },
          {
            "model": "windows server for 32-bit systems sp2",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "microsoft",
            "version": "2008"
          },
          {
            "model": "instantos",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "arubanetworks",
            "version": "4.3"
          },
          {
            "model": "android",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "7.0"
          },
          {
            "model": "simatic mobile panel 277 iwlan",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "siemens",
            "version": "0"
          },
          {
            "model": "pyxis medstation t2",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "bd",
            "version": "40000"
          },
          {
            "model": "dual band wireless-ac",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "intel",
            "version": "826020.0.2.3"
          },
          {
            "model": "android",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "6.0.1"
          },
          {
            "model": "airport base station",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "7.6.1"
          },
          {
            "model": "dual band wireless-ac",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "intel",
            "version": "316519.51.0.0"
          },
          {
            "model": "wi-fi update for boot camp",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "0"
          },
          {
            "model": "enterprise linux server update services for sap solutions",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "redhat",
            "version": "-7.4"
          },
          {
            "model": "ipad",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "0"
          },
          {
            "model": "contact vmt",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "phoenix",
            "version": "30xx0"
          },
          {
            "model": "enterprise linux for power big endian",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "redhat",
            "version": "7"
          },
          {
            "model": "wpa supplicant",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "w1 f1",
            "version": "2.6"
          },
          {
            "model": "wireless client bridge",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "arubanetworks",
            "version": "5010"
          },
          {
            "model": "ios",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "10.0.1"
          },
          {
            "model": "active management technology",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "intel",
            "version": "11.5"
          },
          {
            "model": "meraki mr11",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "0"
          },
          {
            "model": "ios",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "10.3.3"
          },
          {
            "model": "pyxis anesthesia system",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "bd",
            "version": "40000"
          },
          {
            "model": "tvos",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "10.2.2"
          },
          {
            "model": "pyxis anesthesia system",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "bd",
            "version": "35000"
          },
          {
            "model": "automation stratix 15.3 jc1",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "rockwell",
            "version": "5100"
          },
          {
            "model": "enterprise linux server aus",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "redhat",
            "version": "-7.4"
          },
          {
            "model": "pyxis ciisafe workstation",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "bd",
            "version": "??0"
          },
          {
            "model": "enterprise linux for power big endian extended update support",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "redhat",
            "version": "-7.4"
          },
          {
            "model": "airport base station",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "7.6.7"
          },
          {
            "model": "dual band wireless-ac",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "intel",
            "version": "316819.51.0.0"
          },
          {
            "model": "ipad air",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "0"
          },
          {
            "model": "active management technology",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "intel",
            "version": "7.0"
          },
          {
            "model": "arubaos",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "arubanetworks",
            "version": "6.5.4.1"
          },
          {
            "model": "enterprise linux eus compute node",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "redhat",
            "version": "7.6"
          },
          {
            "model": "enterprise linux for scientific computing",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "redhat",
            "version": "7"
          },
          {
            "model": "active management technology",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "intel",
            "version": "8.1.71.3608"
          },
          {
            "model": "active management technology",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "intel",
            "version": "9.1.41.3024"
          },
          {
            "model": "arubaos",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "arubanetworks",
            "version": "6.4.2.1"
          },
          {
            "model": "enterprise linux eus compute node",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "redhat",
            "version": "7.4"
          },
          {
            "model": "dx80",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "0"
          },
          {
            "model": "active management technology",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "intel",
            "version": "9.0"
          },
          {
            "model": "contact bl2 ppc",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "phoenix",
            "version": "0"
          },
          {
            "model": "contact tpc",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "phoenix",
            "version": "60130"
          },
          {
            "model": "ipod touch",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "0"
          },
          {
            "model": "arubaos",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "arubanetworks",
            "version": "6.5.1"
          },
          {
            "model": "ck70a-atex",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "pepperl fuchs",
            "version": "0"
          },
          {
            "model": "ios",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "10.2.1"
          },
          {
            "model": "ios",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "10.3.1"
          },
          {
            "model": "dual band wireless-ac",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "intel",
            "version": "316819.51.7.20"
          },
          {
            "model": "macbook pro",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "0"
          },
          {
            "model": "dual band wireless-ac",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "intel",
            "version": "316819.10"
          },
          {
            "model": "windows for x64-based systems",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "microsoft",
            "version": "100"
          },
          {
            "model": "airport base station",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "7.7.8"
          },
          {
            "model": "active management technology",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "intel",
            "version": "9.5"
          },
          {
            "model": "ios",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "10.1"
          },
          {
            "model": "ios",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "10.2"
          },
          {
            "model": "airport base station",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "7.6.4"
          },
          {
            "model": "smart-ex",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "pepperl fuchs",
            "version": "010"
          },
          {
            "model": "dual band wireless-ac",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "intel",
            "version": "826520.0.2.2"
          },
          {
            "model": "dual band wireless-ac",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "intel",
            "version": "316018.33.9.3"
          },
          {
            "model": "tab-ex",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "pepperl fuchs",
            "version": "010"
          },
          {
            "model": "arubaos",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "arubanetworks",
            "version": "6.5.3.3"
          },
          {
            "model": "iphone",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "0"
          },
          {
            "model": "macmini",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "0"
          },
          {
            "model": "arubaos",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "arubanetworks",
            "version": "6.4.4.16"
          },
          {
            "model": "contact fl wlan epa",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "phoenix",
            "version": "0"
          },
          {
            "model": "airport time capsule",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "0"
          },
          {
            "model": "alliance wpa2 (wi-fi protected access",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "wi fi",
            "version": "2)0"
          },
          {
            "model": "airport base station",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "apple",
            "version": "7.7.9"
          },
          {
            "model": "scalance wlc711",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "siemens",
            "version": "0"
          },
          {
            "model": "ruggedcom rs9xxw",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "siemens",
            "version": "0"
          },
          {
            "model": "arubaos",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "arubanetworks",
            "version": "6.3.1.15"
          },
          {
            "model": "networks unifi access point",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ubiquiti",
            "version": "0"
          },
          {
            "model": "suremark printer 2cr",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "toshiba",
            "version": "4610"
          },
          {
            "model": "ip phone",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "88650"
          },
          {
            "model": "arubaos",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "arubanetworks",
            "version": "6.5.4"
          },
          {
            "model": "airport base station",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "7.7.7"
          },
          {
            "model": "instantos",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "arubanetworks",
            "version": "6.5.4"
          },
          {
            "model": "asa 5506w-x w/ firepower services",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "0"
          },
          {
            "model": "windows version for x64-based systems",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "microsoft",
            "version": "1016070"
          },
          {
            "model": "airport base station",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "apple",
            "version": "7.6.9"
          },
          {
            "model": "s3 med-surg bed",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "stryker",
            "version": "3005"
          },
          {
            "model": "dual band wireless-ac",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "intel",
            "version": "316018.0.0.0"
          },
          {
            "model": "smart-ex",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "pepperl fuchs",
            "version": "2010"
          },
          {
            "model": "windows version for x64-based systems",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "microsoft",
            "version": "1017030"
          },
          {
            "model": "ios",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "11.1"
          },
          {
            "model": null,
            "scope": "eq",
            "trust": 0.2,
            "vendor": "ubuntu linux",
            "version": "14.04"
          },
          {
            "model": null,
            "scope": "eq",
            "trust": 0.2,
            "vendor": "ubuntu linux",
            "version": "16.04"
          },
          {
            "model": null,
            "scope": "eq",
            "trust": 0.2,
            "vendor": "ubuntu linux",
            "version": "17.04"
          },
          {
            "model": null,
            "scope": "eq",
            "trust": 0.2,
            "vendor": "debian linux",
            "version": "8.0"
          },
          {
            "model": null,
            "scope": "eq",
            "trust": 0.2,
            "vendor": "debian linux",
            "version": "9.0"
          },
          {
            "model": null,
            "scope": "eq",
            "trust": 0.2,
            "vendor": "freebsd",
            "version": "*"
          },
          {
            "model": null,
            "scope": "eq",
            "trust": 0.2,
            "vendor": "freebsd",
            "version": "10"
          },
          {
            "model": null,
            "scope": "eq",
            "trust": 0.2,
            "vendor": "freebsd",
            "version": "10.4"
          },
          {
            "model": null,
            "scope": "eq",
            "trust": 0.2,
            "vendor": "freebsd",
            "version": "11"
          },
          {
            "model": null,
            "scope": "eq",
            "trust": 0.2,
            "vendor": "freebsd",
            "version": "11.1"
          },
          {
            "model": null,
            "scope": "eq",
            "trust": 0.2,
            "vendor": "leap",
            "version": "42.2"
          },
          {
            "model": null,
            "scope": "eq",
            "trust": 0.2,
            "vendor": "leap",
            "version": "42.3"
          },
          {
            "model": null,
            "scope": "eq",
            "trust": 0.2,
            "vendor": "linux desktop",
            "version": "7"
          },
          {
            "model": null,
            "scope": "eq",
            "trust": 0.2,
            "vendor": "linux server",
            "version": "7"
          },
          {
            "model": null,
            "scope": "eq",
            "trust": 0.2,
            "vendor": "hostapd",
            "version": "0.2.4"
          },
          {
            "model": null,
            "scope": "eq",
            "trust": 0.2,
            "vendor": "hostapd",
            "version": "0.2.5"
          },
          {
            "model": null,
            "scope": "eq",
            "trust": 0.2,
            "vendor": "hostapd",
            "version": "0.2.6"
          },
          {
            "model": null,
            "scope": "eq",
            "trust": 0.2,
            "vendor": "hostapd",
            "version": "0.2.8"
          },
          {
            "model": null,
            "scope": "eq",
            "trust": 0.2,
            "vendor": "hostapd",
            "version": "0.3.7"
          },
          {
            "model": null,
            "scope": "eq",
            "trust": 0.2,
            "vendor": "hostapd",
            "version": "0.3.9"
          },
          {
            "model": null,
            "scope": "eq",
            "trust": 0.2,
            "vendor": "hostapd",
            "version": "0.3.10"
          },
          {
            "model": null,
            "scope": "eq",
            "trust": 0.2,
            "vendor": "hostapd",
            "version": "0.3.11"
          },
          {
            "model": null,
            "scope": "eq",
            "trust": 0.2,
            "vendor": "hostapd",
            "version": "0.4.7"
          },
          {
            "model": null,
            "scope": "eq",
            "trust": 0.2,
            "vendor": "hostapd",
            "version": "0.4.8"
          },
          {
            "model": null,
            "scope": "eq",
            "trust": 0.2,
            "vendor": "hostapd",
            "version": "0.4.9"
          },
          {
            "model": null,
            "scope": "eq",
            "trust": 0.2,
            "vendor": "hostapd",
            "version": "0.4.10"
          },
          {
            "model": null,
            "scope": "eq",
            "trust": 0.2,
            "vendor": "hostapd",
            "version": "0.4.11"
          },
          {
            "model": null,
            "scope": "eq",
            "trust": 0.2,
            "vendor": "hostapd",
            "version": "0.5.7"
          },
          {
            "model": null,
            "scope": "eq",
            "trust": 0.2,
            "vendor": "hostapd",
            "version": "0.5.8"
          },
          {
            "model": null,
            "scope": "eq",
            "trust": 0.2,
            "vendor": "hostapd",
            "version": "0.5.9"
          },
          {
            "model": null,
            "scope": "eq",
            "trust": 0.2,
            "vendor": "hostapd",
            "version": "0.5.10"
          },
          {
            "model": null,
            "scope": "eq",
            "trust": 0.2,
            "vendor": "hostapd",
            "version": "0.5.11"
          },
          {
            "model": null,
            "scope": "eq",
            "trust": 0.2,
            "vendor": "hostapd",
            "version": "0.6.8"
          },
          {
            "model": null,
            "scope": "eq",
            "trust": 0.2,
            "vendor": "hostapd",
            "version": "0.6.9"
          },
          {
            "model": null,
            "scope": "eq",
            "trust": 0.2,
            "vendor": "hostapd",
            "version": "0.6.10"
          },
          {
            "model": null,
            "scope": "eq",
            "trust": 0.2,
            "vendor": "hostapd",
            "version": "0.7.3"
          },
          {
            "model": null,
            "scope": "eq",
            "trust": 0.2,
            "vendor": "hostapd",
            "version": "1.0"
          },
          {
            "model": null,
            "scope": "eq",
            "trust": 0.2,
            "vendor": "hostapd",
            "version": "1.1"
          },
          {
            "model": null,
            "scope": "eq",
            "trust": 0.2,
            "vendor": "hostapd",
            "version": "2.0"
          },
          {
            "model": null,
            "scope": "eq",
            "trust": 0.2,
            "vendor": "hostapd",
            "version": "2.1"
          },
          {
            "model": null,
            "scope": "eq",
            "trust": 0.2,
            "vendor": "hostapd",
            "version": "2.2"
          },
          {
            "model": null,
            "scope": "eq",
            "trust": 0.2,
            "vendor": "hostapd",
            "version": "2.3"
          },
          {
            "model": null,
            "scope": "eq",
            "trust": 0.2,
            "vendor": "hostapd",
            "version": "2.4"
          },
          {
            "model": null,
            "scope": "eq",
            "trust": 0.2,
            "vendor": "hostapd",
            "version": "2.5"
          },
          {
            "model": null,
            "scope": "eq",
            "trust": 0.2,
            "vendor": "hostapd",
            "version": "2.6"
          },
          {
            "model": null,
            "scope": "eq",
            "trust": 0.2,
            "vendor": "wpa supplicant",
            "version": "0.2.4"
          },
          {
            "model": null,
            "scope": "eq",
            "trust": 0.2,
            "vendor": "wpa supplicant",
            "version": "0.2.5"
          },
          {
            "model": null,
            "scope": "eq",
            "trust": 0.2,
            "vendor": "wpa supplicant",
            "version": "0.2.6"
          },
          {
            "model": null,
            "scope": "eq",
            "trust": 0.2,
            "vendor": "wpa supplicant",
            "version": "0.2.7"
          },
          {
            "model": null,
            "scope": "eq",
            "trust": 0.2,
            "vendor": "wpa supplicant",
            "version": "0.2.8"
          },
          {
            "model": null,
            "scope": "eq",
            "trust": 0.2,
            "vendor": "wpa supplicant",
            "version": "0.3.7"
          },
          {
            "model": null,
            "scope": "eq",
            "trust": 0.2,
            "vendor": "wpa supplicant",
            "version": "0.3.8"
          },
          {
            "model": null,
            "scope": "eq",
            "trust": 0.2,
            "vendor": "wpa supplicant",
            "version": "0.3.9"
          },
          {
            "model": null,
            "scope": "eq",
            "trust": 0.2,
            "vendor": "wpa supplicant",
            "version": "0.3.10"
          },
          {
            "model": null,
            "scope": "eq",
            "trust": 0.2,
            "vendor": "wpa supplicant",
            "version": "0.3.11"
          },
          {
            "model": null,
            "scope": "eq",
            "trust": 0.2,
            "vendor": "wpa supplicant",
            "version": "0.4.7"
          },
          {
            "model": null,
            "scope": "eq",
            "trust": 0.2,
            "vendor": "wpa supplicant",
            "version": "0.4.8"
          },
          {
            "model": null,
            "scope": "eq",
            "trust": 0.2,
            "vendor": "wpa supplicant",
            "version": "0.4.9"
          },
          {
            "model": null,
            "scope": "eq",
            "trust": 0.2,
            "vendor": "wpa supplicant",
            "version": "0.4.10"
          },
          {
            "model": null,
            "scope": "eq",
            "trust": 0.2,
            "vendor": "wpa supplicant",
            "version": "0.4.11"
          },
          {
            "model": null,
            "scope": "eq",
            "trust": 0.2,
            "vendor": "wpa supplicant",
            "version": "0.5.7"
          },
          {
            "model": null,
            "scope": "eq",
            "trust": 0.2,
            "vendor": "wpa supplicant",
            "version": "0.5.8"
          },
          {
            "model": null,
            "scope": "eq",
            "trust": 0.2,
            "vendor": "wpa supplicant",
            "version": "0.5.9"
          },
          {
            "model": null,
            "scope": "eq",
            "trust": 0.2,
            "vendor": "wpa supplicant",
            "version": "0.5.10"
          },
          {
            "model": null,
            "scope": "eq",
            "trust": 0.2,
            "vendor": "wpa supplicant",
            "version": "0.5.11"
          },
          {
            "model": null,
            "scope": "eq",
            "trust": 0.2,
            "vendor": "wpa supplicant",
            "version": "0.6.8"
          },
          {
            "model": null,
            "scope": "eq",
            "trust": 0.2,
            "vendor": "wpa supplicant",
            "version": "0.6.9"
          },
          {
            "model": null,
            "scope": "eq",
            "trust": 0.2,
            "vendor": "wpa supplicant",
            "version": "0.6.10"
          },
          {
            "model": null,
            "scope": "eq",
            "trust": 0.2,
            "vendor": "wpa supplicant",
            "version": "0.7.3"
          },
          {
            "model": null,
            "scope": "eq",
            "trust": 0.2,
            "vendor": "wpa supplicant",
            "version": "1.0"
          },
          {
            "model": null,
            "scope": "eq",
            "trust": 0.2,
            "vendor": "wpa supplicant",
            "version": "1.1"
          },
          {
            "model": null,
            "scope": "eq",
            "trust": 0.2,
            "vendor": "wpa supplicant",
            "version": "2.0"
          },
          {
            "model": null,
            "scope": "eq",
            "trust": 0.2,
            "vendor": "wpa supplicant",
            "version": "2.1"
          },
          {
            "model": null,
            "scope": "eq",
            "trust": 0.2,
            "vendor": "wpa supplicant",
            "version": "2.2"
          },
          {
            "model": null,
            "scope": "eq",
            "trust": 0.2,
            "vendor": "wpa supplicant",
            "version": "2.3"
          },
          {
            "model": null,
            "scope": "eq",
            "trust": 0.2,
            "vendor": "wpa supplicant",
            "version": "2.4"
          },
          {
            "model": null,
            "scope": "eq",
            "trust": 0.2,
            "vendor": "wpa supplicant",
            "version": "2.5"
          },
          {
            "model": null,
            "scope": "eq",
            "trust": 0.2,
            "vendor": "wpa supplicant",
            "version": "2.6"
          },
          {
            "model": null,
            "scope": "eq",
            "trust": 0.2,
            "vendor": "linux point of sale",
            "version": "11"
          },
          {
            "model": null,
            "scope": "eq",
            "trust": 0.2,
            "vendor": "linux server",
            "version": "12"
          },
          {
            "model": null,
            "scope": "eq",
            "trust": 0.2,
            "vendor": "openstack cloud",
            "version": "6"
          }
        ],
        "sources": [
          {
            "db": "IVD",
            "id": "99f194cf-017c-4d52-b709-25cd18723622"
          },
          {
            "db": "CERT/CC",
            "id": "VU#228519"
          },
          {
            "db": "CNVD",
            "id": "CNVD-2017-30402"
          },
          {
            "db": "BID",
            "id": "101274"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2017-009174"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201710-384"
          },
          {
            "db": "NVD",
            "id": "CVE-2017-13081"
          }
        ]
      },
      "configurations": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/configurations#",
          "children": {
            "@container": "@list"
          },
          "cpe_match": {
            "@container": "@list"
          },
          "data": {
            "@container": "@list"
          },
          "nodes": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "CVE_data_version": "4.0",
            "nodes": [
              {
                "cpe_match": [
                  {
                    "cpe22Uri": "cpe:/o:canonical:ubuntu",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:debian:debian_linux",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:freebsd:freebsd",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:opensuse_project:leap",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:suse:linux_enterprise_desktop",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:suse:suse_linux_enterprise_point_of_sale",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:suse:linux_enterprise_server",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/a:suse:openstack_cloud",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/a:w1.fi:hostapd",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/a:w1.fi:wpa_supplicant",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:redhat:enterprise_linux_desktop",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:redhat:enterprise_linux_server",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:nec:nec_edge_gateway",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/a:fujitsu:sr-m20ac1",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/a:fujitsu:sr-m20ac2",
                    "vulnerable": true
                  }
                ],
                "operator": "OR"
              }
            ]
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2017-009174"
          }
        ]
      },
      "credits": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/credits#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "Mathy Vanhoef from imec-DistriNet and KU Leuven.",
        "sources": [
          {
            "db": "BID",
            "id": "101274"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201710-384"
          }
        ],
        "trust": 0.9
      },
      "cve": "CVE-2017-13081",
      "cvss": {
        "@context": {
          "cvssV2": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
          },
          "cvssV3": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
          },
          "severity": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/cvss/severity#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/severity"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            },
            "@id": "https://www.variotdbs.pl/ref/sources"
          }
        },
        "data": [
          {
            "cvssV2": [
              {
                "accessComplexity": "MEDIUM",
                "accessVector": "ADJACENT_NETWORK",
                "authentication": "NONE",
                "author": "nvd@nist.gov",
                "availabilityImpact": "NONE",
                "baseScore": 2.9,
                "confidentialityImpact": "NONE",
                "exploitabilityScore": 5.5,
                "id": "CVE-2017-13081",
                "impactScore": 2.9,
                "integrityImpact": "PARTIAL",
                "severity": "LOW",
                "trust": 1.9,
                "vectorString": "AV:A/AC:M/Au:N/C:N/I:P/A:N",
                "version": "2.0"
              },
              {
                "accessComplexity": "MEDIUM",
                "accessVector": "ADJACENT_NETWORK",
                "authentication": "NONE",
                "author": "CNVD",
                "availabilityImpact": "PARTIAL",
                "baseScore": 5.4,
                "confidentialityImpact": "PARTIAL",
                "exploitabilityScore": 5.5,
                "id": "CNVD-2017-30402",
                "impactScore": 6.4,
                "integrityImpact": "PARTIAL",
                "severity": "MEDIUM",
                "trust": 0.6,
                "vectorString": "AV:A/AC:M/Au:N/C:P/I:P/A:P",
                "version": "2.0"
              },
              {
                "accessComplexity": "MEDIUM",
                "accessVector": "ADJACENT_NETWORK",
                "authentication": "NONE",
                "author": "IVD",
                "availabilityImpact": "PARTIAL",
                "baseScore": 5.4,
                "confidentialityImpact": "PARTIAL",
                "exploitabilityScore": 5.5,
                "id": "99f194cf-017c-4d52-b709-25cd18723622",
                "impactScore": 6.4,
                "integrityImpact": "PARTIAL",
                "severity": "MEDIUM",
                "trust": 0.2,
                "vectorString": "AV:A/AC:M/Au:N/C:P/I:P/A:P",
                "version": "2.9 [IVD]"
              }
            ],
            "cvssV3": [
              {
                "attackComplexity": "HIGH",
                "attackVector": "ADJACENT",
                "author": "nvd@nist.gov",
                "availabilityImpact": "NONE",
                "baseScore": 5.3,
                "baseSeverity": "MEDIUM",
                "confidentialityImpact": "NONE",
                "exploitabilityScore": 1.6,
                "id": "CVE-2017-13081",
                "impactScore": 3.6,
                "integrityImpact": "HIGH",
                "privilegesRequired": "NONE",
                "scope": "UNCHANGED",
                "trust": 1.8,
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.0/AV:A/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N",
                "version": "3.0"
              }
            ],
            "severity": [
              {
                "author": "nvd@nist.gov",
                "id": "CVE-2017-13081",
                "trust": 1.0,
                "value": "MEDIUM"
              },
              {
                "author": "NVD",
                "id": "CVE-2017-13081",
                "trust": 0.8,
                "value": "Medium"
              },
              {
                "author": "CNVD",
                "id": "CNVD-2017-30402",
                "trust": 0.6,
                "value": "MEDIUM"
              },
              {
                "author": "CNNVD",
                "id": "CNNVD-201710-384",
                "trust": 0.6,
                "value": "MEDIUM"
              },
              {
                "author": "IVD",
                "id": "99f194cf-017c-4d52-b709-25cd18723622",
                "trust": 0.2,
                "value": "MEDIUM"
              },
              {
                "author": "VULMON",
                "id": "CVE-2017-13081",
                "trust": 0.1,
                "value": "LOW"
              }
            ]
          }
        ],
        "sources": [
          {
            "db": "IVD",
            "id": "99f194cf-017c-4d52-b709-25cd18723622"
          },
          {
            "db": "CNVD",
            "id": "CNVD-2017-30402"
          },
          {
            "db": "VULMON",
            "id": "CVE-2017-13081"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2017-009174"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201710-384"
          },
          {
            "db": "NVD",
            "id": "CVE-2017-13081"
          }
        ]
      },
      "description": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/description#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "Wi-Fi Protected Access (WPA and WPA2) that supports IEEE 802.11w allows reinstallation of the Integrity Group Temporal Key (IGTK) during the group key handshake, allowing an attacker within radio range to spoof frames from access points to clients. An attacker within range of an affected AP and client may leverage these vulnerabilities to conduct attacks that are dependent on the data confidentiality protocols being used. Attacks may include arbitrary packet decryption and injection, TCP connection hijacking, HTTP content injection, or the replay of unicast and group-addressed frames. These vulnerabilities are referred to as Key Reinstallation Attacks or \"KRACK\" attacks. WPA (Wi-Fi Protected Access) is a system that protects wireless computer networks (Wi-Fi). The IGTK group key reloading vulnerability exists in the WPA2 wireless network. WPA2  is prone to multiple security weaknesses. \nExploiting these issues may allow an unauthorized user to intercept and manipulate data or disclose sensitive information. Those vulnerabilities applies to both the access point\n(implemented in hostapd) and the station (implemented in wpa_supplicant). \n\nAn attacker exploiting the vulnerabilities could force the vulnerable system to\nreuse cryptographic session keys, enabling a range of cryptographic attacks\nagainst the ciphers used in WPA1 and WPA2. \n\nFor the stable distribution (stretch), these problems have been fixed in\nversion 2:2.4-1+deb9u1. \n\nFor the testing distribution (buster), these problems have been fixed\nin version 2:2.4-1.1. \n\nFor the unstable distribution (sid), these problems have been fixed in\nversion 2:2.4-1.1. \n\nWe recommend that you upgrade your wpa packages. ==========================================================================\nUbuntu Security Notice USN-3455-1\nOctober 16, 2017\n\nwpa vulnerabilities\n==========================================================================\n\nA security issue affects these releases of Ubuntu and its derivatives:\n\n- Ubuntu 17.04\n- Ubuntu 16.04 LTS\n- Ubuntu 14.04 LTS\n\nSummary:\n\nSeveral security issues were fixed in wpa_supplicant. \n\nSoftware Description:\n- wpa: client support for WPA and WPA2\n\nDetails:\n\nMathy Vanhoef discovered that wpa_supplicant and hostapd incorrectly\nhandled WPA2. (CVE-2017-13077,\nCVE-2017-13078, CVE-2017-13079, CVE-2017-13080, CVE-2017-13081,\nCVE-2017-13082, CVE-2017-13086, CVE-2017-13087, CVE-2017-13088)\n\nImre Rad discovered that wpa_supplicant and hostapd incorrectly handled\ninvalid characters in passphrase parameters. A remote attacker could use\nthis issue to cause a denial of service. (CVE-2016-4476)\n\nImre Rad discovered that wpa_supplicant and hostapd incorrectly handled\ninvalid characters in passphrase parameters. A local attacker could use\nthis issue to cause a denial of service, or possibly execute arbitrary\ncode. (CVE-2016-4477)\n\nUpdate instructions:\n\nThe problem can be corrected by updating your system to the following\npackage versions:\n\nUbuntu 17.04:\n  hostapd                         2.4-0ubuntu9.1\n  wpasupplicant                   2.4-0ubuntu9.1\n\nUbuntu 16.04 LTS:\n  hostapd                         2.4-0ubuntu6.2\n  wpasupplicant                   2.4-0ubuntu6.2\n\nUbuntu 14.04 LTS:\n  hostapd                         2.1-0ubuntu1.5\n  wpasupplicant                   2.1-0ubuntu1.5\n\nAfter a standard system update you need to reboot your computer to make\nall the necessary changes. \n\nReferences:\n  https://www.ubuntu.com/usn/usn-3455-1\n  CVE-2016-4476, CVE-2016-4477, CVE-2017-13077, CVE-2017-13078,\n  CVE-2017-13079, CVE-2017-13080, CVE-2017-13081, CVE-2017-13082,\n  CVE-2017-13086, CVE-2017-13087, CVE-2017-13088\n\nPackage Information:\n  https://launchpad.net/ubuntu/+source/wpa/2.4-0ubuntu9.1\n  https://launchpad.net/ubuntu/+source/wpa/2.4-0ubuntu6.2\n  https://launchpad.net/ubuntu/+source/wpa/2.1-0ubuntu1.5\n\n\n. \n\n\nHere are the details from the Slackware 14.2 ChangeLog:\n+--------------------------+\npatches/packages/wpa_supplicant-2.6-i586-1_slack14.2.txz:  Upgraded. \n  This update includes patches to mitigate the WPA2 protocol issues known\n  as \"KRACK\" (Key Reinstallation AttaCK), which may be used to decrypt data,\n  hijack TCP connections, and to forge and inject packets. This is the\n  list of vulnerabilities that are addressed here:\n  CVE-2017-13077: Reinstallation of the pairwise encryption key (PTK-TK) in the\n    4-way handshake. \n  CVE-2017-13078: Reinstallation of the group key (GTK) in the 4-way handshake. \n  CVE-2017-13080: Reinstallation of the group key (GTK) in the group key\n    handshake. \n  CVE-2017-13082: Accepting a retransmitted Fast BSS Transition (FT)\n    Reassociation Request and reinstalling the pairwise encryption key (PTK-TK)\n    while processing it. \n  CVE-2017-13084: Reinstallation of the STK key in the PeerKey handshake. \n  CVE-2017-13086: reinstallation of the Tunneled Direct-Link Setup (TDLS)\n    PeerKey (TPK) key in the TDLS handshake. \n  For more information, see:\n    https://www.krackattacks.com/\n    https://w1.fi/security/2017-1/wpa-packet-number-reuse-with-replayed-messages.txt\n    https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-13077\n    https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-13078\n    https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-13079\n    https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-13080\n    https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-13081\n    https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-13082\n    https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-13084\n    https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-13086\n    https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-13087\n    https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-13088\n  (* Security fix *)\n+--------------------------+\n\n\nWhere to find the new packages:\n+-----------------------------+\n\nThanks to the friendly folks at the OSU Open Source Lab\n(http://osuosl.org) for donating FTP and rsync hosting\nto the Slackware project!  :-)\n\nAlso see the \"Get Slack\" section on http://slackware.com for\nadditional mirror sites near you. \n\nUpdated package for Slackware 14.0:\nftp://ftp.slackware.com/pub/slackware/slackware-14.0/patches/packages/wpa_supplicant-2.6-i486-1_slack14.0.txz\n\nUpdated package for Slackware x86_64 14.0:\nftp://ftp.slackware.com/pub/slackware/slackware64-14.0/patches/packages/wpa_supplicant-2.6-x86_64-1_slack14.0.txz\n\nUpdated package for Slackware 14.1:\nftp://ftp.slackware.com/pub/slackware/slackware-14.1/patches/packages/wpa_supplicant-2.6-i486-1_slack14.1.txz\n\nUpdated package for Slackware x86_64 14.1:\nftp://ftp.slackware.com/pub/slackware/slackware64-14.1/patches/packages/wpa_supplicant-2.6-x86_64-1_slack14.1.txz\n\nUpdated package for Slackware 14.2:\nftp://ftp.slackware.com/pub/slackware/slackware-14.2/patches/packages/wpa_supplicant-2.6-i586-1_slack14.2.txz\n\nUpdated package for Slackware x86_64 14.2:\nftp://ftp.slackware.com/pub/slackware/slackware64-14.2/patches/packages/wpa_supplicant-2.6-x86_64-1_slack14.2.txz\n\nUpdated package for Slackware -current:\nftp://ftp.slackware.com/pub/slackware/slackware-current/slackware/n/wpa_supplicant-2.6-i586-2.txz\n\nUpdated package for Slackware x86_64 -current:\nftp://ftp.slackware.com/pub/slackware/slackware64-current/slackware64/n/wpa_supplicant-2.6-x86_64-2.txz\n\n\nMD5 signatures:\n+-------------+\n\nSlackware 14.0 package:\nd8ecfaadb50b3547967ab53733ffc019  wpa_supplicant-2.6-i486-1_slack14.0.txz\n\nSlackware x86_64 14.0 package:\nf25216d28800504ce498705da7c9a825  wpa_supplicant-2.6-x86_64-1_slack14.0.txz\n\nSlackware 14.1 package:\n15c61050e4bab2581757befd86be74c0  wpa_supplicant-2.6-i486-1_slack14.1.txz\n\nSlackware x86_64 14.1 package:\n49fd537a520338744f7757615556d352  wpa_supplicant-2.6-x86_64-1_slack14.1.txz\n\nSlackware 14.2 package:\nc5539f40c8510af89be92945f0f80185  wpa_supplicant-2.6-i586-1_slack14.2.txz\n\nSlackware x86_64 14.2 package:\n4c527ff84fcdfd7839f217bbce2e4ae4  wpa_supplicant-2.6-x86_64-1_slack14.2.txz\n\nSlackware -current package:\n28bd88a54e96368f7a7020c1f5fb67fe  n/wpa_supplicant-2.6-i586-2.txz\n\nSlackware x86_64 -current package:\n464fc6b48d1ac077f47e9a3a8534c160  n/wpa_supplicant-2.6-x86_64-2.txz\n\n\nInstallation instructions:\n+------------------------+\n\nUpgrade the package as root:\n# upgradepkg wpa_supplicant-2.6-i586-1_slack14.2.txz\n\n\n+-----+\n\nSlackware Linux Security Team\nhttp://slackware.com/gpg-key\nsecurity@slackware.com\n\n+------------------------------------------------------------------------+\n| To leave the slackware-security mailing list:                          |\n+------------------------------------------------------------------------+\n| Send an email to majordomo@slackware.com with this text in the body of |\n| the email message:                                                     |\n|                                                                        |\n|   unsubscribe slackware-security                                       |\n|                                                                        |\n| You will get a confirmation message back containing instructions to    |\n| complete the process.  Please do not reply to this email address. -----BEGIN PGP SIGNED MESSAGE-----\nHash: SHA512\n\n=============================================================================\nFreeBSD-SA-17:07.wpa                                        Security Advisory\n                                                          The FreeBSD Project\n\nTopic:          WPA2 protocol vulnerability\n\nCategory:       contrib\nModule:         wpa\nAnnounced:      2017-10-16\nCredits:        Mathy Vanhoef\nAffects:        All supported versions of FreeBSD. \nCorrected:      2017-10-17 17:30:18 UTC (stable/11, 11.1-STABLE)\n                2017-10-17 17:57:18 UTC (releng/11.1, 11.1-RELEASE-p2)\n                2017-10-17 17:56:03 UTC (releng/11.0, 11.0-RELEASE-p13)\n                2017-10-19 03:18:22 UTC (stable/10, 10.4-STABLE)\n                2017-10-19 03:20:17 UTC (releng/10.4, 10.4-RELEASE-p1)\n                2017-10-19 03:19:42 UTC (releng/10.3, 10.3-RELEASE-p22)\nCVE Name:       CVE-2017-13077, CVE-2017-13078, CVE-2017-13079,\n                CVE-2017-13080, CVE-2017-13081, CVE-2017-13082,\n                CVE-2017-13086, CVE-2017-13087, CVE-2017-13088\n\nFor general information regarding FreeBSD Security Advisories,\nincluding descriptions of the fields above, security branches, and the\nfollowing sections, please visit \u003cURL:https://security.FreeBSD.org/\u003e. \n\n0.   Revision history\n\nv1.0  2017-10-17 Initial release. \nv1.1  2017-10-19 Add patches for 10.x releases. \n\nI. \n\nhostapd and wpa_supplicant are implementations of user space daemon for\naccess points and wireless client that implements the WPA2 protocol. \n\nII.  Problem Description\n\nA vulnerability was found in how a number of implementations can be\ntriggered to reconfigure WPA/WPA2/RSN keys (TK, GTK, or IGTK) by\nreplaying a specific frame that is used to manage the keys. \n\nIII. Impact\n\nSuch reinstallation of the encryption key can result in two different\ntypes of vulnerabilities: disabling replay protection and significantly\nreducing the security of encryption to the point of allowing frames to\nbe decrypted or some parts of the keys to be determined by an attacker\ndepending on which cipher is used. \n\nIV.  Workaround\n\nAn updated version of wpa_supplicant is available in the FreeBSD Ports\nCollection. Install version 2.6_2 or later of the\nsecurity/wpa_supplicant port/pkg. Once installed, update /etc/rc.conf\nto use the new binary:\n\nwpa_supplicant_program=\"/usr/local/sbin/wpa_supplicant\"\n\nand restart networking. \n\nAn updated version of hostapd is available in the FreeBSD Ports\nCollection. Install version 2.6_1 or later of the net/hostapd port/pkg. \nOnce installed, update /etc/rc.conf to use the new binary:\n\nhostapd_program=\"/usr/local/sbin/hostapd\"\n\nand restart hostapd. \n\nV.   Solution\n\nPerform one of the following:\n\n1) Upgrade your vulnerable system to a supported FreeBSD stable or\nrelease / security branch (releng) dated after the correction date. \n\nRestart the Wi-Fi network interfaces/hostapd or reboot the system. \n\n2) To update your vulnerable system via a binary patch:\n\nSystems running a RELEASE version of FreeBSD on the i386 or amd64\nplatforms can be updated via the freebsd-update(8) utility:\n\n# freebsd-update fetch\n# freebsd-update install\n\nRestart the Wi-Fi network interfaces/hostapd or reboot the system. \n\n3) To update your vulnerable system via a source code patch:\n\nThe following patches have been verified to apply to the applicable\nFreeBSD release branches. \n\na) Download the relevant patch from the location below, and verify the\ndetached PGP signature using your PGP utility. \n\n[FreeBSD 11.0-RELEASE, 11.1-RELEASE, and 11-STABLE]\n# fetch https://security.FreeBSD.org/patches/SA-17:07/wpa-11.patch\n# fetch https://security.FreeBSD.org/patches/SA-17:07/wpa-11.patch.asc\n# gpg --verify wpa-11.patch.asc\n\n[FreeBSD 10.3-RELEASE, 10.4-RELEASE, and 10-STABLE]\n# fetch https://security.FreeBSD.org/patches/SA-17:07/wpa-10.patch\n# fetch https://security.FreeBSD.org/patches/SA-17:07/wpa-10.patch.asc\n# gpg --verify wpa-10.patch.asc\n\nb) Apply the patch.  Execute the following commands as root:\n\n# cd /usr/src\n# patch \u003c /path/to/patch\n\nc) Recompile the operating system using buildworld and installworld as\ndescribed in \u003cURL:https://www.FreeBSD.org/handbook/makeworld.html\u003e. \n\nRestart the applicable daemons, or reboot the system. \n\nVI.  Correction details\n\nThe following list contains the correction revision numbers for each\naffected branch. \n\nBranch/path                                                      Revision\n- -------------------------------------------------------------------------\nstable/11/                                                        r324697\nreleng/11.0/                                                      r324698\nreleng/11.1/                                                      r324699\nstable/10/                                                        r324739\nreleng/10.3/                                                      r324740\nreleng/10.4/                                                      r324741\n- -------------------------------------------------------------------------\n\nTo see which files were modified by a particular revision, run the\nfollowing command, replacing NNNNNN with the revision number, on a\nmachine with Subversion installed:\n\n# svn diff -cNNNNNN --summarize svn://svn.freebsd.org/base\n\nOr visit the following URL, replacing NNNNNN with the revision number:\n\n\u003cURL:https://svnweb.freebsd.org/base?view=revision\u0026revision=NNNNNN\u003e\n\nVII. References\n\n\u003cURL:https://w1.fi/security/2017-1/wpa-packet-number-reuse-with-replayed-messages.txt\u003e\n\u003cURL:https://www.krackattacks.com/\u003e\n\nThe latest revision of this advisory is available at\n\u003cURL:https://security.FreeBSD.org/advisories/FreeBSD-SA-17:07.wpa.asc\u003e\n-----BEGIN PGP SIGNATURE-----\n\niQKTBAEBCgB9FiEEHPf/b631yp++G4yy7Wfs1l3PaucFAlnoGpNfFIAAAAAALgAo\naXNzdWVyLWZwckBub3RhdGlvbnMub3BlbnBncC5maWZ0aGhvcnNlbWFuLm5ldDFD\nRjdGRjZGQURGNUNBOUZCRTFCOENCMkVENjdFQ0Q2NURDRjZBRTcACgkQ7Wfs1l3P\nauc7WBAAm27w+fujv5sJsRxauUMopTVtRh5utwbDuoHTP+L+RCWmQfVBmueNQ0gf\nuJzMNxBIkbtY9LvyukpRsH3iD7mh26c0pd9rxxkkr4F96C9B5+W0amxJF1gdm54/\nF/50FpY+lo7cNs5tiBjypPrg8UOBBI/1G4XR7130XC0HjaTwt1ngZ0oQUWUMSsIp\ngN5ZfPul81WPWd1NqF+vyObcJhwq/Y1uoexoO27o7GQCFZoL3enZy8c4f1xqMlVM\n4HHkTgNGac6E0aW+ArH4J0DFFAOJXPqF8rdt+9XINfoBbtliIyOixJ4oh1n6eAR0\nVpBWZKFNyXSlUKIvDGa+LDhxgL1jJXV0ABSyKlUOijdmr3bbbiQE9MW/MNv2AFTd\nOAFQ0QQtm9KCWp5JLh+FPIb/kR2l7MOUP+yz4zFcJpdGtl9tDLyPN8vRTq60bY8O\ny7tBcf/SMqkd/AIFdchL4zrOguKnRARydIlwTarp8wtAQI3MKSsa1B0wgsDtlL6K\nxfdjnwWMKvKKlNOW16e1WXXO0n/ucHV4njBE+bGPro3jLgXP2/WFZpIGAR3I4xrr\nSdD4AxSNiR9f3bL7LRfMIbugJAylWNSlTLWUOVUv0/ONh85LqbcCj13NI230B64K\nETx2QOZgKnCs2oDNiw4aQHb7kvi2w94Iw/R1sAPkkxYJWO3reyE=\n=h/5q\n-----END PGP SIGNATURE-----\n",
        "sources": [
          {
            "db": "NVD",
            "id": "CVE-2017-13081"
          },
          {
            "db": "CERT/CC",
            "id": "VU#228519"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2017-009174"
          },
          {
            "db": "CNVD",
            "id": "CNVD-2017-30402"
          },
          {
            "db": "BID",
            "id": "101274"
          },
          {
            "db": "IVD",
            "id": "99f194cf-017c-4d52-b709-25cd18723622"
          },
          {
            "db": "VULMON",
            "id": "CVE-2017-13081"
          },
          {
            "db": "PACKETSTORM",
            "id": "144630"
          },
          {
            "db": "PACKETSTORM",
            "id": "144632"
          },
          {
            "db": "PACKETSTORM",
            "id": "145228"
          },
          {
            "db": "PACKETSTORM",
            "id": "144663"
          },
          {
            "db": "PACKETSTORM",
            "id": "144669"
          }
        ],
        "trust": 3.87
      },
      "external_ids": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/external_ids#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "db": "CERT/CC",
            "id": "VU#228519",
            "trust": 4.2
          },
          {
            "db": "NVD",
            "id": "CVE-2017-13081",
            "trust": 4.1
          },
          {
            "db": "BID",
            "id": "101274",
            "trust": 2.6
          },
          {
            "db": "SECTRACK",
            "id": "1039578",
            "trust": 1.7
          },
          {
            "db": "SECTRACK",
            "id": "1039581",
            "trust": 1.7
          },
          {
            "db": "SECTRACK",
            "id": "1039585",
            "trust": 1.7
          },
          {
            "db": "SECTRACK",
            "id": "1039573",
            "trust": 1.7
          },
          {
            "db": "SECTRACK",
            "id": "1039576",
            "trust": 1.7
          },
          {
            "db": "SECTRACK",
            "id": "1039577",
            "trust": 1.7
          },
          {
            "db": "SIEMENS",
            "id": "SSA-901333",
            "trust": 1.7
          },
          {
            "db": "CERT@VDE",
            "id": "VDE-2017-005",
            "trust": 1.7
          },
          {
            "db": "ICS CERT",
            "id": "ICSMA-18-114-01",
            "trust": 1.2
          },
          {
            "db": "ICS CERT",
            "id": "ICSMA-19-029-01",
            "trust": 1.1
          },
          {
            "db": "ICS CERT",
            "id": "ICSA-17-353-02",
            "trust": 1.1
          },
          {
            "db": "ICS CERT",
            "id": "ICSA-17-318-01",
            "trust": 1.1
          },
          {
            "db": "CNVD",
            "id": "CNVD-2017-30402",
            "trust": 0.8
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201710-384",
            "trust": 0.8
          },
          {
            "db": "LENOVO",
            "id": "LEN-17420",
            "trust": 0.8
          },
          {
            "db": "JUNIPER",
            "id": "JSA10827",
            "trust": 0.8
          },
          {
            "db": "DLINK",
            "id": "SAP10075",
            "trust": 0.8
          },
          {
            "db": "ICS CERT",
            "id": "ICSA-17-318-02A",
            "trust": 0.8
          },
          {
            "db": "JVN",
            "id": "JVNVU90609033",
            "trust": 0.8
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2017-009174",
            "trust": 0.8
          },
          {
            "db": "AUSCERT",
            "id": "ESB-2020.4125",
            "trust": 0.6
          },
          {
            "db": "ICS CERT",
            "id": "ICSA-17-299-02",
            "trust": 0.3
          },
          {
            "db": "ICS CERT",
            "id": "ICSA-17-318-02",
            "trust": 0.3
          },
          {
            "db": "ICS CERT",
            "id": "ICSA-17-325-01",
            "trust": 0.3
          },
          {
            "db": "IVD",
            "id": "99F194CF-017C-4D52-B709-25CD18723622",
            "trust": 0.2
          },
          {
            "db": "VULMON",
            "id": "CVE-2017-13081",
            "trust": 0.1
          },
          {
            "db": "PACKETSTORM",
            "id": "144630",
            "trust": 0.1
          },
          {
            "db": "PACKETSTORM",
            "id": "144632",
            "trust": 0.1
          },
          {
            "db": "PACKETSTORM",
            "id": "145228",
            "trust": 0.1
          },
          {
            "db": "PACKETSTORM",
            "id": "144663",
            "trust": 0.1
          },
          {
            "db": "PACKETSTORM",
            "id": "144669",
            "trust": 0.1
          }
        ],
        "sources": [
          {
            "db": "IVD",
            "id": "99f194cf-017c-4d52-b709-25cd18723622"
          },
          {
            "db": "CERT/CC",
            "id": "VU#228519"
          },
          {
            "db": "CNVD",
            "id": "CNVD-2017-30402"
          },
          {
            "db": "VULMON",
            "id": "CVE-2017-13081"
          },
          {
            "db": "BID",
            "id": "101274"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2017-009174"
          },
          {
            "db": "PACKETSTORM",
            "id": "144630"
          },
          {
            "db": "PACKETSTORM",
            "id": "144632"
          },
          {
            "db": "PACKETSTORM",
            "id": "145228"
          },
          {
            "db": "PACKETSTORM",
            "id": "144663"
          },
          {
            "db": "PACKETSTORM",
            "id": "144669"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201710-384"
          },
          {
            "db": "NVD",
            "id": "CVE-2017-13081"
          }
        ]
      },
      "id": "VAR-201710-0208",
      "iot": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/iot#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": true,
        "sources": [
          {
            "db": "IVD",
            "id": "99f194cf-017c-4d52-b709-25cd18723622"
          },
          {
            "db": "CNVD",
            "id": "CNVD-2017-30402"
          }
        ],
        "trust": 1.4003193450000002
      },
      "iot_taxonomy": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "category": [
              "ICS"
            ],
            "sub_category": null,
            "trust": 0.8
          }
        ],
        "sources": [
          {
            "db": "IVD",
            "id": "99f194cf-017c-4d52-b709-25cd18723622"
          },
          {
            "db": "CNVD",
            "id": "CNVD-2017-30402"
          }
        ]
      },
      "last_update_date": "2025-04-20T23:00:16.192000Z",
      "patch": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/patch#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "title": "ARUBA-PSA-2017-007",
            "trust": 0.8,
            "url": "http://www.arubanetworks.com/assets/alert/ARUBA-PSA-2017-007.txt"
          },
          {
            "title": "DSA-3999",
            "trust": 0.8,
            "url": "https://www.debian.org/security/2017/dsa-3999"
          },
          {
            "title": "FreeBSD-SA-17:07.wpa",
            "trust": 0.8,
            "url": "https://www.freebsd.org/security/advisories/FreeBSD-SA-17:07.wpa.asc"
          },
          {
            "title": "NV17-024",
            "trust": 0.8,
            "url": "http://jpn.nec.com/security-info/secinfo/nv17-024.html"
          },
          {
            "title": "SUSE-SU-2017:2745",
            "trust": 0.8,
            "url": "https://lists.opensuse.org/opensuse-security-announce/2017-10/msg00020.html"
          },
          {
            "title": "SUSE-SU-2017:2752",
            "trust": 0.8,
            "url": "https://lists.opensuse.org/opensuse-security-announce/2017-10/msg00023.html"
          },
          {
            "title": "openSUSE-SU-2017:2755",
            "trust": 0.8,
            "url": "https://lists.opensuse.org/opensuse-security-announce/2017-10/msg00024.html"
          },
          {
            "title": "KRACKs - wpa_supplicant Multiple Vulnerabilities",
            "trust": 0.8,
            "url": "https://access.redhat.com/security/vulnerabilities/kracks"
          },
          {
            "title": "USN-3455-1",
            "trust": 0.8,
            "url": "https://usn.ubuntu.com/usn/USN-3455-1/"
          },
          {
            "title": "WPA packet number reuse with replayed messages and key reinstallation",
            "trust": 0.8,
            "url": "https://w1.fi/security/2017-1/wpa-packet-number-reuse-with-replayed-messages.txt"
          },
          {
            "title": "Wi-Fi\u306e\u8a8d\u8a3c\uff0f\u6697\u53f7\u5316\u6280\u8853WPA2\u304a\u3088\u3073WPA\u306e\u8907\u6570\u306e\u8106\u5f31\u6027\u306b\u3064\u3044\u3066",
            "trust": 0.8,
            "url": "http://www.fujitsu.com/jp/products/network/support/2017/srm-01/index.html"
          },
          {
            "title": "WPA2\u306e\u8106\u5f31\u6027\u306b\u95a2\u3059\u308b\u5f0a\u793e\u8abf\u67fb\u30fb\u5bfe\u5fdc\u72b6\u6cc1\u306b\u3064\u3044\u3066",
            "trust": 0.8,
            "url": "http://www.iodata.jp/support/information/2017/wpa2/"
          },
          {
            "title": "\u7121\u7ddaLAN \u8a8d\u8a3c\uff0f\u6697\u53f7\u5316\u6280\u8853WPA2\u304a\u3088\u3073WPA\u306b\u95a2\u3059\u308b\u8106\u5f31\u6027\u306e\u304a\u77e5\u3089\u305b",
            "trust": 0.8,
            "url": "http://www.fmworld.net/biz/common/info/20171110/"
          },
          {
            "title": "\\302\\240Patch for WPA2 Wireless Network IGTK Group Key Reload Vulnerability (CNVD-2017-30402)",
            "trust": 0.6,
            "url": "https://www.cnvd.org.cn/patchInfo/show/103822"
          },
          {
            "title": "Multiple WiFi product WPA2 Security vulnerabilities",
            "trust": 0.6,
            "url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=75498"
          },
          {
            "title": "The Register",
            "trust": 0.2,
            "url": "https://www.theregister.co.uk/2017/11/07/android_november_security_update/"
          },
          {
            "title": "The Register",
            "trust": 0.2,
            "url": "https://www.theregister.co.uk/2017/10/16/wpa2_inscure_krackattack/"
          },
          {
            "title": "Ubuntu Security Notice: linux-firmware vulnerabilities",
            "trust": 0.1,
            "url": "https://vulmon.com/vendoradvisory?qidtp=ubuntu_security_notice\u0026qid=USN-3505-1"
          },
          {
            "title": "Red Hat: CVE-2017-13081",
            "trust": 0.1,
            "url": "https://vulmon.com/vendoradvisory?qidtp=red_hat_cve_database\u0026qid=CVE-2017-13081"
          },
          {
            "title": "HP: SUPPORT COMMUNICATION- SECURITY BULLETIN\nHPSBHF03582 rev. 2 - KRACK Vulnerability Affecting WPA2 Wireless Security",
            "trust": 0.1,
            "url": "https://vulmon.com/vendoradvisory?qidtp=hp_bulletin\u0026qid=36b93bf3331f76d26d40fe1f638cd7b3"
          },
          {
            "title": "Arch Linux Issues: ",
            "trust": 0.1,
            "url": "https://vulmon.com/vendoradvisory?qidtp=arch_linux_issues\u0026qid=CVE-2017-13081"
          },
          {
            "title": "HP: HPSBHF03582 rev. 2 - KRACK Vulnerability Affecting WPA2 Wireless Security",
            "trust": 0.1,
            "url": "https://vulmon.com/vendoradvisory?qidtp=hp_bulletin\u0026qid=HPSBHF03582"
          },
          {
            "title": "HP: SUPPORT COMMUNICATION- SECURITY BULLETIN\nHPSBPI03574 rev. 2 - WPA, WPA2 Key Reinstallation Attacks (KRACK attacks) Potential Remote Disclosure of Information: Certain HP Enterprise Printer and MFP products, Certain HP PageWide Printer and MFP Products, HP Jetdirect Accessory Products",
            "trust": 0.1,
            "url": "https://vulmon.com/vendoradvisory?qidtp=hp_bulletin\u0026qid=8d6572a049179153e7106f494e1a3bca"
          },
          {
            "title": "Debian CVElist Bug Report Logs: firmware-brcm80211: BroadPwn vulnerability CVE-2017-9417",
            "trust": 0.1,
            "url": "https://vulmon.com/vendoradvisory?qidtp=debian_cvelist_bugreportlogs\u0026qid=2e0affd9108e95fa2aa2c706c74cd8a9"
          },
          {
            "title": "Ubuntu Security Notice: wpa vulnerabilities",
            "trust": 0.1,
            "url": "https://vulmon.com/vendoradvisory?qidtp=ubuntu_security_notice\u0026qid=USN-3455-1"
          },
          {
            "title": "Debian Security Advisories: DSA-3999-1 wpa -- security update",
            "trust": 0.1,
            "url": "https://vulmon.com/vendoradvisory?qidtp=debian_security_advisories\u0026qid=08990d9925276738bd732fa4d58f9ef0"
          },
          {
            "title": "HP: HPSBPI03574 rev. 1 - WPA, WPA2 Key Reinstallation Attacks (KRACK attacks) Potential Remote Disclosure of Information: Certain HP Enterprise Printer and MFP products, Certain HP PageWide Printer and MFP Products, HP Jetdirect Accessory Products",
            "trust": 0.1,
            "url": "https://vulmon.com/vendoradvisory?qidtp=hp_bulletin\u0026qid=HPSBPI03574"
          },
          {
            "title": "Arch Linux Advisories: [ASA-201710-23] hostapd: man-in-the-middle",
            "trust": 0.1,
            "url": "https://vulmon.com/vendoradvisory?qidtp=arch_linux_advisories\u0026qid=ASA-201710-23"
          },
          {
            "title": "Arch Linux Advisories: [ASA-201710-22] wpa_supplicant: man-in-the-middle",
            "trust": 0.1,
            "url": "https://vulmon.com/vendoradvisory?qidtp=arch_linux_advisories\u0026qid=ASA-201710-22"
          },
          {
            "title": "HP: SUPPORT COMMUNICATION- SECURITY BULLETIN\nHP Printing Security Advisory - KRACK Attacks Potential Vulnerabilities",
            "trust": 0.1,
            "url": "https://vulmon.com/vendoradvisory?qidtp=hp_bulletin\u0026qid=159d2d394e685e849c1feb8bd9a2f58e"
          },
          {
            "title": "HP: SUPPORT COMMUNICATION- SECURITY BULLETIN\nHPSBPI03574 rev. 2 - WPA, WPA2 Key Reinstallation Attacks (KRACK attacks) Potential Remote Disclosure of Information: Certain HP Enterprise Printer and MFP products, Certain HP PageWide Printer and MFP Products, HP Jetdirect Accessory Products",
            "trust": 0.1,
            "url": "https://vulmon.com/vendoradvisory?qidtp=hp_bulletin\u0026qid=5acd9ad059fdc01fe064c5234e076a80"
          },
          {
            "title": "Siemens Security Advisories: Siemens Security Advisory",
            "trust": 0.1,
            "url": "https://vulmon.com/vendoradvisory?qidtp=siemens_security_advisories\u0026qid=6df91267eee9400a24a98876f50ffe84"
          },
          {
            "title": "Android Security Bulletins: Android Security Bulletin\u2014November 2017",
            "trust": 0.1,
            "url": "https://vulmon.com/vendoradvisory?qidtp=android_security_bulletins\u0026qid=8c29eb008bb212762e5cfb25c7c5c0d5"
          },
          {
            "title": "Cisco: Multiple Vulnerabilities in Wi-Fi Protected Access and Wi-Fi Protected Access II",
            "trust": 0.1,
            "url": "https://vulmon.com/vendoradvisory?qidtp=cisco_security_advisories_and_alerts_ciscoproducts\u0026qid=cisco-sa-20171016-wpa"
          },
          {
            "title": "Oracle: Oracle Critical Patch Update Advisory - January 2018",
            "trust": 0.1,
            "url": "https://vulmon.com/vendoradvisory?qidtp=oracle_advisories\u0026qid=e2a7f287e9acc8c64ab3df71130bc64d"
          },
          {
            "title": "KRACK",
            "trust": 0.1,
            "url": "https://github.com/chinatso/KRACK "
          },
          {
            "title": "krackinfo",
            "trust": 0.1,
            "url": "https://github.com/kristate/krackinfo "
          },
          {
            "title": "",
            "trust": 0.1,
            "url": "https://github.com/merlinepedra/KRACK "
          },
          {
            "title": "nixos-issue-db-example",
            "trust": 0.1,
            "url": "https://github.com/andir/nixos-issue-db-example "
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2017-30402"
          },
          {
            "db": "VULMON",
            "id": "CVE-2017-13081"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2017-009174"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201710-384"
          }
        ]
      },
      "problemtype_data": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "problemtype": "CWE-323",
            "trust": 1.0
          },
          {
            "problemtype": "CWE-330",
            "trust": 1.0
          },
          {
            "problemtype": "CWE-254",
            "trust": 0.8
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2017-009174"
          },
          {
            "db": "NVD",
            "id": "CVE-2017-13081"
          }
        ]
      },
      "references": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/references#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "trust": 3.7,
            "url": "https://www.krackattacks.com/"
          },
          {
            "trust": 3.3,
            "url": "https://source.android.com/security/bulletin/2017-11-01"
          },
          {
            "trust": 2.9,
            "url": "http://www.securityfocus.com/bid/101274"
          },
          {
            "trust": 2.8,
            "url": "http://www.arubanetworks.com/assets/alert/aruba-psa-2017-007.txt"
          },
          {
            "trust": 2.8,
            "url": "https://tools.cisco.com/security/center/content/ciscosecurityadvisory/cisco-sa-20171016-wpa"
          },
          {
            "trust": 2.5,
            "url": "http://www.debian.org/security/2017/dsa-3999"
          },
          {
            "trust": 2.5,
            "url": "https://access.redhat.com/security/vulnerabilities/kracks"
          },
          {
            "trust": 2.1,
            "url": "http://www.kb.cert.org/vuls/id/228519"
          },
          {
            "trust": 1.8,
            "url": "https://w1.fi/security/2017-1/wpa-packet-number-reuse-with-replayed-messages.txt"
          },
          {
            "trust": 1.8,
            "url": "http://www.ubuntu.com/usn/usn-3455-1"
          },
          {
            "trust": 1.7,
            "url": "http://www.securitytracker.com/id/1039585"
          },
          {
            "trust": 1.7,
            "url": "http://www.securitytracker.com/id/1039581"
          },
          {
            "trust": 1.7,
            "url": "http://www.securitytracker.com/id/1039578"
          },
          {
            "trust": 1.7,
            "url": "http://www.securitytracker.com/id/1039577"
          },
          {
            "trust": 1.7,
            "url": "http://www.securitytracker.com/id/1039576"
          },
          {
            "trust": 1.7,
            "url": "http://www.securitytracker.com/id/1039573"
          },
          {
            "trust": 1.7,
            "url": "https://security.freebsd.org/advisories/freebsd-sa-17:07.wpa.asc"
          },
          {
            "trust": 1.7,
            "url": "http://lists.opensuse.org/opensuse-security-announce/2017-10/msg00024.html"
          },
          {
            "trust": 1.7,
            "url": "http://lists.opensuse.org/opensuse-security-announce/2017-10/msg00023.html"
          },
          {
            "trust": 1.7,
            "url": "http://lists.opensuse.org/opensuse-security-announce/2017-10/msg00020.html"
          },
          {
            "trust": 1.7,
            "url": "https://security.gentoo.org/glsa/201711-03"
          },
          {
            "trust": 1.7,
            "url": "http://www.oracle.com/technetwork/security-advisory/cpujan2018-3236628.html"
          },
          {
            "trust": 1.7,
            "url": "https://support.hpe.com/hpsc/doc/public/display?doclocale=en_us\u0026docid=emr_na-hpesbhf03792en_us"
          },
          {
            "trust": 1.7,
            "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-901333.pdf"
          },
          {
            "trust": 1.7,
            "url": "https://cert.vde.com/en-us/advisories/vde-2017-005"
          },
          {
            "trust": 1.7,
            "url": "https://lists.debian.org/debian-lts-announce/2018/11/msg00015.html"
          },
          {
            "trust": 1.3,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2017-13081"
          },
          {
            "trust": 1.2,
            "url": "https://ics-cert.us-cert.gov/advisories/icsma-18-114-01"
          },
          {
            "trust": 1.1,
            "url": "https://papers.mathyvanhoef.com/ccs2017.pdf"
          },
          {
            "trust": 1.1,
            "url": "https://w1.fi/security/2017-1/"
          },
          {
            "trust": 1.1,
            "url": "https://security-center.intel.com/advisory.aspx?intelid=intel-sa-00101\u0026languageid=en-fr"
          },
          {
            "trust": 1.1,
            "url": "https://portal.msrc.microsoft.com/en-us/security-guidance/advisory/cve-2017-13080"
          },
          {
            "trust": 1.1,
            "url": "https://ics-cert.us-cert.gov/advisories/icsa-17-353-02"
          },
          {
            "trust": 1.1,
            "url": "https://ics-cert.us-cert.gov/advisories/icsa-17-318-01"
          },
          {
            "trust": 1.1,
            "url": "https://ics-cert.us-cert.gov/advisories/icsma-19-029-01"
          },
          {
            "trust": 0.9,
            "url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2017-13081"
          },
          {
            "trust": 0.8,
            "url": "https://cwe.mitre.org/data/definitions/323.html"
          },
          {
            "trust": 0.8,
            "url": "https://actiontecsupport.zendesk.com/hc/en-us/articles/115005205283-krack-vulnerability"
          },
          {
            "trust": 0.8,
            "url": "https://www3.aerohive.com/support/security-bulletins/product-security-announcement-aerohives-response-to-krack-10162017.html"
          },
          {
            "trust": 0.8,
            "url": "https://www.al-enterprise.com/en/support/security-alert-krack"
          },
          {
            "trust": 0.8,
            "url": "https://support.apple.com/en-gb/ht208222"
          },
          {
            "trust": 0.8,
            "url": "https://security.archlinux.org/avg-447"
          },
          {
            "trust": 0.8,
            "url": "https://www.asus.com/static_webpage/asus-product-security-advisory/"
          },
          {
            "trust": 0.8,
            "url": "https://community.barracudanetworks.com/forum/index.php?/topic/23525-security-advisories/page-2"
          },
          {
            "trust": 0.8,
            "url": "https://lists.centos.org/pipermail/centos-announce/2017-october/022569.html"
          },
          {
            "trust": 0.8,
            "url": "https://community.cypress.com/docs/doc-13871"
          },
          {
            "trust": 0.8,
            "url": "http://supportannouncement.us.dlink.com/announcement/publication.aspx?name=sap10075"
          },
          {
            "trust": 0.8,
            "url": "http://www.dell.com/support/article/sln307822"
          },
          {
            "trust": 0.8,
            "url": "https://github.com/espressif/esp8266_nonos_sdk"
          },
          {
            "trust": 0.8,
            "url": "https://extremeportal.force.com/extrarticledetail?n=000018005"
          },
          {
            "trust": 0.8,
            "url": "https://bodhi.fedoraproject.org/updates/fedora-2017-60bfb576b7"
          },
          {
            "trust": 0.8,
            "url": "http://www.fortiguard.com/psirt/fg-ir-17-196"
          },
          {
            "trust": 0.8,
            "url": "https://www.freebsd.org/security/advisories/freebsd-sa-17:07.wpa.asc"
          },
          {
            "trust": 0.8,
            "url": "https://bugs.gentoo.org/634440"
          },
          {
            "trust": 0.8,
            "url": "https://support.hpe.com/hpsc/doc/public/display?sp4ts.oid=null\u0026doclocale=en_us\u0026docid=emr_na-a00029151en_us"
          },
          {
            "trust": 0.8,
            "url": "https://kb.juniper.net/jsa10827"
          },
          {
            "trust": 0.8,
            "url": "https://support.lenovo.com/ca/en/product_security/len-17420"
          },
          {
            "trust": 0.8,
            "url": "http://www.microchip.com/wwwproducts/en/atwinc1500"
          },
          {
            "trust": 0.8,
            "url": "http://mail-index.netbsd.org/source-changes/2017/10/16/msg088877.html"
          },
          {
            "trust": 0.8,
            "url": "https://kb.netgear.com/000049498/security-advisory-for-wpa-2-vulnerabilities-psv-2017-2826-psv-2017-2836-psv-2017-2837"
          },
          {
            "trust": 0.8,
            "url": "https://forum.peplink.com/t/security-advisory-wpa2-vulnerability-vu-228519/12715"
          },
          {
            "trust": 0.8,
            "url": "https://ruckus-www.s3.amazonaws.com/pdf/security/faq-security-advisory-id-101617-v1.0.pdf"
          },
          {
            "trust": 0.8,
            "url": "https://www.suse.com/de-de/support/kb/doc/?id=7022107"
          },
          {
            "trust": 0.8,
            "url": "https://source.sierrawireless.com/resources/airlink/software_reference_docs/technical-bulletin/sierra-wireless-technical-bulletin---wpa-and-wpa2-vulnerabilities/"
          },
          {
            "trust": 0.8,
            "url": "http://www.slackware.com/changelog/stable.php?cpu=x86_64"
          },
          {
            "trust": 0.8,
            "url": "https://community.sophos.com/kb/en-us/127658"
          },
          {
            "trust": 0.8,
            "url": "https://www.toshibacommerce.com/wps/myportal/%21ut/p/a1/rzrnc8igeiz_sw8egqhjcdmmwr8abw2dqcnfoyqotidrrk399uxrrwotuzgws7a87y6z88iuzmcq2u4uwcnlzypjnjj5-exr_wnhya-laxtrid-j3uchdtb8gylmuw6qzgktovtowsrrqlrs6-8dbeqhwc1mykqnlabgdjlf1yjvn7i5af4qtdwsn2tri7j"
          },
          {
            "trust": 0.8,
            "url": "http://www.toshiba-personalstorage.net/en/news/hdd/ot_notice/20171017.htm"
          },
          {
            "trust": 0.8,
            "url": "http://support.toshiba.com/support/staticcontentdetail?contentid=4015875\u0026isfromtoclink=false"
          },
          {
            "trust": 0.8,
            "url": "https://community.ubnt.com/t5/unifi-updates-blog/firmware-3-9-3-7537-for-uap-usw-has-been-released/ba-p/2099365"
          },
          {
            "trust": 0.8,
            "url": "https://usn.ubuntu.com/usn/usn-3455-1/"
          },
          {
            "trust": 0.8,
            "url": "http://en.miui.com/thread-954223-1-1.html"
          },
          {
            "trust": 0.8,
            "url": "https://www.zebra.com/content/dam/zebra_new_ia/en-us/support-and-downloads/lifeguard-security/krack-security-bulletin.pdf"
          },
          {
            "trust": 0.8,
            "url": "http://www.zyxel.com/support/announcement_wpa2_key_management.shtml"
          },
          {
            "trust": 0.8,
            "url": "https://supportcenter.checkpoint.com/supportcenter/portal?eventsubmit_dogoviewsolutiondetails=\u0026solutionid=sk120938"
          },
          {
            "trust": 0.8,
            "url": "https://community.rsa.com/docs/doc-84103"
          },
          {
            "trust": 0.8,
            "url": "https://support.f5.com/csp/article/k23642330"
          },
          {
            "trust": 0.8,
            "url": "https://forum.mikrotik.com/viewtopic.php?f=21\u0026t=126695"
          },
          {
            "trust": 0.8,
            "url": "https://community.linksys.com/t5/wireless-routers/krack-vulnerability/td-p/1218573"
          },
          {
            "trust": 0.8,
            "url": "https://ics-cert.us-cert.gov/advisories/icsa-17-318-02a"
          },
          {
            "trust": 0.8,
            "url": "https://www.ipa.go.jp/security/ciadr/vul/20171017_wpa2.html"
          },
          {
            "trust": 0.8,
            "url": "http://jvn.jp/vu/jvnvu90609033/index.html"
          },
          {
            "trust": 0.8,
            "url": "https://www.kb.cert.org/vuls/id/cheu-aqnmyp"
          },
          {
            "trust": 0.6,
            "url": "https://www.kb.cert.org/vuls/id/228519/"
          },
          {
            "trust": 0.6,
            "url": "https://www.auscert.org.au/bulletins/esb-2020.4125/"
          },
          {
            "trust": 0.5,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2017-13080"
          },
          {
            "trust": 0.4,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2017-13082"
          },
          {
            "trust": 0.4,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2017-13088"
          },
          {
            "trust": 0.4,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2017-13087"
          },
          {
            "trust": 0.4,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2017-13086"
          },
          {
            "trust": 0.4,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2017-13077"
          },
          {
            "trust": 0.4,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2017-13079"
          },
          {
            "trust": 0.4,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2017-13078"
          },
          {
            "trust": 0.3,
            "url": "https://github.com/stevenhoneyman/wpa_gui/tree/master/wpa_supplicant-2.4"
          },
          {
            "trust": 0.3,
            "url": "http://www.wi-fi.org/index.php"
          },
          {
            "trust": 0.3,
            "url": "https://support.apple.com/en-ie/ht208847"
          },
          {
            "trust": 0.3,
            "url": "https://support.apple.com/en-in/ht208334"
          },
          {
            "trust": 0.3,
            "url": "https://support.apple.com/en-in/ht208327"
          },
          {
            "trust": 0.3,
            "url": "https://support.apple.com/en-in/ht208325"
          },
          {
            "trust": 0.3,
            "url": "https://lists.apple.com/archives/security-announce/2017/dec/msg00009.html"
          },
          {
            "trust": 0.3,
            "url": "https://lists.apple.com/archives/security-announce/2017/dec/msg00008.html"
          },
          {
            "trust": 0.3,
            "url": "https://lists.apple.com/archives/security-announce/2018/jul/msg00000.html"
          },
          {
            "trust": 0.3,
            "url": "https://access.redhat.com/security/cve/cve-2017-13077"
          },
          {
            "trust": 0.3,
            "url": "https://access.redhat.com/security/cve/cve-2017-13078"
          },
          {
            "trust": 0.3,
            "url": "https://access.redhat.com/security/cve/cve-2017-13079"
          },
          {
            "trust": 0.3,
            "url": "https://access.redhat.com/security/cve/cve-2017-13080"
          },
          {
            "trust": 0.3,
            "url": "https://access.redhat.com/security/cve/cve-2017-13081"
          },
          {
            "trust": 0.3,
            "url": "https://access.redhat.com/security/cve/cve-2017-13082"
          },
          {
            "trust": 0.3,
            "url": "https://access.redhat.com/security/cve/cve-2017-13084"
          },
          {
            "trust": 0.3,
            "url": "https://access.redhat.com/security/cve/cve-2017-13086"
          },
          {
            "trust": 0.3,
            "url": "https://access.redhat.com/security/cve/cve-2017-13087"
          },
          {
            "trust": 0.3,
            "url": "https://access.redhat.com/security/cve/cve-2017-13088"
          },
          {
            "trust": 0.3,
            "url": "http://docs.fortinet.com/uploaded/files/3961/fortiap-v5.6.1-release-notes.pdf"
          },
          {
            "trust": 0.3,
            "url": "https://ics-cert.us-cert.gov/advisories/icsa-17-299-02"
          },
          {
            "trust": 0.3,
            "url": "https://ics-cert.us-cert.gov/advisories/icsa-17-318-02"
          },
          {
            "trust": 0.3,
            "url": "https://ics-cert.us-cert.gov/advisories/icsa-17-325-01"
          },
          {
            "trust": 0.3,
            "url": "http://www.oracle.com/technetwork/security-advisory/cpuapr2018-3678067.html"
          },
          {
            "trust": 0.3,
            "url": "https://access.redhat.com/errata/rhsa-2017:2907"
          },
          {
            "trust": 0.3,
            "url": "https://access.redhat.com/errata/rhsa-2017:2911"
          },
          {
            "trust": 0.1,
            "url": "https://cwe.mitre.org/data/definitions/330.html"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov"
          },
          {
            "trust": 0.1,
            "url": "https://usn.ubuntu.com/3505-1/"
          },
          {
            "trust": 0.1,
            "url": "https://www.debian.org/security/faq"
          },
          {
            "trust": 0.1,
            "url": "https://www.debian.org/security/"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2016-4476"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2016-4477"
          },
          {
            "trust": 0.1,
            "url": "https://launchpad.net/ubuntu/+source/wpa/2.1-0ubuntu1.5"
          },
          {
            "trust": 0.1,
            "url": "https://launchpad.net/ubuntu/+source/wpa/2.4-0ubuntu9.1"
          },
          {
            "trust": 0.1,
            "url": "https://launchpad.net/ubuntu/+source/wpa/2.4-0ubuntu6.2"
          },
          {
            "trust": 0.1,
            "url": "https://launchpad.net/ubuntu/+source/linux-firmware/1.169.1"
          },
          {
            "trust": 0.1,
            "url": "https://www.ubuntu.com/usn/usn-3505-1"
          },
          {
            "trust": 0.1,
            "url": "https://launchpad.net/ubuntu/+source/linux-firmware/1.164.2"
          },
          {
            "trust": 0.1,
            "url": "https://launchpad.net/ubuntu/+source/linux-firmware/1.157.14"
          },
          {
            "trust": 0.1,
            "url": "https://launchpad.net/ubuntu/+source/linux-firmware/1.127.24"
          },
          {
            "trust": 0.1,
            "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2017-13078"
          },
          {
            "trust": 0.1,
            "url": "http://slackware.com"
          },
          {
            "trust": 0.1,
            "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2017-13080"
          },
          {
            "trust": 0.1,
            "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2017-13082"
          },
          {
            "trust": 0.1,
            "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2017-13077"
          },
          {
            "trust": 0.1,
            "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2017-13087"
          },
          {
            "trust": 0.1,
            "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2017-13084"
          },
          {
            "trust": 0.1,
            "url": "http://slackware.com/gpg-key"
          },
          {
            "trust": 0.1,
            "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2017-13086"
          },
          {
            "trust": 0.1,
            "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2017-13088"
          },
          {
            "trust": 0.1,
            "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2017-13079"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2017-13084"
          },
          {
            "trust": 0.1,
            "url": "http://osuosl.org)"
          },
          {
            "trust": 0.1,
            "url": "https://security.freebsd.org/patches/sa-17:07/wpa-10.patch.asc"
          },
          {
            "trust": 0.1,
            "url": "https://security.freebsd.org/advisories/freebsd-sa-17:07.wpa.asc\u003e"
          },
          {
            "trust": 0.1,
            "url": "https://svnweb.freebsd.org/base?view=revision\u0026revision=nnnnnn\u003e"
          },
          {
            "trust": 0.1,
            "url": "https://www.krackattacks.com/\u003e"
          },
          {
            "trust": 0.1,
            "url": "https://security.freebsd.org/patches/sa-17:07/wpa-11.patch.asc"
          },
          {
            "trust": 0.1,
            "url": "https://security.freebsd.org/\u003e."
          },
          {
            "trust": 0.1,
            "url": "https://security.freebsd.org/patches/sa-17:07/wpa-11.patch"
          },
          {
            "trust": 0.1,
            "url": "https://security.freebsd.org/patches/sa-17:07/wpa-10.patch"
          },
          {
            "trust": 0.1,
            "url": "https://www.freebsd.org/handbook/makeworld.html\u003e."
          },
          {
            "trust": 0.1,
            "url": "https://w1.fi/security/2017-1/wpa-packet-number-reuse-with-replayed-messages.txt\u003e"
          }
        ],
        "sources": [
          {
            "db": "CERT/CC",
            "id": "VU#228519"
          },
          {
            "db": "CNVD",
            "id": "CNVD-2017-30402"
          },
          {
            "db": "VULMON",
            "id": "CVE-2017-13081"
          },
          {
            "db": "BID",
            "id": "101274"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2017-009174"
          },
          {
            "db": "PACKETSTORM",
            "id": "144630"
          },
          {
            "db": "PACKETSTORM",
            "id": "144632"
          },
          {
            "db": "PACKETSTORM",
            "id": "145228"
          },
          {
            "db": "PACKETSTORM",
            "id": "144663"
          },
          {
            "db": "PACKETSTORM",
            "id": "144669"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201710-384"
          },
          {
            "db": "NVD",
            "id": "CVE-2017-13081"
          }
        ]
      },
      "sources": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "db": "IVD",
            "id": "99f194cf-017c-4d52-b709-25cd18723622"
          },
          {
            "db": "CERT/CC",
            "id": "VU#228519"
          },
          {
            "db": "CNVD",
            "id": "CNVD-2017-30402"
          },
          {
            "db": "VULMON",
            "id": "CVE-2017-13081"
          },
          {
            "db": "BID",
            "id": "101274"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2017-009174"
          },
          {
            "db": "PACKETSTORM",
            "id": "144630"
          },
          {
            "db": "PACKETSTORM",
            "id": "144632"
          },
          {
            "db": "PACKETSTORM",
            "id": "145228"
          },
          {
            "db": "PACKETSTORM",
            "id": "144663"
          },
          {
            "db": "PACKETSTORM",
            "id": "144669"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201710-384"
          },
          {
            "db": "NVD",
            "id": "CVE-2017-13081"
          }
        ]
      },
      "sources_release_date": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "date": "2017-10-17T00:00:00",
            "db": "IVD",
            "id": "99f194cf-017c-4d52-b709-25cd18723622"
          },
          {
            "date": "2017-10-16T00:00:00",
            "db": "CERT/CC",
            "id": "VU#228519"
          },
          {
            "date": "2017-10-18T00:00:00",
            "db": "CNVD",
            "id": "CNVD-2017-30402"
          },
          {
            "date": "2017-10-17T00:00:00",
            "db": "VULMON",
            "id": "CVE-2017-13081"
          },
          {
            "date": "2017-10-16T00:00:00",
            "db": "BID",
            "id": "101274"
          },
          {
            "date": "2017-11-06T00:00:00",
            "db": "JVNDB",
            "id": "JVNDB-2017-009174"
          },
          {
            "date": "2017-10-16T13:49:34",
            "db": "PACKETSTORM",
            "id": "144630"
          },
          {
            "date": "2017-10-16T23:23:00",
            "db": "PACKETSTORM",
            "id": "144632"
          },
          {
            "date": "2017-12-06T22:22:00",
            "db": "PACKETSTORM",
            "id": "145228"
          },
          {
            "date": "2017-10-18T20:44:00",
            "db": "PACKETSTORM",
            "id": "144663"
          },
          {
            "date": "2017-10-19T14:28:55",
            "db": "PACKETSTORM",
            "id": "144669"
          },
          {
            "date": "2017-10-17T00:00:00",
            "db": "CNNVD",
            "id": "CNNVD-201710-384"
          },
          {
            "date": "2017-10-17T13:29:00.443000",
            "db": "NVD",
            "id": "CVE-2017-13081"
          }
        ]
      },
      "sources_update_date": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "date": "2017-11-16T00:00:00",
            "db": "CERT/CC",
            "id": "VU#228519"
          },
          {
            "date": "2017-10-17T00:00:00",
            "db": "CNVD",
            "id": "CNVD-2017-30402"
          },
          {
            "date": "2019-10-03T00:00:00",
            "db": "VULMON",
            "id": "CVE-2017-13081"
          },
          {
            "date": "2019-02-21T09:00:00",
            "db": "BID",
            "id": "101274"
          },
          {
            "date": "2019-02-01T00:00:00",
            "db": "JVNDB",
            "id": "JVNDB-2017-009174"
          },
          {
            "date": "2020-11-23T00:00:00",
            "db": "CNNVD",
            "id": "CNNVD-201710-384"
          },
          {
            "date": "2025-04-20T01:37:25.860000",
            "db": "NVD",
            "id": "CVE-2017-13081"
          }
        ]
      },
      "threat_type": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/threat_type#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "remote or local",
        "sources": [
          {
            "db": "CNNVD",
            "id": "CNNVD-201710-384"
          }
        ],
        "trust": 0.6
      },
      "title": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/title#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "Wi-Fi Protected Access (WPA) handshake traffic can be manipulated to induce nonce and session key reuse",
        "sources": [
          {
            "db": "CERT/CC",
            "id": "VU#228519"
          }
        ],
        "trust": 0.8
      },
      "type": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/type#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "security feature problem",
        "sources": [
          {
            "db": "CNNVD",
            "id": "CNNVD-201710-384"
          }
        ],
        "trust": 0.6
      }
    }

    VAR-201710-0451

    Vulnerability from variot - Updated: 2025-04-20 22:57

    Memory leak in dnsmasq before 2.78, when the --add-mac, --add-cpe-id or --add-subnet option is specified, allows remote attackers to cause a denial of service (memory consumption) via vectors involving DNS response creation. Dnsmasq versions 2.77 and earlier contains multiple vulnerabilities. dnsmasq Contains a resource management vulnerability.Service operation interruption (DoS) There is a possibility of being put into a state. Multiple Siemens SCALANCE Products are prone to the following security vulnerabilities: 1. A buffer-overflow vulnerability 2. Multiple denial-of-service vulnerabilities Attackers can exploit these issues to execute arbitrary code within the context of affected device or cause a denial-of-service condition. This BID is being retired as a duplicate of BID 101085 Dnsmasq VU#973527 Multiple Security Vulnerabilities. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1

    ===================================================================== Red Hat Security Advisory

    Synopsis: Critical: dnsmasq security update Advisory ID: RHSA-2017:2836-01 Product: Red Hat Enterprise Linux Advisory URL: https://access.redhat.com/errata/RHSA-2017:2836 Issue date: 2017-10-02 CVE Names: CVE-2017-14491 CVE-2017-14492 CVE-2017-14493 CVE-2017-14494 CVE-2017-14495 CVE-2017-14496 =====================================================================

    1. Summary:

    An update for dnsmasq is now available for Red Hat Enterprise Linux 7.

    Red Hat Product Security has rated this update as having a security impact of Critical. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.

    1. Relevant releases/architectures:

    Red Hat Enterprise Linux Client (v. 7) - x86_64 Red Hat Enterprise Linux Client Optional (v. 7) - x86_64 Red Hat Enterprise Linux ComputeNode (v. 7) - x86_64 Red Hat Enterprise Linux ComputeNode Optional (v. 7) - x86_64 Red Hat Enterprise Linux Server (v. 7) - aarch64, ppc64, ppc64le, s390x, x86_64 Red Hat Enterprise Linux Server Optional (v. 7) - aarch64, ppc64, ppc64le, s390x, x86_64 Red Hat Enterprise Linux Workstation (v. 7) - x86_64 Red Hat Enterprise Linux Workstation Optional (v. 7) - x86_64

    1. Description:

    The dnsmasq packages contain Dnsmasq, a lightweight DNS (Domain Name Server) forwarder and DHCP (Dynamic Host Configuration Protocol) server.

    Security Fix(es):

    • A heap buffer overflow was found in dnsmasq in the code responsible for building DNS replies. An attacker could send crafted DNS packets to dnsmasq which would cause it to crash or, potentially, execute arbitrary code. (CVE-2017-14491)

    • A heap buffer overflow was discovered in dnsmasq in the IPv6 router advertisement (RA) handling code. This issue only affected configurations using one of these options: enable-ra, ra-only, slaac, ra-names, ra-advrouter, or ra-stateless. (CVE-2017-14492)

    • A stack buffer overflow was found in dnsmasq in the DHCPv6 code. (CVE-2017-14493)

    • An information leak was found in dnsmasq in the DHCPv6 relay code. An attacker on the local network could send crafted DHCPv6 packets to dnsmasq causing it to forward the contents of process memory, potentially leaking sensitive data. (CVE-2017-14494)

    • A memory exhaustion flaw was found in dnsmasq in the EDNS0 code. An attacker could send crafted DNS packets which would trigger memory allocations which would never be freed, leading to unbounded memory consumption and eventually a crash. This issue only affected configurations using one of the options: add-mac, add-cpe-id, or add-subnet. (CVE-2017-14495)

    • An integer underflow flaw leading to a buffer over-read was found in dnsmasq in the EDNS0 code. An attacker could send crafted DNS packets to dnsmasq which would cause it to crash. This issue only affected configurations using one of the options: add-mac, add-cpe-id, or add-subnet. (CVE-2017-14496)

    Red Hat would like to thank Felix Wilhelm (Google Security Team), Fermin J. Serna (Google Security Team), Gabriel Campana (Google Security Team), Kevin Hamacher (Google Security Team), and Ron Bowes (Google Security Team) for reporting these issues.

    1. Solution:

    For details on how to apply this update, which includes the changes described in this advisory, refer to:

    https://access.redhat.com/articles/11258

    1. Bugs fixed (https://bugzilla.redhat.com/):

    1495409 - CVE-2017-14491 dnsmasq: heap overflow in the code responsible for building DNS replies 1495410 - CVE-2017-14492 dnsmasq: heap overflow in the IPv6 router advertisement code 1495411 - CVE-2017-14493 dnsmasq: stack buffer overflow in the DHCPv6 code 1495412 - CVE-2017-14494 dnsmasq: information leak in the DHCPv6 relay code 1495415 - CVE-2017-14495 dnsmasq: memory exhaustion vulnerability in the EDNS0 code 1495416 - CVE-2017-14496 dnsmasq: integer underflow leading to buffer over-read in the EDNS0 code

    1. Package List:

    Red Hat Enterprise Linux Client (v. 7):

    Source: dnsmasq-2.76-2.el7_4.2.src.rpm

    x86_64: dnsmasq-2.76-2.el7_4.2.x86_64.rpm dnsmasq-debuginfo-2.76-2.el7_4.2.x86_64.rpm

    Red Hat Enterprise Linux Client Optional (v. 7):

    x86_64: dnsmasq-debuginfo-2.76-2.el7_4.2.x86_64.rpm dnsmasq-utils-2.76-2.el7_4.2.x86_64.rpm

    Red Hat Enterprise Linux ComputeNode (v. 7):

    Source: dnsmasq-2.76-2.el7_4.2.src.rpm

    x86_64: dnsmasq-2.76-2.el7_4.2.x86_64.rpm dnsmasq-debuginfo-2.76-2.el7_4.2.x86_64.rpm

    Red Hat Enterprise Linux ComputeNode Optional (v. 7):

    x86_64: dnsmasq-debuginfo-2.76-2.el7_4.2.x86_64.rpm dnsmasq-utils-2.76-2.el7_4.2.x86_64.rpm

    Red Hat Enterprise Linux Server (v. 7):

    Source: dnsmasq-2.76-2.el7_4.2.src.rpm

    aarch64: dnsmasq-2.76-2.el7_4.2.aarch64.rpm dnsmasq-debuginfo-2.76-2.el7_4.2.aarch64.rpm

    ppc64: dnsmasq-2.76-2.el7_4.2.ppc64.rpm dnsmasq-debuginfo-2.76-2.el7_4.2.ppc64.rpm

    ppc64le: dnsmasq-2.76-2.el7_4.2.ppc64le.rpm dnsmasq-debuginfo-2.76-2.el7_4.2.ppc64le.rpm

    s390x: dnsmasq-2.76-2.el7_4.2.s390x.rpm dnsmasq-debuginfo-2.76-2.el7_4.2.s390x.rpm

    x86_64: dnsmasq-2.76-2.el7_4.2.x86_64.rpm dnsmasq-debuginfo-2.76-2.el7_4.2.x86_64.rpm

    Red Hat Enterprise Linux Server Optional (v. 7):

    aarch64: dnsmasq-debuginfo-2.76-2.el7_4.2.aarch64.rpm dnsmasq-utils-2.76-2.el7_4.2.aarch64.rpm

    ppc64: dnsmasq-debuginfo-2.76-2.el7_4.2.ppc64.rpm dnsmasq-utils-2.76-2.el7_4.2.ppc64.rpm

    ppc64le: dnsmasq-debuginfo-2.76-2.el7_4.2.ppc64le.rpm dnsmasq-utils-2.76-2.el7_4.2.ppc64le.rpm

    s390x: dnsmasq-debuginfo-2.76-2.el7_4.2.s390x.rpm dnsmasq-utils-2.76-2.el7_4.2.s390x.rpm

    x86_64: dnsmasq-debuginfo-2.76-2.el7_4.2.x86_64.rpm dnsmasq-utils-2.76-2.el7_4.2.x86_64.rpm

    Red Hat Enterprise Linux Workstation (v. 7):

    Source: dnsmasq-2.76-2.el7_4.2.src.rpm

    x86_64: dnsmasq-2.76-2.el7_4.2.x86_64.rpm dnsmasq-debuginfo-2.76-2.el7_4.2.x86_64.rpm

    Red Hat Enterprise Linux Workstation Optional (v. 7):

    x86_64: dnsmasq-debuginfo-2.76-2.el7_4.2.x86_64.rpm dnsmasq-utils-2.76-2.el7_4.2.x86_64.rpm

    These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key/

    1. References:

    https://access.redhat.com/security/cve/CVE-2017-14491 https://access.redhat.com/security/cve/CVE-2017-14492 https://access.redhat.com/security/cve/CVE-2017-14493 https://access.redhat.com/security/cve/CVE-2017-14494 https://access.redhat.com/security/cve/CVE-2017-14495 https://access.redhat.com/security/cve/CVE-2017-14496 https://access.redhat.com/security/updates/classification/#critical https://access.redhat.com/security/vulnerabilities/3199382

    1. Contact:

    The Red Hat security contact is secalert@redhat.com. More contact details at https://access.redhat.com/security/team/contact/

    Copyright 2017 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1

    iD8DBQFZ0opYXlSAg2UNWIIRAr0dAJ9rIL1FgNTJUf2I9jjKFFlfkCd/kwCfV+bX SfoCV7+qG2nwqlHKLZOlhIU= =iWfU -----END PGP SIGNATURE-----

    -- RHSA-announce mailing list RHSA-announce@redhat.com https://www.redhat.com/mailman/listinfo/rhsa-announce . =========================================================================== Ubuntu Security Notice USN-3430-3 January 04, 2018

    dnsmasq regression

    A security issue affects these releases of Ubuntu and its derivatives:

    • Ubuntu 12.04 ESM

    Summary:

    USN-3430-2 introduced regression in Dnsmasq.

    Software Description: - dnsmasq: Small caching DNS proxy and DHCP/TFTP server

    Details:

    USN-3430-2 fixed several vulnerabilities. The update introduced a new regression that breaks DNS resolution. This update addresses the problem.

    We apologize for the inconvenience.

    Original advisory details:

    Felix Wilhelm, Fermin J. Serna, Gabriel Campana and Kevin Hamacher discovered that Dnsmasq incorrectly handled DNS requests. (CVE-2017-14491)

    Felix Wilhelm, Fermin J. (CVE-2017-14492)

    Felix Wilhelm, Fermin J. Serna, Gabriel Campana and Kevin Hamacher discovered that Dnsmasq incorrectly handled DHCPv6 requests. (CVE-2017-14493)

    Felix Wilhelm, Fermin J. Serna, Gabriel Campana and Kevin Hamacher discovered that Dnsmasq incorrectly handled DHCPv6 packets. (CVE-2017-14494)

    Felix Wilhelm, Fermin J. Serna, Gabriel Campana and Kevin Hamacher discovered that Dnsmasq incorrectly handled DNS requests. (CVE-2017-14495)

    Felix Wilhelm, Fermin J. Serna, Gabriel Campana and Kevin Hamacher discovered that Dnsmasq incorrectly handled DNS requests. A remote attacker could use this issue to cause Dnsmasq to crash, resulting in a denial of service. (CVE-2017-14496)

    Update instructions:

    The problem can be corrected by updating your system to the following package versions:

    Ubuntu 12.04 ESM: dnsmasq=C2=A02.59-4ubuntu0.4 dnsmasq-base2.59-4ubuntu0.4 dnsmasq-utils2.59-4ubuntu0.4

    After a standard system update you need to reboot your computer to make all the necessary changes.

    Affected packages

    -------------------------------------------------------------------
     Package              /     Vulnerable     /            Unaffected
    -------------------------------------------------------------------
    

    1 net-dns/dnsmasq < 2.78 >= 2.78

    Description

    Multiple vulnerabilities have been discovered in Dnsmasq.

    Workaround

    There is no known workaround at this time.

    Resolution

    All Dnsmasq users should upgrade to the latest version:

    # emerge --sync # emerge --ask --oneshot --verbose ">=net-dns/dnsmasq-2.78"

    References

    [ 1 ] CVE-2017-14491 https://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-14491 [ 2 ] CVE-2017-14492 https://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-14492 [ 3 ] CVE-2017-14493 https://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-14493 [ 4 ] CVE-2017-14494 https://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-14494 [ 5 ] CVE-2017-14495 https://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-14495 [ 6 ] CVE-2017-14496 https://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-14496

    Availability

    This GLSA and any updates to it are available for viewing at the Gentoo Security Website:

    https://security.gentoo.org/glsa/201710-27

    Concerns?

    Security is a primary focus of Gentoo Linux and ensuring the confidentiality and security of our users' machines is of utmost importance to us. Any security concerns should be addressed to security@gentoo.org or alternatively, you may file a bug at https://bugs.gentoo.org.

    License

    Copyright 2017 Gentoo Foundation, Inc; referenced text belongs to its owner(s).

    The contents of this document are licensed under the Creative Commons - Attribution / Share Alike license.

    http://creativecommons.org/licenses/by-sa/2.5

    Show details on source website

    {
      "@context": {
        "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
        "affected_products": {
          "@id": "https://www.variotdbs.pl/ref/affected_products"
        },
        "configurations": {
          "@id": "https://www.variotdbs.pl/ref/configurations"
        },
        "credits": {
          "@id": "https://www.variotdbs.pl/ref/credits"
        },
        "cvss": {
          "@id": "https://www.variotdbs.pl/ref/cvss/"
        },
        "description": {
          "@id": "https://www.variotdbs.pl/ref/description/"
        },
        "exploit_availability": {
          "@id": "https://www.variotdbs.pl/ref/exploit_availability/"
        },
        "external_ids": {
          "@id": "https://www.variotdbs.pl/ref/external_ids/"
        },
        "iot": {
          "@id": "https://www.variotdbs.pl/ref/iot/"
        },
        "iot_taxonomy": {
          "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
        },
        "patch": {
          "@id": "https://www.variotdbs.pl/ref/patch/"
        },
        "problemtype_data": {
          "@id": "https://www.variotdbs.pl/ref/problemtype_data/"
        },
        "references": {
          "@id": "https://www.variotdbs.pl/ref/references/"
        },
        "sources": {
          "@id": "https://www.variotdbs.pl/ref/sources/"
        },
        "sources_release_date": {
          "@id": "https://www.variotdbs.pl/ref/sources_release_date/"
        },
        "sources_update_date": {
          "@id": "https://www.variotdbs.pl/ref/sources_update_date/"
        },
        "threat_type": {
          "@id": "https://www.variotdbs.pl/ref/threat_type/"
        },
        "title": {
          "@id": "https://www.variotdbs.pl/ref/title/"
        },
        "type": {
          "@id": "https://www.variotdbs.pl/ref/type/"
        }
      },
      "@id": "https://www.variotdbs.pl/vuln/VAR-201710-0451",
      "affected_products": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/affected_products#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            },
            "@id": "https://www.variotdbs.pl/ref/sources"
          }
        },
        "data": [
          {
            "model": "enterprise linux workstation",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "redhat",
            "version": "7.0"
          },
          {
            "model": "ubuntu linux",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "canonical",
            "version": "16.04"
          },
          {
            "model": "linux",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "debian",
            "version": "9.0"
          },
          {
            "model": "ubuntu linux",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "canonical",
            "version": "14.04"
          },
          {
            "model": "enterprise linux desktop",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "redhat",
            "version": "7.0"
          },
          {
            "model": "linux",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "debian",
            "version": "7.0"
          },
          {
            "model": "dnsmasq",
            "scope": "lte",
            "trust": 1.0,
            "vendor": "thekelleys",
            "version": "2.77"
          },
          {
            "model": "linux",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "debian",
            "version": "7.1"
          },
          {
            "model": "ubuntu linux",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "canonical",
            "version": "17.04"
          },
          {
            "model": "enterprise linux server",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "redhat",
            "version": "7.0"
          },
          {
            "model": "dnsmasq",
            "scope": "eq",
            "trust": 0.9,
            "vendor": "thekelleys",
            "version": "2.77"
          },
          {
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "ruckus",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "technicolor",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "zyxel",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "dnsmasq",
            "version": null
          },
          {
            "model": "ubuntu",
            "scope": null,
            "trust": 0.8,
            "vendor": "canonical",
            "version": null
          },
          {
            "model": "gnu/linux",
            "scope": null,
            "trust": 0.8,
            "vendor": "debian",
            "version": null
          },
          {
            "model": "leap",
            "scope": null,
            "trust": 0.8,
            "vendor": "opensuse",
            "version": null
          },
          {
            "model": "dnsmasq",
            "scope": "lt",
            "trust": 0.8,
            "vendor": "thekelleys",
            "version": "2.78"
          },
          {
            "model": "enterprise linux desktop",
            "scope": null,
            "trust": 0.8,
            "vendor": "red hat",
            "version": null
          },
          {
            "model": "enterprise linux server",
            "scope": null,
            "trust": 0.8,
            "vendor": "red hat",
            "version": null
          },
          {
            "model": "enterprise linux workstation",
            "scope": null,
            "trust": 0.8,
            "vendor": "red hat",
            "version": null
          },
          {
            "model": "enterprise linux server year extended update support",
            "scope": "eq",
            "trust": 0.6,
            "vendor": "redhat",
            "version": "-47.4"
          },
          {
            "model": "scalance w1750d",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "siemens",
            "version": "0"
          },
          {
            "model": "scalance s615",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "siemens",
            "version": "0"
          },
          {
            "model": "scalance m800",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "siemens",
            "version": "0"
          },
          {
            "model": "linux",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ubuntu",
            "version": "17.04"
          },
          {
            "model": "linux lts",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ubuntu",
            "version": "16.04"
          },
          {
            "model": "linux lts",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ubuntu",
            "version": "14.04"
          },
          {
            "model": "dnsmasq",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "thekelleys",
            "version": "1.2.2"
          },
          {
            "model": "dnsmasq",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "thekelleys",
            "version": "2.75"
          },
          {
            "model": "dnsmasq",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "thekelleys",
            "version": "2.72"
          },
          {
            "model": "dnsmasq",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "thekelleys",
            "version": "2.71"
          },
          {
            "model": "dnsmasq",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "thekelleys",
            "version": "2.70"
          },
          {
            "model": "dnsmasq",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "thekelleys",
            "version": "2.7"
          },
          {
            "model": "dnsmasq",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "thekelleys",
            "version": "2.65"
          },
          {
            "model": "dnsmasq",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "thekelleys",
            "version": "2.64"
          },
          {
            "model": "dnsmasq",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "thekelleys",
            "version": "2.63"
          },
          {
            "model": "dnsmasq",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "thekelleys",
            "version": "2.62"
          },
          {
            "model": "dnsmasq",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "thekelleys",
            "version": "2.61"
          },
          {
            "model": "dnsmasq",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "thekelleys",
            "version": "2.60"
          },
          {
            "model": "dnsmasq",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "thekelleys",
            "version": "2.6"
          },
          {
            "model": "dnsmasq",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "thekelleys",
            "version": "2.59"
          },
          {
            "model": "dnsmasq",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "thekelleys",
            "version": "2.58"
          },
          {
            "model": "dnsmasq",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "thekelleys",
            "version": "2.57"
          },
          {
            "model": "dnsmasq",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "thekelleys",
            "version": "2.56"
          },
          {
            "model": "dnsmasq",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "thekelleys",
            "version": "2.55"
          },
          {
            "model": "dnsmasq",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "thekelleys",
            "version": "2.54"
          },
          {
            "model": "dnsmasq",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "thekelleys",
            "version": "2.53"
          },
          {
            "model": "dnsmasq",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "thekelleys",
            "version": "2.52"
          },
          {
            "model": "dnsmasq",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "thekelleys",
            "version": "2.51"
          },
          {
            "model": "dnsmasq",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "thekelleys",
            "version": "2.50"
          },
          {
            "model": "dnsmasq",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "thekelleys",
            "version": "2.49"
          },
          {
            "model": "dnsmasq",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "thekelleys",
            "version": "2.48"
          },
          {
            "model": "dnsmasq",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "thekelleys",
            "version": "2.47"
          },
          {
            "model": "dnsmasq",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "thekelleys",
            "version": "2.46"
          },
          {
            "model": "dnsmasq",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "thekelleys",
            "version": "2.45"
          },
          {
            "model": "dnsmasq",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "thekelleys",
            "version": "2.44"
          },
          {
            "model": "dnsmasq",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "thekelleys",
            "version": "2.43"
          },
          {
            "model": "dnsmasq",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "thekelleys",
            "version": "2.42"
          },
          {
            "model": "dnsmasq",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "thekelleys",
            "version": "2.41"
          },
          {
            "model": "dnsmasq",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "thekelleys",
            "version": "2.40"
          },
          {
            "model": "dnsmasq",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "thekelleys",
            "version": "2.4"
          },
          {
            "model": "dnsmasq",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "thekelleys",
            "version": "2.38"
          },
          {
            "model": "dnsmasq",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "thekelleys",
            "version": "2.37"
          },
          {
            "model": "dnsmasq",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "thekelleys",
            "version": "2.36"
          },
          {
            "model": "dnsmasq",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "thekelleys",
            "version": "2.35"
          },
          {
            "model": "dnsmasq",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "thekelleys",
            "version": "2.34"
          },
          {
            "model": "dnsmasq",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "thekelleys",
            "version": "2.33"
          },
          {
            "model": "dnsmasq",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "thekelleys",
            "version": "2.30"
          },
          {
            "model": "dnsmasq",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "thekelleys",
            "version": "2.29"
          },
          {
            "model": "dnsmasq",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "thekelleys",
            "version": "2.28"
          },
          {
            "model": "dnsmasq",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "thekelleys",
            "version": "2.27"
          },
          {
            "model": "dnsmasq",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "thekelleys",
            "version": "2.26"
          },
          {
            "model": "dnsmasq",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "thekelleys",
            "version": "2.25"
          },
          {
            "model": "dnsmasq",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "thekelleys",
            "version": "2.24"
          },
          {
            "model": "dnsmasq",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "thekelleys",
            "version": "2.23"
          },
          {
            "model": "dnsmasq",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "thekelleys",
            "version": "2.22"
          },
          {
            "model": "dnsmasq",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "thekelleys",
            "version": "2.21"
          },
          {
            "model": "dnsmasq",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "thekelleys",
            "version": "2.20"
          },
          {
            "model": "dnsmasq",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "thekelleys",
            "version": "2.2"
          },
          {
            "model": "dnsmasq",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "thekelleys",
            "version": "2.19"
          },
          {
            "model": "dnsmasq",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "thekelleys",
            "version": "2.18"
          },
          {
            "model": "dnsmasq",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "thekelleys",
            "version": "2.17"
          },
          {
            "model": "dnsmasq",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "thekelleys",
            "version": "2.16"
          },
          {
            "model": "dnsmasq",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "thekelleys",
            "version": "2.15"
          },
          {
            "model": "dnsmasq",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "thekelleys",
            "version": "2.14"
          },
          {
            "model": "dnsmasq",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "thekelleys",
            "version": "2.13"
          },
          {
            "model": "dnsmasq",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "thekelleys",
            "version": "2.12"
          },
          {
            "model": "dnsmasq",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "thekelleys",
            "version": "2.11"
          },
          {
            "model": "dnsmasq",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "thekelleys",
            "version": "2.10"
          },
          {
            "model": "dnsmasq",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "thekelleys",
            "version": "1.9"
          },
          {
            "model": "dnsmasq",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "thekelleys",
            "version": "1.8"
          },
          {
            "model": "dnsmasq",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "thekelleys",
            "version": "1.6"
          },
          {
            "model": "dnsmasq",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "thekelleys",
            "version": "1.5"
          },
          {
            "model": "dnsmasq",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "thekelleys",
            "version": "1.4"
          },
          {
            "model": "dnsmasq",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "thekelleys",
            "version": "1.3"
          },
          {
            "model": "dnsmasq",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "thekelleys",
            "version": "1.18"
          },
          {
            "model": "dnsmasq",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "thekelleys",
            "version": "1.17"
          },
          {
            "model": "dnsmasq",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "thekelleys",
            "version": "1.16"
          },
          {
            "model": "dnsmasq",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "thekelleys",
            "version": "1.15"
          },
          {
            "model": "dnsmasq",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "thekelleys",
            "version": "1.14"
          },
          {
            "model": "dnsmasq",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "thekelleys",
            "version": "1.13"
          },
          {
            "model": "dnsmasq",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "thekelleys",
            "version": "1.12"
          },
          {
            "model": "dnsmasq",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "thekelleys",
            "version": "1.11"
          },
          {
            "model": "dnsmasq",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "thekelleys",
            "version": "1.10"
          },
          {
            "model": "dnsmasq",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "thekelleys",
            "version": "1.0"
          },
          {
            "model": "dnsmasq",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "thekelleys",
            "version": "0.996"
          },
          {
            "model": "dnsmasq",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "thekelleys",
            "version": "0.992"
          },
          {
            "model": "dnsmasq",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "thekelleys",
            "version": "0.98"
          },
          {
            "model": "dnsmasq",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "thekelleys",
            "version": "0.96"
          },
          {
            "model": "dnsmasq",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "thekelleys",
            "version": "0.95"
          },
          {
            "model": "dnsmasq",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "thekelleys",
            "version": "0.7"
          },
          {
            "model": "dnsmasq",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "thekelleys",
            "version": "0.6"
          },
          {
            "model": "dnsmasq",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "thekelleys",
            "version": "0.5"
          },
          {
            "model": "dnsmasq",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "thekelleys",
            "version": "0.4"
          },
          {
            "model": "linux",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "slackware",
            "version": "14.2"
          },
          {
            "model": "linux",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "slackware",
            "version": "14.1"
          },
          {
            "model": "linux",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "slackware",
            "version": "14.0"
          },
          {
            "model": "linux",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "slackware",
            "version": "13.37"
          },
          {
            "model": "linux",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "slackware",
            "version": "13.1"
          },
          {
            "model": "linux",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "slackware",
            "version": "13.0"
          },
          {
            "model": "enterprise linux workstation optional",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "redhat",
            "version": "7"
          },
          {
            "model": "enterprise linux workstation optional",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "redhat",
            "version": "6"
          },
          {
            "model": "enterprise linux workstation",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "redhat",
            "version": "7"
          },
          {
            "model": "enterprise linux workstation",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "redhat",
            "version": "6"
          },
          {
            "model": "enterprise linux server tus",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "redhat",
            "version": "6.6"
          },
          {
            "model": "enterprise linux server tus",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "redhat",
            "version": "6.5"
          },
          {
            "model": "enterprise linux server optional eus",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "redhat",
            "version": "7.3"
          },
          {
            "model": "enterprise linux server optional eus",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "redhat",
            "version": "7.2"
          },
          {
            "model": "enterprise linux server optional eus",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "redhat",
            "version": "6.5"
          },
          {
            "model": "enterprise linux server optional aus",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "redhat",
            "version": "6.6"
          },
          {
            "model": "enterprise linux server optional aus",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "redhat",
            "version": "6.5"
          },
          {
            "model": "enterprise linux server optional aus",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "redhat",
            "version": "6.4"
          },
          {
            "model": "enterprise linux server optional",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "redhat",
            "version": "7"
          },
          {
            "model": "enterprise linux server optional",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "redhat",
            "version": "6"
          },
          {
            "model": "enterprise linux server for arm",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "redhat",
            "version": "7"
          },
          {
            "model": "enterprise linux server eus",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "redhat",
            "version": "7.3"
          },
          {
            "model": "enterprise linux server eus",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "redhat",
            "version": "7.2"
          },
          {
            "model": "enterprise linux server aus",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "redhat",
            "version": "6.6"
          },
          {
            "model": "enterprise linux server aus",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "redhat",
            "version": "6.5"
          },
          {
            "model": "enterprise linux server aus",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "redhat",
            "version": "6.4"
          },
          {
            "model": "enterprise linux server aus",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "redhat",
            "version": "6.2"
          },
          {
            "model": "enterprise linux server tus",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "redhat",
            "version": "-7.4"
          },
          {
            "model": "enterprise linux server tus",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "redhat",
            "version": "-7.3"
          },
          {
            "model": "enterprise linux server tus",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "redhat",
            "version": "-7.2"
          },
          {
            "model": "enterprise linux server extended update support",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "redhat",
            "version": "-7.4"
          },
          {
            "model": "enterprise linux server extended update support",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "redhat",
            "version": "-7.2"
          },
          {
            "model": "enterprise linux server extended update suppor",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "redhat",
            "version": "-7.3"
          },
          {
            "model": "enterprise linux server aus",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "redhat",
            "version": "-7.4"
          },
          {
            "model": "enterprise linux server aus",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "redhat",
            "version": "-7.3"
          },
          {
            "model": "enterprise linux server aus",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "redhat",
            "version": "-7.2"
          },
          {
            "model": "enterprise linux server year extended update support",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "redhat",
            "version": "-47.2"
          },
          {
            "model": "enterprise linux server year extended upd",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "redhat",
            "version": "-47.3"
          },
          {
            "model": "enterprise linux server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "redhat",
            "version": "7"
          },
          {
            "model": "enterprise linux server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "redhat",
            "version": "6"
          },
          {
            "model": "enterprise linux server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "redhat",
            "version": "5"
          },
          {
            "model": "enterprise linux long life server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "redhat",
            "version": "5.9"
          },
          {
            "model": "enterprise linux hpc node optional",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "redhat",
            "version": "6"
          },
          {
            "model": "enterprise linux hpc node",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "redhat",
            "version": "6"
          },
          {
            "model": "enterprise linux for scientific computing",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "redhat",
            "version": "7"
          },
          {
            "model": "enterprise linux for power little endian extended update supp",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "redhat",
            "version": "-7.4"
          },
          {
            "model": "enterprise linux for power little endian",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "redhat",
            "version": "7"
          },
          {
            "model": "enterprise linux for power big endian extended update support",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "redhat",
            "version": "-7.4"
          },
          {
            "model": "enterprise linux for power big endian",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "redhat",
            "version": "7"
          },
          {
            "model": "enterprise linux for power little endian extended update suppo",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "redhat",
            "version": "-7.3"
          },
          {
            "model": "enterprise linux for power little endian extended update suppo",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "redhat",
            "version": "-7.2"
          },
          {
            "model": "enterprise linux for power big endian extended update support",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "redhat",
            "version": "-7.3"
          },
          {
            "model": "enterprise linux for power big endian extended update support",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "redhat",
            "version": "-7.2"
          },
          {
            "model": "enterprise linux for ibm z systems extended update support",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "redhat",
            "version": "-7.4"
          },
          {
            "model": "enterprise linux for ibm z systems extended update support",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "redhat",
            "version": "-7.3"
          },
          {
            "model": "enterprise linux for ibm z systems extended update support",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "redhat",
            "version": "-7.2"
          },
          {
            "model": "enterprise linux for ibm z systems",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "redhat",
            "version": "7"
          },
          {
            "model": "enterprise linux eus compute node",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "redhat",
            "version": "7.4"
          },
          {
            "model": "enterprise linux eus compute node",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "redhat",
            "version": "7.3"
          },
          {
            "model": "enterprise linux eus compute node",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "redhat",
            "version": "7.2"
          },
          {
            "model": "enterprise linux desktop optional",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "redhat",
            "version": "6"
          },
          {
            "model": "enterprise linux desktop",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "redhat",
            "version": "7"
          },
          {
            "model": "enterprise linux desktop",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "redhat",
            "version": "6"
          },
          {
            "model": "enterprise linux computenode optional eus",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "redhat",
            "version": "7.3"
          },
          {
            "model": "enterprise linux computenode optional eus",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "redhat",
            "version": "7.2"
          },
          {
            "model": "enterprise linux computenode optional",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "redhat",
            "version": "7"
          },
          {
            "model": "enterprise linux computenode eus",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "redhat",
            "version": "7.3"
          },
          {
            "model": "enterprise linux computenode eus",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "redhat",
            "version": "7.2"
          },
          {
            "model": "enterprise linux computenode",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "redhat",
            "version": "7"
          },
          {
            "model": "linux",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "oracle",
            "version": "7"
          },
          {
            "model": "linux",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "oracle",
            "version": "6"
          },
          {
            "model": "leap",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "opensuse",
            "version": "42.3"
          },
          {
            "model": "leap",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "opensuse",
            "version": "42.2"
          },
          {
            "model": "kubernetes",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "kubernetes",
            "version": "1.7.6"
          },
          {
            "model": "kubernetes",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "kubernetes",
            "version": "1.7"
          },
          {
            "model": "kubernetes",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "kubernetes",
            "version": "1.6.10"
          },
          {
            "model": "kubernetes",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "kubernetes",
            "version": "1.6"
          },
          {
            "model": "kubernetes",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "kubernetes",
            "version": "1.5.7"
          },
          {
            "model": "kubernetes",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "kubernetes",
            "version": "1.5"
          },
          {
            "model": "kubernetes",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "kubernetes",
            "version": "1.2"
          },
          {
            "model": "android",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "7.1.1"
          },
          {
            "model": "android",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "6.0.1"
          },
          {
            "model": "android",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "5.1.1"
          },
          {
            "model": "android",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "5.0.2"
          },
          {
            "model": "android",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "4.4.4"
          },
          {
            "model": "android",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "8.0"
          },
          {
            "model": "android",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "7.1.2"
          },
          {
            "model": "android",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "7.0"
          },
          {
            "model": "android",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "6.0"
          },
          {
            "model": "fedora",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "fedoraproject",
            "version": "27"
          },
          {
            "model": "linux sparc",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "debian",
            "version": "6.0"
          },
          {
            "model": "linux s/390",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "debian",
            "version": "6.0"
          },
          {
            "model": "linux powerpc",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "debian",
            "version": "6.0"
          },
          {
            "model": "linux mips",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "debian",
            "version": "6.0"
          },
          {
            "model": "linux ia-64",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "debian",
            "version": "6.0"
          },
          {
            "model": "linux ia-32",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "debian",
            "version": "6.0"
          },
          {
            "model": "linux ia-30",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "debian",
            "version": "6.0"
          },
          {
            "model": "linux arm",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "debian",
            "version": "6.0"
          },
          {
            "model": "linux amd64",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "debian",
            "version": "6.0"
          },
          {
            "model": "centos",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "centos",
            "version": "7"
          },
          {
            "model": "centos",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "centos",
            "version": "6"
          },
          {
            "model": "dnsmasq",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "thekelleys",
            "version": "2.78"
          },
          {
            "model": "kubernetes",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "kubernetes",
            "version": "1.8"
          },
          {
            "model": "kubernetes",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "kubernetes",
            "version": "1.7.7"
          },
          {
            "model": "kubernetes",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "kubernetes",
            "version": "1.6.11"
          },
          {
            "model": "kubernetes",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "kubernetes",
            "version": "1.5.8"
          }
        ],
        "sources": [
          {
            "db": "CERT/CC",
            "id": "VU#973527"
          },
          {
            "db": "BID",
            "id": "101977"
          },
          {
            "db": "BID",
            "id": "101085"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2017-008622"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201709-743"
          },
          {
            "db": "NVD",
            "id": "CVE-2017-14495"
          }
        ]
      },
      "configurations": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/configurations#",
          "children": {
            "@container": "@list"
          },
          "cpe_match": {
            "@container": "@list"
          },
          "data": {
            "@container": "@list"
          },
          "nodes": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "CVE_data_version": "4.0",
            "nodes": [
              {
                "cpe_match": [
                  {
                    "cpe22Uri": "cpe:/o:canonical:ubuntu",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:debian:debian_linux",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:opensuse_project:leap",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/a:thekelleys:dnsmasq",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:redhat:enterprise_linux_desktop",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:redhat:enterprise_linux_server",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:redhat:enterprise_linux_workstation",
                    "vulnerable": true
                  }
                ],
                "operator": "OR"
              }
            ]
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2017-008622"
          }
        ]
      },
      "credits": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/credits#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "Gabriel Campana, Kevin Hamacher and Ron Bowes of the Google Security Team,Felix Wilhelm, Fermin J. Serna",
        "sources": [
          {
            "db": "CNNVD",
            "id": "CNNVD-201709-743"
          }
        ],
        "trust": 0.6
      },
      "cve": "CVE-2017-14495",
      "cvss": {
        "@context": {
          "cvssV2": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
          },
          "cvssV3": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
          },
          "severity": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/cvss/severity#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/severity"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            },
            "@id": "https://www.variotdbs.pl/ref/sources"
          }
        },
        "data": [
          {
            "cvssV2": [
              {
                "accessComplexity": "LOW",
                "accessVector": "NETWORK",
                "authentication": "NONE",
                "author": "nvd@nist.gov",
                "availabilityImpact": "PARTIAL",
                "baseScore": 5.0,
                "confidentialityImpact": "NONE",
                "exploitabilityScore": 10.0,
                "id": "CVE-2017-14495",
                "impactScore": 2.9,
                "integrityImpact": "NONE",
                "severity": "MEDIUM",
                "trust": 1.9,
                "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
                "version": "2.0"
              }
            ],
            "cvssV3": [
              {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "author": "nvd@nist.gov",
                "availabilityImpact": "HIGH",
                "baseScore": 7.5,
                "baseSeverity": "HIGH",
                "confidentialityImpact": "NONE",
                "exploitabilityScore": 3.9,
                "id": "CVE-2017-14495",
                "impactScore": 3.6,
                "integrityImpact": "NONE",
                "privilegesRequired": "NONE",
                "scope": "UNCHANGED",
                "trust": 1.8,
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
                "version": "3.0"
              }
            ],
            "severity": [
              {
                "author": "nvd@nist.gov",
                "id": "CVE-2017-14495",
                "trust": 1.0,
                "value": "HIGH"
              },
              {
                "author": "NVD",
                "id": "CVE-2017-14495",
                "trust": 0.8,
                "value": "High"
              },
              {
                "author": "CNNVD",
                "id": "CNNVD-201709-743",
                "trust": 0.6,
                "value": "HIGH"
              },
              {
                "author": "VULMON",
                "id": "CVE-2017-14495",
                "trust": 0.1,
                "value": "MEDIUM"
              }
            ]
          }
        ],
        "sources": [
          {
            "db": "VULMON",
            "id": "CVE-2017-14495"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2017-008622"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201709-743"
          },
          {
            "db": "NVD",
            "id": "CVE-2017-14495"
          }
        ]
      },
      "description": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/description#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "Memory leak in dnsmasq before 2.78, when the --add-mac, --add-cpe-id or --add-subnet option is specified, allows remote attackers to cause a denial of service (memory consumption) via vectors involving DNS response creation. Dnsmasq versions 2.77 and earlier contains multiple vulnerabilities. dnsmasq Contains a resource management vulnerability.Service operation interruption (DoS) There is a possibility of being put into a state. Multiple Siemens SCALANCE Products are prone to the following security vulnerabilities:\n1. A buffer-overflow vulnerability\n2. Multiple denial-of-service vulnerabilities\nAttackers can exploit these issues to execute arbitrary code within the  context of affected device or cause a denial-of-service condition. \nThis BID is being retired as a duplicate of BID 101085 Dnsmasq VU#973527 Multiple Security Vulnerabilities. -----BEGIN PGP SIGNED MESSAGE-----\nHash: SHA1\n\n=====================================================================\n                   Red Hat Security Advisory\n\nSynopsis:          Critical: dnsmasq security update\nAdvisory ID:       RHSA-2017:2836-01\nProduct:           Red Hat Enterprise Linux\nAdvisory URL:      https://access.redhat.com/errata/RHSA-2017:2836\nIssue date:        2017-10-02\nCVE Names:         CVE-2017-14491 CVE-2017-14492 CVE-2017-14493 \n                   CVE-2017-14494 CVE-2017-14495 CVE-2017-14496 \n=====================================================================\n\n1. Summary:\n\nAn update for dnsmasq is now available for Red Hat Enterprise Linux 7. \n\nRed Hat Product Security has rated this update as having a security impact\nof Critical. A Common Vulnerability Scoring System (CVSS) base score, which\ngives a detailed severity rating, is available for each vulnerability from\nthe CVE link(s) in the References section. \n\n2. Relevant releases/architectures:\n\nRed Hat Enterprise Linux Client (v. 7) - x86_64\nRed Hat Enterprise Linux Client Optional (v. 7) - x86_64\nRed Hat Enterprise Linux ComputeNode (v. 7) - x86_64\nRed Hat Enterprise Linux ComputeNode Optional (v. 7) - x86_64\nRed Hat Enterprise Linux Server (v. 7) - aarch64, ppc64, ppc64le, s390x, x86_64\nRed Hat Enterprise Linux Server Optional (v. 7) - aarch64, ppc64, ppc64le, s390x, x86_64\nRed Hat Enterprise Linux Workstation (v. 7) - x86_64\nRed Hat Enterprise Linux Workstation Optional (v. 7) - x86_64\n\n3. Description:\n\nThe dnsmasq packages contain Dnsmasq, a lightweight DNS (Domain Name\nServer) forwarder and DHCP (Dynamic Host Configuration Protocol) server. \n\nSecurity Fix(es):\n\n* A heap buffer overflow was found in dnsmasq in the code responsible for\nbuilding DNS replies. An attacker could send crafted DNS packets to dnsmasq\nwhich would cause it to crash or, potentially, execute arbitrary code. \n(CVE-2017-14491)\n\n* A heap buffer overflow was discovered in dnsmasq in the IPv6 router\nadvertisement (RA) handling code. This issue only affected\nconfigurations using one of these options: enable-ra, ra-only, slaac,\nra-names, ra-advrouter, or ra-stateless. (CVE-2017-14492)\n\n* A stack buffer overflow was found in dnsmasq in the DHCPv6 code. (CVE-2017-14493)\n\n* An information leak was found in dnsmasq in the DHCPv6 relay code. An\nattacker on the local network could send crafted DHCPv6 packets to dnsmasq\ncausing it to forward the contents of process memory, potentially leaking\nsensitive data. (CVE-2017-14494)\n\n* A memory exhaustion flaw was found in dnsmasq in the EDNS0 code. An\nattacker could send crafted DNS packets which would trigger memory\nallocations which would never be freed, leading to unbounded memory\nconsumption and eventually a crash. This issue only affected configurations\nusing one of the options: add-mac, add-cpe-id, or add-subnet. \n(CVE-2017-14495)\n\n* An integer underflow flaw leading to a buffer over-read was found in\ndnsmasq in the EDNS0 code. An attacker could send crafted DNS packets to\ndnsmasq which would cause it to crash. This issue only affected\nconfigurations using one of the options: add-mac, add-cpe-id, or\nadd-subnet. (CVE-2017-14496)\n\nRed Hat would like to thank Felix Wilhelm (Google Security Team), Fermin J. \nSerna (Google Security Team), Gabriel Campana (Google Security Team), Kevin\nHamacher (Google Security Team), and Ron Bowes (Google Security Team) for\nreporting these issues. \n\n4. Solution:\n\nFor details on how to apply this update, which includes the changes\ndescribed in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\n5. Bugs fixed (https://bugzilla.redhat.com/):\n\n1495409 - CVE-2017-14491 dnsmasq: heap overflow in the code responsible for building DNS replies\n1495410 - CVE-2017-14492 dnsmasq: heap overflow in the IPv6 router advertisement code\n1495411 - CVE-2017-14493 dnsmasq: stack buffer overflow in the DHCPv6 code\n1495412 - CVE-2017-14494 dnsmasq: information leak in the DHCPv6 relay code\n1495415 - CVE-2017-14495 dnsmasq: memory exhaustion vulnerability in the EDNS0 code\n1495416 - CVE-2017-14496 dnsmasq: integer underflow leading to buffer over-read in the EDNS0 code\n\n6. Package List:\n\nRed Hat Enterprise Linux Client (v. 7):\n\nSource:\ndnsmasq-2.76-2.el7_4.2.src.rpm\n\nx86_64:\ndnsmasq-2.76-2.el7_4.2.x86_64.rpm\ndnsmasq-debuginfo-2.76-2.el7_4.2.x86_64.rpm\n\nRed Hat Enterprise Linux Client Optional (v. 7):\n\nx86_64:\ndnsmasq-debuginfo-2.76-2.el7_4.2.x86_64.rpm\ndnsmasq-utils-2.76-2.el7_4.2.x86_64.rpm\n\nRed Hat Enterprise Linux ComputeNode (v. 7):\n\nSource:\ndnsmasq-2.76-2.el7_4.2.src.rpm\n\nx86_64:\ndnsmasq-2.76-2.el7_4.2.x86_64.rpm\ndnsmasq-debuginfo-2.76-2.el7_4.2.x86_64.rpm\n\nRed Hat Enterprise Linux ComputeNode Optional (v. 7):\n\nx86_64:\ndnsmasq-debuginfo-2.76-2.el7_4.2.x86_64.rpm\ndnsmasq-utils-2.76-2.el7_4.2.x86_64.rpm\n\nRed Hat Enterprise Linux Server (v. 7):\n\nSource:\ndnsmasq-2.76-2.el7_4.2.src.rpm\n\naarch64:\ndnsmasq-2.76-2.el7_4.2.aarch64.rpm\ndnsmasq-debuginfo-2.76-2.el7_4.2.aarch64.rpm\n\nppc64:\ndnsmasq-2.76-2.el7_4.2.ppc64.rpm\ndnsmasq-debuginfo-2.76-2.el7_4.2.ppc64.rpm\n\nppc64le:\ndnsmasq-2.76-2.el7_4.2.ppc64le.rpm\ndnsmasq-debuginfo-2.76-2.el7_4.2.ppc64le.rpm\n\ns390x:\ndnsmasq-2.76-2.el7_4.2.s390x.rpm\ndnsmasq-debuginfo-2.76-2.el7_4.2.s390x.rpm\n\nx86_64:\ndnsmasq-2.76-2.el7_4.2.x86_64.rpm\ndnsmasq-debuginfo-2.76-2.el7_4.2.x86_64.rpm\n\nRed Hat Enterprise Linux Server Optional (v. 7):\n\naarch64:\ndnsmasq-debuginfo-2.76-2.el7_4.2.aarch64.rpm\ndnsmasq-utils-2.76-2.el7_4.2.aarch64.rpm\n\nppc64:\ndnsmasq-debuginfo-2.76-2.el7_4.2.ppc64.rpm\ndnsmasq-utils-2.76-2.el7_4.2.ppc64.rpm\n\nppc64le:\ndnsmasq-debuginfo-2.76-2.el7_4.2.ppc64le.rpm\ndnsmasq-utils-2.76-2.el7_4.2.ppc64le.rpm\n\ns390x:\ndnsmasq-debuginfo-2.76-2.el7_4.2.s390x.rpm\ndnsmasq-utils-2.76-2.el7_4.2.s390x.rpm\n\nx86_64:\ndnsmasq-debuginfo-2.76-2.el7_4.2.x86_64.rpm\ndnsmasq-utils-2.76-2.el7_4.2.x86_64.rpm\n\nRed Hat Enterprise Linux Workstation (v. 7):\n\nSource:\ndnsmasq-2.76-2.el7_4.2.src.rpm\n\nx86_64:\ndnsmasq-2.76-2.el7_4.2.x86_64.rpm\ndnsmasq-debuginfo-2.76-2.el7_4.2.x86_64.rpm\n\nRed Hat Enterprise Linux Workstation Optional (v. 7):\n\nx86_64:\ndnsmasq-debuginfo-2.76-2.el7_4.2.x86_64.rpm\ndnsmasq-utils-2.76-2.el7_4.2.x86_64.rpm\n\nThese packages are GPG signed by Red Hat for security.  Our key and\ndetails on how to verify the signature are available from\nhttps://access.redhat.com/security/team/key/\n\n7. References:\n\nhttps://access.redhat.com/security/cve/CVE-2017-14491\nhttps://access.redhat.com/security/cve/CVE-2017-14492\nhttps://access.redhat.com/security/cve/CVE-2017-14493\nhttps://access.redhat.com/security/cve/CVE-2017-14494\nhttps://access.redhat.com/security/cve/CVE-2017-14495\nhttps://access.redhat.com/security/cve/CVE-2017-14496\nhttps://access.redhat.com/security/updates/classification/#critical\nhttps://access.redhat.com/security/vulnerabilities/3199382\n\n8. Contact:\n\nThe Red Hat security contact is \u003csecalert@redhat.com\u003e. More contact\ndetails at https://access.redhat.com/security/team/contact/\n\nCopyright 2017 Red Hat, Inc. \n-----BEGIN PGP SIGNATURE-----\nVersion: GnuPG v1\n\niD8DBQFZ0opYXlSAg2UNWIIRAr0dAJ9rIL1FgNTJUf2I9jjKFFlfkCd/kwCfV+bX\nSfoCV7+qG2nwqlHKLZOlhIU=\n=iWfU\n-----END PGP SIGNATURE-----\n\n--\nRHSA-announce mailing list\nRHSA-announce@redhat.com\nhttps://www.redhat.com/mailman/listinfo/rhsa-announce\n. \n===========================================================================\nUbuntu Security Notice USN-3430-3\nJanuary 04, 2018\n\ndnsmasq regression\n===========================================================================\n\nA security issue affects these releases of Ubuntu and its derivatives:\n\n- Ubuntu 12.04 ESM\n\nSummary:\n\nUSN-3430-2 introduced regression in Dnsmasq. \n\nSoftware Description:\n- dnsmasq: Small caching DNS proxy and DHCP/TFTP server\n\nDetails:\n\nUSN-3430-2 fixed several vulnerabilities. The update introduced a new\nregression that breaks DNS resolution. This update addresses the\nproblem. \n\nWe apologize for the inconvenience. \n\nOriginal advisory details:\n\nFelix Wilhelm, Fermin J. Serna, Gabriel Campana and Kevin Hamacher\ndiscovered that Dnsmasq incorrectly handled DNS requests. \n(CVE-2017-14491)\n\nFelix Wilhelm, Fermin J. (CVE-2017-14492)\n\nFelix Wilhelm, Fermin J. Serna, Gabriel Campana and Kevin Hamacher\ndiscovered that Dnsmasq incorrectly handled DHCPv6 requests. \n(CVE-2017-14493)\n\nFelix Wilhelm, Fermin J. Serna, Gabriel Campana and Kevin Hamacher\ndiscovered that Dnsmasq incorrectly handled DHCPv6 packets. (CVE-2017-14494)\n\nFelix Wilhelm, Fermin J. Serna, Gabriel Campana and Kevin Hamacher\ndiscovered that Dnsmasq incorrectly handled DNS requests. (CVE-2017-14495)\n\nFelix Wilhelm, Fermin J. Serna, Gabriel Campana and Kevin Hamacher\ndiscovered that Dnsmasq incorrectly handled DNS requests. A remote\nattacker could use this issue to cause Dnsmasq to crash, resulting in\na denial of service. (CVE-2017-14496)\n\nUpdate instructions:\n\nThe problem can be corrected by updating your system to the following\npackage versions:\n\nUbuntu 12.04 ESM:\n dnsmasq=C2=A02.59-4ubuntu0.4\n dnsmasq-base2.59-4ubuntu0.4\n dnsmasq-utils2.59-4ubuntu0.4\n\nAfter a standard system update you need to reboot your computer to make\nall the necessary changes. \n\nAffected packages\n=================\n\n    -------------------------------------------------------------------\n     Package              /     Vulnerable     /            Unaffected\n    -------------------------------------------------------------------\n  1  net-dns/dnsmasq               \u003c 2.78                     \u003e= 2.78 \n\nDescription\n===========\n\nMultiple vulnerabilities have been discovered in Dnsmasq. \n\nWorkaround\n==========\n\nThere is no known workaround at this time. \n\nResolution\n==========\n\nAll Dnsmasq users should upgrade to the latest version:\n\n  # emerge --sync\n  # emerge --ask --oneshot --verbose \"\u003e=net-dns/dnsmasq-2.78\"\n\nReferences\n==========\n\n[ 1 ] CVE-2017-14491\n      https://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-14491\n[ 2 ] CVE-2017-14492\n      https://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-14492\n[ 3 ] CVE-2017-14493\n      https://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-14493\n[ 4 ] CVE-2017-14494\n      https://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-14494\n[ 5 ] CVE-2017-14495\n      https://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-14495\n[ 6 ] CVE-2017-14496\n      https://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-14496\n\nAvailability\n============\n\nThis GLSA and any updates to it are available for viewing at\nthe Gentoo Security Website:\n\n https://security.gentoo.org/glsa/201710-27\n\nConcerns?\n=========\n\nSecurity is a primary focus of Gentoo Linux and ensuring the\nconfidentiality and security of our users\u0027 machines is of utmost\nimportance to us. Any security concerns should be addressed to\nsecurity@gentoo.org or alternatively, you may file a bug at\nhttps://bugs.gentoo.org. \n\nLicense\n=======\n\nCopyright 2017 Gentoo Foundation, Inc; referenced text\nbelongs to its owner(s). \n\nThe contents of this document are licensed under the\nCreative Commons - Attribution / Share Alike license. \n\nhttp://creativecommons.org/licenses/by-sa/2.5\n",
        "sources": [
          {
            "db": "NVD",
            "id": "CVE-2017-14495"
          },
          {
            "db": "CERT/CC",
            "id": "VU#973527"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2017-008622"
          },
          {
            "db": "BID",
            "id": "101977"
          },
          {
            "db": "BID",
            "id": "101085"
          },
          {
            "db": "VULMON",
            "id": "CVE-2017-14495"
          },
          {
            "db": "PACKETSTORM",
            "id": "144490"
          },
          {
            "db": "PACKETSTORM",
            "id": "144484"
          },
          {
            "db": "PACKETSTORM",
            "id": "145652"
          },
          {
            "db": "PACKETSTORM",
            "id": "144469"
          },
          {
            "db": "PACKETSTORM",
            "id": "144706"
          }
        ],
        "trust": 3.42
      },
      "exploit_availability": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/exploit_availability#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "reference": "https://vulmon.com/exploitdetails?qidtp=exploitdb\u0026qid=42945",
            "trust": 0.1,
            "type": "exploit"
          }
        ],
        "sources": [
          {
            "db": "VULMON",
            "id": "CVE-2017-14495"
          }
        ]
      },
      "external_ids": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/external_ids#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "db": "CERT/CC",
            "id": "VU#973527",
            "trust": 3.6
          },
          {
            "db": "NVD",
            "id": "CVE-2017-14495",
            "trust": 3.6
          },
          {
            "db": "BID",
            "id": "101085",
            "trust": 2.0
          },
          {
            "db": "BID",
            "id": "101977",
            "trust": 2.0
          },
          {
            "db": "ICS CERT",
            "id": "ICSA-17-332-01",
            "trust": 2.0
          },
          {
            "db": "EXPLOIT-DB",
            "id": "42945",
            "trust": 1.7
          },
          {
            "db": "SECTRACK",
            "id": "1039474",
            "trust": 1.7
          },
          {
            "db": "SIEMENS",
            "id": "SSA-689071",
            "trust": 1.7
          },
          {
            "db": "JVN",
            "id": "JVNVU93453933",
            "trust": 0.8
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2017-008622",
            "trust": 0.8
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201709-743",
            "trust": 0.6
          },
          {
            "db": "VULMON",
            "id": "CVE-2017-14495",
            "trust": 0.1
          },
          {
            "db": "PACKETSTORM",
            "id": "144490",
            "trust": 0.1
          },
          {
            "db": "PACKETSTORM",
            "id": "144484",
            "trust": 0.1
          },
          {
            "db": "PACKETSTORM",
            "id": "145652",
            "trust": 0.1
          },
          {
            "db": "PACKETSTORM",
            "id": "144469",
            "trust": 0.1
          },
          {
            "db": "PACKETSTORM",
            "id": "144706",
            "trust": 0.1
          }
        ],
        "sources": [
          {
            "db": "CERT/CC",
            "id": "VU#973527"
          },
          {
            "db": "VULMON",
            "id": "CVE-2017-14495"
          },
          {
            "db": "BID",
            "id": "101977"
          },
          {
            "db": "BID",
            "id": "101085"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2017-008622"
          },
          {
            "db": "PACKETSTORM",
            "id": "144490"
          },
          {
            "db": "PACKETSTORM",
            "id": "144484"
          },
          {
            "db": "PACKETSTORM",
            "id": "145652"
          },
          {
            "db": "PACKETSTORM",
            "id": "144469"
          },
          {
            "db": "PACKETSTORM",
            "id": "144706"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201709-743"
          },
          {
            "db": "NVD",
            "id": "CVE-2017-14495"
          }
        ]
      },
      "id": "VAR-201710-0451",
      "iot": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/iot#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": true,
        "sources": [
          {
            "db": "VARIoT devices database",
            "id": null
          }
        ],
        "trust": 0.25396827
      },
      "last_update_date": "2025-04-20T22:57:02.813000Z",
      "patch": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/patch#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "title": "DSA-3989",
            "trust": 0.8,
            "url": "https://www.debian.org/security/2017/dsa-3989"
          },
          {
            "title": "Security Bulletin: NVIDIA Tegra Jetson L4T contains multiple vulnerabilities; updates for \u201cBlueBorne\u201d and \u201cDnsmasq\u201d.",
            "trust": 0.8,
            "url": "http://nvidia.custhelp.com/app/answers/detail/a_id/4561"
          },
          {
            "title": "openSUSE-SU-2017:2633",
            "trust": 0.8,
            "url": "https://lists.opensuse.org/opensuse-security-announce/2017-10/msg00006.html"
          },
          {
            "title": "RHSA-2017:2836",
            "trust": 0.8,
            "url": "https://access.redhat.com/errata/RHSA-2017:2836"
          },
          {
            "title": "CHANGELOG",
            "trust": 0.8,
            "url": "http://thekelleys.org.uk/dnsmasq/CHANGELOG"
          },
          {
            "title": "Security fix, CVE-2017-14495, OOM in DNS response creation.",
            "trust": 0.8,
            "url": "http://thekelleys.org.uk/gitweb/?p=dnsmasq.git;a=commit;h=51eadb692a5123b9838e5a68ecace3ac579a3a45"
          },
          {
            "title": "USN-3430-2",
            "trust": 0.8,
            "url": "https://usn.ubuntu.com/usn/USN-3430-2/"
          },
          {
            "title": "USN-3430-1",
            "trust": 0.8,
            "url": "https://usn.ubuntu.com/usn/USN-3430-1/"
          },
          {
            "title": "dnsmasq: Multiple Critical and Important vulnerabilities",
            "trust": 0.8,
            "url": "https://access.redhat.com/security/vulnerabilities/3199382"
          },
          {
            "title": "Dnsmasq Remediation of resource management error vulnerabilities",
            "trust": 0.6,
            "url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=92839"
          },
          {
            "title": "Red Hat: Critical: dnsmasq security update",
            "trust": 0.1,
            "url": "https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories\u0026qid=RHSA-20172836 - Security Advisory"
          },
          {
            "title": "Arch Linux Issues: ",
            "trust": 0.1,
            "url": "https://vulmon.com/vendoradvisory?qidtp=arch_linux_issues\u0026qid=CVE-2017-14495"
          },
          {
            "title": "Ubuntu Security Notice: dnsmasq vulnerabilities",
            "trust": 0.1,
            "url": "https://vulmon.com/vendoradvisory?qidtp=ubuntu_security_notice\u0026qid=USN-3430-2"
          },
          {
            "title": "Ubuntu Security Notice: dnsmasq regression",
            "trust": 0.1,
            "url": "https://vulmon.com/vendoradvisory?qidtp=ubuntu_security_notice\u0026qid=USN-3430-3"
          },
          {
            "title": "Ubuntu Security Notice: dnsmasq vulnerabilities",
            "trust": 0.1,
            "url": "https://vulmon.com/vendoradvisory?qidtp=ubuntu_security_notice\u0026qid=USN-3430-1"
          },
          {
            "title": "Debian Security Advisories: DSA-3989-1 dnsmasq -- security update",
            "trust": 0.1,
            "url": "https://vulmon.com/vendoradvisory?qidtp=debian_security_advisories\u0026qid=5c18698ecfe74c7de381531f8ed44dcf"
          },
          {
            "title": "Siemens Security Advisories: Siemens Security Advisory",
            "trust": 0.1,
            "url": "https://vulmon.com/vendoradvisory?qidtp=siemens_security_advisories\u0026qid=7f490a104360d6f65bee18ec7bfa18a3"
          },
          {
            "title": "Amazon Linux 2: ALAS2-2019-1251",
            "trust": 0.1,
            "url": "https://vulmon.com/vendoradvisory?qidtp=amazon_linux2\u0026qid=ALAS2-2019-1251"
          },
          {
            "title": "Amazon Linux AMI: ALAS-2017-907",
            "trust": 0.1,
            "url": "https://vulmon.com/vendoradvisory?qidtp=amazon_linux_ami\u0026qid=ALAS-2017-907"
          },
          {
            "title": "Arch Linux Advisories: [ASA-201710-1] dnsmasq: multiple issues",
            "trust": 0.1,
            "url": "https://vulmon.com/vendoradvisory?qidtp=arch_linux_advisories\u0026qid=ASA-201710-1"
          },
          {
            "title": "Oracle Solaris Third Party Bulletins: Oracle Solaris Third Party Bulletin - October 2017",
            "trust": 0.1,
            "url": "https://vulmon.com/vendoradvisory?qidtp=oracle_solaris_third_party_bulletins\u0026qid=6283337cd31f81f24d445925f2138c0e"
          },
          {
            "title": "Oracle Linux Bulletins: Oracle Linux Bulletin - October 2017",
            "trust": 0.1,
            "url": "https://vulmon.com/vendoradvisory?qidtp=oracle_linux_bulletins\u0026qid=7251d5e5f2b1771951980ad7cfde50ba"
          },
          {
            "title": "Awesome CVE PoC",
            "trust": 0.1,
            "url": "https://github.com/lnick2023/nicenice "
          },
          {
            "title": "Awesome CVE PoC",
            "trust": 0.1,
            "url": "https://github.com/xbl3/awesome-cve-poc_qazbnm456 "
          },
          {
            "title": "Awesome CVE PoC",
            "trust": 0.1,
            "url": "https://github.com/qazbnm456/awesome-cve-poc "
          },
          {
            "title": "Threatpost",
            "trust": 0.1,
            "url": "https://threatpost.com/google-warns-of-dos-and-rce-bugs-in-dnsmasq/128238/"
          }
        ],
        "sources": [
          {
            "db": "VULMON",
            "id": "CVE-2017-14495"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2017-008622"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201709-743"
          }
        ]
      },
      "problemtype_data": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "problemtype": "CWE-772",
            "trust": 1.0
          },
          {
            "problemtype": "CWE-400",
            "trust": 0.8
          },
          {
            "problemtype": "CWE-399",
            "trust": 0.8
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2017-008622"
          },
          {
            "db": "NVD",
            "id": "CVE-2017-14495"
          }
        ]
      },
      "references": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/references#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "trust": 3.5,
            "url": "https://www.kb.cert.org/vuls/id/973527"
          },
          {
            "trust": 2.9,
            "url": "http://www.securityfocus.com/bid/101085"
          },
          {
            "trust": 2.8,
            "url": "https://security.googleblog.com/2017/10/behind-masq-yet-more-dns-and-dhcp.html"
          },
          {
            "trust": 2.1,
            "url": "https://access.redhat.com/errata/rhsa-2017:2836"
          },
          {
            "trust": 2.0,
            "url": "http://www.ubuntu.com/usn/usn-3430-1"
          },
          {
            "trust": 2.0,
            "url": "http://www.debian.org/security/2017/dsa-3989"
          },
          {
            "trust": 2.0,
            "url": "https://ics-cert.us-cert.gov/advisories/icsa-17-332-01"
          },
          {
            "trust": 1.8,
            "url": "https://www.exploit-db.com/exploits/42945/"
          },
          {
            "trust": 1.8,
            "url": "https://access.redhat.com/security/vulnerabilities/3199382"
          },
          {
            "trust": 1.8,
            "url": "http://www.ubuntu.com/usn/usn-3430-2"
          },
          {
            "trust": 1.8,
            "url": "https://security.gentoo.org/glsa/201710-27"
          },
          {
            "trust": 1.7,
            "url": "http://www.thekelleys.org.uk/dnsmasq/doc.html"
          },
          {
            "trust": 1.7,
            "url": "http://www.securitytracker.com/id/1039474"
          },
          {
            "trust": 1.7,
            "url": "http://lists.opensuse.org/opensuse-security-announce/2017-10/msg00006.html"
          },
          {
            "trust": 1.7,
            "url": "http://nvidia.custhelp.com/app/answers/detail/a_id/4561"
          },
          {
            "trust": 1.7,
            "url": "http://www.securityfocus.com/bid/101977"
          },
          {
            "trust": 1.7,
            "url": "https://www.synology.com/support/security/synology_sa_17_59_dnsmasq"
          },
          {
            "trust": 1.7,
            "url": "http://www.arubanetworks.com/assets/alert/aruba-psa-2017-005.txt"
          },
          {
            "trust": 1.7,
            "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-689071.pdf"
          },
          {
            "trust": 1.7,
            "url": "http://thekelleys.org.uk/dnsmasq/changelog"
          },
          {
            "trust": 1.3,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2017-14495"
          },
          {
            "trust": 1.1,
            "url": "https://www.mail-archive.com/dnsmasq-discuss%40lists.thekelleys.org.uk/msg11665.html"
          },
          {
            "trust": 1.1,
            "url": "http://thekelleys.org.uk/gitweb/?p=dnsmasq.git%3ba=commit%3bh=51eadb692a5123b9838e5a68ecace3ac579a3a45"
          },
          {
            "trust": 1.1,
            "url": "https://www.mail-archive.com/dnsmasq-discuss%40lists.thekelleys.org.uk/msg11664.html"
          },
          {
            "trust": 1.0,
            "url": "https://access.redhat.com/security/cve/cve-2017-14491"
          },
          {
            "trust": 1.0,
            "url": "https://access.redhat.com/security/cve/cve-2017-14492"
          },
          {
            "trust": 1.0,
            "url": "https://access.redhat.com/security/cve/cve-2017-14493"
          },
          {
            "trust": 1.0,
            "url": "https://access.redhat.com/security/cve/cve-2017-14494"
          },
          {
            "trust": 1.0,
            "url": "https://access.redhat.com/security/cve/cve-2017-14495"
          },
          {
            "trust": 1.0,
            "url": "https://access.redhat.com/security/cve/cve-2017-14496"
          },
          {
            "trust": 0.9,
            "url": "http://www.thekelleys.org.uk/dnsmasq/changelog"
          },
          {
            "trust": 0.9,
            "url": "https://github.com/google/security-research-pocs/blob/master/vulnerabilities/dnsmasq/cve-2017-14491.py"
          },
          {
            "trust": 0.9,
            "url": "https://github.com/google/security-research-pocs/blob/master/vulnerabilities/dnsmasq/cve-2017-14492.py"
          },
          {
            "trust": 0.9,
            "url": "https://github.com/google/security-research-pocs/blob/master/vulnerabilities/dnsmasq/cve-2017-14493.py"
          },
          {
            "trust": 0.9,
            "url": "https://github.com/google/security-research-pocs/blob/master/vulnerabilities/dnsmasq/cve-2017-14494.py"
          },
          {
            "trust": 0.9,
            "url": "https://github.com/google/security-research-pocs/blob/master/vulnerabilities/dnsmasq/cve-2017-14495.py"
          },
          {
            "trust": 0.9,
            "url": "https://github.com/kubernetes/kubernetes/blob/master/changelog.md"
          },
          {
            "trust": 0.9,
            "url": "http://www.slackware.com/security/viewer.php?l=slackware-security\u0026y=2017\u0026m=slackware-security.601472"
          },
          {
            "trust": 0.9,
            "url": "https://source.android.com/security/bulletin/2017-10-01"
          },
          {
            "trust": 0.9,
            "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1495410"
          },
          {
            "trust": 0.9,
            "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1495411"
          },
          {
            "trust": 0.9,
            "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1495412"
          },
          {
            "trust": 0.9,
            "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1495415"
          },
          {
            "trust": 0.9,
            "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1495416"
          },
          {
            "trust": 0.9,
            "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1495510"
          },
          {
            "trust": 0.9,
            "url": "https://access.redhat.com/security/cve/cve-2017-13704"
          },
          {
            "trust": 0.9,
            "url": "https://github.com/google/security-research-pocs/blob/master/vulnerabilities/dnsmasq/cve-2017-14496.py"
          },
          {
            "trust": 0.9,
            "url": "https://access.redhat.com/errata/rhsa-2017:2837"
          },
          {
            "trust": 0.8,
            "url": "https://www.ruckuswireless.com/security"
          },
          {
            "trust": 0.8,
            "url": "https://www.zyxel.com/support/announcement_dnsmasq_vulnerabilities.shtml"
          },
          {
            "trust": 0.8,
            "url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2017-14495"
          },
          {
            "trust": 0.8,
            "url": "http://jvn.jp/vu/jvnvu93453933/index.html"
          },
          {
            "trust": 0.6,
            "url": "https://www.mail-archive.com/dnsmasq-discuss@lists.thekelleys.org.uk/msg11664.html"
          },
          {
            "trust": 0.6,
            "url": "http://thekelleys.org.uk/gitweb/?p=dnsmasq.git;a=commit;h=51eadb692a5123b9838e5a68ecace3ac579a3a45"
          },
          {
            "trust": 0.6,
            "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1495409bug1495409"
          },
          {
            "trust": 0.6,
            "url": "https://www.mail-archive.com/dnsmasq-discuss@lists.thekelleys.org.uk/msg11665.html"
          },
          {
            "trust": 0.6,
            "url": "https://us-cert.cisa.gov/ics/advisories/icsa-17-332-01"
          },
          {
            "trust": 0.5,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2017-14496"
          },
          {
            "trust": 0.5,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2017-14491"
          },
          {
            "trust": 0.5,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2017-14494"
          },
          {
            "trust": 0.5,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2017-14492"
          },
          {
            "trust": 0.5,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2017-14493"
          },
          {
            "trust": 0.3,
            "url": "http://subscriber.communications.siemens.com/"
          },
          {
            "trust": 0.3,
            "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1495409 bug 1495409"
          },
          {
            "trust": 0.1,
            "url": "https://cwe.mitre.org/data/definitions/772.html"
          },
          {
            "trust": 0.1,
            "url": "https://tools.cisco.com/security/center/viewalert.x?alertid=55498"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov"
          },
          {
            "trust": 0.1,
            "url": "https://usn.ubuntu.com/3430-2/"
          },
          {
            "trust": 0.1,
            "url": "https://access.redhat.com/security/updates/classification/#critical"
          },
          {
            "trust": 0.1,
            "url": "https://access.redhat.com/articles/11258"
          },
          {
            "trust": 0.1,
            "url": "https://access.redhat.com/security/team/contact/"
          },
          {
            "trust": 0.1,
            "url": "https://www.redhat.com/mailman/listinfo/rhsa-announce"
          },
          {
            "trust": 0.1,
            "url": "https://bugzilla.redhat.com/):"
          },
          {
            "trust": 0.1,
            "url": "https://access.redhat.com/security/team/key/"
          },
          {
            "trust": 0.1,
            "url": "https://launchpad.net/bugs/1741262"
          },
          {
            "trust": 0.1,
            "url": "https://www.ubuntu.com/usn/usn-3430-3"
          },
          {
            "trust": 0.1,
            "url": "https://launchpad.net/ubuntu/+source/dnsmasq/2.76-5ubuntu0.1"
          },
          {
            "trust": 0.1,
            "url": "https://launchpad.net/ubuntu/+source/dnsmasq/2.75-1ubuntu0.16.04.3"
          },
          {
            "trust": 0.1,
            "url": "https://launchpad.net/ubuntu/+source/dnsmasq/2.68-1ubuntu0.2"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/nvd.cfm?cvename=cve-2017-14495"
          },
          {
            "trust": 0.1,
            "url": "http://creativecommons.org/licenses/by-sa/2.5"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/nvd.cfm?cvename=cve-2017-14493"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/nvd.cfm?cvename=cve-2017-14492"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/nvd.cfm?cvename=cve-2017-14491"
          },
          {
            "trust": 0.1,
            "url": "https://security.gentoo.org/"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/nvd.cfm?cvename=cve-2017-14496"
          },
          {
            "trust": 0.1,
            "url": "https://bugs.gentoo.org."
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/nvd.cfm?cvename=cve-2017-14494"
          }
        ],
        "sources": [
          {
            "db": "CERT/CC",
            "id": "VU#973527"
          },
          {
            "db": "VULMON",
            "id": "CVE-2017-14495"
          },
          {
            "db": "BID",
            "id": "101977"
          },
          {
            "db": "BID",
            "id": "101085"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2017-008622"
          },
          {
            "db": "PACKETSTORM",
            "id": "144490"
          },
          {
            "db": "PACKETSTORM",
            "id": "144484"
          },
          {
            "db": "PACKETSTORM",
            "id": "145652"
          },
          {
            "db": "PACKETSTORM",
            "id": "144469"
          },
          {
            "db": "PACKETSTORM",
            "id": "144706"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201709-743"
          },
          {
            "db": "NVD",
            "id": "CVE-2017-14495"
          }
        ]
      },
      "sources": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "db": "CERT/CC",
            "id": "VU#973527"
          },
          {
            "db": "VULMON",
            "id": "CVE-2017-14495"
          },
          {
            "db": "BID",
            "id": "101977"
          },
          {
            "db": "BID",
            "id": "101085"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2017-008622"
          },
          {
            "db": "PACKETSTORM",
            "id": "144490"
          },
          {
            "db": "PACKETSTORM",
            "id": "144484"
          },
          {
            "db": "PACKETSTORM",
            "id": "145652"
          },
          {
            "db": "PACKETSTORM",
            "id": "144469"
          },
          {
            "db": "PACKETSTORM",
            "id": "144706"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201709-743"
          },
          {
            "db": "NVD",
            "id": "CVE-2017-14495"
          }
        ]
      },
      "sources_release_date": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "date": "2017-10-02T00:00:00",
            "db": "CERT/CC",
            "id": "VU#973527"
          },
          {
            "date": "2017-10-03T00:00:00",
            "db": "VULMON",
            "id": "CVE-2017-14495"
          },
          {
            "date": "2017-11-28T00:00:00",
            "db": "BID",
            "id": "101977"
          },
          {
            "date": "2017-10-02T00:00:00",
            "db": "BID",
            "id": "101085"
          },
          {
            "date": "2017-10-24T00:00:00",
            "db": "JVNDB",
            "id": "JVNDB-2017-008622"
          },
          {
            "date": "2017-10-03T20:21:00",
            "db": "PACKETSTORM",
            "id": "144490"
          },
          {
            "date": "2017-10-03T05:19:24",
            "db": "PACKETSTORM",
            "id": "144484"
          },
          {
            "date": "2018-01-04T17:50:40",
            "db": "PACKETSTORM",
            "id": "145652"
          },
          {
            "date": "2017-10-02T13:13:00",
            "db": "PACKETSTORM",
            "id": "144469"
          },
          {
            "date": "2017-10-23T13:54:05",
            "db": "PACKETSTORM",
            "id": "144706"
          },
          {
            "date": "2017-09-18T00:00:00",
            "db": "CNNVD",
            "id": "CNNVD-201709-743"
          },
          {
            "date": "2017-10-03T01:29:02.153000",
            "db": "NVD",
            "id": "CVE-2017-14495"
          }
        ]
      },
      "sources_update_date": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "date": "2018-02-02T00:00:00",
            "db": "CERT/CC",
            "id": "VU#973527"
          },
          {
            "date": "2023-11-07T00:00:00",
            "db": "VULMON",
            "id": "CVE-2017-14495"
          },
          {
            "date": "2019-05-15T17:00:00",
            "db": "BID",
            "id": "101977"
          },
          {
            "date": "2017-10-02T00:00:00",
            "db": "BID",
            "id": "101085"
          },
          {
            "date": "2017-11-29T00:00:00",
            "db": "JVNDB",
            "id": "JVNDB-2017-008622"
          },
          {
            "date": "2020-10-14T00:00:00",
            "db": "CNNVD",
            "id": "CNNVD-201709-743"
          },
          {
            "date": "2025-04-20T01:37:25.860000",
            "db": "NVD",
            "id": "CVE-2017-14495"
          }
        ]
      },
      "threat_type": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/threat_type#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "remote",
        "sources": [
          {
            "db": "PACKETSTORM",
            "id": "144490"
          },
          {
            "db": "PACKETSTORM",
            "id": "145652"
          },
          {
            "db": "PACKETSTORM",
            "id": "144469"
          },
          {
            "db": "PACKETSTORM",
            "id": "144706"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201709-743"
          }
        ],
        "trust": 1.0
      },
      "title": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/title#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "Dnsmasq contains multiple vulnerabilities",
        "sources": [
          {
            "db": "CERT/CC",
            "id": "VU#973527"
          }
        ],
        "trust": 0.8
      },
      "type": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/type#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "resource management error",
        "sources": [
          {
            "db": "CNNVD",
            "id": "CNNVD-201709-743"
          }
        ],
        "trust": 0.6
      }
    }

    VAR-201710-0452

    Vulnerability from variot - Updated: 2025-04-20 22:54

    Integer underflow in the add_pseudoheader function in dnsmasq before 2.78 , when the --add-mac, --add-cpe-id or --add-subnet option is specified, allows remote attackers to cause a denial of service via a crafted DNS request. Dnsmasq versions 2.77 and earlier contains multiple vulnerabilities. dnsmasq Contains an integer underflow vulnerability.Service operation interruption (DoS) There is a possibility of being put into a state. Multiple Siemens SCALANCE Products are prone to the following security vulnerabilities: 1. A buffer-overflow vulnerability 2. Multiple denial-of-service vulnerabilities Attackers can exploit these issues to execute arbitrary code within the context of affected device or cause a denial-of-service condition. This BID is being retired as a duplicate of BID 101085 Dnsmasq VU#973527 Multiple Security Vulnerabilities. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1

    ===================================================================== Red Hat Security Advisory

    Synopsis: Critical: dnsmasq security update Advisory ID: RHSA-2017:2836-01 Product: Red Hat Enterprise Linux Advisory URL: https://access.redhat.com/errata/RHSA-2017:2836 Issue date: 2017-10-02 CVE Names: CVE-2017-14491 CVE-2017-14492 CVE-2017-14493 CVE-2017-14494 CVE-2017-14495 CVE-2017-14496 =====================================================================

    1. Summary:

    An update for dnsmasq is now available for Red Hat Enterprise Linux 7.

    Red Hat Product Security has rated this update as having a security impact of Critical. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.

    1. Relevant releases/architectures:

    Red Hat Enterprise Linux Client (v. 7) - x86_64 Red Hat Enterprise Linux Client Optional (v. 7) - x86_64 Red Hat Enterprise Linux ComputeNode (v. 7) - x86_64 Red Hat Enterprise Linux ComputeNode Optional (v. 7) - x86_64 Red Hat Enterprise Linux Server (v. 7) - aarch64, ppc64, ppc64le, s390x, x86_64 Red Hat Enterprise Linux Server Optional (v. 7) - aarch64, ppc64, ppc64le, s390x, x86_64 Red Hat Enterprise Linux Workstation (v. 7) - x86_64 Red Hat Enterprise Linux Workstation Optional (v. 7) - x86_64

    1. Description:

    The dnsmasq packages contain Dnsmasq, a lightweight DNS (Domain Name Server) forwarder and DHCP (Dynamic Host Configuration Protocol) server.

    Security Fix(es):

    • A heap buffer overflow was found in dnsmasq in the code responsible for building DNS replies. An attacker could send crafted DNS packets to dnsmasq which would cause it to crash or, potentially, execute arbitrary code. (CVE-2017-14491)

    • A heap buffer overflow was discovered in dnsmasq in the IPv6 router advertisement (RA) handling code. This issue only affected configurations using one of these options: enable-ra, ra-only, slaac, ra-names, ra-advrouter, or ra-stateless. (CVE-2017-14492)

    • A stack buffer overflow was found in dnsmasq in the DHCPv6 code. (CVE-2017-14493)

    • An information leak was found in dnsmasq in the DHCPv6 relay code. An attacker on the local network could send crafted DHCPv6 packets to dnsmasq causing it to forward the contents of process memory, potentially leaking sensitive data. (CVE-2017-14494)

    • A memory exhaustion flaw was found in dnsmasq in the EDNS0 code. An attacker could send crafted DNS packets which would trigger memory allocations which would never be freed, leading to unbounded memory consumption and eventually a crash. This issue only affected configurations using one of the options: add-mac, add-cpe-id, or add-subnet. (CVE-2017-14495)

    • An integer underflow flaw leading to a buffer over-read was found in dnsmasq in the EDNS0 code. An attacker could send crafted DNS packets to dnsmasq which would cause it to crash. This issue only affected configurations using one of the options: add-mac, add-cpe-id, or add-subnet. (CVE-2017-14496)

    Red Hat would like to thank Felix Wilhelm (Google Security Team), Fermin J. Serna (Google Security Team), Gabriel Campana (Google Security Team), Kevin Hamacher (Google Security Team), and Ron Bowes (Google Security Team) for reporting these issues.

    1. Solution:

    For details on how to apply this update, which includes the changes described in this advisory, refer to:

    https://access.redhat.com/articles/11258

    1. Bugs fixed (https://bugzilla.redhat.com/):

    1495409 - CVE-2017-14491 dnsmasq: heap overflow in the code responsible for building DNS replies 1495410 - CVE-2017-14492 dnsmasq: heap overflow in the IPv6 router advertisement code 1495411 - CVE-2017-14493 dnsmasq: stack buffer overflow in the DHCPv6 code 1495412 - CVE-2017-14494 dnsmasq: information leak in the DHCPv6 relay code 1495415 - CVE-2017-14495 dnsmasq: memory exhaustion vulnerability in the EDNS0 code 1495416 - CVE-2017-14496 dnsmasq: integer underflow leading to buffer over-read in the EDNS0 code

    1. Package List:

    Red Hat Enterprise Linux Client (v. 7):

    Source: dnsmasq-2.76-2.el7_4.2.src.rpm

    x86_64: dnsmasq-2.76-2.el7_4.2.x86_64.rpm dnsmasq-debuginfo-2.76-2.el7_4.2.x86_64.rpm

    Red Hat Enterprise Linux Client Optional (v. 7):

    x86_64: dnsmasq-debuginfo-2.76-2.el7_4.2.x86_64.rpm dnsmasq-utils-2.76-2.el7_4.2.x86_64.rpm

    Red Hat Enterprise Linux ComputeNode (v. 7):

    Source: dnsmasq-2.76-2.el7_4.2.src.rpm

    x86_64: dnsmasq-2.76-2.el7_4.2.x86_64.rpm dnsmasq-debuginfo-2.76-2.el7_4.2.x86_64.rpm

    Red Hat Enterprise Linux ComputeNode Optional (v. 7):

    x86_64: dnsmasq-debuginfo-2.76-2.el7_4.2.x86_64.rpm dnsmasq-utils-2.76-2.el7_4.2.x86_64.rpm

    Red Hat Enterprise Linux Server (v. 7):

    Source: dnsmasq-2.76-2.el7_4.2.src.rpm

    aarch64: dnsmasq-2.76-2.el7_4.2.aarch64.rpm dnsmasq-debuginfo-2.76-2.el7_4.2.aarch64.rpm

    ppc64: dnsmasq-2.76-2.el7_4.2.ppc64.rpm dnsmasq-debuginfo-2.76-2.el7_4.2.ppc64.rpm

    ppc64le: dnsmasq-2.76-2.el7_4.2.ppc64le.rpm dnsmasq-debuginfo-2.76-2.el7_4.2.ppc64le.rpm

    s390x: dnsmasq-2.76-2.el7_4.2.s390x.rpm dnsmasq-debuginfo-2.76-2.el7_4.2.s390x.rpm

    x86_64: dnsmasq-2.76-2.el7_4.2.x86_64.rpm dnsmasq-debuginfo-2.76-2.el7_4.2.x86_64.rpm

    Red Hat Enterprise Linux Server Optional (v. 7):

    aarch64: dnsmasq-debuginfo-2.76-2.el7_4.2.aarch64.rpm dnsmasq-utils-2.76-2.el7_4.2.aarch64.rpm

    ppc64: dnsmasq-debuginfo-2.76-2.el7_4.2.ppc64.rpm dnsmasq-utils-2.76-2.el7_4.2.ppc64.rpm

    ppc64le: dnsmasq-debuginfo-2.76-2.el7_4.2.ppc64le.rpm dnsmasq-utils-2.76-2.el7_4.2.ppc64le.rpm

    s390x: dnsmasq-debuginfo-2.76-2.el7_4.2.s390x.rpm dnsmasq-utils-2.76-2.el7_4.2.s390x.rpm

    x86_64: dnsmasq-debuginfo-2.76-2.el7_4.2.x86_64.rpm dnsmasq-utils-2.76-2.el7_4.2.x86_64.rpm

    Red Hat Enterprise Linux Workstation (v. 7):

    Source: dnsmasq-2.76-2.el7_4.2.src.rpm

    x86_64: dnsmasq-2.76-2.el7_4.2.x86_64.rpm dnsmasq-debuginfo-2.76-2.el7_4.2.x86_64.rpm

    Red Hat Enterprise Linux Workstation Optional (v. 7):

    x86_64: dnsmasq-debuginfo-2.76-2.el7_4.2.x86_64.rpm dnsmasq-utils-2.76-2.el7_4.2.x86_64.rpm

    These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key/

    1. References:

    https://access.redhat.com/security/cve/CVE-2017-14491 https://access.redhat.com/security/cve/CVE-2017-14492 https://access.redhat.com/security/cve/CVE-2017-14493 https://access.redhat.com/security/cve/CVE-2017-14494 https://access.redhat.com/security/cve/CVE-2017-14495 https://access.redhat.com/security/cve/CVE-2017-14496 https://access.redhat.com/security/updates/classification/#critical https://access.redhat.com/security/vulnerabilities/3199382

    1. Contact:

    The Red Hat security contact is secalert@redhat.com. More contact details at https://access.redhat.com/security/team/contact/

    Copyright 2017 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1

    iD8DBQFZ0opYXlSAg2UNWIIRAr0dAJ9rIL1FgNTJUf2I9jjKFFlfkCd/kwCfV+bX SfoCV7+qG2nwqlHKLZOlhIU= =iWfU -----END PGP SIGNATURE-----

    -- RHSA-announce mailing list RHSA-announce@redhat.com https://www.redhat.com/mailman/listinfo/rhsa-announce . =========================================================================== Ubuntu Security Notice USN-3430-3 January 04, 2018

    dnsmasq regression

    A security issue affects these releases of Ubuntu and its derivatives:

    • Ubuntu 12.04 ESM

    Summary:

    USN-3430-2 introduced regression in Dnsmasq.

    Software Description: - dnsmasq: Small caching DNS proxy and DHCP/TFTP server

    Details:

    USN-3430-2 fixed several vulnerabilities. The update introduced a new regression that breaks DNS resolution. This update addresses the problem.

    We apologize for the inconvenience.

    Original advisory details:

    Felix Wilhelm, Fermin J. Serna, Gabriel Campana and Kevin Hamacher discovered that Dnsmasq incorrectly handled DNS requests. (CVE-2017-14491)

    Felix Wilhelm, Fermin J. (CVE-2017-14492)

    Felix Wilhelm, Fermin J. Serna, Gabriel Campana and Kevin Hamacher discovered that Dnsmasq incorrectly handled DHCPv6 requests. (CVE-2017-14493)

    Felix Wilhelm, Fermin J. Serna, Gabriel Campana and Kevin Hamacher discovered that Dnsmasq incorrectly handled DHCPv6 packets. (CVE-2017-14494)

    Felix Wilhelm, Fermin J. Serna, Gabriel Campana and Kevin Hamacher discovered that Dnsmasq incorrectly handled DNS requests. (CVE-2017-14495)

    Felix Wilhelm, Fermin J. Serna, Gabriel Campana and Kevin Hamacher discovered that Dnsmasq incorrectly handled DNS requests. (CVE-2017-14496)

    Update instructions:

    The problem can be corrected by updating your system to the following package versions:

    Ubuntu 12.04 ESM: dnsmasq=C2=A02.59-4ubuntu0.4 dnsmasq-base2.59-4ubuntu0.4 dnsmasq-utils2.59-4ubuntu0.4

    After a standard system update you need to reboot your computer to make all the necessary changes.

    Affected packages

    -------------------------------------------------------------------
     Package              /     Vulnerable     /            Unaffected
    -------------------------------------------------------------------
    

    1 net-dns/dnsmasq < 2.78 >= 2.78

    Description

    Multiple vulnerabilities have been discovered in Dnsmasq.

    Workaround

    There is no known workaround at this time.

    Resolution

    All Dnsmasq users should upgrade to the latest version:

    # emerge --sync # emerge --ask --oneshot --verbose ">=net-dns/dnsmasq-2.78"

    References

    [ 1 ] CVE-2017-14491 https://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-14491 [ 2 ] CVE-2017-14492 https://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-14492 [ 3 ] CVE-2017-14493 https://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-14493 [ 4 ] CVE-2017-14494 https://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-14494 [ 5 ] CVE-2017-14495 https://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-14495 [ 6 ] CVE-2017-14496 https://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-14496

    Availability

    This GLSA and any updates to it are available for viewing at the Gentoo Security Website:

    https://security.gentoo.org/glsa/201710-27

    Concerns?

    Security is a primary focus of Gentoo Linux and ensuring the confidentiality and security of our users' machines is of utmost importance to us. Any security concerns should be addressed to security@gentoo.org or alternatively, you may file a bug at https://bugs.gentoo.org.

    License

    Copyright 2017 Gentoo Foundation, Inc; referenced text belongs to its owner(s).

    The contents of this document are licensed under the Creative Commons - Attribution / Share Alike license.

    http://creativecommons.org/licenses/by-sa/2.5

    Show details on source website

    {
      "@context": {
        "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
        "affected_products": {
          "@id": "https://www.variotdbs.pl/ref/affected_products"
        },
        "configurations": {
          "@id": "https://www.variotdbs.pl/ref/configurations"
        },
        "credits": {
          "@id": "https://www.variotdbs.pl/ref/credits"
        },
        "cvss": {
          "@id": "https://www.variotdbs.pl/ref/cvss/"
        },
        "description": {
          "@id": "https://www.variotdbs.pl/ref/description/"
        },
        "exploit_availability": {
          "@id": "https://www.variotdbs.pl/ref/exploit_availability/"
        },
        "external_ids": {
          "@id": "https://www.variotdbs.pl/ref/external_ids/"
        },
        "iot": {
          "@id": "https://www.variotdbs.pl/ref/iot/"
        },
        "iot_taxonomy": {
          "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
        },
        "patch": {
          "@id": "https://www.variotdbs.pl/ref/patch/"
        },
        "problemtype_data": {
          "@id": "https://www.variotdbs.pl/ref/problemtype_data/"
        },
        "references": {
          "@id": "https://www.variotdbs.pl/ref/references/"
        },
        "sources": {
          "@id": "https://www.variotdbs.pl/ref/sources/"
        },
        "sources_release_date": {
          "@id": "https://www.variotdbs.pl/ref/sources_release_date/"
        },
        "sources_update_date": {
          "@id": "https://www.variotdbs.pl/ref/sources_update_date/"
        },
        "threat_type": {
          "@id": "https://www.variotdbs.pl/ref/threat_type/"
        },
        "title": {
          "@id": "https://www.variotdbs.pl/ref/title/"
        },
        "type": {
          "@id": "https://www.variotdbs.pl/ref/type/"
        }
      },
      "@id": "https://www.variotdbs.pl/vuln/VAR-201710-0452",
      "affected_products": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/affected_products#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            },
            "@id": "https://www.variotdbs.pl/ref/sources"
          }
        },
        "data": [
          {
            "model": "android",
            "scope": "eq",
            "trust": 1.3,
            "vendor": "google",
            "version": "7.1.1"
          },
          {
            "model": "android",
            "scope": "eq",
            "trust": 1.3,
            "vendor": "google",
            "version": "6.0.1"
          },
          {
            "model": "android",
            "scope": "eq",
            "trust": 1.3,
            "vendor": "google",
            "version": "5.1.1"
          },
          {
            "model": "android",
            "scope": "eq",
            "trust": 1.3,
            "vendor": "google",
            "version": "5.0.2"
          },
          {
            "model": "android",
            "scope": "eq",
            "trust": 1.3,
            "vendor": "google",
            "version": "4.4.4"
          },
          {
            "model": "android",
            "scope": "eq",
            "trust": 1.3,
            "vendor": "google",
            "version": "8.0"
          },
          {
            "model": "android",
            "scope": "eq",
            "trust": 1.3,
            "vendor": "google",
            "version": "7.1.2"
          },
          {
            "model": "android",
            "scope": "eq",
            "trust": 1.3,
            "vendor": "google",
            "version": "7.0"
          },
          {
            "model": "android",
            "scope": "eq",
            "trust": 1.3,
            "vendor": "google",
            "version": "6.0"
          },
          {
            "model": "enterprise linux workstation",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "redhat",
            "version": "7.0"
          },
          {
            "model": "leap",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "novell",
            "version": "42.2"
          },
          {
            "model": "linux",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "debian",
            "version": "9.0"
          },
          {
            "model": "enterprise linux desktop",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "redhat",
            "version": "7.0"
          },
          {
            "model": "leap",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "novell",
            "version": "42.3"
          },
          {
            "model": "dnsmasq",
            "scope": "lte",
            "trust": 1.0,
            "vendor": "thekelleys",
            "version": "2.77"
          },
          {
            "model": "linux",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "debian",
            "version": "7.1"
          },
          {
            "model": "linux",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "debian",
            "version": "7.0"
          },
          {
            "model": "ubuntu linux",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "canonical",
            "version": "14.04"
          },
          {
            "model": "ubuntu linux",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "canonical",
            "version": "16.04"
          },
          {
            "model": "ubuntu linux",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "canonical",
            "version": "17.04"
          },
          {
            "model": "enterprise linux server",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "redhat",
            "version": "7.0"
          },
          {
            "model": "dnsmasq",
            "scope": "eq",
            "trust": 0.9,
            "vendor": "thekelleys",
            "version": "2.77"
          },
          {
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "ruckus",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "technicolor",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "zyxel",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "dnsmasq",
            "version": null
          },
          {
            "model": "ubuntu",
            "scope": null,
            "trust": 0.8,
            "vendor": "canonical",
            "version": null
          },
          {
            "model": "gnu/linux",
            "scope": null,
            "trust": 0.8,
            "vendor": "debian",
            "version": null
          },
          {
            "model": "android",
            "scope": null,
            "trust": 0.8,
            "vendor": "google",
            "version": null
          },
          {
            "model": "leap",
            "scope": null,
            "trust": 0.8,
            "vendor": "opensuse",
            "version": null
          },
          {
            "model": "dnsmasq",
            "scope": "lt",
            "trust": 0.8,
            "vendor": "thekelleys",
            "version": "2.78"
          },
          {
            "model": "enterprise linux desktop",
            "scope": null,
            "trust": 0.8,
            "vendor": "red hat",
            "version": null
          },
          {
            "model": "enterprise linux server",
            "scope": null,
            "trust": 0.8,
            "vendor": "red hat",
            "version": null
          },
          {
            "model": "enterprise linux workstation",
            "scope": null,
            "trust": 0.8,
            "vendor": "red hat",
            "version": null
          },
          {
            "model": "enterprise linux server year extended update support",
            "scope": "eq",
            "trust": 0.6,
            "vendor": "redhat",
            "version": "-47.4"
          },
          {
            "model": "scalance w1750d",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "siemens",
            "version": "0"
          },
          {
            "model": "scalance s615",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "siemens",
            "version": "0"
          },
          {
            "model": "scalance m800",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "siemens",
            "version": "0"
          },
          {
            "model": "linux",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ubuntu",
            "version": "17.04"
          },
          {
            "model": "linux lts",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ubuntu",
            "version": "16.04"
          },
          {
            "model": "linux lts",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ubuntu",
            "version": "14.04"
          },
          {
            "model": "dnsmasq",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "thekelleys",
            "version": "1.2.2"
          },
          {
            "model": "dnsmasq",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "thekelleys",
            "version": "2.75"
          },
          {
            "model": "dnsmasq",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "thekelleys",
            "version": "2.72"
          },
          {
            "model": "dnsmasq",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "thekelleys",
            "version": "2.71"
          },
          {
            "model": "dnsmasq",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "thekelleys",
            "version": "2.70"
          },
          {
            "model": "dnsmasq",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "thekelleys",
            "version": "2.7"
          },
          {
            "model": "dnsmasq",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "thekelleys",
            "version": "2.65"
          },
          {
            "model": "dnsmasq",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "thekelleys",
            "version": "2.64"
          },
          {
            "model": "dnsmasq",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "thekelleys",
            "version": "2.63"
          },
          {
            "model": "dnsmasq",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "thekelleys",
            "version": "2.62"
          },
          {
            "model": "dnsmasq",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "thekelleys",
            "version": "2.61"
          },
          {
            "model": "dnsmasq",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "thekelleys",
            "version": "2.60"
          },
          {
            "model": "dnsmasq",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "thekelleys",
            "version": "2.6"
          },
          {
            "model": "dnsmasq",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "thekelleys",
            "version": "2.59"
          },
          {
            "model": "dnsmasq",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "thekelleys",
            "version": "2.58"
          },
          {
            "model": "dnsmasq",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "thekelleys",
            "version": "2.57"
          },
          {
            "model": "dnsmasq",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "thekelleys",
            "version": "2.56"
          },
          {
            "model": "dnsmasq",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "thekelleys",
            "version": "2.55"
          },
          {
            "model": "dnsmasq",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "thekelleys",
            "version": "2.54"
          },
          {
            "model": "dnsmasq",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "thekelleys",
            "version": "2.53"
          },
          {
            "model": "dnsmasq",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "thekelleys",
            "version": "2.52"
          },
          {
            "model": "dnsmasq",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "thekelleys",
            "version": "2.51"
          },
          {
            "model": "dnsmasq",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "thekelleys",
            "version": "2.50"
          },
          {
            "model": "dnsmasq",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "thekelleys",
            "version": "2.49"
          },
          {
            "model": "dnsmasq",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "thekelleys",
            "version": "2.48"
          },
          {
            "model": "dnsmasq",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "thekelleys",
            "version": "2.47"
          },
          {
            "model": "dnsmasq",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "thekelleys",
            "version": "2.46"
          },
          {
            "model": "dnsmasq",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "thekelleys",
            "version": "2.45"
          },
          {
            "model": "dnsmasq",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "thekelleys",
            "version": "2.44"
          },
          {
            "model": "dnsmasq",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "thekelleys",
            "version": "2.43"
          },
          {
            "model": "dnsmasq",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "thekelleys",
            "version": "2.42"
          },
          {
            "model": "dnsmasq",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "thekelleys",
            "version": "2.41"
          },
          {
            "model": "dnsmasq",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "thekelleys",
            "version": "2.40"
          },
          {
            "model": "dnsmasq",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "thekelleys",
            "version": "2.4"
          },
          {
            "model": "dnsmasq",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "thekelleys",
            "version": "2.38"
          },
          {
            "model": "dnsmasq",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "thekelleys",
            "version": "2.37"
          },
          {
            "model": "dnsmasq",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "thekelleys",
            "version": "2.36"
          },
          {
            "model": "dnsmasq",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "thekelleys",
            "version": "2.35"
          },
          {
            "model": "dnsmasq",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "thekelleys",
            "version": "2.34"
          },
          {
            "model": "dnsmasq",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "thekelleys",
            "version": "2.33"
          },
          {
            "model": "dnsmasq",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "thekelleys",
            "version": "2.30"
          },
          {
            "model": "dnsmasq",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "thekelleys",
            "version": "2.29"
          },
          {
            "model": "dnsmasq",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "thekelleys",
            "version": "2.28"
          },
          {
            "model": "dnsmasq",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "thekelleys",
            "version": "2.27"
          },
          {
            "model": "dnsmasq",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "thekelleys",
            "version": "2.26"
          },
          {
            "model": "dnsmasq",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "thekelleys",
            "version": "2.25"
          },
          {
            "model": "dnsmasq",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "thekelleys",
            "version": "2.24"
          },
          {
            "model": "dnsmasq",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "thekelleys",
            "version": "2.23"
          },
          {
            "model": "dnsmasq",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "thekelleys",
            "version": "2.22"
          },
          {
            "model": "dnsmasq",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "thekelleys",
            "version": "2.21"
          },
          {
            "model": "dnsmasq",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "thekelleys",
            "version": "2.20"
          },
          {
            "model": "dnsmasq",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "thekelleys",
            "version": "2.2"
          },
          {
            "model": "dnsmasq",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "thekelleys",
            "version": "2.19"
          },
          {
            "model": "dnsmasq",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "thekelleys",
            "version": "2.18"
          },
          {
            "model": "dnsmasq",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "thekelleys",
            "version": "2.17"
          },
          {
            "model": "dnsmasq",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "thekelleys",
            "version": "2.16"
          },
          {
            "model": "dnsmasq",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "thekelleys",
            "version": "2.15"
          },
          {
            "model": "dnsmasq",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "thekelleys",
            "version": "2.14"
          },
          {
            "model": "dnsmasq",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "thekelleys",
            "version": "2.13"
          },
          {
            "model": "dnsmasq",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "thekelleys",
            "version": "2.12"
          },
          {
            "model": "dnsmasq",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "thekelleys",
            "version": "2.11"
          },
          {
            "model": "dnsmasq",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "thekelleys",
            "version": "2.10"
          },
          {
            "model": "dnsmasq",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "thekelleys",
            "version": "1.9"
          },
          {
            "model": "dnsmasq",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "thekelleys",
            "version": "1.8"
          },
          {
            "model": "dnsmasq",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "thekelleys",
            "version": "1.6"
          },
          {
            "model": "dnsmasq",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "thekelleys",
            "version": "1.5"
          },
          {
            "model": "dnsmasq",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "thekelleys",
            "version": "1.4"
          },
          {
            "model": "dnsmasq",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "thekelleys",
            "version": "1.3"
          },
          {
            "model": "dnsmasq",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "thekelleys",
            "version": "1.18"
          },
          {
            "model": "dnsmasq",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "thekelleys",
            "version": "1.17"
          },
          {
            "model": "dnsmasq",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "thekelleys",
            "version": "1.16"
          },
          {
            "model": "dnsmasq",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "thekelleys",
            "version": "1.15"
          },
          {
            "model": "dnsmasq",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "thekelleys",
            "version": "1.14"
          },
          {
            "model": "dnsmasq",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "thekelleys",
            "version": "1.13"
          },
          {
            "model": "dnsmasq",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "thekelleys",
            "version": "1.12"
          },
          {
            "model": "dnsmasq",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "thekelleys",
            "version": "1.11"
          },
          {
            "model": "dnsmasq",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "thekelleys",
            "version": "1.10"
          },
          {
            "model": "dnsmasq",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "thekelleys",
            "version": "1.0"
          },
          {
            "model": "dnsmasq",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "thekelleys",
            "version": "0.996"
          },
          {
            "model": "dnsmasq",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "thekelleys",
            "version": "0.992"
          },
          {
            "model": "dnsmasq",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "thekelleys",
            "version": "0.98"
          },
          {
            "model": "dnsmasq",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "thekelleys",
            "version": "0.96"
          },
          {
            "model": "dnsmasq",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "thekelleys",
            "version": "0.95"
          },
          {
            "model": "dnsmasq",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "thekelleys",
            "version": "0.7"
          },
          {
            "model": "dnsmasq",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "thekelleys",
            "version": "0.6"
          },
          {
            "model": "dnsmasq",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "thekelleys",
            "version": "0.5"
          },
          {
            "model": "dnsmasq",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "thekelleys",
            "version": "0.4"
          },
          {
            "model": "linux",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "slackware",
            "version": "14.2"
          },
          {
            "model": "linux",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "slackware",
            "version": "14.1"
          },
          {
            "model": "linux",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "slackware",
            "version": "14.0"
          },
          {
            "model": "linux",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "slackware",
            "version": "13.37"
          },
          {
            "model": "linux",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "slackware",
            "version": "13.1"
          },
          {
            "model": "linux",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "slackware",
            "version": "13.0"
          },
          {
            "model": "enterprise linux workstation optional",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "redhat",
            "version": "7"
          },
          {
            "model": "enterprise linux workstation optional",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "redhat",
            "version": "6"
          },
          {
            "model": "enterprise linux workstation",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "redhat",
            "version": "7"
          },
          {
            "model": "enterprise linux workstation",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "redhat",
            "version": "6"
          },
          {
            "model": "enterprise linux server tus",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "redhat",
            "version": "6.6"
          },
          {
            "model": "enterprise linux server tus",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "redhat",
            "version": "6.5"
          },
          {
            "model": "enterprise linux server optional eus",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "redhat",
            "version": "7.3"
          },
          {
            "model": "enterprise linux server optional eus",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "redhat",
            "version": "7.2"
          },
          {
            "model": "enterprise linux server optional eus",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "redhat",
            "version": "6.5"
          },
          {
            "model": "enterprise linux server optional aus",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "redhat",
            "version": "6.6"
          },
          {
            "model": "enterprise linux server optional aus",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "redhat",
            "version": "6.5"
          },
          {
            "model": "enterprise linux server optional aus",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "redhat",
            "version": "6.4"
          },
          {
            "model": "enterprise linux server optional",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "redhat",
            "version": "7"
          },
          {
            "model": "enterprise linux server optional",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "redhat",
            "version": "6"
          },
          {
            "model": "enterprise linux server for arm",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "redhat",
            "version": "7"
          },
          {
            "model": "enterprise linux server eus",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "redhat",
            "version": "7.3"
          },
          {
            "model": "enterprise linux server eus",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "redhat",
            "version": "7.2"
          },
          {
            "model": "enterprise linux server aus",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "redhat",
            "version": "6.6"
          },
          {
            "model": "enterprise linux server aus",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "redhat",
            "version": "6.5"
          },
          {
            "model": "enterprise linux server aus",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "redhat",
            "version": "6.4"
          },
          {
            "model": "enterprise linux server aus",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "redhat",
            "version": "6.2"
          },
          {
            "model": "enterprise linux server tus",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "redhat",
            "version": "-7.4"
          },
          {
            "model": "enterprise linux server tus",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "redhat",
            "version": "-7.3"
          },
          {
            "model": "enterprise linux server tus",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "redhat",
            "version": "-7.2"
          },
          {
            "model": "enterprise linux server extended update support",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "redhat",
            "version": "-7.4"
          },
          {
            "model": "enterprise linux server extended update support",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "redhat",
            "version": "-7.2"
          },
          {
            "model": "enterprise linux server extended update suppor",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "redhat",
            "version": "-7.3"
          },
          {
            "model": "enterprise linux server aus",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "redhat",
            "version": "-7.4"
          },
          {
            "model": "enterprise linux server aus",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "redhat",
            "version": "-7.3"
          },
          {
            "model": "enterprise linux server aus",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "redhat",
            "version": "-7.2"
          },
          {
            "model": "enterprise linux server year extended update support",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "redhat",
            "version": "-47.2"
          },
          {
            "model": "enterprise linux server year extended upd",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "redhat",
            "version": "-47.3"
          },
          {
            "model": "enterprise linux server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "redhat",
            "version": "7"
          },
          {
            "model": "enterprise linux server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "redhat",
            "version": "6"
          },
          {
            "model": "enterprise linux server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "redhat",
            "version": "5"
          },
          {
            "model": "enterprise linux long life server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "redhat",
            "version": "5.9"
          },
          {
            "model": "enterprise linux hpc node optional",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "redhat",
            "version": "6"
          },
          {
            "model": "enterprise linux hpc node",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "redhat",
            "version": "6"
          },
          {
            "model": "enterprise linux for scientific computing",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "redhat",
            "version": "7"
          },
          {
            "model": "enterprise linux for power little endian extended update supp",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "redhat",
            "version": "-7.4"
          },
          {
            "model": "enterprise linux for power little endian",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "redhat",
            "version": "7"
          },
          {
            "model": "enterprise linux for power big endian extended update support",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "redhat",
            "version": "-7.4"
          },
          {
            "model": "enterprise linux for power big endian",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "redhat",
            "version": "7"
          },
          {
            "model": "enterprise linux for power little endian extended update suppo",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "redhat",
            "version": "-7.3"
          },
          {
            "model": "enterprise linux for power little endian extended update suppo",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "redhat",
            "version": "-7.2"
          },
          {
            "model": "enterprise linux for power big endian extended update support",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "redhat",
            "version": "-7.3"
          },
          {
            "model": "enterprise linux for power big endian extended update support",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "redhat",
            "version": "-7.2"
          },
          {
            "model": "enterprise linux for ibm z systems extended update support",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "redhat",
            "version": "-7.4"
          },
          {
            "model": "enterprise linux for ibm z systems extended update support",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "redhat",
            "version": "-7.3"
          },
          {
            "model": "enterprise linux for ibm z systems extended update support",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "redhat",
            "version": "-7.2"
          },
          {
            "model": "enterprise linux for ibm z systems",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "redhat",
            "version": "7"
          },
          {
            "model": "enterprise linux eus compute node",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "redhat",
            "version": "7.4"
          },
          {
            "model": "enterprise linux eus compute node",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "redhat",
            "version": "7.3"
          },
          {
            "model": "enterprise linux eus compute node",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "redhat",
            "version": "7.2"
          },
          {
            "model": "enterprise linux desktop optional",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "redhat",
            "version": "6"
          },
          {
            "model": "enterprise linux desktop",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "redhat",
            "version": "7"
          },
          {
            "model": "enterprise linux desktop",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "redhat",
            "version": "6"
          },
          {
            "model": "enterprise linux computenode optional eus",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "redhat",
            "version": "7.3"
          },
          {
            "model": "enterprise linux computenode optional eus",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "redhat",
            "version": "7.2"
          },
          {
            "model": "enterprise linux computenode optional",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "redhat",
            "version": "7"
          },
          {
            "model": "enterprise linux computenode eus",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "redhat",
            "version": "7.3"
          },
          {
            "model": "enterprise linux computenode eus",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "redhat",
            "version": "7.2"
          },
          {
            "model": "enterprise linux computenode",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "redhat",
            "version": "7"
          },
          {
            "model": "linux",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "oracle",
            "version": "7"
          },
          {
            "model": "linux",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "oracle",
            "version": "6"
          },
          {
            "model": "leap",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "opensuse",
            "version": "42.3"
          },
          {
            "model": "leap",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "opensuse",
            "version": "42.2"
          },
          {
            "model": "kubernetes",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "kubernetes",
            "version": "1.7.6"
          },
          {
            "model": "kubernetes",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "kubernetes",
            "version": "1.7"
          },
          {
            "model": "kubernetes",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "kubernetes",
            "version": "1.6.10"
          },
          {
            "model": "kubernetes",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "kubernetes",
            "version": "1.6"
          },
          {
            "model": "kubernetes",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "kubernetes",
            "version": "1.5.7"
          },
          {
            "model": "kubernetes",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "kubernetes",
            "version": "1.5"
          },
          {
            "model": "kubernetes",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "kubernetes",
            "version": "1.2"
          },
          {
            "model": "fedora",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "fedoraproject",
            "version": "27"
          },
          {
            "model": "linux sparc",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "debian",
            "version": "6.0"
          },
          {
            "model": "linux s/390",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "debian",
            "version": "6.0"
          },
          {
            "model": "linux powerpc",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "debian",
            "version": "6.0"
          },
          {
            "model": "linux mips",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "debian",
            "version": "6.0"
          },
          {
            "model": "linux ia-64",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "debian",
            "version": "6.0"
          },
          {
            "model": "linux ia-32",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "debian",
            "version": "6.0"
          },
          {
            "model": "linux ia-30",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "debian",
            "version": "6.0"
          },
          {
            "model": "linux arm",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "debian",
            "version": "6.0"
          },
          {
            "model": "linux amd64",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "debian",
            "version": "6.0"
          },
          {
            "model": "centos",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "centos",
            "version": "7"
          },
          {
            "model": "centos",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "centos",
            "version": "6"
          },
          {
            "model": "dnsmasq",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "thekelleys",
            "version": "2.78"
          },
          {
            "model": "kubernetes",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "kubernetes",
            "version": "1.8"
          },
          {
            "model": "kubernetes",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "kubernetes",
            "version": "1.7.7"
          },
          {
            "model": "kubernetes",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "kubernetes",
            "version": "1.6.11"
          },
          {
            "model": "kubernetes",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "kubernetes",
            "version": "1.5.8"
          }
        ],
        "sources": [
          {
            "db": "CERT/CC",
            "id": "VU#973527"
          },
          {
            "db": "BID",
            "id": "101977"
          },
          {
            "db": "BID",
            "id": "101085"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2017-008623"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201709-742"
          },
          {
            "db": "NVD",
            "id": "CVE-2017-14496"
          }
        ]
      },
      "configurations": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/configurations#",
          "children": {
            "@container": "@list"
          },
          "cpe_match": {
            "@container": "@list"
          },
          "data": {
            "@container": "@list"
          },
          "nodes": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "CVE_data_version": "4.0",
            "nodes": [
              {
                "cpe_match": [
                  {
                    "cpe22Uri": "cpe:/o:canonical:ubuntu",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:debian:debian_linux",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:google:android",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:opensuse_project:leap",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/a:thekelleys:dnsmasq",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:redhat:enterprise_linux_desktop",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:redhat:enterprise_linux_server",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:redhat:enterprise_linux_workstation",
                    "vulnerable": true
                  }
                ],
                "operator": "OR"
              }
            ]
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2017-008623"
          }
        ]
      },
      "credits": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/credits#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "Gabriel Campana, Kevin Hamacher and Ron Bowes of the Google Security Team,Felix Wilhelm, Fermin J. Serna",
        "sources": [
          {
            "db": "CNNVD",
            "id": "CNNVD-201709-742"
          }
        ],
        "trust": 0.6
      },
      "cve": "CVE-2017-14496",
      "cvss": {
        "@context": {
          "cvssV2": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
          },
          "cvssV3": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
          },
          "severity": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/cvss/severity#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/severity"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            },
            "@id": "https://www.variotdbs.pl/ref/sources"
          }
        },
        "data": [
          {
            "cvssV2": [
              {
                "accessComplexity": "LOW",
                "accessVector": "NETWORK",
                "authentication": "NONE",
                "author": "nvd@nist.gov",
                "availabilityImpact": "COMPLETE",
                "baseScore": 7.8,
                "confidentialityImpact": "NONE",
                "exploitabilityScore": 10.0,
                "id": "CVE-2017-14496",
                "impactScore": 6.9,
                "integrityImpact": "NONE",
                "severity": "HIGH",
                "trust": 1.9,
                "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:C",
                "version": "2.0"
              }
            ],
            "cvssV3": [
              {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "author": "nvd@nist.gov",
                "availabilityImpact": "HIGH",
                "baseScore": 7.5,
                "baseSeverity": "HIGH",
                "confidentialityImpact": "NONE",
                "exploitabilityScore": 3.9,
                "id": "CVE-2017-14496",
                "impactScore": 3.6,
                "integrityImpact": "NONE",
                "privilegesRequired": "NONE",
                "scope": "UNCHANGED",
                "trust": 1.8,
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
                "version": "3.0"
              }
            ],
            "severity": [
              {
                "author": "nvd@nist.gov",
                "id": "CVE-2017-14496",
                "trust": 1.0,
                "value": "HIGH"
              },
              {
                "author": "NVD",
                "id": "CVE-2017-14496",
                "trust": 0.8,
                "value": "High"
              },
              {
                "author": "CNNVD",
                "id": "CNNVD-201709-742",
                "trust": 0.6,
                "value": "HIGH"
              },
              {
                "author": "VULMON",
                "id": "CVE-2017-14496",
                "trust": 0.1,
                "value": "HIGH"
              }
            ]
          }
        ],
        "sources": [
          {
            "db": "VULMON",
            "id": "CVE-2017-14496"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2017-008623"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201709-742"
          },
          {
            "db": "NVD",
            "id": "CVE-2017-14496"
          }
        ]
      },
      "description": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/description#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "Integer underflow in the add_pseudoheader function in dnsmasq before 2.78 , when the --add-mac, --add-cpe-id or --add-subnet option is specified, allows remote attackers to cause a denial of service via a crafted DNS request. Dnsmasq versions 2.77 and earlier contains multiple vulnerabilities. dnsmasq Contains an integer underflow vulnerability.Service operation interruption (DoS) There is a possibility of being put into a state. Multiple Siemens SCALANCE Products are prone to the following security vulnerabilities:\n1. A buffer-overflow vulnerability\n2. Multiple denial-of-service vulnerabilities\nAttackers can exploit these issues to execute arbitrary code within the  context of affected device or cause a denial-of-service condition. \nThis BID is being retired as a duplicate of BID 101085 Dnsmasq VU#973527 Multiple Security Vulnerabilities. -----BEGIN PGP SIGNED MESSAGE-----\nHash: SHA1\n\n=====================================================================\n                   Red Hat Security Advisory\n\nSynopsis:          Critical: dnsmasq security update\nAdvisory ID:       RHSA-2017:2836-01\nProduct:           Red Hat Enterprise Linux\nAdvisory URL:      https://access.redhat.com/errata/RHSA-2017:2836\nIssue date:        2017-10-02\nCVE Names:         CVE-2017-14491 CVE-2017-14492 CVE-2017-14493 \n                   CVE-2017-14494 CVE-2017-14495 CVE-2017-14496 \n=====================================================================\n\n1. Summary:\n\nAn update for dnsmasq is now available for Red Hat Enterprise Linux 7. \n\nRed Hat Product Security has rated this update as having a security impact\nof Critical. A Common Vulnerability Scoring System (CVSS) base score, which\ngives a detailed severity rating, is available for each vulnerability from\nthe CVE link(s) in the References section. \n\n2. Relevant releases/architectures:\n\nRed Hat Enterprise Linux Client (v. 7) - x86_64\nRed Hat Enterprise Linux Client Optional (v. 7) - x86_64\nRed Hat Enterprise Linux ComputeNode (v. 7) - x86_64\nRed Hat Enterprise Linux ComputeNode Optional (v. 7) - x86_64\nRed Hat Enterprise Linux Server (v. 7) - aarch64, ppc64, ppc64le, s390x, x86_64\nRed Hat Enterprise Linux Server Optional (v. 7) - aarch64, ppc64, ppc64le, s390x, x86_64\nRed Hat Enterprise Linux Workstation (v. 7) - x86_64\nRed Hat Enterprise Linux Workstation Optional (v. 7) - x86_64\n\n3. Description:\n\nThe dnsmasq packages contain Dnsmasq, a lightweight DNS (Domain Name\nServer) forwarder and DHCP (Dynamic Host Configuration Protocol) server. \n\nSecurity Fix(es):\n\n* A heap buffer overflow was found in dnsmasq in the code responsible for\nbuilding DNS replies. An attacker could send crafted DNS packets to dnsmasq\nwhich would cause it to crash or, potentially, execute arbitrary code. \n(CVE-2017-14491)\n\n* A heap buffer overflow was discovered in dnsmasq in the IPv6 router\nadvertisement (RA) handling code. This issue only affected\nconfigurations using one of these options: enable-ra, ra-only, slaac,\nra-names, ra-advrouter, or ra-stateless. (CVE-2017-14492)\n\n* A stack buffer overflow was found in dnsmasq in the DHCPv6 code. (CVE-2017-14493)\n\n* An information leak was found in dnsmasq in the DHCPv6 relay code. An\nattacker on the local network could send crafted DHCPv6 packets to dnsmasq\ncausing it to forward the contents of process memory, potentially leaking\nsensitive data. (CVE-2017-14494)\n\n* A memory exhaustion flaw was found in dnsmasq in the EDNS0 code. An\nattacker could send crafted DNS packets which would trigger memory\nallocations which would never be freed, leading to unbounded memory\nconsumption and eventually a crash. This issue only affected configurations\nusing one of the options: add-mac, add-cpe-id, or add-subnet. \n(CVE-2017-14495)\n\n* An integer underflow flaw leading to a buffer over-read was found in\ndnsmasq in the EDNS0 code. An attacker could send crafted DNS packets to\ndnsmasq which would cause it to crash. This issue only affected\nconfigurations using one of the options: add-mac, add-cpe-id, or\nadd-subnet. (CVE-2017-14496)\n\nRed Hat would like to thank Felix Wilhelm (Google Security Team), Fermin J. \nSerna (Google Security Team), Gabriel Campana (Google Security Team), Kevin\nHamacher (Google Security Team), and Ron Bowes (Google Security Team) for\nreporting these issues. \n\n4. Solution:\n\nFor details on how to apply this update, which includes the changes\ndescribed in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\n5. Bugs fixed (https://bugzilla.redhat.com/):\n\n1495409 - CVE-2017-14491 dnsmasq: heap overflow in the code responsible for building DNS replies\n1495410 - CVE-2017-14492 dnsmasq: heap overflow in the IPv6 router advertisement code\n1495411 - CVE-2017-14493 dnsmasq: stack buffer overflow in the DHCPv6 code\n1495412 - CVE-2017-14494 dnsmasq: information leak in the DHCPv6 relay code\n1495415 - CVE-2017-14495 dnsmasq: memory exhaustion vulnerability in the EDNS0 code\n1495416 - CVE-2017-14496 dnsmasq: integer underflow leading to buffer over-read in the EDNS0 code\n\n6. Package List:\n\nRed Hat Enterprise Linux Client (v. 7):\n\nSource:\ndnsmasq-2.76-2.el7_4.2.src.rpm\n\nx86_64:\ndnsmasq-2.76-2.el7_4.2.x86_64.rpm\ndnsmasq-debuginfo-2.76-2.el7_4.2.x86_64.rpm\n\nRed Hat Enterprise Linux Client Optional (v. 7):\n\nx86_64:\ndnsmasq-debuginfo-2.76-2.el7_4.2.x86_64.rpm\ndnsmasq-utils-2.76-2.el7_4.2.x86_64.rpm\n\nRed Hat Enterprise Linux ComputeNode (v. 7):\n\nSource:\ndnsmasq-2.76-2.el7_4.2.src.rpm\n\nx86_64:\ndnsmasq-2.76-2.el7_4.2.x86_64.rpm\ndnsmasq-debuginfo-2.76-2.el7_4.2.x86_64.rpm\n\nRed Hat Enterprise Linux ComputeNode Optional (v. 7):\n\nx86_64:\ndnsmasq-debuginfo-2.76-2.el7_4.2.x86_64.rpm\ndnsmasq-utils-2.76-2.el7_4.2.x86_64.rpm\n\nRed Hat Enterprise Linux Server (v. 7):\n\nSource:\ndnsmasq-2.76-2.el7_4.2.src.rpm\n\naarch64:\ndnsmasq-2.76-2.el7_4.2.aarch64.rpm\ndnsmasq-debuginfo-2.76-2.el7_4.2.aarch64.rpm\n\nppc64:\ndnsmasq-2.76-2.el7_4.2.ppc64.rpm\ndnsmasq-debuginfo-2.76-2.el7_4.2.ppc64.rpm\n\nppc64le:\ndnsmasq-2.76-2.el7_4.2.ppc64le.rpm\ndnsmasq-debuginfo-2.76-2.el7_4.2.ppc64le.rpm\n\ns390x:\ndnsmasq-2.76-2.el7_4.2.s390x.rpm\ndnsmasq-debuginfo-2.76-2.el7_4.2.s390x.rpm\n\nx86_64:\ndnsmasq-2.76-2.el7_4.2.x86_64.rpm\ndnsmasq-debuginfo-2.76-2.el7_4.2.x86_64.rpm\n\nRed Hat Enterprise Linux Server Optional (v. 7):\n\naarch64:\ndnsmasq-debuginfo-2.76-2.el7_4.2.aarch64.rpm\ndnsmasq-utils-2.76-2.el7_4.2.aarch64.rpm\n\nppc64:\ndnsmasq-debuginfo-2.76-2.el7_4.2.ppc64.rpm\ndnsmasq-utils-2.76-2.el7_4.2.ppc64.rpm\n\nppc64le:\ndnsmasq-debuginfo-2.76-2.el7_4.2.ppc64le.rpm\ndnsmasq-utils-2.76-2.el7_4.2.ppc64le.rpm\n\ns390x:\ndnsmasq-debuginfo-2.76-2.el7_4.2.s390x.rpm\ndnsmasq-utils-2.76-2.el7_4.2.s390x.rpm\n\nx86_64:\ndnsmasq-debuginfo-2.76-2.el7_4.2.x86_64.rpm\ndnsmasq-utils-2.76-2.el7_4.2.x86_64.rpm\n\nRed Hat Enterprise Linux Workstation (v. 7):\n\nSource:\ndnsmasq-2.76-2.el7_4.2.src.rpm\n\nx86_64:\ndnsmasq-2.76-2.el7_4.2.x86_64.rpm\ndnsmasq-debuginfo-2.76-2.el7_4.2.x86_64.rpm\n\nRed Hat Enterprise Linux Workstation Optional (v. 7):\n\nx86_64:\ndnsmasq-debuginfo-2.76-2.el7_4.2.x86_64.rpm\ndnsmasq-utils-2.76-2.el7_4.2.x86_64.rpm\n\nThese packages are GPG signed by Red Hat for security.  Our key and\ndetails on how to verify the signature are available from\nhttps://access.redhat.com/security/team/key/\n\n7. References:\n\nhttps://access.redhat.com/security/cve/CVE-2017-14491\nhttps://access.redhat.com/security/cve/CVE-2017-14492\nhttps://access.redhat.com/security/cve/CVE-2017-14493\nhttps://access.redhat.com/security/cve/CVE-2017-14494\nhttps://access.redhat.com/security/cve/CVE-2017-14495\nhttps://access.redhat.com/security/cve/CVE-2017-14496\nhttps://access.redhat.com/security/updates/classification/#critical\nhttps://access.redhat.com/security/vulnerabilities/3199382\n\n8. Contact:\n\nThe Red Hat security contact is \u003csecalert@redhat.com\u003e. More contact\ndetails at https://access.redhat.com/security/team/contact/\n\nCopyright 2017 Red Hat, Inc. \n-----BEGIN PGP SIGNATURE-----\nVersion: GnuPG v1\n\niD8DBQFZ0opYXlSAg2UNWIIRAr0dAJ9rIL1FgNTJUf2I9jjKFFlfkCd/kwCfV+bX\nSfoCV7+qG2nwqlHKLZOlhIU=\n=iWfU\n-----END PGP SIGNATURE-----\n\n--\nRHSA-announce mailing list\nRHSA-announce@redhat.com\nhttps://www.redhat.com/mailman/listinfo/rhsa-announce\n. \n===========================================================================\nUbuntu Security Notice USN-3430-3\nJanuary 04, 2018\n\ndnsmasq regression\n===========================================================================\n\nA security issue affects these releases of Ubuntu and its derivatives:\n\n- Ubuntu 12.04 ESM\n\nSummary:\n\nUSN-3430-2 introduced regression in Dnsmasq. \n\nSoftware Description:\n- dnsmasq: Small caching DNS proxy and DHCP/TFTP server\n\nDetails:\n\nUSN-3430-2 fixed several vulnerabilities. The update introduced a new\nregression that breaks DNS resolution. This update addresses the\nproblem. \n\nWe apologize for the inconvenience. \n\nOriginal advisory details:\n\nFelix Wilhelm, Fermin J. Serna, Gabriel Campana and Kevin Hamacher\ndiscovered that Dnsmasq incorrectly handled DNS requests. \n(CVE-2017-14491)\n\nFelix Wilhelm, Fermin J. (CVE-2017-14492)\n\nFelix Wilhelm, Fermin J. Serna, Gabriel Campana and Kevin Hamacher\ndiscovered that Dnsmasq incorrectly handled DHCPv6 requests. \n(CVE-2017-14493)\n\nFelix Wilhelm, Fermin J. Serna, Gabriel Campana and Kevin Hamacher\ndiscovered that Dnsmasq incorrectly handled DHCPv6 packets. (CVE-2017-14494)\n\nFelix Wilhelm, Fermin J. Serna, Gabriel Campana and Kevin Hamacher\ndiscovered that Dnsmasq incorrectly handled DNS requests. (CVE-2017-14495)\n\nFelix Wilhelm, Fermin J. Serna, Gabriel Campana and Kevin Hamacher\ndiscovered that Dnsmasq incorrectly handled DNS requests. (CVE-2017-14496)\n\nUpdate instructions:\n\nThe problem can be corrected by updating your system to the following\npackage versions:\n\nUbuntu 12.04 ESM:\n dnsmasq=C2=A02.59-4ubuntu0.4\n dnsmasq-base2.59-4ubuntu0.4\n dnsmasq-utils2.59-4ubuntu0.4\n\nAfter a standard system update you need to reboot your computer to make\nall the necessary changes. \n\nAffected packages\n=================\n\n    -------------------------------------------------------------------\n     Package              /     Vulnerable     /            Unaffected\n    -------------------------------------------------------------------\n  1  net-dns/dnsmasq               \u003c 2.78                     \u003e= 2.78 \n\nDescription\n===========\n\nMultiple vulnerabilities have been discovered in Dnsmasq. \n\nWorkaround\n==========\n\nThere is no known workaround at this time. \n\nResolution\n==========\n\nAll Dnsmasq users should upgrade to the latest version:\n\n  # emerge --sync\n  # emerge --ask --oneshot --verbose \"\u003e=net-dns/dnsmasq-2.78\"\n\nReferences\n==========\n\n[ 1 ] CVE-2017-14491\n      https://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-14491\n[ 2 ] CVE-2017-14492\n      https://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-14492\n[ 3 ] CVE-2017-14493\n      https://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-14493\n[ 4 ] CVE-2017-14494\n      https://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-14494\n[ 5 ] CVE-2017-14495\n      https://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-14495\n[ 6 ] CVE-2017-14496\n      https://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-14496\n\nAvailability\n============\n\nThis GLSA and any updates to it are available for viewing at\nthe Gentoo Security Website:\n\n https://security.gentoo.org/glsa/201710-27\n\nConcerns?\n=========\n\nSecurity is a primary focus of Gentoo Linux and ensuring the\nconfidentiality and security of our users\u0027 machines is of utmost\nimportance to us. Any security concerns should be addressed to\nsecurity@gentoo.org or alternatively, you may file a bug at\nhttps://bugs.gentoo.org. \n\nLicense\n=======\n\nCopyright 2017 Gentoo Foundation, Inc; referenced text\nbelongs to its owner(s). \n\nThe contents of this document are licensed under the\nCreative Commons - Attribution / Share Alike license. \n\nhttp://creativecommons.org/licenses/by-sa/2.5\n",
        "sources": [
          {
            "db": "NVD",
            "id": "CVE-2017-14496"
          },
          {
            "db": "CERT/CC",
            "id": "VU#973527"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2017-008623"
          },
          {
            "db": "BID",
            "id": "101977"
          },
          {
            "db": "BID",
            "id": "101085"
          },
          {
            "db": "VULMON",
            "id": "CVE-2017-14496"
          },
          {
            "db": "PACKETSTORM",
            "id": "144490"
          },
          {
            "db": "PACKETSTORM",
            "id": "144484"
          },
          {
            "db": "PACKETSTORM",
            "id": "145652"
          },
          {
            "db": "PACKETSTORM",
            "id": "144469"
          },
          {
            "db": "PACKETSTORM",
            "id": "144706"
          }
        ],
        "trust": 3.42
      },
      "exploit_availability": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/exploit_availability#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "reference": "https://vulmon.com/exploitdetails?qidtp=exploitdb\u0026qid=42946",
            "trust": 0.1,
            "type": "exploit"
          }
        ],
        "sources": [
          {
            "db": "VULMON",
            "id": "CVE-2017-14496"
          }
        ]
      },
      "external_ids": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/external_ids#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "db": "CERT/CC",
            "id": "VU#973527",
            "trust": 3.6
          },
          {
            "db": "NVD",
            "id": "CVE-2017-14496",
            "trust": 3.6
          },
          {
            "db": "BID",
            "id": "101085",
            "trust": 2.0
          },
          {
            "db": "ICS CERT",
            "id": "ICSA-17-332-01",
            "trust": 2.0
          },
          {
            "db": "BID",
            "id": "101977",
            "trust": 1.4
          },
          {
            "db": "SECTRACK",
            "id": "1039474",
            "trust": 1.1
          },
          {
            "db": "SIEMENS",
            "id": "SSA-689071",
            "trust": 1.1
          },
          {
            "db": "EXPLOIT-DB",
            "id": "42946",
            "trust": 1.1
          },
          {
            "db": "JVN",
            "id": "JVNVU93453933",
            "trust": 0.8
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2017-008623",
            "trust": 0.8
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201709-742",
            "trust": 0.6
          },
          {
            "db": "VULMON",
            "id": "CVE-2017-14496",
            "trust": 0.1
          },
          {
            "db": "PACKETSTORM",
            "id": "144490",
            "trust": 0.1
          },
          {
            "db": "PACKETSTORM",
            "id": "144484",
            "trust": 0.1
          },
          {
            "db": "PACKETSTORM",
            "id": "145652",
            "trust": 0.1
          },
          {
            "db": "PACKETSTORM",
            "id": "144469",
            "trust": 0.1
          },
          {
            "db": "PACKETSTORM",
            "id": "144706",
            "trust": 0.1
          }
        ],
        "sources": [
          {
            "db": "CERT/CC",
            "id": "VU#973527"
          },
          {
            "db": "VULMON",
            "id": "CVE-2017-14496"
          },
          {
            "db": "BID",
            "id": "101977"
          },
          {
            "db": "BID",
            "id": "101085"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2017-008623"
          },
          {
            "db": "PACKETSTORM",
            "id": "144490"
          },
          {
            "db": "PACKETSTORM",
            "id": "144484"
          },
          {
            "db": "PACKETSTORM",
            "id": "145652"
          },
          {
            "db": "PACKETSTORM",
            "id": "144469"
          },
          {
            "db": "PACKETSTORM",
            "id": "144706"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201709-742"
          },
          {
            "db": "NVD",
            "id": "CVE-2017-14496"
          }
        ]
      },
      "id": "VAR-201710-0452",
      "iot": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/iot#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": true,
        "sources": [
          {
            "db": "VARIoT devices database",
            "id": null
          }
        ],
        "trust": 0.25396827
      },
      "last_update_date": "2025-04-20T22:54:26.990000Z",
      "patch": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/patch#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "title": "Android Security Bulletin-October 2017",
            "trust": 0.8,
            "url": "https://source.android.com/security/bulletin/2017-10-01"
          },
          {
            "title": "DSA-3989",
            "trust": 0.8,
            "url": "https://www.debian.org/security/2017/dsa-3989"
          },
          {
            "title": "Security Bulletin: NVIDIA Tegra Jetson L4T contains multiple vulnerabilities; updates for \u201cBlueBorne\u201d and \u201cDnsmasq\u201d.",
            "trust": 0.8,
            "url": "http://nvidia.custhelp.com/app/answers/detail/a_id/4561"
          },
          {
            "title": "openSUSE-SU-2017:2633",
            "trust": 0.8,
            "url": "https://lists.opensuse.org/opensuse-security-announce/2017-10/msg00006.html"
          },
          {
            "title": "RHSA-2017:2836",
            "trust": 0.8,
            "url": "https://access.redhat.com/errata/RHSA-2017:2836"
          },
          {
            "title": "CHANGELOG",
            "trust": 0.8,
            "url": "http://thekelleys.org.uk/dnsmasq/CHANGELOG"
          },
          {
            "title": "Security fix, CVE-2017-14496, Integer underflow in DNS response creation.",
            "trust": 0.8,
            "url": "http://thekelleys.org.uk/gitweb/?p=dnsmasq.git;a=commit;h=897c113fda0886a28a986cc6ba17bb93bd6cb1c7"
          },
          {
            "title": "USN-3430-2",
            "trust": 0.8,
            "url": "https://usn.ubuntu.com/usn/USN-3430-2/"
          },
          {
            "title": "USN-3430-1",
            "trust": 0.8,
            "url": "https://usn.ubuntu.com/usn/USN-3430-1/"
          },
          {
            "title": "dnsmasq: Multiple Critical and Important vulnerabilities",
            "trust": 0.8,
            "url": "https://access.redhat.com/security/vulnerabilities/3199382"
          },
          {
            "title": "The Register",
            "trust": 0.2,
            "url": "https://www.theregister.co.uk/2017/10/03/october_android_patches/"
          },
          {
            "title": "Red Hat: Critical: dnsmasq security update",
            "trust": 0.1,
            "url": "https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories\u0026qid=RHSA-20172836 - Security Advisory"
          },
          {
            "title": "Debian CVElist Bug Report Logs: dnsmasq: CVE-2017-13704: Size parameter overflow via large DNS query",
            "trust": 0.1,
            "url": "https://vulmon.com/vendoradvisory?qidtp=debian_cvelist_bugreportlogs\u0026qid=fa8aad66cae5df51d49e1cdce2fe4a42"
          },
          {
            "title": "Arch Linux Issues: ",
            "trust": 0.1,
            "url": "https://vulmon.com/vendoradvisory?qidtp=arch_linux_issues\u0026qid=CVE-2017-14496"
          },
          {
            "title": "Ubuntu Security Notice: dnsmasq vulnerabilities",
            "trust": 0.1,
            "url": "https://vulmon.com/vendoradvisory?qidtp=ubuntu_security_notice\u0026qid=USN-3430-2"
          },
          {
            "title": "Ubuntu Security Notice: dnsmasq regression",
            "trust": 0.1,
            "url": "https://vulmon.com/vendoradvisory?qidtp=ubuntu_security_notice\u0026qid=USN-3430-3"
          },
          {
            "title": "Ubuntu Security Notice: dnsmasq vulnerabilities",
            "trust": 0.1,
            "url": "https://vulmon.com/vendoradvisory?qidtp=ubuntu_security_notice\u0026qid=USN-3430-1"
          },
          {
            "title": "Debian Security Advisories: DSA-3989-1 dnsmasq -- security update",
            "trust": 0.1,
            "url": "https://vulmon.com/vendoradvisory?qidtp=debian_security_advisories\u0026qid=5c18698ecfe74c7de381531f8ed44dcf"
          },
          {
            "title": "Siemens Security Advisories: Siemens Security Advisory",
            "trust": 0.1,
            "url": "https://vulmon.com/vendoradvisory?qidtp=siemens_security_advisories\u0026qid=7f490a104360d6f65bee18ec7bfa18a3"
          },
          {
            "title": "Amazon Linux 2: ALAS2-2019-1251",
            "trust": 0.1,
            "url": "https://vulmon.com/vendoradvisory?qidtp=amazon_linux2\u0026qid=ALAS2-2019-1251"
          },
          {
            "title": "Amazon Linux AMI: ALAS-2017-907",
            "trust": 0.1,
            "url": "https://vulmon.com/vendoradvisory?qidtp=amazon_linux_ami\u0026qid=ALAS-2017-907"
          },
          {
            "title": "Arch Linux Advisories: [ASA-201710-1] dnsmasq: multiple issues",
            "trust": 0.1,
            "url": "https://vulmon.com/vendoradvisory?qidtp=arch_linux_advisories\u0026qid=ASA-201710-1"
          },
          {
            "title": "Android Security Bulletins: Android Security Bulletin\u2014October 2017",
            "trust": 0.1,
            "url": "https://vulmon.com/vendoradvisory?qidtp=android_security_bulletins\u0026qid=b392dd6315d6fbd5f702d9c6d94af9ba"
          },
          {
            "title": "Oracle Solaris Third Party Bulletins: Oracle Solaris Third Party Bulletin - October 2017",
            "trust": 0.1,
            "url": "https://vulmon.com/vendoradvisory?qidtp=oracle_solaris_third_party_bulletins\u0026qid=6283337cd31f81f24d445925f2138c0e"
          },
          {
            "title": "Oracle Linux Bulletins: Oracle Linux Bulletin - October 2017",
            "trust": 0.1,
            "url": "https://vulmon.com/vendoradvisory?qidtp=oracle_linux_bulletins\u0026qid=7251d5e5f2b1771951980ad7cfde50ba"
          },
          {
            "title": "Safe libc",
            "trust": 0.1,
            "url": "https://github.com/introspection-libc/main "
          },
          {
            "title": "What is this?\nHow does it work?\nHow to build the toolchain\nHow to build a program using the safe libc\nAnd in the real world?",
            "trust": 0.1,
            "url": "https://github.com/pekd/safe-libc "
          },
          {
            "title": "What is this?\nHow does it work?\nHow to build the toolchain\nHow to build a program using the safe libc\nAnd in the real world?",
            "trust": 0.1,
            "url": "https://github.com/introspection-libc/safe-libc "
          },
          {
            "title": "Awesome CVE PoC",
            "trust": 0.1,
            "url": "https://github.com/lnick2023/nicenice "
          },
          {
            "title": "Awesome CVE PoC",
            "trust": 0.1,
            "url": "https://github.com/xbl3/awesome-cve-poc_qazbnm456 "
          },
          {
            "title": "Awesome CVE PoC",
            "trust": 0.1,
            "url": "https://github.com/qazbnm456/awesome-cve-poc "
          },
          {
            "title": "Threatpost",
            "trust": 0.1,
            "url": "https://threatpost.com/google-warns-of-dos-and-rce-bugs-in-dnsmasq/128238/"
          }
        ],
        "sources": [
          {
            "db": "VULMON",
            "id": "CVE-2017-14496"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2017-008623"
          }
        ]
      },
      "problemtype_data": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "problemtype": "CWE-191",
            "trust": 1.8
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2017-008623"
          },
          {
            "db": "NVD",
            "id": "CVE-2017-14496"
          }
        ]
      },
      "references": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/references#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "trust": 2.9,
            "url": "https://www.kb.cert.org/vuls/id/973527"
          },
          {
            "trust": 2.8,
            "url": "https://security.googleblog.com/2017/10/behind-masq-yet-more-dns-and-dhcp.html"
          },
          {
            "trust": 2.3,
            "url": "http://www.securityfocus.com/bid/101085"
          },
          {
            "trust": 2.1,
            "url": "https://access.redhat.com/errata/rhsa-2017:2836"
          },
          {
            "trust": 2.0,
            "url": "https://source.android.com/security/bulletin/2017-10-01"
          },
          {
            "trust": 2.0,
            "url": "http://www.debian.org/security/2017/dsa-3989"
          },
          {
            "trust": 2.0,
            "url": "https://ics-cert.us-cert.gov/advisories/icsa-17-332-01"
          },
          {
            "trust": 1.7,
            "url": "http://www.thekelleys.org.uk/dnsmasq/doc.html"
          },
          {
            "trust": 1.4,
            "url": "http://www.ubuntu.com/usn/usn-3430-1"
          },
          {
            "trust": 1.3,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2017-14496"
          },
          {
            "trust": 1.2,
            "url": "https://www.exploit-db.com/exploits/42946/"
          },
          {
            "trust": 1.2,
            "url": "https://security.gentoo.org/glsa/201710-27"
          },
          {
            "trust": 1.2,
            "url": "http://www.ubuntu.com/usn/usn-3430-2"
          },
          {
            "trust": 1.2,
            "url": "https://access.redhat.com/security/vulnerabilities/3199382"
          },
          {
            "trust": 1.1,
            "url": "http://thekelleys.org.uk/dnsmasq/changelog"
          },
          {
            "trust": 1.1,
            "url": "http://www.securitytracker.com/id/1039474"
          },
          {
            "trust": 1.1,
            "url": "http://nvidia.custhelp.com/app/answers/detail/a_id/4561"
          },
          {
            "trust": 1.1,
            "url": "http://www.securityfocus.com/bid/101977"
          },
          {
            "trust": 1.1,
            "url": "https://www.synology.com/support/security/synology_sa_17_59_dnsmasq"
          },
          {
            "trust": 1.1,
            "url": "http://www.arubanetworks.com/assets/alert/aruba-psa-2017-005.txt"
          },
          {
            "trust": 1.1,
            "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-689071.pdf"
          },
          {
            "trust": 1.1,
            "url": "http://lists.opensuse.org/opensuse-security-announce/2017-10/msg00006.html"
          },
          {
            "trust": 1.1,
            "url": "http://thekelleys.org.uk/gitweb/?p=dnsmasq.git%3ba=commit%3bh=897c113fda0886a28a986cc6ba17bb93bd6cb1c7"
          },
          {
            "trust": 1.1,
            "url": "https://www.mail-archive.com/dnsmasq-discuss%40lists.thekelleys.org.uk/msg11665.html"
          },
          {
            "trust": 1.1,
            "url": "https://www.mail-archive.com/dnsmasq-discuss%40lists.thekelleys.org.uk/msg11664.html"
          },
          {
            "trust": 1.0,
            "url": "https://access.redhat.com/security/cve/cve-2017-14491"
          },
          {
            "trust": 1.0,
            "url": "https://access.redhat.com/security/cve/cve-2017-14492"
          },
          {
            "trust": 1.0,
            "url": "https://access.redhat.com/security/cve/cve-2017-14493"
          },
          {
            "trust": 1.0,
            "url": "https://access.redhat.com/security/cve/cve-2017-14494"
          },
          {
            "trust": 1.0,
            "url": "https://access.redhat.com/security/cve/cve-2017-14495"
          },
          {
            "trust": 1.0,
            "url": "https://access.redhat.com/security/cve/cve-2017-14496"
          },
          {
            "trust": 0.9,
            "url": "http://www.thekelleys.org.uk/dnsmasq/changelog"
          },
          {
            "trust": 0.9,
            "url": "https://github.com/google/security-research-pocs/blob/master/vulnerabilities/dnsmasq/cve-2017-14491.py"
          },
          {
            "trust": 0.9,
            "url": "https://github.com/google/security-research-pocs/blob/master/vulnerabilities/dnsmasq/cve-2017-14492.py"
          },
          {
            "trust": 0.9,
            "url": "https://github.com/google/security-research-pocs/blob/master/vulnerabilities/dnsmasq/cve-2017-14493.py"
          },
          {
            "trust": 0.9,
            "url": "https://github.com/google/security-research-pocs/blob/master/vulnerabilities/dnsmasq/cve-2017-14494.py"
          },
          {
            "trust": 0.9,
            "url": "https://github.com/google/security-research-pocs/blob/master/vulnerabilities/dnsmasq/cve-2017-14495.py"
          },
          {
            "trust": 0.9,
            "url": "https://github.com/kubernetes/kubernetes/blob/master/changelog.md"
          },
          {
            "trust": 0.9,
            "url": "http://www.slackware.com/security/viewer.php?l=slackware-security\u0026y=2017\u0026m=slackware-security.601472"
          },
          {
            "trust": 0.9,
            "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1495410"
          },
          {
            "trust": 0.9,
            "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1495411"
          },
          {
            "trust": 0.9,
            "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1495412"
          },
          {
            "trust": 0.9,
            "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1495415"
          },
          {
            "trust": 0.9,
            "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1495416"
          },
          {
            "trust": 0.9,
            "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1495510"
          },
          {
            "trust": 0.9,
            "url": "https://access.redhat.com/security/cve/cve-2017-13704"
          },
          {
            "trust": 0.9,
            "url": "https://github.com/google/security-research-pocs/blob/master/vulnerabilities/dnsmasq/cve-2017-14496.py"
          },
          {
            "trust": 0.9,
            "url": "https://access.redhat.com/errata/rhsa-2017:2837"
          },
          {
            "trust": 0.8,
            "url": "https://www.ruckuswireless.com/security"
          },
          {
            "trust": 0.8,
            "url": "https://www.zyxel.com/support/announcement_dnsmasq_vulnerabilities.shtml"
          },
          {
            "trust": 0.8,
            "url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2017-14496"
          },
          {
            "trust": 0.8,
            "url": "http://jvn.jp/vu/jvnvu93453933/index.html"
          },
          {
            "trust": 0.6,
            "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1495409bug1495409"
          },
          {
            "trust": 0.6,
            "url": "https://us-cert.cisa.gov/ics/advisories/icsa-17-332-01"
          },
          {
            "trust": 0.5,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2017-14491"
          },
          {
            "trust": 0.5,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2017-14494"
          },
          {
            "trust": 0.5,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2017-14492"
          },
          {
            "trust": 0.5,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2017-14493"
          },
          {
            "trust": 0.5,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2017-14495"
          },
          {
            "trust": 0.3,
            "url": "http://subscriber.communications.siemens.com/"
          },
          {
            "trust": 0.3,
            "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1495409 bug 1495409"
          },
          {
            "trust": 0.1,
            "url": "https://cwe.mitre.org/data/definitions/191.html"
          },
          {
            "trust": 0.1,
            "url": "https://github.com/introspection-libc/main"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov"
          },
          {
            "trust": 0.1,
            "url": "https://github.com/introspection-libc/safe-libc"
          },
          {
            "trust": 0.1,
            "url": "https://access.redhat.com/security/updates/classification/#critical"
          },
          {
            "trust": 0.1,
            "url": "https://access.redhat.com/articles/11258"
          },
          {
            "trust": 0.1,
            "url": "https://access.redhat.com/security/team/contact/"
          },
          {
            "trust": 0.1,
            "url": "https://www.redhat.com/mailman/listinfo/rhsa-announce"
          },
          {
            "trust": 0.1,
            "url": "https://bugzilla.redhat.com/):"
          },
          {
            "trust": 0.1,
            "url": "https://access.redhat.com/security/team/key/"
          },
          {
            "trust": 0.1,
            "url": "https://launchpad.net/bugs/1741262"
          },
          {
            "trust": 0.1,
            "url": "https://www.ubuntu.com/usn/usn-3430-3"
          },
          {
            "trust": 0.1,
            "url": "https://launchpad.net/ubuntu/+source/dnsmasq/2.76-5ubuntu0.1"
          },
          {
            "trust": 0.1,
            "url": "https://launchpad.net/ubuntu/+source/dnsmasq/2.75-1ubuntu0.16.04.3"
          },
          {
            "trust": 0.1,
            "url": "https://launchpad.net/ubuntu/+source/dnsmasq/2.68-1ubuntu0.2"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/nvd.cfm?cvename=cve-2017-14495"
          },
          {
            "trust": 0.1,
            "url": "http://creativecommons.org/licenses/by-sa/2.5"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/nvd.cfm?cvename=cve-2017-14493"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/nvd.cfm?cvename=cve-2017-14492"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/nvd.cfm?cvename=cve-2017-14491"
          },
          {
            "trust": 0.1,
            "url": "https://security.gentoo.org/"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/nvd.cfm?cvename=cve-2017-14496"
          },
          {
            "trust": 0.1,
            "url": "https://bugs.gentoo.org."
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/nvd.cfm?cvename=cve-2017-14494"
          }
        ],
        "sources": [
          {
            "db": "CERT/CC",
            "id": "VU#973527"
          },
          {
            "db": "VULMON",
            "id": "CVE-2017-14496"
          },
          {
            "db": "BID",
            "id": "101977"
          },
          {
            "db": "BID",
            "id": "101085"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2017-008623"
          },
          {
            "db": "PACKETSTORM",
            "id": "144490"
          },
          {
            "db": "PACKETSTORM",
            "id": "144484"
          },
          {
            "db": "PACKETSTORM",
            "id": "145652"
          },
          {
            "db": "PACKETSTORM",
            "id": "144469"
          },
          {
            "db": "PACKETSTORM",
            "id": "144706"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201709-742"
          },
          {
            "db": "NVD",
            "id": "CVE-2017-14496"
          }
        ]
      },
      "sources": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "db": "CERT/CC",
            "id": "VU#973527"
          },
          {
            "db": "VULMON",
            "id": "CVE-2017-14496"
          },
          {
            "db": "BID",
            "id": "101977"
          },
          {
            "db": "BID",
            "id": "101085"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2017-008623"
          },
          {
            "db": "PACKETSTORM",
            "id": "144490"
          },
          {
            "db": "PACKETSTORM",
            "id": "144484"
          },
          {
            "db": "PACKETSTORM",
            "id": "145652"
          },
          {
            "db": "PACKETSTORM",
            "id": "144469"
          },
          {
            "db": "PACKETSTORM",
            "id": "144706"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201709-742"
          },
          {
            "db": "NVD",
            "id": "CVE-2017-14496"
          }
        ]
      },
      "sources_release_date": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "date": "2017-10-02T00:00:00",
            "db": "CERT/CC",
            "id": "VU#973527"
          },
          {
            "date": "2017-10-03T00:00:00",
            "db": "VULMON",
            "id": "CVE-2017-14496"
          },
          {
            "date": "2017-11-28T00:00:00",
            "db": "BID",
            "id": "101977"
          },
          {
            "date": "2017-10-02T00:00:00",
            "db": "BID",
            "id": "101085"
          },
          {
            "date": "2017-10-24T00:00:00",
            "db": "JVNDB",
            "id": "JVNDB-2017-008623"
          },
          {
            "date": "2017-10-03T20:21:00",
            "db": "PACKETSTORM",
            "id": "144490"
          },
          {
            "date": "2017-10-03T05:19:24",
            "db": "PACKETSTORM",
            "id": "144484"
          },
          {
            "date": "2018-01-04T17:50:40",
            "db": "PACKETSTORM",
            "id": "145652"
          },
          {
            "date": "2017-10-02T13:13:00",
            "db": "PACKETSTORM",
            "id": "144469"
          },
          {
            "date": "2017-10-23T13:54:05",
            "db": "PACKETSTORM",
            "id": "144706"
          },
          {
            "date": "2017-09-18T00:00:00",
            "db": "CNNVD",
            "id": "CNNVD-201709-742"
          },
          {
            "date": "2017-10-03T01:29:02.200000",
            "db": "NVD",
            "id": "CVE-2017-14496"
          }
        ]
      },
      "sources_update_date": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "date": "2018-02-02T00:00:00",
            "db": "CERT/CC",
            "id": "VU#973527"
          },
          {
            "date": "2023-11-07T00:00:00",
            "db": "VULMON",
            "id": "CVE-2017-14496"
          },
          {
            "date": "2019-05-15T17:00:00",
            "db": "BID",
            "id": "101977"
          },
          {
            "date": "2017-10-02T00:00:00",
            "db": "BID",
            "id": "101085"
          },
          {
            "date": "2017-11-29T00:00:00",
            "db": "JVNDB",
            "id": "JVNDB-2017-008623"
          },
          {
            "date": "2020-10-14T00:00:00",
            "db": "CNNVD",
            "id": "CNNVD-201709-742"
          },
          {
            "date": "2025-04-20T01:37:25.860000",
            "db": "NVD",
            "id": "CVE-2017-14496"
          }
        ]
      },
      "threat_type": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/threat_type#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "network",
        "sources": [
          {
            "db": "BID",
            "id": "101977"
          },
          {
            "db": "BID",
            "id": "101085"
          }
        ],
        "trust": 0.6
      },
      "title": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/title#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "Dnsmasq contains multiple vulnerabilities",
        "sources": [
          {
            "db": "CERT/CC",
            "id": "VU#973527"
          }
        ],
        "trust": 0.8
      },
      "type": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/type#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "digital error",
        "sources": [
          {
            "db": "CNNVD",
            "id": "CNNVD-201709-742"
          }
        ],
        "trust": 0.6
      }
    }

    VAR-201710-0212

    Vulnerability from variot - Updated: 2025-04-20 22:05

    Wi-Fi Protected Access (WPA and WPA2) that supports IEEE 802.11w allows reinstallation of the Integrity Group Temporal Key (IGTK) during the four-way handshake, allowing an attacker within radio range to spoof frames from access points to clients. An attacker within range of an affected AP and client may leverage these vulnerabilities to conduct attacks that are dependent on the data confidentiality protocols being used. Attacks may include arbitrary packet decryption and injection, TCP connection hijacking, HTTP content injection, or the replay of unicast and group-addressed frames. These vulnerabilities are referred to as Key Reinstallation Attacks or "KRACK" attacks. WPA (Wi-Fi Protected Access) is a system that protects wireless computer networks (Wi-Fi). There is an IGTK group key reloading vulnerability in the fourth handshake of the WPA2 wireless network. WPA2 is prone to multiple security weaknesses. Exploiting these issues may allow an unauthorized user to intercept and manipulate data or disclose sensitive information. Those vulnerabilities applies to both the access point (implemented in hostapd) and the station (implemented in wpa_supplicant).

    An attacker exploiting the vulnerabilities could force the vulnerable system to reuse cryptographic session keys, enabling a range of cryptographic attacks against the ciphers used in WPA1 and WPA2.

    For the stable distribution (stretch), these problems have been fixed in version 2:2.4-1+deb9u1.

    For the testing distribution (buster), these problems have been fixed in version 2:2.4-1.1.

    For the unstable distribution (sid), these problems have been fixed in version 2:2.4-1.1.

    We recommend that you upgrade your wpa packages. ========================================================================== Ubuntu Security Notice USN-3455-1 October 16, 2017

    wpa vulnerabilities

    A security issue affects these releases of Ubuntu and its derivatives:

    • Ubuntu 17.04
    • Ubuntu 16.04 LTS
    • Ubuntu 14.04 LTS

    Summary:

    Several security issues were fixed in wpa_supplicant.

    Software Description: - wpa: client support for WPA and WPA2

    Details:

    Mathy Vanhoef discovered that wpa_supplicant and hostapd incorrectly handled WPA2. (CVE-2017-13077, CVE-2017-13078, CVE-2017-13079, CVE-2017-13080, CVE-2017-13081, CVE-2017-13082, CVE-2017-13086, CVE-2017-13087, CVE-2017-13088)

    Imre Rad discovered that wpa_supplicant and hostapd incorrectly handled invalid characters in passphrase parameters. A remote attacker could use this issue to cause a denial of service. (CVE-2016-4476)

    Imre Rad discovered that wpa_supplicant and hostapd incorrectly handled invalid characters in passphrase parameters. A local attacker could use this issue to cause a denial of service, or possibly execute arbitrary code. (CVE-2016-4477)

    Update instructions:

    The problem can be corrected by updating your system to the following package versions:

    Ubuntu 17.04: hostapd 2.4-0ubuntu9.1 wpasupplicant 2.4-0ubuntu9.1

    Ubuntu 16.04 LTS: hostapd 2.4-0ubuntu6.2 wpasupplicant 2.4-0ubuntu6.2

    Ubuntu 14.04 LTS: hostapd 2.1-0ubuntu1.5 wpasupplicant 2.1-0ubuntu1.5

    After a standard system update you need to reboot your computer to make all the necessary changes.

    References: https://www.ubuntu.com/usn/usn-3455-1 CVE-2016-4476, CVE-2016-4477, CVE-2017-13077, CVE-2017-13078, CVE-2017-13079, CVE-2017-13080, CVE-2017-13081, CVE-2017-13082, CVE-2017-13086, CVE-2017-13087, CVE-2017-13088

    Package Information: https://launchpad.net/ubuntu/+source/wpa/2.4-0ubuntu9.1 https://launchpad.net/ubuntu/+source/wpa/2.4-0ubuntu6.2 https://launchpad.net/ubuntu/+source/wpa/2.1-0ubuntu1.5

    . - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Gentoo Linux Security Advisory GLSA 201711-03


                                           https://security.gentoo.org/
    

    Severity: Normal Title: hostapd and wpa_supplicant: Key Reinstallation (KRACK) attacks Date: November 10, 2017 Bugs: #634436, #634438 ID: 201711-03


    Synopsis

    A flaw was discovered in the 4-way handshake in hostapd and wpa_supplicant that allows attackers to conduct a Man in the Middle attack.

    Background

    wpa_supplicant is a WPA Supplicant with support for WPA and WPA2 (IEEE 802.11i / RSN).

    Affected packages

    -------------------------------------------------------------------
     Package              /     Vulnerable     /            Unaffected
    -------------------------------------------------------------------
    

    1 net-wireless/hostapd < 2.6-r1 >= 2.6-r1 2 net-wireless/wpa_supplicant < 2.6-r3 >= 2.6-r3 ------------------------------------------------------------------- 2 affected packages

    Description

    WiFi Protected Access (WPA and WPA2) and it's associated technologies are all vulnerable to the KRACK attacks. Please review the referenced CVE identifiers for details.

    Impact

    An attacker can carry out the KRACK attacks on a wireless network in order to gain access to network clients. Once achieved, the attacker can potentially harvest confidential information (e.g. HTTP/HTTPS), inject malware, or perform a myriad of other attacks.

    Workaround

    There is no known workaround at this time.

    Resolution

    All hostapd users should upgrade to the latest version:

    # emerge --sync # emerge --ask --oneshot --verbose ">=net-wireless/hostapd-2.6-r1"

    All wpa_supplicant users should upgrade to the latest version:

    # emerge --sync # emerge --ask --oneshot -v ">=net-wireless/wpa_supplicant-2.6-r3"

    References

    [ 1 ] CVE-2017-13077 https://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-13077 [ 2 ] CVE-2017-13078 https://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-13078 [ 3 ] CVE-2017-13079 https://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-13079 [ 4 ] CVE-2017-13080 .

    Here are the details from the Slackware 14.2 ChangeLog: +--------------------------+ patches/packages/wpa_supplicant-2.6-i586-1_slack14.2.txz: Upgraded. This update includes patches to mitigate the WPA2 protocol issues known as "KRACK" (Key Reinstallation AttaCK), which may be used to decrypt data, hijack TCP connections, and to forge and inject packets. This is the list of vulnerabilities that are addressed here: CVE-2017-13077: Reinstallation of the pairwise encryption key (PTK-TK) in the 4-way handshake. CVE-2017-13082: Accepting a retransmitted Fast BSS Transition (FT) Reassociation Request and reinstalling the pairwise encryption key (PTK-TK) while processing it. CVE-2017-13084: Reinstallation of the STK key in the PeerKey handshake. CVE-2017-13086: reinstallation of the Tunneled Direct-Link Setup (TDLS) PeerKey (TPK) key in the TDLS handshake. For more information, see: https://www.krackattacks.com/ https://w1.fi/security/2017-1/wpa-packet-number-reuse-with-replayed-messages.txt https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-13077 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-13078 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-13079 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-13080 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-13081 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-13082 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-13084 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-13086 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-13087 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-13088 ( Security fix ) +--------------------------+

    Where to find the new packages: +-----------------------------+

    Thanks to the friendly folks at the OSU Open Source Lab (http://osuosl.org) for donating FTP and rsync hosting to the Slackware project! :-)

    Also see the "Get Slack" section on http://slackware.com for additional mirror sites near you.

    Updated package for Slackware 14.0: ftp://ftp.slackware.com/pub/slackware/slackware-14.0/patches/packages/wpa_supplicant-2.6-i486-1_slack14.0.txz

    Updated package for Slackware x86_64 14.0: ftp://ftp.slackware.com/pub/slackware/slackware64-14.0/patches/packages/wpa_supplicant-2.6-x86_64-1_slack14.0.txz

    Updated package for Slackware 14.1: ftp://ftp.slackware.com/pub/slackware/slackware-14.1/patches/packages/wpa_supplicant-2.6-i486-1_slack14.1.txz

    Updated package for Slackware x86_64 14.1: ftp://ftp.slackware.com/pub/slackware/slackware64-14.1/patches/packages/wpa_supplicant-2.6-x86_64-1_slack14.1.txz

    Updated package for Slackware 14.2: ftp://ftp.slackware.com/pub/slackware/slackware-14.2/patches/packages/wpa_supplicant-2.6-i586-1_slack14.2.txz

    Updated package for Slackware x86_64 14.2: ftp://ftp.slackware.com/pub/slackware/slackware64-14.2/patches/packages/wpa_supplicant-2.6-x86_64-1_slack14.2.txz

    Updated package for Slackware -current: ftp://ftp.slackware.com/pub/slackware/slackware-current/slackware/n/wpa_supplicant-2.6-i586-2.txz

    Updated package for Slackware x86_64 -current: ftp://ftp.slackware.com/pub/slackware/slackware64-current/slackware64/n/wpa_supplicant-2.6-x86_64-2.txz

    MD5 signatures: +-------------+

    Slackware 14.0 package: d8ecfaadb50b3547967ab53733ffc019 wpa_supplicant-2.6-i486-1_slack14.0.txz

    Slackware x86_64 14.0 package: f25216d28800504ce498705da7c9a825 wpa_supplicant-2.6-x86_64-1_slack14.0.txz

    Slackware 14.1 package: 15c61050e4bab2581757befd86be74c0 wpa_supplicant-2.6-i486-1_slack14.1.txz

    Slackware x86_64 14.1 package: 49fd537a520338744f7757615556d352 wpa_supplicant-2.6-x86_64-1_slack14.1.txz

    Slackware 14.2 package: c5539f40c8510af89be92945f0f80185 wpa_supplicant-2.6-i586-1_slack14.2.txz

    Slackware x86_64 14.2 package: 4c527ff84fcdfd7839f217bbce2e4ae4 wpa_supplicant-2.6-x86_64-1_slack14.2.txz

    Slackware -current package: 28bd88a54e96368f7a7020c1f5fb67fe n/wpa_supplicant-2.6-i586-2.txz

    Slackware x86_64 -current package: 464fc6b48d1ac077f47e9a3a8534c160 n/wpa_supplicant-2.6-x86_64-2.txz

    Installation instructions: +------------------------+

    Upgrade the package as root:

    upgradepkg wpa_supplicant-2.6-i586-1_slack14.2.txz

    +-----+

    Slackware Linux Security Team http://slackware.com/gpg-key security@slackware.com

    +------------------------------------------------------------------------+ | To leave the slackware-security mailing list: | +------------------------------------------------------------------------+ | Send an email to majordomo@slackware.com with this text in the body of | | the email message: | | | | unsubscribe slackware-security | | | | You will get a confirmation message back containing instructions to | | complete the process. Please do not reply to this email address. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512

    ============================================================================= FreeBSD-SA-17:07.wpa Security Advisory The FreeBSD Project

    Topic: WPA2 protocol vulnerability

    Category: contrib Module: wpa Announced: 2017-10-16 Credits: Mathy Vanhoef Affects: All supported versions of FreeBSD. Corrected: 2017-10-17 17:30:18 UTC (stable/11, 11.1-STABLE) 2017-10-17 17:57:18 UTC (releng/11.1, 11.1-RELEASE-p2) 2017-10-17 17:56:03 UTC (releng/11.0, 11.0-RELEASE-p13) 2017-10-19 03:18:22 UTC (stable/10, 10.4-STABLE) 2017-10-19 03:20:17 UTC (releng/10.4, 10.4-RELEASE-p1) 2017-10-19 03:19:42 UTC (releng/10.3, 10.3-RELEASE-p22) CVE Name: CVE-2017-13077, CVE-2017-13078, CVE-2017-13079, CVE-2017-13080, CVE-2017-13081, CVE-2017-13082, CVE-2017-13086, CVE-2017-13087, CVE-2017-13088

    For general information regarding FreeBSD Security Advisories, including descriptions of the fields above, security branches, and the following sections, please visit .

    1. Revision history

    v1.0 2017-10-17 Initial release. v1.1 2017-10-19 Add patches for 10.x releases.

    I.

    hostapd and wpa_supplicant are implementations of user space daemon for access points and wireless client that implements the WPA2 protocol.

    II. Problem Description

    A vulnerability was found in how a number of implementations can be triggered to reconfigure WPA/WPA2/RSN keys (TK, GTK, or IGTK) by replaying a specific frame that is used to manage the keys.

    III. Impact

    Such reinstallation of the encryption key can result in two different types of vulnerabilities: disabling replay protection and significantly reducing the security of encryption to the point of allowing frames to be decrypted or some parts of the keys to be determined by an attacker depending on which cipher is used.

    IV. Workaround

    An updated version of wpa_supplicant is available in the FreeBSD Ports Collection. Install version 2.6_2 or later of the security/wpa_supplicant port/pkg. Once installed, update /etc/rc.conf to use the new binary:

    wpa_supplicant_program="/usr/local/sbin/wpa_supplicant"

    and restart networking.

    An updated version of hostapd is available in the FreeBSD Ports Collection. Install version 2.6_1 or later of the net/hostapd port/pkg. Once installed, update /etc/rc.conf to use the new binary:

    hostapd_program="/usr/local/sbin/hostapd"

    and restart hostapd.

    V. Solution

    Perform one of the following:

    1) Upgrade your vulnerable system to a supported FreeBSD stable or release / security branch (releng) dated after the correction date.

    Restart the Wi-Fi network interfaces/hostapd or reboot the system.

    2) To update your vulnerable system via a binary patch:

    Systems running a RELEASE version of FreeBSD on the i386 or amd64 platforms can be updated via the freebsd-update(8) utility:

    freebsd-update fetch

    freebsd-update install

    Restart the Wi-Fi network interfaces/hostapd or reboot the system.

    3) To update your vulnerable system via a source code patch:

    The following patches have been verified to apply to the applicable FreeBSD release branches.

    a) Download the relevant patch from the location below, and verify the detached PGP signature using your PGP utility.

    [FreeBSD 11.0-RELEASE, 11.1-RELEASE, and 11-STABLE]

    fetch https://security.FreeBSD.org/patches/SA-17:07/wpa-11.patch

    fetch https://security.FreeBSD.org/patches/SA-17:07/wpa-11.patch.asc

    gpg --verify wpa-11.patch.asc

    [FreeBSD 10.3-RELEASE, 10.4-RELEASE, and 10-STABLE]

    fetch https://security.FreeBSD.org/patches/SA-17:07/wpa-10.patch

    fetch https://security.FreeBSD.org/patches/SA-17:07/wpa-10.patch.asc

    gpg --verify wpa-10.patch.asc

    b) Apply the patch. Execute the following commands as root:

    cd /usr/src

    patch < /path/to/patch

    c) Recompile the operating system using buildworld and installworld as described in .

    Restart the applicable daemons, or reboot the system.

    VI. Correction details

    The following list contains the correction revision numbers for each affected branch.

    Branch/path Revision


    stable/11/ r324697 releng/11.0/ r324698 releng/11.1/ r324699 stable/10/ r324739 releng/10.3/ r324740 releng/10.4/ r324741


    To see which files were modified by a particular revision, run the following command, replacing NNNNNN with the revision number, on a machine with Subversion installed:

    svn diff -cNNNNNN --summarize svn://svn.freebsd.org/base

    Or visit the following URL, replacing NNNNNN with the revision number:

    VII. References

    The latest revision of this advisory is available at -----BEGIN PGP SIGNATURE-----

    iQKTBAEBCgB9FiEEHPf/b631yp++G4yy7Wfs1l3PaucFAlnoGpNfFIAAAAAALgAo aXNzdWVyLWZwckBub3RhdGlvbnMub3BlbnBncC5maWZ0aGhvcnNlbWFuLm5ldDFD RjdGRjZGQURGNUNBOUZCRTFCOENCMkVENjdFQ0Q2NURDRjZBRTcACgkQ7Wfs1l3P auc7WBAAm27w+fujv5sJsRxauUMopTVtRh5utwbDuoHTP+L+RCWmQfVBmueNQ0gf uJzMNxBIkbtY9LvyukpRsH3iD7mh26c0pd9rxxkkr4F96C9B5+W0amxJF1gdm54/ F/50FpY+lo7cNs5tiBjypPrg8UOBBI/1G4XR7130XC0HjaTwt1ngZ0oQUWUMSsIp gN5ZfPul81WPWd1NqF+vyObcJhwq/Y1uoexoO27o7GQCFZoL3enZy8c4f1xqMlVM 4HHkTgNGac6E0aW+ArH4J0DFFAOJXPqF8rdt+9XINfoBbtliIyOixJ4oh1n6eAR0 VpBWZKFNyXSlUKIvDGa+LDhxgL1jJXV0ABSyKlUOijdmr3bbbiQE9MW/MNv2AFTd OAFQ0QQtm9KCWp5JLh+FPIb/kR2l7MOUP+yz4zFcJpdGtl9tDLyPN8vRTq60bY8O y7tBcf/SMqkd/AIFdchL4zrOguKnRARydIlwTarp8wtAQI3MKSsa1B0wgsDtlL6K xfdjnwWMKvKKlNOW16e1WXXO0n/ucHV4njBE+bGPro3jLgXP2/WFZpIGAR3I4xrr SdD4AxSNiR9f3bL7LRfMIbugJAylWNSlTLWUOVUv0/ONh85LqbcCj13NI230B64K ETx2QOZgKnCs2oDNiw4aQHb7kvi2w94Iw/R1sAPkkxYJWO3reyE= =h/5q -----END PGP SIGNATURE-----

    Show details on source website

    {
      "@context": {
        "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
        "affected_products": {
          "@id": "https://www.variotdbs.pl/ref/affected_products"
        },
        "configurations": {
          "@id": "https://www.variotdbs.pl/ref/configurations"
        },
        "credits": {
          "@id": "https://www.variotdbs.pl/ref/credits"
        },
        "cvss": {
          "@id": "https://www.variotdbs.pl/ref/cvss/"
        },
        "description": {
          "@id": "https://www.variotdbs.pl/ref/description/"
        },
        "exploit_availability": {
          "@id": "https://www.variotdbs.pl/ref/exploit_availability/"
        },
        "external_ids": {
          "@id": "https://www.variotdbs.pl/ref/external_ids/"
        },
        "iot": {
          "@id": "https://www.variotdbs.pl/ref/iot/"
        },
        "iot_taxonomy": {
          "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
        },
        "patch": {
          "@id": "https://www.variotdbs.pl/ref/patch/"
        },
        "problemtype_data": {
          "@id": "https://www.variotdbs.pl/ref/problemtype_data/"
        },
        "references": {
          "@id": "https://www.variotdbs.pl/ref/references/"
        },
        "sources": {
          "@id": "https://www.variotdbs.pl/ref/sources/"
        },
        "sources_release_date": {
          "@id": "https://www.variotdbs.pl/ref/sources_release_date/"
        },
        "sources_update_date": {
          "@id": "https://www.variotdbs.pl/ref/sources_update_date/"
        },
        "threat_type": {
          "@id": "https://www.variotdbs.pl/ref/threat_type/"
        },
        "title": {
          "@id": "https://www.variotdbs.pl/ref/title/"
        },
        "type": {
          "@id": "https://www.variotdbs.pl/ref/type/"
        }
      },
      "@id": "https://www.variotdbs.pl/vuln/VAR-201710-0212",
      "affected_products": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/affected_products#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            },
            "@id": "https://www.variotdbs.pl/ref/sources"
          }
        },
        "data": [
          {
            "model": "linux enterprise point of sale",
            "scope": "eq",
            "trust": 1.6,
            "vendor": "suse",
            "version": "11"
          },
          {
            "model": "linux enterprise server",
            "scope": "eq",
            "trust": 1.6,
            "vendor": "suse",
            "version": "11"
          },
          {
            "model": "openstack cloud",
            "scope": "eq",
            "trust": 1.6,
            "vendor": "suse",
            "version": "6"
          },
          {
            "model": "linux enterprise desktop",
            "scope": "eq",
            "trust": 1.6,
            "vendor": "suse",
            "version": "12"
          },
          {
            "model": "linux enterprise server",
            "scope": "eq",
            "trust": 1.6,
            "vendor": "suse",
            "version": "12"
          },
          {
            "model": "enterprise linux desktop",
            "scope": "eq",
            "trust": 1.3,
            "vendor": "redhat",
            "version": "7"
          },
          {
            "model": "enterprise linux server",
            "scope": "eq",
            "trust": 1.3,
            "vendor": "redhat",
            "version": "7"
          },
          {
            "model": "wpa supplicant",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "w1 fi",
            "version": "0.6.9"
          },
          {
            "model": "wpa supplicant",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "w1 fi",
            "version": "0.2.5"
          },
          {
            "model": "hostapd",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "w1 fi",
            "version": "1.1"
          },
          {
            "model": "linux",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "debian",
            "version": "9.0"
          },
          {
            "model": "hostapd",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "w1 fi",
            "version": "0.6.8"
          },
          {
            "model": "hostapd",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "w1 fi",
            "version": "2.0"
          },
          {
            "model": "hostapd",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "w1 fi",
            "version": "0.6.9"
          },
          {
            "model": "ubuntu linux",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "canonical",
            "version": "14.04"
          },
          {
            "model": "hostapd",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "w1 fi",
            "version": "0.2.5"
          },
          {
            "model": "wpa supplicant",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "w1 fi",
            "version": "0.4.9"
          },
          {
            "model": "hostapd",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "w1 fi",
            "version": "0.3.9"
          },
          {
            "model": "wpa supplicant",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "w1 fi",
            "version": "0.4.10"
          },
          {
            "model": "wpa supplicant",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "w1 fi",
            "version": "0.3.11"
          },
          {
            "model": "wpa supplicant",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "w1 fi",
            "version": "0.2.7"
          },
          {
            "model": "freebsd",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "freebsd",
            "version": "*"
          },
          {
            "model": "wpa supplicant",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "w1 fi",
            "version": "0.4.11"
          },
          {
            "model": "wpa supplicant",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "w1 fi",
            "version": "0.3.8"
          },
          {
            "model": "hostapd",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "w1 fi",
            "version": "0.4.9"
          },
          {
            "model": "wpa supplicant",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "w1 fi",
            "version": "0.2.6"
          },
          {
            "model": "freebsd",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "freebsd",
            "version": "10"
          },
          {
            "model": "hostapd",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "w1 fi",
            "version": "0.4.10"
          },
          {
            "model": "linux",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "debian",
            "version": "8.0"
          },
          {
            "model": "hostapd",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "w1 fi",
            "version": "0.3.11"
          },
          {
            "model": "wpa supplicant",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "w1 fi",
            "version": "2.2"
          },
          {
            "model": "hostapd",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "w1 fi",
            "version": "0.4.11"
          },
          {
            "model": "wpa supplicant",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "w1 fi",
            "version": "0.5.7"
          },
          {
            "model": "hostapd",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "w1 fi",
            "version": "0.2.6"
          },
          {
            "model": "hostapd",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "w1 fi",
            "version": "2.5"
          },
          {
            "model": "wpa supplicant",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "w1 fi",
            "version": "2.4"
          },
          {
            "model": "wpa supplicant",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "w1 fi",
            "version": "0.5.8"
          },
          {
            "model": "wpa supplicant",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "w1 fi",
            "version": "0.3.7"
          },
          {
            "model": "wpa supplicant",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "w1 fi",
            "version": "1.1"
          },
          {
            "model": "wpa supplicant",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "w1 fi",
            "version": "0.6.10"
          },
          {
            "model": "hostapd",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "w1 fi",
            "version": "0.5.7"
          },
          {
            "model": "wpa supplicant",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "w1 fi",
            "version": "0.7.3"
          },
          {
            "model": "wpa supplicant",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "w1 fi",
            "version": "1.0"
          },
          {
            "model": "hostapd",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "w1 fi",
            "version": "2.4"
          },
          {
            "model": "hostapd",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "w1 fi",
            "version": "0.5.8"
          },
          {
            "model": "wpa supplicant",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "w1 fi",
            "version": "2.6"
          },
          {
            "model": "hostapd",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "w1 fi",
            "version": "0.3.7"
          },
          {
            "model": "hostapd",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "w1 fi",
            "version": "0.6.10"
          },
          {
            "model": "wpa supplicant",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "w1 fi",
            "version": "0.2.8"
          },
          {
            "model": "hostapd",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "w1 fi",
            "version": "0.7.3"
          },
          {
            "model": "freebsd",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "freebsd",
            "version": "11.1"
          },
          {
            "model": "hostapd",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "w1 fi",
            "version": "1.0"
          },
          {
            "model": "wpa supplicant",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "w1 fi",
            "version": "0.3.9"
          },
          {
            "model": "hostapd",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "w1 fi",
            "version": "2.6"
          },
          {
            "model": "wpa supplicant",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "w1 fi",
            "version": "0.2.4"
          },
          {
            "model": "wpa supplicant",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "w1 fi",
            "version": "0.3.10"
          },
          {
            "model": "wpa supplicant",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "w1 fi",
            "version": "0.5.10"
          },
          {
            "model": "wpa supplicant",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "w1 fi",
            "version": "0.5.9"
          },
          {
            "model": "wpa supplicant",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "w1 fi",
            "version": "2.1"
          },
          {
            "model": "hostapd",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "w1 fi",
            "version": "0.2.8"
          },
          {
            "model": "leap",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "opensuse",
            "version": "42.2"
          },
          {
            "model": "wpa supplicant",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "w1 fi",
            "version": "0.4.7"
          },
          {
            "model": "ubuntu linux",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "canonical",
            "version": "17.04"
          },
          {
            "model": "hostapd",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "w1 fi",
            "version": "0.2.4"
          },
          {
            "model": "hostapd",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "w1 fi",
            "version": "0.3.10"
          },
          {
            "model": "wpa supplicant",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "w1 fi",
            "version": "2.3"
          },
          {
            "model": "freebsd",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "freebsd",
            "version": "10.4"
          },
          {
            "model": "hostapd",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "w1 fi",
            "version": "0.5.10"
          },
          {
            "model": "hostapd",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "w1 fi",
            "version": "0.5.9"
          },
          {
            "model": "hostapd",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "w1 fi",
            "version": "2.1"
          },
          {
            "model": "wpa supplicant",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "w1 fi",
            "version": "0.5.11"
          },
          {
            "model": "wpa supplicant",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "w1 fi",
            "version": "2.5"
          },
          {
            "model": "hostapd",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "w1 fi",
            "version": "0.4.7"
          },
          {
            "model": "hostapd",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "w1 fi",
            "version": "2.3"
          },
          {
            "model": "wpa supplicant",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "w1 fi",
            "version": "0.4.8"
          },
          {
            "model": "hostapd",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "w1 fi",
            "version": "0.5.11"
          },
          {
            "model": "ubuntu linux",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "canonical",
            "version": "16.04"
          },
          {
            "model": "hostapd",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "w1 fi",
            "version": "2.2"
          },
          {
            "model": "wpa supplicant",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "w1 fi",
            "version": "0.6.8"
          },
          {
            "model": "freebsd",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "freebsd",
            "version": "11"
          },
          {
            "model": "hostapd",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "w1 fi",
            "version": "0.4.8"
          },
          {
            "model": "wpa supplicant",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "w1 fi",
            "version": "2.0"
          },
          {
            "model": "leap",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "opensuse",
            "version": "42.3"
          },
          {
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "9front",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "adtran",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "avm",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "actiontec",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "aerohive",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "alcatel lucent",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "android open source",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "apple",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "arch linux",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "aruba",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "asustek computer",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "barracuda",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "broadcom",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "cambium",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "centos",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "cisco",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "cradlepoint",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "cypress semiconductor",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "d link",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "debian gnu linux",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "dell",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "digi",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "draytek",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "edimax computer",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "engenius",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "endian",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "espressif",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "extreme",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "f secure",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "fedora",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "fortinet",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "freebsd",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "gentoo linux",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "google",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "hewlett packard",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "hostap",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "ipfire",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "intel",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "juniper",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "lancom",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "lede",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "lifx",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "lenovo",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "microchip",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "microsoft",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "mojo",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "nest",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "netbsd",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "netgear",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "opnsense",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "omnirom",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "open mesh",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "openbsd",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "peplink",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "red hat",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "riverbed",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "rockwell automation",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "ruckus",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "suse linux",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "samsung mobile",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "sierra",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "slackware linux",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "sonos",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "sony",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "sophos",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "synology",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "tp link",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "technicolor",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "texas instruments",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "toshiba commerce",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "toshiba electronic devices storage",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "toshiba memory",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "turris omnia",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "ubiquiti",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "ubuntu",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "volumio",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "watchguard",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "xiaomi",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "xirrus",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "zebra",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "zyxel",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "dd wrt",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "eero",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "pfsense",
            "version": null
          },
          {
            "model": "ubuntu",
            "scope": null,
            "trust": 0.8,
            "vendor": "canonical",
            "version": null
          },
          {
            "model": "gnu/linux",
            "scope": null,
            "trust": 0.8,
            "vendor": "debian",
            "version": null
          },
          {
            "model": "freebsd",
            "scope": null,
            "trust": 0.8,
            "vendor": "freebsd",
            "version": null
          },
          {
            "model": "leap",
            "scope": null,
            "trust": 0.8,
            "vendor": "opensuse",
            "version": null
          },
          {
            "model": "linux enterprise desktop",
            "scope": null,
            "trust": 0.8,
            "vendor": "suse",
            "version": null
          },
          {
            "model": "linux enterprise point of sale",
            "scope": null,
            "trust": 0.8,
            "vendor": "suse",
            "version": null
          },
          {
            "model": "linux enterprise server",
            "scope": null,
            "trust": 0.8,
            "vendor": "suse",
            "version": null
          },
          {
            "model": "openstack cloud",
            "scope": null,
            "trust": 0.8,
            "vendor": "suse",
            "version": null
          },
          {
            "model": "hostapd",
            "scope": null,
            "trust": 0.8,
            "vendor": "w1 fi",
            "version": null
          },
          {
            "model": "wpa supplicant",
            "scope": null,
            "trust": 0.8,
            "vendor": "w1 fi",
            "version": null
          },
          {
            "model": "enterprise linux desktop",
            "scope": null,
            "trust": 0.8,
            "vendor": "red hat",
            "version": null
          },
          {
            "model": "enterprise linux server",
            "scope": null,
            "trust": 0.8,
            "vendor": "red hat",
            "version": null
          },
          {
            "model": "edge gateway",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "nec",
            "version": null
          },
          {
            "model": "sr-m20ac1",
            "scope": "lte",
            "trust": 0.8,
            "vendor": "fujitsu",
            "version": "v02.10"
          },
          {
            "model": "sr-m20ac2",
            "scope": "lte",
            "trust": 0.8,
            "vendor": "fujitsu",
            "version": "v02.10"
          },
          {
            "model": "alliance wi-fi protected access 2",
            "scope": null,
            "trust": 0.6,
            "vendor": "wi fi",
            "version": null
          },
          {
            "model": "scalance w-700",
            "scope": "eq",
            "trust": 0.6,
            "vendor": "siemens",
            "version": "0"
          },
          {
            "model": null,
            "scope": "eq",
            "trust": 0.4,
            "vendor": "linux desktop",
            "version": "12"
          },
          {
            "model": null,
            "scope": "eq",
            "trust": 0.4,
            "vendor": "linux server",
            "version": "11"
          },
          {
            "model": "atom processor c3200 series for yocto project bsp mr4",
            "scope": null,
            "trust": 0.3,
            "vendor": "intel",
            "version": null
          },
          {
            "model": "ios",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "10.3.2"
          },
          {
            "model": "active management technology",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "intel",
            "version": "6.1"
          },
          {
            "model": "pyxis supplystation",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "bd",
            "version": "0"
          },
          {
            "model": "sinamics smart access module",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "siemens",
            "version": "v200"
          },
          {
            "model": "active management technology",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "intel",
            "version": "11.6.27.3264"
          },
          {
            "model": "meraki mr34",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "0"
          },
          {
            "model": "ck71a-atex",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "pepperl fuchs",
            "version": "0"
          },
          {
            "model": "arubaos",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "arubanetworks",
            "version": "6.5.2.0"
          },
          {
            "model": "macbook air",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "0"
          },
          {
            "model": "aironet series access points",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "18500"
          },
          {
            "model": "active management technology",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "intel",
            "version": "8.0"
          },
          {
            "model": "meraki mr26",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "0"
          },
          {
            "model": "arubaos",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "arubanetworks",
            "version": "6.4"
          },
          {
            "model": "aironet series access points",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "28000"
          },
          {
            "model": "enterprise linux for power big endian extended update support",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "redhat",
            "version": "-7.5"
          },
          {
            "model": "meraki mr84",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "0"
          },
          {
            "model": "contact fl wlan",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "phoenix",
            "version": "510x0"
          },
          {
            "model": "windows server r2 for itanium-based systems sp1",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "microsoft",
            "version": "2008"
          },
          {
            "model": "contact itc",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "phoenix",
            "version": "81130"
          },
          {
            "model": "enterprise linux workstation",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "redhat",
            "version": "7"
          },
          {
            "model": "active management technology",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "intel",
            "version": "10.0"
          },
          {
            "model": "dual band wireless-ac",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "intel",
            "version": "726519.51.0.0"
          },
          {
            "model": "enterprise linux server extended update support",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "redhat",
            "version": "-7.6"
          },
          {
            "model": "meraki mr18",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "0"
          },
          {
            "model": "arubaos",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "arubanetworks",
            "version": "8.1.0.3"
          },
          {
            "model": "scalance w1750d",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "siemens",
            "version": "0"
          },
          {
            "model": "secure ii med-surg bed",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "stryker",
            "version": "3002"
          },
          {
            "model": "contact fl wlan",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "phoenix",
            "version": "210x0"
          },
          {
            "model": "windows version for x64-based systems",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "microsoft",
            "version": "1015110"
          },
          {
            "model": "aironet access points",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "0"
          },
          {
            "model": "contact fl wlan ap",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "phoenix",
            "version": "24802-110"
          },
          {
            "model": "active management technology",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "intel",
            "version": "11.0"
          },
          {
            "model": "instantos",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "arubanetworks",
            "version": "6.5.4.1"
          },
          {
            "model": "tvos",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "10.2"
          },
          {
            "model": "wap371 wireless-ac n access point with single point setup",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "0"
          },
          {
            "model": "ex-handy",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "pepperl fuchs",
            "version": "2090"
          },
          {
            "model": "arubaos",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "arubanetworks",
            "version": "6.5.3.2"
          },
          {
            "model": "contact rad-80211-xd",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "phoenix",
            "version": "0"
          },
          {
            "model": "ios",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "apple",
            "version": "11.2"
          },
          {
            "model": "contact fl wlan dap",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "phoenix",
            "version": "24802-110"
          },
          {
            "model": "dual band wireless-ac",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "intel",
            "version": "726519.10.9.1"
          },
          {
            "model": "arubaos",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "arubanetworks",
            "version": "6.3.1.25"
          },
          {
            "model": "pyxis medstation es",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "bd",
            "version": "0"
          },
          {
            "model": "wireless ip phone",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "88210"
          },
          {
            "model": "pyxis stockstation system",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "bd",
            "version": "0"
          },
          {
            "model": "macbook",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "0"
          },
          {
            "model": "dual band wireless-ac",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "intel",
            "version": "316819.51.7.1"
          },
          {
            "model": "dual band wireless-ac",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "intel",
            "version": "726519.10.9.2"
          },
          {
            "model": "scalance wlc712",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "siemens",
            "version": "0"
          },
          {
            "model": "contact fl wlan spa",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "phoenix",
            "version": "0"
          },
          {
            "model": "meraki mr62",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "0"
          },
          {
            "model": "simatic et200 pro im154-6 pn iwlan",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "siemens",
            "version": "0"
          },
          {
            "model": "tropos broadband mesh routers and bridges",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "abb",
            "version": "0"
          },
          {
            "model": "dual band wireless-ac",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "intel",
            "version": "316819.10.9.2"
          },
          {
            "model": "meraki mr33",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "0"
          },
          {
            "model": "instantos",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "arubanetworks",
            "version": "6.5.3.3"
          },
          {
            "model": "micros handheld terminal",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "oracle",
            "version": "0"
          },
          {
            "model": "windows server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "microsoft",
            "version": "20120"
          },
          {
            "model": "instantos",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "arubanetworks",
            "version": "6.5.2"
          },
          {
            "model": "dual band wireless-ac",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "intel",
            "version": "316018.33.9.2"
          },
          {
            "model": "windows version for 32-bit systems",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "microsoft",
            "version": "1017030"
          },
          {
            "model": "atom processor c3200 series for yocto project bsp mr4.1",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "intel",
            "version": null
          },
          {
            "model": "active management technology",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "intel",
            "version": "2.6"
          },
          {
            "model": "android",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "7.1.0"
          },
          {
            "model": "contact fl wlan",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "phoenix",
            "version": "110x0"
          },
          {
            "model": "windows for 32-bit systems",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "microsoft",
            "version": "100"
          },
          {
            "model": "s3 med-surg bed",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "stryker",
            "version": "3002"
          },
          {
            "model": "arubaos",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "arubanetworks",
            "version": "6.4.2.4"
          },
          {
            "model": "tvos",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "11.1"
          },
          {
            "model": "contact fl comserver wlan",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "phoenix",
            "version": "232/422/4850"
          },
          {
            "model": "airport base station",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "7.6.8"
          },
          {
            "model": "enterprise linux server update services for sap solutions",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "redhat",
            "version": "-7."
          },
          {
            "model": "active management technology",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "intel",
            "version": "7.1.91.3272"
          },
          {
            "model": "instantos",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "arubanetworks",
            "version": "4.2.4.9"
          },
          {
            "model": "contact fl wlan ap",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "phoenix",
            "version": "230802-110"
          },
          {
            "model": "android",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "6.1"
          },
          {
            "model": "enterprise linux for power little endian extended update supp",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "redhat",
            "version": "-7.6"
          },
          {
            "model": "meraki mr14",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "0"
          },
          {
            "model": "enterprise linux eus compute node",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "redhat",
            "version": "7.5"
          },
          {
            "model": "aironet series access points",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "18150"
          },
          {
            "model": "wireless client bridge 2.0.0.1-aruba501-b00",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "arubanetworks",
            "version": "501"
          },
          {
            "model": "enterprise linux server extended update support",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "redhat",
            "version": "-7.4"
          },
          {
            "model": "enterprise linux server tus",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "redhat",
            "version": "-7.6"
          },
          {
            "model": "dual band wireless-ac",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "intel",
            "version": "726018.33.9.2"
          },
          {
            "model": "airport express",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "0"
          },
          {
            "model": "meraki mr16",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "0"
          },
          {
            "model": "clarity engine",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "arubanetworks",
            "version": "1.0"
          },
          {
            "model": "meraki mr30h",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "0"
          },
          {
            "model": "airport extreme",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "0"
          },
          {
            "model": "windows server r2",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "microsoft",
            "version": "20120"
          },
          {
            "model": "dual band wireless-ac",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "intel",
            "version": "826520.0.2.3"
          },
          {
            "model": "android",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "8.0"
          },
          {
            "model": "contact bl2 bpc",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "phoenix",
            "version": "0"
          },
          {
            "model": "tvos",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "10.0.1"
          },
          {
            "model": "enterprise linux for ibm z systems",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "redhat",
            "version": "7"
          },
          {
            "model": "watch",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "0"
          },
          {
            "model": "meraki mr32",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "0"
          },
          {
            "model": "wpa supplicant",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "w1 f1",
            "version": "2.4"
          },
          {
            "model": "active management technology",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "intel",
            "version": "4.0"
          },
          {
            "model": "ruggedcom rx1400",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "siemens",
            "version": "0"
          },
          {
            "model": "cn70a-atex",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "pepperl fuchs",
            "version": "0"
          },
          {
            "model": "windows version for 32-bit systems",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "microsoft",
            "version": "1015110"
          },
          {
            "model": "arubaos",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "arubanetworks",
            "version": "6.5.3"
          },
          {
            "model": "pyxis parx handheld",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "bd",
            "version": "0"
          },
          {
            "model": "dual band wireless-ac",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "intel",
            "version": "726519.10"
          },
          {
            "model": "active management technology",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "intel",
            "version": "9.1.40.100"
          },
          {
            "model": "tvos",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "10.1.1"
          },
          {
            "model": "instantos",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "arubanetworks",
            "version": "6.5.3"
          },
          {
            "model": "windows rt",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "microsoft",
            "version": "8.1"
          },
          {
            "model": "meraki mr42",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "0"
          },
          {
            "model": "instantos",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "arubanetworks",
            "version": "4.3.1.6"
          },
          {
            "model": "airport base station",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "7.7.3"
          },
          {
            "model": "wap561 wireless-n dual radio selectable band access point",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "0"
          },
          {
            "model": "active management technology",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "intel",
            "version": "11.0.26.3000"
          },
          {
            "model": "instantos",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "arubanetworks",
            "version": "6.5.4.2"
          },
          {
            "model": "active management technology",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "intel",
            "version": "11.6"
          },
          {
            "model": "tvos",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "apple",
            "version": "11.2"
          },
          {
            "model": "active management technology",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "intel",
            "version": "6.0"
          },
          {
            "model": "windows server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "microsoft",
            "version": "2016"
          },
          {
            "model": "contact rad-whg/wlan-xd",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "phoenix",
            "version": "0"
          },
          {
            "model": "dual band wireless-ac",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "intel",
            "version": "726018.33.9.3"
          },
          {
            "model": "wi-fi update for boot camp",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "apple",
            "version": "6.4.0"
          },
          {
            "model": "suremark printer 2nr",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "toshiba",
            "version": "4610"
          },
          {
            "model": "android",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "7.1.1"
          },
          {
            "model": "arubaos",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "arubanetworks",
            "version": "6.5.4.2"
          },
          {
            "model": "enterprise linux for power little endian extended update supp",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "redhat",
            "version": "-7.5"
          },
          {
            "model": "enterprise linux for power little endian",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "redhat",
            "version": "7"
          },
          {
            "model": "dual band wireless-ac",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "intel",
            "version": "826520.0.0.0"
          },
          {
            "model": "tvos",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "10.2.1"
          },
          {
            "model": "arubaos",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "arubanetworks",
            "version": "6.3.1.8"
          },
          {
            "model": "windows server for x64-based systems sp2",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "microsoft",
            "version": "2008"
          },
          {
            "model": "pyxis supply roller",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "bd",
            "version": "0"
          },
          {
            "model": "airport base station",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "7.6.3"
          },
          {
            "model": "ios",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "10.3"
          },
          {
            "model": "telepresence collaboration endpoint",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "0"
          },
          {
            "model": "active management technology",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "intel",
            "version": "6.2.61.3535"
          },
          {
            "model": "contact vmt",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "phoenix",
            "version": "70xx0"
          },
          {
            "model": "imac",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "0"
          },
          {
            "model": "meraki mr72",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "0"
          },
          {
            "model": "watchos",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "4"
          },
          {
            "model": "enterprise linux for power little endian extended update supp",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "redhat",
            "version": "-7.4"
          },
          {
            "model": "active management technology",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "intel",
            "version": "11.0.25.3001"
          },
          {
            "model": "arubaos",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "arubanetworks",
            "version": "8.1.0.4"
          },
          {
            "model": "active management technology",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "intel",
            "version": "9.1"
          },
          {
            "model": "enterprise linux server tus",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "redhat",
            "version": "-7.4"
          },
          {
            "model": "active management technology",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "intel",
            "version": "6.2"
          },
          {
            "model": "meraki mr53",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "0"
          },
          {
            "model": "tvos",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "10.1"
          },
          {
            "model": "wap551 wireless-n single radio selectable band access point",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "0"
          },
          {
            "model": "instantos",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "arubanetworks",
            "version": "4.2"
          },
          {
            "model": "instantos",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "arubanetworks",
            "version": "6.5.3.2"
          },
          {
            "model": "dual band wireless-ac",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "intel",
            "version": "316519.10"
          },
          {
            "model": "dual band wireless-ac",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "intel",
            "version": "826020.0.0.0"
          },
          {
            "model": "wap121 wireless-n access point with single point setup",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "0"
          },
          {
            "model": "active management technology",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "intel",
            "version": "2.5"
          },
          {
            "model": "active management technology",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "intel",
            "version": "11.6.0.1000"
          },
          {
            "model": "wireless client bridge 1.0.1.3-hp501-b0012",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "arubanetworks",
            "version": "501"
          },
          {
            "model": "i.roc ci70-ex",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "pepperl fuchs",
            "version": "0"
          },
          {
            "model": "arubaos",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "arubanetworks",
            "version": "6.5.0.0"
          },
          {
            "model": "dual band wireless-ac",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "intel",
            "version": "826020.0.2.2"
          },
          {
            "model": "active management technology",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "intel",
            "version": "7.1"
          },
          {
            "model": "cn70e-atex",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "pepperl fuchs",
            "version": "0"
          },
          {
            "model": "dual band wireless-ac",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "intel",
            "version": "726018.0.0.0"
          },
          {
            "model": "meraki mr24",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "0"
          },
          {
            "model": "suremark printer 1nr",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "toshiba",
            "version": "4610"
          },
          {
            "model": "enterprise linux for ibm z systems extended update support",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "redhat",
            "version": "-7.6"
          },
          {
            "model": "contact vmt",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "phoenix",
            "version": "50xx0"
          },
          {
            "model": "meraki mr74",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "0"
          },
          {
            "model": "ex-handy",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "pepperl fuchs",
            "version": "090"
          },
          {
            "model": "arubaos",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "arubanetworks",
            "version": "6.4.4.15"
          },
          {
            "model": "dual band wireless-ac",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "intel",
            "version": "316519.51.7.1"
          },
          {
            "model": "dual band wireless-ac",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "intel",
            "version": "726519.51.7.20"
          },
          {
            "model": "anyconnect secure mobility client",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "0"
          },
          {
            "model": "dual band wireless-ac",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "intel",
            "version": "726519.51.7.1"
          },
          {
            "model": "systems esp32",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "espressif",
            "version": "0"
          },
          {
            "model": "watchos",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "4.1"
          },
          {
            "model": "enterprise linux server extended update support",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "redhat",
            "version": "-7.5"
          },
          {
            "model": "micros handheld terminal 2.03.0.0.021r",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "oracle",
            "version": null
          },
          {
            "model": "aironet series access points",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "38000"
          },
          {
            "model": "pyxis parx",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "bd",
            "version": "0"
          },
          {
            "model": "dx70",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "0"
          },
          {
            "model": "arubaos",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "arubanetworks",
            "version": "6.5.1.9"
          },
          {
            "model": "enterprise linux server update services for sap solutions",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "redhat",
            "version": "-7.6"
          },
          {
            "model": "intouch critical care bed",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "stryker",
            "version": "2141"
          },
          {
            "model": "pyxis anesthesia es",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "bd",
            "version": "0"
          },
          {
            "model": "aironet series officeextend access points",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "18100"
          },
          {
            "model": "windows for x64-based systems",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "microsoft",
            "version": "8.10"
          },
          {
            "model": "dual band wireless-ac",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "intel",
            "version": "316819.10.9.1"
          },
          {
            "model": "active management technology",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "intel",
            "version": "10.0.55.3000"
          },
          {
            "model": "windows for 32-bit systems",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "microsoft",
            "version": "8.10"
          },
          {
            "model": "android",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "6.0"
          },
          {
            "model": "meraki mr66",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "0"
          },
          {
            "model": "dual band wireless-ac",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "intel",
            "version": "316519.10.9.1"
          },
          {
            "model": "airport base station",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "7.6"
          },
          {
            "model": "intouch critical care bed",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "stryker",
            "version": "2131"
          },
          {
            "model": "android",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "7.1.2"
          },
          {
            "model": "aironet series access points",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "18300"
          },
          {
            "model": "enterprise linux server aus",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "redhat",
            "version": "-7.6"
          },
          {
            "model": "enterprise linux for power big endian extended update support",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "redhat",
            "version": "-7.6"
          },
          {
            "model": "active management technology",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "intel",
            "version": "10.0.0.50.1004"
          },
          {
            "model": "arubaos",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "arubanetworks",
            "version": "6.4.1.0"
          },
          {
            "model": "wap321 wireless-n access point with single point setup",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "0"
          },
          {
            "model": "simatic iwlan-pb/link",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "siemens",
            "version": "0"
          },
          {
            "model": "aironet 1810w series access points",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "0"
          },
          {
            "model": "meraki mr52",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "0"
          },
          {
            "model": "enterprise linux for ibm z systems extended update support",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "redhat",
            "version": "-7.5"
          },
          {
            "model": "meraki mr12",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "0"
          },
          {
            "model": "airmesh msr",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "arubanetworks",
            "version": "0"
          },
          {
            "model": "dual band wireless-ac",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "intel",
            "version": "316519.51.7.20"
          },
          {
            "model": "watchos",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "apple",
            "version": "4.2"
          },
          {
            "model": "contact fl wlan ec",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "phoenix",
            "version": "24802-110"
          },
          {
            "model": "instantos",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "arubanetworks",
            "version": "4.2.4.8"
          },
          {
            "model": "systems esp8266",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "espressif",
            "version": "0"
          },
          {
            "model": "tv",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "0"
          },
          {
            "model": "pad-ex",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "pepperl fuchs",
            "version": "010"
          },
          {
            "model": "active management technology",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "intel",
            "version": "11.0.0.1205"
          },
          {
            "model": "ip phone",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "88610"
          },
          {
            "model": "clarity engine",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "arubanetworks",
            "version": "1.0.0.1"
          },
          {
            "model": "aironet series access points",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "15600"
          },
          {
            "model": "windows for 32-bit systems sp1",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "microsoft",
            "version": "7"
          },
          {
            "model": "instantos",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "arubanetworks",
            "version": "4.3.1.5"
          },
          {
            "model": "airport base station",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "7.6.2"
          },
          {
            "model": "active management technology",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "intel",
            "version": "8.1"
          },
          {
            "model": "active management technology",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "intel",
            "version": "11.8"
          },
          {
            "model": "windows for x64-based systems sp1",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "microsoft",
            "version": "7"
          },
          {
            "model": "enterprise linux for ibm z systems extended update support",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "redhat",
            "version": "-7.4"
          },
          {
            "model": "meraki mr58",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "0"
          },
          {
            "model": "windows version for 32-bit systems",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "microsoft",
            "version": "1016070"
          },
          {
            "model": "dual band wireless-ac",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "intel",
            "version": "316519.10.9.2"
          },
          {
            "model": "pyxis parassist system",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "bd",
            "version": "0"
          },
          {
            "model": "windows server for 32-bit systems sp2",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "microsoft",
            "version": "2008"
          },
          {
            "model": "instantos",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "arubanetworks",
            "version": "4.3"
          },
          {
            "model": "android",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "7.0"
          },
          {
            "model": "simatic mobile panel 277 iwlan",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "siemens",
            "version": "0"
          },
          {
            "model": "pyxis medstation t2",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "bd",
            "version": "40000"
          },
          {
            "model": "dual band wireless-ac",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "intel",
            "version": "826020.0.2.3"
          },
          {
            "model": "android",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "6.0.1"
          },
          {
            "model": "airport base station",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "7.6.1"
          },
          {
            "model": "dual band wireless-ac",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "intel",
            "version": "316519.51.0.0"
          },
          {
            "model": "wi-fi update for boot camp",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "0"
          },
          {
            "model": "enterprise linux server update services for sap solutions",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "redhat",
            "version": "-7.4"
          },
          {
            "model": "ipad",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "0"
          },
          {
            "model": "contact vmt",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "phoenix",
            "version": "30xx0"
          },
          {
            "model": "enterprise linux for power big endian",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "redhat",
            "version": "7"
          },
          {
            "model": "wpa supplicant",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "w1 f1",
            "version": "2.6"
          },
          {
            "model": "wireless client bridge",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "arubanetworks",
            "version": "5010"
          },
          {
            "model": "ios",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "10.0.1"
          },
          {
            "model": "active management technology",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "intel",
            "version": "11.5"
          },
          {
            "model": "meraki mr11",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "0"
          },
          {
            "model": "ios",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "10.3.3"
          },
          {
            "model": "pyxis anesthesia system",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "bd",
            "version": "40000"
          },
          {
            "model": "tvos",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "10.2.2"
          },
          {
            "model": "pyxis anesthesia system",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "bd",
            "version": "35000"
          },
          {
            "model": "automation stratix 15.3 jc1",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "rockwell",
            "version": "5100"
          },
          {
            "model": "enterprise linux server aus",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "redhat",
            "version": "-7.4"
          },
          {
            "model": "pyxis ciisafe workstation",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "bd",
            "version": "??0"
          },
          {
            "model": "enterprise linux for power big endian extended update support",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "redhat",
            "version": "-7.4"
          },
          {
            "model": "airport base station",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "7.6.7"
          },
          {
            "model": "dual band wireless-ac",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "intel",
            "version": "316819.51.0.0"
          },
          {
            "model": "ipad air",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "0"
          },
          {
            "model": "active management technology",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "intel",
            "version": "7.0"
          },
          {
            "model": "arubaos",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "arubanetworks",
            "version": "6.5.4.1"
          },
          {
            "model": "enterprise linux eus compute node",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "redhat",
            "version": "7.6"
          },
          {
            "model": "enterprise linux for scientific computing",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "redhat",
            "version": "7"
          },
          {
            "model": "active management technology",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "intel",
            "version": "8.1.71.3608"
          },
          {
            "model": "active management technology",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "intel",
            "version": "9.1.41.3024"
          },
          {
            "model": "arubaos",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "arubanetworks",
            "version": "6.4.2.1"
          },
          {
            "model": "enterprise linux eus compute node",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "redhat",
            "version": "7.4"
          },
          {
            "model": "dx80",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "0"
          },
          {
            "model": "active management technology",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "intel",
            "version": "9.0"
          },
          {
            "model": "contact bl2 ppc",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "phoenix",
            "version": "0"
          },
          {
            "model": "contact tpc",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "phoenix",
            "version": "60130"
          },
          {
            "model": "ipod touch",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "0"
          },
          {
            "model": "arubaos",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "arubanetworks",
            "version": "6.5.1"
          },
          {
            "model": "ck70a-atex",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "pepperl fuchs",
            "version": "0"
          },
          {
            "model": "ios",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "10.2.1"
          },
          {
            "model": "ios",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "10.3.1"
          },
          {
            "model": "dual band wireless-ac",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "intel",
            "version": "316819.51.7.20"
          },
          {
            "model": "macbook pro",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "0"
          },
          {
            "model": "dual band wireless-ac",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "intel",
            "version": "316819.10"
          },
          {
            "model": "windows for x64-based systems",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "microsoft",
            "version": "100"
          },
          {
            "model": "airport base station",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "7.7.8"
          },
          {
            "model": "active management technology",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "intel",
            "version": "9.5"
          },
          {
            "model": "ios",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "10.1"
          },
          {
            "model": "ios",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "10.2"
          },
          {
            "model": "airport base station",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "7.6.4"
          },
          {
            "model": "smart-ex",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "pepperl fuchs",
            "version": "010"
          },
          {
            "model": "dual band wireless-ac",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "intel",
            "version": "826520.0.2.2"
          },
          {
            "model": "dual band wireless-ac",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "intel",
            "version": "316018.33.9.3"
          },
          {
            "model": "tab-ex",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "pepperl fuchs",
            "version": "010"
          },
          {
            "model": "arubaos",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "arubanetworks",
            "version": "6.5.3.3"
          },
          {
            "model": "iphone",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "0"
          },
          {
            "model": "macmini",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "0"
          },
          {
            "model": "arubaos",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "arubanetworks",
            "version": "6.4.4.16"
          },
          {
            "model": "contact fl wlan epa",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "phoenix",
            "version": "0"
          },
          {
            "model": "airport time capsule",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "0"
          },
          {
            "model": "alliance wpa2 (wi-fi protected access",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "wi fi",
            "version": "2)0"
          },
          {
            "model": "airport base station",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "apple",
            "version": "7.7.9"
          },
          {
            "model": "scalance wlc711",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "siemens",
            "version": "0"
          },
          {
            "model": "ruggedcom rs9xxw",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "siemens",
            "version": "0"
          },
          {
            "model": "arubaos",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "arubanetworks",
            "version": "6.3.1.15"
          },
          {
            "model": "networks unifi access point",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ubiquiti",
            "version": "0"
          },
          {
            "model": "suremark printer 2cr",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "toshiba",
            "version": "4610"
          },
          {
            "model": "ip phone",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "88650"
          },
          {
            "model": "arubaos",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "arubanetworks",
            "version": "6.5.4"
          },
          {
            "model": "airport base station",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "7.7.7"
          },
          {
            "model": "instantos",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "arubanetworks",
            "version": "6.5.4"
          },
          {
            "model": "asa 5506w-x w/ firepower services",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "0"
          },
          {
            "model": "windows version for x64-based systems",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "microsoft",
            "version": "1016070"
          },
          {
            "model": "airport base station",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "apple",
            "version": "7.6.9"
          },
          {
            "model": "s3 med-surg bed",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "stryker",
            "version": "3005"
          },
          {
            "model": "dual band wireless-ac",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "intel",
            "version": "316018.0.0.0"
          },
          {
            "model": "smart-ex",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "pepperl fuchs",
            "version": "2010"
          },
          {
            "model": "windows version for x64-based systems",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "microsoft",
            "version": "1017030"
          },
          {
            "model": "ios",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "11.1"
          },
          {
            "model": null,
            "scope": "eq",
            "trust": 0.2,
            "vendor": "ubuntu linux",
            "version": "14.04"
          },
          {
            "model": null,
            "scope": "eq",
            "trust": 0.2,
            "vendor": "ubuntu linux",
            "version": "16.04"
          },
          {
            "model": null,
            "scope": "eq",
            "trust": 0.2,
            "vendor": "ubuntu linux",
            "version": "17.04"
          },
          {
            "model": null,
            "scope": "eq",
            "trust": 0.2,
            "vendor": "debian linux",
            "version": "8.0"
          },
          {
            "model": null,
            "scope": "eq",
            "trust": 0.2,
            "vendor": "debian linux",
            "version": "9.0"
          },
          {
            "model": null,
            "scope": "eq",
            "trust": 0.2,
            "vendor": "freebsd",
            "version": "*"
          },
          {
            "model": null,
            "scope": "eq",
            "trust": 0.2,
            "vendor": "freebsd",
            "version": "10"
          },
          {
            "model": null,
            "scope": "eq",
            "trust": 0.2,
            "vendor": "freebsd",
            "version": "10.4"
          },
          {
            "model": null,
            "scope": "eq",
            "trust": 0.2,
            "vendor": "freebsd",
            "version": "11"
          },
          {
            "model": null,
            "scope": "eq",
            "trust": 0.2,
            "vendor": "freebsd",
            "version": "11.1"
          },
          {
            "model": null,
            "scope": "eq",
            "trust": 0.2,
            "vendor": "leap",
            "version": "42.2"
          },
          {
            "model": null,
            "scope": "eq",
            "trust": 0.2,
            "vendor": "leap",
            "version": "42.3"
          },
          {
            "model": null,
            "scope": "eq",
            "trust": 0.2,
            "vendor": "linux desktop",
            "version": "7"
          },
          {
            "model": null,
            "scope": "eq",
            "trust": 0.2,
            "vendor": "linux server",
            "version": "7"
          },
          {
            "model": null,
            "scope": "eq",
            "trust": 0.2,
            "vendor": "hostapd",
            "version": "0.2.4"
          },
          {
            "model": null,
            "scope": "eq",
            "trust": 0.2,
            "vendor": "hostapd",
            "version": "0.2.5"
          },
          {
            "model": null,
            "scope": "eq",
            "trust": 0.2,
            "vendor": "hostapd",
            "version": "0.2.6"
          },
          {
            "model": null,
            "scope": "eq",
            "trust": 0.2,
            "vendor": "hostapd",
            "version": "0.2.8"
          },
          {
            "model": null,
            "scope": "eq",
            "trust": 0.2,
            "vendor": "hostapd",
            "version": "0.3.7"
          },
          {
            "model": null,
            "scope": "eq",
            "trust": 0.2,
            "vendor": "hostapd",
            "version": "0.3.9"
          },
          {
            "model": null,
            "scope": "eq",
            "trust": 0.2,
            "vendor": "hostapd",
            "version": "0.3.10"
          },
          {
            "model": null,
            "scope": "eq",
            "trust": 0.2,
            "vendor": "hostapd",
            "version": "0.3.11"
          },
          {
            "model": null,
            "scope": "eq",
            "trust": 0.2,
            "vendor": "hostapd",
            "version": "0.4.7"
          },
          {
            "model": null,
            "scope": "eq",
            "trust": 0.2,
            "vendor": "hostapd",
            "version": "0.4.8"
          },
          {
            "model": null,
            "scope": "eq",
            "trust": 0.2,
            "vendor": "hostapd",
            "version": "0.4.9"
          },
          {
            "model": null,
            "scope": "eq",
            "trust": 0.2,
            "vendor": "hostapd",
            "version": "0.4.10"
          },
          {
            "model": null,
            "scope": "eq",
            "trust": 0.2,
            "vendor": "hostapd",
            "version": "0.4.11"
          },
          {
            "model": null,
            "scope": "eq",
            "trust": 0.2,
            "vendor": "hostapd",
            "version": "0.5.7"
          },
          {
            "model": null,
            "scope": "eq",
            "trust": 0.2,
            "vendor": "hostapd",
            "version": "0.5.8"
          },
          {
            "model": null,
            "scope": "eq",
            "trust": 0.2,
            "vendor": "hostapd",
            "version": "0.5.9"
          },
          {
            "model": null,
            "scope": "eq",
            "trust": 0.2,
            "vendor": "hostapd",
            "version": "0.5.10"
          },
          {
            "model": null,
            "scope": "eq",
            "trust": 0.2,
            "vendor": "hostapd",
            "version": "0.5.11"
          },
          {
            "model": null,
            "scope": "eq",
            "trust": 0.2,
            "vendor": "hostapd",
            "version": "0.6.8"
          },
          {
            "model": null,
            "scope": "eq",
            "trust": 0.2,
            "vendor": "hostapd",
            "version": "0.6.9"
          },
          {
            "model": null,
            "scope": "eq",
            "trust": 0.2,
            "vendor": "hostapd",
            "version": "0.6.10"
          },
          {
            "model": null,
            "scope": "eq",
            "trust": 0.2,
            "vendor": "hostapd",
            "version": "0.7.3"
          },
          {
            "model": null,
            "scope": "eq",
            "trust": 0.2,
            "vendor": "hostapd",
            "version": "1.0"
          },
          {
            "model": null,
            "scope": "eq",
            "trust": 0.2,
            "vendor": "hostapd",
            "version": "1.1"
          },
          {
            "model": null,
            "scope": "eq",
            "trust": 0.2,
            "vendor": "hostapd",
            "version": "2.0"
          },
          {
            "model": null,
            "scope": "eq",
            "trust": 0.2,
            "vendor": "hostapd",
            "version": "2.1"
          },
          {
            "model": null,
            "scope": "eq",
            "trust": 0.2,
            "vendor": "hostapd",
            "version": "2.2"
          },
          {
            "model": null,
            "scope": "eq",
            "trust": 0.2,
            "vendor": "hostapd",
            "version": "2.3"
          },
          {
            "model": null,
            "scope": "eq",
            "trust": 0.2,
            "vendor": "hostapd",
            "version": "2.4"
          },
          {
            "model": null,
            "scope": "eq",
            "trust": 0.2,
            "vendor": "hostapd",
            "version": "2.5"
          },
          {
            "model": null,
            "scope": "eq",
            "trust": 0.2,
            "vendor": "hostapd",
            "version": "2.6"
          },
          {
            "model": null,
            "scope": "eq",
            "trust": 0.2,
            "vendor": "wpa supplicant",
            "version": "0.2.4"
          },
          {
            "model": null,
            "scope": "eq",
            "trust": 0.2,
            "vendor": "wpa supplicant",
            "version": "0.2.5"
          },
          {
            "model": null,
            "scope": "eq",
            "trust": 0.2,
            "vendor": "wpa supplicant",
            "version": "0.2.6"
          },
          {
            "model": null,
            "scope": "eq",
            "trust": 0.2,
            "vendor": "wpa supplicant",
            "version": "0.2.7"
          },
          {
            "model": null,
            "scope": "eq",
            "trust": 0.2,
            "vendor": "wpa supplicant",
            "version": "0.2.8"
          },
          {
            "model": null,
            "scope": "eq",
            "trust": 0.2,
            "vendor": "wpa supplicant",
            "version": "0.3.7"
          },
          {
            "model": null,
            "scope": "eq",
            "trust": 0.2,
            "vendor": "wpa supplicant",
            "version": "0.3.8"
          },
          {
            "model": null,
            "scope": "eq",
            "trust": 0.2,
            "vendor": "wpa supplicant",
            "version": "0.3.9"
          },
          {
            "model": null,
            "scope": "eq",
            "trust": 0.2,
            "vendor": "wpa supplicant",
            "version": "0.3.10"
          },
          {
            "model": null,
            "scope": "eq",
            "trust": 0.2,
            "vendor": "wpa supplicant",
            "version": "0.3.11"
          },
          {
            "model": null,
            "scope": "eq",
            "trust": 0.2,
            "vendor": "wpa supplicant",
            "version": "0.4.7"
          },
          {
            "model": null,
            "scope": "eq",
            "trust": 0.2,
            "vendor": "wpa supplicant",
            "version": "0.4.8"
          },
          {
            "model": null,
            "scope": "eq",
            "trust": 0.2,
            "vendor": "wpa supplicant",
            "version": "0.4.9"
          },
          {
            "model": null,
            "scope": "eq",
            "trust": 0.2,
            "vendor": "wpa supplicant",
            "version": "0.4.10"
          },
          {
            "model": null,
            "scope": "eq",
            "trust": 0.2,
            "vendor": "wpa supplicant",
            "version": "0.4.11"
          },
          {
            "model": null,
            "scope": "eq",
            "trust": 0.2,
            "vendor": "wpa supplicant",
            "version": "0.5.7"
          },
          {
            "model": null,
            "scope": "eq",
            "trust": 0.2,
            "vendor": "wpa supplicant",
            "version": "0.5.8"
          },
          {
            "model": null,
            "scope": "eq",
            "trust": 0.2,
            "vendor": "wpa supplicant",
            "version": "0.5.9"
          },
          {
            "model": null,
            "scope": "eq",
            "trust": 0.2,
            "vendor": "wpa supplicant",
            "version": "0.5.10"
          },
          {
            "model": null,
            "scope": "eq",
            "trust": 0.2,
            "vendor": "wpa supplicant",
            "version": "0.5.11"
          },
          {
            "model": null,
            "scope": "eq",
            "trust": 0.2,
            "vendor": "wpa supplicant",
            "version": "0.6.8"
          },
          {
            "model": null,
            "scope": "eq",
            "trust": 0.2,
            "vendor": "wpa supplicant",
            "version": "0.6.9"
          },
          {
            "model": null,
            "scope": "eq",
            "trust": 0.2,
            "vendor": "wpa supplicant",
            "version": "0.6.10"
          },
          {
            "model": null,
            "scope": "eq",
            "trust": 0.2,
            "vendor": "wpa supplicant",
            "version": "0.7.3"
          },
          {
            "model": null,
            "scope": "eq",
            "trust": 0.2,
            "vendor": "wpa supplicant",
            "version": "1.0"
          },
          {
            "model": null,
            "scope": "eq",
            "trust": 0.2,
            "vendor": "wpa supplicant",
            "version": "1.1"
          },
          {
            "model": null,
            "scope": "eq",
            "trust": 0.2,
            "vendor": "wpa supplicant",
            "version": "2.0"
          },
          {
            "model": null,
            "scope": "eq",
            "trust": 0.2,
            "vendor": "wpa supplicant",
            "version": "2.1"
          },
          {
            "model": null,
            "scope": "eq",
            "trust": 0.2,
            "vendor": "wpa supplicant",
            "version": "2.2"
          },
          {
            "model": null,
            "scope": "eq",
            "trust": 0.2,
            "vendor": "wpa supplicant",
            "version": "2.3"
          },
          {
            "model": null,
            "scope": "eq",
            "trust": 0.2,
            "vendor": "wpa supplicant",
            "version": "2.4"
          },
          {
            "model": null,
            "scope": "eq",
            "trust": 0.2,
            "vendor": "wpa supplicant",
            "version": "2.5"
          },
          {
            "model": null,
            "scope": "eq",
            "trust": 0.2,
            "vendor": "wpa supplicant",
            "version": "2.6"
          },
          {
            "model": null,
            "scope": "eq",
            "trust": 0.2,
            "vendor": "linux point of sale",
            "version": "11"
          },
          {
            "model": null,
            "scope": "eq",
            "trust": 0.2,
            "vendor": "linux server",
            "version": "12"
          },
          {
            "model": null,
            "scope": "eq",
            "trust": 0.2,
            "vendor": "openstack cloud",
            "version": "6"
          }
        ],
        "sources": [
          {
            "db": "IVD",
            "id": "3ba265af-e434-4086-b786-5c33d3edb3dc"
          },
          {
            "db": "CERT/CC",
            "id": "VU#228519"
          },
          {
            "db": "CNVD",
            "id": "CNVD-2017-30404"
          },
          {
            "db": "BID",
            "id": "101274"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2017-009172"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201710-382"
          },
          {
            "db": "NVD",
            "id": "CVE-2017-13079"
          }
        ]
      },
      "configurations": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/configurations#",
          "children": {
            "@container": "@list"
          },
          "cpe_match": {
            "@container": "@list"
          },
          "data": {
            "@container": "@list"
          },
          "nodes": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "CVE_data_version": "4.0",
            "nodes": [
              {
                "cpe_match": [
                  {
                    "cpe22Uri": "cpe:/o:canonical:ubuntu",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:debian:debian_linux",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:freebsd:freebsd",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:opensuse_project:leap",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:suse:linux_enterprise_desktop",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:suse:suse_linux_enterprise_point_of_sale",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:suse:linux_enterprise_server",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/a:suse:openstack_cloud",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/a:w1.fi:hostapd",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/a:w1.fi:wpa_supplicant",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:redhat:enterprise_linux_desktop",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:redhat:enterprise_linux_server",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:nec:nec_edge_gateway",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/a:fujitsu:sr-m20ac1",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/a:fujitsu:sr-m20ac2",
                    "vulnerable": true
                  }
                ],
                "operator": "OR"
              }
            ]
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2017-009172"
          }
        ]
      },
      "credits": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/credits#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "Mathy Vanhoef from imec-DistriNet and KU Leuven.",
        "sources": [
          {
            "db": "BID",
            "id": "101274"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201710-382"
          }
        ],
        "trust": 0.9
      },
      "cve": "CVE-2017-13079",
      "cvss": {
        "@context": {
          "cvssV2": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
          },
          "cvssV3": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
          },
          "severity": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/cvss/severity#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/severity"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            },
            "@id": "https://www.variotdbs.pl/ref/sources"
          }
        },
        "data": [
          {
            "cvssV2": [
              {
                "accessComplexity": "MEDIUM",
                "accessVector": "ADJACENT_NETWORK",
                "authentication": "NONE",
                "author": "nvd@nist.gov",
                "availabilityImpact": "NONE",
                "baseScore": 2.9,
                "confidentialityImpact": "NONE",
                "exploitabilityScore": 5.5,
                "id": "CVE-2017-13079",
                "impactScore": 2.9,
                "integrityImpact": "PARTIAL",
                "severity": "LOW",
                "trust": 1.9,
                "vectorString": "AV:A/AC:M/Au:N/C:N/I:P/A:N",
                "version": "2.0"
              },
              {
                "accessComplexity": "MEDIUM",
                "accessVector": "ADJACENT_NETWORK",
                "authentication": "NONE",
                "author": "CNVD",
                "availabilityImpact": "PARTIAL",
                "baseScore": 5.4,
                "confidentialityImpact": "PARTIAL",
                "exploitabilityScore": 5.5,
                "id": "CNVD-2017-30404",
                "impactScore": 6.4,
                "integrityImpact": "PARTIAL",
                "severity": "MEDIUM",
                "trust": 0.6,
                "vectorString": "AV:A/AC:M/Au:N/C:P/I:P/A:P",
                "version": "2.0"
              },
              {
                "accessComplexity": "MEDIUM",
                "accessVector": "ADJACENT_NETWORK",
                "authentication": "NONE",
                "author": "IVD",
                "availabilityImpact": "PARTIAL",
                "baseScore": 5.4,
                "confidentialityImpact": "PARTIAL",
                "exploitabilityScore": 5.5,
                "id": "3ba265af-e434-4086-b786-5c33d3edb3dc",
                "impactScore": 6.4,
                "integrityImpact": "PARTIAL",
                "severity": "MEDIUM",
                "trust": 0.2,
                "vectorString": "AV:A/AC:M/Au:N/C:P/I:P/A:P",
                "version": "2.9 [IVD]"
              }
            ],
            "cvssV3": [
              {
                "attackComplexity": "HIGH",
                "attackVector": "ADJACENT",
                "author": "nvd@nist.gov",
                "availabilityImpact": "NONE",
                "baseScore": 5.3,
                "baseSeverity": "MEDIUM",
                "confidentialityImpact": "NONE",
                "exploitabilityScore": 1.6,
                "id": "CVE-2017-13079",
                "impactScore": 3.6,
                "integrityImpact": "HIGH",
                "privilegesRequired": "NONE",
                "scope": "UNCHANGED",
                "trust": 1.8,
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.0/AV:A/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N",
                "version": "3.0"
              }
            ],
            "severity": [
              {
                "author": "nvd@nist.gov",
                "id": "CVE-2017-13079",
                "trust": 1.0,
                "value": "MEDIUM"
              },
              {
                "author": "NVD",
                "id": "CVE-2017-13079",
                "trust": 0.8,
                "value": "Medium"
              },
              {
                "author": "CNVD",
                "id": "CNVD-2017-30404",
                "trust": 0.6,
                "value": "MEDIUM"
              },
              {
                "author": "CNNVD",
                "id": "CNNVD-201710-382",
                "trust": 0.6,
                "value": "MEDIUM"
              },
              {
                "author": "IVD",
                "id": "3ba265af-e434-4086-b786-5c33d3edb3dc",
                "trust": 0.2,
                "value": "MEDIUM"
              },
              {
                "author": "VULMON",
                "id": "CVE-2017-13079",
                "trust": 0.1,
                "value": "LOW"
              }
            ]
          }
        ],
        "sources": [
          {
            "db": "IVD",
            "id": "3ba265af-e434-4086-b786-5c33d3edb3dc"
          },
          {
            "db": "CNVD",
            "id": "CNVD-2017-30404"
          },
          {
            "db": "VULMON",
            "id": "CVE-2017-13079"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2017-009172"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201710-382"
          },
          {
            "db": "NVD",
            "id": "CVE-2017-13079"
          }
        ]
      },
      "description": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/description#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "Wi-Fi Protected Access (WPA and WPA2) that supports IEEE 802.11w allows reinstallation of the Integrity Group Temporal Key (IGTK) during the four-way handshake, allowing an attacker within radio range to spoof frames from access points to clients. An attacker within range of an affected AP and client may leverage these vulnerabilities to conduct attacks that are dependent on the data confidentiality protocols being used. Attacks may include arbitrary packet decryption and injection, TCP connection hijacking, HTTP content injection, or the replay of unicast and group-addressed frames. These vulnerabilities are referred to as Key Reinstallation Attacks or \"KRACK\" attacks. WPA (Wi-Fi Protected Access) is a system that protects wireless computer networks (Wi-Fi). There is an IGTK group key reloading vulnerability in the fourth handshake of the WPA2 wireless network. WPA2  is prone to multiple security weaknesses. \nExploiting these issues may allow an unauthorized user to intercept and manipulate data or disclose sensitive information. Those vulnerabilities applies to both the access point\n(implemented in hostapd) and the station (implemented in wpa_supplicant). \n\nAn attacker exploiting the vulnerabilities could force the vulnerable system to\nreuse cryptographic session keys, enabling a range of cryptographic attacks\nagainst the ciphers used in WPA1 and WPA2. \n\nFor the stable distribution (stretch), these problems have been fixed in\nversion 2:2.4-1+deb9u1. \n\nFor the testing distribution (buster), these problems have been fixed\nin version 2:2.4-1.1. \n\nFor the unstable distribution (sid), these problems have been fixed in\nversion 2:2.4-1.1. \n\nWe recommend that you upgrade your wpa packages. ==========================================================================\nUbuntu Security Notice USN-3455-1\nOctober 16, 2017\n\nwpa vulnerabilities\n==========================================================================\n\nA security issue affects these releases of Ubuntu and its derivatives:\n\n- Ubuntu 17.04\n- Ubuntu 16.04 LTS\n- Ubuntu 14.04 LTS\n\nSummary:\n\nSeveral security issues were fixed in wpa_supplicant. \n\nSoftware Description:\n- wpa: client support for WPA and WPA2\n\nDetails:\n\nMathy Vanhoef discovered that wpa_supplicant and hostapd incorrectly\nhandled WPA2. (CVE-2017-13077,\nCVE-2017-13078, CVE-2017-13079, CVE-2017-13080, CVE-2017-13081,\nCVE-2017-13082, CVE-2017-13086, CVE-2017-13087, CVE-2017-13088)\n\nImre Rad discovered that wpa_supplicant and hostapd incorrectly handled\ninvalid characters in passphrase parameters. A remote attacker could use\nthis issue to cause a denial of service. (CVE-2016-4476)\n\nImre Rad discovered that wpa_supplicant and hostapd incorrectly handled\ninvalid characters in passphrase parameters. A local attacker could use\nthis issue to cause a denial of service, or possibly execute arbitrary\ncode. (CVE-2016-4477)\n\nUpdate instructions:\n\nThe problem can be corrected by updating your system to the following\npackage versions:\n\nUbuntu 17.04:\n  hostapd                         2.4-0ubuntu9.1\n  wpasupplicant                   2.4-0ubuntu9.1\n\nUbuntu 16.04 LTS:\n  hostapd                         2.4-0ubuntu6.2\n  wpasupplicant                   2.4-0ubuntu6.2\n\nUbuntu 14.04 LTS:\n  hostapd                         2.1-0ubuntu1.5\n  wpasupplicant                   2.1-0ubuntu1.5\n\nAfter a standard system update you need to reboot your computer to make\nall the necessary changes. \n\nReferences:\n  https://www.ubuntu.com/usn/usn-3455-1\n  CVE-2016-4476, CVE-2016-4477, CVE-2017-13077, CVE-2017-13078,\n  CVE-2017-13079, CVE-2017-13080, CVE-2017-13081, CVE-2017-13082,\n  CVE-2017-13086, CVE-2017-13087, CVE-2017-13088\n\nPackage Information:\n  https://launchpad.net/ubuntu/+source/wpa/2.4-0ubuntu9.1\n  https://launchpad.net/ubuntu/+source/wpa/2.4-0ubuntu6.2\n  https://launchpad.net/ubuntu/+source/wpa/2.1-0ubuntu1.5\n\n\n. - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\nGentoo Linux Security Advisory                           GLSA 201711-03\n- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\n                                           https://security.gentoo.org/\n- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\n\n Severity: Normal\n    Title: hostapd and wpa_supplicant: Key Reinstallation (KRACK)\n           attacks\n     Date: November 10, 2017\n     Bugs: #634436, #634438\n       ID: 201711-03\n\n- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\n\nSynopsis\n========\n\nA flaw was discovered in the 4-way handshake in hostapd and\nwpa_supplicant that allows attackers to conduct a Man in the Middle\nattack. \n\nBackground\n==========\n\nwpa_supplicant is a WPA Supplicant with support for WPA and WPA2 (IEEE\n802.11i / RSN). \n\nAffected packages\n=================\n\n    -------------------------------------------------------------------\n     Package              /     Vulnerable     /            Unaffected\n    -------------------------------------------------------------------\n  1  net-wireless/hostapd         \u003c 2.6-r1                  \u003e= 2.6-r1 \n  2  net-wireless/wpa_supplicant\n                                  \u003c 2.6-r3                  \u003e= 2.6-r3 \n    -------------------------------------------------------------------\n     2 affected packages\n\nDescription\n===========\n\nWiFi Protected Access (WPA and WPA2) and it\u0027s associated technologies\nare all vulnerable to the KRACK attacks. Please review the referenced\nCVE identifiers for details. \n\nImpact\n======\n\nAn attacker can carry out the KRACK attacks on a wireless network in\norder to gain access to network clients. Once achieved, the attacker\ncan potentially harvest confidential information (e.g. HTTP/HTTPS),\ninject malware, or perform a myriad of other attacks. \n\nWorkaround\n==========\n\nThere is no known workaround at this time. \n\nResolution\n==========\n\nAll hostapd users should upgrade to the latest version:\n\n  # emerge --sync\n  # emerge --ask --oneshot --verbose \"\u003e=net-wireless/hostapd-2.6-r1\"\n\nAll wpa_supplicant users should upgrade to the latest version:\n\n  # emerge --sync\n  # emerge --ask --oneshot -v \"\u003e=net-wireless/wpa_supplicant-2.6-r3\"\n\nReferences\n==========\n\n[  1 ] CVE-2017-13077\n       https://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-13077\n[  2 ] CVE-2017-13078\n       https://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-13078\n[  3 ] CVE-2017-13079\n       https://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-13079\n[  4 ] CVE-2017-13080\n. \n\n\nHere are the details from the Slackware 14.2 ChangeLog:\n+--------------------------+\npatches/packages/wpa_supplicant-2.6-i586-1_slack14.2.txz:  Upgraded. \n  This update includes patches to mitigate the WPA2 protocol issues known\n  as \"KRACK\" (Key Reinstallation AttaCK), which may be used to decrypt data,\n  hijack TCP connections, and to forge and inject packets. This is the\n  list of vulnerabilities that are addressed here:\n  CVE-2017-13077: Reinstallation of the pairwise encryption key (PTK-TK) in the\n    4-way handshake. \n  CVE-2017-13082: Accepting a retransmitted Fast BSS Transition (FT)\n    Reassociation Request and reinstalling the pairwise encryption key (PTK-TK)\n    while processing it. \n  CVE-2017-13084: Reinstallation of the STK key in the PeerKey handshake. \n  CVE-2017-13086: reinstallation of the Tunneled Direct-Link Setup (TDLS)\n    PeerKey (TPK) key in the TDLS handshake. \n  For more information, see:\n    https://www.krackattacks.com/\n    https://w1.fi/security/2017-1/wpa-packet-number-reuse-with-replayed-messages.txt\n    https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-13077\n    https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-13078\n    https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-13079\n    https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-13080\n    https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-13081\n    https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-13082\n    https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-13084\n    https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-13086\n    https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-13087\n    https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-13088\n  (* Security fix *)\n+--------------------------+\n\n\nWhere to find the new packages:\n+-----------------------------+\n\nThanks to the friendly folks at the OSU Open Source Lab\n(http://osuosl.org) for donating FTP and rsync hosting\nto the Slackware project!  :-)\n\nAlso see the \"Get Slack\" section on http://slackware.com for\nadditional mirror sites near you. \n\nUpdated package for Slackware 14.0:\nftp://ftp.slackware.com/pub/slackware/slackware-14.0/patches/packages/wpa_supplicant-2.6-i486-1_slack14.0.txz\n\nUpdated package for Slackware x86_64 14.0:\nftp://ftp.slackware.com/pub/slackware/slackware64-14.0/patches/packages/wpa_supplicant-2.6-x86_64-1_slack14.0.txz\n\nUpdated package for Slackware 14.1:\nftp://ftp.slackware.com/pub/slackware/slackware-14.1/patches/packages/wpa_supplicant-2.6-i486-1_slack14.1.txz\n\nUpdated package for Slackware x86_64 14.1:\nftp://ftp.slackware.com/pub/slackware/slackware64-14.1/patches/packages/wpa_supplicant-2.6-x86_64-1_slack14.1.txz\n\nUpdated package for Slackware 14.2:\nftp://ftp.slackware.com/pub/slackware/slackware-14.2/patches/packages/wpa_supplicant-2.6-i586-1_slack14.2.txz\n\nUpdated package for Slackware x86_64 14.2:\nftp://ftp.slackware.com/pub/slackware/slackware64-14.2/patches/packages/wpa_supplicant-2.6-x86_64-1_slack14.2.txz\n\nUpdated package for Slackware -current:\nftp://ftp.slackware.com/pub/slackware/slackware-current/slackware/n/wpa_supplicant-2.6-i586-2.txz\n\nUpdated package for Slackware x86_64 -current:\nftp://ftp.slackware.com/pub/slackware/slackware64-current/slackware64/n/wpa_supplicant-2.6-x86_64-2.txz\n\n\nMD5 signatures:\n+-------------+\n\nSlackware 14.0 package:\nd8ecfaadb50b3547967ab53733ffc019  wpa_supplicant-2.6-i486-1_slack14.0.txz\n\nSlackware x86_64 14.0 package:\nf25216d28800504ce498705da7c9a825  wpa_supplicant-2.6-x86_64-1_slack14.0.txz\n\nSlackware 14.1 package:\n15c61050e4bab2581757befd86be74c0  wpa_supplicant-2.6-i486-1_slack14.1.txz\n\nSlackware x86_64 14.1 package:\n49fd537a520338744f7757615556d352  wpa_supplicant-2.6-x86_64-1_slack14.1.txz\n\nSlackware 14.2 package:\nc5539f40c8510af89be92945f0f80185  wpa_supplicant-2.6-i586-1_slack14.2.txz\n\nSlackware x86_64 14.2 package:\n4c527ff84fcdfd7839f217bbce2e4ae4  wpa_supplicant-2.6-x86_64-1_slack14.2.txz\n\nSlackware -current package:\n28bd88a54e96368f7a7020c1f5fb67fe  n/wpa_supplicant-2.6-i586-2.txz\n\nSlackware x86_64 -current package:\n464fc6b48d1ac077f47e9a3a8534c160  n/wpa_supplicant-2.6-x86_64-2.txz\n\n\nInstallation instructions:\n+------------------------+\n\nUpgrade the package as root:\n# upgradepkg wpa_supplicant-2.6-i586-1_slack14.2.txz\n\n\n+-----+\n\nSlackware Linux Security Team\nhttp://slackware.com/gpg-key\nsecurity@slackware.com\n\n+------------------------------------------------------------------------+\n| To leave the slackware-security mailing list:                          |\n+------------------------------------------------------------------------+\n| Send an email to majordomo@slackware.com with this text in the body of |\n| the email message:                                                     |\n|                                                                        |\n|   unsubscribe slackware-security                                       |\n|                                                                        |\n| You will get a confirmation message back containing instructions to    |\n| complete the process.  Please do not reply to this email address. -----BEGIN PGP SIGNED MESSAGE-----\nHash: SHA512\n\n=============================================================================\nFreeBSD-SA-17:07.wpa                                        Security Advisory\n                                                          The FreeBSD Project\n\nTopic:          WPA2 protocol vulnerability\n\nCategory:       contrib\nModule:         wpa\nAnnounced:      2017-10-16\nCredits:        Mathy Vanhoef\nAffects:        All supported versions of FreeBSD. \nCorrected:      2017-10-17 17:30:18 UTC (stable/11, 11.1-STABLE)\n                2017-10-17 17:57:18 UTC (releng/11.1, 11.1-RELEASE-p2)\n                2017-10-17 17:56:03 UTC (releng/11.0, 11.0-RELEASE-p13)\n                2017-10-19 03:18:22 UTC (stable/10, 10.4-STABLE)\n                2017-10-19 03:20:17 UTC (releng/10.4, 10.4-RELEASE-p1)\n                2017-10-19 03:19:42 UTC (releng/10.3, 10.3-RELEASE-p22)\nCVE Name:       CVE-2017-13077, CVE-2017-13078, CVE-2017-13079,\n                CVE-2017-13080, CVE-2017-13081, CVE-2017-13082,\n                CVE-2017-13086, CVE-2017-13087, CVE-2017-13088\n\nFor general information regarding FreeBSD Security Advisories,\nincluding descriptions of the fields above, security branches, and the\nfollowing sections, please visit \u003cURL:https://security.FreeBSD.org/\u003e. \n\n0.   Revision history\n\nv1.0  2017-10-17 Initial release. \nv1.1  2017-10-19 Add patches for 10.x releases. \n\nI. \n\nhostapd and wpa_supplicant are implementations of user space daemon for\naccess points and wireless client that implements the WPA2 protocol. \n\nII.  Problem Description\n\nA vulnerability was found in how a number of implementations can be\ntriggered to reconfigure WPA/WPA2/RSN keys (TK, GTK, or IGTK) by\nreplaying a specific frame that is used to manage the keys. \n\nIII. Impact\n\nSuch reinstallation of the encryption key can result in two different\ntypes of vulnerabilities: disabling replay protection and significantly\nreducing the security of encryption to the point of allowing frames to\nbe decrypted or some parts of the keys to be determined by an attacker\ndepending on which cipher is used. \n\nIV.  Workaround\n\nAn updated version of wpa_supplicant is available in the FreeBSD Ports\nCollection. Install version 2.6_2 or later of the\nsecurity/wpa_supplicant port/pkg. Once installed, update /etc/rc.conf\nto use the new binary:\n\nwpa_supplicant_program=\"/usr/local/sbin/wpa_supplicant\"\n\nand restart networking. \n\nAn updated version of hostapd is available in the FreeBSD Ports\nCollection. Install version 2.6_1 or later of the net/hostapd port/pkg. \nOnce installed, update /etc/rc.conf to use the new binary:\n\nhostapd_program=\"/usr/local/sbin/hostapd\"\n\nand restart hostapd. \n\nV.   Solution\n\nPerform one of the following:\n\n1) Upgrade your vulnerable system to a supported FreeBSD stable or\nrelease / security branch (releng) dated after the correction date. \n\nRestart the Wi-Fi network interfaces/hostapd or reboot the system. \n\n2) To update your vulnerable system via a binary patch:\n\nSystems running a RELEASE version of FreeBSD on the i386 or amd64\nplatforms can be updated via the freebsd-update(8) utility:\n\n# freebsd-update fetch\n# freebsd-update install\n\nRestart the Wi-Fi network interfaces/hostapd or reboot the system. \n\n3) To update your vulnerable system via a source code patch:\n\nThe following patches have been verified to apply to the applicable\nFreeBSD release branches. \n\na) Download the relevant patch from the location below, and verify the\ndetached PGP signature using your PGP utility. \n\n[FreeBSD 11.0-RELEASE, 11.1-RELEASE, and 11-STABLE]\n# fetch https://security.FreeBSD.org/patches/SA-17:07/wpa-11.patch\n# fetch https://security.FreeBSD.org/patches/SA-17:07/wpa-11.patch.asc\n# gpg --verify wpa-11.patch.asc\n\n[FreeBSD 10.3-RELEASE, 10.4-RELEASE, and 10-STABLE]\n# fetch https://security.FreeBSD.org/patches/SA-17:07/wpa-10.patch\n# fetch https://security.FreeBSD.org/patches/SA-17:07/wpa-10.patch.asc\n# gpg --verify wpa-10.patch.asc\n\nb) Apply the patch.  Execute the following commands as root:\n\n# cd /usr/src\n# patch \u003c /path/to/patch\n\nc) Recompile the operating system using buildworld and installworld as\ndescribed in \u003cURL:https://www.FreeBSD.org/handbook/makeworld.html\u003e. \n\nRestart the applicable daemons, or reboot the system. \n\nVI.  Correction details\n\nThe following list contains the correction revision numbers for each\naffected branch. \n\nBranch/path                                                      Revision\n- -------------------------------------------------------------------------\nstable/11/                                                        r324697\nreleng/11.0/                                                      r324698\nreleng/11.1/                                                      r324699\nstable/10/                                                        r324739\nreleng/10.3/                                                      r324740\nreleng/10.4/                                                      r324741\n- -------------------------------------------------------------------------\n\nTo see which files were modified by a particular revision, run the\nfollowing command, replacing NNNNNN with the revision number, on a\nmachine with Subversion installed:\n\n# svn diff -cNNNNNN --summarize svn://svn.freebsd.org/base\n\nOr visit the following URL, replacing NNNNNN with the revision number:\n\n\u003cURL:https://svnweb.freebsd.org/base?view=revision\u0026revision=NNNNNN\u003e\n\nVII. References\n\n\u003cURL:https://w1.fi/security/2017-1/wpa-packet-number-reuse-with-replayed-messages.txt\u003e\n\u003cURL:https://www.krackattacks.com/\u003e\n\nThe latest revision of this advisory is available at\n\u003cURL:https://security.FreeBSD.org/advisories/FreeBSD-SA-17:07.wpa.asc\u003e\n-----BEGIN PGP SIGNATURE-----\n\niQKTBAEBCgB9FiEEHPf/b631yp++G4yy7Wfs1l3PaucFAlnoGpNfFIAAAAAALgAo\naXNzdWVyLWZwckBub3RhdGlvbnMub3BlbnBncC5maWZ0aGhvcnNlbWFuLm5ldDFD\nRjdGRjZGQURGNUNBOUZCRTFCOENCMkVENjdFQ0Q2NURDRjZBRTcACgkQ7Wfs1l3P\nauc7WBAAm27w+fujv5sJsRxauUMopTVtRh5utwbDuoHTP+L+RCWmQfVBmueNQ0gf\nuJzMNxBIkbtY9LvyukpRsH3iD7mh26c0pd9rxxkkr4F96C9B5+W0amxJF1gdm54/\nF/50FpY+lo7cNs5tiBjypPrg8UOBBI/1G4XR7130XC0HjaTwt1ngZ0oQUWUMSsIp\ngN5ZfPul81WPWd1NqF+vyObcJhwq/Y1uoexoO27o7GQCFZoL3enZy8c4f1xqMlVM\n4HHkTgNGac6E0aW+ArH4J0DFFAOJXPqF8rdt+9XINfoBbtliIyOixJ4oh1n6eAR0\nVpBWZKFNyXSlUKIvDGa+LDhxgL1jJXV0ABSyKlUOijdmr3bbbiQE9MW/MNv2AFTd\nOAFQ0QQtm9KCWp5JLh+FPIb/kR2l7MOUP+yz4zFcJpdGtl9tDLyPN8vRTq60bY8O\ny7tBcf/SMqkd/AIFdchL4zrOguKnRARydIlwTarp8wtAQI3MKSsa1B0wgsDtlL6K\nxfdjnwWMKvKKlNOW16e1WXXO0n/ucHV4njBE+bGPro3jLgXP2/WFZpIGAR3I4xrr\nSdD4AxSNiR9f3bL7LRfMIbugJAylWNSlTLWUOVUv0/ONh85LqbcCj13NI230B64K\nETx2QOZgKnCs2oDNiw4aQHb7kvi2w94Iw/R1sAPkkxYJWO3reyE=\n=h/5q\n-----END PGP SIGNATURE-----\n",
        "sources": [
          {
            "db": "NVD",
            "id": "CVE-2017-13079"
          },
          {
            "db": "CERT/CC",
            "id": "VU#228519"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2017-009172"
          },
          {
            "db": "CNVD",
            "id": "CNVD-2017-30404"
          },
          {
            "db": "BID",
            "id": "101274"
          },
          {
            "db": "IVD",
            "id": "3ba265af-e434-4086-b786-5c33d3edb3dc"
          },
          {
            "db": "VULMON",
            "id": "CVE-2017-13079"
          },
          {
            "db": "PACKETSTORM",
            "id": "144630"
          },
          {
            "db": "PACKETSTORM",
            "id": "144632"
          },
          {
            "db": "PACKETSTORM",
            "id": "144944"
          },
          {
            "db": "PACKETSTORM",
            "id": "144663"
          },
          {
            "db": "PACKETSTORM",
            "id": "144669"
          }
        ],
        "trust": 3.87
      },
      "external_ids": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/external_ids#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "db": "CERT/CC",
            "id": "VU#228519",
            "trust": 4.2
          },
          {
            "db": "NVD",
            "id": "CVE-2017-13079",
            "trust": 4.1
          },
          {
            "db": "BID",
            "id": "101274",
            "trust": 2.6
          },
          {
            "db": "LENOVO",
            "id": "LEN-17420",
            "trust": 2.5
          },
          {
            "db": "SECTRACK",
            "id": "1039578",
            "trust": 1.7
          },
          {
            "db": "SECTRACK",
            "id": "1039581",
            "trust": 1.7
          },
          {
            "db": "SECTRACK",
            "id": "1039585",
            "trust": 1.7
          },
          {
            "db": "SECTRACK",
            "id": "1039573",
            "trust": 1.7
          },
          {
            "db": "SECTRACK",
            "id": "1039576",
            "trust": 1.7
          },
          {
            "db": "SECTRACK",
            "id": "1039577",
            "trust": 1.7
          },
          {
            "db": "SIEMENS",
            "id": "SSA-901333",
            "trust": 1.7
          },
          {
            "db": "CERT@VDE",
            "id": "VDE-2017-005",
            "trust": 1.7
          },
          {
            "db": "ICS CERT",
            "id": "ICSMA-18-114-01",
            "trust": 1.2
          },
          {
            "db": "ICS CERT",
            "id": "ICSMA-19-029-01",
            "trust": 1.1
          },
          {
            "db": "ICS CERT",
            "id": "ICSA-17-353-02",
            "trust": 1.1
          },
          {
            "db": "ICS CERT",
            "id": "ICSA-17-318-01",
            "trust": 1.1
          },
          {
            "db": "CNVD",
            "id": "CNVD-2017-30404",
            "trust": 0.8
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201710-382",
            "trust": 0.8
          },
          {
            "db": "JUNIPER",
            "id": "JSA10827",
            "trust": 0.8
          },
          {
            "db": "DLINK",
            "id": "SAP10075",
            "trust": 0.8
          },
          {
            "db": "ICS CERT",
            "id": "ICSA-17-318-02A",
            "trust": 0.8
          },
          {
            "db": "JVN",
            "id": "JVNVU90609033",
            "trust": 0.8
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2017-009172",
            "trust": 0.8
          },
          {
            "db": "AUSCERT",
            "id": "ESB-2020.4125",
            "trust": 0.6
          },
          {
            "db": "ICS CERT",
            "id": "ICSA-17-299-02",
            "trust": 0.3
          },
          {
            "db": "ICS CERT",
            "id": "ICSA-17-318-02",
            "trust": 0.3
          },
          {
            "db": "ICS CERT",
            "id": "ICSA-17-325-01",
            "trust": 0.3
          },
          {
            "db": "IVD",
            "id": "3BA265AF-E434-4086-B786-5C33D3EDB3DC",
            "trust": 0.2
          },
          {
            "db": "VULMON",
            "id": "CVE-2017-13079",
            "trust": 0.1
          },
          {
            "db": "PACKETSTORM",
            "id": "144630",
            "trust": 0.1
          },
          {
            "db": "PACKETSTORM",
            "id": "144632",
            "trust": 0.1
          },
          {
            "db": "PACKETSTORM",
            "id": "144944",
            "trust": 0.1
          },
          {
            "db": "PACKETSTORM",
            "id": "144663",
            "trust": 0.1
          },
          {
            "db": "PACKETSTORM",
            "id": "144669",
            "trust": 0.1
          }
        ],
        "sources": [
          {
            "db": "IVD",
            "id": "3ba265af-e434-4086-b786-5c33d3edb3dc"
          },
          {
            "db": "CERT/CC",
            "id": "VU#228519"
          },
          {
            "db": "CNVD",
            "id": "CNVD-2017-30404"
          },
          {
            "db": "VULMON",
            "id": "CVE-2017-13079"
          },
          {
            "db": "BID",
            "id": "101274"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2017-009172"
          },
          {
            "db": "PACKETSTORM",
            "id": "144630"
          },
          {
            "db": "PACKETSTORM",
            "id": "144632"
          },
          {
            "db": "PACKETSTORM",
            "id": "144944"
          },
          {
            "db": "PACKETSTORM",
            "id": "144663"
          },
          {
            "db": "PACKETSTORM",
            "id": "144669"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201710-382"
          },
          {
            "db": "NVD",
            "id": "CVE-2017-13079"
          }
        ]
      },
      "id": "VAR-201710-0212",
      "iot": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/iot#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": true,
        "sources": [
          {
            "db": "IVD",
            "id": "3ba265af-e434-4086-b786-5c33d3edb3dc"
          },
          {
            "db": "CNVD",
            "id": "CNVD-2017-30404"
          }
        ],
        "trust": 1.400319345
      },
      "iot_taxonomy": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "category": [
              "ICS"
            ],
            "sub_category": null,
            "trust": 0.8
          }
        ],
        "sources": [
          {
            "db": "IVD",
            "id": "3ba265af-e434-4086-b786-5c33d3edb3dc"
          },
          {
            "db": "CNVD",
            "id": "CNVD-2017-30404"
          }
        ]
      },
      "last_update_date": "2025-04-20T22:05:13.373000Z",
      "patch": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/patch#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "title": "ARUBA-PSA-2017-007",
            "trust": 0.8,
            "url": "http://www.arubanetworks.com/assets/alert/ARUBA-PSA-2017-007.txt"
          },
          {
            "title": "DSA-3999",
            "trust": 0.8,
            "url": "https://www.debian.org/security/2017/dsa-3999"
          },
          {
            "title": "FreeBSD-SA-17:07.wpa",
            "trust": 0.8,
            "url": "https://www.freebsd.org/security/advisories/FreeBSD-SA-17:07.wpa.asc"
          },
          {
            "title": "LEN-17420",
            "trust": 0.8,
            "url": "https://support.lenovo.com/jp/en/product_security/len-17420"
          },
          {
            "title": "NV17-024",
            "trust": 0.8,
            "url": "http://jpn.nec.com/security-info/secinfo/nv17-024.html"
          },
          {
            "title": "SUSE-SU-2017:2745",
            "trust": 0.8,
            "url": "https://lists.opensuse.org/opensuse-security-announce/2017-10/msg00020.html"
          },
          {
            "title": "SUSE-SU-2017:2752",
            "trust": 0.8,
            "url": "https://lists.opensuse.org/opensuse-security-announce/2017-10/msg00023.html"
          },
          {
            "title": "openSUSE-SU-2017:2755",
            "trust": 0.8,
            "url": "https://lists.opensuse.org/opensuse-security-announce/2017-10/msg00024.html"
          },
          {
            "title": "KRACKs - wpa_supplicant Multiple Vulnerabilities",
            "trust": 0.8,
            "url": "https://access.redhat.com/security/vulnerabilities/kracks"
          },
          {
            "title": "USN-3455-1",
            "trust": 0.8,
            "url": "https://usn.ubuntu.com/usn/USN-3455-1/"
          },
          {
            "title": "WPA packet number reuse with replayed messages and key reinstallation",
            "trust": 0.8,
            "url": "https://w1.fi/security/2017-1/wpa-packet-number-reuse-with-replayed-messages.txt"
          },
          {
            "title": "Wi-Fi\u306e\u8a8d\u8a3c\uff0f\u6697\u53f7\u5316\u6280\u8853WPA2\u304a\u3088\u3073WPA\u306e\u8907\u6570\u306e\u8106\u5f31\u6027\u306b\u3064\u3044\u3066",
            "trust": 0.8,
            "url": "http://www.fujitsu.com/jp/products/network/support/2017/srm-01/index.html"
          },
          {
            "title": "WPA2\u306e\u8106\u5f31\u6027\u306b\u95a2\u3059\u308b\u5f0a\u793e\u8abf\u67fb\u30fb\u5bfe\u5fdc\u72b6\u6cc1\u306b\u3064\u3044\u3066",
            "trust": 0.8,
            "url": "http://www.iodata.jp/support/information/2017/wpa2/"
          },
          {
            "title": "\u7121\u7ddaLAN \u8a8d\u8a3c\uff0f\u6697\u53f7\u5316\u6280\u8853WPA2\u304a\u3088\u3073WPA\u306b\u95a2\u3059\u308b\u8106\u5f31\u6027\u306e\u304a\u77e5\u3089\u305b",
            "trust": 0.8,
            "url": "http://www.fmworld.net/biz/common/info/20171110/"
          },
          {
            "title": "Patch for WPA2 Wireless Network IGTK Group Key Reload Vulnerability",
            "trust": 0.6,
            "url": "https://www.cnvd.org.cn/patchInfo/show/103820"
          },
          {
            "title": "Multiple WiFi product WPA2 Security vulnerabilities",
            "trust": 0.6,
            "url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=75496"
          },
          {
            "title": "The Register",
            "trust": 0.2,
            "url": "https://www.theregister.co.uk/2017/11/07/android_november_security_update/"
          },
          {
            "title": "The Register",
            "trust": 0.2,
            "url": "https://www.theregister.co.uk/2017/10/16/wpa2_inscure_krackattack/"
          },
          {
            "title": "Red Hat: CVE-2017-13079",
            "trust": 0.1,
            "url": "https://vulmon.com/vendoradvisory?qidtp=red_hat_cve_database\u0026qid=CVE-2017-13079"
          },
          {
            "title": "Arch Linux Issues: ",
            "trust": 0.1,
            "url": "https://vulmon.com/vendoradvisory?qidtp=arch_linux_issues\u0026qid=CVE-2017-13079"
          },
          {
            "title": "HP: SUPPORT COMMUNICATION- SECURITY BULLETIN\nHPSBPI03574 rev. 2 - WPA, WPA2 Key Reinstallation Attacks (KRACK attacks) Potential Remote Disclosure of Information: Certain HP Enterprise Printer and MFP products, Certain HP PageWide Printer and MFP Products, HP Jetdirect Accessory Products",
            "trust": 0.1,
            "url": "https://vulmon.com/vendoradvisory?qidtp=hp_bulletin\u0026qid=8d6572a049179153e7106f494e1a3bca"
          },
          {
            "title": "Debian CVElist Bug Report Logs: firmware-brcm80211: BroadPwn vulnerability CVE-2017-9417",
            "trust": 0.1,
            "url": "https://vulmon.com/vendoradvisory?qidtp=debian_cvelist_bugreportlogs\u0026qid=2e0affd9108e95fa2aa2c706c74cd8a9"
          },
          {
            "title": "Ubuntu Security Notice: wpa vulnerabilities",
            "trust": 0.1,
            "url": "https://vulmon.com/vendoradvisory?qidtp=ubuntu_security_notice\u0026qid=USN-3455-1"
          },
          {
            "title": "Debian Security Advisories: DSA-3999-1 wpa -- security update",
            "trust": 0.1,
            "url": "https://vulmon.com/vendoradvisory?qidtp=debian_security_advisories\u0026qid=08990d9925276738bd732fa4d58f9ef0"
          },
          {
            "title": "HP: HPSBPI03574 rev. 1 - WPA, WPA2 Key Reinstallation Attacks (KRACK attacks) Potential Remote Disclosure of Information: Certain HP Enterprise Printer and MFP products, Certain HP PageWide Printer and MFP Products, HP Jetdirect Accessory Products",
            "trust": 0.1,
            "url": "https://vulmon.com/vendoradvisory?qidtp=hp_bulletin\u0026qid=HPSBPI03574"
          },
          {
            "title": "HP: SUPPORT COMMUNICATION- SECURITY BULLETIN\nHP Printing Security Advisory - KRACK Attacks Potential Vulnerabilities",
            "trust": 0.1,
            "url": "https://vulmon.com/vendoradvisory?qidtp=hp_bulletin\u0026qid=159d2d394e685e849c1feb8bd9a2f58e"
          },
          {
            "title": "HP: SUPPORT COMMUNICATION- SECURITY BULLETIN\nHPSBPI03574 rev. 2 - WPA, WPA2 Key Reinstallation Attacks (KRACK attacks) Potential Remote Disclosure of Information: Certain HP Enterprise Printer and MFP products, Certain HP PageWide Printer and MFP Products, HP Jetdirect Accessory Products",
            "trust": 0.1,
            "url": "https://vulmon.com/vendoradvisory?qidtp=hp_bulletin\u0026qid=5acd9ad059fdc01fe064c5234e076a80"
          },
          {
            "title": "Arch Linux Advisories: [ASA-201710-23] hostapd: man-in-the-middle",
            "trust": 0.1,
            "url": "https://vulmon.com/vendoradvisory?qidtp=arch_linux_advisories\u0026qid=ASA-201710-23"
          },
          {
            "title": "Arch Linux Advisories: [ASA-201710-22] wpa_supplicant: man-in-the-middle",
            "trust": 0.1,
            "url": "https://vulmon.com/vendoradvisory?qidtp=arch_linux_advisories\u0026qid=ASA-201710-22"
          },
          {
            "title": "Siemens Security Advisories: Siemens Security Advisory",
            "trust": 0.1,
            "url": "https://vulmon.com/vendoradvisory?qidtp=siemens_security_advisories\u0026qid=6df91267eee9400a24a98876f50ffe84"
          },
          {
            "title": "Android Security Bulletins: Android Security Bulletin\u2014November 2017",
            "trust": 0.1,
            "url": "https://vulmon.com/vendoradvisory?qidtp=android_security_bulletins\u0026qid=8c29eb008bb212762e5cfb25c7c5c0d5"
          },
          {
            "title": "Cisco: Multiple Vulnerabilities in Wi-Fi Protected Access and Wi-Fi Protected Access II",
            "trust": 0.1,
            "url": "https://vulmon.com/vendoradvisory?qidtp=cisco_security_advisories_and_alerts_ciscoproducts\u0026qid=cisco-sa-20171016-wpa"
          },
          {
            "title": "Oracle: Oracle Critical Patch Update Advisory - January 2018",
            "trust": 0.1,
            "url": "https://vulmon.com/vendoradvisory?qidtp=oracle_advisories\u0026qid=e2a7f287e9acc8c64ab3df71130bc64d"
          },
          {
            "title": "KRACK",
            "trust": 0.1,
            "url": "https://github.com/chinatso/KRACK "
          },
          {
            "title": "krackinfo",
            "trust": 0.1,
            "url": "https://github.com/kristate/krackinfo "
          },
          {
            "title": "",
            "trust": 0.1,
            "url": "https://github.com/merlinepedra/KRACK "
          },
          {
            "title": "nixos-issue-db-example",
            "trust": 0.1,
            "url": "https://github.com/andir/nixos-issue-db-example "
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2017-30404"
          },
          {
            "db": "VULMON",
            "id": "CVE-2017-13079"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2017-009172"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201710-382"
          }
        ]
      },
      "problemtype_data": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "problemtype": "CWE-323",
            "trust": 1.0
          },
          {
            "problemtype": "CWE-330",
            "trust": 1.0
          },
          {
            "problemtype": "CWE-254",
            "trust": 0.8
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2017-009172"
          },
          {
            "db": "NVD",
            "id": "CVE-2017-13079"
          }
        ]
      },
      "references": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/references#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "trust": 3.7,
            "url": "https://www.krackattacks.com/"
          },
          {
            "trust": 3.3,
            "url": "https://source.android.com/security/bulletin/2017-11-01"
          },
          {
            "trust": 2.9,
            "url": "http://www.securityfocus.com/bid/101274"
          },
          {
            "trust": 2.8,
            "url": "http://www.arubanetworks.com/assets/alert/aruba-psa-2017-007.txt"
          },
          {
            "trust": 2.8,
            "url": "https://tools.cisco.com/security/center/content/ciscosecurityadvisory/cisco-sa-20171016-wpa"
          },
          {
            "trust": 2.5,
            "url": "http://www.debian.org/security/2017/dsa-3999"
          },
          {
            "trust": 2.5,
            "url": "https://access.redhat.com/security/vulnerabilities/kracks"
          },
          {
            "trust": 2.1,
            "url": "http://www.kb.cert.org/vuls/id/228519"
          },
          {
            "trust": 1.8,
            "url": "https://w1.fi/security/2017-1/wpa-packet-number-reuse-with-replayed-messages.txt"
          },
          {
            "trust": 1.8,
            "url": "http://www.ubuntu.com/usn/usn-3455-1"
          },
          {
            "trust": 1.7,
            "url": "http://www.securitytracker.com/id/1039585"
          },
          {
            "trust": 1.7,
            "url": "http://www.securitytracker.com/id/1039581"
          },
          {
            "trust": 1.7,
            "url": "http://www.securitytracker.com/id/1039578"
          },
          {
            "trust": 1.7,
            "url": "http://www.securitytracker.com/id/1039577"
          },
          {
            "trust": 1.7,
            "url": "http://www.securitytracker.com/id/1039576"
          },
          {
            "trust": 1.7,
            "url": "http://www.securitytracker.com/id/1039573"
          },
          {
            "trust": 1.7,
            "url": "https://support.lenovo.com/us/en/product_security/len-17420"
          },
          {
            "trust": 1.7,
            "url": "https://security.freebsd.org/advisories/freebsd-sa-17:07.wpa.asc"
          },
          {
            "trust": 1.7,
            "url": "http://lists.opensuse.org/opensuse-security-announce/2017-10/msg00024.html"
          },
          {
            "trust": 1.7,
            "url": "http://lists.opensuse.org/opensuse-security-announce/2017-10/msg00023.html"
          },
          {
            "trust": 1.7,
            "url": "http://lists.opensuse.org/opensuse-security-announce/2017-10/msg00020.html"
          },
          {
            "trust": 1.7,
            "url": "https://security.gentoo.org/glsa/201711-03"
          },
          {
            "trust": 1.7,
            "url": "http://www.oracle.com/technetwork/security-advisory/cpujan2018-3236628.html"
          },
          {
            "trust": 1.7,
            "url": "https://support.hpe.com/hpsc/doc/public/display?doclocale=en_us\u0026docid=emr_na-hpesbhf03792en_us"
          },
          {
            "trust": 1.7,
            "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-901333.pdf"
          },
          {
            "trust": 1.7,
            "url": "https://cert.vde.com/en-us/advisories/vde-2017-005"
          },
          {
            "trust": 1.7,
            "url": "https://lists.debian.org/debian-lts-announce/2018/11/msg00015.html"
          },
          {
            "trust": 1.3,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2017-13079"
          },
          {
            "trust": 1.2,
            "url": "https://ics-cert.us-cert.gov/advisories/icsma-18-114-01"
          },
          {
            "trust": 1.1,
            "url": "https://papers.mathyvanhoef.com/ccs2017.pdf"
          },
          {
            "trust": 1.1,
            "url": "https://w1.fi/security/2017-1/"
          },
          {
            "trust": 1.1,
            "url": "https://security-center.intel.com/advisory.aspx?intelid=intel-sa-00101\u0026languageid=en-fr"
          },
          {
            "trust": 1.1,
            "url": "https://portal.msrc.microsoft.com/en-us/security-guidance/advisory/cve-2017-13080"
          },
          {
            "trust": 1.1,
            "url": "https://ics-cert.us-cert.gov/advisories/icsa-17-353-02"
          },
          {
            "trust": 1.1,
            "url": "https://ics-cert.us-cert.gov/advisories/icsa-17-318-01"
          },
          {
            "trust": 1.1,
            "url": "https://ics-cert.us-cert.gov/advisories/icsma-19-029-01"
          },
          {
            "trust": 0.9,
            "url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2017-13079"
          },
          {
            "trust": 0.8,
            "url": "https://cwe.mitre.org/data/definitions/323.html"
          },
          {
            "trust": 0.8,
            "url": "https://actiontecsupport.zendesk.com/hc/en-us/articles/115005205283-krack-vulnerability"
          },
          {
            "trust": 0.8,
            "url": "https://www3.aerohive.com/support/security-bulletins/product-security-announcement-aerohives-response-to-krack-10162017.html"
          },
          {
            "trust": 0.8,
            "url": "https://www.al-enterprise.com/en/support/security-alert-krack"
          },
          {
            "trust": 0.8,
            "url": "https://support.apple.com/en-gb/ht208222"
          },
          {
            "trust": 0.8,
            "url": "https://security.archlinux.org/avg-447"
          },
          {
            "trust": 0.8,
            "url": "https://www.asus.com/static_webpage/asus-product-security-advisory/"
          },
          {
            "trust": 0.8,
            "url": "https://community.barracudanetworks.com/forum/index.php?/topic/23525-security-advisories/page-2"
          },
          {
            "trust": 0.8,
            "url": "https://lists.centos.org/pipermail/centos-announce/2017-october/022569.html"
          },
          {
            "trust": 0.8,
            "url": "https://community.cypress.com/docs/doc-13871"
          },
          {
            "trust": 0.8,
            "url": "http://supportannouncement.us.dlink.com/announcement/publication.aspx?name=sap10075"
          },
          {
            "trust": 0.8,
            "url": "http://www.dell.com/support/article/sln307822"
          },
          {
            "trust": 0.8,
            "url": "https://github.com/espressif/esp8266_nonos_sdk"
          },
          {
            "trust": 0.8,
            "url": "https://extremeportal.force.com/extrarticledetail?n=000018005"
          },
          {
            "trust": 0.8,
            "url": "https://bodhi.fedoraproject.org/updates/fedora-2017-60bfb576b7"
          },
          {
            "trust": 0.8,
            "url": "http://www.fortiguard.com/psirt/fg-ir-17-196"
          },
          {
            "trust": 0.8,
            "url": "https://www.freebsd.org/security/advisories/freebsd-sa-17:07.wpa.asc"
          },
          {
            "trust": 0.8,
            "url": "https://bugs.gentoo.org/634440"
          },
          {
            "trust": 0.8,
            "url": "https://support.hpe.com/hpsc/doc/public/display?sp4ts.oid=null\u0026doclocale=en_us\u0026docid=emr_na-a00029151en_us"
          },
          {
            "trust": 0.8,
            "url": "https://kb.juniper.net/jsa10827"
          },
          {
            "trust": 0.8,
            "url": "https://support.lenovo.com/ca/en/product_security/len-17420"
          },
          {
            "trust": 0.8,
            "url": "http://www.microchip.com/wwwproducts/en/atwinc1500"
          },
          {
            "trust": 0.8,
            "url": "http://mail-index.netbsd.org/source-changes/2017/10/16/msg088877.html"
          },
          {
            "trust": 0.8,
            "url": "https://kb.netgear.com/000049498/security-advisory-for-wpa-2-vulnerabilities-psv-2017-2826-psv-2017-2836-psv-2017-2837"
          },
          {
            "trust": 0.8,
            "url": "https://forum.peplink.com/t/security-advisory-wpa2-vulnerability-vu-228519/12715"
          },
          {
            "trust": 0.8,
            "url": "https://ruckus-www.s3.amazonaws.com/pdf/security/faq-security-advisory-id-101617-v1.0.pdf"
          },
          {
            "trust": 0.8,
            "url": "https://www.suse.com/de-de/support/kb/doc/?id=7022107"
          },
          {
            "trust": 0.8,
            "url": "https://source.sierrawireless.com/resources/airlink/software_reference_docs/technical-bulletin/sierra-wireless-technical-bulletin---wpa-and-wpa2-vulnerabilities/"
          },
          {
            "trust": 0.8,
            "url": "http://www.slackware.com/changelog/stable.php?cpu=x86_64"
          },
          {
            "trust": 0.8,
            "url": "https://community.sophos.com/kb/en-us/127658"
          },
          {
            "trust": 0.8,
            "url": "https://www.toshibacommerce.com/wps/myportal/%21ut/p/a1/rzrnc8igeiz_sw8egqhjcdmmwr8abw2dqcnfoyqotidrrk399uxrrwotuzgws7a87y6z88iuzmcq2u4uwcnlzypjnjj5-exr_wnhya-laxtrid-j3uchdtb8gylmuw6qzgktovtowsrrqlrs6-8dbeqhwc1mykqnlabgdjlf1yjvn7i5af4qtdwsn2tri7j"
          },
          {
            "trust": 0.8,
            "url": "http://www.toshiba-personalstorage.net/en/news/hdd/ot_notice/20171017.htm"
          },
          {
            "trust": 0.8,
            "url": "http://support.toshiba.com/support/staticcontentdetail?contentid=4015875\u0026isfromtoclink=false"
          },
          {
            "trust": 0.8,
            "url": "https://community.ubnt.com/t5/unifi-updates-blog/firmware-3-9-3-7537-for-uap-usw-has-been-released/ba-p/2099365"
          },
          {
            "trust": 0.8,
            "url": "https://usn.ubuntu.com/usn/usn-3455-1/"
          },
          {
            "trust": 0.8,
            "url": "http://en.miui.com/thread-954223-1-1.html"
          },
          {
            "trust": 0.8,
            "url": "https://www.zebra.com/content/dam/zebra_new_ia/en-us/support-and-downloads/lifeguard-security/krack-security-bulletin.pdf"
          },
          {
            "trust": 0.8,
            "url": "http://www.zyxel.com/support/announcement_wpa2_key_management.shtml"
          },
          {
            "trust": 0.8,
            "url": "https://supportcenter.checkpoint.com/supportcenter/portal?eventsubmit_dogoviewsolutiondetails=\u0026solutionid=sk120938"
          },
          {
            "trust": 0.8,
            "url": "https://community.rsa.com/docs/doc-84103"
          },
          {
            "trust": 0.8,
            "url": "https://support.f5.com/csp/article/k23642330"
          },
          {
            "trust": 0.8,
            "url": "https://forum.mikrotik.com/viewtopic.php?f=21\u0026t=126695"
          },
          {
            "trust": 0.8,
            "url": "https://community.linksys.com/t5/wireless-routers/krack-vulnerability/td-p/1218573"
          },
          {
            "trust": 0.8,
            "url": "https://ics-cert.us-cert.gov/advisories/icsa-17-318-02a"
          },
          {
            "trust": 0.8,
            "url": "https://www.ipa.go.jp/security/ciadr/vul/20171017_wpa2.html"
          },
          {
            "trust": 0.8,
            "url": "http://jvn.jp/vu/jvnvu90609033/index.html"
          },
          {
            "trust": 0.8,
            "url": "https://www.kb.cert.org/vuls/id/cheu-aqnmyp"
          },
          {
            "trust": 0.6,
            "url": "https://www.kb.cert.org/vuls/id/228519/"
          },
          {
            "trust": 0.6,
            "url": "https://www.auscert.org.au/bulletins/esb-2020.4125/"
          },
          {
            "trust": 0.5,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2017-13077"
          },
          {
            "trust": 0.5,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2017-13078"
          },
          {
            "trust": 0.4,
            "url": "https://access.redhat.com/security/cve/cve-2017-13079"
          },
          {
            "trust": 0.4,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2017-13082"
          },
          {
            "trust": 0.4,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2017-13088"
          },
          {
            "trust": 0.4,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2017-13087"
          },
          {
            "trust": 0.4,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2017-13086"
          },
          {
            "trust": 0.4,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2017-13081"
          },
          {
            "trust": 0.4,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2017-13080"
          },
          {
            "trust": 0.3,
            "url": "https://github.com/stevenhoneyman/wpa_gui/tree/master/wpa_supplicant-2.4"
          },
          {
            "trust": 0.3,
            "url": "http://www.wi-fi.org/index.php"
          },
          {
            "trust": 0.3,
            "url": "https://support.apple.com/en-ie/ht208847"
          },
          {
            "trust": 0.3,
            "url": "https://support.apple.com/en-in/ht208334"
          },
          {
            "trust": 0.3,
            "url": "https://support.apple.com/en-in/ht208327"
          },
          {
            "trust": 0.3,
            "url": "https://support.apple.com/en-in/ht208325"
          },
          {
            "trust": 0.3,
            "url": "https://lists.apple.com/archives/security-announce/2017/dec/msg00009.html"
          },
          {
            "trust": 0.3,
            "url": "https://lists.apple.com/archives/security-announce/2017/dec/msg00008.html"
          },
          {
            "trust": 0.3,
            "url": "https://lists.apple.com/archives/security-announce/2018/jul/msg00000.html"
          },
          {
            "trust": 0.3,
            "url": "https://access.redhat.com/security/cve/cve-2017-13077"
          },
          {
            "trust": 0.3,
            "url": "https://access.redhat.com/security/cve/cve-2017-13078"
          },
          {
            "trust": 0.3,
            "url": "https://access.redhat.com/security/cve/cve-2017-13080"
          },
          {
            "trust": 0.3,
            "url": "https://access.redhat.com/security/cve/cve-2017-13081"
          },
          {
            "trust": 0.3,
            "url": "https://access.redhat.com/security/cve/cve-2017-13082"
          },
          {
            "trust": 0.3,
            "url": "https://access.redhat.com/security/cve/cve-2017-13084"
          },
          {
            "trust": 0.3,
            "url": "https://access.redhat.com/security/cve/cve-2017-13086"
          },
          {
            "trust": 0.3,
            "url": "https://access.redhat.com/security/cve/cve-2017-13087"
          },
          {
            "trust": 0.3,
            "url": "https://access.redhat.com/security/cve/cve-2017-13088"
          },
          {
            "trust": 0.3,
            "url": "http://docs.fortinet.com/uploaded/files/3961/fortiap-v5.6.1-release-notes.pdf"
          },
          {
            "trust": 0.3,
            "url": "https://ics-cert.us-cert.gov/advisories/icsa-17-299-02"
          },
          {
            "trust": 0.3,
            "url": "https://ics-cert.us-cert.gov/advisories/icsa-17-318-02"
          },
          {
            "trust": 0.3,
            "url": "https://ics-cert.us-cert.gov/advisories/icsa-17-325-01"
          },
          {
            "trust": 0.3,
            "url": "http://www.oracle.com/technetwork/security-advisory/cpuapr2018-3678067.html"
          },
          {
            "trust": 0.3,
            "url": "https://access.redhat.com/errata/rhsa-2017:2907"
          },
          {
            "trust": 0.3,
            "url": "https://access.redhat.com/errata/rhsa-2017:2911"
          },
          {
            "trust": 0.1,
            "url": "https://cwe.mitre.org/data/definitions/330.html"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov"
          },
          {
            "trust": 0.1,
            "url": "https://github.com/kristate/krackinfo"
          },
          {
            "trust": 0.1,
            "url": "https://www.debian.org/security/faq"
          },
          {
            "trust": 0.1,
            "url": "https://www.debian.org/security/"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2016-4476"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2016-4477"
          },
          {
            "trust": 0.1,
            "url": "https://launchpad.net/ubuntu/+source/wpa/2.1-0ubuntu1.5"
          },
          {
            "trust": 0.1,
            "url": "https://launchpad.net/ubuntu/+source/wpa/2.4-0ubuntu9.1"
          },
          {
            "trust": 0.1,
            "url": "https://launchpad.net/ubuntu/+source/wpa/2.4-0ubuntu6.2"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/nvd.cfm?cvename=cve-2017-13078"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/nvd.cfm?cvename=cve-2017-13079"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/nvd.cfm?cvename=cve-2017-13077"
          },
          {
            "trust": 0.1,
            "url": "https://security.gentoo.org/"
          },
          {
            "trust": 0.1,
            "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2017-13078"
          },
          {
            "trust": 0.1,
            "url": "http://slackware.com"
          },
          {
            "trust": 0.1,
            "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2017-13080"
          },
          {
            "trust": 0.1,
            "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2017-13082"
          },
          {
            "trust": 0.1,
            "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2017-13077"
          },
          {
            "trust": 0.1,
            "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2017-13087"
          },
          {
            "trust": 0.1,
            "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2017-13081"
          },
          {
            "trust": 0.1,
            "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2017-13084"
          },
          {
            "trust": 0.1,
            "url": "http://slackware.com/gpg-key"
          },
          {
            "trust": 0.1,
            "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2017-13086"
          },
          {
            "trust": 0.1,
            "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2017-13088"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2017-13084"
          },
          {
            "trust": 0.1,
            "url": "http://osuosl.org)"
          },
          {
            "trust": 0.1,
            "url": "https://security.freebsd.org/patches/sa-17:07/wpa-10.patch.asc"
          },
          {
            "trust": 0.1,
            "url": "https://security.freebsd.org/advisories/freebsd-sa-17:07.wpa.asc\u003e"
          },
          {
            "trust": 0.1,
            "url": "https://svnweb.freebsd.org/base?view=revision\u0026revision=nnnnnn\u003e"
          },
          {
            "trust": 0.1,
            "url": "https://www.krackattacks.com/\u003e"
          },
          {
            "trust": 0.1,
            "url": "https://security.freebsd.org/patches/sa-17:07/wpa-11.patch.asc"
          },
          {
            "trust": 0.1,
            "url": "https://security.freebsd.org/\u003e."
          },
          {
            "trust": 0.1,
            "url": "https://security.freebsd.org/patches/sa-17:07/wpa-11.patch"
          },
          {
            "trust": 0.1,
            "url": "https://security.freebsd.org/patches/sa-17:07/wpa-10.patch"
          },
          {
            "trust": 0.1,
            "url": "https://www.freebsd.org/handbook/makeworld.html\u003e."
          },
          {
            "trust": 0.1,
            "url": "https://w1.fi/security/2017-1/wpa-packet-number-reuse-with-replayed-messages.txt\u003e"
          }
        ],
        "sources": [
          {
            "db": "CERT/CC",
            "id": "VU#228519"
          },
          {
            "db": "CNVD",
            "id": "CNVD-2017-30404"
          },
          {
            "db": "VULMON",
            "id": "CVE-2017-13079"
          },
          {
            "db": "BID",
            "id": "101274"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2017-009172"
          },
          {
            "db": "PACKETSTORM",
            "id": "144630"
          },
          {
            "db": "PACKETSTORM",
            "id": "144632"
          },
          {
            "db": "PACKETSTORM",
            "id": "144944"
          },
          {
            "db": "PACKETSTORM",
            "id": "144663"
          },
          {
            "db": "PACKETSTORM",
            "id": "144669"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201710-382"
          },
          {
            "db": "NVD",
            "id": "CVE-2017-13079"
          }
        ]
      },
      "sources": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "db": "IVD",
            "id": "3ba265af-e434-4086-b786-5c33d3edb3dc"
          },
          {
            "db": "CERT/CC",
            "id": "VU#228519"
          },
          {
            "db": "CNVD",
            "id": "CNVD-2017-30404"
          },
          {
            "db": "VULMON",
            "id": "CVE-2017-13079"
          },
          {
            "db": "BID",
            "id": "101274"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2017-009172"
          },
          {
            "db": "PACKETSTORM",
            "id": "144630"
          },
          {
            "db": "PACKETSTORM",
            "id": "144632"
          },
          {
            "db": "PACKETSTORM",
            "id": "144944"
          },
          {
            "db": "PACKETSTORM",
            "id": "144663"
          },
          {
            "db": "PACKETSTORM",
            "id": "144669"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201710-382"
          },
          {
            "db": "NVD",
            "id": "CVE-2017-13079"
          }
        ]
      },
      "sources_release_date": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "date": "2017-10-17T00:00:00",
            "db": "IVD",
            "id": "3ba265af-e434-4086-b786-5c33d3edb3dc"
          },
          {
            "date": "2017-10-16T00:00:00",
            "db": "CERT/CC",
            "id": "VU#228519"
          },
          {
            "date": "2017-10-18T00:00:00",
            "db": "CNVD",
            "id": "CNVD-2017-30404"
          },
          {
            "date": "2017-10-17T00:00:00",
            "db": "VULMON",
            "id": "CVE-2017-13079"
          },
          {
            "date": "2017-10-16T00:00:00",
            "db": "BID",
            "id": "101274"
          },
          {
            "date": "2017-11-06T00:00:00",
            "db": "JVNDB",
            "id": "JVNDB-2017-009172"
          },
          {
            "date": "2017-10-16T13:49:34",
            "db": "PACKETSTORM",
            "id": "144630"
          },
          {
            "date": "2017-10-16T23:23:00",
            "db": "PACKETSTORM",
            "id": "144632"
          },
          {
            "date": "2017-11-10T19:19:00",
            "db": "PACKETSTORM",
            "id": "144944"
          },
          {
            "date": "2017-10-18T20:44:00",
            "db": "PACKETSTORM",
            "id": "144663"
          },
          {
            "date": "2017-10-19T14:28:55",
            "db": "PACKETSTORM",
            "id": "144669"
          },
          {
            "date": "2017-10-17T00:00:00",
            "db": "CNNVD",
            "id": "CNNVD-201710-382"
          },
          {
            "date": "2017-10-17T13:29:00.367000",
            "db": "NVD",
            "id": "CVE-2017-13079"
          }
        ]
      },
      "sources_update_date": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "date": "2017-11-16T00:00:00",
            "db": "CERT/CC",
            "id": "VU#228519"
          },
          {
            "date": "2017-10-17T00:00:00",
            "db": "CNVD",
            "id": "CNVD-2017-30404"
          },
          {
            "date": "2019-10-03T00:00:00",
            "db": "VULMON",
            "id": "CVE-2017-13079"
          },
          {
            "date": "2019-02-21T09:00:00",
            "db": "BID",
            "id": "101274"
          },
          {
            "date": "2019-02-01T00:00:00",
            "db": "JVNDB",
            "id": "JVNDB-2017-009172"
          },
          {
            "date": "2020-11-23T00:00:00",
            "db": "CNNVD",
            "id": "CNNVD-201710-382"
          },
          {
            "date": "2025-04-20T01:37:25.860000",
            "db": "NVD",
            "id": "CVE-2017-13079"
          }
        ]
      },
      "threat_type": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/threat_type#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "remote or local",
        "sources": [
          {
            "db": "CNNVD",
            "id": "CNNVD-201710-382"
          }
        ],
        "trust": 0.6
      },
      "title": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/title#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "Wi-Fi Protected Access (WPA) handshake traffic can be manipulated to induce nonce and session key reuse",
        "sources": [
          {
            "db": "CERT/CC",
            "id": "VU#228519"
          }
        ],
        "trust": 0.8
      },
      "type": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/type#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "security feature problem",
        "sources": [
          {
            "db": "CNNVD",
            "id": "CNNVD-201710-382"
          }
        ],
        "trust": 0.6
      }
    }

    VAR-201710-1267

    Vulnerability from variot - Updated: 2025-04-20 21:39

    In dnsmasq before 2.78, if the DNS packet size does not match the expected size, the size parameter in a memset call gets a negative value. As it is an unsigned value, memset ends up writing up to 0xffffffff zero's (0xffffffffffffffff in 64 bit platforms), making dnsmasq crash. Dnsmasq versions 2.77 and earlier contains multiple vulnerabilities. dnsmasq Contains an input validation vulnerability.Service operation interruption (DoS) There is a possibility of being put into a state. Multiple Siemens SCALANCE Products are prone to the following security vulnerabilities: 1. A buffer-overflow vulnerability 2. Multiple denial-of-service vulnerabilities Attackers can exploit these issues to execute arbitrary code within the context of affected device or cause a denial-of-service condition. This BID is being retired as a duplicate of BID 101085 Dnsmasq VU#973527 Multiple Security Vulnerabilities

    Show details on source website

    {
      "@context": {
        "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
        "affected_products": {
          "@id": "https://www.variotdbs.pl/ref/affected_products"
        },
        "configurations": {
          "@id": "https://www.variotdbs.pl/ref/configurations"
        },
        "credits": {
          "@id": "https://www.variotdbs.pl/ref/credits"
        },
        "cvss": {
          "@id": "https://www.variotdbs.pl/ref/cvss/"
        },
        "description": {
          "@id": "https://www.variotdbs.pl/ref/description/"
        },
        "exploit_availability": {
          "@id": "https://www.variotdbs.pl/ref/exploit_availability/"
        },
        "external_ids": {
          "@id": "https://www.variotdbs.pl/ref/external_ids/"
        },
        "iot": {
          "@id": "https://www.variotdbs.pl/ref/iot/"
        },
        "iot_taxonomy": {
          "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
        },
        "patch": {
          "@id": "https://www.variotdbs.pl/ref/patch/"
        },
        "problemtype_data": {
          "@id": "https://www.variotdbs.pl/ref/problemtype_data/"
        },
        "references": {
          "@id": "https://www.variotdbs.pl/ref/references/"
        },
        "sources": {
          "@id": "https://www.variotdbs.pl/ref/sources/"
        },
        "sources_release_date": {
          "@id": "https://www.variotdbs.pl/ref/sources_release_date/"
        },
        "sources_update_date": {
          "@id": "https://www.variotdbs.pl/ref/sources_update_date/"
        },
        "threat_type": {
          "@id": "https://www.variotdbs.pl/ref/threat_type/"
        },
        "title": {
          "@id": "https://www.variotdbs.pl/ref/title/"
        },
        "type": {
          "@id": "https://www.variotdbs.pl/ref/type/"
        }
      },
      "@id": "https://www.variotdbs.pl/vuln/VAR-201710-1267",
      "affected_products": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/affected_products#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            },
            "@id": "https://www.variotdbs.pl/ref/sources"
          }
        },
        "data": [
          {
            "model": "fedora",
            "scope": "eq",
            "trust": 1.3,
            "vendor": "fedoraproject",
            "version": "27"
          },
          {
            "model": "enterprise linux server",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "redhat",
            "version": "7.0"
          },
          {
            "model": "enterprise linux workstation",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "redhat",
            "version": "7.0"
          },
          {
            "model": "leap",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "novell",
            "version": "42.2"
          },
          {
            "model": "ubuntu linux",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "canonical",
            "version": "16.04"
          },
          {
            "model": "linux",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "debian",
            "version": "9.0"
          },
          {
            "model": "enterprise linux desktop",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "redhat",
            "version": "7.0"
          },
          {
            "model": "linux",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "debian",
            "version": "7.0"
          },
          {
            "model": "leap",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "novell",
            "version": "42.3"
          },
          {
            "model": "dnsmasq",
            "scope": "lte",
            "trust": 1.0,
            "vendor": "thekelleys",
            "version": "2.77"
          },
          {
            "model": "linux",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "debian",
            "version": "7.1"
          },
          {
            "model": "ubuntu linux",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "canonical",
            "version": "17.04"
          },
          {
            "model": "ubuntu linux",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "canonical",
            "version": "14.04"
          },
          {
            "model": "dnsmasq",
            "scope": "eq",
            "trust": 0.9,
            "vendor": "thekelleys",
            "version": "2.77"
          },
          {
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "ruckus",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "technicolor",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "zyxel",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "dnsmasq",
            "version": null
          },
          {
            "model": "ubuntu",
            "scope": null,
            "trust": 0.8,
            "vendor": "canonical",
            "version": null
          },
          {
            "model": "gnu/linux",
            "scope": null,
            "trust": 0.8,
            "vendor": "debian",
            "version": null
          },
          {
            "model": "fedora",
            "scope": null,
            "trust": 0.8,
            "vendor": "fedora",
            "version": null
          },
          {
            "model": "dnsmasq",
            "scope": "lt",
            "trust": 0.8,
            "vendor": "thekelleys",
            "version": "2.78"
          },
          {
            "model": "enterprise linux desktop",
            "scope": null,
            "trust": 0.8,
            "vendor": "red hat",
            "version": null
          },
          {
            "model": "enterprise linux server",
            "scope": null,
            "trust": 0.8,
            "vendor": "red hat",
            "version": null
          },
          {
            "model": "enterprise linux workstation",
            "scope": null,
            "trust": 0.8,
            "vendor": "red hat",
            "version": null
          },
          {
            "model": "enterprise linux server year extended update support",
            "scope": "eq",
            "trust": 0.6,
            "vendor": "redhat",
            "version": "-47.4"
          },
          {
            "model": "scalance w1750d",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "siemens",
            "version": "0"
          },
          {
            "model": "scalance s615",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "siemens",
            "version": "0"
          },
          {
            "model": "scalance m800",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "siemens",
            "version": "0"
          },
          {
            "model": "linux",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ubuntu",
            "version": "17.04"
          },
          {
            "model": "linux lts",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ubuntu",
            "version": "16.04"
          },
          {
            "model": "linux lts",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ubuntu",
            "version": "14.04"
          },
          {
            "model": "dnsmasq",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "thekelleys",
            "version": "1.2.2"
          },
          {
            "model": "dnsmasq",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "thekelleys",
            "version": "2.75"
          },
          {
            "model": "dnsmasq",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "thekelleys",
            "version": "2.72"
          },
          {
            "model": "dnsmasq",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "thekelleys",
            "version": "2.71"
          },
          {
            "model": "dnsmasq",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "thekelleys",
            "version": "2.70"
          },
          {
            "model": "dnsmasq",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "thekelleys",
            "version": "2.7"
          },
          {
            "model": "dnsmasq",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "thekelleys",
            "version": "2.65"
          },
          {
            "model": "dnsmasq",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "thekelleys",
            "version": "2.64"
          },
          {
            "model": "dnsmasq",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "thekelleys",
            "version": "2.63"
          },
          {
            "model": "dnsmasq",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "thekelleys",
            "version": "2.62"
          },
          {
            "model": "dnsmasq",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "thekelleys",
            "version": "2.61"
          },
          {
            "model": "dnsmasq",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "thekelleys",
            "version": "2.60"
          },
          {
            "model": "dnsmasq",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "thekelleys",
            "version": "2.6"
          },
          {
            "model": "dnsmasq",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "thekelleys",
            "version": "2.59"
          },
          {
            "model": "dnsmasq",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "thekelleys",
            "version": "2.58"
          },
          {
            "model": "dnsmasq",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "thekelleys",
            "version": "2.57"
          },
          {
            "model": "dnsmasq",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "thekelleys",
            "version": "2.56"
          },
          {
            "model": "dnsmasq",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "thekelleys",
            "version": "2.55"
          },
          {
            "model": "dnsmasq",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "thekelleys",
            "version": "2.54"
          },
          {
            "model": "dnsmasq",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "thekelleys",
            "version": "2.53"
          },
          {
            "model": "dnsmasq",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "thekelleys",
            "version": "2.52"
          },
          {
            "model": "dnsmasq",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "thekelleys",
            "version": "2.51"
          },
          {
            "model": "dnsmasq",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "thekelleys",
            "version": "2.50"
          },
          {
            "model": "dnsmasq",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "thekelleys",
            "version": "2.49"
          },
          {
            "model": "dnsmasq",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "thekelleys",
            "version": "2.48"
          },
          {
            "model": "dnsmasq",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "thekelleys",
            "version": "2.47"
          },
          {
            "model": "dnsmasq",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "thekelleys",
            "version": "2.46"
          },
          {
            "model": "dnsmasq",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "thekelleys",
            "version": "2.45"
          },
          {
            "model": "dnsmasq",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "thekelleys",
            "version": "2.44"
          },
          {
            "model": "dnsmasq",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "thekelleys",
            "version": "2.43"
          },
          {
            "model": "dnsmasq",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "thekelleys",
            "version": "2.42"
          },
          {
            "model": "dnsmasq",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "thekelleys",
            "version": "2.41"
          },
          {
            "model": "dnsmasq",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "thekelleys",
            "version": "2.40"
          },
          {
            "model": "dnsmasq",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "thekelleys",
            "version": "2.4"
          },
          {
            "model": "dnsmasq",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "thekelleys",
            "version": "2.38"
          },
          {
            "model": "dnsmasq",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "thekelleys",
            "version": "2.37"
          },
          {
            "model": "dnsmasq",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "thekelleys",
            "version": "2.36"
          },
          {
            "model": "dnsmasq",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "thekelleys",
            "version": "2.35"
          },
          {
            "model": "dnsmasq",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "thekelleys",
            "version": "2.34"
          },
          {
            "model": "dnsmasq",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "thekelleys",
            "version": "2.33"
          },
          {
            "model": "dnsmasq",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "thekelleys",
            "version": "2.30"
          },
          {
            "model": "dnsmasq",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "thekelleys",
            "version": "2.29"
          },
          {
            "model": "dnsmasq",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "thekelleys",
            "version": "2.28"
          },
          {
            "model": "dnsmasq",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "thekelleys",
            "version": "2.27"
          },
          {
            "model": "dnsmasq",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "thekelleys",
            "version": "2.26"
          },
          {
            "model": "dnsmasq",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "thekelleys",
            "version": "2.25"
          },
          {
            "model": "dnsmasq",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "thekelleys",
            "version": "2.24"
          },
          {
            "model": "dnsmasq",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "thekelleys",
            "version": "2.23"
          },
          {
            "model": "dnsmasq",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "thekelleys",
            "version": "2.22"
          },
          {
            "model": "dnsmasq",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "thekelleys",
            "version": "2.21"
          },
          {
            "model": "dnsmasq",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "thekelleys",
            "version": "2.20"
          },
          {
            "model": "dnsmasq",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "thekelleys",
            "version": "2.2"
          },
          {
            "model": "dnsmasq",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "thekelleys",
            "version": "2.19"
          },
          {
            "model": "dnsmasq",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "thekelleys",
            "version": "2.18"
          },
          {
            "model": "dnsmasq",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "thekelleys",
            "version": "2.17"
          },
          {
            "model": "dnsmasq",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "thekelleys",
            "version": "2.16"
          },
          {
            "model": "dnsmasq",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "thekelleys",
            "version": "2.15"
          },
          {
            "model": "dnsmasq",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "thekelleys",
            "version": "2.14"
          },
          {
            "model": "dnsmasq",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "thekelleys",
            "version": "2.13"
          },
          {
            "model": "dnsmasq",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "thekelleys",
            "version": "2.12"
          },
          {
            "model": "dnsmasq",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "thekelleys",
            "version": "2.11"
          },
          {
            "model": "dnsmasq",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "thekelleys",
            "version": "2.10"
          },
          {
            "model": "dnsmasq",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "thekelleys",
            "version": "1.9"
          },
          {
            "model": "dnsmasq",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "thekelleys",
            "version": "1.8"
          },
          {
            "model": "dnsmasq",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "thekelleys",
            "version": "1.6"
          },
          {
            "model": "dnsmasq",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "thekelleys",
            "version": "1.5"
          },
          {
            "model": "dnsmasq",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "thekelleys",
            "version": "1.4"
          },
          {
            "model": "dnsmasq",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "thekelleys",
            "version": "1.3"
          },
          {
            "model": "dnsmasq",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "thekelleys",
            "version": "1.18"
          },
          {
            "model": "dnsmasq",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "thekelleys",
            "version": "1.17"
          },
          {
            "model": "dnsmasq",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "thekelleys",
            "version": "1.16"
          },
          {
            "model": "dnsmasq",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "thekelleys",
            "version": "1.15"
          },
          {
            "model": "dnsmasq",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "thekelleys",
            "version": "1.14"
          },
          {
            "model": "dnsmasq",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "thekelleys",
            "version": "1.13"
          },
          {
            "model": "dnsmasq",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "thekelleys",
            "version": "1.12"
          },
          {
            "model": "dnsmasq",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "thekelleys",
            "version": "1.11"
          },
          {
            "model": "dnsmasq",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "thekelleys",
            "version": "1.10"
          },
          {
            "model": "dnsmasq",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "thekelleys",
            "version": "1.0"
          },
          {
            "model": "dnsmasq",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "thekelleys",
            "version": "0.996"
          },
          {
            "model": "dnsmasq",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "thekelleys",
            "version": "0.992"
          },
          {
            "model": "dnsmasq",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "thekelleys",
            "version": "0.98"
          },
          {
            "model": "dnsmasq",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "thekelleys",
            "version": "0.96"
          },
          {
            "model": "dnsmasq",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "thekelleys",
            "version": "0.95"
          },
          {
            "model": "dnsmasq",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "thekelleys",
            "version": "0.7"
          },
          {
            "model": "dnsmasq",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "thekelleys",
            "version": "0.6"
          },
          {
            "model": "dnsmasq",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "thekelleys",
            "version": "0.5"
          },
          {
            "model": "dnsmasq",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "thekelleys",
            "version": "0.4"
          },
          {
            "model": "linux",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "slackware",
            "version": "14.2"
          },
          {
            "model": "linux",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "slackware",
            "version": "14.1"
          },
          {
            "model": "linux",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "slackware",
            "version": "14.0"
          },
          {
            "model": "linux",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "slackware",
            "version": "13.37"
          },
          {
            "model": "linux",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "slackware",
            "version": "13.1"
          },
          {
            "model": "linux",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "slackware",
            "version": "13.0"
          },
          {
            "model": "enterprise linux workstation optional",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "redhat",
            "version": "7"
          },
          {
            "model": "enterprise linux workstation optional",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "redhat",
            "version": "6"
          },
          {
            "model": "enterprise linux workstation",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "redhat",
            "version": "7"
          },
          {
            "model": "enterprise linux workstation",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "redhat",
            "version": "6"
          },
          {
            "model": "enterprise linux server tus",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "redhat",
            "version": "6.6"
          },
          {
            "model": "enterprise linux server tus",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "redhat",
            "version": "6.5"
          },
          {
            "model": "enterprise linux server optional eus",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "redhat",
            "version": "7.3"
          },
          {
            "model": "enterprise linux server optional eus",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "redhat",
            "version": "7.2"
          },
          {
            "model": "enterprise linux server optional eus",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "redhat",
            "version": "6.5"
          },
          {
            "model": "enterprise linux server optional aus",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "redhat",
            "version": "6.6"
          },
          {
            "model": "enterprise linux server optional aus",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "redhat",
            "version": "6.5"
          },
          {
            "model": "enterprise linux server optional aus",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "redhat",
            "version": "6.4"
          },
          {
            "model": "enterprise linux server optional",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "redhat",
            "version": "7"
          },
          {
            "model": "enterprise linux server optional",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "redhat",
            "version": "6"
          },
          {
            "model": "enterprise linux server for arm",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "redhat",
            "version": "7"
          },
          {
            "model": "enterprise linux server eus",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "redhat",
            "version": "7.3"
          },
          {
            "model": "enterprise linux server eus",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "redhat",
            "version": "7.2"
          },
          {
            "model": "enterprise linux server aus",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "redhat",
            "version": "6.6"
          },
          {
            "model": "enterprise linux server aus",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "redhat",
            "version": "6.5"
          },
          {
            "model": "enterprise linux server aus",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "redhat",
            "version": "6.4"
          },
          {
            "model": "enterprise linux server aus",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "redhat",
            "version": "6.2"
          },
          {
            "model": "enterprise linux server tus",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "redhat",
            "version": "-7.4"
          },
          {
            "model": "enterprise linux server tus",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "redhat",
            "version": "-7.3"
          },
          {
            "model": "enterprise linux server tus",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "redhat",
            "version": "-7.2"
          },
          {
            "model": "enterprise linux server extended update support",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "redhat",
            "version": "-7.4"
          },
          {
            "model": "enterprise linux server extended update support",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "redhat",
            "version": "-7.2"
          },
          {
            "model": "enterprise linux server extended update suppor",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "redhat",
            "version": "-7.3"
          },
          {
            "model": "enterprise linux server aus",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "redhat",
            "version": "-7.4"
          },
          {
            "model": "enterprise linux server aus",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "redhat",
            "version": "-7.3"
          },
          {
            "model": "enterprise linux server aus",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "redhat",
            "version": "-7.2"
          },
          {
            "model": "enterprise linux server year extended update support",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "redhat",
            "version": "-47.2"
          },
          {
            "model": "enterprise linux server year extended upd",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "redhat",
            "version": "-47.3"
          },
          {
            "model": "enterprise linux server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "redhat",
            "version": "7"
          },
          {
            "model": "enterprise linux server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "redhat",
            "version": "6"
          },
          {
            "model": "enterprise linux server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "redhat",
            "version": "5"
          },
          {
            "model": "enterprise linux long life server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "redhat",
            "version": "5.9"
          },
          {
            "model": "enterprise linux hpc node optional",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "redhat",
            "version": "6"
          },
          {
            "model": "enterprise linux hpc node",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "redhat",
            "version": "6"
          },
          {
            "model": "enterprise linux for scientific computing",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "redhat",
            "version": "7"
          },
          {
            "model": "enterprise linux for power little endian extended update supp",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "redhat",
            "version": "-7.4"
          },
          {
            "model": "enterprise linux for power little endian",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "redhat",
            "version": "7"
          },
          {
            "model": "enterprise linux for power big endian extended update support",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "redhat",
            "version": "-7.4"
          },
          {
            "model": "enterprise linux for power big endian",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "redhat",
            "version": "7"
          },
          {
            "model": "enterprise linux for power little endian extended update suppo",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "redhat",
            "version": "-7.3"
          },
          {
            "model": "enterprise linux for power little endian extended update suppo",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "redhat",
            "version": "-7.2"
          },
          {
            "model": "enterprise linux for power big endian extended update support",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "redhat",
            "version": "-7.3"
          },
          {
            "model": "enterprise linux for power big endian extended update support",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "redhat",
            "version": "-7.2"
          },
          {
            "model": "enterprise linux for ibm z systems extended update support",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "redhat",
            "version": "-7.4"
          },
          {
            "model": "enterprise linux for ibm z systems extended update support",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "redhat",
            "version": "-7.3"
          },
          {
            "model": "enterprise linux for ibm z systems extended update support",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "redhat",
            "version": "-7.2"
          },
          {
            "model": "enterprise linux for ibm z systems",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "redhat",
            "version": "7"
          },
          {
            "model": "enterprise linux eus compute node",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "redhat",
            "version": "7.4"
          },
          {
            "model": "enterprise linux eus compute node",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "redhat",
            "version": "7.3"
          },
          {
            "model": "enterprise linux eus compute node",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "redhat",
            "version": "7.2"
          },
          {
            "model": "enterprise linux desktop optional",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "redhat",
            "version": "6"
          },
          {
            "model": "enterprise linux desktop",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "redhat",
            "version": "7"
          },
          {
            "model": "enterprise linux desktop",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "redhat",
            "version": "6"
          },
          {
            "model": "enterprise linux computenode optional eus",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "redhat",
            "version": "7.3"
          },
          {
            "model": "enterprise linux computenode optional eus",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "redhat",
            "version": "7.2"
          },
          {
            "model": "enterprise linux computenode optional",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "redhat",
            "version": "7"
          },
          {
            "model": "enterprise linux computenode eus",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "redhat",
            "version": "7.3"
          },
          {
            "model": "enterprise linux computenode eus",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "redhat",
            "version": "7.2"
          },
          {
            "model": "enterprise linux computenode",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "redhat",
            "version": "7"
          },
          {
            "model": "linux",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "oracle",
            "version": "7"
          },
          {
            "model": "linux",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "oracle",
            "version": "6"
          },
          {
            "model": "leap",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "opensuse",
            "version": "42.3"
          },
          {
            "model": "leap",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "opensuse",
            "version": "42.2"
          },
          {
            "model": "kubernetes",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "kubernetes",
            "version": "1.7.6"
          },
          {
            "model": "kubernetes",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "kubernetes",
            "version": "1.7"
          },
          {
            "model": "kubernetes",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "kubernetes",
            "version": "1.6.10"
          },
          {
            "model": "kubernetes",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "kubernetes",
            "version": "1.6"
          },
          {
            "model": "kubernetes",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "kubernetes",
            "version": "1.5.7"
          },
          {
            "model": "kubernetes",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "kubernetes",
            "version": "1.5"
          },
          {
            "model": "kubernetes",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "kubernetes",
            "version": "1.2"
          },
          {
            "model": "android",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "7.1.1"
          },
          {
            "model": "android",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "6.0.1"
          },
          {
            "model": "android",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "5.1.1"
          },
          {
            "model": "android",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "5.0.2"
          },
          {
            "model": "android",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "4.4.4"
          },
          {
            "model": "android",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "8.0"
          },
          {
            "model": "android",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "7.1.2"
          },
          {
            "model": "android",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "7.0"
          },
          {
            "model": "android",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "6.0"
          },
          {
            "model": "linux sparc",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "debian",
            "version": "6.0"
          },
          {
            "model": "linux s/390",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "debian",
            "version": "6.0"
          },
          {
            "model": "linux powerpc",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "debian",
            "version": "6.0"
          },
          {
            "model": "linux mips",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "debian",
            "version": "6.0"
          },
          {
            "model": "linux ia-64",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "debian",
            "version": "6.0"
          },
          {
            "model": "linux ia-32",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "debian",
            "version": "6.0"
          },
          {
            "model": "linux ia-30",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "debian",
            "version": "6.0"
          },
          {
            "model": "linux arm",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "debian",
            "version": "6.0"
          },
          {
            "model": "linux amd64",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "debian",
            "version": "6.0"
          },
          {
            "model": "centos",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "centos",
            "version": "7"
          },
          {
            "model": "centos",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "centos",
            "version": "6"
          },
          {
            "model": "dnsmasq",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "thekelleys",
            "version": "2.78"
          },
          {
            "model": "kubernetes",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "kubernetes",
            "version": "1.8"
          },
          {
            "model": "kubernetes",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "kubernetes",
            "version": "1.7.7"
          },
          {
            "model": "kubernetes",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "kubernetes",
            "version": "1.6.11"
          },
          {
            "model": "kubernetes",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "kubernetes",
            "version": "1.5.8"
          }
        ],
        "sources": [
          {
            "db": "CERT/CC",
            "id": "VU#973527"
          },
          {
            "db": "BID",
            "id": "101977"
          },
          {
            "db": "BID",
            "id": "101085"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2017-008617"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201708-1115"
          },
          {
            "db": "NVD",
            "id": "CVE-2017-13704"
          }
        ]
      },
      "configurations": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/configurations#",
          "children": {
            "@container": "@list"
          },
          "cpe_match": {
            "@container": "@list"
          },
          "data": {
            "@container": "@list"
          },
          "nodes": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "CVE_data_version": "4.0",
            "nodes": [
              {
                "cpe_match": [
                  {
                    "cpe22Uri": "cpe:/o:canonical:ubuntu",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:debian:debian_linux",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:fedoraproject:fedora",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/a:thekelleys:dnsmasq",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:redhat:enterprise_linux_desktop",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:redhat:enterprise_linux_server",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:redhat:enterprise_linux_workstation",
                    "vulnerable": true
                  }
                ],
                "operator": "OR"
              }
            ]
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2017-008617"
          }
        ]
      },
      "credits": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/credits#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "Gabriel Campana, Kevin Hamacher and Ron Bowes of the Google Security Team,Felix Wilhelm, Fermin J. Serna",
        "sources": [
          {
            "db": "CNNVD",
            "id": "CNNVD-201708-1115"
          }
        ],
        "trust": 0.6
      },
      "cve": "CVE-2017-13704",
      "cvss": {
        "@context": {
          "cvssV2": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
          },
          "cvssV3": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
          },
          "severity": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/cvss/severity#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/severity"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            },
            "@id": "https://www.variotdbs.pl/ref/sources"
          }
        },
        "data": [
          {
            "cvssV2": [
              {
                "accessComplexity": "LOW",
                "accessVector": "NETWORK",
                "authentication": "NONE",
                "author": "nvd@nist.gov",
                "availabilityImpact": "PARTIAL",
                "baseScore": 5.0,
                "confidentialityImpact": "NONE",
                "exploitabilityScore": 10.0,
                "id": "CVE-2017-13704",
                "impactScore": 2.9,
                "integrityImpact": "NONE",
                "severity": "MEDIUM",
                "trust": 1.9,
                "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
                "version": "2.0"
              }
            ],
            "cvssV3": [
              {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "author": "nvd@nist.gov",
                "availabilityImpact": "HIGH",
                "baseScore": 7.5,
                "baseSeverity": "HIGH",
                "confidentialityImpact": "NONE",
                "exploitabilityScore": 3.9,
                "id": "CVE-2017-13704",
                "impactScore": 3.6,
                "integrityImpact": "NONE",
                "privilegesRequired": "NONE",
                "scope": "UNCHANGED",
                "trust": 1.8,
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
                "version": "3.0"
              }
            ],
            "severity": [
              {
                "author": "nvd@nist.gov",
                "id": "CVE-2017-13704",
                "trust": 1.0,
                "value": "HIGH"
              },
              {
                "author": "NVD",
                "id": "CVE-2017-13704",
                "trust": 0.8,
                "value": "High"
              },
              {
                "author": "CNNVD",
                "id": "CNNVD-201708-1115",
                "trust": 0.6,
                "value": "MEDIUM"
              },
              {
                "author": "VULMON",
                "id": "CVE-2017-13704",
                "trust": 0.1,
                "value": "MEDIUM"
              }
            ]
          }
        ],
        "sources": [
          {
            "db": "VULMON",
            "id": "CVE-2017-13704"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2017-008617"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201708-1115"
          },
          {
            "db": "NVD",
            "id": "CVE-2017-13704"
          }
        ]
      },
      "description": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/description#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "In dnsmasq before 2.78, if the DNS packet size does not match the expected size, the size parameter in a memset call gets a negative value. As it is an unsigned value, memset ends up writing up to 0xffffffff zero\u0027s (0xffffffffffffffff in 64 bit platforms), making dnsmasq crash. Dnsmasq versions 2.77 and earlier contains multiple vulnerabilities. dnsmasq Contains an input validation vulnerability.Service operation interruption (DoS) There is a possibility of being put into a state. Multiple Siemens SCALANCE Products are prone to the following security vulnerabilities:\n1. A buffer-overflow vulnerability\n2. Multiple denial-of-service vulnerabilities\nAttackers can exploit these issues to execute arbitrary code within the  context of affected device or cause a denial-of-service condition. \nThis BID is being retired as a duplicate of BID 101085 Dnsmasq VU#973527 Multiple Security Vulnerabilities",
        "sources": [
          {
            "db": "NVD",
            "id": "CVE-2017-13704"
          },
          {
            "db": "CERT/CC",
            "id": "VU#973527"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2017-008617"
          },
          {
            "db": "BID",
            "id": "101977"
          },
          {
            "db": "BID",
            "id": "101085"
          },
          {
            "db": "VULMON",
            "id": "CVE-2017-13704"
          }
        ],
        "trust": 2.97
      },
      "external_ids": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/external_ids#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "db": "NVD",
            "id": "CVE-2017-13704",
            "trust": 3.1
          },
          {
            "db": "CERT/CC",
            "id": "VU#973527",
            "trust": 2.5
          },
          {
            "db": "BID",
            "id": "101085",
            "trust": 2.0
          },
          {
            "db": "ICS CERT",
            "id": "ICSA-17-332-01",
            "trust": 2.0
          },
          {
            "db": "BID",
            "id": "101977",
            "trust": 1.4
          },
          {
            "db": "SECTRACK",
            "id": "1039474",
            "trust": 1.1
          },
          {
            "db": "SIEMENS",
            "id": "SSA-689071",
            "trust": 1.1
          },
          {
            "db": "JVN",
            "id": "JVNVU93453933",
            "trust": 0.8
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2017-008617",
            "trust": 0.8
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201708-1115",
            "trust": 0.6
          },
          {
            "db": "VULMON",
            "id": "CVE-2017-13704",
            "trust": 0.1
          }
        ],
        "sources": [
          {
            "db": "CERT/CC",
            "id": "VU#973527"
          },
          {
            "db": "VULMON",
            "id": "CVE-2017-13704"
          },
          {
            "db": "BID",
            "id": "101977"
          },
          {
            "db": "BID",
            "id": "101085"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2017-008617"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201708-1115"
          },
          {
            "db": "NVD",
            "id": "CVE-2017-13704"
          }
        ]
      },
      "id": "VAR-201710-1267",
      "iot": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/iot#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": true,
        "sources": [
          {
            "db": "VARIoT devices database",
            "id": null
          }
        ],
        "trust": 0.25396827
      },
      "last_update_date": "2025-04-20T21:39:33.983000Z",
      "patch": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/patch#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "title": "FEDORA-2017-274d763ed8",
            "trust": 0.8,
            "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4TK6DWC53WSU6633EVZL7H4PCWBYHMHK/"
          },
          {
            "title": "CHANGELOG",
            "trust": 0.8,
            "url": "http://thekelleys.org.uk/dnsmasq/CHANGELOG"
          },
          {
            "title": "Fix CVE-2017-13704, which resulted in a crash on a large DNS query.",
            "trust": 0.8,
            "url": "http://thekelleys.org.uk/gitweb/?p=dnsmasq.git;a=commit;h=63437ffbb58837b214b4b92cb1c54bc5f3279928"
          },
          {
            "title": "USN-3430-2",
            "trust": 0.8,
            "url": "https://usn.ubuntu.com/usn/USN-3430-2/"
          },
          {
            "title": "USN-3430-1",
            "trust": 0.8,
            "url": "https://usn.ubuntu.com/usn/USN-3430-1/"
          },
          {
            "title": "dnsmasq: Multiple Critical and Important vulnerabilities",
            "trust": 0.8,
            "url": "https://access.redhat.com/security/vulnerabilities/3199382"
          },
          {
            "title": "Dnsmasq Enter the fix for the verification vulnerability",
            "trust": 0.6,
            "url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=92838"
          },
          {
            "title": "Debian CVElist Bug Report Logs: dnsmasq: CVE-2017-13704: Size parameter overflow via large DNS query",
            "trust": 0.1,
            "url": "https://vulmon.com/vendoradvisory?qidtp=debian_cvelist_bugreportlogs\u0026qid=fa8aad66cae5df51d49e1cdce2fe4a42"
          },
          {
            "title": "Red Hat: CVE-2017-13704",
            "trust": 0.1,
            "url": "https://vulmon.com/vendoradvisory?qidtp=red_hat_cve_database\u0026qid=CVE-2017-13704"
          },
          {
            "title": "Siemens Security Advisories: Siemens Security Advisory",
            "trust": 0.1,
            "url": "https://vulmon.com/vendoradvisory?qidtp=siemens_security_advisories\u0026qid=7f490a104360d6f65bee18ec7bfa18a3"
          },
          {
            "title": "Brocade Security Advisories: BSA-2017-455",
            "trust": 0.1,
            "url": "https://vulmon.com/vendoradvisory?qidtp=brocade_security_advisories\u0026qid=f173c512f0a725c451f45840ccf64e99"
          },
          {
            "title": "Oracle Solaris Third Party Bulletins: Oracle Solaris Third Party Bulletin - October 2017",
            "trust": 0.1,
            "url": "https://vulmon.com/vendoradvisory?qidtp=oracle_solaris_third_party_bulletins\u0026qid=6283337cd31f81f24d445925f2138c0e"
          },
          {
            "title": "Threatpost",
            "trust": 0.1,
            "url": "https://threatpost.com/google-warns-of-dos-and-rce-bugs-in-dnsmasq/128238/"
          }
        ],
        "sources": [
          {
            "db": "VULMON",
            "id": "CVE-2017-13704"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2017-008617"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201708-1115"
          }
        ]
      },
      "problemtype_data": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "problemtype": "CWE-20",
            "trust": 1.8
          },
          {
            "problemtype": "CWE-191",
            "trust": 0.8
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2017-008617"
          },
          {
            "db": "NVD",
            "id": "CVE-2017-13704"
          }
        ]
      },
      "references": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/references#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "trust": 2.8,
            "url": "https://security.googleblog.com/2017/10/behind-masq-yet-more-dns-and-dhcp.html"
          },
          {
            "trust": 2.3,
            "url": "http://www.securityfocus.com/bid/101085"
          },
          {
            "trust": 2.0,
            "url": "https://ics-cert.us-cert.gov/advisories/icsa-17-332-01"
          },
          {
            "trust": 1.7,
            "url": "http://www.thekelleys.org.uk/dnsmasq/doc.html"
          },
          {
            "trust": 1.7,
            "url": "https://www.kb.cert.org/vuls/id/973527"
          },
          {
            "trust": 1.2,
            "url": "http://www.securityfocus.com/bid/101977"
          },
          {
            "trust": 1.1,
            "url": "http://thekelleys.org.uk/dnsmasq/changelog"
          },
          {
            "trust": 1.1,
            "url": "http://www.securitytracker.com/id/1039474"
          },
          {
            "trust": 1.1,
            "url": "https://access.redhat.com/security/vulnerabilities/3199382"
          },
          {
            "trust": 1.1,
            "url": "https://www.synology.com/support/security/synology_sa_17_59_dnsmasq"
          },
          {
            "trust": 1.1,
            "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-689071.pdf"
          },
          {
            "trust": 1.0,
            "url": "https://access.redhat.com/security/cve/cve-2017-13704"
          },
          {
            "trust": 1.0,
            "url": "http://thekelleys.org.uk/gitweb/?p=dnsmasq.git%3ba=commit%3bh=63437ffbb58837b214b4b92cb1c54bc5f3279928"
          },
          {
            "trust": 1.0,
            "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/4tk6dwc53wsu6633evzl7h4pcwbyhmhk/"
          },
          {
            "trust": 1.0,
            "url": "https://www.mail-archive.com/dnsmasq-discuss%40lists.thekelleys.org.uk/msg11664.html"
          },
          {
            "trust": 1.0,
            "url": "https://www.mail-archive.com/dnsmasq-discuss%40lists.thekelleys.org.uk/msg11665.html"
          },
          {
            "trust": 0.9,
            "url": "http://www.thekelleys.org.uk/dnsmasq/changelog"
          },
          {
            "trust": 0.9,
            "url": "https://github.com/google/security-research-pocs/blob/master/vulnerabilities/dnsmasq/cve-2017-14491.py"
          },
          {
            "trust": 0.9,
            "url": "https://github.com/google/security-research-pocs/blob/master/vulnerabilities/dnsmasq/cve-2017-14492.py"
          },
          {
            "trust": 0.9,
            "url": "https://github.com/google/security-research-pocs/blob/master/vulnerabilities/dnsmasq/cve-2017-14493.py"
          },
          {
            "trust": 0.9,
            "url": "https://github.com/google/security-research-pocs/blob/master/vulnerabilities/dnsmasq/cve-2017-14494.py"
          },
          {
            "trust": 0.9,
            "url": "https://github.com/google/security-research-pocs/blob/master/vulnerabilities/dnsmasq/cve-2017-14495.py"
          },
          {
            "trust": 0.9,
            "url": "https://github.com/kubernetes/kubernetes/blob/master/changelog.md"
          },
          {
            "trust": 0.9,
            "url": "http://www.slackware.com/security/viewer.php?l=slackware-security\u0026y=2017\u0026m=slackware-security.601472"
          },
          {
            "trust": 0.9,
            "url": "https://source.android.com/security/bulletin/2017-10-01"
          },
          {
            "trust": 0.9,
            "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1495410"
          },
          {
            "trust": 0.9,
            "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1495411"
          },
          {
            "trust": 0.9,
            "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1495412"
          },
          {
            "trust": 0.9,
            "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1495415"
          },
          {
            "trust": 0.9,
            "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1495416"
          },
          {
            "trust": 0.9,
            "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1495510"
          },
          {
            "trust": 0.9,
            "url": "https://access.redhat.com/security/cve/cve-2017-14491"
          },
          {
            "trust": 0.9,
            "url": "https://access.redhat.com/security/cve/cve-2017-14492"
          },
          {
            "trust": 0.9,
            "url": "https://access.redhat.com/security/cve/cve-2017-14493"
          },
          {
            "trust": 0.9,
            "url": "https://access.redhat.com/security/cve/cve-2017-14494"
          },
          {
            "trust": 0.9,
            "url": "https://access.redhat.com/security/cve/cve-2017-14495"
          },
          {
            "trust": 0.9,
            "url": "https://access.redhat.com/security/cve/cve-2017-14496"
          },
          {
            "trust": 0.9,
            "url": "https://www.debian.org/security/2017/dsa-3989"
          },
          {
            "trust": 0.9,
            "url": "https://github.com/google/security-research-pocs/blob/master/vulnerabilities/dnsmasq/cve-2017-14496.py"
          },
          {
            "trust": 0.9,
            "url": "https://access.redhat.com/errata/rhsa-2017:2836"
          },
          {
            "trust": 0.9,
            "url": "https://access.redhat.com/errata/rhsa-2017:2837"
          },
          {
            "trust": 0.8,
            "url": "https://www.ruckuswireless.com/security"
          },
          {
            "trust": 0.8,
            "url": "https://www.zyxel.com/support/announcement_dnsmasq_vulnerabilities.shtml"
          },
          {
            "trust": 0.8,
            "url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2017-13704"
          },
          {
            "trust": 0.8,
            "url": "http://jvn.jp/vu/jvnvu93453933/index.html"
          },
          {
            "trust": 0.8,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2017-13704"
          },
          {
            "trust": 0.6,
            "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1495409bug1495409"
          },
          {
            "trust": 0.6,
            "url": "https://us-cert.cisa.gov/ics/advisories/icsa-17-332-01"
          },
          {
            "trust": 0.3,
            "url": "http://subscriber.communications.siemens.com/"
          },
          {
            "trust": 0.3,
            "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1495409 bug 1495409"
          },
          {
            "trust": 0.1,
            "url": "https://cwe.mitre.org/data/definitions/20.html"
          },
          {
            "trust": 0.1,
            "url": "https://www.mail-archive.com/dnsmasq-discuss@lists.thekelleys.org.uk/msg11665.html"
          },
          {
            "trust": 0.1,
            "url": "https://www.mail-archive.com/dnsmasq-discuss@lists.thekelleys.org.uk/msg11664.html"
          },
          {
            "trust": 0.1,
            "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4tk6dwc53wsu6633evzl7h4pcwbyhmhk/"
          },
          {
            "trust": 0.1,
            "url": "http://thekelleys.org.uk/gitweb/?p=dnsmasq.git;a=commit;h=63437ffbb58837b214b4b92cb1c54bc5f3279928"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov"
          },
          {
            "trust": 0.1,
            "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=877102"
          },
          {
            "trust": 0.1,
            "url": "https://threatpost.com/google-warns-of-dos-and-rce-bugs-in-dnsmasq/128238/"
          }
        ],
        "sources": [
          {
            "db": "CERT/CC",
            "id": "VU#973527"
          },
          {
            "db": "VULMON",
            "id": "CVE-2017-13704"
          },
          {
            "db": "BID",
            "id": "101977"
          },
          {
            "db": "BID",
            "id": "101085"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2017-008617"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201708-1115"
          },
          {
            "db": "NVD",
            "id": "CVE-2017-13704"
          }
        ]
      },
      "sources": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "db": "CERT/CC",
            "id": "VU#973527"
          },
          {
            "db": "VULMON",
            "id": "CVE-2017-13704"
          },
          {
            "db": "BID",
            "id": "101977"
          },
          {
            "db": "BID",
            "id": "101085"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2017-008617"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201708-1115"
          },
          {
            "db": "NVD",
            "id": "CVE-2017-13704"
          }
        ]
      },
      "sources_release_date": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "date": "2017-10-02T00:00:00",
            "db": "CERT/CC",
            "id": "VU#973527"
          },
          {
            "date": "2017-10-03T00:00:00",
            "db": "VULMON",
            "id": "CVE-2017-13704"
          },
          {
            "date": "2017-11-28T00:00:00",
            "db": "BID",
            "id": "101977"
          },
          {
            "date": "2017-10-02T00:00:00",
            "db": "BID",
            "id": "101085"
          },
          {
            "date": "2017-10-24T00:00:00",
            "db": "JVNDB",
            "id": "JVNDB-2017-008617"
          },
          {
            "date": "2017-08-28T00:00:00",
            "db": "CNNVD",
            "id": "CNNVD-201708-1115"
          },
          {
            "date": "2017-10-03T01:29:01.637000",
            "db": "NVD",
            "id": "CVE-2017-13704"
          }
        ]
      },
      "sources_update_date": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "date": "2018-02-02T00:00:00",
            "db": "CERT/CC",
            "id": "VU#973527"
          },
          {
            "date": "2018-05-11T00:00:00",
            "db": "VULMON",
            "id": "CVE-2017-13704"
          },
          {
            "date": "2019-05-15T17:00:00",
            "db": "BID",
            "id": "101977"
          },
          {
            "date": "2017-10-02T00:00:00",
            "db": "BID",
            "id": "101085"
          },
          {
            "date": "2017-11-29T00:00:00",
            "db": "JVNDB",
            "id": "JVNDB-2017-008617"
          },
          {
            "date": "2020-10-14T00:00:00",
            "db": "CNNVD",
            "id": "CNNVD-201708-1115"
          },
          {
            "date": "2025-04-20T01:37:25.860000",
            "db": "NVD",
            "id": "CVE-2017-13704"
          }
        ]
      },
      "threat_type": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/threat_type#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "network",
        "sources": [
          {
            "db": "BID",
            "id": "101977"
          },
          {
            "db": "BID",
            "id": "101085"
          }
        ],
        "trust": 0.6
      },
      "title": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/title#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "Dnsmasq contains multiple vulnerabilities",
        "sources": [
          {
            "db": "CERT/CC",
            "id": "VU#973527"
          }
        ],
        "trust": 0.8
      },
      "type": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/type#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "Input Validation Error",
        "sources": [
          {
            "db": "BID",
            "id": "101977"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201708-1115"
          }
        ],
        "trust": 0.9
      }
    }

    VAR-201710-0450

    Vulnerability from variot - Updated: 2025-04-20 21:20

    dnsmasq before 2.78, when configured as a relay, allows remote attackers to obtain sensitive memory information via vectors involving handling DHCPv6 forwarded requests. Dnsmasq versions 2.77 and earlier contains multiple vulnerabilities. dnsmasq Contains an information disclosure vulnerability.Information may be obtained. Attackers can exploit these issues to execute arbitrary code within the context of the affected application, bypass the ASLR, gain sensitive information, or cause a denial-of-service condition. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1

    ===================================================================== Red Hat Security Advisory

    Synopsis: Critical: dnsmasq security update Advisory ID: RHSA-2017:2836-01 Product: Red Hat Enterprise Linux Advisory URL: https://access.redhat.com/errata/RHSA-2017:2836 Issue date: 2017-10-02 CVE Names: CVE-2017-14491 CVE-2017-14492 CVE-2017-14493 CVE-2017-14494 CVE-2017-14495 CVE-2017-14496 =====================================================================

    1. Summary:

    An update for dnsmasq is now available for Red Hat Enterprise Linux 7.

    Red Hat Product Security has rated this update as having a security impact of Critical. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.

    1. Relevant releases/architectures:

    Red Hat Enterprise Linux Client (v. 7) - x86_64 Red Hat Enterprise Linux Client Optional (v. 7) - x86_64 Red Hat Enterprise Linux ComputeNode (v. 7) - x86_64 Red Hat Enterprise Linux ComputeNode Optional (v. 7) - x86_64 Red Hat Enterprise Linux Server (v. 7) - aarch64, ppc64, ppc64le, s390x, x86_64 Red Hat Enterprise Linux Server Optional (v. 7) - aarch64, ppc64, ppc64le, s390x, x86_64 Red Hat Enterprise Linux Workstation (v. 7) - x86_64 Red Hat Enterprise Linux Workstation Optional (v. 7) - x86_64

    1. Description:

    The dnsmasq packages contain Dnsmasq, a lightweight DNS (Domain Name Server) forwarder and DHCP (Dynamic Host Configuration Protocol) server.

    Security Fix(es):

    • A heap buffer overflow was found in dnsmasq in the code responsible for building DNS replies. An attacker could send crafted DNS packets to dnsmasq which would cause it to crash or, potentially, execute arbitrary code. (CVE-2017-14491)

    • A heap buffer overflow was discovered in dnsmasq in the IPv6 router advertisement (RA) handling code. An attacker on the local network segment could send crafted RAs to dnsmasq which would cause it to crash or, potentially, execute arbitrary code. This issue only affected configurations using one of these options: enable-ra, ra-only, slaac, ra-names, ra-advrouter, or ra-stateless. (CVE-2017-14492)

    • A stack buffer overflow was found in dnsmasq in the DHCPv6 code. An attacker on the local network could send a crafted DHCPv6 request to dnsmasq which would cause it to a crash or, potentially, execute arbitrary code. (CVE-2017-14493)

    • An information leak was found in dnsmasq in the DHCPv6 relay code. An attacker on the local network could send crafted DHCPv6 packets to dnsmasq causing it to forward the contents of process memory, potentially leaking sensitive data. (CVE-2017-14494)

    • A memory exhaustion flaw was found in dnsmasq in the EDNS0 code. An attacker could send crafted DNS packets which would trigger memory allocations which would never be freed, leading to unbounded memory consumption and eventually a crash. This issue only affected configurations using one of the options: add-mac, add-cpe-id, or add-subnet. (CVE-2017-14495)

    • An integer underflow flaw leading to a buffer over-read was found in dnsmasq in the EDNS0 code. An attacker could send crafted DNS packets to dnsmasq which would cause it to crash. This issue only affected configurations using one of the options: add-mac, add-cpe-id, or add-subnet. (CVE-2017-14496)

    Red Hat would like to thank Felix Wilhelm (Google Security Team), Fermin J. Serna (Google Security Team), Gabriel Campana (Google Security Team), Kevin Hamacher (Google Security Team), and Ron Bowes (Google Security Team) for reporting these issues.

    1. Solution:

    For details on how to apply this update, which includes the changes described in this advisory, refer to:

    https://access.redhat.com/articles/11258

    1. Bugs fixed (https://bugzilla.redhat.com/):

    1495409 - CVE-2017-14491 dnsmasq: heap overflow in the code responsible for building DNS replies 1495410 - CVE-2017-14492 dnsmasq: heap overflow in the IPv6 router advertisement code 1495411 - CVE-2017-14493 dnsmasq: stack buffer overflow in the DHCPv6 code 1495412 - CVE-2017-14494 dnsmasq: information leak in the DHCPv6 relay code 1495415 - CVE-2017-14495 dnsmasq: memory exhaustion vulnerability in the EDNS0 code 1495416 - CVE-2017-14496 dnsmasq: integer underflow leading to buffer over-read in the EDNS0 code

    1. Package List:

    Red Hat Enterprise Linux Client (v. 7):

    Source: dnsmasq-2.76-2.el7_4.2.src.rpm

    x86_64: dnsmasq-2.76-2.el7_4.2.x86_64.rpm dnsmasq-debuginfo-2.76-2.el7_4.2.x86_64.rpm

    Red Hat Enterprise Linux Client Optional (v. 7):

    x86_64: dnsmasq-debuginfo-2.76-2.el7_4.2.x86_64.rpm dnsmasq-utils-2.76-2.el7_4.2.x86_64.rpm

    Red Hat Enterprise Linux ComputeNode (v. 7):

    Source: dnsmasq-2.76-2.el7_4.2.src.rpm

    x86_64: dnsmasq-2.76-2.el7_4.2.x86_64.rpm dnsmasq-debuginfo-2.76-2.el7_4.2.x86_64.rpm

    Red Hat Enterprise Linux ComputeNode Optional (v. 7):

    x86_64: dnsmasq-debuginfo-2.76-2.el7_4.2.x86_64.rpm dnsmasq-utils-2.76-2.el7_4.2.x86_64.rpm

    Red Hat Enterprise Linux Server (v. 7):

    Source: dnsmasq-2.76-2.el7_4.2.src.rpm

    aarch64: dnsmasq-2.76-2.el7_4.2.aarch64.rpm dnsmasq-debuginfo-2.76-2.el7_4.2.aarch64.rpm

    ppc64: dnsmasq-2.76-2.el7_4.2.ppc64.rpm dnsmasq-debuginfo-2.76-2.el7_4.2.ppc64.rpm

    ppc64le: dnsmasq-2.76-2.el7_4.2.ppc64le.rpm dnsmasq-debuginfo-2.76-2.el7_4.2.ppc64le.rpm

    s390x: dnsmasq-2.76-2.el7_4.2.s390x.rpm dnsmasq-debuginfo-2.76-2.el7_4.2.s390x.rpm

    x86_64: dnsmasq-2.76-2.el7_4.2.x86_64.rpm dnsmasq-debuginfo-2.76-2.el7_4.2.x86_64.rpm

    Red Hat Enterprise Linux Server Optional (v. 7):

    aarch64: dnsmasq-debuginfo-2.76-2.el7_4.2.aarch64.rpm dnsmasq-utils-2.76-2.el7_4.2.aarch64.rpm

    ppc64: dnsmasq-debuginfo-2.76-2.el7_4.2.ppc64.rpm dnsmasq-utils-2.76-2.el7_4.2.ppc64.rpm

    ppc64le: dnsmasq-debuginfo-2.76-2.el7_4.2.ppc64le.rpm dnsmasq-utils-2.76-2.el7_4.2.ppc64le.rpm

    s390x: dnsmasq-debuginfo-2.76-2.el7_4.2.s390x.rpm dnsmasq-utils-2.76-2.el7_4.2.s390x.rpm

    x86_64: dnsmasq-debuginfo-2.76-2.el7_4.2.x86_64.rpm dnsmasq-utils-2.76-2.el7_4.2.x86_64.rpm

    Red Hat Enterprise Linux Workstation (v. 7):

    Source: dnsmasq-2.76-2.el7_4.2.src.rpm

    x86_64: dnsmasq-2.76-2.el7_4.2.x86_64.rpm dnsmasq-debuginfo-2.76-2.el7_4.2.x86_64.rpm

    Red Hat Enterprise Linux Workstation Optional (v. 7):

    x86_64: dnsmasq-debuginfo-2.76-2.el7_4.2.x86_64.rpm dnsmasq-utils-2.76-2.el7_4.2.x86_64.rpm

    These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key/

    1. References:

    https://access.redhat.com/security/cve/CVE-2017-14491 https://access.redhat.com/security/cve/CVE-2017-14492 https://access.redhat.com/security/cve/CVE-2017-14493 https://access.redhat.com/security/cve/CVE-2017-14494 https://access.redhat.com/security/cve/CVE-2017-14495 https://access.redhat.com/security/cve/CVE-2017-14496 https://access.redhat.com/security/updates/classification/#critical https://access.redhat.com/security/vulnerabilities/3199382

    1. Contact:

    The Red Hat security contact is secalert@redhat.com. More contact details at https://access.redhat.com/security/team/contact/

    Copyright 2017 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1

    iD8DBQFZ0opYXlSAg2UNWIIRAr0dAJ9rIL1FgNTJUf2I9jjKFFlfkCd/kwCfV+bX SfoCV7+qG2nwqlHKLZOlhIU= =iWfU -----END PGP SIGNATURE-----

    -- RHSA-announce mailing list RHSA-announce@redhat.com https://www.redhat.com/mailman/listinfo/rhsa-announce . =========================================================================== Ubuntu Security Notice USN-3430-3 January 04, 2018

    dnsmasq regression

    A security issue affects these releases of Ubuntu and its derivatives:

    • Ubuntu 12.04 ESM

    Summary:

    USN-3430-2 introduced regression in Dnsmasq.

    Software Description: - dnsmasq: Small caching DNS proxy and DHCP/TFTP server

    Details:

    USN-3430-2 fixed several vulnerabilities. The update introduced a new regression that breaks DNS resolution. This update addresses the problem.

    We apologize for the inconvenience.

    Original advisory details:

    Felix Wilhelm, Fermin J. Serna, Gabriel Campana and Kevin Hamacher discovered that Dnsmasq incorrectly handled DNS requests. (CVE-2017-14491)

    Felix Wilhelm, Fermin J. (CVE-2017-14492)

    Felix Wilhelm, Fermin J. Serna, Gabriel Campana and Kevin Hamacher discovered that Dnsmasq incorrectly handled DHCPv6 requests. (CVE-2017-14493)

    Felix Wilhelm, Fermin J. Serna, Gabriel Campana and Kevin Hamacher discovered that Dnsmasq incorrectly handled DHCPv6 packets. (CVE-2017-14494)

    Felix Wilhelm, Fermin J. Serna, Gabriel Campana and Kevin Hamacher discovered that Dnsmasq incorrectly handled DNS requests. A remote attacker could use this issue to cause Dnsmasq to consume memory, resulting in a denial of service. (CVE-2017-14495)

    Felix Wilhelm, Fermin J. Serna, Gabriel Campana and Kevin Hamacher discovered that Dnsmasq incorrectly handled DNS requests. A remote attacker could use this issue to cause Dnsmasq to crash, resulting in a denial of service. (CVE-2017-14496)

    Update instructions:

    The problem can be corrected by updating your system to the following package versions:

    Ubuntu 12.04 ESM: dnsmasq=C2=A02.59-4ubuntu0.4 dnsmasq-base2.59-4ubuntu0.4 dnsmasq-utils2.59-4ubuntu0.4

    After a standard system update you need to reboot your computer to make all the necessary changes. 7.3) - ppc64, ppc64le, s390x, x86_64


    1. Gentoo Linux Security Advisory GLSA 201710-27

                                           https://security.gentoo.org/
    

    Severity: Normal Title: Dnsmasq: Multiple vulnerabilities Date: October 23, 2017 Bugs: #632692 ID: 201710-27


    Synopsis

    Multiple vulnerabilities have been found in Dnsmasq, the worst of which may allow remote attackers to execute arbitrary code.

    Affected packages

    -------------------------------------------------------------------
     Package              /     Vulnerable     /            Unaffected
    -------------------------------------------------------------------
    

    1 net-dns/dnsmasq < 2.78 >= 2.78

    Description

    Multiple vulnerabilities have been discovered in Dnsmasq.

    Workaround

    There is no known workaround at this time.

    Resolution

    All Dnsmasq users should upgrade to the latest version:

    # emerge --sync # emerge --ask --oneshot --verbose ">=net-dns/dnsmasq-2.78"

    References

    [ 1 ] CVE-2017-14491 https://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-14491 [ 2 ] CVE-2017-14492 https://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-14492 [ 3 ] CVE-2017-14493 https://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-14493 [ 4 ] CVE-2017-14494 https://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-14494 [ 5 ] CVE-2017-14495 https://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-14495 [ 6 ] CVE-2017-14496 https://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-14496

    Availability

    This GLSA and any updates to it are available for viewing at the Gentoo Security Website:

    https://security.gentoo.org/glsa/201710-27

    Concerns?

    Security is a primary focus of Gentoo Linux and ensuring the confidentiality and security of our users' machines is of utmost importance to us. Any security concerns should be addressed to security@gentoo.org or alternatively, you may file a bug at https://bugs.gentoo.org.

    License

    Copyright 2017 Gentoo Foundation, Inc; referenced text belongs to its owner(s).

    The contents of this document are licensed under the Creative Commons - Attribution / Share Alike license.

    http://creativecommons.org/licenses/by-sa/2.5

    Show details on source website

    {
      "@context": {
        "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
        "affected_products": {
          "@id": "https://www.variotdbs.pl/ref/affected_products"
        },
        "configurations": {
          "@id": "https://www.variotdbs.pl/ref/configurations"
        },
        "credits": {
          "@id": "https://www.variotdbs.pl/ref/credits"
        },
        "cvss": {
          "@id": "https://www.variotdbs.pl/ref/cvss/"
        },
        "description": {
          "@id": "https://www.variotdbs.pl/ref/description/"
        },
        "exploit_availability": {
          "@id": "https://www.variotdbs.pl/ref/exploit_availability/"
        },
        "external_ids": {
          "@id": "https://www.variotdbs.pl/ref/external_ids/"
        },
        "iot": {
          "@id": "https://www.variotdbs.pl/ref/iot/"
        },
        "iot_taxonomy": {
          "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
        },
        "patch": {
          "@id": "https://www.variotdbs.pl/ref/patch/"
        },
        "problemtype_data": {
          "@id": "https://www.variotdbs.pl/ref/problemtype_data/"
        },
        "references": {
          "@id": "https://www.variotdbs.pl/ref/references/"
        },
        "sources": {
          "@id": "https://www.variotdbs.pl/ref/sources/"
        },
        "sources_release_date": {
          "@id": "https://www.variotdbs.pl/ref/sources_release_date/"
        },
        "sources_update_date": {
          "@id": "https://www.variotdbs.pl/ref/sources_update_date/"
        },
        "threat_type": {
          "@id": "https://www.variotdbs.pl/ref/threat_type/"
        },
        "title": {
          "@id": "https://www.variotdbs.pl/ref/title/"
        },
        "type": {
          "@id": "https://www.variotdbs.pl/ref/type/"
        }
      },
      "@id": "https://www.variotdbs.pl/vuln/VAR-201710-0450",
      "affected_products": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/affected_products#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            },
            "@id": "https://www.variotdbs.pl/ref/sources"
          }
        },
        "data": [
          {
            "model": "enterprise linux server",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "redhat",
            "version": "7.0"
          },
          {
            "model": "enterprise linux workstation",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "redhat",
            "version": "7.0"
          },
          {
            "model": "leap",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "novell",
            "version": "42.2"
          },
          {
            "model": "ubuntu linux",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "canonical",
            "version": "16.04"
          },
          {
            "model": "linux",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "debian",
            "version": "9.0"
          },
          {
            "model": "enterprise linux desktop",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "redhat",
            "version": "7.0"
          },
          {
            "model": "linux",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "debian",
            "version": "7.0"
          },
          {
            "model": "leap",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "novell",
            "version": "42.3"
          },
          {
            "model": "dnsmasq",
            "scope": "lte",
            "trust": 1.0,
            "vendor": "thekelleys",
            "version": "2.77"
          },
          {
            "model": "linux",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "debian",
            "version": "7.1"
          },
          {
            "model": "ubuntu linux",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "canonical",
            "version": "17.04"
          },
          {
            "model": "ubuntu linux",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "canonical",
            "version": "14.04"
          },
          {
            "model": "dnsmasq",
            "scope": "eq",
            "trust": 0.9,
            "vendor": "thekelleys",
            "version": "2.77"
          },
          {
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "ruckus",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "technicolor",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "zyxel",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "dnsmasq",
            "version": null
          },
          {
            "model": "ubuntu",
            "scope": null,
            "trust": 0.8,
            "vendor": "canonical",
            "version": null
          },
          {
            "model": "gnu/linux",
            "scope": null,
            "trust": 0.8,
            "vendor": "debian",
            "version": null
          },
          {
            "model": "leap",
            "scope": null,
            "trust": 0.8,
            "vendor": "opensuse",
            "version": null
          },
          {
            "model": "dnsmasq",
            "scope": "lt",
            "trust": 0.8,
            "vendor": "thekelleys",
            "version": "2.78"
          },
          {
            "model": "enterprise linux desktop",
            "scope": null,
            "trust": 0.8,
            "vendor": "red hat",
            "version": null
          },
          {
            "model": "enterprise linux server",
            "scope": null,
            "trust": 0.8,
            "vendor": "red hat",
            "version": null
          },
          {
            "model": "enterprise linux workstation",
            "scope": null,
            "trust": 0.8,
            "vendor": "red hat",
            "version": null
          },
          {
            "model": "enterprise linux server year extended update support",
            "scope": "eq",
            "trust": 0.6,
            "vendor": "redhat",
            "version": "-47.4"
          },
          {
            "model": "linux",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ubuntu",
            "version": "17.04"
          },
          {
            "model": "linux lts",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ubuntu",
            "version": "16.04"
          },
          {
            "model": "linux lts",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ubuntu",
            "version": "14.04"
          },
          {
            "model": "dnsmasq",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "thekelleys",
            "version": "1.2.2"
          },
          {
            "model": "dnsmasq",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "thekelleys",
            "version": "2.75"
          },
          {
            "model": "dnsmasq",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "thekelleys",
            "version": "2.72"
          },
          {
            "model": "dnsmasq",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "thekelleys",
            "version": "2.71"
          },
          {
            "model": "dnsmasq",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "thekelleys",
            "version": "2.70"
          },
          {
            "model": "dnsmasq",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "thekelleys",
            "version": "2.7"
          },
          {
            "model": "dnsmasq",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "thekelleys",
            "version": "2.65"
          },
          {
            "model": "dnsmasq",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "thekelleys",
            "version": "2.64"
          },
          {
            "model": "dnsmasq",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "thekelleys",
            "version": "2.63"
          },
          {
            "model": "dnsmasq",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "thekelleys",
            "version": "2.62"
          },
          {
            "model": "dnsmasq",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "thekelleys",
            "version": "2.61"
          },
          {
            "model": "dnsmasq",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "thekelleys",
            "version": "2.60"
          },
          {
            "model": "dnsmasq",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "thekelleys",
            "version": "2.6"
          },
          {
            "model": "dnsmasq",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "thekelleys",
            "version": "2.59"
          },
          {
            "model": "dnsmasq",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "thekelleys",
            "version": "2.58"
          },
          {
            "model": "dnsmasq",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "thekelleys",
            "version": "2.57"
          },
          {
            "model": "dnsmasq",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "thekelleys",
            "version": "2.56"
          },
          {
            "model": "dnsmasq",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "thekelleys",
            "version": "2.55"
          },
          {
            "model": "dnsmasq",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "thekelleys",
            "version": "2.54"
          },
          {
            "model": "dnsmasq",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "thekelleys",
            "version": "2.53"
          },
          {
            "model": "dnsmasq",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "thekelleys",
            "version": "2.52"
          },
          {
            "model": "dnsmasq",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "thekelleys",
            "version": "2.51"
          },
          {
            "model": "dnsmasq",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "thekelleys",
            "version": "2.50"
          },
          {
            "model": "dnsmasq",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "thekelleys",
            "version": "2.49"
          },
          {
            "model": "dnsmasq",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "thekelleys",
            "version": "2.48"
          },
          {
            "model": "dnsmasq",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "thekelleys",
            "version": "2.47"
          },
          {
            "model": "dnsmasq",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "thekelleys",
            "version": "2.46"
          },
          {
            "model": "dnsmasq",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "thekelleys",
            "version": "2.45"
          },
          {
            "model": "dnsmasq",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "thekelleys",
            "version": "2.44"
          },
          {
            "model": "dnsmasq",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "thekelleys",
            "version": "2.43"
          },
          {
            "model": "dnsmasq",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "thekelleys",
            "version": "2.42"
          },
          {
            "model": "dnsmasq",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "thekelleys",
            "version": "2.41"
          },
          {
            "model": "dnsmasq",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "thekelleys",
            "version": "2.40"
          },
          {
            "model": "dnsmasq",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "thekelleys",
            "version": "2.4"
          },
          {
            "model": "dnsmasq",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "thekelleys",
            "version": "2.38"
          },
          {
            "model": "dnsmasq",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "thekelleys",
            "version": "2.37"
          },
          {
            "model": "dnsmasq",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "thekelleys",
            "version": "2.36"
          },
          {
            "model": "dnsmasq",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "thekelleys",
            "version": "2.35"
          },
          {
            "model": "dnsmasq",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "thekelleys",
            "version": "2.34"
          },
          {
            "model": "dnsmasq",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "thekelleys",
            "version": "2.33"
          },
          {
            "model": "dnsmasq",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "thekelleys",
            "version": "2.30"
          },
          {
            "model": "dnsmasq",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "thekelleys",
            "version": "2.29"
          },
          {
            "model": "dnsmasq",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "thekelleys",
            "version": "2.28"
          },
          {
            "model": "dnsmasq",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "thekelleys",
            "version": "2.27"
          },
          {
            "model": "dnsmasq",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "thekelleys",
            "version": "2.26"
          },
          {
            "model": "dnsmasq",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "thekelleys",
            "version": "2.25"
          },
          {
            "model": "dnsmasq",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "thekelleys",
            "version": "2.24"
          },
          {
            "model": "dnsmasq",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "thekelleys",
            "version": "2.23"
          },
          {
            "model": "dnsmasq",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "thekelleys",
            "version": "2.22"
          },
          {
            "model": "dnsmasq",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "thekelleys",
            "version": "2.21"
          },
          {
            "model": "dnsmasq",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "thekelleys",
            "version": "2.20"
          },
          {
            "model": "dnsmasq",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "thekelleys",
            "version": "2.2"
          },
          {
            "model": "dnsmasq",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "thekelleys",
            "version": "2.19"
          },
          {
            "model": "dnsmasq",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "thekelleys",
            "version": "2.18"
          },
          {
            "model": "dnsmasq",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "thekelleys",
            "version": "2.17"
          },
          {
            "model": "dnsmasq",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "thekelleys",
            "version": "2.16"
          },
          {
            "model": "dnsmasq",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "thekelleys",
            "version": "2.15"
          },
          {
            "model": "dnsmasq",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "thekelleys",
            "version": "2.14"
          },
          {
            "model": "dnsmasq",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "thekelleys",
            "version": "2.13"
          },
          {
            "model": "dnsmasq",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "thekelleys",
            "version": "2.12"
          },
          {
            "model": "dnsmasq",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "thekelleys",
            "version": "2.11"
          },
          {
            "model": "dnsmasq",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "thekelleys",
            "version": "2.10"
          },
          {
            "model": "dnsmasq",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "thekelleys",
            "version": "1.9"
          },
          {
            "model": "dnsmasq",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "thekelleys",
            "version": "1.8"
          },
          {
            "model": "dnsmasq",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "thekelleys",
            "version": "1.6"
          },
          {
            "model": "dnsmasq",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "thekelleys",
            "version": "1.5"
          },
          {
            "model": "dnsmasq",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "thekelleys",
            "version": "1.4"
          },
          {
            "model": "dnsmasq",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "thekelleys",
            "version": "1.3"
          },
          {
            "model": "dnsmasq",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "thekelleys",
            "version": "1.18"
          },
          {
            "model": "dnsmasq",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "thekelleys",
            "version": "1.17"
          },
          {
            "model": "dnsmasq",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "thekelleys",
            "version": "1.16"
          },
          {
            "model": "dnsmasq",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "thekelleys",
            "version": "1.15"
          },
          {
            "model": "dnsmasq",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "thekelleys",
            "version": "1.14"
          },
          {
            "model": "dnsmasq",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "thekelleys",
            "version": "1.13"
          },
          {
            "model": "dnsmasq",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "thekelleys",
            "version": "1.12"
          },
          {
            "model": "dnsmasq",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "thekelleys",
            "version": "1.11"
          },
          {
            "model": "dnsmasq",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "thekelleys",
            "version": "1.10"
          },
          {
            "model": "dnsmasq",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "thekelleys",
            "version": "1.0"
          },
          {
            "model": "dnsmasq",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "thekelleys",
            "version": "0.996"
          },
          {
            "model": "dnsmasq",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "thekelleys",
            "version": "0.992"
          },
          {
            "model": "dnsmasq",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "thekelleys",
            "version": "0.98"
          },
          {
            "model": "dnsmasq",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "thekelleys",
            "version": "0.96"
          },
          {
            "model": "dnsmasq",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "thekelleys",
            "version": "0.95"
          },
          {
            "model": "dnsmasq",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "thekelleys",
            "version": "0.7"
          },
          {
            "model": "dnsmasq",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "thekelleys",
            "version": "0.6"
          },
          {
            "model": "dnsmasq",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "thekelleys",
            "version": "0.5"
          },
          {
            "model": "dnsmasq",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "thekelleys",
            "version": "0.4"
          },
          {
            "model": "linux",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "slackware",
            "version": "14.2"
          },
          {
            "model": "linux",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "slackware",
            "version": "14.1"
          },
          {
            "model": "linux",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "slackware",
            "version": "14.0"
          },
          {
            "model": "linux",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "slackware",
            "version": "13.37"
          },
          {
            "model": "linux",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "slackware",
            "version": "13.1"
          },
          {
            "model": "linux",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "slackware",
            "version": "13.0"
          },
          {
            "model": "enterprise linux workstation optional",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "redhat",
            "version": "7"
          },
          {
            "model": "enterprise linux workstation optional",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "redhat",
            "version": "6"
          },
          {
            "model": "enterprise linux workstation",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "redhat",
            "version": "7"
          },
          {
            "model": "enterprise linux workstation",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "redhat",
            "version": "6"
          },
          {
            "model": "enterprise linux server tus",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "redhat",
            "version": "6.6"
          },
          {
            "model": "enterprise linux server tus",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "redhat",
            "version": "6.5"
          },
          {
            "model": "enterprise linux server optional eus",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "redhat",
            "version": "7.3"
          },
          {
            "model": "enterprise linux server optional eus",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "redhat",
            "version": "7.2"
          },
          {
            "model": "enterprise linux server optional eus",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "redhat",
            "version": "6.5"
          },
          {
            "model": "enterprise linux server optional aus",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "redhat",
            "version": "6.6"
          },
          {
            "model": "enterprise linux server optional aus",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "redhat",
            "version": "6.5"
          },
          {
            "model": "enterprise linux server optional aus",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "redhat",
            "version": "6.4"
          },
          {
            "model": "enterprise linux server optional",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "redhat",
            "version": "7"
          },
          {
            "model": "enterprise linux server optional",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "redhat",
            "version": "6"
          },
          {
            "model": "enterprise linux server for arm",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "redhat",
            "version": "7"
          },
          {
            "model": "enterprise linux server eus",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "redhat",
            "version": "7.3"
          },
          {
            "model": "enterprise linux server eus",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "redhat",
            "version": "7.2"
          },
          {
            "model": "enterprise linux server aus",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "redhat",
            "version": "6.6"
          },
          {
            "model": "enterprise linux server aus",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "redhat",
            "version": "6.5"
          },
          {
            "model": "enterprise linux server aus",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "redhat",
            "version": "6.4"
          },
          {
            "model": "enterprise linux server aus",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "redhat",
            "version": "6.2"
          },
          {
            "model": "enterprise linux server tus",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "redhat",
            "version": "-7.4"
          },
          {
            "model": "enterprise linux server tus",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "redhat",
            "version": "-7.3"
          },
          {
            "model": "enterprise linux server tus",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "redhat",
            "version": "-7.2"
          },
          {
            "model": "enterprise linux server extended update support",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "redhat",
            "version": "-7.4"
          },
          {
            "model": "enterprise linux server extended update support",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "redhat",
            "version": "-7.2"
          },
          {
            "model": "enterprise linux server extended update suppor",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "redhat",
            "version": "-7.3"
          },
          {
            "model": "enterprise linux server aus",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "redhat",
            "version": "-7.4"
          },
          {
            "model": "enterprise linux server aus",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "redhat",
            "version": "-7.3"
          },
          {
            "model": "enterprise linux server aus",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "redhat",
            "version": "-7.2"
          },
          {
            "model": "enterprise linux server year extended update support",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "redhat",
            "version": "-47.2"
          },
          {
            "model": "enterprise linux server year extended upd",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "redhat",
            "version": "-47.3"
          },
          {
            "model": "enterprise linux server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "redhat",
            "version": "7"
          },
          {
            "model": "enterprise linux server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "redhat",
            "version": "6"
          },
          {
            "model": "enterprise linux server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "redhat",
            "version": "5"
          },
          {
            "model": "enterprise linux long life server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "redhat",
            "version": "5.9"
          },
          {
            "model": "enterprise linux hpc node optional",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "redhat",
            "version": "6"
          },
          {
            "model": "enterprise linux hpc node",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "redhat",
            "version": "6"
          },
          {
            "model": "enterprise linux for scientific computing",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "redhat",
            "version": "7"
          },
          {
            "model": "enterprise linux for power little endian extended update supp",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "redhat",
            "version": "-7.4"
          },
          {
            "model": "enterprise linux for power little endian",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "redhat",
            "version": "7"
          },
          {
            "model": "enterprise linux for power big endian extended update support",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "redhat",
            "version": "-7.4"
          },
          {
            "model": "enterprise linux for power big endian",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "redhat",
            "version": "7"
          },
          {
            "model": "enterprise linux for power little endian extended update suppo",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "redhat",
            "version": "-7.3"
          },
          {
            "model": "enterprise linux for power little endian extended update suppo",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "redhat",
            "version": "-7.2"
          },
          {
            "model": "enterprise linux for power big endian extended update support",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "redhat",
            "version": "-7.3"
          },
          {
            "model": "enterprise linux for power big endian extended update support",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "redhat",
            "version": "-7.2"
          },
          {
            "model": "enterprise linux for ibm z systems extended update support",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "redhat",
            "version": "-7.4"
          },
          {
            "model": "enterprise linux for ibm z systems extended update support",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "redhat",
            "version": "-7.3"
          },
          {
            "model": "enterprise linux for ibm z systems extended update support",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "redhat",
            "version": "-7.2"
          },
          {
            "model": "enterprise linux for ibm z systems",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "redhat",
            "version": "7"
          },
          {
            "model": "enterprise linux eus compute node",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "redhat",
            "version": "7.4"
          },
          {
            "model": "enterprise linux eus compute node",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "redhat",
            "version": "7.3"
          },
          {
            "model": "enterprise linux eus compute node",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "redhat",
            "version": "7.2"
          },
          {
            "model": "enterprise linux desktop optional",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "redhat",
            "version": "6"
          },
          {
            "model": "enterprise linux desktop",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "redhat",
            "version": "7"
          },
          {
            "model": "enterprise linux desktop",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "redhat",
            "version": "6"
          },
          {
            "model": "enterprise linux computenode optional eus",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "redhat",
            "version": "7.3"
          },
          {
            "model": "enterprise linux computenode optional eus",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "redhat",
            "version": "7.2"
          },
          {
            "model": "enterprise linux computenode optional",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "redhat",
            "version": "7"
          },
          {
            "model": "enterprise linux computenode eus",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "redhat",
            "version": "7.3"
          },
          {
            "model": "enterprise linux computenode eus",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "redhat",
            "version": "7.2"
          },
          {
            "model": "enterprise linux computenode",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "redhat",
            "version": "7"
          },
          {
            "model": "linux",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "oracle",
            "version": "7"
          },
          {
            "model": "linux",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "oracle",
            "version": "6"
          },
          {
            "model": "leap",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "opensuse",
            "version": "42.3"
          },
          {
            "model": "leap",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "opensuse",
            "version": "42.2"
          },
          {
            "model": "kubernetes",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "kubernetes",
            "version": "1.7.6"
          },
          {
            "model": "kubernetes",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "kubernetes",
            "version": "1.7"
          },
          {
            "model": "kubernetes",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "kubernetes",
            "version": "1.6.10"
          },
          {
            "model": "kubernetes",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "kubernetes",
            "version": "1.6"
          },
          {
            "model": "kubernetes",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "kubernetes",
            "version": "1.5.7"
          },
          {
            "model": "kubernetes",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "kubernetes",
            "version": "1.5"
          },
          {
            "model": "kubernetes",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "kubernetes",
            "version": "1.2"
          },
          {
            "model": "android",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "7.1.1"
          },
          {
            "model": "android",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "6.0.1"
          },
          {
            "model": "android",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "5.1.1"
          },
          {
            "model": "android",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "5.0.2"
          },
          {
            "model": "android",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "4.4.4"
          },
          {
            "model": "android",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "8.0"
          },
          {
            "model": "android",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "7.1.2"
          },
          {
            "model": "android",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "7.0"
          },
          {
            "model": "android",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "6.0"
          },
          {
            "model": "fedora",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "fedoraproject",
            "version": "27"
          },
          {
            "model": "linux sparc",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "debian",
            "version": "6.0"
          },
          {
            "model": "linux s/390",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "debian",
            "version": "6.0"
          },
          {
            "model": "linux powerpc",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "debian",
            "version": "6.0"
          },
          {
            "model": "linux mips",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "debian",
            "version": "6.0"
          },
          {
            "model": "linux ia-64",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "debian",
            "version": "6.0"
          },
          {
            "model": "linux ia-32",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "debian",
            "version": "6.0"
          },
          {
            "model": "linux ia-30",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "debian",
            "version": "6.0"
          },
          {
            "model": "linux arm",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "debian",
            "version": "6.0"
          },
          {
            "model": "linux amd64",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "debian",
            "version": "6.0"
          },
          {
            "model": "centos",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "centos",
            "version": "7"
          },
          {
            "model": "centos",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "centos",
            "version": "6"
          },
          {
            "model": "dnsmasq",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "thekelleys",
            "version": "2.78"
          },
          {
            "model": "kubernetes",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "kubernetes",
            "version": "1.8"
          },
          {
            "model": "kubernetes",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "kubernetes",
            "version": "1.7.7"
          },
          {
            "model": "kubernetes",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "kubernetes",
            "version": "1.6.11"
          },
          {
            "model": "kubernetes",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "kubernetes",
            "version": "1.5.8"
          }
        ],
        "sources": [
          {
            "db": "CERT/CC",
            "id": "VU#973527"
          },
          {
            "db": "BID",
            "id": "101085"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2017-008621"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201709-744"
          },
          {
            "db": "NVD",
            "id": "CVE-2017-14494"
          }
        ]
      },
      "configurations": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/configurations#",
          "children": {
            "@container": "@list"
          },
          "cpe_match": {
            "@container": "@list"
          },
          "data": {
            "@container": "@list"
          },
          "nodes": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "CVE_data_version": "4.0",
            "nodes": [
              {
                "cpe_match": [
                  {
                    "cpe22Uri": "cpe:/o:canonical:ubuntu",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:debian:debian_linux",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:opensuse_project:leap",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/a:thekelleys:dnsmasq",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:redhat:enterprise_linux_desktop",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:redhat:enterprise_linux_server",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:redhat:enterprise_linux_workstation",
                    "vulnerable": true
                  }
                ],
                "operator": "OR"
              }
            ]
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2017-008621"
          }
        ]
      },
      "credits": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/credits#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "Gabriel Campana, Kevin Hamacher and Ron Bowes of the Google Security Team,Felix Wilhelm, Fermin J. Serna",
        "sources": [
          {
            "db": "CNNVD",
            "id": "CNNVD-201709-744"
          }
        ],
        "trust": 0.6
      },
      "cve": "CVE-2017-14494",
      "cvss": {
        "@context": {
          "cvssV2": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
          },
          "cvssV3": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
          },
          "severity": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/cvss/severity#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/severity"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            },
            "@id": "https://www.variotdbs.pl/ref/sources"
          }
        },
        "data": [
          {
            "cvssV2": [
              {
                "accessComplexity": "MEDIUM",
                "accessVector": "NETWORK",
                "authentication": "NONE",
                "author": "nvd@nist.gov",
                "availabilityImpact": "NONE",
                "baseScore": 4.3,
                "confidentialityImpact": "PARTIAL",
                "exploitabilityScore": 8.6,
                "id": "CVE-2017-14494",
                "impactScore": 2.9,
                "integrityImpact": "NONE",
                "severity": "MEDIUM",
                "trust": 1.9,
                "vectorString": "AV:N/AC:M/Au:N/C:P/I:N/A:N",
                "version": "2.0"
              }
            ],
            "cvssV3": [
              {
                "attackComplexity": "HIGH",
                "attackVector": "NETWORK",
                "author": "nvd@nist.gov",
                "availabilityImpact": "NONE",
                "baseScore": 5.9,
                "baseSeverity": "MEDIUM",
                "confidentialityImpact": "HIGH",
                "exploitabilityScore": 2.2,
                "id": "CVE-2017-14494",
                "impactScore": 3.6,
                "integrityImpact": "NONE",
                "privilegesRequired": "NONE",
                "scope": "UNCHANGED",
                "trust": 1.8,
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N",
                "version": "3.0"
              }
            ],
            "severity": [
              {
                "author": "nvd@nist.gov",
                "id": "CVE-2017-14494",
                "trust": 1.0,
                "value": "MEDIUM"
              },
              {
                "author": "NVD",
                "id": "CVE-2017-14494",
                "trust": 0.8,
                "value": "Medium"
              },
              {
                "author": "CNNVD",
                "id": "CNNVD-201709-744",
                "trust": 0.6,
                "value": "MEDIUM"
              },
              {
                "author": "VULMON",
                "id": "CVE-2017-14494",
                "trust": 0.1,
                "value": "MEDIUM"
              }
            ]
          }
        ],
        "sources": [
          {
            "db": "VULMON",
            "id": "CVE-2017-14494"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2017-008621"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201709-744"
          },
          {
            "db": "NVD",
            "id": "CVE-2017-14494"
          }
        ]
      },
      "description": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/description#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "dnsmasq before 2.78, when configured as a relay, allows remote attackers to obtain sensitive memory information via vectors involving handling DHCPv6 forwarded requests. Dnsmasq versions 2.77 and earlier contains multiple vulnerabilities. dnsmasq Contains an information disclosure vulnerability.Information may be obtained. \nAttackers can exploit these issues to execute arbitrary code within  the context of the affected application, bypass the ASLR, gain sensitive  information, or cause a denial-of-service condition. -----BEGIN PGP SIGNED MESSAGE-----\nHash: SHA1\n\n=====================================================================\n                   Red Hat Security Advisory\n\nSynopsis:          Critical: dnsmasq security update\nAdvisory ID:       RHSA-2017:2836-01\nProduct:           Red Hat Enterprise Linux\nAdvisory URL:      https://access.redhat.com/errata/RHSA-2017:2836\nIssue date:        2017-10-02\nCVE Names:         CVE-2017-14491 CVE-2017-14492 CVE-2017-14493 \n                   CVE-2017-14494 CVE-2017-14495 CVE-2017-14496 \n=====================================================================\n\n1. Summary:\n\nAn update for dnsmasq is now available for Red Hat Enterprise Linux 7. \n\nRed Hat Product Security has rated this update as having a security impact\nof Critical. A Common Vulnerability Scoring System (CVSS) base score, which\ngives a detailed severity rating, is available for each vulnerability from\nthe CVE link(s) in the References section. \n\n2. Relevant releases/architectures:\n\nRed Hat Enterprise Linux Client (v. 7) - x86_64\nRed Hat Enterprise Linux Client Optional (v. 7) - x86_64\nRed Hat Enterprise Linux ComputeNode (v. 7) - x86_64\nRed Hat Enterprise Linux ComputeNode Optional (v. 7) - x86_64\nRed Hat Enterprise Linux Server (v. 7) - aarch64, ppc64, ppc64le, s390x, x86_64\nRed Hat Enterprise Linux Server Optional (v. 7) - aarch64, ppc64, ppc64le, s390x, x86_64\nRed Hat Enterprise Linux Workstation (v. 7) - x86_64\nRed Hat Enterprise Linux Workstation Optional (v. 7) - x86_64\n\n3. Description:\n\nThe dnsmasq packages contain Dnsmasq, a lightweight DNS (Domain Name\nServer) forwarder and DHCP (Dynamic Host Configuration Protocol) server. \n\nSecurity Fix(es):\n\n* A heap buffer overflow was found in dnsmasq in the code responsible for\nbuilding DNS replies. An attacker could send crafted DNS packets to dnsmasq\nwhich would cause it to crash or, potentially, execute arbitrary code. \n(CVE-2017-14491)\n\n* A heap buffer overflow was discovered in dnsmasq in the IPv6 router\nadvertisement (RA) handling code. An attacker on the local network segment\ncould send crafted RAs to dnsmasq which would cause it to crash or,\npotentially, execute arbitrary code. This issue only affected\nconfigurations using one of these options: enable-ra, ra-only, slaac,\nra-names, ra-advrouter, or ra-stateless. (CVE-2017-14492)\n\n* A stack buffer overflow was found in dnsmasq in the DHCPv6 code. An\nattacker on the local network could send a crafted DHCPv6 request to\ndnsmasq which would cause it to a crash or, potentially, execute arbitrary\ncode. (CVE-2017-14493)\n\n* An information leak was found in dnsmasq in the DHCPv6 relay code. An\nattacker on the local network could send crafted DHCPv6 packets to dnsmasq\ncausing it to forward the contents of process memory, potentially leaking\nsensitive data. (CVE-2017-14494)\n\n* A memory exhaustion flaw was found in dnsmasq in the EDNS0 code. An\nattacker could send crafted DNS packets which would trigger memory\nallocations which would never be freed, leading to unbounded memory\nconsumption and eventually a crash. This issue only affected configurations\nusing one of the options: add-mac, add-cpe-id, or add-subnet. \n(CVE-2017-14495)\n\n* An integer underflow flaw leading to a buffer over-read was found in\ndnsmasq in the EDNS0 code. An attacker could send crafted DNS packets to\ndnsmasq which would cause it to crash. This issue only affected\nconfigurations using one of the options: add-mac, add-cpe-id, or\nadd-subnet. (CVE-2017-14496)\n\nRed Hat would like to thank Felix Wilhelm (Google Security Team), Fermin J. \nSerna (Google Security Team), Gabriel Campana (Google Security Team), Kevin\nHamacher (Google Security Team), and Ron Bowes (Google Security Team) for\nreporting these issues. \n\n4. Solution:\n\nFor details on how to apply this update, which includes the changes\ndescribed in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\n5. Bugs fixed (https://bugzilla.redhat.com/):\n\n1495409 - CVE-2017-14491 dnsmasq: heap overflow in the code responsible for building DNS replies\n1495410 - CVE-2017-14492 dnsmasq: heap overflow in the IPv6 router advertisement code\n1495411 - CVE-2017-14493 dnsmasq: stack buffer overflow in the DHCPv6 code\n1495412 - CVE-2017-14494 dnsmasq: information leak in the DHCPv6 relay code\n1495415 - CVE-2017-14495 dnsmasq: memory exhaustion vulnerability in the EDNS0 code\n1495416 - CVE-2017-14496 dnsmasq: integer underflow leading to buffer over-read in the EDNS0 code\n\n6. Package List:\n\nRed Hat Enterprise Linux Client (v. 7):\n\nSource:\ndnsmasq-2.76-2.el7_4.2.src.rpm\n\nx86_64:\ndnsmasq-2.76-2.el7_4.2.x86_64.rpm\ndnsmasq-debuginfo-2.76-2.el7_4.2.x86_64.rpm\n\nRed Hat Enterprise Linux Client Optional (v. 7):\n\nx86_64:\ndnsmasq-debuginfo-2.76-2.el7_4.2.x86_64.rpm\ndnsmasq-utils-2.76-2.el7_4.2.x86_64.rpm\n\nRed Hat Enterprise Linux ComputeNode (v. 7):\n\nSource:\ndnsmasq-2.76-2.el7_4.2.src.rpm\n\nx86_64:\ndnsmasq-2.76-2.el7_4.2.x86_64.rpm\ndnsmasq-debuginfo-2.76-2.el7_4.2.x86_64.rpm\n\nRed Hat Enterprise Linux ComputeNode Optional (v. 7):\n\nx86_64:\ndnsmasq-debuginfo-2.76-2.el7_4.2.x86_64.rpm\ndnsmasq-utils-2.76-2.el7_4.2.x86_64.rpm\n\nRed Hat Enterprise Linux Server (v. 7):\n\nSource:\ndnsmasq-2.76-2.el7_4.2.src.rpm\n\naarch64:\ndnsmasq-2.76-2.el7_4.2.aarch64.rpm\ndnsmasq-debuginfo-2.76-2.el7_4.2.aarch64.rpm\n\nppc64:\ndnsmasq-2.76-2.el7_4.2.ppc64.rpm\ndnsmasq-debuginfo-2.76-2.el7_4.2.ppc64.rpm\n\nppc64le:\ndnsmasq-2.76-2.el7_4.2.ppc64le.rpm\ndnsmasq-debuginfo-2.76-2.el7_4.2.ppc64le.rpm\n\ns390x:\ndnsmasq-2.76-2.el7_4.2.s390x.rpm\ndnsmasq-debuginfo-2.76-2.el7_4.2.s390x.rpm\n\nx86_64:\ndnsmasq-2.76-2.el7_4.2.x86_64.rpm\ndnsmasq-debuginfo-2.76-2.el7_4.2.x86_64.rpm\n\nRed Hat Enterprise Linux Server Optional (v. 7):\n\naarch64:\ndnsmasq-debuginfo-2.76-2.el7_4.2.aarch64.rpm\ndnsmasq-utils-2.76-2.el7_4.2.aarch64.rpm\n\nppc64:\ndnsmasq-debuginfo-2.76-2.el7_4.2.ppc64.rpm\ndnsmasq-utils-2.76-2.el7_4.2.ppc64.rpm\n\nppc64le:\ndnsmasq-debuginfo-2.76-2.el7_4.2.ppc64le.rpm\ndnsmasq-utils-2.76-2.el7_4.2.ppc64le.rpm\n\ns390x:\ndnsmasq-debuginfo-2.76-2.el7_4.2.s390x.rpm\ndnsmasq-utils-2.76-2.el7_4.2.s390x.rpm\n\nx86_64:\ndnsmasq-debuginfo-2.76-2.el7_4.2.x86_64.rpm\ndnsmasq-utils-2.76-2.el7_4.2.x86_64.rpm\n\nRed Hat Enterprise Linux Workstation (v. 7):\n\nSource:\ndnsmasq-2.76-2.el7_4.2.src.rpm\n\nx86_64:\ndnsmasq-2.76-2.el7_4.2.x86_64.rpm\ndnsmasq-debuginfo-2.76-2.el7_4.2.x86_64.rpm\n\nRed Hat Enterprise Linux Workstation Optional (v. 7):\n\nx86_64:\ndnsmasq-debuginfo-2.76-2.el7_4.2.x86_64.rpm\ndnsmasq-utils-2.76-2.el7_4.2.x86_64.rpm\n\nThese packages are GPG signed by Red Hat for security.  Our key and\ndetails on how to verify the signature are available from\nhttps://access.redhat.com/security/team/key/\n\n7. References:\n\nhttps://access.redhat.com/security/cve/CVE-2017-14491\nhttps://access.redhat.com/security/cve/CVE-2017-14492\nhttps://access.redhat.com/security/cve/CVE-2017-14493\nhttps://access.redhat.com/security/cve/CVE-2017-14494\nhttps://access.redhat.com/security/cve/CVE-2017-14495\nhttps://access.redhat.com/security/cve/CVE-2017-14496\nhttps://access.redhat.com/security/updates/classification/#critical\nhttps://access.redhat.com/security/vulnerabilities/3199382\n\n8. Contact:\n\nThe Red Hat security contact is \u003csecalert@redhat.com\u003e. More contact\ndetails at https://access.redhat.com/security/team/contact/\n\nCopyright 2017 Red Hat, Inc. \n-----BEGIN PGP SIGNATURE-----\nVersion: GnuPG v1\n\niD8DBQFZ0opYXlSAg2UNWIIRAr0dAJ9rIL1FgNTJUf2I9jjKFFlfkCd/kwCfV+bX\nSfoCV7+qG2nwqlHKLZOlhIU=\n=iWfU\n-----END PGP SIGNATURE-----\n\n--\nRHSA-announce mailing list\nRHSA-announce@redhat.com\nhttps://www.redhat.com/mailman/listinfo/rhsa-announce\n. \n===========================================================================\nUbuntu Security Notice USN-3430-3\nJanuary 04, 2018\n\ndnsmasq regression\n===========================================================================\n\nA security issue affects these releases of Ubuntu and its derivatives:\n\n- Ubuntu 12.04 ESM\n\nSummary:\n\nUSN-3430-2 introduced regression in Dnsmasq. \n\nSoftware Description:\n- dnsmasq: Small caching DNS proxy and DHCP/TFTP server\n\nDetails:\n\nUSN-3430-2 fixed several vulnerabilities. The update introduced a new\nregression that breaks DNS resolution. This update addresses the\nproblem. \n\nWe apologize for the inconvenience. \n\nOriginal advisory details:\n\nFelix Wilhelm, Fermin J. Serna, Gabriel Campana and Kevin Hamacher\ndiscovered that Dnsmasq incorrectly handled DNS requests. \n(CVE-2017-14491)\n\nFelix Wilhelm, Fermin J. (CVE-2017-14492)\n\nFelix Wilhelm, Fermin J. Serna, Gabriel Campana and Kevin Hamacher\ndiscovered that Dnsmasq incorrectly handled DHCPv6 requests. \n(CVE-2017-14493)\n\nFelix Wilhelm, Fermin J. Serna, Gabriel Campana and Kevin Hamacher\ndiscovered that Dnsmasq incorrectly handled DHCPv6 packets. (CVE-2017-14494)\n\nFelix Wilhelm, Fermin J. Serna, Gabriel Campana and Kevin Hamacher\ndiscovered that Dnsmasq incorrectly handled DNS requests. A remote\nattacker could use this issue to cause Dnsmasq to consume memory,\nresulting in a denial of service. (CVE-2017-14495)\n\nFelix Wilhelm, Fermin J. Serna, Gabriel Campana and Kevin Hamacher\ndiscovered that Dnsmasq incorrectly handled DNS requests. A remote\nattacker could use this issue to cause Dnsmasq to crash, resulting in\na denial of service. (CVE-2017-14496)\n\nUpdate instructions:\n\nThe problem can be corrected by updating your system to the following\npackage versions:\n\nUbuntu 12.04 ESM:\n dnsmasq=C2=A02.59-4ubuntu0.4\n dnsmasq-base2.59-4ubuntu0.4\n dnsmasq-utils2.59-4ubuntu0.4\n\nAfter a standard system update you need to reboot your computer to make\nall the necessary changes. 7.3) - ppc64, ppc64le, s390x, x86_64\n\n3. - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\nGentoo Linux Security Advisory                           GLSA 201710-27\n- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\n                                           https://security.gentoo.org/\n- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\n\n Severity: Normal\n    Title: Dnsmasq: Multiple vulnerabilities\n     Date: October 23, 2017\n     Bugs: #632692\n       ID: 201710-27\n\n- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\n\nSynopsis\n========\n\nMultiple vulnerabilities have been found in Dnsmasq, the worst of which\nmay allow remote attackers to execute arbitrary code. \n\nAffected packages\n=================\n\n    -------------------------------------------------------------------\n     Package              /     Vulnerable     /            Unaffected\n    -------------------------------------------------------------------\n  1  net-dns/dnsmasq               \u003c 2.78                     \u003e= 2.78 \n\nDescription\n===========\n\nMultiple vulnerabilities have been discovered in Dnsmasq. \n\nWorkaround\n==========\n\nThere is no known workaround at this time. \n\nResolution\n==========\n\nAll Dnsmasq users should upgrade to the latest version:\n\n  # emerge --sync\n  # emerge --ask --oneshot --verbose \"\u003e=net-dns/dnsmasq-2.78\"\n\nReferences\n==========\n\n[ 1 ] CVE-2017-14491\n      https://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-14491\n[ 2 ] CVE-2017-14492\n      https://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-14492\n[ 3 ] CVE-2017-14493\n      https://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-14493\n[ 4 ] CVE-2017-14494\n      https://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-14494\n[ 5 ] CVE-2017-14495\n      https://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-14495\n[ 6 ] CVE-2017-14496\n      https://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-14496\n\nAvailability\n============\n\nThis GLSA and any updates to it are available for viewing at\nthe Gentoo Security Website:\n\n https://security.gentoo.org/glsa/201710-27\n\nConcerns?\n=========\n\nSecurity is a primary focus of Gentoo Linux and ensuring the\nconfidentiality and security of our users\u0027 machines is of utmost\nimportance to us. Any security concerns should be addressed to\nsecurity@gentoo.org or alternatively, you may file a bug at\nhttps://bugs.gentoo.org. \n\nLicense\n=======\n\nCopyright 2017 Gentoo Foundation, Inc; referenced text\nbelongs to its owner(s). \n\nThe contents of this document are licensed under the\nCreative Commons - Attribution / Share Alike license. \n\nhttp://creativecommons.org/licenses/by-sa/2.5\n",
        "sources": [
          {
            "db": "NVD",
            "id": "CVE-2017-14494"
          },
          {
            "db": "CERT/CC",
            "id": "VU#973527"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2017-008621"
          },
          {
            "db": "BID",
            "id": "101085"
          },
          {
            "db": "VULMON",
            "id": "CVE-2017-14494"
          },
          {
            "db": "PACKETSTORM",
            "id": "144490"
          },
          {
            "db": "PACKETSTORM",
            "id": "144484"
          },
          {
            "db": "PACKETSTORM",
            "id": "145652"
          },
          {
            "db": "PACKETSTORM",
            "id": "144477"
          },
          {
            "db": "PACKETSTORM",
            "id": "144469"
          },
          {
            "db": "PACKETSTORM",
            "id": "144706"
          }
        ],
        "trust": 3.24
      },
      "exploit_availability": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/exploit_availability#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "reference": "https://vulmon.com/exploitdetails?qidtp=exploitdb\u0026qid=42944",
            "trust": 0.1,
            "type": "exploit"
          }
        ],
        "sources": [
          {
            "db": "VULMON",
            "id": "CVE-2017-14494"
          }
        ]
      },
      "external_ids": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/external_ids#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "db": "CERT/CC",
            "id": "VU#973527",
            "trust": 3.6
          },
          {
            "db": "NVD",
            "id": "CVE-2017-14494",
            "trust": 3.4
          },
          {
            "db": "BID",
            "id": "101085",
            "trust": 2.0
          },
          {
            "db": "SECTRACK",
            "id": "1039474",
            "trust": 1.1
          },
          {
            "db": "EXPLOIT-DB",
            "id": "42944",
            "trust": 1.1
          },
          {
            "db": "ICS CERT",
            "id": "ICSA-17-332-01",
            "trust": 0.9
          },
          {
            "db": "JVN",
            "id": "JVNVU93453933",
            "trust": 0.8
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2017-008621",
            "trust": 0.8
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201709-744",
            "trust": 0.6
          },
          {
            "db": "VULMON",
            "id": "CVE-2017-14494",
            "trust": 0.1
          },
          {
            "db": "PACKETSTORM",
            "id": "144490",
            "trust": 0.1
          },
          {
            "db": "PACKETSTORM",
            "id": "144484",
            "trust": 0.1
          },
          {
            "db": "PACKETSTORM",
            "id": "145652",
            "trust": 0.1
          },
          {
            "db": "PACKETSTORM",
            "id": "144477",
            "trust": 0.1
          },
          {
            "db": "PACKETSTORM",
            "id": "144469",
            "trust": 0.1
          },
          {
            "db": "PACKETSTORM",
            "id": "144706",
            "trust": 0.1
          }
        ],
        "sources": [
          {
            "db": "CERT/CC",
            "id": "VU#973527"
          },
          {
            "db": "VULMON",
            "id": "CVE-2017-14494"
          },
          {
            "db": "BID",
            "id": "101085"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2017-008621"
          },
          {
            "db": "PACKETSTORM",
            "id": "144490"
          },
          {
            "db": "PACKETSTORM",
            "id": "144484"
          },
          {
            "db": "PACKETSTORM",
            "id": "145652"
          },
          {
            "db": "PACKETSTORM",
            "id": "144477"
          },
          {
            "db": "PACKETSTORM",
            "id": "144469"
          },
          {
            "db": "PACKETSTORM",
            "id": "144706"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201709-744"
          },
          {
            "db": "NVD",
            "id": "CVE-2017-14494"
          }
        ]
      },
      "id": "VAR-201710-0450",
      "iot": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/iot#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": true,
        "sources": [
          {
            "db": "VARIoT devices database",
            "id": null
          }
        ],
        "trust": 0.25396827
      },
      "last_update_date": "2025-04-20T21:20:39.871000Z",
      "patch": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/patch#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "title": "DSA-3989",
            "trust": 0.8,
            "url": "https://www.debian.org/security/2017/dsa-3989"
          },
          {
            "title": "Security Bulletin: NVIDIA Tegra Jetson L4T contains multiple vulnerabilities; updates for \u201cBlueBorne\u201d and \u201cDnsmasq\u201d.",
            "trust": 0.8,
            "url": "http://nvidia.custhelp.com/app/answers/detail/a_id/4561"
          },
          {
            "title": "openSUSE-SU-2017:2633",
            "trust": 0.8,
            "url": "https://lists.opensuse.org/opensuse-security-announce/2017-10/msg00006.html"
          },
          {
            "title": "RHSA-2017:2836",
            "trust": 0.8,
            "url": "https://access.redhat.com/errata/RHSA-2017:2836"
          },
          {
            "title": "RHSA-2017:2837",
            "trust": 0.8,
            "url": "https://access.redhat.com/errata/RHSA-2017:2837"
          },
          {
            "title": "CHANGELOG",
            "trust": 0.8,
            "url": "http://thekelleys.org.uk/dnsmasq/CHANGELOG"
          },
          {
            "title": "Security fix, CVE-2017-14494, Infoleak handling DHCPv6 forwarded requests.",
            "trust": 0.8,
            "url": "http://thekelleys.org.uk/gitweb/?p=dnsmasq.git;a=commit;h=33e3f1029c9ec6c63e430ff51063a6301d4b2262"
          },
          {
            "title": "USN-3430-2",
            "trust": 0.8,
            "url": "https://usn.ubuntu.com/usn/USN-3430-2/"
          },
          {
            "title": "USN-3430-1",
            "trust": 0.8,
            "url": "https://usn.ubuntu.com/usn/USN-3430-1/"
          },
          {
            "title": "dnsmasq: Multiple Critical and Important vulnerabilities",
            "trust": 0.8,
            "url": "https://access.redhat.com/security/vulnerabilities/3199382"
          },
          {
            "title": "Dnsmasq Repair measures for information disclosure vulnerabilities",
            "trust": 0.6,
            "url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=92840"
          },
          {
            "title": "Red Hat: Critical: dnsmasq security update",
            "trust": 0.1,
            "url": "https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories\u0026qid=RHSA-20172837 - Security Advisory"
          },
          {
            "title": "Red Hat: Critical: dnsmasq security update",
            "trust": 0.1,
            "url": "https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories\u0026qid=RHSA-20172836 - Security Advisory"
          },
          {
            "title": "Arch Linux Issues: ",
            "trust": 0.1,
            "url": "https://vulmon.com/vendoradvisory?qidtp=arch_linux_issues\u0026qid=CVE-2017-14494"
          },
          {
            "title": "Ubuntu Security Notice: dnsmasq vulnerabilities",
            "trust": 0.1,
            "url": "https://vulmon.com/vendoradvisory?qidtp=ubuntu_security_notice\u0026qid=USN-3430-2"
          },
          {
            "title": "Ubuntu Security Notice: dnsmasq regression",
            "trust": 0.1,
            "url": "https://vulmon.com/vendoradvisory?qidtp=ubuntu_security_notice\u0026qid=USN-3430-3"
          },
          {
            "title": "Ubuntu Security Notice: dnsmasq vulnerabilities",
            "trust": 0.1,
            "url": "https://vulmon.com/vendoradvisory?qidtp=ubuntu_security_notice\u0026qid=USN-3430-1"
          },
          {
            "title": "Debian Security Advisories: DSA-3989-1 dnsmasq -- security update",
            "trust": 0.1,
            "url": "https://vulmon.com/vendoradvisory?qidtp=debian_security_advisories\u0026qid=5c18698ecfe74c7de381531f8ed44dcf"
          },
          {
            "title": "Amazon Linux 2: ALAS2-2019-1251",
            "trust": 0.1,
            "url": "https://vulmon.com/vendoradvisory?qidtp=amazon_linux2\u0026qid=ALAS2-2019-1251"
          },
          {
            "title": "Amazon Linux AMI: ALAS-2017-907",
            "trust": 0.1,
            "url": "https://vulmon.com/vendoradvisory?qidtp=amazon_linux_ami\u0026qid=ALAS-2017-907"
          },
          {
            "title": "Arch Linux Advisories: [ASA-201710-1] dnsmasq: multiple issues",
            "trust": 0.1,
            "url": "https://vulmon.com/vendoradvisory?qidtp=arch_linux_advisories\u0026qid=ASA-201710-1"
          },
          {
            "title": "Oracle Solaris Third Party Bulletins: Oracle Solaris Third Party Bulletin - October 2017",
            "trust": 0.1,
            "url": "https://vulmon.com/vendoradvisory?qidtp=oracle_solaris_third_party_bulletins\u0026qid=6283337cd31f81f24d445925f2138c0e"
          },
          {
            "title": "Oracle Linux Bulletins: Oracle Linux Bulletin - October 2017",
            "trust": 0.1,
            "url": "https://vulmon.com/vendoradvisory?qidtp=oracle_linux_bulletins\u0026qid=7251d5e5f2b1771951980ad7cfde50ba"
          },
          {
            "title": "Awesome CVE PoC",
            "trust": 0.1,
            "url": "https://github.com/lnick2023/nicenice "
          },
          {
            "title": "Awesome CVE PoC",
            "trust": 0.1,
            "url": "https://github.com/xbl3/awesome-cve-poc_qazbnm456 "
          },
          {
            "title": "Awesome CVE PoC",
            "trust": 0.1,
            "url": "https://github.com/qazbnm456/awesome-cve-poc "
          },
          {
            "title": "Threatpost",
            "trust": 0.1,
            "url": "https://threatpost.com/google-warns-of-dos-and-rce-bugs-in-dnsmasq/128238/"
          }
        ],
        "sources": [
          {
            "db": "VULMON",
            "id": "CVE-2017-14494"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2017-008621"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201709-744"
          }
        ]
      },
      "problemtype_data": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "problemtype": "CWE-200",
            "trust": 1.8
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2017-008621"
          },
          {
            "db": "NVD",
            "id": "CVE-2017-14494"
          }
        ]
      },
      "references": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/references#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "trust": 2.9,
            "url": "https://www.kb.cert.org/vuls/id/973527"
          },
          {
            "trust": 2.8,
            "url": "https://security.googleblog.com/2017/10/behind-masq-yet-more-dns-and-dhcp.html"
          },
          {
            "trust": 2.3,
            "url": "http://www.securityfocus.com/bid/101085"
          },
          {
            "trust": 2.2,
            "url": "https://access.redhat.com/errata/rhsa-2017:2837"
          },
          {
            "trust": 2.1,
            "url": "https://access.redhat.com/errata/rhsa-2017:2836"
          },
          {
            "trust": 2.0,
            "url": "http://www.debian.org/security/2017/dsa-3989"
          },
          {
            "trust": 1.7,
            "url": "http://www.thekelleys.org.uk/dnsmasq/doc.html"
          },
          {
            "trust": 1.4,
            "url": "http://www.ubuntu.com/usn/usn-3430-1"
          },
          {
            "trust": 1.4,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2017-14494"
          },
          {
            "trust": 1.3,
            "url": "https://access.redhat.com/security/vulnerabilities/3199382"
          },
          {
            "trust": 1.2,
            "url": "https://www.exploit-db.com/exploits/42944/"
          },
          {
            "trust": 1.2,
            "url": "http://www.ubuntu.com/usn/usn-3430-2"
          },
          {
            "trust": 1.2,
            "url": "https://security.gentoo.org/glsa/201710-27"
          },
          {
            "trust": 1.1,
            "url": "http://thekelleys.org.uk/dnsmasq/changelog"
          },
          {
            "trust": 1.1,
            "url": "http://www.securitytracker.com/id/1039474"
          },
          {
            "trust": 1.1,
            "url": "http://lists.opensuse.org/opensuse-security-announce/2017-10/msg00006.html"
          },
          {
            "trust": 1.1,
            "url": "http://nvidia.custhelp.com/app/answers/detail/a_id/4561"
          },
          {
            "trust": 1.1,
            "url": "https://www.synology.com/support/security/synology_sa_17_59_dnsmasq"
          },
          {
            "trust": 1.1,
            "url": "http://www.arubanetworks.com/assets/alert/aruba-psa-2017-005.txt"
          },
          {
            "trust": 1.1,
            "url": "http://thekelleys.org.uk/gitweb/?p=dnsmasq.git%3ba=commit%3bh=33e3f1029c9ec6c63e430ff51063a6301d4b2262"
          },
          {
            "trust": 1.1,
            "url": "https://www.mail-archive.com/dnsmasq-discuss%40lists.thekelleys.org.uk/msg11665.html"
          },
          {
            "trust": 1.1,
            "url": "https://www.mail-archive.com/dnsmasq-discuss%40lists.thekelleys.org.uk/msg11664.html"
          },
          {
            "trust": 1.1,
            "url": "https://access.redhat.com/security/cve/cve-2017-14491"
          },
          {
            "trust": 1.1,
            "url": "https://access.redhat.com/security/cve/cve-2017-14492"
          },
          {
            "trust": 1.1,
            "url": "https://access.redhat.com/security/cve/cve-2017-14493"
          },
          {
            "trust": 1.1,
            "url": "https://access.redhat.com/security/cve/cve-2017-14494"
          },
          {
            "trust": 1.0,
            "url": "https://access.redhat.com/security/cve/cve-2017-14495"
          },
          {
            "trust": 1.0,
            "url": "https://access.redhat.com/security/cve/cve-2017-14496"
          },
          {
            "trust": 0.9,
            "url": "http://www.thekelleys.org.uk/dnsmasq/changelog"
          },
          {
            "trust": 0.9,
            "url": "https://github.com/google/security-research-pocs/blob/master/vulnerabilities/dnsmasq/cve-2017-14491.py"
          },
          {
            "trust": 0.9,
            "url": "https://github.com/google/security-research-pocs/blob/master/vulnerabilities/dnsmasq/cve-2017-14492.py"
          },
          {
            "trust": 0.9,
            "url": "https://github.com/google/security-research-pocs/blob/master/vulnerabilities/dnsmasq/cve-2017-14493.py"
          },
          {
            "trust": 0.9,
            "url": "https://github.com/google/security-research-pocs/blob/master/vulnerabilities/dnsmasq/cve-2017-14494.py"
          },
          {
            "trust": 0.9,
            "url": "https://github.com/google/security-research-pocs/blob/master/vulnerabilities/dnsmasq/cve-2017-14495.py"
          },
          {
            "trust": 0.9,
            "url": "https://github.com/kubernetes/kubernetes/blob/master/changelog.md"
          },
          {
            "trust": 0.9,
            "url": "http://www.slackware.com/security/viewer.php?l=slackware-security\u0026y=2017\u0026m=slackware-security.601472"
          },
          {
            "trust": 0.9,
            "url": "https://source.android.com/security/bulletin/2017-10-01"
          },
          {
            "trust": 0.9,
            "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1495410"
          },
          {
            "trust": 0.9,
            "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1495411"
          },
          {
            "trust": 0.9,
            "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1495412"
          },
          {
            "trust": 0.9,
            "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1495415"
          },
          {
            "trust": 0.9,
            "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1495416"
          },
          {
            "trust": 0.9,
            "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1495510"
          },
          {
            "trust": 0.9,
            "url": "https://access.redhat.com/security/cve/cve-2017-13704"
          },
          {
            "trust": 0.9,
            "url": "https://github.com/google/security-research-pocs/blob/master/vulnerabilities/dnsmasq/cve-2017-14496.py"
          },
          {
            "trust": 0.9,
            "url": "https://ics-cert.us-cert.gov/advisories/icsa-17-332-01"
          },
          {
            "trust": 0.8,
            "url": "https://www.ruckuswireless.com/security"
          },
          {
            "trust": 0.8,
            "url": "https://www.zyxel.com/support/announcement_dnsmasq_vulnerabilities.shtml"
          },
          {
            "trust": 0.8,
            "url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2017-14494"
          },
          {
            "trust": 0.8,
            "url": "http://jvn.jp/vu/jvnvu93453933/index.html"
          },
          {
            "trust": 0.6,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2017-14491"
          },
          {
            "trust": 0.6,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2017-14492"
          },
          {
            "trust": 0.6,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2017-14493"
          },
          {
            "trust": 0.6,
            "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1495409bug1495409"
          },
          {
            "trust": 0.5,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2017-14496"
          },
          {
            "trust": 0.5,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2017-14495"
          },
          {
            "trust": 0.3,
            "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1495409 bug 1495409"
          },
          {
            "trust": 0.2,
            "url": "https://access.redhat.com/security/updates/classification/#critical"
          },
          {
            "trust": 0.2,
            "url": "https://access.redhat.com/articles/11258"
          },
          {
            "trust": 0.2,
            "url": "https://access.redhat.com/security/team/contact/"
          },
          {
            "trust": 0.2,
            "url": "https://www.redhat.com/mailman/listinfo/rhsa-announce"
          },
          {
            "trust": 0.2,
            "url": "https://bugzilla.redhat.com/):"
          },
          {
            "trust": 0.2,
            "url": "https://access.redhat.com/security/team/key/"
          },
          {
            "trust": 0.1,
            "url": "https://cwe.mitre.org/data/definitions/200.html"
          },
          {
            "trust": 0.1,
            "url": "https://tools.cisco.com/security/center/viewalert.x?alertid=55497"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov"
          },
          {
            "trust": 0.1,
            "url": "https://usn.ubuntu.com/3430-2/"
          },
          {
            "trust": 0.1,
            "url": "https://launchpad.net/bugs/1741262"
          },
          {
            "trust": 0.1,
            "url": "https://www.ubuntu.com/usn/usn-3430-3"
          },
          {
            "trust": 0.1,
            "url": "https://launchpad.net/ubuntu/+source/dnsmasq/2.76-5ubuntu0.1"
          },
          {
            "trust": 0.1,
            "url": "https://launchpad.net/ubuntu/+source/dnsmasq/2.75-1ubuntu0.16.04.3"
          },
          {
            "trust": 0.1,
            "url": "https://launchpad.net/ubuntu/+source/dnsmasq/2.68-1ubuntu0.2"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/nvd.cfm?cvename=cve-2017-14495"
          },
          {
            "trust": 0.1,
            "url": "http://creativecommons.org/licenses/by-sa/2.5"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/nvd.cfm?cvename=cve-2017-14493"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/nvd.cfm?cvename=cve-2017-14492"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/nvd.cfm?cvename=cve-2017-14491"
          },
          {
            "trust": 0.1,
            "url": "https://security.gentoo.org/"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/nvd.cfm?cvename=cve-2017-14496"
          },
          {
            "trust": 0.1,
            "url": "https://bugs.gentoo.org."
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/nvd.cfm?cvename=cve-2017-14494"
          }
        ],
        "sources": [
          {
            "db": "CERT/CC",
            "id": "VU#973527"
          },
          {
            "db": "VULMON",
            "id": "CVE-2017-14494"
          },
          {
            "db": "BID",
            "id": "101085"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2017-008621"
          },
          {
            "db": "PACKETSTORM",
            "id": "144490"
          },
          {
            "db": "PACKETSTORM",
            "id": "144484"
          },
          {
            "db": "PACKETSTORM",
            "id": "145652"
          },
          {
            "db": "PACKETSTORM",
            "id": "144477"
          },
          {
            "db": "PACKETSTORM",
            "id": "144469"
          },
          {
            "db": "PACKETSTORM",
            "id": "144706"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201709-744"
          },
          {
            "db": "NVD",
            "id": "CVE-2017-14494"
          }
        ]
      },
      "sources": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "db": "CERT/CC",
            "id": "VU#973527"
          },
          {
            "db": "VULMON",
            "id": "CVE-2017-14494"
          },
          {
            "db": "BID",
            "id": "101085"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2017-008621"
          },
          {
            "db": "PACKETSTORM",
            "id": "144490"
          },
          {
            "db": "PACKETSTORM",
            "id": "144484"
          },
          {
            "db": "PACKETSTORM",
            "id": "145652"
          },
          {
            "db": "PACKETSTORM",
            "id": "144477"
          },
          {
            "db": "PACKETSTORM",
            "id": "144469"
          },
          {
            "db": "PACKETSTORM",
            "id": "144706"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201709-744"
          },
          {
            "db": "NVD",
            "id": "CVE-2017-14494"
          }
        ]
      },
      "sources_release_date": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "date": "2017-10-02T00:00:00",
            "db": "CERT/CC",
            "id": "VU#973527"
          },
          {
            "date": "2017-10-03T00:00:00",
            "db": "VULMON",
            "id": "CVE-2017-14494"
          },
          {
            "date": "2017-10-02T00:00:00",
            "db": "BID",
            "id": "101085"
          },
          {
            "date": "2017-10-24T00:00:00",
            "db": "JVNDB",
            "id": "JVNDB-2017-008621"
          },
          {
            "date": "2017-10-03T20:21:00",
            "db": "PACKETSTORM",
            "id": "144490"
          },
          {
            "date": "2017-10-03T05:19:24",
            "db": "PACKETSTORM",
            "id": "144484"
          },
          {
            "date": "2018-01-04T17:50:40",
            "db": "PACKETSTORM",
            "id": "145652"
          },
          {
            "date": "2017-10-02T11:11:00",
            "db": "PACKETSTORM",
            "id": "144477"
          },
          {
            "date": "2017-10-02T13:13:00",
            "db": "PACKETSTORM",
            "id": "144469"
          },
          {
            "date": "2017-10-23T13:54:05",
            "db": "PACKETSTORM",
            "id": "144706"
          },
          {
            "date": "2017-09-18T00:00:00",
            "db": "CNNVD",
            "id": "CNNVD-201709-744"
          },
          {
            "date": "2017-10-03T01:29:02.107000",
            "db": "NVD",
            "id": "CVE-2017-14494"
          }
        ]
      },
      "sources_update_date": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "date": "2018-02-02T00:00:00",
            "db": "CERT/CC",
            "id": "VU#973527"
          },
          {
            "date": "2023-11-07T00:00:00",
            "db": "VULMON",
            "id": "CVE-2017-14494"
          },
          {
            "date": "2017-10-02T00:00:00",
            "db": "BID",
            "id": "101085"
          },
          {
            "date": "2017-10-24T00:00:00",
            "db": "JVNDB",
            "id": "JVNDB-2017-008621"
          },
          {
            "date": "2019-05-24T00:00:00",
            "db": "CNNVD",
            "id": "CNNVD-201709-744"
          },
          {
            "date": "2025-04-20T01:37:25.860000",
            "db": "NVD",
            "id": "CVE-2017-14494"
          }
        ]
      },
      "threat_type": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/threat_type#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "remote or local",
        "sources": [
          {
            "db": "CNNVD",
            "id": "CNNVD-201709-744"
          }
        ],
        "trust": 0.6
      },
      "title": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/title#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "Dnsmasq contains multiple vulnerabilities",
        "sources": [
          {
            "db": "CERT/CC",
            "id": "VU#973527"
          }
        ],
        "trust": 0.8
      },
      "type": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/type#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "information disclosure",
        "sources": [
          {
            "db": "CNNVD",
            "id": "CNNVD-201709-744"
          }
        ],
        "trust": 0.6
      }
    }

    VAR-201710-0209

    Vulnerability from variot - Updated: 2025-04-20 20:43

    Wi-Fi Protected Access (WPA and WPA2) that supports IEEE 802.11r allows reinstallation of the Pairwise Transient Key (PTK) Temporal Key (TK) during the fast BSS transmission (FT) handshake, allowing an attacker within radio range to replay, decrypt, or spoof frames. Wi-Fi Protected Access (WPA, more commonly WPA2) handshake traffic can be manipulated to induce nonce and session key reuse, resulting in key reinstallation by a wireless access point (AP) or client. An attacker within range of an affected AP and client may leverage these vulnerabilities to conduct attacks that are dependent on the data confidentiality protocols being used. Attacks may include arbitrary packet decryption and injection, TCP connection hijacking, HTTP content injection, or the replay of unicast and group-addressed frames. These vulnerabilities are referred to as Key Reinstallation Attacks or "KRACK" attacks. WPA (Wi-Fi Protected Access) is a system that protects wireless computer networks (Wi-Fi). The PTK-TK encryption key reloading vulnerability exists when the WPA2 wireless network receives and processes the retransmitted fast BSS transition reassociation request. WPA2 is prone to multiple security weaknesses. Exploiting these issues may allow an unauthorized user to intercept and manipulate data or disclose sensitive information. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1

    ===================================================================== Red Hat Security Advisory

    Synopsis: Important: wpa_supplicant security update Advisory ID: RHSA-2017:2907-01 Product: Red Hat Enterprise Linux Advisory URL: https://access.redhat.com/errata/RHSA-2017:2907 Issue date: 2017-10-17 CVE Names: CVE-2017-13077 CVE-2017-13078 CVE-2017-13080 CVE-2017-13082 CVE-2017-13086 CVE-2017-13087 CVE-2017-13088 =====================================================================

    1. Summary:

    An update for wpa_supplicant is now available for Red Hat Enterprise Linux 7.

    Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. Relevant releases/architectures:

    Red Hat Enterprise Linux Client (v. 7) - x86_64 Red Hat Enterprise Linux ComputeNode (v. 7) - x86_64 Red Hat Enterprise Linux Server (v. 7) - aarch64, ppc64, ppc64le, s390x, x86_64 Red Hat Enterprise Linux Workstation (v. 7) - x86_64

    1. Description:

    The wpa_supplicant packages contain an 802.1X Supplicant with support for WEP, WPA, WPA2 (IEEE 802.11i / RSN), and various EAP authentication methods. They implement key negotiation with a WPA Authenticator for client stations and controls the roaming and IEEE 802.11 authentication and association of the WLAN driver. A remote attacker within Wi-Fi range could exploit these attacks to decrypt Wi-Fi traffic or possibly inject forged Wi-Fi packets by manipulating cryptographic handshakes used by the WPA2 protocol. (CVE-2017-13077, CVE-2017-13078, CVE-2017-13080, CVE-2017-13082, CVE-2017-13086, CVE-2017-13087, CVE-2017-13088)

    Red Hat would like to thank CERT for reporting these issues. Upstream acknowledges Mathy Vanhoef (University of Leuven) as the original reporter of these issues. Solution:

    For details on how to apply this update, which includes the changes described in this advisory, refer to:

    https://access.redhat.com/articles/11258

    1. Bugs fixed (https://bugzilla.redhat.com/):

    1491692 - CVE-2017-13077 wpa_supplicant: Reinstallation of the pairwise key in the 4-way handshake 1491693 - CVE-2017-13078 wpa_supplicant: Reinstallation of the group key in the 4-way handshake 1491696 - CVE-2017-13080 wpa_supplicant: Reinstallation of the group key in the group key handshake 1491698 - CVE-2017-13082 wpa_supplicant: Accepting a retransmitted FT Reassociation Request and reinstalling the pairwise key while processing it 1500302 - CVE-2017-13086 wpa_supplicant: reinstallation of the Tunneled Direct-Link Setup (TDLS) PeerKey (TPK) key in the TDLS handshake 1500303 - CVE-2017-13087 wpa_supplicant: reinstallation of the group key (GTK) when processing a Wireless Network Management (WNM) Sleep Mode Response frame 1500304 - CVE-2017-13088 wpa_supplicant: reinstallation of the integrity group key (IGTK) when processing a Wireless Network Management (WNM) Sleep Mode Response frame

    1. Package List:

    Red Hat Enterprise Linux Client (v. 7):

    Source: wpa_supplicant-2.6-5.el7_4.1.src.rpm

    x86_64: wpa_supplicant-2.6-5.el7_4.1.x86_64.rpm wpa_supplicant-debuginfo-2.6-5.el7_4.1.x86_64.rpm

    Red Hat Enterprise Linux ComputeNode (v. 7):

    Source: wpa_supplicant-2.6-5.el7_4.1.src.rpm

    x86_64: wpa_supplicant-2.6-5.el7_4.1.x86_64.rpm wpa_supplicant-debuginfo-2.6-5.el7_4.1.x86_64.rpm

    Red Hat Enterprise Linux Server (v. 7):

    Source: wpa_supplicant-2.6-5.el7_4.1.src.rpm

    aarch64: wpa_supplicant-2.6-5.el7_4.1.aarch64.rpm wpa_supplicant-debuginfo-2.6-5.el7_4.1.aarch64.rpm

    ppc64: wpa_supplicant-2.6-5.el7_4.1.ppc64.rpm wpa_supplicant-debuginfo-2.6-5.el7_4.1.ppc64.rpm

    ppc64le: wpa_supplicant-2.6-5.el7_4.1.ppc64le.rpm wpa_supplicant-debuginfo-2.6-5.el7_4.1.ppc64le.rpm

    s390x: wpa_supplicant-2.6-5.el7_4.1.s390x.rpm wpa_supplicant-debuginfo-2.6-5.el7_4.1.s390x.rpm

    x86_64: wpa_supplicant-2.6-5.el7_4.1.x86_64.rpm wpa_supplicant-debuginfo-2.6-5.el7_4.1.x86_64.rpm

    Red Hat Enterprise Linux Workstation (v. 7):

    Source: wpa_supplicant-2.6-5.el7_4.1.src.rpm

    x86_64: wpa_supplicant-2.6-5.el7_4.1.x86_64.rpm wpa_supplicant-debuginfo-2.6-5.el7_4.1.x86_64.rpm

    These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key/

    1. References:

    https://access.redhat.com/security/cve/CVE-2017-13077 https://access.redhat.com/security/cve/CVE-2017-13078 https://access.redhat.com/security/cve/CVE-2017-13080 https://access.redhat.com/security/cve/CVE-2017-13082 https://access.redhat.com/security/cve/CVE-2017-13086 https://access.redhat.com/security/cve/CVE-2017-13087 https://access.redhat.com/security/cve/CVE-2017-13088 https://access.redhat.com/security/updates/classification/#important https://access.redhat.com/security/vulnerabilities/kracks

    1. Contact:

    The Red Hat security contact is secalert@redhat.com. More contact details at https://access.redhat.com/security/team/contact/

    Copyright 2017 Red Hat, Inc. Those vulnerabilities applies to both the access point (implemented in hostapd) and the station (implemented in wpa_supplicant).

    An attacker exploiting the vulnerabilities could force the vulnerable system to reuse cryptographic session keys, enabling a range of cryptographic attacks against the ciphers used in WPA1 and WPA2.

    For the stable distribution (stretch), these problems have been fixed in version 2:2.4-1+deb9u1.

    For the testing distribution (buster), these problems have been fixed in version 2:2.4-1.1.

    For the unstable distribution (sid), these problems have been fixed in version 2:2.4-1.1.

    We recommend that you upgrade your wpa packages. ========================================================================== Ubuntu Security Notice USN-3455-1 October 16, 2017

    wpa vulnerabilities

    A security issue affects these releases of Ubuntu and its derivatives:

    • Ubuntu 17.04
    • Ubuntu 16.04 LTS
    • Ubuntu 14.04 LTS

    Summary:

    Several security issues were fixed in wpa_supplicant.

    Software Description: - wpa: client support for WPA and WPA2

    Details:

    Mathy Vanhoef discovered that wpa_supplicant and hostapd incorrectly handled WPA2. (CVE-2017-13077, CVE-2017-13078, CVE-2017-13079, CVE-2017-13080, CVE-2017-13081, CVE-2017-13082, CVE-2017-13086, CVE-2017-13087, CVE-2017-13088)

    Imre Rad discovered that wpa_supplicant and hostapd incorrectly handled invalid characters in passphrase parameters. A remote attacker could use this issue to cause a denial of service. (CVE-2016-4476)

    Imre Rad discovered that wpa_supplicant and hostapd incorrectly handled invalid characters in passphrase parameters. A local attacker could use this issue to cause a denial of service, or possibly execute arbitrary code. (CVE-2016-4477)

    Update instructions:

    The problem can be corrected by updating your system to the following package versions:

    Ubuntu 17.04: hostapd 2.4-0ubuntu9.1 wpasupplicant 2.4-0ubuntu9.1

    Ubuntu 16.04 LTS: hostapd 2.4-0ubuntu6.2 wpasupplicant 2.4-0ubuntu6.2

    Ubuntu 14.04 LTS: hostapd 2.1-0ubuntu1.5 wpasupplicant 2.1-0ubuntu1.5

    After a standard system update you need to reboot your computer to make all the necessary changes. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512

    ============================================================================= FreeBSD-SA-17:07.wpa Security Advisory The FreeBSD Project

    Topic: WPA2 protocol vulnerability

    Category: contrib Module: wpa Announced: 2017-10-16 Credits: Mathy Vanhoef Affects: All supported versions of FreeBSD. Corrected: 2017-10-17 17:30:18 UTC (stable/11, 11.1-STABLE) 2017-10-17 17:57:18 UTC (releng/11.1, 11.1-RELEASE-p2) 2017-10-17 17:56:03 UTC (releng/11.0, 11.0-RELEASE-p13) 2017-10-19 03:18:22 UTC (stable/10, 10.4-STABLE) 2017-10-19 03:20:17 UTC (releng/10.4, 10.4-RELEASE-p1) 2017-10-19 03:19:42 UTC (releng/10.3, 10.3-RELEASE-p22) CVE Name: CVE-2017-13077, CVE-2017-13078, CVE-2017-13079, CVE-2017-13080, CVE-2017-13081, CVE-2017-13082, CVE-2017-13086, CVE-2017-13087, CVE-2017-13088

    For general information regarding FreeBSD Security Advisories, including descriptions of the fields above, security branches, and the following sections, please visit .

    1. Revision history

    v1.0 2017-10-17 Initial release. v1.1 2017-10-19 Add patches for 10.x releases.

    I.

    hostapd and wpa_supplicant are implementations of user space daemon for access points and wireless client that implements the WPA2 protocol.

    II. Problem Description

    A vulnerability was found in how a number of implementations can be triggered to reconfigure WPA/WPA2/RSN keys (TK, GTK, or IGTK) by replaying a specific frame that is used to manage the keys.

    III. Impact

    Such reinstallation of the encryption key can result in two different types of vulnerabilities: disabling replay protection and significantly reducing the security of encryption to the point of allowing frames to be decrypted or some parts of the keys to be determined by an attacker depending on which cipher is used.

    IV. Workaround

    An updated version of wpa_supplicant is available in the FreeBSD Ports Collection. Install version 2.6_2 or later of the security/wpa_supplicant port/pkg. Once installed, update /etc/rc.conf to use the new binary:

    wpa_supplicant_program="/usr/local/sbin/wpa_supplicant"

    and restart networking.

    An updated version of hostapd is available in the FreeBSD Ports Collection. Install version 2.6_1 or later of the net/hostapd port/pkg. Once installed, update /etc/rc.conf to use the new binary:

    hostapd_program="/usr/local/sbin/hostapd"

    and restart hostapd.

    V. Solution

    Perform one of the following:

    1) Upgrade your vulnerable system to a supported FreeBSD stable or release / security branch (releng) dated after the correction date.

    Restart the Wi-Fi network interfaces/hostapd or reboot the system.

    2) To update your vulnerable system via a binary patch:

    Systems running a RELEASE version of FreeBSD on the i386 or amd64 platforms can be updated via the freebsd-update(8) utility:

    freebsd-update fetch

    freebsd-update install

    Restart the Wi-Fi network interfaces/hostapd or reboot the system.

    3) To update your vulnerable system via a source code patch:

    The following patches have been verified to apply to the applicable FreeBSD release branches.

    a) Download the relevant patch from the location below, and verify the detached PGP signature using your PGP utility.

    [FreeBSD 11.0-RELEASE, 11.1-RELEASE, and 11-STABLE]

    fetch https://security.FreeBSD.org/patches/SA-17:07/wpa-11.patch

    fetch https://security.FreeBSD.org/patches/SA-17:07/wpa-11.patch.asc

    gpg --verify wpa-11.patch.asc

    [FreeBSD 10.3-RELEASE, 10.4-RELEASE, and 10-STABLE]

    fetch https://security.FreeBSD.org/patches/SA-17:07/wpa-10.patch

    fetch https://security.FreeBSD.org/patches/SA-17:07/wpa-10.patch.asc

    gpg --verify wpa-10.patch.asc

    b) Apply the patch. Execute the following commands as root:

    cd /usr/src

    patch < /path/to/patch

    c) Recompile the operating system using buildworld and installworld as described in .

    Restart the applicable daemons, or reboot the system.

    VI. Correction details

    The following list contains the correction revision numbers for each affected branch.

    Branch/path Revision


    stable/11/ r324697 releng/11.0/ r324698 releng/11.1/ r324699 stable/10/ r324739 releng/10.3/ r324740 releng/10.4/ r324741


    To see which files were modified by a particular revision, run the following command, replacing NNNNNN with the revision number, on a machine with Subversion installed:

    svn diff -cNNNNNN --summarize svn://svn.freebsd.org/base

    Or visit the following URL, replacing NNNNNN with the revision number:

    VII. References

    The latest revision of this advisory is available at -----BEGIN PGP SIGNATURE-----

    iQKTBAEBCgB9FiEEHPf/b631yp++G4yy7Wfs1l3PaucFAlnoGpNfFIAAAAAALgAo aXNzdWVyLWZwckBub3RhdGlvbnMub3BlbnBncC5maWZ0aGhvcnNlbWFuLm5ldDFD RjdGRjZGQURGNUNBOUZCRTFCOENCMkVENjdFQ0Q2NURDRjZBRTcACgkQ7Wfs1l3P auc7WBAAm27w+fujv5sJsRxauUMopTVtRh5utwbDuoHTP+L+RCWmQfVBmueNQ0gf uJzMNxBIkbtY9LvyukpRsH3iD7mh26c0pd9rxxkkr4F96C9B5+W0amxJF1gdm54/ F/50FpY+lo7cNs5tiBjypPrg8UOBBI/1G4XR7130XC0HjaTwt1ngZ0oQUWUMSsIp gN5ZfPul81WPWd1NqF+vyObcJhwq/Y1uoexoO27o7GQCFZoL3enZy8c4f1xqMlVM 4HHkTgNGac6E0aW+ArH4J0DFFAOJXPqF8rdt+9XINfoBbtliIyOixJ4oh1n6eAR0 VpBWZKFNyXSlUKIvDGa+LDhxgL1jJXV0ABSyKlUOijdmr3bbbiQE9MW/MNv2AFTd OAFQ0QQtm9KCWp5JLh+FPIb/kR2l7MOUP+yz4zFcJpdGtl9tDLyPN8vRTq60bY8O y7tBcf/SMqkd/AIFdchL4zrOguKnRARydIlwTarp8wtAQI3MKSsa1B0wgsDtlL6K xfdjnwWMKvKKlNOW16e1WXXO0n/ucHV4njBE+bGPro3jLgXP2/WFZpIGAR3I4xrr SdD4AxSNiR9f3bL7LRfMIbugJAylWNSlTLWUOVUv0/ONh85LqbcCj13NI230B64K ETx2QOZgKnCs2oDNiw4aQHb7kvi2w94Iw/R1sAPkkxYJWO3reyE= =h/5q -----END PGP SIGNATURE----- .

    Here are the details from the Slackware 14.2 ChangeLog: +--------------------------+ patches/packages/wpa_supplicant-2.6-i586-1_slack14.2.txz: Upgraded. This update includes patches to mitigate the WPA2 protocol issues known as "KRACK" (Key Reinstallation AttaCK), which may be used to decrypt data, hijack TCP connections, and to forge and inject packets. For more information, see: https://www.krackattacks.com/ https://w1.fi/security/2017-1/wpa-packet-number-reuse-with-replayed-messages.txt https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-13077 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-13078 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-13079 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-13080 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-13081 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-13082 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-13084 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-13086 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-13087 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-13088 ( Security fix ) +--------------------------+

    Where to find the new packages: +-----------------------------+

    Thanks to the friendly folks at the OSU Open Source Lab (http://osuosl.org) for donating FTP and rsync hosting to the Slackware project! :-)

    Also see the "Get Slack" section on http://slackware.com for additional mirror sites near you.

    Updated package for Slackware 14.0: ftp://ftp.slackware.com/pub/slackware/slackware-14.0/patches/packages/wpa_supplicant-2.6-i486-1_slack14.0.txz

    Updated package for Slackware x86_64 14.0: ftp://ftp.slackware.com/pub/slackware/slackware64-14.0/patches/packages/wpa_supplicant-2.6-x86_64-1_slack14.0.txz

    Updated package for Slackware 14.1: ftp://ftp.slackware.com/pub/slackware/slackware-14.1/patches/packages/wpa_supplicant-2.6-i486-1_slack14.1.txz

    Updated package for Slackware x86_64 14.1: ftp://ftp.slackware.com/pub/slackware/slackware64-14.1/patches/packages/wpa_supplicant-2.6-x86_64-1_slack14.1.txz

    Updated package for Slackware 14.2: ftp://ftp.slackware.com/pub/slackware/slackware-14.2/patches/packages/wpa_supplicant-2.6-i586-1_slack14.2.txz

    Updated package for Slackware x86_64 14.2: ftp://ftp.slackware.com/pub/slackware/slackware64-14.2/patches/packages/wpa_supplicant-2.6-x86_64-1_slack14.2.txz

    Updated package for Slackware -current: ftp://ftp.slackware.com/pub/slackware/slackware-current/slackware/n/wpa_supplicant-2.6-i586-2.txz

    Updated package for Slackware x86_64 -current: ftp://ftp.slackware.com/pub/slackware/slackware64-current/slackware64/n/wpa_supplicant-2.6-x86_64-2.txz

    MD5 signatures: +-------------+

    Slackware 14.0 package: d8ecfaadb50b3547967ab53733ffc019 wpa_supplicant-2.6-i486-1_slack14.0.txz

    Slackware x86_64 14.0 package: f25216d28800504ce498705da7c9a825 wpa_supplicant-2.6-x86_64-1_slack14.0.txz

    Slackware 14.1 package: 15c61050e4bab2581757befd86be74c0 wpa_supplicant-2.6-i486-1_slack14.1.txz

    Slackware x86_64 14.1 package: 49fd537a520338744f7757615556d352 wpa_supplicant-2.6-x86_64-1_slack14.1.txz

    Slackware 14.2 package: c5539f40c8510af89be92945f0f80185 wpa_supplicant-2.6-i586-1_slack14.2.txz

    Slackware x86_64 14.2 package: 4c527ff84fcdfd7839f217bbce2e4ae4 wpa_supplicant-2.6-x86_64-1_slack14.2.txz

    Slackware -current package: 28bd88a54e96368f7a7020c1f5fb67fe n/wpa_supplicant-2.6-i586-2.txz

    Slackware x86_64 -current package: 464fc6b48d1ac077f47e9a3a8534c160 n/wpa_supplicant-2.6-x86_64-2.txz

    Installation instructions: +------------------------+

    Upgrade the package as root:

    upgradepkg wpa_supplicant-2.6-i586-1_slack14.2.txz

    +-----+

    Slackware Linux Security Team http://slackware.com/gpg-key security@slackware.com

    +------------------------------------------------------------------------+ | To leave the slackware-security mailing list: | +------------------------------------------------------------------------+ | Send an email to majordomo@slackware.com with this text in the body of | | the email message: | | | | unsubscribe slackware-security | | | | You will get a confirmation message back containing instructions to | | complete the process. Please do not reply to this email address

    Show details on source website

    {
      "@context": {
        "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
        "affected_products": {
          "@id": "https://www.variotdbs.pl/ref/affected_products"
        },
        "configurations": {
          "@id": "https://www.variotdbs.pl/ref/configurations"
        },
        "credits": {
          "@id": "https://www.variotdbs.pl/ref/credits"
        },
        "cvss": {
          "@id": "https://www.variotdbs.pl/ref/cvss/"
        },
        "description": {
          "@id": "https://www.variotdbs.pl/ref/description/"
        },
        "exploit_availability": {
          "@id": "https://www.variotdbs.pl/ref/exploit_availability/"
        },
        "external_ids": {
          "@id": "https://www.variotdbs.pl/ref/external_ids/"
        },
        "iot": {
          "@id": "https://www.variotdbs.pl/ref/iot/"
        },
        "iot_taxonomy": {
          "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
        },
        "patch": {
          "@id": "https://www.variotdbs.pl/ref/patch/"
        },
        "problemtype_data": {
          "@id": "https://www.variotdbs.pl/ref/problemtype_data/"
        },
        "references": {
          "@id": "https://www.variotdbs.pl/ref/references/"
        },
        "sources": {
          "@id": "https://www.variotdbs.pl/ref/sources/"
        },
        "sources_release_date": {
          "@id": "https://www.variotdbs.pl/ref/sources_release_date/"
        },
        "sources_update_date": {
          "@id": "https://www.variotdbs.pl/ref/sources_update_date/"
        },
        "threat_type": {
          "@id": "https://www.variotdbs.pl/ref/threat_type/"
        },
        "title": {
          "@id": "https://www.variotdbs.pl/ref/title/"
        },
        "type": {
          "@id": "https://www.variotdbs.pl/ref/type/"
        }
      },
      "@id": "https://www.variotdbs.pl/vuln/VAR-201710-0209",
      "affected_products": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/affected_products#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            },
            "@id": "https://www.variotdbs.pl/ref/sources"
          }
        },
        "data": [
          {
            "model": "freebsd",
            "scope": "eq",
            "trust": 1.6,
            "vendor": "freebsd",
            "version": "10"
          },
          {
            "model": "freebsd",
            "scope": null,
            "trust": 1.4,
            "vendor": "freebsd",
            "version": null
          },
          {
            "model": "enterprise linux desktop",
            "scope": "eq",
            "trust": 1.3,
            "vendor": "redhat",
            "version": "7"
          },
          {
            "model": "enterprise linux server",
            "scope": "eq",
            "trust": 1.3,
            "vendor": "redhat",
            "version": "7"
          },
          {
            "model": "wpa supplicant",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "w1 fi",
            "version": "0.6.9"
          },
          {
            "model": "wpa supplicant",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "w1 fi",
            "version": "0.2.5"
          },
          {
            "model": "hostapd",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "w1 fi",
            "version": "1.1"
          },
          {
            "model": "linux",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "debian",
            "version": "9.0"
          },
          {
            "model": "hostapd",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "w1 fi",
            "version": "0.6.8"
          },
          {
            "model": "openstack cloud",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "suse",
            "version": "6"
          },
          {
            "model": "linux enterprise desktop",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "suse",
            "version": "12"
          },
          {
            "model": "hostapd",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "w1 fi",
            "version": "2.0"
          },
          {
            "model": "linux enterprise server",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "suse",
            "version": "11"
          },
          {
            "model": "hostapd",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "w1 fi",
            "version": "0.6.9"
          },
          {
            "model": "ubuntu linux",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "canonical",
            "version": "14.04"
          },
          {
            "model": "hostapd",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "w1 fi",
            "version": "0.2.5"
          },
          {
            "model": "wpa supplicant",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "w1 fi",
            "version": "0.4.9"
          },
          {
            "model": "hostapd",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "w1 fi",
            "version": "0.3.9"
          },
          {
            "model": "wpa supplicant",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "w1 fi",
            "version": "0.4.10"
          },
          {
            "model": "wpa supplicant",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "w1 fi",
            "version": "0.3.11"
          },
          {
            "model": "wpa supplicant",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "w1 fi",
            "version": "0.2.7"
          },
          {
            "model": "freebsd",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "freebsd",
            "version": "*"
          },
          {
            "model": "wpa supplicant",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "w1 fi",
            "version": "0.4.11"
          },
          {
            "model": "wpa supplicant",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "w1 fi",
            "version": "0.3.8"
          },
          {
            "model": "hostapd",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "w1 fi",
            "version": "0.4.9"
          },
          {
            "model": "wpa supplicant",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "w1 fi",
            "version": "0.2.6"
          },
          {
            "model": "hostapd",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "w1 fi",
            "version": "0.4.10"
          },
          {
            "model": "linux",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "debian",
            "version": "8.0"
          },
          {
            "model": "hostapd",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "w1 fi",
            "version": "0.3.11"
          },
          {
            "model": "wpa supplicant",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "w1 fi",
            "version": "2.2"
          },
          {
            "model": "hostapd",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "w1 fi",
            "version": "0.4.11"
          },
          {
            "model": "wpa supplicant",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "w1 fi",
            "version": "0.5.7"
          },
          {
            "model": "hostapd",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "w1 fi",
            "version": "0.2.6"
          },
          {
            "model": "hostapd",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "w1 fi",
            "version": "2.5"
          },
          {
            "model": "wpa supplicant",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "w1 fi",
            "version": "2.4"
          },
          {
            "model": "wpa supplicant",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "w1 fi",
            "version": "0.5.8"
          },
          {
            "model": "wpa supplicant",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "w1 fi",
            "version": "0.3.7"
          },
          {
            "model": "wpa supplicant",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "w1 fi",
            "version": "1.1"
          },
          {
            "model": "wpa supplicant",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "w1 fi",
            "version": "0.6.10"
          },
          {
            "model": "hostapd",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "w1 fi",
            "version": "0.5.7"
          },
          {
            "model": "wpa supplicant",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "w1 fi",
            "version": "0.7.3"
          },
          {
            "model": "wpa supplicant",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "w1 fi",
            "version": "1.0"
          },
          {
            "model": "linux enterprise point of sale",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "suse",
            "version": "11"
          },
          {
            "model": "hostapd",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "w1 fi",
            "version": "2.4"
          },
          {
            "model": "hostapd",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "w1 fi",
            "version": "0.5.8"
          },
          {
            "model": "wpa supplicant",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "w1 fi",
            "version": "2.6"
          },
          {
            "model": "hostapd",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "w1 fi",
            "version": "0.3.7"
          },
          {
            "model": "hostapd",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "w1 fi",
            "version": "0.6.10"
          },
          {
            "model": "wpa supplicant",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "w1 fi",
            "version": "0.2.8"
          },
          {
            "model": "hostapd",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "w1 fi",
            "version": "0.7.3"
          },
          {
            "model": "freebsd",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "freebsd",
            "version": "11.1"
          },
          {
            "model": "hostapd",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "w1 fi",
            "version": "1.0"
          },
          {
            "model": "wpa supplicant",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "w1 fi",
            "version": "0.3.9"
          },
          {
            "model": "hostapd",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "w1 fi",
            "version": "2.6"
          },
          {
            "model": "wpa supplicant",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "w1 fi",
            "version": "0.2.4"
          },
          {
            "model": "wpa supplicant",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "w1 fi",
            "version": "0.3.10"
          },
          {
            "model": "wpa supplicant",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "w1 fi",
            "version": "0.5.10"
          },
          {
            "model": "wpa supplicant",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "w1 fi",
            "version": "0.5.9"
          },
          {
            "model": "wpa supplicant",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "w1 fi",
            "version": "2.1"
          },
          {
            "model": "hostapd",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "w1 fi",
            "version": "0.2.8"
          },
          {
            "model": "leap",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "opensuse",
            "version": "42.2"
          },
          {
            "model": "wpa supplicant",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "w1 fi",
            "version": "0.4.7"
          },
          {
            "model": "ubuntu linux",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "canonical",
            "version": "17.04"
          },
          {
            "model": "hostapd",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "w1 fi",
            "version": "0.2.4"
          },
          {
            "model": "hostapd",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "w1 fi",
            "version": "0.3.10"
          },
          {
            "model": "wpa supplicant",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "w1 fi",
            "version": "2.3"
          },
          {
            "model": "freebsd",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "freebsd",
            "version": "10.4"
          },
          {
            "model": "hostapd",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "w1 fi",
            "version": "0.5.10"
          },
          {
            "model": "hostapd",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "w1 fi",
            "version": "0.5.9"
          },
          {
            "model": "hostapd",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "w1 fi",
            "version": "2.1"
          },
          {
            "model": "wpa supplicant",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "w1 fi",
            "version": "0.5.11"
          },
          {
            "model": "wpa supplicant",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "w1 fi",
            "version": "2.5"
          },
          {
            "model": "linux enterprise server",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "suse",
            "version": "12"
          },
          {
            "model": "hostapd",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "w1 fi",
            "version": "0.4.7"
          },
          {
            "model": "hostapd",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "w1 fi",
            "version": "2.3"
          },
          {
            "model": "wpa supplicant",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "w1 fi",
            "version": "0.4.8"
          },
          {
            "model": "hostapd",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "w1 fi",
            "version": "0.5.11"
          },
          {
            "model": "ubuntu linux",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "canonical",
            "version": "16.04"
          },
          {
            "model": "hostapd",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "w1 fi",
            "version": "2.2"
          },
          {
            "model": "wpa supplicant",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "w1 fi",
            "version": "0.6.8"
          },
          {
            "model": "freebsd",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "freebsd",
            "version": "11"
          },
          {
            "model": "hostapd",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "w1 fi",
            "version": "0.4.8"
          },
          {
            "model": "wpa supplicant",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "w1 fi",
            "version": "2.0"
          },
          {
            "model": "leap",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "opensuse",
            "version": "42.3"
          },
          {
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "9front",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "adtran",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "avm",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "actiontec",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "aerohive",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "alcatel lucent",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "android open source",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "apple",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "arch linux",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "aruba",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "asustek computer",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "barracuda",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "broadcom",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "cambium",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "centos",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "cisco",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "cradlepoint",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "cypress semiconductor",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "d link",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "debian gnu linux",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "dell",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "digi",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "draytek",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "edimax computer",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "engenius",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "endian",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "espressif",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "extreme",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "f secure",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "fedora",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "fortinet",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "freebsd",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "gentoo linux",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "google",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "hewlett packard",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "hostap",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "ipfire",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "intel",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "juniper",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "lancom",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "lede",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "lifx",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "lenovo",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "microchip",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "microsoft",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "mojo",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "nest",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "netbsd",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "netgear",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "opnsense",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "omnirom",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "open mesh",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "openbsd",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "peplink",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "red hat",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "riverbed",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "rockwell automation",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "ruckus",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "suse linux",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "samsung mobile",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "sierra",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "slackware linux",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "sonos",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "sony",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "sophos",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "synology",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "tp link",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "technicolor",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "texas instruments",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "toshiba commerce",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "toshiba electronic devices storage",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "toshiba memory",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "turris omnia",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "ubiquiti",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "ubuntu",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "volumio",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "watchguard",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "xiaomi",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "xirrus",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "zebra",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "zyxel",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "dd wrt",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "eero",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "pfsense",
            "version": null
          },
          {
            "model": "ubuntu",
            "scope": null,
            "trust": 0.8,
            "vendor": "canonical",
            "version": null
          },
          {
            "model": "gnu/linux",
            "scope": null,
            "trust": 0.8,
            "vendor": "debian",
            "version": null
          },
          {
            "model": "leap",
            "scope": null,
            "trust": 0.8,
            "vendor": "opensuse",
            "version": null
          },
          {
            "model": "linux enterprise desktop",
            "scope": null,
            "trust": 0.8,
            "vendor": "suse",
            "version": null
          },
          {
            "model": "linux enterprise point of sale",
            "scope": null,
            "trust": 0.8,
            "vendor": "suse",
            "version": null
          },
          {
            "model": "linux enterprise server",
            "scope": null,
            "trust": 0.8,
            "vendor": "suse",
            "version": null
          },
          {
            "model": "openstack cloud",
            "scope": null,
            "trust": 0.8,
            "vendor": "suse",
            "version": null
          },
          {
            "model": "hostapd",
            "scope": null,
            "trust": 0.8,
            "vendor": "w1 fi",
            "version": null
          },
          {
            "model": "wpa supplicant",
            "scope": null,
            "trust": 0.8,
            "vendor": "w1 fi",
            "version": null
          },
          {
            "model": "enterprise linux desktop",
            "scope": null,
            "trust": 0.8,
            "vendor": "red hat",
            "version": null
          },
          {
            "model": "enterprise linux server",
            "scope": null,
            "trust": 0.8,
            "vendor": "red hat",
            "version": null
          },
          {
            "model": "edge gateway",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "nec",
            "version": null
          },
          {
            "model": "sr-m20ac1",
            "scope": "lte",
            "trust": 0.8,
            "vendor": "fujitsu",
            "version": "v02.10"
          },
          {
            "model": "sr-m20ac2",
            "scope": "lte",
            "trust": 0.8,
            "vendor": "fujitsu",
            "version": "v02.10"
          },
          {
            "model": "alliance wi-fi protected access 2",
            "scope": null,
            "trust": 0.6,
            "vendor": "wi fi",
            "version": null
          },
          {
            "model": "scalance w-700",
            "scope": "eq",
            "trust": 0.6,
            "vendor": "siemens",
            "version": "0"
          },
          {
            "model": "atom processor c3200 series for yocto project bsp mr4",
            "scope": null,
            "trust": 0.3,
            "vendor": "intel",
            "version": null
          },
          {
            "model": "ios",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "10.3.2"
          },
          {
            "model": "active management technology",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "intel",
            "version": "6.1"
          },
          {
            "model": "pyxis supplystation",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "bd",
            "version": "0"
          },
          {
            "model": "sinamics smart access module",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "siemens",
            "version": "v200"
          },
          {
            "model": "active management technology",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "intel",
            "version": "11.6.27.3264"
          },
          {
            "model": "meraki mr34",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "0"
          },
          {
            "model": "ck71a-atex",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "pepperl fuchs",
            "version": "0"
          },
          {
            "model": "arubaos",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "arubanetworks",
            "version": "6.5.2.0"
          },
          {
            "model": "macbook air",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "0"
          },
          {
            "model": "aironet series access points",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "18500"
          },
          {
            "model": "active management technology",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "intel",
            "version": "8.0"
          },
          {
            "model": "meraki mr26",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "0"
          },
          {
            "model": "arubaos",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "arubanetworks",
            "version": "6.4"
          },
          {
            "model": "aironet series access points",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "28000"
          },
          {
            "model": "enterprise linux for power big endian extended update support",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "redhat",
            "version": "-7.5"
          },
          {
            "model": "meraki mr84",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "0"
          },
          {
            "model": "contact fl wlan",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "phoenix",
            "version": "510x0"
          },
          {
            "model": "windows server r2 for itanium-based systems sp1",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "microsoft",
            "version": "2008"
          },
          {
            "model": "contact itc",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "phoenix",
            "version": "81130"
          },
          {
            "model": "enterprise linux workstation",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "redhat",
            "version": "7"
          },
          {
            "model": "active management technology",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "intel",
            "version": "10.0"
          },
          {
            "model": "dual band wireless-ac",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "intel",
            "version": "726519.51.0.0"
          },
          {
            "model": "enterprise linux server extended update support",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "redhat",
            "version": "-7.6"
          },
          {
            "model": "meraki mr18",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "0"
          },
          {
            "model": "arubaos",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "arubanetworks",
            "version": "8.1.0.3"
          },
          {
            "model": "scalance w1750d",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "siemens",
            "version": "0"
          },
          {
            "model": "secure ii med-surg bed",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "stryker",
            "version": "3002"
          },
          {
            "model": "contact fl wlan",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "phoenix",
            "version": "210x0"
          },
          {
            "model": "windows version for x64-based systems",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "microsoft",
            "version": "1015110"
          },
          {
            "model": "aironet access points",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "0"
          },
          {
            "model": "contact fl wlan ap",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "phoenix",
            "version": "24802-110"
          },
          {
            "model": "active management technology",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "intel",
            "version": "11.0"
          },
          {
            "model": "instantos",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "arubanetworks",
            "version": "6.5.4.1"
          },
          {
            "model": "tvos",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "10.2"
          },
          {
            "model": "wap371 wireless-ac n access point with single point setup",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "0"
          },
          {
            "model": "ex-handy",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "pepperl fuchs",
            "version": "2090"
          },
          {
            "model": "arubaos",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "arubanetworks",
            "version": "6.5.3.2"
          },
          {
            "model": "contact rad-80211-xd",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "phoenix",
            "version": "0"
          },
          {
            "model": "ios",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "apple",
            "version": "11.2"
          },
          {
            "model": "contact fl wlan dap",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "phoenix",
            "version": "24802-110"
          },
          {
            "model": "dual band wireless-ac",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "intel",
            "version": "726519.10.9.1"
          },
          {
            "model": "arubaos",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "arubanetworks",
            "version": "6.3.1.25"
          },
          {
            "model": "pyxis medstation es",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "bd",
            "version": "0"
          },
          {
            "model": "wireless ip phone",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "88210"
          },
          {
            "model": "pyxis stockstation system",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "bd",
            "version": "0"
          },
          {
            "model": "macbook",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "0"
          },
          {
            "model": "dual band wireless-ac",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "intel",
            "version": "316819.51.7.1"
          },
          {
            "model": "dual band wireless-ac",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "intel",
            "version": "726519.10.9.2"
          },
          {
            "model": "scalance wlc712",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "siemens",
            "version": "0"
          },
          {
            "model": "contact fl wlan spa",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "phoenix",
            "version": "0"
          },
          {
            "model": "meraki mr62",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "0"
          },
          {
            "model": "simatic et200 pro im154-6 pn iwlan",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "siemens",
            "version": "0"
          },
          {
            "model": "tropos broadband mesh routers and bridges",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "abb",
            "version": "0"
          },
          {
            "model": "dual band wireless-ac",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "intel",
            "version": "316819.10.9.2"
          },
          {
            "model": "meraki mr33",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "0"
          },
          {
            "model": "instantos",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "arubanetworks",
            "version": "6.5.3.3"
          },
          {
            "model": "micros handheld terminal",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "oracle",
            "version": "0"
          },
          {
            "model": "windows server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "microsoft",
            "version": "20120"
          },
          {
            "model": "instantos",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "arubanetworks",
            "version": "6.5.2"
          },
          {
            "model": "dual band wireless-ac",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "intel",
            "version": "316018.33.9.2"
          },
          {
            "model": "windows version for 32-bit systems",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "microsoft",
            "version": "1017030"
          },
          {
            "model": "atom processor c3200 series for yocto project bsp mr4.1",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "intel",
            "version": null
          },
          {
            "model": "active management technology",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "intel",
            "version": "2.6"
          },
          {
            "model": "android",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "7.1.0"
          },
          {
            "model": "contact fl wlan",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "phoenix",
            "version": "110x0"
          },
          {
            "model": "windows for 32-bit systems",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "microsoft",
            "version": "100"
          },
          {
            "model": "s3 med-surg bed",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "stryker",
            "version": "3002"
          },
          {
            "model": "arubaos",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "arubanetworks",
            "version": "6.4.2.4"
          },
          {
            "model": "tvos",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "11.1"
          },
          {
            "model": "contact fl comserver wlan",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "phoenix",
            "version": "232/422/4850"
          },
          {
            "model": "airport base station",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "7.6.8"
          },
          {
            "model": "enterprise linux server update services for sap solutions",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "redhat",
            "version": "-7."
          },
          {
            "model": "active management technology",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "intel",
            "version": "7.1.91.3272"
          },
          {
            "model": "instantos",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "arubanetworks",
            "version": "4.2.4.9"
          },
          {
            "model": "contact fl wlan ap",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "phoenix",
            "version": "230802-110"
          },
          {
            "model": "android",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "6.1"
          },
          {
            "model": "enterprise linux for power little endian extended update supp",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "redhat",
            "version": "-7.6"
          },
          {
            "model": "meraki mr14",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "0"
          },
          {
            "model": "enterprise linux eus compute node",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "redhat",
            "version": "7.5"
          },
          {
            "model": "aironet series access points",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "18150"
          },
          {
            "model": "wireless client bridge 2.0.0.1-aruba501-b00",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "arubanetworks",
            "version": "501"
          },
          {
            "model": "enterprise linux server extended update support",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "redhat",
            "version": "-7.4"
          },
          {
            "model": "enterprise linux server tus",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "redhat",
            "version": "-7.6"
          },
          {
            "model": "dual band wireless-ac",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "intel",
            "version": "726018.33.9.2"
          },
          {
            "model": "airport express",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "0"
          },
          {
            "model": "meraki mr16",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "0"
          },
          {
            "model": "clarity engine",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "arubanetworks",
            "version": "1.0"
          },
          {
            "model": "meraki mr30h",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "0"
          },
          {
            "model": "airport extreme",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "0"
          },
          {
            "model": "windows server r2",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "microsoft",
            "version": "20120"
          },
          {
            "model": "dual band wireless-ac",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "intel",
            "version": "826520.0.2.3"
          },
          {
            "model": "android",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "8.0"
          },
          {
            "model": "contact bl2 bpc",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "phoenix",
            "version": "0"
          },
          {
            "model": "tvos",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "10.0.1"
          },
          {
            "model": "enterprise linux for ibm z systems",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "redhat",
            "version": "7"
          },
          {
            "model": "watch",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "0"
          },
          {
            "model": "meraki mr32",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "0"
          },
          {
            "model": "wpa supplicant",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "w1 f1",
            "version": "2.4"
          },
          {
            "model": "active management technology",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "intel",
            "version": "4.0"
          },
          {
            "model": "ruggedcom rx1400",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "siemens",
            "version": "0"
          },
          {
            "model": "cn70a-atex",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "pepperl fuchs",
            "version": "0"
          },
          {
            "model": "windows version for 32-bit systems",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "microsoft",
            "version": "1015110"
          },
          {
            "model": "arubaos",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "arubanetworks",
            "version": "6.5.3"
          },
          {
            "model": "pyxis parx handheld",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "bd",
            "version": "0"
          },
          {
            "model": "dual band wireless-ac",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "intel",
            "version": "726519.10"
          },
          {
            "model": "active management technology",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "intel",
            "version": "9.1.40.100"
          },
          {
            "model": "tvos",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "10.1.1"
          },
          {
            "model": "instantos",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "arubanetworks",
            "version": "6.5.3"
          },
          {
            "model": "windows rt",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "microsoft",
            "version": "8.1"
          },
          {
            "model": "meraki mr42",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "0"
          },
          {
            "model": "instantos",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "arubanetworks",
            "version": "4.3.1.6"
          },
          {
            "model": "airport base station",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "7.7.3"
          },
          {
            "model": "wap561 wireless-n dual radio selectable band access point",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "0"
          },
          {
            "model": "active management technology",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "intel",
            "version": "11.0.26.3000"
          },
          {
            "model": "instantos",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "arubanetworks",
            "version": "6.5.4.2"
          },
          {
            "model": "active management technology",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "intel",
            "version": "11.6"
          },
          {
            "model": "tvos",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "apple",
            "version": "11.2"
          },
          {
            "model": "active management technology",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "intel",
            "version": "6.0"
          },
          {
            "model": "windows server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "microsoft",
            "version": "2016"
          },
          {
            "model": "contact rad-whg/wlan-xd",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "phoenix",
            "version": "0"
          },
          {
            "model": "dual band wireless-ac",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "intel",
            "version": "726018.33.9.3"
          },
          {
            "model": "wi-fi update for boot camp",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "apple",
            "version": "6.4.0"
          },
          {
            "model": "suremark printer 2nr",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "toshiba",
            "version": "4610"
          },
          {
            "model": "android",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "7.1.1"
          },
          {
            "model": "arubaos",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "arubanetworks",
            "version": "6.5.4.2"
          },
          {
            "model": "enterprise linux for power little endian extended update supp",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "redhat",
            "version": "-7.5"
          },
          {
            "model": "enterprise linux for power little endian",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "redhat",
            "version": "7"
          },
          {
            "model": "dual band wireless-ac",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "intel",
            "version": "826520.0.0.0"
          },
          {
            "model": "tvos",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "10.2.1"
          },
          {
            "model": "arubaos",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "arubanetworks",
            "version": "6.3.1.8"
          },
          {
            "model": "windows server for x64-based systems sp2",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "microsoft",
            "version": "2008"
          },
          {
            "model": "pyxis supply roller",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "bd",
            "version": "0"
          },
          {
            "model": "airport base station",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "7.6.3"
          },
          {
            "model": "ios",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "10.3"
          },
          {
            "model": "telepresence collaboration endpoint",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "0"
          },
          {
            "model": "active management technology",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "intel",
            "version": "6.2.61.3535"
          },
          {
            "model": "contact vmt",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "phoenix",
            "version": "70xx0"
          },
          {
            "model": "imac",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "0"
          },
          {
            "model": "meraki mr72",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "0"
          },
          {
            "model": "watchos",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "4"
          },
          {
            "model": "enterprise linux for power little endian extended update supp",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "redhat",
            "version": "-7.4"
          },
          {
            "model": "active management technology",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "intel",
            "version": "11.0.25.3001"
          },
          {
            "model": "arubaos",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "arubanetworks",
            "version": "8.1.0.4"
          },
          {
            "model": "active management technology",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "intel",
            "version": "9.1"
          },
          {
            "model": "enterprise linux server tus",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "redhat",
            "version": "-7.4"
          },
          {
            "model": "active management technology",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "intel",
            "version": "6.2"
          },
          {
            "model": "meraki mr53",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "0"
          },
          {
            "model": "tvos",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "10.1"
          },
          {
            "model": "wap551 wireless-n single radio selectable band access point",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "0"
          },
          {
            "model": "instantos",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "arubanetworks",
            "version": "4.2"
          },
          {
            "model": "instantos",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "arubanetworks",
            "version": "6.5.3.2"
          },
          {
            "model": "dual band wireless-ac",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "intel",
            "version": "316519.10"
          },
          {
            "model": "dual band wireless-ac",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "intel",
            "version": "826020.0.0.0"
          },
          {
            "model": "wap121 wireless-n access point with single point setup",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "0"
          },
          {
            "model": "active management technology",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "intel",
            "version": "2.5"
          },
          {
            "model": "active management technology",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "intel",
            "version": "11.6.0.1000"
          },
          {
            "model": "wireless client bridge 1.0.1.3-hp501-b0012",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "arubanetworks",
            "version": "501"
          },
          {
            "model": "i.roc ci70-ex",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "pepperl fuchs",
            "version": "0"
          },
          {
            "model": "arubaos",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "arubanetworks",
            "version": "6.5.0.0"
          },
          {
            "model": "dual band wireless-ac",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "intel",
            "version": "826020.0.2.2"
          },
          {
            "model": "active management technology",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "intel",
            "version": "7.1"
          },
          {
            "model": "cn70e-atex",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "pepperl fuchs",
            "version": "0"
          },
          {
            "model": "dual band wireless-ac",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "intel",
            "version": "726018.0.0.0"
          },
          {
            "model": "meraki mr24",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "0"
          },
          {
            "model": "suremark printer 1nr",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "toshiba",
            "version": "4610"
          },
          {
            "model": "enterprise linux for ibm z systems extended update support",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "redhat",
            "version": "-7.6"
          },
          {
            "model": "contact vmt",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "phoenix",
            "version": "50xx0"
          },
          {
            "model": "meraki mr74",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "0"
          },
          {
            "model": "ex-handy",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "pepperl fuchs",
            "version": "090"
          },
          {
            "model": "arubaos",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "arubanetworks",
            "version": "6.4.4.15"
          },
          {
            "model": "dual band wireless-ac",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "intel",
            "version": "316519.51.7.1"
          },
          {
            "model": "dual band wireless-ac",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "intel",
            "version": "726519.51.7.20"
          },
          {
            "model": "anyconnect secure mobility client",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "0"
          },
          {
            "model": "dual band wireless-ac",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "intel",
            "version": "726519.51.7.1"
          },
          {
            "model": "systems esp32",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "espressif",
            "version": "0"
          },
          {
            "model": "watchos",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "4.1"
          },
          {
            "model": "enterprise linux server extended update support",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "redhat",
            "version": "-7.5"
          },
          {
            "model": "micros handheld terminal 2.03.0.0.021r",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "oracle",
            "version": null
          },
          {
            "model": "aironet series access points",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "38000"
          },
          {
            "model": "pyxis parx",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "bd",
            "version": "0"
          },
          {
            "model": "dx70",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "0"
          },
          {
            "model": "arubaos",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "arubanetworks",
            "version": "6.5.1.9"
          },
          {
            "model": "enterprise linux server update services for sap solutions",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "redhat",
            "version": "-7.6"
          },
          {
            "model": "intouch critical care bed",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "stryker",
            "version": "2141"
          },
          {
            "model": "pyxis anesthesia es",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "bd",
            "version": "0"
          },
          {
            "model": "aironet series officeextend access points",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "18100"
          },
          {
            "model": "windows for x64-based systems",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "microsoft",
            "version": "8.10"
          },
          {
            "model": "dual band wireless-ac",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "intel",
            "version": "316819.10.9.1"
          },
          {
            "model": "active management technology",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "intel",
            "version": "10.0.55.3000"
          },
          {
            "model": "windows for 32-bit systems",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "microsoft",
            "version": "8.10"
          },
          {
            "model": "android",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "6.0"
          },
          {
            "model": "meraki mr66",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "0"
          },
          {
            "model": "dual band wireless-ac",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "intel",
            "version": "316519.10.9.1"
          },
          {
            "model": "airport base station",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "7.6"
          },
          {
            "model": "intouch critical care bed",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "stryker",
            "version": "2131"
          },
          {
            "model": "android",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "7.1.2"
          },
          {
            "model": "aironet series access points",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "18300"
          },
          {
            "model": "enterprise linux server aus",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "redhat",
            "version": "-7.6"
          },
          {
            "model": "enterprise linux for power big endian extended update support",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "redhat",
            "version": "-7.6"
          },
          {
            "model": "active management technology",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "intel",
            "version": "10.0.0.50.1004"
          },
          {
            "model": "arubaos",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "arubanetworks",
            "version": "6.4.1.0"
          },
          {
            "model": "wap321 wireless-n access point with single point setup",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "0"
          },
          {
            "model": "simatic iwlan-pb/link",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "siemens",
            "version": "0"
          },
          {
            "model": "aironet 1810w series access points",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "0"
          },
          {
            "model": "meraki mr52",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "0"
          },
          {
            "model": "enterprise linux for ibm z systems extended update support",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "redhat",
            "version": "-7.5"
          },
          {
            "model": "meraki mr12",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "0"
          },
          {
            "model": "airmesh msr",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "arubanetworks",
            "version": "0"
          },
          {
            "model": "dual band wireless-ac",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "intel",
            "version": "316519.51.7.20"
          },
          {
            "model": "watchos",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "apple",
            "version": "4.2"
          },
          {
            "model": "contact fl wlan ec",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "phoenix",
            "version": "24802-110"
          },
          {
            "model": "instantos",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "arubanetworks",
            "version": "4.2.4.8"
          },
          {
            "model": "systems esp8266",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "espressif",
            "version": "0"
          },
          {
            "model": "tv",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "0"
          },
          {
            "model": "pad-ex",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "pepperl fuchs",
            "version": "010"
          },
          {
            "model": "active management technology",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "intel",
            "version": "11.0.0.1205"
          },
          {
            "model": "ip phone",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "88610"
          },
          {
            "model": "clarity engine",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "arubanetworks",
            "version": "1.0.0.1"
          },
          {
            "model": "aironet series access points",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "15600"
          },
          {
            "model": "windows for 32-bit systems sp1",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "microsoft",
            "version": "7"
          },
          {
            "model": "instantos",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "arubanetworks",
            "version": "4.3.1.5"
          },
          {
            "model": "airport base station",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "7.6.2"
          },
          {
            "model": "active management technology",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "intel",
            "version": "8.1"
          },
          {
            "model": "active management technology",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "intel",
            "version": "11.8"
          },
          {
            "model": "windows for x64-based systems sp1",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "microsoft",
            "version": "7"
          },
          {
            "model": "enterprise linux for ibm z systems extended update support",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "redhat",
            "version": "-7.4"
          },
          {
            "model": "meraki mr58",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "0"
          },
          {
            "model": "windows version for 32-bit systems",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "microsoft",
            "version": "1016070"
          },
          {
            "model": "dual band wireless-ac",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "intel",
            "version": "316519.10.9.2"
          },
          {
            "model": "pyxis parassist system",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "bd",
            "version": "0"
          },
          {
            "model": "windows server for 32-bit systems sp2",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "microsoft",
            "version": "2008"
          },
          {
            "model": "instantos",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "arubanetworks",
            "version": "4.3"
          },
          {
            "model": "android",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "7.0"
          },
          {
            "model": "simatic mobile panel 277 iwlan",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "siemens",
            "version": "0"
          },
          {
            "model": "pyxis medstation t2",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "bd",
            "version": "40000"
          },
          {
            "model": "dual band wireless-ac",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "intel",
            "version": "826020.0.2.3"
          },
          {
            "model": "android",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "6.0.1"
          },
          {
            "model": "airport base station",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "7.6.1"
          },
          {
            "model": "dual band wireless-ac",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "intel",
            "version": "316519.51.0.0"
          },
          {
            "model": "wi-fi update for boot camp",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "0"
          },
          {
            "model": "enterprise linux server update services for sap solutions",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "redhat",
            "version": "-7.4"
          },
          {
            "model": "ipad",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "0"
          },
          {
            "model": "contact vmt",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "phoenix",
            "version": "30xx0"
          },
          {
            "model": "enterprise linux for power big endian",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "redhat",
            "version": "7"
          },
          {
            "model": "wpa supplicant",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "w1 f1",
            "version": "2.6"
          },
          {
            "model": "wireless client bridge",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "arubanetworks",
            "version": "5010"
          },
          {
            "model": "ios",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "10.0.1"
          },
          {
            "model": "active management technology",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "intel",
            "version": "11.5"
          },
          {
            "model": "meraki mr11",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "0"
          },
          {
            "model": "ios",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "10.3.3"
          },
          {
            "model": "pyxis anesthesia system",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "bd",
            "version": "40000"
          },
          {
            "model": "tvos",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "10.2.2"
          },
          {
            "model": "pyxis anesthesia system",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "bd",
            "version": "35000"
          },
          {
            "model": "automation stratix 15.3 jc1",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "rockwell",
            "version": "5100"
          },
          {
            "model": "enterprise linux server aus",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "redhat",
            "version": "-7.4"
          },
          {
            "model": "pyxis ciisafe workstation",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "bd",
            "version": "??0"
          },
          {
            "model": "enterprise linux for power big endian extended update support",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "redhat",
            "version": "-7.4"
          },
          {
            "model": "airport base station",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "7.6.7"
          },
          {
            "model": "dual band wireless-ac",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "intel",
            "version": "316819.51.0.0"
          },
          {
            "model": "ipad air",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "0"
          },
          {
            "model": "active management technology",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "intel",
            "version": "7.0"
          },
          {
            "model": "arubaos",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "arubanetworks",
            "version": "6.5.4.1"
          },
          {
            "model": "enterprise linux eus compute node",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "redhat",
            "version": "7.6"
          },
          {
            "model": "enterprise linux for scientific computing",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "redhat",
            "version": "7"
          },
          {
            "model": "active management technology",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "intel",
            "version": "8.1.71.3608"
          },
          {
            "model": "active management technology",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "intel",
            "version": "9.1.41.3024"
          },
          {
            "model": "arubaos",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "arubanetworks",
            "version": "6.4.2.1"
          },
          {
            "model": "enterprise linux eus compute node",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "redhat",
            "version": "7.4"
          },
          {
            "model": "dx80",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "0"
          },
          {
            "model": "active management technology",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "intel",
            "version": "9.0"
          },
          {
            "model": "contact bl2 ppc",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "phoenix",
            "version": "0"
          },
          {
            "model": "contact tpc",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "phoenix",
            "version": "60130"
          },
          {
            "model": "ipod touch",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "0"
          },
          {
            "model": "arubaos",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "arubanetworks",
            "version": "6.5.1"
          },
          {
            "model": "ck70a-atex",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "pepperl fuchs",
            "version": "0"
          },
          {
            "model": "ios",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "10.2.1"
          },
          {
            "model": "ios",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "10.3.1"
          },
          {
            "model": "dual band wireless-ac",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "intel",
            "version": "316819.51.7.20"
          },
          {
            "model": "macbook pro",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "0"
          },
          {
            "model": "dual band wireless-ac",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "intel",
            "version": "316819.10"
          },
          {
            "model": "windows for x64-based systems",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "microsoft",
            "version": "100"
          },
          {
            "model": "airport base station",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "7.7.8"
          },
          {
            "model": "active management technology",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "intel",
            "version": "9.5"
          },
          {
            "model": "ios",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "10.1"
          },
          {
            "model": "ios",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "10.2"
          },
          {
            "model": "airport base station",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "7.6.4"
          },
          {
            "model": "smart-ex",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "pepperl fuchs",
            "version": "010"
          },
          {
            "model": "dual band wireless-ac",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "intel",
            "version": "826520.0.2.2"
          },
          {
            "model": "dual band wireless-ac",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "intel",
            "version": "316018.33.9.3"
          },
          {
            "model": "tab-ex",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "pepperl fuchs",
            "version": "010"
          },
          {
            "model": "arubaos",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "arubanetworks",
            "version": "6.5.3.3"
          },
          {
            "model": "iphone",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "0"
          },
          {
            "model": "macmini",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "0"
          },
          {
            "model": "arubaos",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "arubanetworks",
            "version": "6.4.4.16"
          },
          {
            "model": "contact fl wlan epa",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "phoenix",
            "version": "0"
          },
          {
            "model": "airport time capsule",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "0"
          },
          {
            "model": "alliance wpa2 (wi-fi protected access",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "wi fi",
            "version": "2)0"
          },
          {
            "model": "airport base station",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "apple",
            "version": "7.7.9"
          },
          {
            "model": "scalance wlc711",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "siemens",
            "version": "0"
          },
          {
            "model": "ruggedcom rs9xxw",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "siemens",
            "version": "0"
          },
          {
            "model": "arubaos",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "arubanetworks",
            "version": "6.3.1.15"
          },
          {
            "model": "networks unifi access point",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ubiquiti",
            "version": "0"
          },
          {
            "model": "suremark printer 2cr",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "toshiba",
            "version": "4610"
          },
          {
            "model": "ip phone",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "88650"
          },
          {
            "model": "arubaos",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "arubanetworks",
            "version": "6.5.4"
          },
          {
            "model": "airport base station",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "7.7.7"
          },
          {
            "model": "instantos",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "arubanetworks",
            "version": "6.5.4"
          },
          {
            "model": "asa 5506w-x w/ firepower services",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "0"
          },
          {
            "model": "windows version for x64-based systems",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "microsoft",
            "version": "1016070"
          },
          {
            "model": "airport base station",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "apple",
            "version": "7.6.9"
          },
          {
            "model": "s3 med-surg bed",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "stryker",
            "version": "3005"
          },
          {
            "model": "dual band wireless-ac",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "intel",
            "version": "316018.0.0.0"
          },
          {
            "model": "smart-ex",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "pepperl fuchs",
            "version": "2010"
          },
          {
            "model": "windows version for x64-based systems",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "microsoft",
            "version": "1017030"
          },
          {
            "model": "ios",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "11.1"
          },
          {
            "model": "alliance",
            "scope": "eq",
            "trust": 0.2,
            "vendor": "wi fi",
            "version": "*"
          },
          {
            "model": "protected access 2",
            "scope": null,
            "trust": 0.2,
            "vendor": "wi fi",
            "version": null
          }
        ],
        "sources": [
          {
            "db": "IVD",
            "id": "aa65fb94-7ce8-4cab-aa5a-818ddc180c3c"
          },
          {
            "db": "CERT/CC",
            "id": "VU#228519"
          },
          {
            "db": "CNVD",
            "id": "CNVD-2017-30401"
          },
          {
            "db": "BID",
            "id": "101274"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2017-009175"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201710-385"
          },
          {
            "db": "NVD",
            "id": "CVE-2017-13082"
          }
        ]
      },
      "configurations": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/configurations#",
          "children": {
            "@container": "@list"
          },
          "cpe_match": {
            "@container": "@list"
          },
          "data": {
            "@container": "@list"
          },
          "nodes": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "CVE_data_version": "4.0",
            "nodes": [
              {
                "cpe_match": [
                  {
                    "cpe22Uri": "cpe:/o:canonical:ubuntu",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:debian:debian_linux",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:freebsd:freebsd",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:opensuse_project:leap",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:suse:linux_enterprise_desktop",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:suse:suse_linux_enterprise_point_of_sale",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:suse:linux_enterprise_server",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/a:suse:openstack_cloud",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/a:w1.fi:hostapd",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/a:w1.fi:wpa_supplicant",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:redhat:enterprise_linux_desktop",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:redhat:enterprise_linux_server",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:nec:nec_edge_gateway",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/a:fujitsu:sr-m20ac1",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/a:fujitsu:sr-m20ac2",
                    "vulnerable": true
                  }
                ],
                "operator": "OR"
              }
            ]
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2017-009175"
          }
        ]
      },
      "credits": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/credits#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "Mathy Vanhoef from imec-DistriNet and KU Leuven.",
        "sources": [
          {
            "db": "BID",
            "id": "101274"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201710-385"
          }
        ],
        "trust": 0.9
      },
      "cve": "CVE-2017-13082",
      "cvss": {
        "@context": {
          "cvssV2": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
          },
          "cvssV3": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
          },
          "severity": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/cvss/severity#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/severity"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            },
            "@id": "https://www.variotdbs.pl/ref/sources"
          }
        },
        "data": [
          {
            "cvssV2": [
              {
                "accessComplexity": "LOW",
                "accessVector": "ADJACENT_NETWORK",
                "authentication": "NONE",
                "author": "nvd@nist.gov",
                "availabilityImpact": "PARTIAL",
                "baseScore": 5.8,
                "confidentialityImpact": "PARTIAL",
                "exploitabilityScore": 6.5,
                "id": "CVE-2017-13082",
                "impactScore": 6.4,
                "integrityImpact": "PARTIAL",
                "severity": "MEDIUM",
                "trust": 1.1,
                "vectorString": "AV:A/AC:L/Au:N/C:P/I:P/A:P",
                "version": "2.0"
              },
              {
                "acInsufInfo": null,
                "accessComplexity": "Medium",
                "accessVector": "Adjacent Network",
                "authentication": "None",
                "author": "NVD",
                "availabilityImpact": "Partial",
                "baseScore": 5.4,
                "confidentialityImpact": "Partial",
                "exploitabilityScore": null,
                "id": "CVE-2017-13082",
                "impactScore": null,
                "integrityImpact": "Partial",
                "obtainAllPrivilege": null,
                "obtainOtherPrivilege": null,
                "obtainUserPrivilege": null,
                "severity": "Medium",
                "trust": 0.8,
                "userInteractionRequired": null,
                "vectorString": "AV:A/AC:M/Au:N/C:P/I:P/A:P",
                "version": "2.0"
              },
              {
                "accessComplexity": "MEDIUM",
                "accessVector": "ADJACENT_NETWORK",
                "authentication": "NONE",
                "author": "CNVD",
                "availabilityImpact": "PARTIAL",
                "baseScore": 5.4,
                "confidentialityImpact": "PARTIAL",
                "exploitabilityScore": 5.5,
                "id": "CNVD-2017-30401",
                "impactScore": 6.4,
                "integrityImpact": "PARTIAL",
                "severity": "MEDIUM",
                "trust": 0.6,
                "vectorString": "AV:A/AC:M/Au:N/C:P/I:P/A:P",
                "version": "2.0"
              },
              {
                "accessComplexity": "MEDIUM",
                "accessVector": "ADJACENT_NETWORK",
                "authentication": "NONE",
                "author": "IVD",
                "availabilityImpact": "PARTIAL",
                "baseScore": 5.4,
                "confidentialityImpact": "PARTIAL",
                "exploitabilityScore": 5.5,
                "id": "aa65fb94-7ce8-4cab-aa5a-818ddc180c3c",
                "impactScore": 6.4,
                "integrityImpact": "PARTIAL",
                "severity": "MEDIUM",
                "trust": 0.2,
                "vectorString": "AV:A/AC:M/Au:N/C:P/I:P/A:P",
                "version": "2.9 [IVD]"
              }
            ],
            "cvssV3": [
              {
                "attackComplexity": "LOW",
                "attackVector": "ADJACENT",
                "author": "nvd@nist.gov",
                "availabilityImpact": "NONE",
                "baseScore": 8.1,
                "baseSeverity": "HIGH",
                "confidentialityImpact": "HIGH",
                "exploitabilityScore": 2.8,
                "id": "CVE-2017-13082",
                "impactScore": 5.2,
                "integrityImpact": "HIGH",
                "privilegesRequired": "NONE",
                "scope": "UNCHANGED",
                "trust": 1.0,
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N",
                "version": "3.0"
              },
              {
                "attackComplexity": "High",
                "attackVector": "Adjacent Network",
                "author": "NVD",
                "availabilityImpact": "None",
                "baseScore": 6.8,
                "baseSeverity": "Medium",
                "confidentialityImpact": "High",
                "exploitabilityScore": null,
                "id": "CVE-2017-13082",
                "impactScore": null,
                "integrityImpact": "High",
                "privilegesRequired": "None",
                "scope": "Unchanged",
                "trust": 0.8,
                "userInteraction": "None",
                "vectorString": "CVSS:3.0/AV:A/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N",
                "version": "3.0"
              }
            ],
            "severity": [
              {
                "author": "nvd@nist.gov",
                "id": "CVE-2017-13082",
                "trust": 1.0,
                "value": "HIGH"
              },
              {
                "author": "NVD",
                "id": "CVE-2017-13082",
                "trust": 0.8,
                "value": "Medium"
              },
              {
                "author": "CNVD",
                "id": "CNVD-2017-30401",
                "trust": 0.6,
                "value": "MEDIUM"
              },
              {
                "author": "CNNVD",
                "id": "CNNVD-201710-385",
                "trust": 0.6,
                "value": "HIGH"
              },
              {
                "author": "IVD",
                "id": "aa65fb94-7ce8-4cab-aa5a-818ddc180c3c",
                "trust": 0.2,
                "value": "HIGH"
              },
              {
                "author": "VULMON",
                "id": "CVE-2017-13082",
                "trust": 0.1,
                "value": "MEDIUM"
              }
            ]
          }
        ],
        "sources": [
          {
            "db": "IVD",
            "id": "aa65fb94-7ce8-4cab-aa5a-818ddc180c3c"
          },
          {
            "db": "CNVD",
            "id": "CNVD-2017-30401"
          },
          {
            "db": "VULMON",
            "id": "CVE-2017-13082"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2017-009175"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201710-385"
          },
          {
            "db": "NVD",
            "id": "CVE-2017-13082"
          }
        ]
      },
      "description": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/description#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "Wi-Fi Protected Access (WPA and WPA2) that supports IEEE 802.11r allows reinstallation of the Pairwise Transient Key (PTK) Temporal Key (TK) during the fast BSS transmission (FT) handshake, allowing an attacker within radio range to replay, decrypt, or spoof frames. Wi-Fi Protected Access (WPA, more commonly WPA2) handshake traffic can be manipulated to induce nonce and session key reuse, resulting in key reinstallation by a wireless access point (AP) or client. An attacker within range of an affected AP and client may leverage these vulnerabilities to conduct attacks that are dependent on the data confidentiality protocols being used. Attacks may include arbitrary packet decryption and injection, TCP connection hijacking, HTTP content injection, or the replay of unicast and group-addressed frames. These vulnerabilities are referred to as Key Reinstallation Attacks or \"KRACK\" attacks. WPA (Wi-Fi Protected Access) is a system that protects wireless computer networks (Wi-Fi). The PTK-TK encryption key reloading vulnerability exists when the WPA2 wireless network receives and processes the retransmitted fast BSS transition reassociation request. WPA2  is prone to multiple security weaknesses. \nExploiting these issues may allow an unauthorized user to intercept and manipulate data or disclose sensitive information. -----BEGIN PGP SIGNED MESSAGE-----\nHash: SHA1\n\n=====================================================================\n                   Red Hat Security Advisory\n\nSynopsis:          Important: wpa_supplicant security update\nAdvisory ID:       RHSA-2017:2907-01\nProduct:           Red Hat Enterprise Linux\nAdvisory URL:      https://access.redhat.com/errata/RHSA-2017:2907\nIssue date:        2017-10-17\nCVE Names:         CVE-2017-13077 CVE-2017-13078 CVE-2017-13080 \n                   CVE-2017-13082 CVE-2017-13086 CVE-2017-13087 \n                   CVE-2017-13088 \n=====================================================================\n\n1. Summary:\n\nAn update for wpa_supplicant is now available for Red Hat Enterprise Linux\n7. \n\nRed Hat Product Security has rated this update as having a security impact\nof Important. A Common Vulnerability Scoring System (CVSS) base score,\nwhich gives a detailed severity rating, is available for each vulnerability\nfrom the CVE link(s) in the References section. Relevant releases/architectures:\n\nRed Hat Enterprise Linux Client (v. 7) - x86_64\nRed Hat Enterprise Linux ComputeNode (v. 7) - x86_64\nRed Hat Enterprise Linux Server (v. 7) - aarch64, ppc64, ppc64le, s390x, x86_64\nRed Hat Enterprise Linux Workstation (v. 7) - x86_64\n\n3. Description:\n\nThe wpa_supplicant packages contain an 802.1X Supplicant with support for\nWEP, WPA, WPA2 (IEEE 802.11i / RSN), and various EAP authentication\nmethods. They implement key negotiation with a WPA Authenticator for client\nstations and controls the roaming and IEEE 802.11 authentication and\nassociation of the WLAN driver. A remote attacker within Wi-Fi range\ncould exploit these attacks to decrypt Wi-Fi traffic or possibly inject\nforged Wi-Fi packets by manipulating cryptographic handshakes used by the\nWPA2 protocol. (CVE-2017-13077, CVE-2017-13078, CVE-2017-13080,\nCVE-2017-13082, CVE-2017-13086, CVE-2017-13087, CVE-2017-13088)\n\nRed Hat would like to thank CERT for reporting these issues. Upstream\nacknowledges Mathy Vanhoef (University of Leuven) as the original reporter\nof these issues. Solution:\n\nFor details on how to apply this update, which includes the changes\ndescribed in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\n5. Bugs fixed (https://bugzilla.redhat.com/):\n\n1491692 - CVE-2017-13077 wpa_supplicant: Reinstallation of the pairwise key in the 4-way handshake\n1491693 - CVE-2017-13078 wpa_supplicant: Reinstallation of the group key in the 4-way handshake\n1491696 - CVE-2017-13080 wpa_supplicant: Reinstallation of the group key in the group key handshake\n1491698 - CVE-2017-13082 wpa_supplicant: Accepting a retransmitted FT Reassociation Request and reinstalling the pairwise key while processing it\n1500302 - CVE-2017-13086 wpa_supplicant: reinstallation of the Tunneled Direct-Link Setup (TDLS) PeerKey (TPK) key in the TDLS handshake\n1500303 - CVE-2017-13087 wpa_supplicant: reinstallation of the group key (GTK) when processing a Wireless Network Management (WNM) Sleep Mode Response frame\n1500304 - CVE-2017-13088 wpa_supplicant: reinstallation of the integrity group key (IGTK) when processing a Wireless Network Management (WNM) Sleep Mode Response frame\n\n6. Package List:\n\nRed Hat Enterprise Linux Client (v. 7):\n\nSource:\nwpa_supplicant-2.6-5.el7_4.1.src.rpm\n\nx86_64:\nwpa_supplicant-2.6-5.el7_4.1.x86_64.rpm\nwpa_supplicant-debuginfo-2.6-5.el7_4.1.x86_64.rpm\n\nRed Hat Enterprise Linux ComputeNode (v. 7):\n\nSource:\nwpa_supplicant-2.6-5.el7_4.1.src.rpm\n\nx86_64:\nwpa_supplicant-2.6-5.el7_4.1.x86_64.rpm\nwpa_supplicant-debuginfo-2.6-5.el7_4.1.x86_64.rpm\n\nRed Hat Enterprise Linux Server (v. 7):\n\nSource:\nwpa_supplicant-2.6-5.el7_4.1.src.rpm\n\naarch64:\nwpa_supplicant-2.6-5.el7_4.1.aarch64.rpm\nwpa_supplicant-debuginfo-2.6-5.el7_4.1.aarch64.rpm\n\nppc64:\nwpa_supplicant-2.6-5.el7_4.1.ppc64.rpm\nwpa_supplicant-debuginfo-2.6-5.el7_4.1.ppc64.rpm\n\nppc64le:\nwpa_supplicant-2.6-5.el7_4.1.ppc64le.rpm\nwpa_supplicant-debuginfo-2.6-5.el7_4.1.ppc64le.rpm\n\ns390x:\nwpa_supplicant-2.6-5.el7_4.1.s390x.rpm\nwpa_supplicant-debuginfo-2.6-5.el7_4.1.s390x.rpm\n\nx86_64:\nwpa_supplicant-2.6-5.el7_4.1.x86_64.rpm\nwpa_supplicant-debuginfo-2.6-5.el7_4.1.x86_64.rpm\n\nRed Hat Enterprise Linux Workstation (v. 7):\n\nSource:\nwpa_supplicant-2.6-5.el7_4.1.src.rpm\n\nx86_64:\nwpa_supplicant-2.6-5.el7_4.1.x86_64.rpm\nwpa_supplicant-debuginfo-2.6-5.el7_4.1.x86_64.rpm\n\nThese packages are GPG signed by Red Hat for security.  Our key and\ndetails on how to verify the signature are available from\nhttps://access.redhat.com/security/team/key/\n\n7. References:\n\nhttps://access.redhat.com/security/cve/CVE-2017-13077\nhttps://access.redhat.com/security/cve/CVE-2017-13078\nhttps://access.redhat.com/security/cve/CVE-2017-13080\nhttps://access.redhat.com/security/cve/CVE-2017-13082\nhttps://access.redhat.com/security/cve/CVE-2017-13086\nhttps://access.redhat.com/security/cve/CVE-2017-13087\nhttps://access.redhat.com/security/cve/CVE-2017-13088\nhttps://access.redhat.com/security/updates/classification/#important\nhttps://access.redhat.com/security/vulnerabilities/kracks\n\n8. Contact:\n\nThe Red Hat security contact is \u003csecalert@redhat.com\u003e. More contact\ndetails at https://access.redhat.com/security/team/contact/\n\nCopyright 2017 Red Hat, Inc. Those vulnerabilities applies to both the access point\n(implemented in hostapd) and the station (implemented in wpa_supplicant). \n\nAn attacker exploiting the vulnerabilities could force the vulnerable system to\nreuse cryptographic session keys, enabling a range of cryptographic attacks\nagainst the ciphers used in WPA1 and WPA2. \n\nFor the stable distribution (stretch), these problems have been fixed in\nversion 2:2.4-1+deb9u1. \n\nFor the testing distribution (buster), these problems have been fixed\nin version 2:2.4-1.1. \n\nFor the unstable distribution (sid), these problems have been fixed in\nversion 2:2.4-1.1. \n\nWe recommend that you upgrade your wpa packages. ==========================================================================\nUbuntu Security Notice USN-3455-1\nOctober 16, 2017\n\nwpa vulnerabilities\n==========================================================================\n\nA security issue affects these releases of Ubuntu and its derivatives:\n\n- Ubuntu 17.04\n- Ubuntu 16.04 LTS\n- Ubuntu 14.04 LTS\n\nSummary:\n\nSeveral security issues were fixed in wpa_supplicant. \n\nSoftware Description:\n- wpa: client support for WPA and WPA2\n\nDetails:\n\nMathy Vanhoef discovered that wpa_supplicant and hostapd incorrectly\nhandled WPA2. (CVE-2017-13077,\nCVE-2017-13078, CVE-2017-13079, CVE-2017-13080, CVE-2017-13081,\nCVE-2017-13082, CVE-2017-13086, CVE-2017-13087, CVE-2017-13088)\n\nImre Rad discovered that wpa_supplicant and hostapd incorrectly handled\ninvalid characters in passphrase parameters. A remote attacker could use\nthis issue to cause a denial of service. (CVE-2016-4476)\n\nImre Rad discovered that wpa_supplicant and hostapd incorrectly handled\ninvalid characters in passphrase parameters. A local attacker could use\nthis issue to cause a denial of service, or possibly execute arbitrary\ncode. (CVE-2016-4477)\n\nUpdate instructions:\n\nThe problem can be corrected by updating your system to the following\npackage versions:\n\nUbuntu 17.04:\n  hostapd                         2.4-0ubuntu9.1\n  wpasupplicant                   2.4-0ubuntu9.1\n\nUbuntu 16.04 LTS:\n  hostapd                         2.4-0ubuntu6.2\n  wpasupplicant                   2.4-0ubuntu6.2\n\nUbuntu 14.04 LTS:\n  hostapd                         2.1-0ubuntu1.5\n  wpasupplicant                   2.1-0ubuntu1.5\n\nAfter a standard system update you need to reboot your computer to make\nall the necessary changes. -----BEGIN PGP SIGNED MESSAGE-----\nHash: SHA512\n\n=============================================================================\nFreeBSD-SA-17:07.wpa                                        Security Advisory\n                                                          The FreeBSD Project\n\nTopic:          WPA2 protocol vulnerability\n\nCategory:       contrib\nModule:         wpa\nAnnounced:      2017-10-16\nCredits:        Mathy Vanhoef\nAffects:        All supported versions of FreeBSD. \nCorrected:      2017-10-17 17:30:18 UTC (stable/11, 11.1-STABLE)\n                2017-10-17 17:57:18 UTC (releng/11.1, 11.1-RELEASE-p2)\n                2017-10-17 17:56:03 UTC (releng/11.0, 11.0-RELEASE-p13)\n                2017-10-19 03:18:22 UTC (stable/10, 10.4-STABLE)\n                2017-10-19 03:20:17 UTC (releng/10.4, 10.4-RELEASE-p1)\n                2017-10-19 03:19:42 UTC (releng/10.3, 10.3-RELEASE-p22)\nCVE Name:       CVE-2017-13077, CVE-2017-13078, CVE-2017-13079,\n                CVE-2017-13080, CVE-2017-13081, CVE-2017-13082,\n                CVE-2017-13086, CVE-2017-13087, CVE-2017-13088\n\nFor general information regarding FreeBSD Security Advisories,\nincluding descriptions of the fields above, security branches, and the\nfollowing sections, please visit \u003cURL:https://security.FreeBSD.org/\u003e. \n\n0.   Revision history\n\nv1.0  2017-10-17 Initial release. \nv1.1  2017-10-19 Add patches for 10.x releases. \n\nI. \n\nhostapd and wpa_supplicant are implementations of user space daemon for\naccess points and wireless client that implements the WPA2 protocol. \n\nII.  Problem Description\n\nA vulnerability was found in how a number of implementations can be\ntriggered to reconfigure WPA/WPA2/RSN keys (TK, GTK, or IGTK) by\nreplaying a specific frame that is used to manage the keys. \n\nIII. Impact\n\nSuch reinstallation of the encryption key can result in two different\ntypes of vulnerabilities: disabling replay protection and significantly\nreducing the security of encryption to the point of allowing frames to\nbe decrypted or some parts of the keys to be determined by an attacker\ndepending on which cipher is used. \n\nIV.  Workaround\n\nAn updated version of wpa_supplicant is available in the FreeBSD Ports\nCollection. Install version 2.6_2 or later of the\nsecurity/wpa_supplicant port/pkg. Once installed, update /etc/rc.conf\nto use the new binary:\n\nwpa_supplicant_program=\"/usr/local/sbin/wpa_supplicant\"\n\nand restart networking. \n\nAn updated version of hostapd is available in the FreeBSD Ports\nCollection. Install version 2.6_1 or later of the net/hostapd port/pkg. \nOnce installed, update /etc/rc.conf to use the new binary:\n\nhostapd_program=\"/usr/local/sbin/hostapd\"\n\nand restart hostapd. \n\nV.   Solution\n\nPerform one of the following:\n\n1) Upgrade your vulnerable system to a supported FreeBSD stable or\nrelease / security branch (releng) dated after the correction date. \n\nRestart the Wi-Fi network interfaces/hostapd or reboot the system. \n\n2) To update your vulnerable system via a binary patch:\n\nSystems running a RELEASE version of FreeBSD on the i386 or amd64\nplatforms can be updated via the freebsd-update(8) utility:\n\n# freebsd-update fetch\n# freebsd-update install\n\nRestart the Wi-Fi network interfaces/hostapd or reboot the system. \n\n3) To update your vulnerable system via a source code patch:\n\nThe following patches have been verified to apply to the applicable\nFreeBSD release branches. \n\na) Download the relevant patch from the location below, and verify the\ndetached PGP signature using your PGP utility. \n\n[FreeBSD 11.0-RELEASE, 11.1-RELEASE, and 11-STABLE]\n# fetch https://security.FreeBSD.org/patches/SA-17:07/wpa-11.patch\n# fetch https://security.FreeBSD.org/patches/SA-17:07/wpa-11.patch.asc\n# gpg --verify wpa-11.patch.asc\n\n[FreeBSD 10.3-RELEASE, 10.4-RELEASE, and 10-STABLE]\n# fetch https://security.FreeBSD.org/patches/SA-17:07/wpa-10.patch\n# fetch https://security.FreeBSD.org/patches/SA-17:07/wpa-10.patch.asc\n# gpg --verify wpa-10.patch.asc\n\nb) Apply the patch.  Execute the following commands as root:\n\n# cd /usr/src\n# patch \u003c /path/to/patch\n\nc) Recompile the operating system using buildworld and installworld as\ndescribed in \u003cURL:https://www.FreeBSD.org/handbook/makeworld.html\u003e. \n\nRestart the applicable daemons, or reboot the system. \n\nVI.  Correction details\n\nThe following list contains the correction revision numbers for each\naffected branch. \n\nBranch/path                                                      Revision\n- -------------------------------------------------------------------------\nstable/11/                                                        r324697\nreleng/11.0/                                                      r324698\nreleng/11.1/                                                      r324699\nstable/10/                                                        r324739\nreleng/10.3/                                                      r324740\nreleng/10.4/                                                      r324741\n- -------------------------------------------------------------------------\n\nTo see which files were modified by a particular revision, run the\nfollowing command, replacing NNNNNN with the revision number, on a\nmachine with Subversion installed:\n\n# svn diff -cNNNNNN --summarize svn://svn.freebsd.org/base\n\nOr visit the following URL, replacing NNNNNN with the revision number:\n\n\u003cURL:https://svnweb.freebsd.org/base?view=revision\u0026revision=NNNNNN\u003e\n\nVII. References\n\n\u003cURL:https://w1.fi/security/2017-1/wpa-packet-number-reuse-with-replayed-messages.txt\u003e\n\u003cURL:https://www.krackattacks.com/\u003e\n\nThe latest revision of this advisory is available at\n\u003cURL:https://security.FreeBSD.org/advisories/FreeBSD-SA-17:07.wpa.asc\u003e\n-----BEGIN PGP SIGNATURE-----\n\niQKTBAEBCgB9FiEEHPf/b631yp++G4yy7Wfs1l3PaucFAlnoGpNfFIAAAAAALgAo\naXNzdWVyLWZwckBub3RhdGlvbnMub3BlbnBncC5maWZ0aGhvcnNlbWFuLm5ldDFD\nRjdGRjZGQURGNUNBOUZCRTFCOENCMkVENjdFQ0Q2NURDRjZBRTcACgkQ7Wfs1l3P\nauc7WBAAm27w+fujv5sJsRxauUMopTVtRh5utwbDuoHTP+L+RCWmQfVBmueNQ0gf\nuJzMNxBIkbtY9LvyukpRsH3iD7mh26c0pd9rxxkkr4F96C9B5+W0amxJF1gdm54/\nF/50FpY+lo7cNs5tiBjypPrg8UOBBI/1G4XR7130XC0HjaTwt1ngZ0oQUWUMSsIp\ngN5ZfPul81WPWd1NqF+vyObcJhwq/Y1uoexoO27o7GQCFZoL3enZy8c4f1xqMlVM\n4HHkTgNGac6E0aW+ArH4J0DFFAOJXPqF8rdt+9XINfoBbtliIyOixJ4oh1n6eAR0\nVpBWZKFNyXSlUKIvDGa+LDhxgL1jJXV0ABSyKlUOijdmr3bbbiQE9MW/MNv2AFTd\nOAFQ0QQtm9KCWp5JLh+FPIb/kR2l7MOUP+yz4zFcJpdGtl9tDLyPN8vRTq60bY8O\ny7tBcf/SMqkd/AIFdchL4zrOguKnRARydIlwTarp8wtAQI3MKSsa1B0wgsDtlL6K\nxfdjnwWMKvKKlNOW16e1WXXO0n/ucHV4njBE+bGPro3jLgXP2/WFZpIGAR3I4xrr\nSdD4AxSNiR9f3bL7LRfMIbugJAylWNSlTLWUOVUv0/ONh85LqbcCj13NI230B64K\nETx2QOZgKnCs2oDNiw4aQHb7kvi2w94Iw/R1sAPkkxYJWO3reyE=\n=h/5q\n-----END PGP SIGNATURE-----\n. \n\n\nHere are the details from the Slackware 14.2 ChangeLog:\n+--------------------------+\npatches/packages/wpa_supplicant-2.6-i586-1_slack14.2.txz:  Upgraded. \n  This update includes patches to mitigate the WPA2 protocol issues known\n  as \"KRACK\" (Key Reinstallation AttaCK), which may be used to decrypt data,\n  hijack TCP connections, and to forge and inject packets. \n  For more information, see:\n    https://www.krackattacks.com/\n    https://w1.fi/security/2017-1/wpa-packet-number-reuse-with-replayed-messages.txt\n    https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-13077\n    https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-13078\n    https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-13079\n    https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-13080\n    https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-13081\n    https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-13082\n    https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-13084\n    https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-13086\n    https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-13087\n    https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-13088\n  (* Security fix *)\n+--------------------------+\n\n\nWhere to find the new packages:\n+-----------------------------+\n\nThanks to the friendly folks at the OSU Open Source Lab\n(http://osuosl.org) for donating FTP and rsync hosting\nto the Slackware project!  :-)\n\nAlso see the \"Get Slack\" section on http://slackware.com for\nadditional mirror sites near you. \n\nUpdated package for Slackware 14.0:\nftp://ftp.slackware.com/pub/slackware/slackware-14.0/patches/packages/wpa_supplicant-2.6-i486-1_slack14.0.txz\n\nUpdated package for Slackware x86_64 14.0:\nftp://ftp.slackware.com/pub/slackware/slackware64-14.0/patches/packages/wpa_supplicant-2.6-x86_64-1_slack14.0.txz\n\nUpdated package for Slackware 14.1:\nftp://ftp.slackware.com/pub/slackware/slackware-14.1/patches/packages/wpa_supplicant-2.6-i486-1_slack14.1.txz\n\nUpdated package for Slackware x86_64 14.1:\nftp://ftp.slackware.com/pub/slackware/slackware64-14.1/patches/packages/wpa_supplicant-2.6-x86_64-1_slack14.1.txz\n\nUpdated package for Slackware 14.2:\nftp://ftp.slackware.com/pub/slackware/slackware-14.2/patches/packages/wpa_supplicant-2.6-i586-1_slack14.2.txz\n\nUpdated package for Slackware x86_64 14.2:\nftp://ftp.slackware.com/pub/slackware/slackware64-14.2/patches/packages/wpa_supplicant-2.6-x86_64-1_slack14.2.txz\n\nUpdated package for Slackware -current:\nftp://ftp.slackware.com/pub/slackware/slackware-current/slackware/n/wpa_supplicant-2.6-i586-2.txz\n\nUpdated package for Slackware x86_64 -current:\nftp://ftp.slackware.com/pub/slackware/slackware64-current/slackware64/n/wpa_supplicant-2.6-x86_64-2.txz\n\n\nMD5 signatures:\n+-------------+\n\nSlackware 14.0 package:\nd8ecfaadb50b3547967ab53733ffc019  wpa_supplicant-2.6-i486-1_slack14.0.txz\n\nSlackware x86_64 14.0 package:\nf25216d28800504ce498705da7c9a825  wpa_supplicant-2.6-x86_64-1_slack14.0.txz\n\nSlackware 14.1 package:\n15c61050e4bab2581757befd86be74c0  wpa_supplicant-2.6-i486-1_slack14.1.txz\n\nSlackware x86_64 14.1 package:\n49fd537a520338744f7757615556d352  wpa_supplicant-2.6-x86_64-1_slack14.1.txz\n\nSlackware 14.2 package:\nc5539f40c8510af89be92945f0f80185  wpa_supplicant-2.6-i586-1_slack14.2.txz\n\nSlackware x86_64 14.2 package:\n4c527ff84fcdfd7839f217bbce2e4ae4  wpa_supplicant-2.6-x86_64-1_slack14.2.txz\n\nSlackware -current package:\n28bd88a54e96368f7a7020c1f5fb67fe  n/wpa_supplicant-2.6-i586-2.txz\n\nSlackware x86_64 -current package:\n464fc6b48d1ac077f47e9a3a8534c160  n/wpa_supplicant-2.6-x86_64-2.txz\n\n\nInstallation instructions:\n+------------------------+\n\nUpgrade the package as root:\n# upgradepkg wpa_supplicant-2.6-i586-1_slack14.2.txz\n\n\n+-----+\n\nSlackware Linux Security Team\nhttp://slackware.com/gpg-key\nsecurity@slackware.com\n\n+------------------------------------------------------------------------+\n| To leave the slackware-security mailing list:                          |\n+------------------------------------------------------------------------+\n| Send an email to majordomo@slackware.com with this text in the body of |\n| the email message:                                                     |\n|                                                                        |\n|   unsubscribe slackware-security                                       |\n|                                                                        |\n| You will get a confirmation message back containing instructions to    |\n| complete the process.  Please do not reply to this email address",
        "sources": [
          {
            "db": "NVD",
            "id": "CVE-2017-13082"
          },
          {
            "db": "CERT/CC",
            "id": "VU#228519"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2017-009175"
          },
          {
            "db": "CNVD",
            "id": "CNVD-2017-30401"
          },
          {
            "db": "BID",
            "id": "101274"
          },
          {
            "db": "IVD",
            "id": "aa65fb94-7ce8-4cab-aa5a-818ddc180c3c"
          },
          {
            "db": "VULMON",
            "id": "CVE-2017-13082"
          },
          {
            "db": "PACKETSTORM",
            "id": "144652"
          },
          {
            "db": "PACKETSTORM",
            "id": "144630"
          },
          {
            "db": "PACKETSTORM",
            "id": "144632"
          },
          {
            "db": "PACKETSTORM",
            "id": "144669"
          },
          {
            "db": "PACKETSTORM",
            "id": "144663"
          }
        ],
        "trust": 3.87
      },
      "external_ids": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/external_ids#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "db": "CERT/CC",
            "id": "VU#228519",
            "trust": 4.2
          },
          {
            "db": "NVD",
            "id": "CVE-2017-13082",
            "trust": 4.1
          },
          {
            "db": "ICS CERT",
            "id": "ICSA-17-299-02",
            "trust": 2.8
          },
          {
            "db": "BID",
            "id": "101274",
            "trust": 2.6
          },
          {
            "db": "LENOVO",
            "id": "LEN-17420",
            "trust": 2.5
          },
          {
            "db": "SECTRACK",
            "id": "1039571",
            "trust": 1.7
          },
          {
            "db": "SECTRACK",
            "id": "1039581",
            "trust": 1.7
          },
          {
            "db": "SECTRACK",
            "id": "1039570",
            "trust": 1.7
          },
          {
            "db": "SECTRACK",
            "id": "1039573",
            "trust": 1.7
          },
          {
            "db": "SIEMENS",
            "id": "SSA-901333",
            "trust": 1.7
          },
          {
            "db": "CERT@VDE",
            "id": "VDE-2017-005",
            "trust": 1.7
          },
          {
            "db": "ICS CERT",
            "id": "ICSMA-18-114-01",
            "trust": 1.2
          },
          {
            "db": "ICS CERT",
            "id": "ICSMA-19-029-01",
            "trust": 1.1
          },
          {
            "db": "ICS CERT",
            "id": "ICSA-17-353-02",
            "trust": 1.1
          },
          {
            "db": "ICS CERT",
            "id": "ICSA-17-318-01",
            "trust": 1.1
          },
          {
            "db": "CNVD",
            "id": "CNVD-2017-30401",
            "trust": 0.8
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201710-385",
            "trust": 0.8
          },
          {
            "db": "JUNIPER",
            "id": "JSA10827",
            "trust": 0.8
          },
          {
            "db": "DLINK",
            "id": "SAP10075",
            "trust": 0.8
          },
          {
            "db": "ICS CERT",
            "id": "ICSA-17-318-02A",
            "trust": 0.8
          },
          {
            "db": "JVN",
            "id": "JVNVU90609033",
            "trust": 0.8
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2017-009175",
            "trust": 0.8
          },
          {
            "db": "AUSCERT",
            "id": "ESB-2020.4125",
            "trust": 0.6
          },
          {
            "db": "ICS CERT",
            "id": "ICSA-17-318-02",
            "trust": 0.3
          },
          {
            "db": "ICS CERT",
            "id": "ICSA-17-325-01",
            "trust": 0.3
          },
          {
            "db": "IVD",
            "id": "AA65FB94-7CE8-4CAB-AA5A-818DDC180C3C",
            "trust": 0.2
          },
          {
            "db": "VULMON",
            "id": "CVE-2017-13082",
            "trust": 0.1
          },
          {
            "db": "PACKETSTORM",
            "id": "144652",
            "trust": 0.1
          },
          {
            "db": "PACKETSTORM",
            "id": "144630",
            "trust": 0.1
          },
          {
            "db": "PACKETSTORM",
            "id": "144632",
            "trust": 0.1
          },
          {
            "db": "PACKETSTORM",
            "id": "144669",
            "trust": 0.1
          },
          {
            "db": "PACKETSTORM",
            "id": "144663",
            "trust": 0.1
          }
        ],
        "sources": [
          {
            "db": "IVD",
            "id": "aa65fb94-7ce8-4cab-aa5a-818ddc180c3c"
          },
          {
            "db": "CERT/CC",
            "id": "VU#228519"
          },
          {
            "db": "CNVD",
            "id": "CNVD-2017-30401"
          },
          {
            "db": "VULMON",
            "id": "CVE-2017-13082"
          },
          {
            "db": "BID",
            "id": "101274"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2017-009175"
          },
          {
            "db": "PACKETSTORM",
            "id": "144652"
          },
          {
            "db": "PACKETSTORM",
            "id": "144630"
          },
          {
            "db": "PACKETSTORM",
            "id": "144632"
          },
          {
            "db": "PACKETSTORM",
            "id": "144669"
          },
          {
            "db": "PACKETSTORM",
            "id": "144663"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201710-385"
          },
          {
            "db": "NVD",
            "id": "CVE-2017-13082"
          }
        ]
      },
      "id": "VAR-201710-0209",
      "iot": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/iot#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": true,
        "sources": [
          {
            "db": "IVD",
            "id": "aa65fb94-7ce8-4cab-aa5a-818ddc180c3c"
          },
          {
            "db": "CNVD",
            "id": "CNVD-2017-30401"
          }
        ],
        "trust": 1.4003193450000002
      },
      "iot_taxonomy": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "category": [
              "ICS"
            ],
            "sub_category": null,
            "trust": 0.8
          }
        ],
        "sources": [
          {
            "db": "IVD",
            "id": "aa65fb94-7ce8-4cab-aa5a-818ddc180c3c"
          },
          {
            "db": "CNVD",
            "id": "CNVD-2017-30401"
          }
        ]
      },
      "last_update_date": "2025-04-20T20:43:45.693000Z",
      "patch": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/patch#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "title": "ARUBA-PSA-2017-007",
            "trust": 0.8,
            "url": "http://www.arubanetworks.com/assets/alert/ARUBA-PSA-2017-007.txt"
          },
          {
            "title": "DSA-3999",
            "trust": 0.8,
            "url": "https://www.debian.org/security/2017/dsa-3999"
          },
          {
            "title": "FreeBSD-SA-17:07.wpa",
            "trust": 0.8,
            "url": "https://www.freebsd.org/security/advisories/FreeBSD-SA-17:07.wpa.asc"
          },
          {
            "title": "LEN-17420",
            "trust": 0.8,
            "url": "https://support.lenovo.com/jp/en/product_security/len-17420"
          },
          {
            "title": "NV17-024",
            "trust": 0.8,
            "url": "http://jpn.nec.com/security-info/secinfo/nv17-024.html"
          },
          {
            "title": "KRACKs - wpa_supplicant Multiple Vulnerabilities",
            "trust": 0.8,
            "url": "https://access.redhat.com/security/vulnerabilities/kracks"
          },
          {
            "title": "RHSA-2017:2907",
            "trust": 0.8,
            "url": "https://access.redhat.com/errata/RHSA-2017:2907"
          },
          {
            "title": "USN-3455-1",
            "trust": 0.8,
            "url": "https://usn.ubuntu.com/usn/USN-3455-1/"
          },
          {
            "title": "WPA packet number reuse with replayed messages and key reinstallation",
            "trust": 0.8,
            "url": "https://w1.fi/security/2017-1/wpa-packet-number-reuse-with-replayed-messages.txt"
          },
          {
            "title": "Wi-Fi\u306e\u8a8d\u8a3c\uff0f\u6697\u53f7\u5316\u6280\u8853WPA2\u304a\u3088\u3073WPA\u306e\u8907\u6570\u306e\u8106\u5f31\u6027\u306b\u3064\u3044\u3066 ",
            "trust": 0.8,
            "url": "http://www.fujitsu.com/jp/products/network/support/2017/srm-01/index.html"
          },
          {
            "title": "WPA2\u306e\u8106\u5f31\u6027\u306b\u95a2\u3059\u308b\u5f0a\u793e\u8abf\u67fb\u30fb\u5bfe\u5fdc\u72b6\u6cc1\u306b\u3064\u3044\u3066",
            "trust": 0.8,
            "url": "http://www.iodata.jp/support/information/2017/wpa2/"
          },
          {
            "title": "\u7121\u7ddaLAN \u8a8d\u8a3c\uff0f\u6697\u53f7\u5316\u6280\u8853WPA2\u304a\u3088\u3073WPA\u306b\u95a2\u3059\u308b\u8106\u5f31\u6027\u306e\u304a\u77e5\u3089\u305b",
            "trust": 0.8,
            "url": "http://www.fmworld.net/biz/common/info/20171110/"
          },
          {
            "title": "Patch for WPA2 Wireless Network PTK-TK Encryption Key Reload Vulnerability",
            "trust": 0.6,
            "url": "https://www.cnvd.org.cn/patchInfo/show/103823"
          },
          {
            "title": "Multiple WiFi product WPA2 Security vulnerabilities",
            "trust": 0.6,
            "url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=75499"
          },
          {
            "title": "Red Hat: Important: wpa_supplicant security update",
            "trust": 0.1,
            "url": "https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories\u0026qid=RHSA-20172907 - Security Advisory"
          },
          {
            "title": "Red Hat: CVE-2017-13082",
            "trust": 0.1,
            "url": "https://vulmon.com/vendoradvisory?qidtp=red_hat_cve_database\u0026qid=CVE-2017-13082"
          },
          {
            "title": "Arch Linux Issues: ",
            "trust": 0.1,
            "url": "https://vulmon.com/vendoradvisory?qidtp=arch_linux_issues\u0026qid=CVE-2017-13082"
          },
          {
            "title": "Ubuntu Security Notice: wpa vulnerabilities",
            "trust": 0.1,
            "url": "https://vulmon.com/vendoradvisory?qidtp=ubuntu_security_notice\u0026qid=USN-3455-1"
          },
          {
            "title": "Debian Security Advisories: DSA-3999-1 wpa -- security update",
            "trust": 0.1,
            "url": "https://vulmon.com/vendoradvisory?qidtp=debian_security_advisories\u0026qid=08990d9925276738bd732fa4d58f9ef0"
          },
          {
            "title": "Arch Linux Advisories: [ASA-201710-23] hostapd: man-in-the-middle",
            "trust": 0.1,
            "url": "https://vulmon.com/vendoradvisory?qidtp=arch_linux_advisories\u0026qid=ASA-201710-23"
          },
          {
            "title": "Arch Linux Advisories: [ASA-201710-22] wpa_supplicant: man-in-the-middle",
            "trust": 0.1,
            "url": "https://vulmon.com/vendoradvisory?qidtp=arch_linux_advisories\u0026qid=ASA-201710-22"
          },
          {
            "title": "Siemens Security Advisories: Siemens Security Advisory",
            "trust": 0.1,
            "url": "https://vulmon.com/vendoradvisory?qidtp=siemens_security_advisories\u0026qid=6df91267eee9400a24a98876f50ffe84"
          },
          {
            "title": "Android Security Bulletins: Android Security Bulletin\u2014November 2017",
            "trust": 0.1,
            "url": "https://vulmon.com/vendoradvisory?qidtp=android_security_bulletins\u0026qid=8c29eb008bb212762e5cfb25c7c5c0d5"
          },
          {
            "title": "Cisco: Multiple Vulnerabilities in Wi-Fi Protected Access and Wi-Fi Protected Access II",
            "trust": 0.1,
            "url": "https://vulmon.com/vendoradvisory?qidtp=cisco_security_advisories_and_alerts_ciscoproducts\u0026qid=cisco-sa-20171016-wpa"
          },
          {
            "title": "Oracle: Oracle Critical Patch Update Advisory - April 2018",
            "trust": 0.1,
            "url": "https://vulmon.com/vendoradvisory?qidtp=oracle_advisories\u0026qid=4019ca77f50c7a34e4d97833e6f3321e"
          },
          {
            "title": "Oracle Linux Bulletins: Oracle Linux Bulletin - October 2017",
            "trust": 0.1,
            "url": "https://vulmon.com/vendoradvisory?qidtp=oracle_linux_bulletins\u0026qid=7251d5e5f2b1771951980ad7cfde50ba"
          },
          {
            "title": "Oracle: Oracle Critical Patch Update Advisory - January 2018",
            "trust": 0.1,
            "url": "https://vulmon.com/vendoradvisory?qidtp=oracle_advisories\u0026qid=e2a7f287e9acc8c64ab3df71130bc64d"
          },
          {
            "title": "KRACK",
            "trust": 0.1,
            "url": "https://github.com/chinatso/KRACK "
          },
          {
            "title": "krackinfo",
            "trust": 0.1,
            "url": "https://github.com/kristate/krackinfo "
          },
          {
            "title": "nixos-issue-db-example",
            "trust": 0.1,
            "url": "https://github.com/andir/nixos-issue-db-example "
          },
          {
            "title": "The Register",
            "trust": 0.1,
            "url": "https://www.theregister.co.uk/2017/11/07/android_november_security_update/"
          },
          {
            "title": "Threatpost",
            "trust": 0.1,
            "url": "https://threatpost.com/cisco-warns-69-products-impacted-by-krack/128546/"
          },
          {
            "title": "The Register",
            "trust": 0.1,
            "url": "https://www.theregister.co.uk/2017/10/16/wpa2_inscure_krackattack/"
          },
          {
            "title": "BleepingComputer",
            "trust": 0.1,
            "url": "https://www.bleepingcomputer.com/news/security/list-of-firmware-and-driver-updates-for-krack-wpa2-vulnerability/"
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2017-30401"
          },
          {
            "db": "VULMON",
            "id": "CVE-2017-13082"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2017-009175"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201710-385"
          }
        ]
      },
      "problemtype_data": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "problemtype": "CWE-323",
            "trust": 1.0
          },
          {
            "problemtype": "CWE-330",
            "trust": 1.0
          },
          {
            "problemtype": "CWE-254",
            "trust": 0.8
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2017-009175"
          },
          {
            "db": "NVD",
            "id": "CVE-2017-13082"
          }
        ]
      },
      "references": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/references#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "trust": 3.7,
            "url": "https://www.krackattacks.com/"
          },
          {
            "trust": 3.3,
            "url": "https://source.android.com/security/bulletin/2017-11-01"
          },
          {
            "trust": 2.9,
            "url": "http://www.securityfocus.com/bid/101274"
          },
          {
            "trust": 2.8,
            "url": "http://www.arubanetworks.com/assets/alert/aruba-psa-2017-007.txt"
          },
          {
            "trust": 2.8,
            "url": "https://tools.cisco.com/security/center/content/ciscosecurityadvisory/cisco-sa-20171016-wpa"
          },
          {
            "trust": 2.8,
            "url": "https://ics-cert.us-cert.gov/advisories/icsa-17-299-02"
          },
          {
            "trust": 2.6,
            "url": "https://access.redhat.com/security/vulnerabilities/kracks"
          },
          {
            "trust": 2.5,
            "url": "http://www.debian.org/security/2017/dsa-3999"
          },
          {
            "trust": 2.2,
            "url": "https://access.redhat.com/errata/rhsa-2017:2907"
          },
          {
            "trust": 2.1,
            "url": "http://www.kb.cert.org/vuls/id/228519"
          },
          {
            "trust": 2.0,
            "url": "http://www.oracle.com/technetwork/security-advisory/cpuapr2018-3678067.html"
          },
          {
            "trust": 1.8,
            "url": "https://w1.fi/security/2017-1/wpa-packet-number-reuse-with-replayed-messages.txt"
          },
          {
            "trust": 1.8,
            "url": "http://www.ubuntu.com/usn/usn-3455-1"
          },
          {
            "trust": 1.7,
            "url": "http://www.securitytracker.com/id/1039581"
          },
          {
            "trust": 1.7,
            "url": "http://www.securitytracker.com/id/1039573"
          },
          {
            "trust": 1.7,
            "url": "http://www.securitytracker.com/id/1039571"
          },
          {
            "trust": 1.7,
            "url": "http://www.securitytracker.com/id/1039570"
          },
          {
            "trust": 1.7,
            "url": "https://support.lenovo.com/us/en/product_security/len-17420"
          },
          {
            "trust": 1.7,
            "url": "https://security.freebsd.org/advisories/freebsd-sa-17:07.wpa.asc"
          },
          {
            "trust": 1.7,
            "url": "https://github.com/vanhoefm/krackattacks-test-ap-ft"
          },
          {
            "trust": 1.7,
            "url": "https://security.gentoo.org/glsa/201711-03"
          },
          {
            "trust": 1.7,
            "url": "http://www.oracle.com/technetwork/security-advisory/cpujan2018-3236628.html"
          },
          {
            "trust": 1.7,
            "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-901333.pdf"
          },
          {
            "trust": 1.7,
            "url": "https://cert.vde.com/en-us/advisories/vde-2017-005"
          },
          {
            "trust": 1.7,
            "url": "https://rockwellautomation.custhelp.com/app/answers/detail/a_id/1066697"
          },
          {
            "trust": 1.3,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2017-13082"
          },
          {
            "trust": 1.2,
            "url": "https://ics-cert.us-cert.gov/advisories/icsma-18-114-01"
          },
          {
            "trust": 1.1,
            "url": "https://papers.mathyvanhoef.com/ccs2017.pdf"
          },
          {
            "trust": 1.1,
            "url": "https://w1.fi/security/2017-1/"
          },
          {
            "trust": 1.1,
            "url": "https://security-center.intel.com/advisory.aspx?intelid=intel-sa-00101\u0026languageid=en-fr"
          },
          {
            "trust": 1.1,
            "url": "https://portal.msrc.microsoft.com/en-us/security-guidance/advisory/cve-2017-13080"
          },
          {
            "trust": 1.1,
            "url": "http://lists.opensuse.org/opensuse-security-announce/2020-02/msg00021.html"
          },
          {
            "trust": 1.1,
            "url": "https://ics-cert.us-cert.gov/advisories/icsa-17-353-02"
          },
          {
            "trust": 1.1,
            "url": "https://ics-cert.us-cert.gov/advisories/icsa-17-318-01"
          },
          {
            "trust": 1.1,
            "url": "https://ics-cert.us-cert.gov/advisories/icsma-19-029-01"
          },
          {
            "trust": 0.9,
            "url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2017-13082"
          },
          {
            "trust": 0.8,
            "url": "https://cwe.mitre.org/data/definitions/323.html"
          },
          {
            "trust": 0.8,
            "url": "https://actiontecsupport.zendesk.com/hc/en-us/articles/115005205283-krack-vulnerability"
          },
          {
            "trust": 0.8,
            "url": "https://www3.aerohive.com/support/security-bulletins/product-security-announcement-aerohives-response-to-krack-10162017.html"
          },
          {
            "trust": 0.8,
            "url": "https://www.al-enterprise.com/en/support/security-alert-krack"
          },
          {
            "trust": 0.8,
            "url": "https://support.apple.com/en-gb/ht208222"
          },
          {
            "trust": 0.8,
            "url": "https://security.archlinux.org/avg-447"
          },
          {
            "trust": 0.8,
            "url": "https://www.asus.com/static_webpage/asus-product-security-advisory/"
          },
          {
            "trust": 0.8,
            "url": "https://community.barracudanetworks.com/forum/index.php?/topic/23525-security-advisories/page-2"
          },
          {
            "trust": 0.8,
            "url": "https://lists.centos.org/pipermail/centos-announce/2017-october/022569.html"
          },
          {
            "trust": 0.8,
            "url": "https://community.cypress.com/docs/doc-13871"
          },
          {
            "trust": 0.8,
            "url": "http://supportannouncement.us.dlink.com/announcement/publication.aspx?name=sap10075"
          },
          {
            "trust": 0.8,
            "url": "http://www.dell.com/support/article/sln307822"
          },
          {
            "trust": 0.8,
            "url": "https://github.com/espressif/esp8266_nonos_sdk"
          },
          {
            "trust": 0.8,
            "url": "https://extremeportal.force.com/extrarticledetail?n=000018005"
          },
          {
            "trust": 0.8,
            "url": "https://bodhi.fedoraproject.org/updates/fedora-2017-60bfb576b7"
          },
          {
            "trust": 0.8,
            "url": "http://www.fortiguard.com/psirt/fg-ir-17-196"
          },
          {
            "trust": 0.8,
            "url": "https://www.freebsd.org/security/advisories/freebsd-sa-17:07.wpa.asc"
          },
          {
            "trust": 0.8,
            "url": "https://bugs.gentoo.org/634440"
          },
          {
            "trust": 0.8,
            "url": "https://support.hpe.com/hpsc/doc/public/display?sp4ts.oid=null\u0026doclocale=en_us\u0026docid=emr_na-a00029151en_us"
          },
          {
            "trust": 0.8,
            "url": "https://kb.juniper.net/jsa10827"
          },
          {
            "trust": 0.8,
            "url": "https://support.lenovo.com/ca/en/product_security/len-17420"
          },
          {
            "trust": 0.8,
            "url": "http://www.microchip.com/wwwproducts/en/atwinc1500"
          },
          {
            "trust": 0.8,
            "url": "http://mail-index.netbsd.org/source-changes/2017/10/16/msg088877.html"
          },
          {
            "trust": 0.8,
            "url": "https://kb.netgear.com/000049498/security-advisory-for-wpa-2-vulnerabilities-psv-2017-2826-psv-2017-2836-psv-2017-2837"
          },
          {
            "trust": 0.8,
            "url": "https://forum.peplink.com/t/security-advisory-wpa2-vulnerability-vu-228519/12715"
          },
          {
            "trust": 0.8,
            "url": "https://ruckus-www.s3.amazonaws.com/pdf/security/faq-security-advisory-id-101617-v1.0.pdf"
          },
          {
            "trust": 0.8,
            "url": "https://www.suse.com/de-de/support/kb/doc/?id=7022107"
          },
          {
            "trust": 0.8,
            "url": "https://source.sierrawireless.com/resources/airlink/software_reference_docs/technical-bulletin/sierra-wireless-technical-bulletin---wpa-and-wpa2-vulnerabilities/"
          },
          {
            "trust": 0.8,
            "url": "http://www.slackware.com/changelog/stable.php?cpu=x86_64"
          },
          {
            "trust": 0.8,
            "url": "https://community.sophos.com/kb/en-us/127658"
          },
          {
            "trust": 0.8,
            "url": "https://www.toshibacommerce.com/wps/myportal/%21ut/p/a1/rzrnc8igeiz_sw8egqhjcdmmwr8abw2dqcnfoyqotidrrk399uxrrwotuzgws7a87y6z88iuzmcq2u4uwcnlzypjnjj5-exr_wnhya-laxtrid-j3uchdtb8gylmuw6qzgktovtowsrrqlrs6-8dbeqhwc1mykqnlabgdjlf1yjvn7i5af4qtdwsn2tri7j"
          },
          {
            "trust": 0.8,
            "url": "http://www.toshiba-personalstorage.net/en/news/hdd/ot_notice/20171017.htm"
          },
          {
            "trust": 0.8,
            "url": "http://support.toshiba.com/support/staticcontentdetail?contentid=4015875\u0026isfromtoclink=false"
          },
          {
            "trust": 0.8,
            "url": "https://community.ubnt.com/t5/unifi-updates-blog/firmware-3-9-3-7537-for-uap-usw-has-been-released/ba-p/2099365"
          },
          {
            "trust": 0.8,
            "url": "https://usn.ubuntu.com/usn/usn-3455-1/"
          },
          {
            "trust": 0.8,
            "url": "http://en.miui.com/thread-954223-1-1.html"
          },
          {
            "trust": 0.8,
            "url": "https://www.zebra.com/content/dam/zebra_new_ia/en-us/support-and-downloads/lifeguard-security/krack-security-bulletin.pdf"
          },
          {
            "trust": 0.8,
            "url": "http://www.zyxel.com/support/announcement_wpa2_key_management.shtml"
          },
          {
            "trust": 0.8,
            "url": "https://supportcenter.checkpoint.com/supportcenter/portal?eventsubmit_dogoviewsolutiondetails=\u0026solutionid=sk120938"
          },
          {
            "trust": 0.8,
            "url": "https://community.rsa.com/docs/doc-84103"
          },
          {
            "trust": 0.8,
            "url": "https://support.f5.com/csp/article/k23642330"
          },
          {
            "trust": 0.8,
            "url": "https://forum.mikrotik.com/viewtopic.php?f=21\u0026t=126695"
          },
          {
            "trust": 0.8,
            "url": "https://community.linksys.com/t5/wireless-routers/krack-vulnerability/td-p/1218573"
          },
          {
            "trust": 0.8,
            "url": "https://ics-cert.us-cert.gov/advisories/icsa-17-318-02a"
          },
          {
            "trust": 0.8,
            "url": "https://www.ipa.go.jp/security/ciadr/vul/20171017_wpa2.html"
          },
          {
            "trust": 0.8,
            "url": "http://jvn.jp/vu/jvnvu90609033/index.html"
          },
          {
            "trust": 0.8,
            "url": "https://www.kb.cert.org/vuls/id/cheu-aqnmyp"
          },
          {
            "trust": 0.6,
            "url": "https://www.kb.cert.org/vuls/id/228519/"
          },
          {
            "trust": 0.6,
            "url": "https://www.auscert.org.au/bulletins/esb-2020.4125/"
          },
          {
            "trust": 0.5,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2017-13078"
          },
          {
            "trust": 0.5,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2017-13087"
          },
          {
            "trust": 0.5,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2017-13086"
          },
          {
            "trust": 0.5,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2017-13077"
          },
          {
            "trust": 0.5,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2017-13080"
          },
          {
            "trust": 0.5,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2017-13088"
          },
          {
            "trust": 0.4,
            "url": "https://access.redhat.com/security/cve/cve-2017-13077"
          },
          {
            "trust": 0.4,
            "url": "https://access.redhat.com/security/cve/cve-2017-13078"
          },
          {
            "trust": 0.4,
            "url": "https://access.redhat.com/security/cve/cve-2017-13080"
          },
          {
            "trust": 0.4,
            "url": "https://access.redhat.com/security/cve/cve-2017-13082"
          },
          {
            "trust": 0.4,
            "url": "https://access.redhat.com/security/cve/cve-2017-13086"
          },
          {
            "trust": 0.4,
            "url": "https://access.redhat.com/security/cve/cve-2017-13087"
          },
          {
            "trust": 0.4,
            "url": "https://access.redhat.com/security/cve/cve-2017-13088"
          },
          {
            "trust": 0.4,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2017-13081"
          },
          {
            "trust": 0.4,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2017-13079"
          },
          {
            "trust": 0.3,
            "url": "https://github.com/stevenhoneyman/wpa_gui/tree/master/wpa_supplicant-2.4"
          },
          {
            "trust": 0.3,
            "url": "http://www.wi-fi.org/index.php"
          },
          {
            "trust": 0.3,
            "url": "https://support.apple.com/en-ie/ht208847"
          },
          {
            "trust": 0.3,
            "url": "https://support.apple.com/en-in/ht208334"
          },
          {
            "trust": 0.3,
            "url": "https://support.apple.com/en-in/ht208327"
          },
          {
            "trust": 0.3,
            "url": "https://support.apple.com/en-in/ht208325"
          },
          {
            "trust": 0.3,
            "url": "https://lists.apple.com/archives/security-announce/2017/dec/msg00009.html"
          },
          {
            "trust": 0.3,
            "url": "https://lists.apple.com/archives/security-announce/2017/dec/msg00008.html"
          },
          {
            "trust": 0.3,
            "url": "https://lists.apple.com/archives/security-announce/2018/jul/msg00000.html"
          },
          {
            "trust": 0.3,
            "url": "https://access.redhat.com/security/cve/cve-2017-13079"
          },
          {
            "trust": 0.3,
            "url": "https://access.redhat.com/security/cve/cve-2017-13081"
          },
          {
            "trust": 0.3,
            "url": "https://access.redhat.com/security/cve/cve-2017-13084"
          },
          {
            "trust": 0.3,
            "url": "http://docs.fortinet.com/uploaded/files/3961/fortiap-v5.6.1-release-notes.pdf"
          },
          {
            "trust": 0.3,
            "url": "https://ics-cert.us-cert.gov/advisories/icsa-17-318-02"
          },
          {
            "trust": 0.3,
            "url": "https://ics-cert.us-cert.gov/advisories/icsa-17-325-01"
          },
          {
            "trust": 0.3,
            "url": "https://access.redhat.com/errata/rhsa-2017:2911"
          },
          {
            "trust": 0.1,
            "url": "https://cwe.mitre.org/data/definitions/330.html"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov"
          },
          {
            "trust": 0.1,
            "url": "https://threatpost.com/cisco-warns-69-products-impacted-by-krack/128546/"
          },
          {
            "trust": 0.1,
            "url": "https://access.redhat.com/security/updates/classification/#important"
          },
          {
            "trust": 0.1,
            "url": "https://access.redhat.com/articles/11258"
          },
          {
            "trust": 0.1,
            "url": "https://access.redhat.com/security/team/contact/"
          },
          {
            "trust": 0.1,
            "url": "https://www.redhat.com/mailman/listinfo/rhsa-announce"
          },
          {
            "trust": 0.1,
            "url": "https://bugzilla.redhat.com/):"
          },
          {
            "trust": 0.1,
            "url": "https://access.redhat.com/security/team/key/"
          },
          {
            "trust": 0.1,
            "url": "https://www.debian.org/security/faq"
          },
          {
            "trust": 0.1,
            "url": "https://www.debian.org/security/"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2016-4476"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2016-4477"
          },
          {
            "trust": 0.1,
            "url": "https://launchpad.net/ubuntu/+source/wpa/2.1-0ubuntu1.5"
          },
          {
            "trust": 0.1,
            "url": "https://launchpad.net/ubuntu/+source/wpa/2.4-0ubuntu9.1"
          },
          {
            "trust": 0.1,
            "url": "https://launchpad.net/ubuntu/+source/wpa/2.4-0ubuntu6.2"
          },
          {
            "trust": 0.1,
            "url": "https://security.freebsd.org/patches/sa-17:07/wpa-10.patch.asc"
          },
          {
            "trust": 0.1,
            "url": "https://security.freebsd.org/advisories/freebsd-sa-17:07.wpa.asc\u003e"
          },
          {
            "trust": 0.1,
            "url": "https://svnweb.freebsd.org/base?view=revision\u0026revision=nnnnnn\u003e"
          },
          {
            "trust": 0.1,
            "url": "https://www.krackattacks.com/\u003e"
          },
          {
            "trust": 0.1,
            "url": "https://security.freebsd.org/patches/sa-17:07/wpa-11.patch.asc"
          },
          {
            "trust": 0.1,
            "url": "https://security.freebsd.org/\u003e."
          },
          {
            "trust": 0.1,
            "url": "https://security.freebsd.org/patches/sa-17:07/wpa-11.patch"
          },
          {
            "trust": 0.1,
            "url": "https://security.freebsd.org/patches/sa-17:07/wpa-10.patch"
          },
          {
            "trust": 0.1,
            "url": "https://www.freebsd.org/handbook/makeworld.html\u003e."
          },
          {
            "trust": 0.1,
            "url": "https://w1.fi/security/2017-1/wpa-packet-number-reuse-with-replayed-messages.txt\u003e"
          },
          {
            "trust": 0.1,
            "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2017-13078"
          },
          {
            "trust": 0.1,
            "url": "http://slackware.com"
          },
          {
            "trust": 0.1,
            "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2017-13080"
          },
          {
            "trust": 0.1,
            "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2017-13077"
          },
          {
            "trust": 0.1,
            "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2017-13087"
          },
          {
            "trust": 0.1,
            "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2017-13081"
          },
          {
            "trust": 0.1,
            "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2017-13084"
          },
          {
            "trust": 0.1,
            "url": "http://slackware.com/gpg-key"
          },
          {
            "trust": 0.1,
            "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2017-13086"
          },
          {
            "trust": 0.1,
            "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2017-13088"
          },
          {
            "trust": 0.1,
            "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2017-13079"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2017-13084"
          },
          {
            "trust": 0.1,
            "url": "http://osuosl.org)"
          }
        ],
        "sources": [
          {
            "db": "CERT/CC",
            "id": "VU#228519"
          },
          {
            "db": "CNVD",
            "id": "CNVD-2017-30401"
          },
          {
            "db": "VULMON",
            "id": "CVE-2017-13082"
          },
          {
            "db": "BID",
            "id": "101274"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2017-009175"
          },
          {
            "db": "PACKETSTORM",
            "id": "144652"
          },
          {
            "db": "PACKETSTORM",
            "id": "144630"
          },
          {
            "db": "PACKETSTORM",
            "id": "144632"
          },
          {
            "db": "PACKETSTORM",
            "id": "144669"
          },
          {
            "db": "PACKETSTORM",
            "id": "144663"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201710-385"
          },
          {
            "db": "NVD",
            "id": "CVE-2017-13082"
          }
        ]
      },
      "sources": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "db": "IVD",
            "id": "aa65fb94-7ce8-4cab-aa5a-818ddc180c3c"
          },
          {
            "db": "CERT/CC",
            "id": "VU#228519"
          },
          {
            "db": "CNVD",
            "id": "CNVD-2017-30401"
          },
          {
            "db": "VULMON",
            "id": "CVE-2017-13082"
          },
          {
            "db": "BID",
            "id": "101274"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2017-009175"
          },
          {
            "db": "PACKETSTORM",
            "id": "144652"
          },
          {
            "db": "PACKETSTORM",
            "id": "144630"
          },
          {
            "db": "PACKETSTORM",
            "id": "144632"
          },
          {
            "db": "PACKETSTORM",
            "id": "144669"
          },
          {
            "db": "PACKETSTORM",
            "id": "144663"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201710-385"
          },
          {
            "db": "NVD",
            "id": "CVE-2017-13082"
          }
        ]
      },
      "sources_release_date": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "date": "2017-10-17T00:00:00",
            "db": "IVD",
            "id": "aa65fb94-7ce8-4cab-aa5a-818ddc180c3c"
          },
          {
            "date": "2017-10-16T00:00:00",
            "db": "CERT/CC",
            "id": "VU#228519"
          },
          {
            "date": "2017-10-18T00:00:00",
            "db": "CNVD",
            "id": "CNVD-2017-30401"
          },
          {
            "date": "2017-10-17T00:00:00",
            "db": "VULMON",
            "id": "CVE-2017-13082"
          },
          {
            "date": "2017-10-16T00:00:00",
            "db": "BID",
            "id": "101274"
          },
          {
            "date": "2017-11-06T00:00:00",
            "db": "JVNDB",
            "id": "JVNDB-2017-009175"
          },
          {
            "date": "2017-10-17T16:52:00",
            "db": "PACKETSTORM",
            "id": "144652"
          },
          {
            "date": "2017-10-16T13:49:34",
            "db": "PACKETSTORM",
            "id": "144630"
          },
          {
            "date": "2017-10-16T23:23:00",
            "db": "PACKETSTORM",
            "id": "144632"
          },
          {
            "date": "2017-10-19T14:28:55",
            "db": "PACKETSTORM",
            "id": "144669"
          },
          {
            "date": "2017-10-18T20:44:00",
            "db": "PACKETSTORM",
            "id": "144663"
          },
          {
            "date": "2017-10-17T00:00:00",
            "db": "CNNVD",
            "id": "CNNVD-201710-385"
          },
          {
            "date": "2017-10-17T13:29:00.473000",
            "db": "NVD",
            "id": "CVE-2017-13082"
          }
        ]
      },
      "sources_update_date": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "date": "2017-11-16T00:00:00",
            "db": "CERT/CC",
            "id": "VU#228519"
          },
          {
            "date": "2017-10-17T00:00:00",
            "db": "CNVD",
            "id": "CNVD-2017-30401"
          },
          {
            "date": "2019-10-03T00:00:00",
            "db": "VULMON",
            "id": "CVE-2017-13082"
          },
          {
            "date": "2019-02-21T09:00:00",
            "db": "BID",
            "id": "101274"
          },
          {
            "date": "2019-02-01T00:00:00",
            "db": "JVNDB",
            "id": "JVNDB-2017-009175"
          },
          {
            "date": "2020-11-23T00:00:00",
            "db": "CNNVD",
            "id": "CNNVD-201710-385"
          },
          {
            "date": "2025-04-20T01:37:25.860000",
            "db": "NVD",
            "id": "CVE-2017-13082"
          }
        ]
      },
      "threat_type": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/threat_type#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "remote or local",
        "sources": [
          {
            "db": "CNNVD",
            "id": "CNNVD-201710-385"
          }
        ],
        "trust": 0.6
      },
      "title": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/title#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "Wi-Fi Protected Access (WPA) handshake traffic can be manipulated to induce nonce and session key reuse",
        "sources": [
          {
            "db": "CERT/CC",
            "id": "VU#228519"
          }
        ],
        "trust": 0.8
      },
      "type": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/type#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "security feature problem",
        "sources": [
          {
            "db": "CNNVD",
            "id": "CNNVD-201710-385"
          }
        ],
        "trust": 0.6
      }
    }

    VAR-201710-0213

    Vulnerability from variot - Updated: 2025-04-20 20:33

    Wi-Fi Protected Access (WPA and WPA2) allows reinstallation of the Station-To-Station-Link (STSL) Transient Key (STK) during the PeerKey handshake, allowing an attacker within radio range to replay, decrypt, or spoof frames. An attacker within range of an affected AP and client may leverage these vulnerabilities to conduct attacks that are dependent on the data confidentiality protocols being used. Attacks may include arbitrary packet decryption and injection, TCP connection hijacking, HTTP content injection, or the replay of unicast and group-addressed frames. These vulnerabilities are referred to as Key Reinstallation Attacks or "KRACK" attacks. WPA (Wi-Fi Protected Access) is a system that protects wireless computer networks (Wi-Fi). The WPA2 wireless network has a group key reload vulnerability in the PeerKey handshake. WPA2 is prone to multiple security weaknesses. Exploiting these issues may allow an unauthorized user to intercept and manipulate data or disclose sensitive information. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1

    [slackware-security] wpa_supplicant (SSA:2017-291-02)

    New wpa_supplicant packages are available for Slackware 14.0, 14.1, 14.2, and -current to fix security issues.

    Here are the details from the Slackware 14.2 ChangeLog: +--------------------------+ patches/packages/wpa_supplicant-2.6-i586-1_slack14.2.txz: Upgraded. This update includes patches to mitigate the WPA2 protocol issues known as "KRACK" (Key Reinstallation AttaCK), which may be used to decrypt data, hijack TCP connections, and to forge and inject packets. This is the list of vulnerabilities that are addressed here: CVE-2017-13077: Reinstallation of the pairwise encryption key (PTK-TK) in the 4-way handshake. CVE-2017-13082: Accepting a retransmitted Fast BSS Transition (FT) Reassociation Request and reinstalling the pairwise encryption key (PTK-TK) while processing it. CVE-2017-13084: Reinstallation of the STK key in the PeerKey handshake. CVE-2017-13086: reinstallation of the Tunneled Direct-Link Setup (TDLS) PeerKey (TPK) key in the TDLS handshake. For more information, see: https://www.krackattacks.com/ https://w1.fi/security/2017-1/wpa-packet-number-reuse-with-replayed-messages.txt https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-13077 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-13078 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-13079 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-13080 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-13081 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-13082 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-13084 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-13086 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-13087 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-13088 ( Security fix ) +--------------------------+

    Where to find the new packages: +-----------------------------+

    Thanks to the friendly folks at the OSU Open Source Lab (http://osuosl.org) for donating FTP and rsync hosting to the Slackware project! :-)

    Also see the "Get Slack" section on http://slackware.com for additional mirror sites near you.

    Updated package for Slackware 14.0: ftp://ftp.slackware.com/pub/slackware/slackware-14.0/patches/packages/wpa_supplicant-2.6-i486-1_slack14.0.txz

    Updated package for Slackware x86_64 14.0: ftp://ftp.slackware.com/pub/slackware/slackware64-14.0/patches/packages/wpa_supplicant-2.6-x86_64-1_slack14.0.txz

    Updated package for Slackware 14.1: ftp://ftp.slackware.com/pub/slackware/slackware-14.1/patches/packages/wpa_supplicant-2.6-i486-1_slack14.1.txz

    Updated package for Slackware x86_64 14.1: ftp://ftp.slackware.com/pub/slackware/slackware64-14.1/patches/packages/wpa_supplicant-2.6-x86_64-1_slack14.1.txz

    Updated package for Slackware 14.2: ftp://ftp.slackware.com/pub/slackware/slackware-14.2/patches/packages/wpa_supplicant-2.6-i586-1_slack14.2.txz

    Updated package for Slackware x86_64 14.2: ftp://ftp.slackware.com/pub/slackware/slackware64-14.2/patches/packages/wpa_supplicant-2.6-x86_64-1_slack14.2.txz

    Updated package for Slackware -current: ftp://ftp.slackware.com/pub/slackware/slackware-current/slackware/n/wpa_supplicant-2.6-i586-2.txz

    Updated package for Slackware x86_64 -current: ftp://ftp.slackware.com/pub/slackware/slackware64-current/slackware64/n/wpa_supplicant-2.6-x86_64-2.txz

    MD5 signatures: +-------------+

    Slackware 14.0 package: d8ecfaadb50b3547967ab53733ffc019 wpa_supplicant-2.6-i486-1_slack14.0.txz

    Slackware x86_64 14.0 package: f25216d28800504ce498705da7c9a825 wpa_supplicant-2.6-x86_64-1_slack14.0.txz

    Slackware 14.1 package: 15c61050e4bab2581757befd86be74c0 wpa_supplicant-2.6-i486-1_slack14.1.txz

    Slackware x86_64 14.1 package: 49fd537a520338744f7757615556d352 wpa_supplicant-2.6-x86_64-1_slack14.1.txz

    Slackware 14.2 package: c5539f40c8510af89be92945f0f80185 wpa_supplicant-2.6-i586-1_slack14.2.txz

    Slackware x86_64 14.2 package: 4c527ff84fcdfd7839f217bbce2e4ae4 wpa_supplicant-2.6-x86_64-1_slack14.2.txz

    Slackware -current package: 28bd88a54e96368f7a7020c1f5fb67fe n/wpa_supplicant-2.6-i586-2.txz

    Slackware x86_64 -current package: 464fc6b48d1ac077f47e9a3a8534c160 n/wpa_supplicant-2.6-x86_64-2.txz

    Installation instructions: +------------------------+

    Upgrade the package as root:

    upgradepkg wpa_supplicant-2.6-i586-1_slack14.2.txz

    +-----+

    Slackware Linux Security Team http://slackware.com/gpg-key security@slackware.com

    +------------------------------------------------------------------------+ | To leave the slackware-security mailing list: | +------------------------------------------------------------------------+ | Send an email to majordomo@slackware.com with this text in the body of | | the email message: | | | | unsubscribe slackware-security | | | | You will get a confirmation message back containing instructions to | | complete the process. Please do not reply to this email address. | +------------------------------------------------------------------------+ -----BEGIN PGP SIGNATURE-----

    iEYEARECAAYFAlnnrOgACgkQakRjwEAQIjPgvQCfRcXlhuFjrDNPbEUeZrYLxnkW b+4An0l5cZOdtohI7Fq0NbryWajCOnM2 =5HQM -----END PGP SIGNATURE-----

    Show details on source website

    {
      "@context": {
        "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
        "affected_products": {
          "@id": "https://www.variotdbs.pl/ref/affected_products"
        },
        "configurations": {
          "@id": "https://www.variotdbs.pl/ref/configurations"
        },
        "credits": {
          "@id": "https://www.variotdbs.pl/ref/credits"
        },
        "cvss": {
          "@id": "https://www.variotdbs.pl/ref/cvss/"
        },
        "description": {
          "@id": "https://www.variotdbs.pl/ref/description/"
        },
        "exploit_availability": {
          "@id": "https://www.variotdbs.pl/ref/exploit_availability/"
        },
        "external_ids": {
          "@id": "https://www.variotdbs.pl/ref/external_ids/"
        },
        "iot": {
          "@id": "https://www.variotdbs.pl/ref/iot/"
        },
        "iot_taxonomy": {
          "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
        },
        "patch": {
          "@id": "https://www.variotdbs.pl/ref/patch/"
        },
        "problemtype_data": {
          "@id": "https://www.variotdbs.pl/ref/problemtype_data/"
        },
        "references": {
          "@id": "https://www.variotdbs.pl/ref/references/"
        },
        "sources": {
          "@id": "https://www.variotdbs.pl/ref/sources/"
        },
        "sources_release_date": {
          "@id": "https://www.variotdbs.pl/ref/sources_release_date/"
        },
        "sources_update_date": {
          "@id": "https://www.variotdbs.pl/ref/sources_update_date/"
        },
        "threat_type": {
          "@id": "https://www.variotdbs.pl/ref/threat_type/"
        },
        "title": {
          "@id": "https://www.variotdbs.pl/ref/title/"
        },
        "type": {
          "@id": "https://www.variotdbs.pl/ref/type/"
        }
      },
      "@id": "https://www.variotdbs.pl/vuln/VAR-201710-0213",
      "affected_products": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/affected_products#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            },
            "@id": "https://www.variotdbs.pl/ref/sources"
          }
        },
        "data": [
          {
            "model": "hostapd",
            "scope": "eq",
            "trust": 1.6,
            "vendor": "w1 fi",
            "version": "0.4.8"
          },
          {
            "model": "hostapd",
            "scope": "eq",
            "trust": 1.6,
            "vendor": "w1 fi",
            "version": "0.3.9"
          },
          {
            "model": "hostapd",
            "scope": "eq",
            "trust": 1.6,
            "vendor": "w1 fi",
            "version": "0.3.7"
          },
          {
            "model": "hostapd",
            "scope": "eq",
            "trust": 1.6,
            "vendor": "w1 fi",
            "version": "0.3.11"
          },
          {
            "model": "hostapd",
            "scope": "eq",
            "trust": 1.6,
            "vendor": "w1 fi",
            "version": "0.2.5"
          },
          {
            "model": "hostapd",
            "scope": "eq",
            "trust": 1.6,
            "vendor": "w1 fi",
            "version": "0.2.4"
          },
          {
            "model": "hostapd",
            "scope": "eq",
            "trust": 1.6,
            "vendor": "w1 fi",
            "version": "0.2.6"
          },
          {
            "model": "hostapd",
            "scope": "eq",
            "trust": 1.6,
            "vendor": "w1 fi",
            "version": "0.3.10"
          },
          {
            "model": "hostapd",
            "scope": "eq",
            "trust": 1.6,
            "vendor": "w1 fi",
            "version": "0.2.8"
          },
          {
            "model": "hostapd",
            "scope": "eq",
            "trust": 1.6,
            "vendor": "w1 fi",
            "version": "0.4.7"
          },
          {
            "model": "enterprise linux desktop",
            "scope": "eq",
            "trust": 1.3,
            "vendor": "redhat",
            "version": "7"
          },
          {
            "model": "enterprise linux server",
            "scope": "eq",
            "trust": 1.3,
            "vendor": "redhat",
            "version": "7"
          },
          {
            "model": "wpa supplicant",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "w1 fi",
            "version": "0.6.9"
          },
          {
            "model": "wpa supplicant",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "w1 fi",
            "version": "0.2.5"
          },
          {
            "model": "hostapd",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "w1 fi",
            "version": "1.1"
          },
          {
            "model": "linux",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "debian",
            "version": "9.0"
          },
          {
            "model": "hostapd",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "w1 fi",
            "version": "0.6.8"
          },
          {
            "model": "openstack cloud",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "suse",
            "version": "6"
          },
          {
            "model": "linux enterprise desktop",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "suse",
            "version": "12"
          },
          {
            "model": "hostapd",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "w1 fi",
            "version": "2.0"
          },
          {
            "model": "linux enterprise server",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "suse",
            "version": "11"
          },
          {
            "model": "hostapd",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "w1 fi",
            "version": "0.6.9"
          },
          {
            "model": "ubuntu linux",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "canonical",
            "version": "14.04"
          },
          {
            "model": "wpa supplicant",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "w1 fi",
            "version": "0.4.9"
          },
          {
            "model": "wpa supplicant",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "w1 fi",
            "version": "0.4.10"
          },
          {
            "model": "wpa supplicant",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "w1 fi",
            "version": "0.3.11"
          },
          {
            "model": "wpa supplicant",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "w1 fi",
            "version": "0.2.7"
          },
          {
            "model": "freebsd",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "freebsd",
            "version": "*"
          },
          {
            "model": "wpa supplicant",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "w1 fi",
            "version": "0.4.11"
          },
          {
            "model": "wpa supplicant",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "w1 fi",
            "version": "0.3.8"
          },
          {
            "model": "hostapd",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "w1 fi",
            "version": "0.4.9"
          },
          {
            "model": "wpa supplicant",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "w1 fi",
            "version": "0.2.6"
          },
          {
            "model": "freebsd",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "freebsd",
            "version": "10"
          },
          {
            "model": "hostapd",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "w1 fi",
            "version": "0.4.10"
          },
          {
            "model": "linux",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "debian",
            "version": "8.0"
          },
          {
            "model": "wpa supplicant",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "w1 fi",
            "version": "2.2"
          },
          {
            "model": "hostapd",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "w1 fi",
            "version": "0.4.11"
          },
          {
            "model": "wpa supplicant",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "w1 fi",
            "version": "0.5.7"
          },
          {
            "model": "hostapd",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "w1 fi",
            "version": "2.5"
          },
          {
            "model": "wpa supplicant",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "w1 fi",
            "version": "2.4"
          },
          {
            "model": "wpa supplicant",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "w1 fi",
            "version": "0.5.8"
          },
          {
            "model": "wpa supplicant",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "w1 fi",
            "version": "0.3.7"
          },
          {
            "model": "wpa supplicant",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "w1 fi",
            "version": "1.1"
          },
          {
            "model": "wpa supplicant",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "w1 fi",
            "version": "0.6.10"
          },
          {
            "model": "hostapd",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "w1 fi",
            "version": "0.5.7"
          },
          {
            "model": "wpa supplicant",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "w1 fi",
            "version": "0.7.3"
          },
          {
            "model": "wpa supplicant",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "w1 fi",
            "version": "1.0"
          },
          {
            "model": "linux enterprise point of sale",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "suse",
            "version": "11"
          },
          {
            "model": "hostapd",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "w1 fi",
            "version": "2.4"
          },
          {
            "model": "hostapd",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "w1 fi",
            "version": "0.5.8"
          },
          {
            "model": "wpa supplicant",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "w1 fi",
            "version": "2.6"
          },
          {
            "model": "hostapd",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "w1 fi",
            "version": "0.6.10"
          },
          {
            "model": "wpa supplicant",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "w1 fi",
            "version": "0.2.8"
          },
          {
            "model": "hostapd",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "w1 fi",
            "version": "0.7.3"
          },
          {
            "model": "freebsd",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "freebsd",
            "version": "11.1"
          },
          {
            "model": "hostapd",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "w1 fi",
            "version": "1.0"
          },
          {
            "model": "wpa supplicant",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "w1 fi",
            "version": "0.3.9"
          },
          {
            "model": "hostapd",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "w1 fi",
            "version": "2.6"
          },
          {
            "model": "wpa supplicant",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "w1 fi",
            "version": "0.2.4"
          },
          {
            "model": "wpa supplicant",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "w1 fi",
            "version": "0.3.10"
          },
          {
            "model": "wpa supplicant",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "w1 fi",
            "version": "0.5.10"
          },
          {
            "model": "wpa supplicant",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "w1 fi",
            "version": "0.5.9"
          },
          {
            "model": "wpa supplicant",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "w1 fi",
            "version": "2.1"
          },
          {
            "model": "leap",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "opensuse",
            "version": "42.2"
          },
          {
            "model": "wpa supplicant",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "w1 fi",
            "version": "0.4.7"
          },
          {
            "model": "ubuntu linux",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "canonical",
            "version": "17.04"
          },
          {
            "model": "wpa supplicant",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "w1 fi",
            "version": "2.3"
          },
          {
            "model": "freebsd",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "freebsd",
            "version": "10.4"
          },
          {
            "model": "hostapd",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "w1 fi",
            "version": "0.5.10"
          },
          {
            "model": "hostapd",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "w1 fi",
            "version": "0.5.9"
          },
          {
            "model": "hostapd",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "w1 fi",
            "version": "2.1"
          },
          {
            "model": "wpa supplicant",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "w1 fi",
            "version": "0.5.11"
          },
          {
            "model": "wpa supplicant",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "w1 fi",
            "version": "2.5"
          },
          {
            "model": "linux enterprise server",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "suse",
            "version": "12"
          },
          {
            "model": "hostapd",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "w1 fi",
            "version": "2.3"
          },
          {
            "model": "wpa supplicant",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "w1 fi",
            "version": "0.4.8"
          },
          {
            "model": "hostapd",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "w1 fi",
            "version": "0.5.11"
          },
          {
            "model": "ubuntu linux",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "canonical",
            "version": "16.04"
          },
          {
            "model": "hostapd",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "w1 fi",
            "version": "2.2"
          },
          {
            "model": "wpa supplicant",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "w1 fi",
            "version": "0.6.8"
          },
          {
            "model": "freebsd",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "freebsd",
            "version": "11"
          },
          {
            "model": "wpa supplicant",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "w1 fi",
            "version": "2.0"
          },
          {
            "model": "leap",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "opensuse",
            "version": "42.3"
          },
          {
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "9front",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "adtran",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "avm",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "actiontec",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "aerohive",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "alcatel lucent",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "android open source",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "apple",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "arch linux",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "aruba",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "asustek computer",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "barracuda",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "broadcom",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "cambium",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "centos",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "cisco",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "cradlepoint",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "cypress semiconductor",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "d link",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "debian gnu linux",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "dell",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "digi",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "draytek",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "edimax computer",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "engenius",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "endian",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "espressif",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "extreme",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "f secure",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "fedora",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "fortinet",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "freebsd",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "gentoo linux",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "google",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "hewlett packard",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "hostap",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "ipfire",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "intel",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "juniper",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "lancom",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "lede",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "lifx",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "lenovo",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "microchip",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "microsoft",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "mojo",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "nest",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "netbsd",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "netgear",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "opnsense",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "omnirom",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "open mesh",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "openbsd",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "peplink",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "red hat",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "riverbed",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "rockwell automation",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "ruckus",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "suse linux",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "samsung mobile",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "sierra",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "slackware linux",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "sonos",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "sony",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "sophos",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "synology",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "tp link",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "technicolor",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "texas instruments",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "toshiba commerce",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "toshiba electronic devices storage",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "toshiba memory",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "turris omnia",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "ubiquiti",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "ubuntu",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "volumio",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "watchguard",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "xiaomi",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "xirrus",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "zebra",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "zyxel",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "dd wrt",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "eero",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "pfsense",
            "version": null
          },
          {
            "model": "ubuntu",
            "scope": null,
            "trust": 0.8,
            "vendor": "canonical",
            "version": null
          },
          {
            "model": "gnu/linux",
            "scope": null,
            "trust": 0.8,
            "vendor": "debian",
            "version": null
          },
          {
            "model": "freebsd",
            "scope": null,
            "trust": 0.8,
            "vendor": "freebsd",
            "version": null
          },
          {
            "model": "leap",
            "scope": null,
            "trust": 0.8,
            "vendor": "opensuse",
            "version": null
          },
          {
            "model": "linux enterprise desktop",
            "scope": null,
            "trust": 0.8,
            "vendor": "suse",
            "version": null
          },
          {
            "model": "linux enterprise point of sale",
            "scope": null,
            "trust": 0.8,
            "vendor": "suse",
            "version": null
          },
          {
            "model": "linux enterprise server",
            "scope": null,
            "trust": 0.8,
            "vendor": "suse",
            "version": null
          },
          {
            "model": "openstack cloud",
            "scope": null,
            "trust": 0.8,
            "vendor": "suse",
            "version": null
          },
          {
            "model": "hostapd",
            "scope": null,
            "trust": 0.8,
            "vendor": "w1 fi",
            "version": null
          },
          {
            "model": "wpa supplicant",
            "scope": null,
            "trust": 0.8,
            "vendor": "w1 fi",
            "version": null
          },
          {
            "model": "enterprise linux desktop",
            "scope": null,
            "trust": 0.8,
            "vendor": "red hat",
            "version": null
          },
          {
            "model": "enterprise linux server",
            "scope": null,
            "trust": 0.8,
            "vendor": "red hat",
            "version": null
          },
          {
            "model": "edge gateway",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "nec",
            "version": null
          },
          {
            "model": "sr-m20ac1",
            "scope": "lte",
            "trust": 0.8,
            "vendor": "fujitsu",
            "version": "v02.10"
          },
          {
            "model": "sr-m20ac2",
            "scope": "lte",
            "trust": 0.8,
            "vendor": "fujitsu",
            "version": "v02.10"
          },
          {
            "model": "alliance wi-fi protected access 2",
            "scope": null,
            "trust": 0.6,
            "vendor": "wi fi",
            "version": null
          },
          {
            "model": "scalance w-700",
            "scope": "eq",
            "trust": 0.6,
            "vendor": "siemens",
            "version": "0"
          },
          {
            "model": "atom processor c3200 series for yocto project bsp mr4",
            "scope": null,
            "trust": 0.3,
            "vendor": "intel",
            "version": null
          },
          {
            "model": "ios",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "10.3.2"
          },
          {
            "model": "active management technology",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "intel",
            "version": "6.1"
          },
          {
            "model": "pyxis supplystation",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "bd",
            "version": "0"
          },
          {
            "model": "sinamics smart access module",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "siemens",
            "version": "v200"
          },
          {
            "model": "active management technology",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "intel",
            "version": "11.6.27.3264"
          },
          {
            "model": "meraki mr34",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "0"
          },
          {
            "model": "ck71a-atex",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "pepperl fuchs",
            "version": "0"
          },
          {
            "model": "arubaos",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "arubanetworks",
            "version": "6.5.2.0"
          },
          {
            "model": "macbook air",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "0"
          },
          {
            "model": "aironet series access points",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "18500"
          },
          {
            "model": "active management technology",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "intel",
            "version": "8.0"
          },
          {
            "model": "meraki mr26",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "0"
          },
          {
            "model": "arubaos",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "arubanetworks",
            "version": "6.4"
          },
          {
            "model": "aironet series access points",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "28000"
          },
          {
            "model": "enterprise linux for power big endian extended update support",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "redhat",
            "version": "-7.5"
          },
          {
            "model": "meraki mr84",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "0"
          },
          {
            "model": "contact fl wlan",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "phoenix",
            "version": "510x0"
          },
          {
            "model": "windows server r2 for itanium-based systems sp1",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "microsoft",
            "version": "2008"
          },
          {
            "model": "contact itc",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "phoenix",
            "version": "81130"
          },
          {
            "model": "enterprise linux workstation",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "redhat",
            "version": "7"
          },
          {
            "model": "active management technology",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "intel",
            "version": "10.0"
          },
          {
            "model": "dual band wireless-ac",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "intel",
            "version": "726519.51.0.0"
          },
          {
            "model": "enterprise linux server extended update support",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "redhat",
            "version": "-7.6"
          },
          {
            "model": "meraki mr18",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "0"
          },
          {
            "model": "arubaos",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "arubanetworks",
            "version": "8.1.0.3"
          },
          {
            "model": "scalance w1750d",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "siemens",
            "version": "0"
          },
          {
            "model": "secure ii med-surg bed",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "stryker",
            "version": "3002"
          },
          {
            "model": "contact fl wlan",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "phoenix",
            "version": "210x0"
          },
          {
            "model": "windows version for x64-based systems",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "microsoft",
            "version": "1015110"
          },
          {
            "model": "aironet access points",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "0"
          },
          {
            "model": "contact fl wlan ap",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "phoenix",
            "version": "24802-110"
          },
          {
            "model": "active management technology",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "intel",
            "version": "11.0"
          },
          {
            "model": "instantos",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "arubanetworks",
            "version": "6.5.4.1"
          },
          {
            "model": "tvos",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "10.2"
          },
          {
            "model": "wap371 wireless-ac n access point with single point setup",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "0"
          },
          {
            "model": "ex-handy",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "pepperl fuchs",
            "version": "2090"
          },
          {
            "model": "arubaos",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "arubanetworks",
            "version": "6.5.3.2"
          },
          {
            "model": "contact rad-80211-xd",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "phoenix",
            "version": "0"
          },
          {
            "model": "ios",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "apple",
            "version": "11.2"
          },
          {
            "model": "contact fl wlan dap",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "phoenix",
            "version": "24802-110"
          },
          {
            "model": "dual band wireless-ac",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "intel",
            "version": "726519.10.9.1"
          },
          {
            "model": "arubaos",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "arubanetworks",
            "version": "6.3.1.25"
          },
          {
            "model": "pyxis medstation es",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "bd",
            "version": "0"
          },
          {
            "model": "wireless ip phone",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "88210"
          },
          {
            "model": "pyxis stockstation system",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "bd",
            "version": "0"
          },
          {
            "model": "macbook",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "0"
          },
          {
            "model": "dual band wireless-ac",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "intel",
            "version": "316819.51.7.1"
          },
          {
            "model": "dual band wireless-ac",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "intel",
            "version": "726519.10.9.2"
          },
          {
            "model": "scalance wlc712",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "siemens",
            "version": "0"
          },
          {
            "model": "contact fl wlan spa",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "phoenix",
            "version": "0"
          },
          {
            "model": "meraki mr62",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "0"
          },
          {
            "model": "simatic et200 pro im154-6 pn iwlan",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "siemens",
            "version": "0"
          },
          {
            "model": "tropos broadband mesh routers and bridges",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "abb",
            "version": "0"
          },
          {
            "model": "dual band wireless-ac",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "intel",
            "version": "316819.10.9.2"
          },
          {
            "model": "meraki mr33",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "0"
          },
          {
            "model": "instantos",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "arubanetworks",
            "version": "6.5.3.3"
          },
          {
            "model": "micros handheld terminal",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "oracle",
            "version": "0"
          },
          {
            "model": "windows server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "microsoft",
            "version": "20120"
          },
          {
            "model": "instantos",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "arubanetworks",
            "version": "6.5.2"
          },
          {
            "model": "dual band wireless-ac",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "intel",
            "version": "316018.33.9.2"
          },
          {
            "model": "windows version for 32-bit systems",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "microsoft",
            "version": "1017030"
          },
          {
            "model": "atom processor c3200 series for yocto project bsp mr4.1",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "intel",
            "version": null
          },
          {
            "model": "active management technology",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "intel",
            "version": "2.6"
          },
          {
            "model": "android",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "7.1.0"
          },
          {
            "model": "contact fl wlan",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "phoenix",
            "version": "110x0"
          },
          {
            "model": "windows for 32-bit systems",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "microsoft",
            "version": "100"
          },
          {
            "model": "s3 med-surg bed",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "stryker",
            "version": "3002"
          },
          {
            "model": "arubaos",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "arubanetworks",
            "version": "6.4.2.4"
          },
          {
            "model": "tvos",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "11.1"
          },
          {
            "model": "contact fl comserver wlan",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "phoenix",
            "version": "232/422/4850"
          },
          {
            "model": "airport base station",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "7.6.8"
          },
          {
            "model": "enterprise linux server update services for sap solutions",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "redhat",
            "version": "-7."
          },
          {
            "model": "active management technology",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "intel",
            "version": "7.1.91.3272"
          },
          {
            "model": "instantos",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "arubanetworks",
            "version": "4.2.4.9"
          },
          {
            "model": "contact fl wlan ap",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "phoenix",
            "version": "230802-110"
          },
          {
            "model": "android",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "6.1"
          },
          {
            "model": "enterprise linux for power little endian extended update supp",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "redhat",
            "version": "-7.6"
          },
          {
            "model": "meraki mr14",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "0"
          },
          {
            "model": "enterprise linux eus compute node",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "redhat",
            "version": "7.5"
          },
          {
            "model": "aironet series access points",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "18150"
          },
          {
            "model": "wireless client bridge 2.0.0.1-aruba501-b00",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "arubanetworks",
            "version": "501"
          },
          {
            "model": "enterprise linux server extended update support",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "redhat",
            "version": "-7.4"
          },
          {
            "model": "enterprise linux server tus",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "redhat",
            "version": "-7.6"
          },
          {
            "model": "dual band wireless-ac",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "intel",
            "version": "726018.33.9.2"
          },
          {
            "model": "airport express",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "0"
          },
          {
            "model": "meraki mr16",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "0"
          },
          {
            "model": "clarity engine",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "arubanetworks",
            "version": "1.0"
          },
          {
            "model": "meraki mr30h",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "0"
          },
          {
            "model": "airport extreme",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "0"
          },
          {
            "model": "windows server r2",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "microsoft",
            "version": "20120"
          },
          {
            "model": "dual band wireless-ac",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "intel",
            "version": "826520.0.2.3"
          },
          {
            "model": "android",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "8.0"
          },
          {
            "model": "contact bl2 bpc",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "phoenix",
            "version": "0"
          },
          {
            "model": "tvos",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "10.0.1"
          },
          {
            "model": "enterprise linux for ibm z systems",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "redhat",
            "version": "7"
          },
          {
            "model": "watch",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "0"
          },
          {
            "model": "meraki mr32",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "0"
          },
          {
            "model": "wpa supplicant",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "w1 f1",
            "version": "2.4"
          },
          {
            "model": "active management technology",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "intel",
            "version": "4.0"
          },
          {
            "model": "ruggedcom rx1400",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "siemens",
            "version": "0"
          },
          {
            "model": "cn70a-atex",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "pepperl fuchs",
            "version": "0"
          },
          {
            "model": "windows version for 32-bit systems",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "microsoft",
            "version": "1015110"
          },
          {
            "model": "arubaos",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "arubanetworks",
            "version": "6.5.3"
          },
          {
            "model": "pyxis parx handheld",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "bd",
            "version": "0"
          },
          {
            "model": "dual band wireless-ac",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "intel",
            "version": "726519.10"
          },
          {
            "model": "active management technology",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "intel",
            "version": "9.1.40.100"
          },
          {
            "model": "tvos",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "10.1.1"
          },
          {
            "model": "instantos",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "arubanetworks",
            "version": "6.5.3"
          },
          {
            "model": "windows rt",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "microsoft",
            "version": "8.1"
          },
          {
            "model": "meraki mr42",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "0"
          },
          {
            "model": "instantos",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "arubanetworks",
            "version": "4.3.1.6"
          },
          {
            "model": "airport base station",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "7.7.3"
          },
          {
            "model": "wap561 wireless-n dual radio selectable band access point",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "0"
          },
          {
            "model": "active management technology",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "intel",
            "version": "11.0.26.3000"
          },
          {
            "model": "instantos",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "arubanetworks",
            "version": "6.5.4.2"
          },
          {
            "model": "active management technology",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "intel",
            "version": "11.6"
          },
          {
            "model": "tvos",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "apple",
            "version": "11.2"
          },
          {
            "model": "active management technology",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "intel",
            "version": "6.0"
          },
          {
            "model": "windows server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "microsoft",
            "version": "2016"
          },
          {
            "model": "contact rad-whg/wlan-xd",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "phoenix",
            "version": "0"
          },
          {
            "model": "dual band wireless-ac",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "intel",
            "version": "726018.33.9.3"
          },
          {
            "model": "wi-fi update for boot camp",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "apple",
            "version": "6.4.0"
          },
          {
            "model": "suremark printer 2nr",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "toshiba",
            "version": "4610"
          },
          {
            "model": "android",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "7.1.1"
          },
          {
            "model": "arubaos",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "arubanetworks",
            "version": "6.5.4.2"
          },
          {
            "model": "enterprise linux for power little endian extended update supp",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "redhat",
            "version": "-7.5"
          },
          {
            "model": "enterprise linux for power little endian",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "redhat",
            "version": "7"
          },
          {
            "model": "dual band wireless-ac",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "intel",
            "version": "826520.0.0.0"
          },
          {
            "model": "tvos",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "10.2.1"
          },
          {
            "model": "arubaos",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "arubanetworks",
            "version": "6.3.1.8"
          },
          {
            "model": "windows server for x64-based systems sp2",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "microsoft",
            "version": "2008"
          },
          {
            "model": "pyxis supply roller",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "bd",
            "version": "0"
          },
          {
            "model": "airport base station",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "7.6.3"
          },
          {
            "model": "ios",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "10.3"
          },
          {
            "model": "telepresence collaboration endpoint",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "0"
          },
          {
            "model": "active management technology",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "intel",
            "version": "6.2.61.3535"
          },
          {
            "model": "contact vmt",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "phoenix",
            "version": "70xx0"
          },
          {
            "model": "imac",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "0"
          },
          {
            "model": "meraki mr72",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "0"
          },
          {
            "model": "watchos",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "4"
          },
          {
            "model": "enterprise linux for power little endian extended update supp",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "redhat",
            "version": "-7.4"
          },
          {
            "model": "active management technology",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "intel",
            "version": "11.0.25.3001"
          },
          {
            "model": "arubaos",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "arubanetworks",
            "version": "8.1.0.4"
          },
          {
            "model": "active management technology",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "intel",
            "version": "9.1"
          },
          {
            "model": "enterprise linux server tus",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "redhat",
            "version": "-7.4"
          },
          {
            "model": "active management technology",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "intel",
            "version": "6.2"
          },
          {
            "model": "meraki mr53",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "0"
          },
          {
            "model": "tvos",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "10.1"
          },
          {
            "model": "wap551 wireless-n single radio selectable band access point",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "0"
          },
          {
            "model": "instantos",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "arubanetworks",
            "version": "4.2"
          },
          {
            "model": "instantos",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "arubanetworks",
            "version": "6.5.3.2"
          },
          {
            "model": "dual band wireless-ac",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "intel",
            "version": "316519.10"
          },
          {
            "model": "dual band wireless-ac",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "intel",
            "version": "826020.0.0.0"
          },
          {
            "model": "wap121 wireless-n access point with single point setup",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "0"
          },
          {
            "model": "active management technology",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "intel",
            "version": "2.5"
          },
          {
            "model": "active management technology",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "intel",
            "version": "11.6.0.1000"
          },
          {
            "model": "wireless client bridge 1.0.1.3-hp501-b0012",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "arubanetworks",
            "version": "501"
          },
          {
            "model": "i.roc ci70-ex",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "pepperl fuchs",
            "version": "0"
          },
          {
            "model": "arubaos",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "arubanetworks",
            "version": "6.5.0.0"
          },
          {
            "model": "dual band wireless-ac",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "intel",
            "version": "826020.0.2.2"
          },
          {
            "model": "active management technology",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "intel",
            "version": "7.1"
          },
          {
            "model": "cn70e-atex",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "pepperl fuchs",
            "version": "0"
          },
          {
            "model": "dual band wireless-ac",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "intel",
            "version": "726018.0.0.0"
          },
          {
            "model": "meraki mr24",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "0"
          },
          {
            "model": "suremark printer 1nr",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "toshiba",
            "version": "4610"
          },
          {
            "model": "enterprise linux for ibm z systems extended update support",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "redhat",
            "version": "-7.6"
          },
          {
            "model": "contact vmt",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "phoenix",
            "version": "50xx0"
          },
          {
            "model": "meraki mr74",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "0"
          },
          {
            "model": "ex-handy",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "pepperl fuchs",
            "version": "090"
          },
          {
            "model": "arubaos",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "arubanetworks",
            "version": "6.4.4.15"
          },
          {
            "model": "dual band wireless-ac",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "intel",
            "version": "316519.51.7.1"
          },
          {
            "model": "dual band wireless-ac",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "intel",
            "version": "726519.51.7.20"
          },
          {
            "model": "anyconnect secure mobility client",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "0"
          },
          {
            "model": "dual band wireless-ac",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "intel",
            "version": "726519.51.7.1"
          },
          {
            "model": "systems esp32",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "espressif",
            "version": "0"
          },
          {
            "model": "watchos",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "4.1"
          },
          {
            "model": "enterprise linux server extended update support",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "redhat",
            "version": "-7.5"
          },
          {
            "model": "micros handheld terminal 2.03.0.0.021r",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "oracle",
            "version": null
          },
          {
            "model": "aironet series access points",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "38000"
          },
          {
            "model": "pyxis parx",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "bd",
            "version": "0"
          },
          {
            "model": "dx70",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "0"
          },
          {
            "model": "arubaos",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "arubanetworks",
            "version": "6.5.1.9"
          },
          {
            "model": "enterprise linux server update services for sap solutions",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "redhat",
            "version": "-7.6"
          },
          {
            "model": "intouch critical care bed",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "stryker",
            "version": "2141"
          },
          {
            "model": "pyxis anesthesia es",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "bd",
            "version": "0"
          },
          {
            "model": "aironet series officeextend access points",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "18100"
          },
          {
            "model": "windows for x64-based systems",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "microsoft",
            "version": "8.10"
          },
          {
            "model": "dual band wireless-ac",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "intel",
            "version": "316819.10.9.1"
          },
          {
            "model": "active management technology",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "intel",
            "version": "10.0.55.3000"
          },
          {
            "model": "windows for 32-bit systems",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "microsoft",
            "version": "8.10"
          },
          {
            "model": "android",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "6.0"
          },
          {
            "model": "meraki mr66",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "0"
          },
          {
            "model": "dual band wireless-ac",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "intel",
            "version": "316519.10.9.1"
          },
          {
            "model": "airport base station",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "7.6"
          },
          {
            "model": "intouch critical care bed",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "stryker",
            "version": "2131"
          },
          {
            "model": "android",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "7.1.2"
          },
          {
            "model": "aironet series access points",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "18300"
          },
          {
            "model": "enterprise linux server aus",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "redhat",
            "version": "-7.6"
          },
          {
            "model": "enterprise linux for power big endian extended update support",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "redhat",
            "version": "-7.6"
          },
          {
            "model": "active management technology",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "intel",
            "version": "10.0.0.50.1004"
          },
          {
            "model": "arubaos",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "arubanetworks",
            "version": "6.4.1.0"
          },
          {
            "model": "wap321 wireless-n access point with single point setup",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "0"
          },
          {
            "model": "simatic iwlan-pb/link",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "siemens",
            "version": "0"
          },
          {
            "model": "aironet 1810w series access points",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "0"
          },
          {
            "model": "meraki mr52",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "0"
          },
          {
            "model": "enterprise linux for ibm z systems extended update support",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "redhat",
            "version": "-7.5"
          },
          {
            "model": "meraki mr12",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "0"
          },
          {
            "model": "airmesh msr",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "arubanetworks",
            "version": "0"
          },
          {
            "model": "dual band wireless-ac",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "intel",
            "version": "316519.51.7.20"
          },
          {
            "model": "watchos",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "apple",
            "version": "4.2"
          },
          {
            "model": "contact fl wlan ec",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "phoenix",
            "version": "24802-110"
          },
          {
            "model": "instantos",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "arubanetworks",
            "version": "4.2.4.8"
          },
          {
            "model": "systems esp8266",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "espressif",
            "version": "0"
          },
          {
            "model": "tv",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "0"
          },
          {
            "model": "pad-ex",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "pepperl fuchs",
            "version": "010"
          },
          {
            "model": "active management technology",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "intel",
            "version": "11.0.0.1205"
          },
          {
            "model": "ip phone",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "88610"
          },
          {
            "model": "clarity engine",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "arubanetworks",
            "version": "1.0.0.1"
          },
          {
            "model": "aironet series access points",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "15600"
          },
          {
            "model": "windows for 32-bit systems sp1",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "microsoft",
            "version": "7"
          },
          {
            "model": "instantos",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "arubanetworks",
            "version": "4.3.1.5"
          },
          {
            "model": "airport base station",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "7.6.2"
          },
          {
            "model": "active management technology",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "intel",
            "version": "8.1"
          },
          {
            "model": "active management technology",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "intel",
            "version": "11.8"
          },
          {
            "model": "windows for x64-based systems sp1",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "microsoft",
            "version": "7"
          },
          {
            "model": "enterprise linux for ibm z systems extended update support",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "redhat",
            "version": "-7.4"
          },
          {
            "model": "meraki mr58",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "0"
          },
          {
            "model": "windows version for 32-bit systems",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "microsoft",
            "version": "1016070"
          },
          {
            "model": "dual band wireless-ac",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "intel",
            "version": "316519.10.9.2"
          },
          {
            "model": "pyxis parassist system",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "bd",
            "version": "0"
          },
          {
            "model": "windows server for 32-bit systems sp2",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "microsoft",
            "version": "2008"
          },
          {
            "model": "instantos",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "arubanetworks",
            "version": "4.3"
          },
          {
            "model": "android",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "7.0"
          },
          {
            "model": "simatic mobile panel 277 iwlan",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "siemens",
            "version": "0"
          },
          {
            "model": "pyxis medstation t2",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "bd",
            "version": "40000"
          },
          {
            "model": "dual band wireless-ac",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "intel",
            "version": "826020.0.2.3"
          },
          {
            "model": "android",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "6.0.1"
          },
          {
            "model": "airport base station",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "7.6.1"
          },
          {
            "model": "dual band wireless-ac",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "intel",
            "version": "316519.51.0.0"
          },
          {
            "model": "wi-fi update for boot camp",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "0"
          },
          {
            "model": "enterprise linux server update services for sap solutions",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "redhat",
            "version": "-7.4"
          },
          {
            "model": "ipad",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "0"
          },
          {
            "model": "contact vmt",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "phoenix",
            "version": "30xx0"
          },
          {
            "model": "enterprise linux for power big endian",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "redhat",
            "version": "7"
          },
          {
            "model": "wpa supplicant",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "w1 f1",
            "version": "2.6"
          },
          {
            "model": "wireless client bridge",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "arubanetworks",
            "version": "5010"
          },
          {
            "model": "ios",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "10.0.1"
          },
          {
            "model": "active management technology",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "intel",
            "version": "11.5"
          },
          {
            "model": "meraki mr11",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "0"
          },
          {
            "model": "ios",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "10.3.3"
          },
          {
            "model": "pyxis anesthesia system",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "bd",
            "version": "40000"
          },
          {
            "model": "tvos",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "10.2.2"
          },
          {
            "model": "pyxis anesthesia system",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "bd",
            "version": "35000"
          },
          {
            "model": "automation stratix 15.3 jc1",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "rockwell",
            "version": "5100"
          },
          {
            "model": "enterprise linux server aus",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "redhat",
            "version": "-7.4"
          },
          {
            "model": "pyxis ciisafe workstation",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "bd",
            "version": "??0"
          },
          {
            "model": "enterprise linux for power big endian extended update support",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "redhat",
            "version": "-7.4"
          },
          {
            "model": "airport base station",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "7.6.7"
          },
          {
            "model": "dual band wireless-ac",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "intel",
            "version": "316819.51.0.0"
          },
          {
            "model": "ipad air",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "0"
          },
          {
            "model": "active management technology",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "intel",
            "version": "7.0"
          },
          {
            "model": "arubaos",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "arubanetworks",
            "version": "6.5.4.1"
          },
          {
            "model": "enterprise linux eus compute node",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "redhat",
            "version": "7.6"
          },
          {
            "model": "enterprise linux for scientific computing",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "redhat",
            "version": "7"
          },
          {
            "model": "active management technology",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "intel",
            "version": "8.1.71.3608"
          },
          {
            "model": "active management technology",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "intel",
            "version": "9.1.41.3024"
          },
          {
            "model": "arubaos",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "arubanetworks",
            "version": "6.4.2.1"
          },
          {
            "model": "enterprise linux eus compute node",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "redhat",
            "version": "7.4"
          },
          {
            "model": "dx80",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "0"
          },
          {
            "model": "active management technology",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "intel",
            "version": "9.0"
          },
          {
            "model": "contact bl2 ppc",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "phoenix",
            "version": "0"
          },
          {
            "model": "contact tpc",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "phoenix",
            "version": "60130"
          },
          {
            "model": "ipod touch",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "0"
          },
          {
            "model": "arubaos",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "arubanetworks",
            "version": "6.5.1"
          },
          {
            "model": "ck70a-atex",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "pepperl fuchs",
            "version": "0"
          },
          {
            "model": "ios",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "10.2.1"
          },
          {
            "model": "ios",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "10.3.1"
          },
          {
            "model": "dual band wireless-ac",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "intel",
            "version": "316819.51.7.20"
          },
          {
            "model": "macbook pro",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "0"
          },
          {
            "model": "dual band wireless-ac",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "intel",
            "version": "316819.10"
          },
          {
            "model": "windows for x64-based systems",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "microsoft",
            "version": "100"
          },
          {
            "model": "airport base station",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "7.7.8"
          },
          {
            "model": "active management technology",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "intel",
            "version": "9.5"
          },
          {
            "model": "ios",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "10.1"
          },
          {
            "model": "ios",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "10.2"
          },
          {
            "model": "airport base station",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "7.6.4"
          },
          {
            "model": "smart-ex",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "pepperl fuchs",
            "version": "010"
          },
          {
            "model": "dual band wireless-ac",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "intel",
            "version": "826520.0.2.2"
          },
          {
            "model": "dual band wireless-ac",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "intel",
            "version": "316018.33.9.3"
          },
          {
            "model": "tab-ex",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "pepperl fuchs",
            "version": "010"
          },
          {
            "model": "arubaos",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "arubanetworks",
            "version": "6.5.3.3"
          },
          {
            "model": "iphone",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "0"
          },
          {
            "model": "macmini",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "0"
          },
          {
            "model": "arubaos",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "arubanetworks",
            "version": "6.4.4.16"
          },
          {
            "model": "contact fl wlan epa",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "phoenix",
            "version": "0"
          },
          {
            "model": "airport time capsule",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "0"
          },
          {
            "model": "alliance wpa2 (wi-fi protected access",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "wi fi",
            "version": "2)0"
          },
          {
            "model": "airport base station",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "apple",
            "version": "7.7.9"
          },
          {
            "model": "scalance wlc711",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "siemens",
            "version": "0"
          },
          {
            "model": "ruggedcom rs9xxw",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "siemens",
            "version": "0"
          },
          {
            "model": "arubaos",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "arubanetworks",
            "version": "6.3.1.15"
          },
          {
            "model": "networks unifi access point",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ubiquiti",
            "version": "0"
          },
          {
            "model": "suremark printer 2cr",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "toshiba",
            "version": "4610"
          },
          {
            "model": "ip phone",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "88650"
          },
          {
            "model": "arubaos",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "arubanetworks",
            "version": "6.5.4"
          },
          {
            "model": "airport base station",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "7.7.7"
          },
          {
            "model": "instantos",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "arubanetworks",
            "version": "6.5.4"
          },
          {
            "model": "asa 5506w-x w/ firepower services",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "0"
          },
          {
            "model": "windows version for x64-based systems",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "microsoft",
            "version": "1016070"
          },
          {
            "model": "airport base station",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "apple",
            "version": "7.6.9"
          },
          {
            "model": "s3 med-surg bed",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "stryker",
            "version": "3005"
          },
          {
            "model": "dual band wireless-ac",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "intel",
            "version": "316018.0.0.0"
          },
          {
            "model": "smart-ex",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "pepperl fuchs",
            "version": "2010"
          },
          {
            "model": "windows version for x64-based systems",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "microsoft",
            "version": "1017030"
          },
          {
            "model": "ios",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "11.1"
          },
          {
            "model": "alliance",
            "scope": "eq",
            "trust": 0.2,
            "vendor": "wi fi",
            "version": "*"
          },
          {
            "model": "protected access 2",
            "scope": null,
            "trust": 0.2,
            "vendor": "wi fi",
            "version": null
          }
        ],
        "sources": [
          {
            "db": "IVD",
            "id": "37a5aa3e-4512-466b-9bc5-af5013c143e3"
          },
          {
            "db": "CERT/CC",
            "id": "VU#228519"
          },
          {
            "db": "CNVD",
            "id": "CNVD-2017-30400"
          },
          {
            "db": "BID",
            "id": "101274"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2017-009176"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201710-386"
          },
          {
            "db": "NVD",
            "id": "CVE-2017-13084"
          }
        ]
      },
      "configurations": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/configurations#",
          "children": {
            "@container": "@list"
          },
          "cpe_match": {
            "@container": "@list"
          },
          "data": {
            "@container": "@list"
          },
          "nodes": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "CVE_data_version": "4.0",
            "nodes": [
              {
                "cpe_match": [
                  {
                    "cpe22Uri": "cpe:/o:canonical:ubuntu",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:debian:debian_linux",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:freebsd:freebsd",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:opensuse_project:leap",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:suse:linux_enterprise_desktop",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:suse:suse_linux_enterprise_point_of_sale",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:suse:linux_enterprise_server",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/a:suse:openstack_cloud",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/a:w1.fi:hostapd",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/a:w1.fi:wpa_supplicant",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:redhat:enterprise_linux_desktop",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:redhat:enterprise_linux_server",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:nec:nec_edge_gateway",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/a:fujitsu:sr-m20ac1",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/a:fujitsu:sr-m20ac2",
                    "vulnerable": true
                  }
                ],
                "operator": "OR"
              }
            ]
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2017-009176"
          }
        ]
      },
      "credits": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/credits#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "Mathy Vanhoef from imec-DistriNet and KU Leuven.",
        "sources": [
          {
            "db": "BID",
            "id": "101274"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201710-386"
          }
        ],
        "trust": 0.9
      },
      "cve": "CVE-2017-13084",
      "cvss": {
        "@context": {
          "cvssV2": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
          },
          "cvssV3": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
          },
          "severity": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/cvss/severity#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/severity"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            },
            "@id": "https://www.variotdbs.pl/ref/sources"
          }
        },
        "data": [
          {
            "cvssV2": [
              {
                "accessComplexity": "MEDIUM",
                "accessVector": "ADJACENT_NETWORK",
                "authentication": "NONE",
                "author": "nvd@nist.gov",
                "availabilityImpact": "PARTIAL",
                "baseScore": 5.4,
                "confidentialityImpact": "PARTIAL",
                "exploitabilityScore": 5.5,
                "id": "CVE-2017-13084",
                "impactScore": 6.4,
                "integrityImpact": "PARTIAL",
                "severity": "MEDIUM",
                "trust": 1.9,
                "vectorString": "AV:A/AC:M/Au:N/C:P/I:P/A:P",
                "version": "2.0"
              },
              {
                "accessComplexity": "MEDIUM",
                "accessVector": "ADJACENT_NETWORK",
                "authentication": "NONE",
                "author": "CNVD",
                "availabilityImpact": "PARTIAL",
                "baseScore": 5.4,
                "confidentialityImpact": "PARTIAL",
                "exploitabilityScore": 5.5,
                "id": "CNVD-2017-30400",
                "impactScore": 6.4,
                "integrityImpact": "PARTIAL",
                "severity": "MEDIUM",
                "trust": 0.6,
                "vectorString": "AV:A/AC:M/Au:N/C:P/I:P/A:P",
                "version": "2.0"
              },
              {
                "accessComplexity": "MEDIUM",
                "accessVector": "ADJACENT_NETWORK",
                "authentication": "NONE",
                "author": "IVD",
                "availabilityImpact": "PARTIAL",
                "baseScore": 5.4,
                "confidentialityImpact": "PARTIAL",
                "exploitabilityScore": 5.5,
                "id": "37a5aa3e-4512-466b-9bc5-af5013c143e3",
                "impactScore": 6.4,
                "integrityImpact": "PARTIAL",
                "severity": "MEDIUM",
                "trust": 0.2,
                "vectorString": "AV:A/AC:M/Au:N/C:P/I:P/A:P",
                "version": "2.9 [IVD]"
              }
            ],
            "cvssV3": [
              {
                "attackComplexity": "HIGH",
                "attackVector": "ADJACENT",
                "author": "nvd@nist.gov",
                "availabilityImpact": "NONE",
                "baseScore": 6.8,
                "baseSeverity": "MEDIUM",
                "confidentialityImpact": "HIGH",
                "exploitabilityScore": 1.6,
                "id": "CVE-2017-13084",
                "impactScore": 5.2,
                "integrityImpact": "HIGH",
                "privilegesRequired": "NONE",
                "scope": "UNCHANGED",
                "trust": 1.8,
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.0/AV:A/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N",
                "version": "3.0"
              }
            ],
            "severity": [
              {
                "author": "nvd@nist.gov",
                "id": "CVE-2017-13084",
                "trust": 1.0,
                "value": "MEDIUM"
              },
              {
                "author": "NVD",
                "id": "CVE-2017-13084",
                "trust": 0.8,
                "value": "Medium"
              },
              {
                "author": "CNVD",
                "id": "CNVD-2017-30400",
                "trust": 0.6,
                "value": "MEDIUM"
              },
              {
                "author": "CNNVD",
                "id": "CNNVD-201710-386",
                "trust": 0.6,
                "value": "MEDIUM"
              },
              {
                "author": "IVD",
                "id": "37a5aa3e-4512-466b-9bc5-af5013c143e3",
                "trust": 0.2,
                "value": "MEDIUM"
              },
              {
                "author": "VULMON",
                "id": "CVE-2017-13084",
                "trust": 0.1,
                "value": "MEDIUM"
              }
            ]
          }
        ],
        "sources": [
          {
            "db": "IVD",
            "id": "37a5aa3e-4512-466b-9bc5-af5013c143e3"
          },
          {
            "db": "CNVD",
            "id": "CNVD-2017-30400"
          },
          {
            "db": "VULMON",
            "id": "CVE-2017-13084"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2017-009176"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201710-386"
          },
          {
            "db": "NVD",
            "id": "CVE-2017-13084"
          }
        ]
      },
      "description": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/description#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "Wi-Fi Protected Access (WPA and WPA2) allows reinstallation of the Station-To-Station-Link (STSL) Transient Key (STK) during the PeerKey handshake, allowing an attacker within radio range to replay, decrypt, or spoof frames. An attacker within range of an affected AP and client may leverage these vulnerabilities to conduct attacks that are dependent on the data confidentiality protocols being used. Attacks may include arbitrary packet decryption and injection, TCP connection hijacking, HTTP content injection, or the replay of unicast and group-addressed frames. These vulnerabilities are referred to as Key Reinstallation Attacks or \"KRACK\" attacks. WPA (Wi-Fi Protected Access) is a system that protects wireless computer networks (Wi-Fi). The WPA2 wireless network has a group key reload vulnerability in the PeerKey handshake. WPA2  is prone to multiple security weaknesses. \nExploiting these issues may allow an unauthorized user to intercept and manipulate data or disclose sensitive information. \n-----BEGIN PGP SIGNED MESSAGE-----\nHash: SHA1\n\n[slackware-security]  wpa_supplicant (SSA:2017-291-02)\n\nNew wpa_supplicant packages are available for Slackware 14.0, 14.1, 14.2,\nand -current to fix security issues. \n\n\nHere are the details from the Slackware 14.2 ChangeLog:\n+--------------------------+\npatches/packages/wpa_supplicant-2.6-i586-1_slack14.2.txz:  Upgraded. \n  This update includes patches to mitigate the WPA2 protocol issues known\n  as \"KRACK\" (Key Reinstallation AttaCK), which may be used to decrypt data,\n  hijack TCP connections, and to forge and inject packets. This is the\n  list of vulnerabilities that are addressed here:\n  CVE-2017-13077: Reinstallation of the pairwise encryption key (PTK-TK) in the\n    4-way handshake. \n  CVE-2017-13082: Accepting a retransmitted Fast BSS Transition (FT)\n    Reassociation Request and reinstalling the pairwise encryption key (PTK-TK)\n    while processing it. \n  CVE-2017-13084: Reinstallation of the STK key in the PeerKey handshake. \n  CVE-2017-13086: reinstallation of the Tunneled Direct-Link Setup (TDLS)\n    PeerKey (TPK) key in the TDLS handshake. \n  For more information, see:\n    https://www.krackattacks.com/\n    https://w1.fi/security/2017-1/wpa-packet-number-reuse-with-replayed-messages.txt\n    https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-13077\n    https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-13078\n    https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-13079\n    https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-13080\n    https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-13081\n    https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-13082\n    https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-13084\n    https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-13086\n    https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-13087\n    https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-13088\n  (* Security fix *)\n+--------------------------+\n\n\nWhere to find the new packages:\n+-----------------------------+\n\nThanks to the friendly folks at the OSU Open Source Lab\n(http://osuosl.org) for donating FTP and rsync hosting\nto the Slackware project!  :-)\n\nAlso see the \"Get Slack\" section on http://slackware.com for\nadditional mirror sites near you. \n\nUpdated package for Slackware 14.0:\nftp://ftp.slackware.com/pub/slackware/slackware-14.0/patches/packages/wpa_supplicant-2.6-i486-1_slack14.0.txz\n\nUpdated package for Slackware x86_64 14.0:\nftp://ftp.slackware.com/pub/slackware/slackware64-14.0/patches/packages/wpa_supplicant-2.6-x86_64-1_slack14.0.txz\n\nUpdated package for Slackware 14.1:\nftp://ftp.slackware.com/pub/slackware/slackware-14.1/patches/packages/wpa_supplicant-2.6-i486-1_slack14.1.txz\n\nUpdated package for Slackware x86_64 14.1:\nftp://ftp.slackware.com/pub/slackware/slackware64-14.1/patches/packages/wpa_supplicant-2.6-x86_64-1_slack14.1.txz\n\nUpdated package for Slackware 14.2:\nftp://ftp.slackware.com/pub/slackware/slackware-14.2/patches/packages/wpa_supplicant-2.6-i586-1_slack14.2.txz\n\nUpdated package for Slackware x86_64 14.2:\nftp://ftp.slackware.com/pub/slackware/slackware64-14.2/patches/packages/wpa_supplicant-2.6-x86_64-1_slack14.2.txz\n\nUpdated package for Slackware -current:\nftp://ftp.slackware.com/pub/slackware/slackware-current/slackware/n/wpa_supplicant-2.6-i586-2.txz\n\nUpdated package for Slackware x86_64 -current:\nftp://ftp.slackware.com/pub/slackware/slackware64-current/slackware64/n/wpa_supplicant-2.6-x86_64-2.txz\n\n\nMD5 signatures:\n+-------------+\n\nSlackware 14.0 package:\nd8ecfaadb50b3547967ab53733ffc019  wpa_supplicant-2.6-i486-1_slack14.0.txz\n\nSlackware x86_64 14.0 package:\nf25216d28800504ce498705da7c9a825  wpa_supplicant-2.6-x86_64-1_slack14.0.txz\n\nSlackware 14.1 package:\n15c61050e4bab2581757befd86be74c0  wpa_supplicant-2.6-i486-1_slack14.1.txz\n\nSlackware x86_64 14.1 package:\n49fd537a520338744f7757615556d352  wpa_supplicant-2.6-x86_64-1_slack14.1.txz\n\nSlackware 14.2 package:\nc5539f40c8510af89be92945f0f80185  wpa_supplicant-2.6-i586-1_slack14.2.txz\n\nSlackware x86_64 14.2 package:\n4c527ff84fcdfd7839f217bbce2e4ae4  wpa_supplicant-2.6-x86_64-1_slack14.2.txz\n\nSlackware -current package:\n28bd88a54e96368f7a7020c1f5fb67fe  n/wpa_supplicant-2.6-i586-2.txz\n\nSlackware x86_64 -current package:\n464fc6b48d1ac077f47e9a3a8534c160  n/wpa_supplicant-2.6-x86_64-2.txz\n\n\nInstallation instructions:\n+------------------------+\n\nUpgrade the package as root:\n# upgradepkg wpa_supplicant-2.6-i586-1_slack14.2.txz\n\n\n+-----+\n\nSlackware Linux Security Team\nhttp://slackware.com/gpg-key\nsecurity@slackware.com\n\n+------------------------------------------------------------------------+\n| To leave the slackware-security mailing list:                          |\n+------------------------------------------------------------------------+\n| Send an email to majordomo@slackware.com with this text in the body of |\n| the email message:                                                     |\n|                                                                        |\n|   unsubscribe slackware-security                                       |\n|                                                                        |\n| You will get a confirmation message back containing instructions to    |\n| complete the process.  Please do not reply to this email address.      |\n+------------------------------------------------------------------------+\n-----BEGIN PGP SIGNATURE-----\n\niEYEARECAAYFAlnnrOgACgkQakRjwEAQIjPgvQCfRcXlhuFjrDNPbEUeZrYLxnkW\nb+4An0l5cZOdtohI7Fq0NbryWajCOnM2\n=5HQM\n-----END PGP SIGNATURE-----\n",
        "sources": [
          {
            "db": "NVD",
            "id": "CVE-2017-13084"
          },
          {
            "db": "CERT/CC",
            "id": "VU#228519"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2017-009176"
          },
          {
            "db": "CNVD",
            "id": "CNVD-2017-30400"
          },
          {
            "db": "BID",
            "id": "101274"
          },
          {
            "db": "IVD",
            "id": "37a5aa3e-4512-466b-9bc5-af5013c143e3"
          },
          {
            "db": "VULMON",
            "id": "CVE-2017-13084"
          },
          {
            "db": "PACKETSTORM",
            "id": "144663"
          }
        ],
        "trust": 3.51
      },
      "external_ids": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/external_ids#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "db": "CERT/CC",
            "id": "VU#228519",
            "trust": 4.2
          },
          {
            "db": "NVD",
            "id": "CVE-2017-13084",
            "trust": 3.7
          },
          {
            "db": "BID",
            "id": "101274",
            "trust": 2.6
          },
          {
            "db": "LENOVO",
            "id": "LEN-17420",
            "trust": 2.5
          },
          {
            "db": "SECTRACK",
            "id": "1039581",
            "trust": 1.7
          },
          {
            "db": "SECTRACK",
            "id": "1039576",
            "trust": 1.7
          },
          {
            "db": "SECTRACK",
            "id": "1039577",
            "trust": 1.7
          },
          {
            "db": "SIEMENS",
            "id": "SSA-901333",
            "trust": 1.7
          },
          {
            "db": "ICS CERT",
            "id": "ICSA-17-318-01",
            "trust": 1.1
          },
          {
            "db": "CNVD",
            "id": "CNVD-2017-30400",
            "trust": 0.8
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201710-386",
            "trust": 0.8
          },
          {
            "db": "JUNIPER",
            "id": "JSA10827",
            "trust": 0.8
          },
          {
            "db": "DLINK",
            "id": "SAP10075",
            "trust": 0.8
          },
          {
            "db": "JVN",
            "id": "JVNVU90609033",
            "trust": 0.8
          },
          {
            "db": "ICS CERT",
            "id": "ICSA-17-318-02A",
            "trust": 0.8
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2017-009176",
            "trust": 0.8
          },
          {
            "db": "ICS CERT",
            "id": "ICSA-17-299-02",
            "trust": 0.3
          },
          {
            "db": "ICS CERT",
            "id": "ICSMA-19-029-01",
            "trust": 0.3
          },
          {
            "db": "ICS CERT",
            "id": "ICSA-17-353-02",
            "trust": 0.3
          },
          {
            "db": "ICS CERT",
            "id": "ICSA-17-318-02",
            "trust": 0.3
          },
          {
            "db": "ICS CERT",
            "id": "ICSMA-18-114-01",
            "trust": 0.3
          },
          {
            "db": "ICS CERT",
            "id": "ICSA-17-325-01",
            "trust": 0.3
          },
          {
            "db": "IVD",
            "id": "37A5AA3E-4512-466B-9BC5-AF5013C143E3",
            "trust": 0.2
          },
          {
            "db": "VULMON",
            "id": "CVE-2017-13084",
            "trust": 0.1
          },
          {
            "db": "PACKETSTORM",
            "id": "144663",
            "trust": 0.1
          }
        ],
        "sources": [
          {
            "db": "IVD",
            "id": "37a5aa3e-4512-466b-9bc5-af5013c143e3"
          },
          {
            "db": "CERT/CC",
            "id": "VU#228519"
          },
          {
            "db": "CNVD",
            "id": "CNVD-2017-30400"
          },
          {
            "db": "VULMON",
            "id": "CVE-2017-13084"
          },
          {
            "db": "BID",
            "id": "101274"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2017-009176"
          },
          {
            "db": "PACKETSTORM",
            "id": "144663"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201710-386"
          },
          {
            "db": "NVD",
            "id": "CVE-2017-13084"
          }
        ]
      },
      "id": "VAR-201710-0213",
      "iot": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/iot#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": true,
        "sources": [
          {
            "db": "IVD",
            "id": "37a5aa3e-4512-466b-9bc5-af5013c143e3"
          },
          {
            "db": "CNVD",
            "id": "CNVD-2017-30400"
          }
        ],
        "trust": 1.400319345
      },
      "iot_taxonomy": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "category": [
              "ICS"
            ],
            "sub_category": null,
            "trust": 0.8
          }
        ],
        "sources": [
          {
            "db": "IVD",
            "id": "37a5aa3e-4512-466b-9bc5-af5013c143e3"
          },
          {
            "db": "CNVD",
            "id": "CNVD-2017-30400"
          }
        ]
      },
      "last_update_date": "2025-04-20T20:33:43.247000Z",
      "patch": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/patch#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "title": "ARUBA-PSA-2017-007",
            "trust": 0.8,
            "url": "http://www.arubanetworks.com/assets/alert/ARUBA-PSA-2017-007.txt"
          },
          {
            "title": "LEN-17420",
            "trust": 0.8,
            "url": "https://support.lenovo.com/jp/en/product_security/len-17420"
          },
          {
            "title": "NV17-024",
            "trust": 0.8,
            "url": "http://jpn.nec.com/security-info/secinfo/nv17-024.html"
          },
          {
            "title": "KRACKs - wpa_supplicant Multiple Vulnerabilities",
            "trust": 0.8,
            "url": "https://access.redhat.com/security/vulnerabilities/kracks"
          },
          {
            "title": "WPA packet number reuse with replayed messages and key reinstallation",
            "trust": 0.8,
            "url": "https://w1.fi/security/2017-1/wpa-packet-number-reuse-with-replayed-messages.txt"
          },
          {
            "title": "Wi-Fi\u306e\u8a8d\u8a3c\uff0f\u6697\u53f7\u5316\u6280\u8853WPA2\u304a\u3088\u3073WPA\u306e\u8907\u6570\u306e\u8106\u5f31\u6027\u306b\u3064\u3044\u3066",
            "trust": 0.8,
            "url": "http://www.fujitsu.com/jp/products/network/support/2017/srm-01/index.html"
          },
          {
            "title": "WPA2\u306e\u8106\u5f31\u6027\u306b\u95a2\u3059\u308b\u5f0a\u793e\u8abf\u67fb\u30fb\u5bfe\u5fdc\u72b6\u6cc1\u306b\u3064\u3044\u3066",
            "trust": 0.8,
            "url": "http://www.iodata.jp/support/information/2017/wpa2/"
          },
          {
            "title": "\u7121\u7ddaLAN \u8a8d\u8a3c\uff0f\u6697\u53f7\u5316\u6280\u8853WPA2\u304a\u3088\u3073WPA\u306b\u95a2\u3059\u308b\u8106\u5f31\u6027\u306e\u304a\u77e5\u3089\u305b",
            "trust": 0.8,
            "url": "http://www.fmworld.net/biz/common/info/20171110/"
          },
          {
            "title": "Patch for WPA2 Wireless Network STK Key Reload Vulnerability",
            "trust": 0.6,
            "url": "https://www.cnvd.org.cn/patchInfo/show/103824"
          },
          {
            "title": "Multiple WiFi product WPA2 Security vulnerabilities",
            "trust": 0.6,
            "url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=75500"
          },
          {
            "title": "The Register",
            "trust": 0.2,
            "url": "https://www.theregister.co.uk/2017/10/16/wpa2_inscure_krackattack/"
          },
          {
            "title": "Red Hat: CVE-2017-13084",
            "trust": 0.1,
            "url": "https://vulmon.com/vendoradvisory?qidtp=red_hat_cve_database\u0026qid=CVE-2017-13084"
          },
          {
            "title": "Arch Linux Issues: ",
            "trust": 0.1,
            "url": "https://vulmon.com/vendoradvisory?qidtp=arch_linux_issues\u0026qid=CVE-2017-13084"
          },
          {
            "title": "Siemens Security Advisories: Siemens Security Advisory",
            "trust": 0.1,
            "url": "https://vulmon.com/vendoradvisory?qidtp=siemens_security_advisories\u0026qid=6df91267eee9400a24a98876f50ffe84"
          },
          {
            "title": "Cisco: Multiple Vulnerabilities in Wi-Fi Protected Access and Wi-Fi Protected Access II",
            "trust": 0.1,
            "url": "https://vulmon.com/vendoradvisory?qidtp=cisco_security_advisories_and_alerts_ciscoproducts\u0026qid=cisco-sa-20171016-wpa"
          },
          {
            "title": "KRACK",
            "trust": 0.1,
            "url": "https://github.com/chinatso/KRACK "
          },
          {
            "title": "krackinfo",
            "trust": 0.1,
            "url": "https://github.com/kristate/krackinfo "
          },
          {
            "title": "",
            "trust": 0.1,
            "url": "https://github.com/merlinepedra/KRACK "
          },
          {
            "title": "nixos-issue-db-example",
            "trust": 0.1,
            "url": "https://github.com/andir/nixos-issue-db-example "
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2017-30400"
          },
          {
            "db": "VULMON",
            "id": "CVE-2017-13084"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2017-009176"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201710-386"
          }
        ]
      },
      "problemtype_data": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "problemtype": "CWE-323",
            "trust": 1.0
          },
          {
            "problemtype": "CWE-330",
            "trust": 1.0
          },
          {
            "problemtype": "CWE-254",
            "trust": 0.8
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2017-009176"
          },
          {
            "db": "NVD",
            "id": "CVE-2017-13084"
          }
        ]
      },
      "references": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/references#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "trust": 3.7,
            "url": "https://www.krackattacks.com/"
          },
          {
            "trust": 2.9,
            "url": "http://www.securityfocus.com/bid/101274"
          },
          {
            "trust": 2.8,
            "url": "http://www.arubanetworks.com/assets/alert/aruba-psa-2017-007.txt"
          },
          {
            "trust": 2.8,
            "url": "https://tools.cisco.com/security/center/content/ciscosecurityadvisory/cisco-sa-20171016-wpa"
          },
          {
            "trust": 2.5,
            "url": "https://access.redhat.com/security/vulnerabilities/kracks"
          },
          {
            "trust": 2.1,
            "url": "http://www.kb.cert.org/vuls/id/228519"
          },
          {
            "trust": 1.8,
            "url": "https://w1.fi/security/2017-1/wpa-packet-number-reuse-with-replayed-messages.txt"
          },
          {
            "trust": 1.7,
            "url": "http://www.securitytracker.com/id/1039581"
          },
          {
            "trust": 1.7,
            "url": "http://www.securitytracker.com/id/1039577"
          },
          {
            "trust": 1.7,
            "url": "http://www.securitytracker.com/id/1039576"
          },
          {
            "trust": 1.7,
            "url": "https://support.lenovo.com/us/en/product_security/len-17420"
          },
          {
            "trust": 1.7,
            "url": "https://security.gentoo.org/glsa/201711-03"
          },
          {
            "trust": 1.7,
            "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-901333.pdf"
          },
          {
            "trust": 1.6,
            "url": "https://source.android.com/security/bulletin/2017-11-01"
          },
          {
            "trust": 1.1,
            "url": "https://papers.mathyvanhoef.com/ccs2017.pdf"
          },
          {
            "trust": 1.1,
            "url": "https://w1.fi/security/2017-1/"
          },
          {
            "trust": 1.1,
            "url": "https://security-center.intel.com/advisory.aspx?intelid=intel-sa-00101\u0026languageid=en-fr"
          },
          {
            "trust": 1.1,
            "url": "https://portal.msrc.microsoft.com/en-us/security-guidance/advisory/cve-2017-13080"
          },
          {
            "trust": 1.1,
            "url": "https://ics-cert.us-cert.gov/advisories/icsa-17-318-01"
          },
          {
            "trust": 0.9,
            "url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2017-13084"
          },
          {
            "trust": 0.9,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2017-13084"
          },
          {
            "trust": 0.8,
            "url": "https://cwe.mitre.org/data/definitions/323.html"
          },
          {
            "trust": 0.8,
            "url": "https://actiontecsupport.zendesk.com/hc/en-us/articles/115005205283-krack-vulnerability"
          },
          {
            "trust": 0.8,
            "url": "https://www3.aerohive.com/support/security-bulletins/product-security-announcement-aerohives-response-to-krack-10162017.html"
          },
          {
            "trust": 0.8,
            "url": "https://www.al-enterprise.com/en/support/security-alert-krack"
          },
          {
            "trust": 0.8,
            "url": "https://support.apple.com/en-gb/ht208222"
          },
          {
            "trust": 0.8,
            "url": "https://security.archlinux.org/avg-447"
          },
          {
            "trust": 0.8,
            "url": "https://www.asus.com/static_webpage/asus-product-security-advisory/"
          },
          {
            "trust": 0.8,
            "url": "https://community.barracudanetworks.com/forum/index.php?/topic/23525-security-advisories/page-2"
          },
          {
            "trust": 0.8,
            "url": "https://lists.centos.org/pipermail/centos-announce/2017-october/022569.html"
          },
          {
            "trust": 0.8,
            "url": "https://community.cypress.com/docs/doc-13871"
          },
          {
            "trust": 0.8,
            "url": "http://supportannouncement.us.dlink.com/announcement/publication.aspx?name=sap10075"
          },
          {
            "trust": 0.8,
            "url": "https://www.debian.org/security/2017/dsa-3999"
          },
          {
            "trust": 0.8,
            "url": "http://www.dell.com/support/article/sln307822"
          },
          {
            "trust": 0.8,
            "url": "https://github.com/espressif/esp8266_nonos_sdk"
          },
          {
            "trust": 0.8,
            "url": "https://extremeportal.force.com/extrarticledetail?n=000018005"
          },
          {
            "trust": 0.8,
            "url": "https://bodhi.fedoraproject.org/updates/fedora-2017-60bfb576b7"
          },
          {
            "trust": 0.8,
            "url": "http://www.fortiguard.com/psirt/fg-ir-17-196"
          },
          {
            "trust": 0.8,
            "url": "https://www.freebsd.org/security/advisories/freebsd-sa-17:07.wpa.asc"
          },
          {
            "trust": 0.8,
            "url": "https://bugs.gentoo.org/634440"
          },
          {
            "trust": 0.8,
            "url": "https://support.hpe.com/hpsc/doc/public/display?sp4ts.oid=null\u0026doclocale=en_us\u0026docid=emr_na-a00029151en_us"
          },
          {
            "trust": 0.8,
            "url": "https://kb.juniper.net/jsa10827"
          },
          {
            "trust": 0.8,
            "url": "https://support.lenovo.com/ca/en/product_security/len-17420"
          },
          {
            "trust": 0.8,
            "url": "http://www.microchip.com/wwwproducts/en/atwinc1500"
          },
          {
            "trust": 0.8,
            "url": "http://mail-index.netbsd.org/source-changes/2017/10/16/msg088877.html"
          },
          {
            "trust": 0.8,
            "url": "https://kb.netgear.com/000049498/security-advisory-for-wpa-2-vulnerabilities-psv-2017-2826-psv-2017-2836-psv-2017-2837"
          },
          {
            "trust": 0.8,
            "url": "https://forum.peplink.com/t/security-advisory-wpa2-vulnerability-vu-228519/12715"
          },
          {
            "trust": 0.8,
            "url": "https://ruckus-www.s3.amazonaws.com/pdf/security/faq-security-advisory-id-101617-v1.0.pdf"
          },
          {
            "trust": 0.8,
            "url": "https://www.suse.com/de-de/support/kb/doc/?id=7022107"
          },
          {
            "trust": 0.8,
            "url": "https://source.sierrawireless.com/resources/airlink/software_reference_docs/technical-bulletin/sierra-wireless-technical-bulletin---wpa-and-wpa2-vulnerabilities/"
          },
          {
            "trust": 0.8,
            "url": "http://www.slackware.com/changelog/stable.php?cpu=x86_64"
          },
          {
            "trust": 0.8,
            "url": "https://community.sophos.com/kb/en-us/127658"
          },
          {
            "trust": 0.8,
            "url": "https://www.toshibacommerce.com/wps/myportal/%21ut/p/a1/rzrnc8igeiz_sw8egqhjcdmmwr8abw2dqcnfoyqotidrrk399uxrrwotuzgws7a87y6z88iuzmcq2u4uwcnlzypjnjj5-exr_wnhya-laxtrid-j3uchdtb8gylmuw6qzgktovtowsrrqlrs6-8dbeqhwc1mykqnlabgdjlf1yjvn7i5af4qtdwsn2tri7j"
          },
          {
            "trust": 0.8,
            "url": "http://www.toshiba-personalstorage.net/en/news/hdd/ot_notice/20171017.htm"
          },
          {
            "trust": 0.8,
            "url": "http://support.toshiba.com/support/staticcontentdetail?contentid=4015875\u0026isfromtoclink=false"
          },
          {
            "trust": 0.8,
            "url": "https://community.ubnt.com/t5/unifi-updates-blog/firmware-3-9-3-7537-for-uap-usw-has-been-released/ba-p/2099365"
          },
          {
            "trust": 0.8,
            "url": "https://usn.ubuntu.com/usn/usn-3455-1/"
          },
          {
            "trust": 0.8,
            "url": "http://en.miui.com/thread-954223-1-1.html"
          },
          {
            "trust": 0.8,
            "url": "https://www.zebra.com/content/dam/zebra_new_ia/en-us/support-and-downloads/lifeguard-security/krack-security-bulletin.pdf"
          },
          {
            "trust": 0.8,
            "url": "http://www.zyxel.com/support/announcement_wpa2_key_management.shtml"
          },
          {
            "trust": 0.8,
            "url": "https://supportcenter.checkpoint.com/supportcenter/portal?eventsubmit_dogoviewsolutiondetails=\u0026solutionid=sk120938"
          },
          {
            "trust": 0.8,
            "url": "https://community.rsa.com/docs/doc-84103"
          },
          {
            "trust": 0.8,
            "url": "https://support.f5.com/csp/article/k23642330"
          },
          {
            "trust": 0.8,
            "url": "https://forum.mikrotik.com/viewtopic.php?f=21\u0026t=126695"
          },
          {
            "trust": 0.8,
            "url": "https://community.linksys.com/t5/wireless-routers/krack-vulnerability/td-p/1218573"
          },
          {
            "trust": 0.8,
            "url": "https://ics-cert.us-cert.gov/advisories/icsa-17-318-02a"
          },
          {
            "trust": 0.8,
            "url": "https://www.ipa.go.jp/security/ciadr/vul/20171017_wpa2.html"
          },
          {
            "trust": 0.8,
            "url": "http://jvn.jp/vu/jvnvu90609033/index.html"
          },
          {
            "trust": 0.8,
            "url": "https://www.kb.cert.org/vuls/id/cheu-aqnmyp"
          },
          {
            "trust": 0.6,
            "url": "https://www.kb.cert.org/vuls/id/228519/"
          },
          {
            "trust": 0.4,
            "url": "https://access.redhat.com/security/cve/cve-2017-13084"
          },
          {
            "trust": 0.3,
            "url": "https://github.com/stevenhoneyman/wpa_gui/tree/master/wpa_supplicant-2.4"
          },
          {
            "trust": 0.3,
            "url": "http://www.wi-fi.org/index.php"
          },
          {
            "trust": 0.3,
            "url": "https://support.apple.com/en-ie/ht208847"
          },
          {
            "trust": 0.3,
            "url": "https://support.apple.com/en-in/ht208334"
          },
          {
            "trust": 0.3,
            "url": "https://support.apple.com/en-in/ht208327"
          },
          {
            "trust": 0.3,
            "url": "https://support.apple.com/en-in/ht208325"
          },
          {
            "trust": 0.3,
            "url": "https://ics-cert.us-cert.gov/advisories/icsa-17-353-02"
          },
          {
            "trust": 0.3,
            "url": "https://ics-cert.us-cert.gov/advisories/icsma-18-114-01"
          },
          {
            "trust": 0.3,
            "url": "https://lists.apple.com/archives/security-announce/2017/dec/msg00009.html"
          },
          {
            "trust": 0.3,
            "url": "https://lists.apple.com/archives/security-announce/2017/dec/msg00008.html"
          },
          {
            "trust": 0.3,
            "url": "https://lists.apple.com/archives/security-announce/2018/jul/msg00000.html"
          },
          {
            "trust": 0.3,
            "url": "https://access.redhat.com/security/cve/cve-2017-13077"
          },
          {
            "trust": 0.3,
            "url": "https://access.redhat.com/security/cve/cve-2017-13078"
          },
          {
            "trust": 0.3,
            "url": "https://access.redhat.com/security/cve/cve-2017-13079"
          },
          {
            "trust": 0.3,
            "url": "https://access.redhat.com/security/cve/cve-2017-13080"
          },
          {
            "trust": 0.3,
            "url": "https://access.redhat.com/security/cve/cve-2017-13081"
          },
          {
            "trust": 0.3,
            "url": "https://access.redhat.com/security/cve/cve-2017-13082"
          },
          {
            "trust": 0.3,
            "url": "https://access.redhat.com/security/cve/cve-2017-13086"
          },
          {
            "trust": 0.3,
            "url": "https://access.redhat.com/security/cve/cve-2017-13087"
          },
          {
            "trust": 0.3,
            "url": "https://access.redhat.com/security/cve/cve-2017-13088"
          },
          {
            "trust": 0.3,
            "url": "http://docs.fortinet.com/uploaded/files/3961/fortiap-v5.6.1-release-notes.pdf"
          },
          {
            "trust": 0.3,
            "url": "https://ics-cert.us-cert.gov/advisories/icsa-17-299-02"
          },
          {
            "trust": 0.3,
            "url": "https://ics-cert.us-cert.gov/advisories/icsa-17-318-02"
          },
          {
            "trust": 0.3,
            "url": "https://ics-cert.us-cert.gov/advisories/icsa-17-325-01"
          },
          {
            "trust": 0.3,
            "url": "https://ics-cert.us-cert.gov/advisories/icsma-19-029-01"
          },
          {
            "trust": 0.3,
            "url": "http://www.oracle.com/technetwork/security-advisory/cpuapr2018-3678067.html"
          },
          {
            "trust": 0.3,
            "url": "https://access.redhat.com/errata/rhsa-2017:2907"
          },
          {
            "trust": 0.3,
            "url": "https://access.redhat.com/errata/rhsa-2017:2911"
          },
          {
            "trust": 0.1,
            "url": "https://cwe.mitre.org/data/definitions/330.html"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov"
          },
          {
            "trust": 0.1,
            "url": "https://github.com/kristate/krackinfo"
          },
          {
            "trust": 0.1,
            "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2017-13078"
          },
          {
            "trust": 0.1,
            "url": "http://slackware.com"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2017-13078"
          },
          {
            "trust": 0.1,
            "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2017-13080"
          },
          {
            "trust": 0.1,
            "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2017-13082"
          },
          {
            "trust": 0.1,
            "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2017-13077"
          },
          {
            "trust": 0.1,
            "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2017-13087"
          },
          {
            "trust": 0.1,
            "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2017-13081"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2017-13081"
          },
          {
            "trust": 0.1,
            "url": "http://slackware.com/gpg-key"
          },
          {
            "trust": 0.1,
            "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2017-13086"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2017-13082"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2017-13087"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2017-13086"
          },
          {
            "trust": 0.1,
            "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2017-13088"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2017-13077"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2017-13079"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2017-13080"
          },
          {
            "trust": 0.1,
            "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2017-13079"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2017-13088"
          },
          {
            "trust": 0.1,
            "url": "http://osuosl.org)"
          }
        ],
        "sources": [
          {
            "db": "CERT/CC",
            "id": "VU#228519"
          },
          {
            "db": "CNVD",
            "id": "CNVD-2017-30400"
          },
          {
            "db": "VULMON",
            "id": "CVE-2017-13084"
          },
          {
            "db": "BID",
            "id": "101274"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2017-009176"
          },
          {
            "db": "PACKETSTORM",
            "id": "144663"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201710-386"
          },
          {
            "db": "NVD",
            "id": "CVE-2017-13084"
          }
        ]
      },
      "sources": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "db": "IVD",
            "id": "37a5aa3e-4512-466b-9bc5-af5013c143e3"
          },
          {
            "db": "CERT/CC",
            "id": "VU#228519"
          },
          {
            "db": "CNVD",
            "id": "CNVD-2017-30400"
          },
          {
            "db": "VULMON",
            "id": "CVE-2017-13084"
          },
          {
            "db": "BID",
            "id": "101274"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2017-009176"
          },
          {
            "db": "PACKETSTORM",
            "id": "144663"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201710-386"
          },
          {
            "db": "NVD",
            "id": "CVE-2017-13084"
          }
        ]
      },
      "sources_release_date": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "date": "2017-10-17T00:00:00",
            "db": "IVD",
            "id": "37a5aa3e-4512-466b-9bc5-af5013c143e3"
          },
          {
            "date": "2017-10-16T00:00:00",
            "db": "CERT/CC",
            "id": "VU#228519"
          },
          {
            "date": "2017-10-18T00:00:00",
            "db": "CNVD",
            "id": "CNVD-2017-30400"
          },
          {
            "date": "2017-10-17T00:00:00",
            "db": "VULMON",
            "id": "CVE-2017-13084"
          },
          {
            "date": "2017-10-16T00:00:00",
            "db": "BID",
            "id": "101274"
          },
          {
            "date": "2017-11-06T00:00:00",
            "db": "JVNDB",
            "id": "JVNDB-2017-009176"
          },
          {
            "date": "2017-10-18T20:44:00",
            "db": "PACKETSTORM",
            "id": "144663"
          },
          {
            "date": "2017-10-17T00:00:00",
            "db": "CNNVD",
            "id": "CNNVD-201710-386"
          },
          {
            "date": "2017-10-17T13:29:00.520000",
            "db": "NVD",
            "id": "CVE-2017-13084"
          }
        ]
      },
      "sources_update_date": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "date": "2017-11-16T00:00:00",
            "db": "CERT/CC",
            "id": "VU#228519"
          },
          {
            "date": "2017-10-17T00:00:00",
            "db": "CNVD",
            "id": "CNVD-2017-30400"
          },
          {
            "date": "2019-10-03T00:00:00",
            "db": "VULMON",
            "id": "CVE-2017-13084"
          },
          {
            "date": "2019-02-21T09:00:00",
            "db": "BID",
            "id": "101274"
          },
          {
            "date": "2018-02-01T00:00:00",
            "db": "JVNDB",
            "id": "JVNDB-2017-009176"
          },
          {
            "date": "2019-10-23T00:00:00",
            "db": "CNNVD",
            "id": "CNNVD-201710-386"
          },
          {
            "date": "2025-04-20T01:37:25.860000",
            "db": "NVD",
            "id": "CVE-2017-13084"
          }
        ]
      },
      "threat_type": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/threat_type#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "remote or local",
        "sources": [
          {
            "db": "CNNVD",
            "id": "CNNVD-201710-386"
          }
        ],
        "trust": 0.6
      },
      "title": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/title#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "Wi-Fi Protected Access (WPA) handshake traffic can be manipulated to induce nonce and session key reuse",
        "sources": [
          {
            "db": "CERT/CC",
            "id": "VU#228519"
          }
        ],
        "trust": 0.8
      },
      "type": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/type#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "security feature problem",
        "sources": [
          {
            "db": "CNNVD",
            "id": "CNNVD-201710-386"
          }
        ],
        "trust": 0.6
      }
    }

    VAR-201710-0449

    Vulnerability from variot - Updated: 2025-04-20 20:13

    Stack-based buffer overflow in dnsmasq before 2.78 allows remote attackers to cause a denial of service (crash) or execute arbitrary code via a crafted DHCPv6 request. Dnsmasq versions 2.77 and earlier contains multiple vulnerabilities. dnsmasq Contains a buffer error vulnerability.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1

    ===================================================================== Red Hat Security Advisory

    Synopsis: Critical: dnsmasq security update Advisory ID: RHSA-2017:2836-01 Product: Red Hat Enterprise Linux Advisory URL: https://access.redhat.com/errata/RHSA-2017:2836 Issue date: 2017-10-02 CVE Names: CVE-2017-14491 CVE-2017-14492 CVE-2017-14493 CVE-2017-14494 CVE-2017-14495 CVE-2017-14496 =====================================================================

    1. Summary:

    An update for dnsmasq is now available for Red Hat Enterprise Linux 7.

    Red Hat Product Security has rated this update as having a security impact of Critical. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.

    1. Relevant releases/architectures:

    Red Hat Enterprise Linux Client (v. 7) - x86_64 Red Hat Enterprise Linux Client Optional (v. 7) - x86_64 Red Hat Enterprise Linux ComputeNode (v. 7) - x86_64 Red Hat Enterprise Linux ComputeNode Optional (v. 7) - x86_64 Red Hat Enterprise Linux Server (v. 7) - aarch64, ppc64, ppc64le, s390x, x86_64 Red Hat Enterprise Linux Server Optional (v. 7) - aarch64, ppc64, ppc64le, s390x, x86_64 Red Hat Enterprise Linux Workstation (v. 7) - x86_64 Red Hat Enterprise Linux Workstation Optional (v. 7) - x86_64

    1. Description:

    The dnsmasq packages contain Dnsmasq, a lightweight DNS (Domain Name Server) forwarder and DHCP (Dynamic Host Configuration Protocol) server.

    Security Fix(es):

    • A heap buffer overflow was found in dnsmasq in the code responsible for building DNS replies. (CVE-2017-14491)

    • A heap buffer overflow was discovered in dnsmasq in the IPv6 router advertisement (RA) handling code. This issue only affected configurations using one of these options: enable-ra, ra-only, slaac, ra-names, ra-advrouter, or ra-stateless. (CVE-2017-14492)

    • A stack buffer overflow was found in dnsmasq in the DHCPv6 code. (CVE-2017-14493)

    • An information leak was found in dnsmasq in the DHCPv6 relay code. An attacker on the local network could send crafted DHCPv6 packets to dnsmasq causing it to forward the contents of process memory, potentially leaking sensitive data. (CVE-2017-14494)

    • A memory exhaustion flaw was found in dnsmasq in the EDNS0 code. An attacker could send crafted DNS packets which would trigger memory allocations which would never be freed, leading to unbounded memory consumption and eventually a crash. This issue only affected configurations using one of the options: add-mac, add-cpe-id, or add-subnet. (CVE-2017-14495)

    • An integer underflow flaw leading to a buffer over-read was found in dnsmasq in the EDNS0 code. An attacker could send crafted DNS packets to dnsmasq which would cause it to crash. This issue only affected configurations using one of the options: add-mac, add-cpe-id, or add-subnet. (CVE-2017-14496)

    Red Hat would like to thank Felix Wilhelm (Google Security Team), Fermin J. Serna (Google Security Team), Gabriel Campana (Google Security Team), Kevin Hamacher (Google Security Team), and Ron Bowes (Google Security Team) for reporting these issues.

    1. Solution:

    For details on how to apply this update, which includes the changes described in this advisory, refer to:

    https://access.redhat.com/articles/11258

    1. Bugs fixed (https://bugzilla.redhat.com/):

    1495409 - CVE-2017-14491 dnsmasq: heap overflow in the code responsible for building DNS replies 1495410 - CVE-2017-14492 dnsmasq: heap overflow in the IPv6 router advertisement code 1495411 - CVE-2017-14493 dnsmasq: stack buffer overflow in the DHCPv6 code 1495412 - CVE-2017-14494 dnsmasq: information leak in the DHCPv6 relay code 1495415 - CVE-2017-14495 dnsmasq: memory exhaustion vulnerability in the EDNS0 code 1495416 - CVE-2017-14496 dnsmasq: integer underflow leading to buffer over-read in the EDNS0 code

    1. Package List:

    Red Hat Enterprise Linux Client (v. 7):

    Source: dnsmasq-2.76-2.el7_4.2.src.rpm

    x86_64: dnsmasq-2.76-2.el7_4.2.x86_64.rpm dnsmasq-debuginfo-2.76-2.el7_4.2.x86_64.rpm

    Red Hat Enterprise Linux Client Optional (v. 7):

    x86_64: dnsmasq-debuginfo-2.76-2.el7_4.2.x86_64.rpm dnsmasq-utils-2.76-2.el7_4.2.x86_64.rpm

    Red Hat Enterprise Linux ComputeNode (v. 7):

    Source: dnsmasq-2.76-2.el7_4.2.src.rpm

    x86_64: dnsmasq-2.76-2.el7_4.2.x86_64.rpm dnsmasq-debuginfo-2.76-2.el7_4.2.x86_64.rpm

    Red Hat Enterprise Linux ComputeNode Optional (v. 7):

    x86_64: dnsmasq-debuginfo-2.76-2.el7_4.2.x86_64.rpm dnsmasq-utils-2.76-2.el7_4.2.x86_64.rpm

    Red Hat Enterprise Linux Server (v. 7):

    Source: dnsmasq-2.76-2.el7_4.2.src.rpm

    aarch64: dnsmasq-2.76-2.el7_4.2.aarch64.rpm dnsmasq-debuginfo-2.76-2.el7_4.2.aarch64.rpm

    ppc64: dnsmasq-2.76-2.el7_4.2.ppc64.rpm dnsmasq-debuginfo-2.76-2.el7_4.2.ppc64.rpm

    ppc64le: dnsmasq-2.76-2.el7_4.2.ppc64le.rpm dnsmasq-debuginfo-2.76-2.el7_4.2.ppc64le.rpm

    s390x: dnsmasq-2.76-2.el7_4.2.s390x.rpm dnsmasq-debuginfo-2.76-2.el7_4.2.s390x.rpm

    x86_64: dnsmasq-2.76-2.el7_4.2.x86_64.rpm dnsmasq-debuginfo-2.76-2.el7_4.2.x86_64.rpm

    Red Hat Enterprise Linux Server Optional (v. 7):

    aarch64: dnsmasq-debuginfo-2.76-2.el7_4.2.aarch64.rpm dnsmasq-utils-2.76-2.el7_4.2.aarch64.rpm

    ppc64: dnsmasq-debuginfo-2.76-2.el7_4.2.ppc64.rpm dnsmasq-utils-2.76-2.el7_4.2.ppc64.rpm

    ppc64le: dnsmasq-debuginfo-2.76-2.el7_4.2.ppc64le.rpm dnsmasq-utils-2.76-2.el7_4.2.ppc64le.rpm

    s390x: dnsmasq-debuginfo-2.76-2.el7_4.2.s390x.rpm dnsmasq-utils-2.76-2.el7_4.2.s390x.rpm

    x86_64: dnsmasq-debuginfo-2.76-2.el7_4.2.x86_64.rpm dnsmasq-utils-2.76-2.el7_4.2.x86_64.rpm

    Red Hat Enterprise Linux Workstation (v. 7):

    Source: dnsmasq-2.76-2.el7_4.2.src.rpm

    x86_64: dnsmasq-2.76-2.el7_4.2.x86_64.rpm dnsmasq-debuginfo-2.76-2.el7_4.2.x86_64.rpm

    Red Hat Enterprise Linux Workstation Optional (v. 7):

    x86_64: dnsmasq-debuginfo-2.76-2.el7_4.2.x86_64.rpm dnsmasq-utils-2.76-2.el7_4.2.x86_64.rpm

    These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key/

    1. References:

    https://access.redhat.com/security/cve/CVE-2017-14491 https://access.redhat.com/security/cve/CVE-2017-14492 https://access.redhat.com/security/cve/CVE-2017-14493 https://access.redhat.com/security/cve/CVE-2017-14494 https://access.redhat.com/security/cve/CVE-2017-14495 https://access.redhat.com/security/cve/CVE-2017-14496 https://access.redhat.com/security/updates/classification/#critical https://access.redhat.com/security/vulnerabilities/3199382

    1. Contact:

    The Red Hat security contact is secalert@redhat.com. More contact details at https://access.redhat.com/security/team/contact/

    Copyright 2017 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1

    iD8DBQFZ0opYXlSAg2UNWIIRAr0dAJ9rIL1FgNTJUf2I9jjKFFlfkCd/kwCfV+bX SfoCV7+qG2nwqlHKLZOlhIU= =iWfU -----END PGP SIGNATURE-----

    -- RHSA-announce mailing list RHSA-announce@redhat.com https://www.redhat.com/mailman/listinfo/rhsa-announce . =========================================================================== Ubuntu Security Notice USN-3430-3 January 04, 2018

    dnsmasq regression

    A security issue affects these releases of Ubuntu and its derivatives:

    • Ubuntu 12.04 ESM

    Summary:

    USN-3430-2 introduced regression in Dnsmasq.

    Software Description: - dnsmasq: Small caching DNS proxy and DHCP/TFTP server

    Details:

    USN-3430-2 fixed several vulnerabilities. The update introduced a new regression that breaks DNS resolution. This update addresses the problem.

    We apologize for the inconvenience.

    Original advisory details:

    Felix Wilhelm, Fermin J. Serna, Gabriel Campana and Kevin Hamacher discovered that Dnsmasq incorrectly handled DNS requests. (CVE-2017-14491)

    Felix Wilhelm, Fermin J. (CVE-2017-14492)

    Felix Wilhelm, Fermin J. Serna, Gabriel Campana and Kevin Hamacher discovered that Dnsmasq incorrectly handled DHCPv6 requests. (CVE-2017-14493)

    Felix Wilhelm, Fermin J. Serna, Gabriel Campana and Kevin Hamacher discovered that Dnsmasq incorrectly handled DHCPv6 packets. (CVE-2017-14494)

    Felix Wilhelm, Fermin J. Serna, Gabriel Campana and Kevin Hamacher discovered that Dnsmasq incorrectly handled DNS requests. (CVE-2017-14495)

    Felix Wilhelm, Fermin J. Serna, Gabriel Campana and Kevin Hamacher discovered that Dnsmasq incorrectly handled DNS requests. (CVE-2017-14496)

    Update instructions:

    The problem can be corrected by updating your system to the following package versions:

    Ubuntu 12.04 ESM: dnsmasq=C2=A02.59-4ubuntu0.4 dnsmasq-base2.59-4ubuntu0.4 dnsmasq-utils2.59-4ubuntu0.4

    After a standard system update you need to reboot your computer to make all the necessary changes. 7.3) - ppc64, ppc64le, s390x, x86_64


    1. Gentoo Linux Security Advisory GLSA 201710-27

                                           https://security.gentoo.org/
    

    Severity: Normal Title: Dnsmasq: Multiple vulnerabilities Date: October 23, 2017 Bugs: #632692 ID: 201710-27


    Synopsis

    Multiple vulnerabilities have been found in Dnsmasq, the worst of which may allow remote attackers to execute arbitrary code.

    Affected packages

    -------------------------------------------------------------------
     Package              /     Vulnerable     /            Unaffected
    -------------------------------------------------------------------
    

    1 net-dns/dnsmasq < 2.78 >= 2.78

    Description

    Multiple vulnerabilities have been discovered in Dnsmasq.

    Workaround

    There is no known workaround at this time.

    Resolution

    All Dnsmasq users should upgrade to the latest version:

    # emerge --sync # emerge --ask --oneshot --verbose ">=net-dns/dnsmasq-2.78"

    References

    [ 1 ] CVE-2017-14491 https://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-14491 [ 2 ] CVE-2017-14492 https://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-14492 [ 3 ] CVE-2017-14493 https://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-14493 [ 4 ] CVE-2017-14494 https://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-14494 [ 5 ] CVE-2017-14495 https://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-14495 [ 6 ] CVE-2017-14496 https://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-14496

    Availability

    This GLSA and any updates to it are available for viewing at the Gentoo Security Website:

    https://security.gentoo.org/glsa/201710-27

    Concerns?

    Security is a primary focus of Gentoo Linux and ensuring the confidentiality and security of our users' machines is of utmost importance to us. Any security concerns should be addressed to security@gentoo.org or alternatively, you may file a bug at https://bugs.gentoo.org.

    License

    Copyright 2017 Gentoo Foundation, Inc; referenced text belongs to its owner(s).

    The contents of this document are licensed under the Creative Commons - Attribution / Share Alike license.

    http://creativecommons.org/licenses/by-sa/2.5

    Show details on source website

    {
      "@context": {
        "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
        "affected_products": {
          "@id": "https://www.variotdbs.pl/ref/affected_products"
        },
        "configurations": {
          "@id": "https://www.variotdbs.pl/ref/configurations"
        },
        "credits": {
          "@id": "https://www.variotdbs.pl/ref/credits"
        },
        "cvss": {
          "@id": "https://www.variotdbs.pl/ref/cvss/"
        },
        "description": {
          "@id": "https://www.variotdbs.pl/ref/description/"
        },
        "exploit_availability": {
          "@id": "https://www.variotdbs.pl/ref/exploit_availability/"
        },
        "external_ids": {
          "@id": "https://www.variotdbs.pl/ref/external_ids/"
        },
        "iot": {
          "@id": "https://www.variotdbs.pl/ref/iot/"
        },
        "iot_taxonomy": {
          "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
        },
        "patch": {
          "@id": "https://www.variotdbs.pl/ref/patch/"
        },
        "problemtype_data": {
          "@id": "https://www.variotdbs.pl/ref/problemtype_data/"
        },
        "references": {
          "@id": "https://www.variotdbs.pl/ref/references/"
        },
        "sources": {
          "@id": "https://www.variotdbs.pl/ref/sources/"
        },
        "sources_release_date": {
          "@id": "https://www.variotdbs.pl/ref/sources_release_date/"
        },
        "sources_update_date": {
          "@id": "https://www.variotdbs.pl/ref/sources_update_date/"
        },
        "threat_type": {
          "@id": "https://www.variotdbs.pl/ref/threat_type/"
        },
        "title": {
          "@id": "https://www.variotdbs.pl/ref/title/"
        },
        "type": {
          "@id": "https://www.variotdbs.pl/ref/type/"
        }
      },
      "@id": "https://www.variotdbs.pl/vuln/VAR-201710-0449",
      "affected_products": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/affected_products#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            },
            "@id": "https://www.variotdbs.pl/ref/sources"
          }
        },
        "data": [
          {
            "model": "leap",
            "scope": "eq",
            "trust": 1.3,
            "vendor": "opensuse",
            "version": "42.3"
          },
          {
            "model": "leap",
            "scope": "eq",
            "trust": 1.3,
            "vendor": "opensuse",
            "version": "42.2"
          },
          {
            "model": "enterprise linux server",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "redhat",
            "version": "7.0"
          },
          {
            "model": "enterprise linux workstation",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "redhat",
            "version": "7.0"
          },
          {
            "model": "ubuntu linux",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "canonical",
            "version": "16.04"
          },
          {
            "model": "linux",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "debian",
            "version": "9.0"
          },
          {
            "model": "enterprise linux desktop",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "redhat",
            "version": "7.0"
          },
          {
            "model": "linux",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "debian",
            "version": "7.0"
          },
          {
            "model": "dnsmasq",
            "scope": "lte",
            "trust": 1.0,
            "vendor": "thekelleys",
            "version": "2.77"
          },
          {
            "model": "linux",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "debian",
            "version": "7.1"
          },
          {
            "model": "ubuntu linux",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "canonical",
            "version": "17.04"
          },
          {
            "model": "ubuntu linux",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "canonical",
            "version": "14.04"
          },
          {
            "model": "dnsmasq",
            "scope": "eq",
            "trust": 0.9,
            "vendor": "thekelleys",
            "version": "2.77"
          },
          {
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "ruckus",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "technicolor",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "zyxel",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "dnsmasq",
            "version": null
          },
          {
            "model": "ubuntu",
            "scope": null,
            "trust": 0.8,
            "vendor": "canonical",
            "version": null
          },
          {
            "model": "gnu/linux",
            "scope": null,
            "trust": 0.8,
            "vendor": "debian",
            "version": null
          },
          {
            "model": "leap",
            "scope": null,
            "trust": 0.8,
            "vendor": "opensuse",
            "version": null
          },
          {
            "model": "dnsmasq",
            "scope": "lt",
            "trust": 0.8,
            "vendor": "thekelleys",
            "version": "2.78"
          },
          {
            "model": "enterprise linux desktop",
            "scope": null,
            "trust": 0.8,
            "vendor": "red hat",
            "version": null
          },
          {
            "model": "enterprise linux server",
            "scope": null,
            "trust": 0.8,
            "vendor": "red hat",
            "version": null
          },
          {
            "model": "enterprise linux workstation",
            "scope": null,
            "trust": 0.8,
            "vendor": "red hat",
            "version": null
          },
          {
            "model": "enterprise linux server year extended update support",
            "scope": "eq",
            "trust": 0.6,
            "vendor": "redhat",
            "version": "-47.4"
          },
          {
            "model": "linux",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ubuntu",
            "version": "17.04"
          },
          {
            "model": "linux lts",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ubuntu",
            "version": "16.04"
          },
          {
            "model": "linux lts",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ubuntu",
            "version": "14.04"
          },
          {
            "model": "dnsmasq",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "thekelleys",
            "version": "1.2.2"
          },
          {
            "model": "dnsmasq",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "thekelleys",
            "version": "2.75"
          },
          {
            "model": "dnsmasq",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "thekelleys",
            "version": "2.72"
          },
          {
            "model": "dnsmasq",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "thekelleys",
            "version": "2.71"
          },
          {
            "model": "dnsmasq",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "thekelleys",
            "version": "2.70"
          },
          {
            "model": "dnsmasq",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "thekelleys",
            "version": "2.7"
          },
          {
            "model": "dnsmasq",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "thekelleys",
            "version": "2.65"
          },
          {
            "model": "dnsmasq",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "thekelleys",
            "version": "2.64"
          },
          {
            "model": "dnsmasq",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "thekelleys",
            "version": "2.63"
          },
          {
            "model": "dnsmasq",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "thekelleys",
            "version": "2.62"
          },
          {
            "model": "dnsmasq",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "thekelleys",
            "version": "2.61"
          },
          {
            "model": "dnsmasq",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "thekelleys",
            "version": "2.60"
          },
          {
            "model": "dnsmasq",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "thekelleys",
            "version": "2.6"
          },
          {
            "model": "dnsmasq",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "thekelleys",
            "version": "2.59"
          },
          {
            "model": "dnsmasq",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "thekelleys",
            "version": "2.58"
          },
          {
            "model": "dnsmasq",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "thekelleys",
            "version": "2.57"
          },
          {
            "model": "dnsmasq",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "thekelleys",
            "version": "2.56"
          },
          {
            "model": "dnsmasq",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "thekelleys",
            "version": "2.55"
          },
          {
            "model": "dnsmasq",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "thekelleys",
            "version": "2.54"
          },
          {
            "model": "dnsmasq",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "thekelleys",
            "version": "2.53"
          },
          {
            "model": "dnsmasq",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "thekelleys",
            "version": "2.52"
          },
          {
            "model": "dnsmasq",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "thekelleys",
            "version": "2.51"
          },
          {
            "model": "dnsmasq",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "thekelleys",
            "version": "2.50"
          },
          {
            "model": "dnsmasq",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "thekelleys",
            "version": "2.49"
          },
          {
            "model": "dnsmasq",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "thekelleys",
            "version": "2.48"
          },
          {
            "model": "dnsmasq",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "thekelleys",
            "version": "2.47"
          },
          {
            "model": "dnsmasq",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "thekelleys",
            "version": "2.46"
          },
          {
            "model": "dnsmasq",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "thekelleys",
            "version": "2.45"
          },
          {
            "model": "dnsmasq",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "thekelleys",
            "version": "2.44"
          },
          {
            "model": "dnsmasq",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "thekelleys",
            "version": "2.43"
          },
          {
            "model": "dnsmasq",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "thekelleys",
            "version": "2.42"
          },
          {
            "model": "dnsmasq",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "thekelleys",
            "version": "2.41"
          },
          {
            "model": "dnsmasq",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "thekelleys",
            "version": "2.40"
          },
          {
            "model": "dnsmasq",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "thekelleys",
            "version": "2.4"
          },
          {
            "model": "dnsmasq",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "thekelleys",
            "version": "2.38"
          },
          {
            "model": "dnsmasq",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "thekelleys",
            "version": "2.37"
          },
          {
            "model": "dnsmasq",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "thekelleys",
            "version": "2.36"
          },
          {
            "model": "dnsmasq",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "thekelleys",
            "version": "2.35"
          },
          {
            "model": "dnsmasq",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "thekelleys",
            "version": "2.34"
          },
          {
            "model": "dnsmasq",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "thekelleys",
            "version": "2.33"
          },
          {
            "model": "dnsmasq",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "thekelleys",
            "version": "2.30"
          },
          {
            "model": "dnsmasq",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "thekelleys",
            "version": "2.29"
          },
          {
            "model": "dnsmasq",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "thekelleys",
            "version": "2.28"
          },
          {
            "model": "dnsmasq",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "thekelleys",
            "version": "2.27"
          },
          {
            "model": "dnsmasq",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "thekelleys",
            "version": "2.26"
          },
          {
            "model": "dnsmasq",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "thekelleys",
            "version": "2.25"
          },
          {
            "model": "dnsmasq",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "thekelleys",
            "version": "2.24"
          },
          {
            "model": "dnsmasq",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "thekelleys",
            "version": "2.23"
          },
          {
            "model": "dnsmasq",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "thekelleys",
            "version": "2.22"
          },
          {
            "model": "dnsmasq",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "thekelleys",
            "version": "2.21"
          },
          {
            "model": "dnsmasq",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "thekelleys",
            "version": "2.20"
          },
          {
            "model": "dnsmasq",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "thekelleys",
            "version": "2.2"
          },
          {
            "model": "dnsmasq",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "thekelleys",
            "version": "2.19"
          },
          {
            "model": "dnsmasq",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "thekelleys",
            "version": "2.18"
          },
          {
            "model": "dnsmasq",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "thekelleys",
            "version": "2.17"
          },
          {
            "model": "dnsmasq",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "thekelleys",
            "version": "2.16"
          },
          {
            "model": "dnsmasq",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "thekelleys",
            "version": "2.15"
          },
          {
            "model": "dnsmasq",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "thekelleys",
            "version": "2.14"
          },
          {
            "model": "dnsmasq",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "thekelleys",
            "version": "2.13"
          },
          {
            "model": "dnsmasq",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "thekelleys",
            "version": "2.12"
          },
          {
            "model": "dnsmasq",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "thekelleys",
            "version": "2.11"
          },
          {
            "model": "dnsmasq",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "thekelleys",
            "version": "2.10"
          },
          {
            "model": "dnsmasq",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "thekelleys",
            "version": "1.9"
          },
          {
            "model": "dnsmasq",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "thekelleys",
            "version": "1.8"
          },
          {
            "model": "dnsmasq",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "thekelleys",
            "version": "1.6"
          },
          {
            "model": "dnsmasq",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "thekelleys",
            "version": "1.5"
          },
          {
            "model": "dnsmasq",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "thekelleys",
            "version": "1.4"
          },
          {
            "model": "dnsmasq",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "thekelleys",
            "version": "1.3"
          },
          {
            "model": "dnsmasq",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "thekelleys",
            "version": "1.18"
          },
          {
            "model": "dnsmasq",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "thekelleys",
            "version": "1.17"
          },
          {
            "model": "dnsmasq",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "thekelleys",
            "version": "1.16"
          },
          {
            "model": "dnsmasq",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "thekelleys",
            "version": "1.15"
          },
          {
            "model": "dnsmasq",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "thekelleys",
            "version": "1.14"
          },
          {
            "model": "dnsmasq",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "thekelleys",
            "version": "1.13"
          },
          {
            "model": "dnsmasq",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "thekelleys",
            "version": "1.12"
          },
          {
            "model": "dnsmasq",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "thekelleys",
            "version": "1.11"
          },
          {
            "model": "dnsmasq",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "thekelleys",
            "version": "1.10"
          },
          {
            "model": "dnsmasq",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "thekelleys",
            "version": "1.0"
          },
          {
            "model": "dnsmasq",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "thekelleys",
            "version": "0.996"
          },
          {
            "model": "dnsmasq",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "thekelleys",
            "version": "0.992"
          },
          {
            "model": "dnsmasq",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "thekelleys",
            "version": "0.98"
          },
          {
            "model": "dnsmasq",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "thekelleys",
            "version": "0.96"
          },
          {
            "model": "dnsmasq",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "thekelleys",
            "version": "0.95"
          },
          {
            "model": "dnsmasq",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "thekelleys",
            "version": "0.7"
          },
          {
            "model": "dnsmasq",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "thekelleys",
            "version": "0.6"
          },
          {
            "model": "dnsmasq",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "thekelleys",
            "version": "0.5"
          },
          {
            "model": "dnsmasq",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "thekelleys",
            "version": "0.4"
          },
          {
            "model": "linux",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "slackware",
            "version": "14.2"
          },
          {
            "model": "linux",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "slackware",
            "version": "14.1"
          },
          {
            "model": "linux",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "slackware",
            "version": "14.0"
          },
          {
            "model": "linux",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "slackware",
            "version": "13.37"
          },
          {
            "model": "linux",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "slackware",
            "version": "13.1"
          },
          {
            "model": "linux",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "slackware",
            "version": "13.0"
          },
          {
            "model": "enterprise linux workstation optional",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "redhat",
            "version": "7"
          },
          {
            "model": "enterprise linux workstation optional",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "redhat",
            "version": "6"
          },
          {
            "model": "enterprise linux workstation",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "redhat",
            "version": "7"
          },
          {
            "model": "enterprise linux workstation",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "redhat",
            "version": "6"
          },
          {
            "model": "enterprise linux server tus",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "redhat",
            "version": "6.6"
          },
          {
            "model": "enterprise linux server tus",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "redhat",
            "version": "6.5"
          },
          {
            "model": "enterprise linux server optional eus",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "redhat",
            "version": "7.3"
          },
          {
            "model": "enterprise linux server optional eus",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "redhat",
            "version": "7.2"
          },
          {
            "model": "enterprise linux server optional eus",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "redhat",
            "version": "6.5"
          },
          {
            "model": "enterprise linux server optional aus",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "redhat",
            "version": "6.6"
          },
          {
            "model": "enterprise linux server optional aus",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "redhat",
            "version": "6.5"
          },
          {
            "model": "enterprise linux server optional aus",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "redhat",
            "version": "6.4"
          },
          {
            "model": "enterprise linux server optional",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "redhat",
            "version": "7"
          },
          {
            "model": "enterprise linux server optional",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "redhat",
            "version": "6"
          },
          {
            "model": "enterprise linux server for arm",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "redhat",
            "version": "7"
          },
          {
            "model": "enterprise linux server eus",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "redhat",
            "version": "7.3"
          },
          {
            "model": "enterprise linux server eus",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "redhat",
            "version": "7.2"
          },
          {
            "model": "enterprise linux server aus",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "redhat",
            "version": "6.6"
          },
          {
            "model": "enterprise linux server aus",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "redhat",
            "version": "6.5"
          },
          {
            "model": "enterprise linux server aus",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "redhat",
            "version": "6.4"
          },
          {
            "model": "enterprise linux server aus",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "redhat",
            "version": "6.2"
          },
          {
            "model": "enterprise linux server tus",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "redhat",
            "version": "-7.4"
          },
          {
            "model": "enterprise linux server tus",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "redhat",
            "version": "-7.3"
          },
          {
            "model": "enterprise linux server tus",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "redhat",
            "version": "-7.2"
          },
          {
            "model": "enterprise linux server extended update support",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "redhat",
            "version": "-7.4"
          },
          {
            "model": "enterprise linux server extended update support",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "redhat",
            "version": "-7.2"
          },
          {
            "model": "enterprise linux server extended update suppor",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "redhat",
            "version": "-7.3"
          },
          {
            "model": "enterprise linux server aus",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "redhat",
            "version": "-7.4"
          },
          {
            "model": "enterprise linux server aus",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "redhat",
            "version": "-7.3"
          },
          {
            "model": "enterprise linux server aus",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "redhat",
            "version": "-7.2"
          },
          {
            "model": "enterprise linux server year extended update support",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "redhat",
            "version": "-47.2"
          },
          {
            "model": "enterprise linux server year extended upd",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "redhat",
            "version": "-47.3"
          },
          {
            "model": "enterprise linux server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "redhat",
            "version": "7"
          },
          {
            "model": "enterprise linux server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "redhat",
            "version": "6"
          },
          {
            "model": "enterprise linux server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "redhat",
            "version": "5"
          },
          {
            "model": "enterprise linux long life server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "redhat",
            "version": "5.9"
          },
          {
            "model": "enterprise linux hpc node optional",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "redhat",
            "version": "6"
          },
          {
            "model": "enterprise linux hpc node",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "redhat",
            "version": "6"
          },
          {
            "model": "enterprise linux for scientific computing",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "redhat",
            "version": "7"
          },
          {
            "model": "enterprise linux for power little endian extended update supp",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "redhat",
            "version": "-7.4"
          },
          {
            "model": "enterprise linux for power little endian",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "redhat",
            "version": "7"
          },
          {
            "model": "enterprise linux for power big endian extended update support",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "redhat",
            "version": "-7.4"
          },
          {
            "model": "enterprise linux for power big endian",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "redhat",
            "version": "7"
          },
          {
            "model": "enterprise linux for power little endian extended update suppo",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "redhat",
            "version": "-7.3"
          },
          {
            "model": "enterprise linux for power little endian extended update suppo",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "redhat",
            "version": "-7.2"
          },
          {
            "model": "enterprise linux for power big endian extended update support",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "redhat",
            "version": "-7.3"
          },
          {
            "model": "enterprise linux for power big endian extended update support",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "redhat",
            "version": "-7.2"
          },
          {
            "model": "enterprise linux for ibm z systems extended update support",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "redhat",
            "version": "-7.4"
          },
          {
            "model": "enterprise linux for ibm z systems extended update support",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "redhat",
            "version": "-7.3"
          },
          {
            "model": "enterprise linux for ibm z systems extended update support",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "redhat",
            "version": "-7.2"
          },
          {
            "model": "enterprise linux for ibm z systems",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "redhat",
            "version": "7"
          },
          {
            "model": "enterprise linux eus compute node",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "redhat",
            "version": "7.4"
          },
          {
            "model": "enterprise linux eus compute node",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "redhat",
            "version": "7.3"
          },
          {
            "model": "enterprise linux eus compute node",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "redhat",
            "version": "7.2"
          },
          {
            "model": "enterprise linux desktop optional",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "redhat",
            "version": "6"
          },
          {
            "model": "enterprise linux desktop",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "redhat",
            "version": "7"
          },
          {
            "model": "enterprise linux desktop",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "redhat",
            "version": "6"
          },
          {
            "model": "enterprise linux computenode optional eus",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "redhat",
            "version": "7.3"
          },
          {
            "model": "enterprise linux computenode optional eus",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "redhat",
            "version": "7.2"
          },
          {
            "model": "enterprise linux computenode optional",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "redhat",
            "version": "7"
          },
          {
            "model": "enterprise linux computenode eus",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "redhat",
            "version": "7.3"
          },
          {
            "model": "enterprise linux computenode eus",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "redhat",
            "version": "7.2"
          },
          {
            "model": "enterprise linux computenode",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "redhat",
            "version": "7"
          },
          {
            "model": "linux",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "oracle",
            "version": "7"
          },
          {
            "model": "linux",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "oracle",
            "version": "6"
          },
          {
            "model": "kubernetes",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "kubernetes",
            "version": "1.7.6"
          },
          {
            "model": "kubernetes",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "kubernetes",
            "version": "1.7"
          },
          {
            "model": "kubernetes",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "kubernetes",
            "version": "1.6.10"
          },
          {
            "model": "kubernetes",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "kubernetes",
            "version": "1.6"
          },
          {
            "model": "kubernetes",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "kubernetes",
            "version": "1.5.7"
          },
          {
            "model": "kubernetes",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "kubernetes",
            "version": "1.5"
          },
          {
            "model": "kubernetes",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "kubernetes",
            "version": "1.2"
          },
          {
            "model": "android",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "7.1.1"
          },
          {
            "model": "android",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "6.0.1"
          },
          {
            "model": "android",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "5.1.1"
          },
          {
            "model": "android",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "5.0.2"
          },
          {
            "model": "android",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "4.4.4"
          },
          {
            "model": "android",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "8.0"
          },
          {
            "model": "android",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "7.1.2"
          },
          {
            "model": "android",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "7.0"
          },
          {
            "model": "android",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "6.0"
          },
          {
            "model": "fedora",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "fedoraproject",
            "version": "27"
          },
          {
            "model": "linux sparc",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "debian",
            "version": "6.0"
          },
          {
            "model": "linux s/390",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "debian",
            "version": "6.0"
          },
          {
            "model": "linux powerpc",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "debian",
            "version": "6.0"
          },
          {
            "model": "linux mips",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "debian",
            "version": "6.0"
          },
          {
            "model": "linux ia-64",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "debian",
            "version": "6.0"
          },
          {
            "model": "linux ia-32",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "debian",
            "version": "6.0"
          },
          {
            "model": "linux ia-30",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "debian",
            "version": "6.0"
          },
          {
            "model": "linux arm",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "debian",
            "version": "6.0"
          },
          {
            "model": "linux amd64",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "debian",
            "version": "6.0"
          },
          {
            "model": "centos",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "centos",
            "version": "7"
          },
          {
            "model": "centos",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "centos",
            "version": "6"
          },
          {
            "model": "dnsmasq",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "thekelleys",
            "version": "2.78"
          },
          {
            "model": "kubernetes",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "kubernetes",
            "version": "1.8"
          },
          {
            "model": "kubernetes",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "kubernetes",
            "version": "1.7.7"
          },
          {
            "model": "kubernetes",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "kubernetes",
            "version": "1.6.11"
          },
          {
            "model": "kubernetes",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "kubernetes",
            "version": "1.5.8"
          }
        ],
        "sources": [
          {
            "db": "CERT/CC",
            "id": "VU#973527"
          },
          {
            "db": "BID",
            "id": "101085"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2017-008620"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201709-745"
          },
          {
            "db": "NVD",
            "id": "CVE-2017-14493"
          }
        ]
      },
      "configurations": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/configurations#",
          "children": {
            "@container": "@list"
          },
          "cpe_match": {
            "@container": "@list"
          },
          "data": {
            "@container": "@list"
          },
          "nodes": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "CVE_data_version": "4.0",
            "nodes": [
              {
                "cpe_match": [
                  {
                    "cpe22Uri": "cpe:/o:canonical:ubuntu",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:debian:debian_linux",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:opensuse_project:leap",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/a:thekelleys:dnsmasq",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:redhat:enterprise_linux_desktop",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:redhat:enterprise_linux_server",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:redhat:enterprise_linux_workstation",
                    "vulnerable": true
                  }
                ],
                "operator": "OR"
              }
            ]
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2017-008620"
          }
        ]
      },
      "credits": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/credits#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "Gabriel Campana, Kevin Hamacher and Ron Bowes of the Google Security Team,Felix Wilhelm, Fermin J. Serna",
        "sources": [
          {
            "db": "CNNVD",
            "id": "CNNVD-201709-745"
          }
        ],
        "trust": 0.6
      },
      "cve": "CVE-2017-14493",
      "cvss": {
        "@context": {
          "cvssV2": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
          },
          "cvssV3": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
          },
          "severity": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/cvss/severity#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/severity"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            },
            "@id": "https://www.variotdbs.pl/ref/sources"
          }
        },
        "data": [
          {
            "cvssV2": [
              {
                "accessComplexity": "LOW",
                "accessVector": "NETWORK",
                "authentication": "NONE",
                "author": "nvd@nist.gov",
                "availabilityImpact": "PARTIAL",
                "baseScore": 7.5,
                "confidentialityImpact": "PARTIAL",
                "exploitabilityScore": 10.0,
                "id": "CVE-2017-14493",
                "impactScore": 6.4,
                "integrityImpact": "PARTIAL",
                "severity": "HIGH",
                "trust": 1.9,
                "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
                "version": "2.0"
              }
            ],
            "cvssV3": [
              {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "author": "nvd@nist.gov",
                "availabilityImpact": "HIGH",
                "baseScore": 9.8,
                "baseSeverity": "CRITICAL",
                "confidentialityImpact": "HIGH",
                "exploitabilityScore": 3.9,
                "id": "CVE-2017-14493",
                "impactScore": 5.9,
                "integrityImpact": "HIGH",
                "privilegesRequired": "NONE",
                "scope": "UNCHANGED",
                "trust": 1.8,
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
                "version": "3.0"
              }
            ],
            "severity": [
              {
                "author": "nvd@nist.gov",
                "id": "CVE-2017-14493",
                "trust": 1.0,
                "value": "CRITICAL"
              },
              {
                "author": "NVD",
                "id": "CVE-2017-14493",
                "trust": 0.8,
                "value": "Critical"
              },
              {
                "author": "CNNVD",
                "id": "CNNVD-201709-745",
                "trust": 0.6,
                "value": "HIGH"
              },
              {
                "author": "VULMON",
                "id": "CVE-2017-14493",
                "trust": 0.1,
                "value": "HIGH"
              }
            ]
          }
        ],
        "sources": [
          {
            "db": "VULMON",
            "id": "CVE-2017-14493"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2017-008620"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201709-745"
          },
          {
            "db": "NVD",
            "id": "CVE-2017-14493"
          }
        ]
      },
      "description": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/description#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "Stack-based buffer overflow in dnsmasq before 2.78 allows remote attackers to cause a denial of service (crash) or execute arbitrary code via a crafted DHCPv6 request. Dnsmasq versions 2.77 and earlier contains multiple vulnerabilities. dnsmasq Contains a buffer error vulnerability.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. -----BEGIN PGP SIGNED MESSAGE-----\nHash: SHA1\n\n=====================================================================\n                   Red Hat Security Advisory\n\nSynopsis:          Critical: dnsmasq security update\nAdvisory ID:       RHSA-2017:2836-01\nProduct:           Red Hat Enterprise Linux\nAdvisory URL:      https://access.redhat.com/errata/RHSA-2017:2836\nIssue date:        2017-10-02\nCVE Names:         CVE-2017-14491 CVE-2017-14492 CVE-2017-14493 \n                   CVE-2017-14494 CVE-2017-14495 CVE-2017-14496 \n=====================================================================\n\n1. Summary:\n\nAn update for dnsmasq is now available for Red Hat Enterprise Linux 7. \n\nRed Hat Product Security has rated this update as having a security impact\nof Critical. A Common Vulnerability Scoring System (CVSS) base score, which\ngives a detailed severity rating, is available for each vulnerability from\nthe CVE link(s) in the References section. \n\n2. Relevant releases/architectures:\n\nRed Hat Enterprise Linux Client (v. 7) - x86_64\nRed Hat Enterprise Linux Client Optional (v. 7) - x86_64\nRed Hat Enterprise Linux ComputeNode (v. 7) - x86_64\nRed Hat Enterprise Linux ComputeNode Optional (v. 7) - x86_64\nRed Hat Enterprise Linux Server (v. 7) - aarch64, ppc64, ppc64le, s390x, x86_64\nRed Hat Enterprise Linux Server Optional (v. 7) - aarch64, ppc64, ppc64le, s390x, x86_64\nRed Hat Enterprise Linux Workstation (v. 7) - x86_64\nRed Hat Enterprise Linux Workstation Optional (v. 7) - x86_64\n\n3. Description:\n\nThe dnsmasq packages contain Dnsmasq, a lightweight DNS (Domain Name\nServer) forwarder and DHCP (Dynamic Host Configuration Protocol) server. \n\nSecurity Fix(es):\n\n* A heap buffer overflow was found in dnsmasq in the code responsible for\nbuilding DNS replies. \n(CVE-2017-14491)\n\n* A heap buffer overflow was discovered in dnsmasq in the IPv6 router\nadvertisement (RA) handling code. This issue only affected\nconfigurations using one of these options: enable-ra, ra-only, slaac,\nra-names, ra-advrouter, or ra-stateless. (CVE-2017-14492)\n\n* A stack buffer overflow was found in dnsmasq in the DHCPv6 code. (CVE-2017-14493)\n\n* An information leak was found in dnsmasq in the DHCPv6 relay code. An\nattacker on the local network could send crafted DHCPv6 packets to dnsmasq\ncausing it to forward the contents of process memory, potentially leaking\nsensitive data. (CVE-2017-14494)\n\n* A memory exhaustion flaw was found in dnsmasq in the EDNS0 code. An\nattacker could send crafted DNS packets which would trigger memory\nallocations which would never be freed, leading to unbounded memory\nconsumption and eventually a crash. This issue only affected configurations\nusing one of the options: add-mac, add-cpe-id, or add-subnet. \n(CVE-2017-14495)\n\n* An integer underflow flaw leading to a buffer over-read was found in\ndnsmasq in the EDNS0 code. An attacker could send crafted DNS packets to\ndnsmasq which would cause it to crash. This issue only affected\nconfigurations using one of the options: add-mac, add-cpe-id, or\nadd-subnet. (CVE-2017-14496)\n\nRed Hat would like to thank Felix Wilhelm (Google Security Team), Fermin J. \nSerna (Google Security Team), Gabriel Campana (Google Security Team), Kevin\nHamacher (Google Security Team), and Ron Bowes (Google Security Team) for\nreporting these issues. \n\n4. Solution:\n\nFor details on how to apply this update, which includes the changes\ndescribed in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\n5. Bugs fixed (https://bugzilla.redhat.com/):\n\n1495409 - CVE-2017-14491 dnsmasq: heap overflow in the code responsible for building DNS replies\n1495410 - CVE-2017-14492 dnsmasq: heap overflow in the IPv6 router advertisement code\n1495411 - CVE-2017-14493 dnsmasq: stack buffer overflow in the DHCPv6 code\n1495412 - CVE-2017-14494 dnsmasq: information leak in the DHCPv6 relay code\n1495415 - CVE-2017-14495 dnsmasq: memory exhaustion vulnerability in the EDNS0 code\n1495416 - CVE-2017-14496 dnsmasq: integer underflow leading to buffer over-read in the EDNS0 code\n\n6. Package List:\n\nRed Hat Enterprise Linux Client (v. 7):\n\nSource:\ndnsmasq-2.76-2.el7_4.2.src.rpm\n\nx86_64:\ndnsmasq-2.76-2.el7_4.2.x86_64.rpm\ndnsmasq-debuginfo-2.76-2.el7_4.2.x86_64.rpm\n\nRed Hat Enterprise Linux Client Optional (v. 7):\n\nx86_64:\ndnsmasq-debuginfo-2.76-2.el7_4.2.x86_64.rpm\ndnsmasq-utils-2.76-2.el7_4.2.x86_64.rpm\n\nRed Hat Enterprise Linux ComputeNode (v. 7):\n\nSource:\ndnsmasq-2.76-2.el7_4.2.src.rpm\n\nx86_64:\ndnsmasq-2.76-2.el7_4.2.x86_64.rpm\ndnsmasq-debuginfo-2.76-2.el7_4.2.x86_64.rpm\n\nRed Hat Enterprise Linux ComputeNode Optional (v. 7):\n\nx86_64:\ndnsmasq-debuginfo-2.76-2.el7_4.2.x86_64.rpm\ndnsmasq-utils-2.76-2.el7_4.2.x86_64.rpm\n\nRed Hat Enterprise Linux Server (v. 7):\n\nSource:\ndnsmasq-2.76-2.el7_4.2.src.rpm\n\naarch64:\ndnsmasq-2.76-2.el7_4.2.aarch64.rpm\ndnsmasq-debuginfo-2.76-2.el7_4.2.aarch64.rpm\n\nppc64:\ndnsmasq-2.76-2.el7_4.2.ppc64.rpm\ndnsmasq-debuginfo-2.76-2.el7_4.2.ppc64.rpm\n\nppc64le:\ndnsmasq-2.76-2.el7_4.2.ppc64le.rpm\ndnsmasq-debuginfo-2.76-2.el7_4.2.ppc64le.rpm\n\ns390x:\ndnsmasq-2.76-2.el7_4.2.s390x.rpm\ndnsmasq-debuginfo-2.76-2.el7_4.2.s390x.rpm\n\nx86_64:\ndnsmasq-2.76-2.el7_4.2.x86_64.rpm\ndnsmasq-debuginfo-2.76-2.el7_4.2.x86_64.rpm\n\nRed Hat Enterprise Linux Server Optional (v. 7):\n\naarch64:\ndnsmasq-debuginfo-2.76-2.el7_4.2.aarch64.rpm\ndnsmasq-utils-2.76-2.el7_4.2.aarch64.rpm\n\nppc64:\ndnsmasq-debuginfo-2.76-2.el7_4.2.ppc64.rpm\ndnsmasq-utils-2.76-2.el7_4.2.ppc64.rpm\n\nppc64le:\ndnsmasq-debuginfo-2.76-2.el7_4.2.ppc64le.rpm\ndnsmasq-utils-2.76-2.el7_4.2.ppc64le.rpm\n\ns390x:\ndnsmasq-debuginfo-2.76-2.el7_4.2.s390x.rpm\ndnsmasq-utils-2.76-2.el7_4.2.s390x.rpm\n\nx86_64:\ndnsmasq-debuginfo-2.76-2.el7_4.2.x86_64.rpm\ndnsmasq-utils-2.76-2.el7_4.2.x86_64.rpm\n\nRed Hat Enterprise Linux Workstation (v. 7):\n\nSource:\ndnsmasq-2.76-2.el7_4.2.src.rpm\n\nx86_64:\ndnsmasq-2.76-2.el7_4.2.x86_64.rpm\ndnsmasq-debuginfo-2.76-2.el7_4.2.x86_64.rpm\n\nRed Hat Enterprise Linux Workstation Optional (v. 7):\n\nx86_64:\ndnsmasq-debuginfo-2.76-2.el7_4.2.x86_64.rpm\ndnsmasq-utils-2.76-2.el7_4.2.x86_64.rpm\n\nThese packages are GPG signed by Red Hat for security.  Our key and\ndetails on how to verify the signature are available from\nhttps://access.redhat.com/security/team/key/\n\n7. References:\n\nhttps://access.redhat.com/security/cve/CVE-2017-14491\nhttps://access.redhat.com/security/cve/CVE-2017-14492\nhttps://access.redhat.com/security/cve/CVE-2017-14493\nhttps://access.redhat.com/security/cve/CVE-2017-14494\nhttps://access.redhat.com/security/cve/CVE-2017-14495\nhttps://access.redhat.com/security/cve/CVE-2017-14496\nhttps://access.redhat.com/security/updates/classification/#critical\nhttps://access.redhat.com/security/vulnerabilities/3199382\n\n8. Contact:\n\nThe Red Hat security contact is \u003csecalert@redhat.com\u003e. More contact\ndetails at https://access.redhat.com/security/team/contact/\n\nCopyright 2017 Red Hat, Inc. \n-----BEGIN PGP SIGNATURE-----\nVersion: GnuPG v1\n\niD8DBQFZ0opYXlSAg2UNWIIRAr0dAJ9rIL1FgNTJUf2I9jjKFFlfkCd/kwCfV+bX\nSfoCV7+qG2nwqlHKLZOlhIU=\n=iWfU\n-----END PGP SIGNATURE-----\n\n--\nRHSA-announce mailing list\nRHSA-announce@redhat.com\nhttps://www.redhat.com/mailman/listinfo/rhsa-announce\n. \n===========================================================================\nUbuntu Security Notice USN-3430-3\nJanuary 04, 2018\n\ndnsmasq regression\n===========================================================================\n\nA security issue affects these releases of Ubuntu and its derivatives:\n\n- Ubuntu 12.04 ESM\n\nSummary:\n\nUSN-3430-2 introduced regression in Dnsmasq. \n\nSoftware Description:\n- dnsmasq: Small caching DNS proxy and DHCP/TFTP server\n\nDetails:\n\nUSN-3430-2 fixed several vulnerabilities. The update introduced a new\nregression that breaks DNS resolution. This update addresses the\nproblem. \n\nWe apologize for the inconvenience. \n\nOriginal advisory details:\n\nFelix Wilhelm, Fermin J. Serna, Gabriel Campana and Kevin Hamacher\ndiscovered that Dnsmasq incorrectly handled DNS requests. \n(CVE-2017-14491)\n\nFelix Wilhelm, Fermin J. (CVE-2017-14492)\n\nFelix Wilhelm, Fermin J. Serna, Gabriel Campana and Kevin Hamacher\ndiscovered that Dnsmasq incorrectly handled DHCPv6 requests. \n(CVE-2017-14493)\n\nFelix Wilhelm, Fermin J. Serna, Gabriel Campana and Kevin Hamacher\ndiscovered that Dnsmasq incorrectly handled DHCPv6 packets. (CVE-2017-14494)\n\nFelix Wilhelm, Fermin J. Serna, Gabriel Campana and Kevin Hamacher\ndiscovered that Dnsmasq incorrectly handled DNS requests. (CVE-2017-14495)\n\nFelix Wilhelm, Fermin J. Serna, Gabriel Campana and Kevin Hamacher\ndiscovered that Dnsmasq incorrectly handled DNS requests. (CVE-2017-14496)\n\nUpdate instructions:\n\nThe problem can be corrected by updating your system to the following\npackage versions:\n\nUbuntu 12.04 ESM:\n dnsmasq=C2=A02.59-4ubuntu0.4\n dnsmasq-base2.59-4ubuntu0.4\n dnsmasq-utils2.59-4ubuntu0.4\n\nAfter a standard system update you need to reboot your computer to make\nall the necessary changes. 7.3) - ppc64, ppc64le, s390x, x86_64\n\n3. - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\nGentoo Linux Security Advisory                           GLSA 201710-27\n- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\n                                           https://security.gentoo.org/\n- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\n\n Severity: Normal\n    Title: Dnsmasq: Multiple vulnerabilities\n     Date: October 23, 2017\n     Bugs: #632692\n       ID: 201710-27\n\n- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\n\nSynopsis\n========\n\nMultiple vulnerabilities have been found in Dnsmasq, the worst of which\nmay allow remote attackers to execute arbitrary code. \n\nAffected packages\n=================\n\n    -------------------------------------------------------------------\n     Package              /     Vulnerable     /            Unaffected\n    -------------------------------------------------------------------\n  1  net-dns/dnsmasq               \u003c 2.78                     \u003e= 2.78 \n\nDescription\n===========\n\nMultiple vulnerabilities have been discovered in Dnsmasq. \n\nWorkaround\n==========\n\nThere is no known workaround at this time. \n\nResolution\n==========\n\nAll Dnsmasq users should upgrade to the latest version:\n\n  # emerge --sync\n  # emerge --ask --oneshot --verbose \"\u003e=net-dns/dnsmasq-2.78\"\n\nReferences\n==========\n\n[ 1 ] CVE-2017-14491\n      https://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-14491\n[ 2 ] CVE-2017-14492\n      https://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-14492\n[ 3 ] CVE-2017-14493\n      https://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-14493\n[ 4 ] CVE-2017-14494\n      https://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-14494\n[ 5 ] CVE-2017-14495\n      https://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-14495\n[ 6 ] CVE-2017-14496\n      https://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-14496\n\nAvailability\n============\n\nThis GLSA and any updates to it are available for viewing at\nthe Gentoo Security Website:\n\n https://security.gentoo.org/glsa/201710-27\n\nConcerns?\n=========\n\nSecurity is a primary focus of Gentoo Linux and ensuring the\nconfidentiality and security of our users\u0027 machines is of utmost\nimportance to us. Any security concerns should be addressed to\nsecurity@gentoo.org or alternatively, you may file a bug at\nhttps://bugs.gentoo.org. \n\nLicense\n=======\n\nCopyright 2017 Gentoo Foundation, Inc; referenced text\nbelongs to its owner(s). \n\nThe contents of this document are licensed under the\nCreative Commons - Attribution / Share Alike license. \n\nhttp://creativecommons.org/licenses/by-sa/2.5\n",
        "sources": [
          {
            "db": "NVD",
            "id": "CVE-2017-14493"
          },
          {
            "db": "CERT/CC",
            "id": "VU#973527"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2017-008620"
          },
          {
            "db": "BID",
            "id": "101085"
          },
          {
            "db": "VULMON",
            "id": "CVE-2017-14493"
          },
          {
            "db": "PACKETSTORM",
            "id": "144490"
          },
          {
            "db": "PACKETSTORM",
            "id": "144484"
          },
          {
            "db": "PACKETSTORM",
            "id": "145652"
          },
          {
            "db": "PACKETSTORM",
            "id": "144477"
          },
          {
            "db": "PACKETSTORM",
            "id": "144469"
          },
          {
            "db": "PACKETSTORM",
            "id": "144706"
          }
        ],
        "trust": 3.24
      },
      "exploit_availability": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/exploit_availability#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "reference": "https://vulmon.com/exploitdetails?qidtp=exploitdb\u0026qid=42943",
            "trust": 0.1,
            "type": "exploit"
          }
        ],
        "sources": [
          {
            "db": "VULMON",
            "id": "CVE-2017-14493"
          }
        ]
      },
      "external_ids": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/external_ids#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "db": "CERT/CC",
            "id": "VU#973527",
            "trust": 3.6
          },
          {
            "db": "NVD",
            "id": "CVE-2017-14493",
            "trust": 3.4
          },
          {
            "db": "BID",
            "id": "101085",
            "trust": 2.0
          },
          {
            "db": "SECTRACK",
            "id": "1039474",
            "trust": 1.1
          },
          {
            "db": "EXPLOIT-DB",
            "id": "42943",
            "trust": 1.1
          },
          {
            "db": "ICS CERT",
            "id": "ICSA-17-332-01",
            "trust": 0.9
          },
          {
            "db": "JVN",
            "id": "JVNVU93453933",
            "trust": 0.8
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2017-008620",
            "trust": 0.8
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201709-745",
            "trust": 0.6
          },
          {
            "db": "VULMON",
            "id": "CVE-2017-14493",
            "trust": 0.1
          },
          {
            "db": "PACKETSTORM",
            "id": "144490",
            "trust": 0.1
          },
          {
            "db": "PACKETSTORM",
            "id": "144484",
            "trust": 0.1
          },
          {
            "db": "PACKETSTORM",
            "id": "145652",
            "trust": 0.1
          },
          {
            "db": "PACKETSTORM",
            "id": "144477",
            "trust": 0.1
          },
          {
            "db": "PACKETSTORM",
            "id": "144469",
            "trust": 0.1
          },
          {
            "db": "PACKETSTORM",
            "id": "144706",
            "trust": 0.1
          }
        ],
        "sources": [
          {
            "db": "CERT/CC",
            "id": "VU#973527"
          },
          {
            "db": "VULMON",
            "id": "CVE-2017-14493"
          },
          {
            "db": "BID",
            "id": "101085"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2017-008620"
          },
          {
            "db": "PACKETSTORM",
            "id": "144490"
          },
          {
            "db": "PACKETSTORM",
            "id": "144484"
          },
          {
            "db": "PACKETSTORM",
            "id": "145652"
          },
          {
            "db": "PACKETSTORM",
            "id": "144477"
          },
          {
            "db": "PACKETSTORM",
            "id": "144469"
          },
          {
            "db": "PACKETSTORM",
            "id": "144706"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201709-745"
          },
          {
            "db": "NVD",
            "id": "CVE-2017-14493"
          }
        ]
      },
      "id": "VAR-201710-0449",
      "iot": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/iot#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": true,
        "sources": [
          {
            "db": "VARIoT devices database",
            "id": null
          }
        ],
        "trust": 0.25396827
      },
      "last_update_date": "2025-04-20T20:13:40.774000Z",
      "patch": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/patch#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "title": "DSA-3989",
            "trust": 0.8,
            "url": "https://www.debian.org/security/2017/dsa-3989"
          },
          {
            "title": "Security Bulletin: NVIDIA Tegra Jetson L4T contains multiple vulnerabilities; updates for \u201cBlueBorne\u201d and \u201cDnsmasq\u201d.",
            "trust": 0.8,
            "url": "http://nvidia.custhelp.com/app/answers/detail/a_id/4561"
          },
          {
            "title": "openSUSE-SU-2017:2633",
            "trust": 0.8,
            "url": "https://lists.opensuse.org/opensuse-security-announce/2017-10/msg00006.html"
          },
          {
            "title": "RHSA-2017:2836",
            "trust": 0.8,
            "url": "https://access.redhat.com/errata/RHSA-2017:2836"
          },
          {
            "title": "RHSA-2017:2837",
            "trust": 0.8,
            "url": "https://access.redhat.com/errata/RHSA-2017:2837"
          },
          {
            "title": "Security fix, CVE-2017-14493, DHCPv6 - Stack buffer overflow.",
            "trust": 0.8,
            "url": "http://thekelleys.org.uk/gitweb/?p=dnsmasq.git;a=commit;h=3d4ff1ba8419546490b464418223132529514033"
          },
          {
            "title": "CHANGELOG",
            "trust": 0.8,
            "url": "http://thekelleys.org.uk/dnsmasq/CHANGELOG"
          },
          {
            "title": "USN-3430-1",
            "trust": 0.8,
            "url": "https://usn.ubuntu.com/usn/USN-3430-1/"
          },
          {
            "title": "USN-3430-2",
            "trust": 0.8,
            "url": "https://usn.ubuntu.com/usn/USN-3430-2/"
          },
          {
            "title": "Dnsmasq Buffer error vulnerability fix",
            "trust": 0.6,
            "url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=92841"
          },
          {
            "title": "Red Hat: Critical: dnsmasq security update",
            "trust": 0.1,
            "url": "https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories\u0026qid=RHSA-20172837 - Security Advisory"
          },
          {
            "title": "Red Hat: Critical: dnsmasq security update",
            "trust": 0.1,
            "url": "https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories\u0026qid=RHSA-20172836 - Security Advisory"
          },
          {
            "title": "Arch Linux Issues: ",
            "trust": 0.1,
            "url": "https://vulmon.com/vendoradvisory?qidtp=arch_linux_issues\u0026qid=CVE-2017-14493"
          },
          {
            "title": "Ubuntu Security Notice: dnsmasq vulnerabilities",
            "trust": 0.1,
            "url": "https://vulmon.com/vendoradvisory?qidtp=ubuntu_security_notice\u0026qid=USN-3430-2"
          },
          {
            "title": "Ubuntu Security Notice: dnsmasq regression",
            "trust": 0.1,
            "url": "https://vulmon.com/vendoradvisory?qidtp=ubuntu_security_notice\u0026qid=USN-3430-3"
          },
          {
            "title": "Ubuntu Security Notice: dnsmasq vulnerabilities",
            "trust": 0.1,
            "url": "https://vulmon.com/vendoradvisory?qidtp=ubuntu_security_notice\u0026qid=USN-3430-1"
          },
          {
            "title": "Debian Security Advisories: DSA-3989-1 dnsmasq -- security update",
            "trust": 0.1,
            "url": "https://vulmon.com/vendoradvisory?qidtp=debian_security_advisories\u0026qid=5c18698ecfe74c7de381531f8ed44dcf"
          },
          {
            "title": "Amazon Linux 2: ALAS2-2019-1251",
            "trust": 0.1,
            "url": "https://vulmon.com/vendoradvisory?qidtp=amazon_linux2\u0026qid=ALAS2-2019-1251"
          },
          {
            "title": "Amazon Linux AMI: ALAS-2017-907",
            "trust": 0.1,
            "url": "https://vulmon.com/vendoradvisory?qidtp=amazon_linux_ami\u0026qid=ALAS-2017-907"
          },
          {
            "title": "Arch Linux Advisories: [ASA-201710-1] dnsmasq: multiple issues",
            "trust": 0.1,
            "url": "https://vulmon.com/vendoradvisory?qidtp=arch_linux_advisories\u0026qid=ASA-201710-1"
          },
          {
            "title": "Oracle Solaris Third Party Bulletins: Oracle Solaris Third Party Bulletin - October 2017",
            "trust": 0.1,
            "url": "https://vulmon.com/vendoradvisory?qidtp=oracle_solaris_third_party_bulletins\u0026qid=6283337cd31f81f24d445925f2138c0e"
          },
          {
            "title": "Oracle Linux Bulletins: Oracle Linux Bulletin - October 2017",
            "trust": 0.1,
            "url": "https://vulmon.com/vendoradvisory?qidtp=oracle_linux_bulletins\u0026qid=7251d5e5f2b1771951980ad7cfde50ba"
          },
          {
            "title": "bof-dnsmasq-cve-2017-14493",
            "trust": 0.1,
            "url": "https://github.com/pupiles/bof-dnsmasq-cve-2017-14493 "
          },
          {
            "title": "Safe libc",
            "trust": 0.1,
            "url": "https://github.com/introspection-libc/main "
          },
          {
            "title": "What is this?\nHow does it work?\nHow to build the toolchain\nHow to build a program using the safe libc\nAnd in the real world?",
            "trust": 0.1,
            "url": "https://github.com/pekd/safe-libc "
          },
          {
            "title": "What is this?\nHow does it work?\nHow to build the toolchain\nHow to build a program using the safe libc\nAnd in the real world?",
            "trust": 0.1,
            "url": "https://github.com/introspection-libc/safe-libc "
          },
          {
            "title": "Awesome CVE PoC",
            "trust": 0.1,
            "url": "https://github.com/lnick2023/nicenice "
          },
          {
            "title": "Awesome CVE PoC",
            "trust": 0.1,
            "url": "https://github.com/qazbnm456/awesome-cve-poc "
          },
          {
            "title": "Awesome CVE PoC",
            "trust": 0.1,
            "url": "https://github.com/xbl3/awesome-cve-poc_qazbnm456 "
          },
          {
            "title": "Threatpost",
            "trust": 0.1,
            "url": "https://threatpost.com/google-warns-of-dos-and-rce-bugs-in-dnsmasq/128238/"
          }
        ],
        "sources": [
          {
            "db": "VULMON",
            "id": "CVE-2017-14493"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2017-008620"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201709-745"
          }
        ]
      },
      "problemtype_data": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "problemtype": "CWE-119",
            "trust": 1.8
          },
          {
            "problemtype": "CWE-121",
            "trust": 0.8
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2017-008620"
          },
          {
            "db": "NVD",
            "id": "CVE-2017-14493"
          }
        ]
      },
      "references": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/references#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "trust": 2.9,
            "url": "https://www.kb.cert.org/vuls/id/973527"
          },
          {
            "trust": 2.8,
            "url": "https://security.googleblog.com/2017/10/behind-masq-yet-more-dns-and-dhcp.html"
          },
          {
            "trust": 2.3,
            "url": "http://www.securityfocus.com/bid/101085"
          },
          {
            "trust": 2.2,
            "url": "https://access.redhat.com/errata/rhsa-2017:2837"
          },
          {
            "trust": 2.1,
            "url": "https://access.redhat.com/errata/rhsa-2017:2836"
          },
          {
            "trust": 2.0,
            "url": "http://www.debian.org/security/2017/dsa-3989"
          },
          {
            "trust": 1.7,
            "url": "http://www.thekelleys.org.uk/dnsmasq/doc.html"
          },
          {
            "trust": 1.4,
            "url": "http://www.ubuntu.com/usn/usn-3430-1"
          },
          {
            "trust": 1.4,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2017-14493"
          },
          {
            "trust": 1.3,
            "url": "https://access.redhat.com/security/vulnerabilities/3199382"
          },
          {
            "trust": 1.2,
            "url": "https://www.exploit-db.com/exploits/42943/"
          },
          {
            "trust": 1.2,
            "url": "http://www.ubuntu.com/usn/usn-3430-2"
          },
          {
            "trust": 1.2,
            "url": "https://security.gentoo.org/glsa/201710-27"
          },
          {
            "trust": 1.1,
            "url": "http://thekelleys.org.uk/dnsmasq/changelog"
          },
          {
            "trust": 1.1,
            "url": "http://www.securitytracker.com/id/1039474"
          },
          {
            "trust": 1.1,
            "url": "http://lists.opensuse.org/opensuse-security-announce/2017-10/msg00006.html"
          },
          {
            "trust": 1.1,
            "url": "http://nvidia.custhelp.com/app/answers/detail/a_id/4561"
          },
          {
            "trust": 1.1,
            "url": "https://www.synology.com/support/security/synology_sa_17_59_dnsmasq"
          },
          {
            "trust": 1.1,
            "url": "http://www.arubanetworks.com/assets/alert/aruba-psa-2017-005.txt"
          },
          {
            "trust": 1.1,
            "url": "http://thekelleys.org.uk/gitweb/?p=dnsmasq.git%3ba=commit%3bh=3d4ff1ba8419546490b464418223132529514033"
          },
          {
            "trust": 1.1,
            "url": "https://www.mail-archive.com/dnsmasq-discuss%40lists.thekelleys.org.uk/msg11665.html"
          },
          {
            "trust": 1.1,
            "url": "https://www.mail-archive.com/dnsmasq-discuss%40lists.thekelleys.org.uk/msg11664.html"
          },
          {
            "trust": 1.1,
            "url": "https://access.redhat.com/security/cve/cve-2017-14491"
          },
          {
            "trust": 1.1,
            "url": "https://access.redhat.com/security/cve/cve-2017-14492"
          },
          {
            "trust": 1.1,
            "url": "https://access.redhat.com/security/cve/cve-2017-14493"
          },
          {
            "trust": 1.1,
            "url": "https://access.redhat.com/security/cve/cve-2017-14494"
          },
          {
            "trust": 1.0,
            "url": "https://access.redhat.com/security/cve/cve-2017-14495"
          },
          {
            "trust": 1.0,
            "url": "https://access.redhat.com/security/cve/cve-2017-14496"
          },
          {
            "trust": 0.9,
            "url": "http://www.thekelleys.org.uk/dnsmasq/changelog"
          },
          {
            "trust": 0.9,
            "url": "https://github.com/google/security-research-pocs/blob/master/vulnerabilities/dnsmasq/cve-2017-14491.py"
          },
          {
            "trust": 0.9,
            "url": "https://github.com/google/security-research-pocs/blob/master/vulnerabilities/dnsmasq/cve-2017-14492.py"
          },
          {
            "trust": 0.9,
            "url": "https://github.com/google/security-research-pocs/blob/master/vulnerabilities/dnsmasq/cve-2017-14493.py"
          },
          {
            "trust": 0.9,
            "url": "https://github.com/google/security-research-pocs/blob/master/vulnerabilities/dnsmasq/cve-2017-14494.py"
          },
          {
            "trust": 0.9,
            "url": "https://github.com/google/security-research-pocs/blob/master/vulnerabilities/dnsmasq/cve-2017-14495.py"
          },
          {
            "trust": 0.9,
            "url": "https://github.com/kubernetes/kubernetes/blob/master/changelog.md"
          },
          {
            "trust": 0.9,
            "url": "http://www.slackware.com/security/viewer.php?l=slackware-security\u0026y=2017\u0026m=slackware-security.601472"
          },
          {
            "trust": 0.9,
            "url": "https://source.android.com/security/bulletin/2017-10-01"
          },
          {
            "trust": 0.9,
            "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1495410"
          },
          {
            "trust": 0.9,
            "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1495411"
          },
          {
            "trust": 0.9,
            "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1495412"
          },
          {
            "trust": 0.9,
            "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1495415"
          },
          {
            "trust": 0.9,
            "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1495416"
          },
          {
            "trust": 0.9,
            "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1495510"
          },
          {
            "trust": 0.9,
            "url": "https://access.redhat.com/security/cve/cve-2017-13704"
          },
          {
            "trust": 0.9,
            "url": "https://github.com/google/security-research-pocs/blob/master/vulnerabilities/dnsmasq/cve-2017-14496.py"
          },
          {
            "trust": 0.9,
            "url": "https://ics-cert.us-cert.gov/advisories/icsa-17-332-01"
          },
          {
            "trust": 0.8,
            "url": "https://www.ruckuswireless.com/security"
          },
          {
            "trust": 0.8,
            "url": "https://www.zyxel.com/support/announcement_dnsmasq_vulnerabilities.shtml"
          },
          {
            "trust": 0.8,
            "url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2017-14493"
          },
          {
            "trust": 0.8,
            "url": "http://jvn.jp/vu/jvnvu93453933/index.html"
          },
          {
            "trust": 0.6,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2017-14491"
          },
          {
            "trust": 0.6,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2017-14494"
          },
          {
            "trust": 0.6,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2017-14492"
          },
          {
            "trust": 0.6,
            "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1495409bug1495409"
          },
          {
            "trust": 0.5,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2017-14496"
          },
          {
            "trust": 0.5,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2017-14495"
          },
          {
            "trust": 0.3,
            "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1495409 bug 1495409"
          },
          {
            "trust": 0.2,
            "url": "https://access.redhat.com/security/updates/classification/#critical"
          },
          {
            "trust": 0.2,
            "url": "https://access.redhat.com/articles/11258"
          },
          {
            "trust": 0.2,
            "url": "https://access.redhat.com/security/team/contact/"
          },
          {
            "trust": 0.2,
            "url": "https://www.redhat.com/mailman/listinfo/rhsa-announce"
          },
          {
            "trust": 0.2,
            "url": "https://bugzilla.redhat.com/):"
          },
          {
            "trust": 0.2,
            "url": "https://access.redhat.com/security/team/key/"
          },
          {
            "trust": 0.1,
            "url": "https://cwe.mitre.org/data/definitions/119.html"
          },
          {
            "trust": 0.1,
            "url": "https://github.com/pupiles/bof-dnsmasq-cve-2017-14493"
          },
          {
            "trust": 0.1,
            "url": "https://tools.cisco.com/security/center/viewalert.x?alertid=55496"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov"
          },
          {
            "trust": 0.1,
            "url": "https://launchpad.net/bugs/1741262"
          },
          {
            "trust": 0.1,
            "url": "https://www.ubuntu.com/usn/usn-3430-3"
          },
          {
            "trust": 0.1,
            "url": "https://launchpad.net/ubuntu/+source/dnsmasq/2.76-5ubuntu0.1"
          },
          {
            "trust": 0.1,
            "url": "https://launchpad.net/ubuntu/+source/dnsmasq/2.75-1ubuntu0.16.04.3"
          },
          {
            "trust": 0.1,
            "url": "https://launchpad.net/ubuntu/+source/dnsmasq/2.68-1ubuntu0.2"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/nvd.cfm?cvename=cve-2017-14495"
          },
          {
            "trust": 0.1,
            "url": "http://creativecommons.org/licenses/by-sa/2.5"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/nvd.cfm?cvename=cve-2017-14493"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/nvd.cfm?cvename=cve-2017-14492"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/nvd.cfm?cvename=cve-2017-14491"
          },
          {
            "trust": 0.1,
            "url": "https://security.gentoo.org/"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/nvd.cfm?cvename=cve-2017-14496"
          },
          {
            "trust": 0.1,
            "url": "https://bugs.gentoo.org."
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/nvd.cfm?cvename=cve-2017-14494"
          }
        ],
        "sources": [
          {
            "db": "CERT/CC",
            "id": "VU#973527"
          },
          {
            "db": "VULMON",
            "id": "CVE-2017-14493"
          },
          {
            "db": "BID",
            "id": "101085"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2017-008620"
          },
          {
            "db": "PACKETSTORM",
            "id": "144490"
          },
          {
            "db": "PACKETSTORM",
            "id": "144484"
          },
          {
            "db": "PACKETSTORM",
            "id": "145652"
          },
          {
            "db": "PACKETSTORM",
            "id": "144477"
          },
          {
            "db": "PACKETSTORM",
            "id": "144469"
          },
          {
            "db": "PACKETSTORM",
            "id": "144706"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201709-745"
          },
          {
            "db": "NVD",
            "id": "CVE-2017-14493"
          }
        ]
      },
      "sources": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "db": "CERT/CC",
            "id": "VU#973527"
          },
          {
            "db": "VULMON",
            "id": "CVE-2017-14493"
          },
          {
            "db": "BID",
            "id": "101085"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2017-008620"
          },
          {
            "db": "PACKETSTORM",
            "id": "144490"
          },
          {
            "db": "PACKETSTORM",
            "id": "144484"
          },
          {
            "db": "PACKETSTORM",
            "id": "145652"
          },
          {
            "db": "PACKETSTORM",
            "id": "144477"
          },
          {
            "db": "PACKETSTORM",
            "id": "144469"
          },
          {
            "db": "PACKETSTORM",
            "id": "144706"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201709-745"
          },
          {
            "db": "NVD",
            "id": "CVE-2017-14493"
          }
        ]
      },
      "sources_release_date": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "date": "2017-10-02T00:00:00",
            "db": "CERT/CC",
            "id": "VU#973527"
          },
          {
            "date": "2017-10-03T00:00:00",
            "db": "VULMON",
            "id": "CVE-2017-14493"
          },
          {
            "date": "2017-10-02T00:00:00",
            "db": "BID",
            "id": "101085"
          },
          {
            "date": "2017-10-24T00:00:00",
            "db": "JVNDB",
            "id": "JVNDB-2017-008620"
          },
          {
            "date": "2017-10-03T20:21:00",
            "db": "PACKETSTORM",
            "id": "144490"
          },
          {
            "date": "2017-10-03T05:19:24",
            "db": "PACKETSTORM",
            "id": "144484"
          },
          {
            "date": "2018-01-04T17:50:40",
            "db": "PACKETSTORM",
            "id": "145652"
          },
          {
            "date": "2017-10-02T11:11:00",
            "db": "PACKETSTORM",
            "id": "144477"
          },
          {
            "date": "2017-10-02T13:13:00",
            "db": "PACKETSTORM",
            "id": "144469"
          },
          {
            "date": "2017-10-23T13:54:05",
            "db": "PACKETSTORM",
            "id": "144706"
          },
          {
            "date": "2017-09-18T00:00:00",
            "db": "CNNVD",
            "id": "CNNVD-201709-745"
          },
          {
            "date": "2017-10-03T01:29:02.077000",
            "db": "NVD",
            "id": "CVE-2017-14493"
          }
        ]
      },
      "sources_update_date": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "date": "2018-02-02T00:00:00",
            "db": "CERT/CC",
            "id": "VU#973527"
          },
          {
            "date": "2023-11-07T00:00:00",
            "db": "VULMON",
            "id": "CVE-2017-14493"
          },
          {
            "date": "2017-10-02T00:00:00",
            "db": "BID",
            "id": "101085"
          },
          {
            "date": "2017-10-24T00:00:00",
            "db": "JVNDB",
            "id": "JVNDB-2017-008620"
          },
          {
            "date": "2019-05-24T00:00:00",
            "db": "CNNVD",
            "id": "CNNVD-201709-745"
          },
          {
            "date": "2025-04-20T01:37:25.860000",
            "db": "NVD",
            "id": "CVE-2017-14493"
          }
        ]
      },
      "threat_type": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/threat_type#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "remote or local",
        "sources": [
          {
            "db": "CNNVD",
            "id": "CNNVD-201709-745"
          }
        ],
        "trust": 0.6
      },
      "title": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/title#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "dnsmasq Buffer error vulnerability",
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2017-008620"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201709-745"
          }
        ],
        "trust": 1.4
      },
      "type": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/type#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "buffer error",
        "sources": [
          {
            "db": "CNNVD",
            "id": "CNNVD-201709-745"
          }
        ],
        "trust": 0.6
      }
    }

    VAR-201710-0214

    Vulnerability from variot - Updated: 2025-04-20 20:05

    Wi-Fi Protected Access (WPA and WPA2) allows reinstallation of the Tunneled Direct-Link Setup (TDLS) Peer Key (TPK) during the TDLS handshake, allowing an attacker within radio range to replay, decrypt, or spoof frames. An attacker within range of an affected AP and client may leverage these vulnerabilities to conduct attacks that are dependent on the data confidentiality protocols being used. Attacks may include arbitrary packet decryption and injection, TCP connection hijacking, HTTP content injection, or the replay of unicast and group-addressed frames. These vulnerabilities are referred to as Key Reinstallation Attacks or "KRACK" attacks. WPA (Wi-Fi Protected Access) is a system that protects wireless computer networks (Wi-Fi). The WPA2 wireless network re-installs the tunnel in the TDLS handshake. The TPK key vulnerability exists when the PeerKey is set up directly. WPA2 is prone to multiple security weaknesses. Exploiting these issues may allow an unauthorized user to intercept and manipulate data or disclose sensitive information. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1

    ===================================================================== Red Hat Security Advisory

    Synopsis: Important: wpa_supplicant security update Advisory ID: RHSA-2017:2907-01 Product: Red Hat Enterprise Linux Advisory URL: https://access.redhat.com/errata/RHSA-2017:2907 Issue date: 2017-10-17 CVE Names: CVE-2017-13077 CVE-2017-13078 CVE-2017-13080 CVE-2017-13082 CVE-2017-13086 CVE-2017-13087 CVE-2017-13088 =====================================================================

    1. Summary:

    An update for wpa_supplicant is now available for Red Hat Enterprise Linux 7.

    Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. Relevant releases/architectures:

    Red Hat Enterprise Linux Client (v. 7) - x86_64 Red Hat Enterprise Linux ComputeNode (v. 7) - x86_64 Red Hat Enterprise Linux Server (v. 7) - aarch64, ppc64, ppc64le, s390x, x86_64 Red Hat Enterprise Linux Workstation (v. 7) - x86_64

    1. Description:

    The wpa_supplicant packages contain an 802.1X Supplicant with support for WEP, WPA, WPA2 (IEEE 802.11i / RSN), and various EAP authentication methods. They implement key negotiation with a WPA Authenticator for client stations and controls the roaming and IEEE 802.11 authentication and association of the WLAN driver. A remote attacker within Wi-Fi range could exploit these attacks to decrypt Wi-Fi traffic or possibly inject forged Wi-Fi packets by manipulating cryptographic handshakes used by the WPA2 protocol. (CVE-2017-13077, CVE-2017-13078, CVE-2017-13080, CVE-2017-13082, CVE-2017-13086, CVE-2017-13087, CVE-2017-13088)

    Red Hat would like to thank CERT for reporting these issues. Upstream acknowledges Mathy Vanhoef (University of Leuven) as the original reporter of these issues. Solution:

    For details on how to apply this update, which includes the changes described in this advisory, refer to:

    https://access.redhat.com/articles/11258

    1. Bugs fixed (https://bugzilla.redhat.com/):

    1491692 - CVE-2017-13077 wpa_supplicant: Reinstallation of the pairwise key in the 4-way handshake 1491693 - CVE-2017-13078 wpa_supplicant: Reinstallation of the group key in the 4-way handshake 1491696 - CVE-2017-13080 wpa_supplicant: Reinstallation of the group key in the group key handshake 1491698 - CVE-2017-13082 wpa_supplicant: Accepting a retransmitted FT Reassociation Request and reinstalling the pairwise key while processing it 1500302 - CVE-2017-13086 wpa_supplicant: reinstallation of the Tunneled Direct-Link Setup (TDLS) PeerKey (TPK) key in the TDLS handshake 1500303 - CVE-2017-13087 wpa_supplicant: reinstallation of the group key (GTK) when processing a Wireless Network Management (WNM) Sleep Mode Response frame 1500304 - CVE-2017-13088 wpa_supplicant: reinstallation of the integrity group key (IGTK) when processing a Wireless Network Management (WNM) Sleep Mode Response frame

    1. Package List:

    Red Hat Enterprise Linux Client (v. 7):

    Source: wpa_supplicant-2.6-5.el7_4.1.src.rpm

    x86_64: wpa_supplicant-2.6-5.el7_4.1.x86_64.rpm wpa_supplicant-debuginfo-2.6-5.el7_4.1.x86_64.rpm

    Red Hat Enterprise Linux ComputeNode (v. 7):

    Source: wpa_supplicant-2.6-5.el7_4.1.src.rpm

    x86_64: wpa_supplicant-2.6-5.el7_4.1.x86_64.rpm wpa_supplicant-debuginfo-2.6-5.el7_4.1.x86_64.rpm

    Red Hat Enterprise Linux Server (v. 7):

    Source: wpa_supplicant-2.6-5.el7_4.1.src.rpm

    aarch64: wpa_supplicant-2.6-5.el7_4.1.aarch64.rpm wpa_supplicant-debuginfo-2.6-5.el7_4.1.aarch64.rpm

    ppc64: wpa_supplicant-2.6-5.el7_4.1.ppc64.rpm wpa_supplicant-debuginfo-2.6-5.el7_4.1.ppc64.rpm

    ppc64le: wpa_supplicant-2.6-5.el7_4.1.ppc64le.rpm wpa_supplicant-debuginfo-2.6-5.el7_4.1.ppc64le.rpm

    s390x: wpa_supplicant-2.6-5.el7_4.1.s390x.rpm wpa_supplicant-debuginfo-2.6-5.el7_4.1.s390x.rpm

    x86_64: wpa_supplicant-2.6-5.el7_4.1.x86_64.rpm wpa_supplicant-debuginfo-2.6-5.el7_4.1.x86_64.rpm

    Red Hat Enterprise Linux Workstation (v. 7):

    Source: wpa_supplicant-2.6-5.el7_4.1.src.rpm

    x86_64: wpa_supplicant-2.6-5.el7_4.1.x86_64.rpm wpa_supplicant-debuginfo-2.6-5.el7_4.1.x86_64.rpm

    These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key/

    1. References:

    https://access.redhat.com/security/cve/CVE-2017-13077 https://access.redhat.com/security/cve/CVE-2017-13078 https://access.redhat.com/security/cve/CVE-2017-13080 https://access.redhat.com/security/cve/CVE-2017-13082 https://access.redhat.com/security/cve/CVE-2017-13086 https://access.redhat.com/security/cve/CVE-2017-13087 https://access.redhat.com/security/cve/CVE-2017-13088 https://access.redhat.com/security/updates/classification/#important https://access.redhat.com/security/vulnerabilities/kracks

    1. Contact:

    The Red Hat security contact is secalert@redhat.com. More contact details at https://access.redhat.com/security/team/contact/

    Copyright 2017 Red Hat, Inc. Those vulnerabilities applies to both the access point (implemented in hostapd) and the station (implemented in wpa_supplicant).

    An attacker exploiting the vulnerabilities could force the vulnerable system to reuse cryptographic session keys, enabling a range of cryptographic attacks against the ciphers used in WPA1 and WPA2.

    For the stable distribution (stretch), these problems have been fixed in version 2:2.4-1+deb9u1.

    For the testing distribution (buster), these problems have been fixed in version 2:2.4-1.1.

    For the unstable distribution (sid), these problems have been fixed in version 2:2.4-1.1.

    We recommend that you upgrade your wpa packages. ========================================================================== Ubuntu Security Notice USN-3455-1 October 16, 2017

    wpa vulnerabilities

    A security issue affects these releases of Ubuntu and its derivatives:

    • Ubuntu 17.04
    • Ubuntu 16.04 LTS
    • Ubuntu 14.04 LTS

    Summary:

    Several security issues were fixed in wpa_supplicant.

    Software Description: - wpa: client support for WPA and WPA2

    Details:

    Mathy Vanhoef discovered that wpa_supplicant and hostapd incorrectly handled WPA2. (CVE-2017-13077, CVE-2017-13078, CVE-2017-13079, CVE-2017-13080, CVE-2017-13081, CVE-2017-13082, CVE-2017-13086, CVE-2017-13087, CVE-2017-13088)

    Imre Rad discovered that wpa_supplicant and hostapd incorrectly handled invalid characters in passphrase parameters. A remote attacker could use this issue to cause a denial of service. (CVE-2016-4476)

    Imre Rad discovered that wpa_supplicant and hostapd incorrectly handled invalid characters in passphrase parameters. A local attacker could use this issue to cause a denial of service, or possibly execute arbitrary code. (CVE-2016-4477)

    Update instructions:

    The problem can be corrected by updating your system to the following package versions:

    Ubuntu 17.04: hostapd 2.4-0ubuntu9.1 wpasupplicant 2.4-0ubuntu9.1

    Ubuntu 16.04 LTS: hostapd 2.4-0ubuntu6.2 wpasupplicant 2.4-0ubuntu6.2

    Ubuntu 14.04 LTS: hostapd 2.1-0ubuntu1.5 wpasupplicant 2.1-0ubuntu1.5

    After a standard system update you need to reboot your computer to make all the necessary changes. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512

    ============================================================================= FreeBSD-SA-17:07.wpa Security Advisory The FreeBSD Project

    Topic: WPA2 protocol vulnerability

    Category: contrib Module: wpa Announced: 2017-10-16 Credits: Mathy Vanhoef Affects: All supported versions of FreeBSD. Corrected: 2017-10-17 17:30:18 UTC (stable/11, 11.1-STABLE) 2017-10-17 17:57:18 UTC (releng/11.1, 11.1-RELEASE-p2) 2017-10-17 17:56:03 UTC (releng/11.0, 11.0-RELEASE-p13) 2017-10-19 03:18:22 UTC (stable/10, 10.4-STABLE) 2017-10-19 03:20:17 UTC (releng/10.4, 10.4-RELEASE-p1) 2017-10-19 03:19:42 UTC (releng/10.3, 10.3-RELEASE-p22) CVE Name: CVE-2017-13077, CVE-2017-13078, CVE-2017-13079, CVE-2017-13080, CVE-2017-13081, CVE-2017-13082, CVE-2017-13086, CVE-2017-13087, CVE-2017-13088

    For general information regarding FreeBSD Security Advisories, including descriptions of the fields above, security branches, and the following sections, please visit .

    1. Revision history

    v1.0 2017-10-17 Initial release. v1.1 2017-10-19 Add patches for 10.x releases.

    I.

    hostapd and wpa_supplicant are implementations of user space daemon for access points and wireless client that implements the WPA2 protocol.

    II. Problem Description

    A vulnerability was found in how a number of implementations can be triggered to reconfigure WPA/WPA2/RSN keys (TK, GTK, or IGTK) by replaying a specific frame that is used to manage the keys.

    III. Impact

    Such reinstallation of the encryption key can result in two different types of vulnerabilities: disabling replay protection and significantly reducing the security of encryption to the point of allowing frames to be decrypted or some parts of the keys to be determined by an attacker depending on which cipher is used.

    IV. Workaround

    An updated version of wpa_supplicant is available in the FreeBSD Ports Collection. Install version 2.6_2 or later of the security/wpa_supplicant port/pkg. Once installed, update /etc/rc.conf to use the new binary:

    wpa_supplicant_program="/usr/local/sbin/wpa_supplicant"

    and restart networking.

    An updated version of hostapd is available in the FreeBSD Ports Collection. Install version 2.6_1 or later of the net/hostapd port/pkg. Once installed, update /etc/rc.conf to use the new binary:

    hostapd_program="/usr/local/sbin/hostapd"

    and restart hostapd.

    V. Solution

    Perform one of the following:

    1) Upgrade your vulnerable system to a supported FreeBSD stable or release / security branch (releng) dated after the correction date.

    Restart the Wi-Fi network interfaces/hostapd or reboot the system.

    2) To update your vulnerable system via a binary patch:

    Systems running a RELEASE version of FreeBSD on the i386 or amd64 platforms can be updated via the freebsd-update(8) utility:

    freebsd-update fetch

    freebsd-update install

    Restart the Wi-Fi network interfaces/hostapd or reboot the system.

    3) To update your vulnerable system via a source code patch:

    The following patches have been verified to apply to the applicable FreeBSD release branches.

    a) Download the relevant patch from the location below, and verify the detached PGP signature using your PGP utility.

    [FreeBSD 11.0-RELEASE, 11.1-RELEASE, and 11-STABLE]

    fetch https://security.FreeBSD.org/patches/SA-17:07/wpa-11.patch

    fetch https://security.FreeBSD.org/patches/SA-17:07/wpa-11.patch.asc

    gpg --verify wpa-11.patch.asc

    [FreeBSD 10.3-RELEASE, 10.4-RELEASE, and 10-STABLE]

    fetch https://security.FreeBSD.org/patches/SA-17:07/wpa-10.patch

    fetch https://security.FreeBSD.org/patches/SA-17:07/wpa-10.patch.asc

    gpg --verify wpa-10.patch.asc

    b) Apply the patch. Execute the following commands as root:

    cd /usr/src

    patch < /path/to/patch

    c) Recompile the operating system using buildworld and installworld as described in .

    Restart the applicable daemons, or reboot the system.

    VI. Correction details

    The following list contains the correction revision numbers for each affected branch.

    Branch/path Revision


    stable/11/ r324697 releng/11.0/ r324698 releng/11.1/ r324699 stable/10/ r324739 releng/10.3/ r324740 releng/10.4/ r324741


    To see which files were modified by a particular revision, run the following command, replacing NNNNNN with the revision number, on a machine with Subversion installed:

    svn diff -cNNNNNN --summarize svn://svn.freebsd.org/base

    Or visit the following URL, replacing NNNNNN with the revision number:

    VII. References

    The latest revision of this advisory is available at -----BEGIN PGP SIGNATURE-----

    iQKTBAEBCgB9FiEEHPf/b631yp++G4yy7Wfs1l3PaucFAlnoGpNfFIAAAAAALgAo aXNzdWVyLWZwckBub3RhdGlvbnMub3BlbnBncC5maWZ0aGhvcnNlbWFuLm5ldDFD RjdGRjZGQURGNUNBOUZCRTFCOENCMkVENjdFQ0Q2NURDRjZBRTcACgkQ7Wfs1l3P auc7WBAAm27w+fujv5sJsRxauUMopTVtRh5utwbDuoHTP+L+RCWmQfVBmueNQ0gf uJzMNxBIkbtY9LvyukpRsH3iD7mh26c0pd9rxxkkr4F96C9B5+W0amxJF1gdm54/ F/50FpY+lo7cNs5tiBjypPrg8UOBBI/1G4XR7130XC0HjaTwt1ngZ0oQUWUMSsIp gN5ZfPul81WPWd1NqF+vyObcJhwq/Y1uoexoO27o7GQCFZoL3enZy8c4f1xqMlVM 4HHkTgNGac6E0aW+ArH4J0DFFAOJXPqF8rdt+9XINfoBbtliIyOixJ4oh1n6eAR0 VpBWZKFNyXSlUKIvDGa+LDhxgL1jJXV0ABSyKlUOijdmr3bbbiQE9MW/MNv2AFTd OAFQ0QQtm9KCWp5JLh+FPIb/kR2l7MOUP+yz4zFcJpdGtl9tDLyPN8vRTq60bY8O y7tBcf/SMqkd/AIFdchL4zrOguKnRARydIlwTarp8wtAQI3MKSsa1B0wgsDtlL6K xfdjnwWMKvKKlNOW16e1WXXO0n/ucHV4njBE+bGPro3jLgXP2/WFZpIGAR3I4xrr SdD4AxSNiR9f3bL7LRfMIbugJAylWNSlTLWUOVUv0/ONh85LqbcCj13NI230B64K ETx2QOZgKnCs2oDNiw4aQHb7kvi2w94Iw/R1sAPkkxYJWO3reyE= =h/5q -----END PGP SIGNATURE----- .

    Here are the details from the Slackware 14.2 ChangeLog: +--------------------------+ patches/packages/wpa_supplicant-2.6-i586-1_slack14.2.txz: Upgraded. This update includes patches to mitigate the WPA2 protocol issues known as "KRACK" (Key Reinstallation AttaCK), which may be used to decrypt data, hijack TCP connections, and to forge and inject packets. CVE-2017-13082: Accepting a retransmitted Fast BSS Transition (FT) Reassociation Request and reinstalling the pairwise encryption key (PTK-TK) while processing it. For more information, see: https://www.krackattacks.com/ https://w1.fi/security/2017-1/wpa-packet-number-reuse-with-replayed-messages.txt https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-13077 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-13078 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-13079 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-13080 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-13081 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-13082 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-13084 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-13086 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-13087 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-13088 ( Security fix ) +--------------------------+

    Where to find the new packages: +-----------------------------+

    Thanks to the friendly folks at the OSU Open Source Lab (http://osuosl.org) for donating FTP and rsync hosting to the Slackware project! :-)

    Also see the "Get Slack" section on http://slackware.com for additional mirror sites near you.

    Updated package for Slackware 14.0: ftp://ftp.slackware.com/pub/slackware/slackware-14.0/patches/packages/wpa_supplicant-2.6-i486-1_slack14.0.txz

    Updated package for Slackware x86_64 14.0: ftp://ftp.slackware.com/pub/slackware/slackware64-14.0/patches/packages/wpa_supplicant-2.6-x86_64-1_slack14.0.txz

    Updated package for Slackware 14.1: ftp://ftp.slackware.com/pub/slackware/slackware-14.1/patches/packages/wpa_supplicant-2.6-i486-1_slack14.1.txz

    Updated package for Slackware x86_64 14.1: ftp://ftp.slackware.com/pub/slackware/slackware64-14.1/patches/packages/wpa_supplicant-2.6-x86_64-1_slack14.1.txz

    Updated package for Slackware 14.2: ftp://ftp.slackware.com/pub/slackware/slackware-14.2/patches/packages/wpa_supplicant-2.6-i586-1_slack14.2.txz

    Updated package for Slackware x86_64 14.2: ftp://ftp.slackware.com/pub/slackware/slackware64-14.2/patches/packages/wpa_supplicant-2.6-x86_64-1_slack14.2.txz

    Updated package for Slackware -current: ftp://ftp.slackware.com/pub/slackware/slackware-current/slackware/n/wpa_supplicant-2.6-i586-2.txz

    Updated package for Slackware x86_64 -current: ftp://ftp.slackware.com/pub/slackware/slackware64-current/slackware64/n/wpa_supplicant-2.6-x86_64-2.txz

    MD5 signatures: +-------------+

    Slackware 14.0 package: d8ecfaadb50b3547967ab53733ffc019 wpa_supplicant-2.6-i486-1_slack14.0.txz

    Slackware x86_64 14.0 package: f25216d28800504ce498705da7c9a825 wpa_supplicant-2.6-x86_64-1_slack14.0.txz

    Slackware 14.1 package: 15c61050e4bab2581757befd86be74c0 wpa_supplicant-2.6-i486-1_slack14.1.txz

    Slackware x86_64 14.1 package: 49fd537a520338744f7757615556d352 wpa_supplicant-2.6-x86_64-1_slack14.1.txz

    Slackware 14.2 package: c5539f40c8510af89be92945f0f80185 wpa_supplicant-2.6-i586-1_slack14.2.txz

    Slackware x86_64 14.2 package: 4c527ff84fcdfd7839f217bbce2e4ae4 wpa_supplicant-2.6-x86_64-1_slack14.2.txz

    Slackware -current package: 28bd88a54e96368f7a7020c1f5fb67fe n/wpa_supplicant-2.6-i586-2.txz

    Slackware x86_64 -current package: 464fc6b48d1ac077f47e9a3a8534c160 n/wpa_supplicant-2.6-x86_64-2.txz

    Installation instructions: +------------------------+

    Upgrade the package as root:

    upgradepkg wpa_supplicant-2.6-i586-1_slack14.2.txz

    +-----+

    Slackware Linux Security Team http://slackware.com/gpg-key security@slackware.com

    +------------------------------------------------------------------------+ | To leave the slackware-security mailing list: | +------------------------------------------------------------------------+ | Send an email to majordomo@slackware.com with this text in the body of | | the email message: | | | | unsubscribe slackware-security | | | | You will get a confirmation message back containing instructions to | | complete the process. Please do not reply to this email address

    Show details on source website

    {
      "@context": {
        "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
        "affected_products": {
          "@id": "https://www.variotdbs.pl/ref/affected_products"
        },
        "configurations": {
          "@id": "https://www.variotdbs.pl/ref/configurations"
        },
        "credits": {
          "@id": "https://www.variotdbs.pl/ref/credits"
        },
        "cvss": {
          "@id": "https://www.variotdbs.pl/ref/cvss/"
        },
        "description": {
          "@id": "https://www.variotdbs.pl/ref/description/"
        },
        "exploit_availability": {
          "@id": "https://www.variotdbs.pl/ref/exploit_availability/"
        },
        "external_ids": {
          "@id": "https://www.variotdbs.pl/ref/external_ids/"
        },
        "iot": {
          "@id": "https://www.variotdbs.pl/ref/iot/"
        },
        "iot_taxonomy": {
          "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
        },
        "patch": {
          "@id": "https://www.variotdbs.pl/ref/patch/"
        },
        "problemtype_data": {
          "@id": "https://www.variotdbs.pl/ref/problemtype_data/"
        },
        "references": {
          "@id": "https://www.variotdbs.pl/ref/references/"
        },
        "sources": {
          "@id": "https://www.variotdbs.pl/ref/sources/"
        },
        "sources_release_date": {
          "@id": "https://www.variotdbs.pl/ref/sources_release_date/"
        },
        "sources_update_date": {
          "@id": "https://www.variotdbs.pl/ref/sources_update_date/"
        },
        "threat_type": {
          "@id": "https://www.variotdbs.pl/ref/threat_type/"
        },
        "title": {
          "@id": "https://www.variotdbs.pl/ref/title/"
        },
        "type": {
          "@id": "https://www.variotdbs.pl/ref/type/"
        }
      },
      "@id": "https://www.variotdbs.pl/vuln/VAR-201710-0214",
      "affected_products": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/affected_products#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            },
            "@id": "https://www.variotdbs.pl/ref/sources"
          }
        },
        "data": [
          {
            "model": "linux enterprise point of sale",
            "scope": "eq",
            "trust": 1.6,
            "vendor": "suse",
            "version": "11"
          },
          {
            "model": "linux enterprise server",
            "scope": "eq",
            "trust": 1.6,
            "vendor": "suse",
            "version": "11"
          },
          {
            "model": "openstack cloud",
            "scope": "eq",
            "trust": 1.6,
            "vendor": "suse",
            "version": "6"
          },
          {
            "model": "linux enterprise desktop",
            "scope": "eq",
            "trust": 1.6,
            "vendor": "suse",
            "version": "12"
          },
          {
            "model": "linux enterprise server",
            "scope": "eq",
            "trust": 1.6,
            "vendor": "suse",
            "version": "12"
          },
          {
            "model": "enterprise linux desktop",
            "scope": "eq",
            "trust": 1.3,
            "vendor": "redhat",
            "version": "7"
          },
          {
            "model": "enterprise linux server",
            "scope": "eq",
            "trust": 1.3,
            "vendor": "redhat",
            "version": "7"
          },
          {
            "model": "wpa supplicant",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "w1 fi",
            "version": "0.6.9"
          },
          {
            "model": "wpa supplicant",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "w1 fi",
            "version": "0.2.5"
          },
          {
            "model": "hostapd",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "w1 fi",
            "version": "1.1"
          },
          {
            "model": "linux",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "debian",
            "version": "9.0"
          },
          {
            "model": "hostapd",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "w1 fi",
            "version": "0.6.8"
          },
          {
            "model": "hostapd",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "w1 fi",
            "version": "2.0"
          },
          {
            "model": "hostapd",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "w1 fi",
            "version": "0.6.9"
          },
          {
            "model": "ubuntu linux",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "canonical",
            "version": "14.04"
          },
          {
            "model": "hostapd",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "w1 fi",
            "version": "0.2.5"
          },
          {
            "model": "wpa supplicant",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "w1 fi",
            "version": "0.4.9"
          },
          {
            "model": "hostapd",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "w1 fi",
            "version": "0.3.9"
          },
          {
            "model": "wpa supplicant",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "w1 fi",
            "version": "0.4.10"
          },
          {
            "model": "wpa supplicant",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "w1 fi",
            "version": "0.3.11"
          },
          {
            "model": "wpa supplicant",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "w1 fi",
            "version": "0.2.7"
          },
          {
            "model": "freebsd",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "freebsd",
            "version": "*"
          },
          {
            "model": "wpa supplicant",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "w1 fi",
            "version": "0.4.11"
          },
          {
            "model": "wpa supplicant",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "w1 fi",
            "version": "0.3.8"
          },
          {
            "model": "hostapd",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "w1 fi",
            "version": "0.4.9"
          },
          {
            "model": "wpa supplicant",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "w1 fi",
            "version": "0.2.6"
          },
          {
            "model": "freebsd",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "freebsd",
            "version": "10"
          },
          {
            "model": "hostapd",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "w1 fi",
            "version": "0.4.10"
          },
          {
            "model": "linux",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "debian",
            "version": "8.0"
          },
          {
            "model": "hostapd",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "w1 fi",
            "version": "0.3.11"
          },
          {
            "model": "wpa supplicant",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "w1 fi",
            "version": "2.2"
          },
          {
            "model": "hostapd",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "w1 fi",
            "version": "0.4.11"
          },
          {
            "model": "wpa supplicant",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "w1 fi",
            "version": "0.5.7"
          },
          {
            "model": "hostapd",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "w1 fi",
            "version": "0.2.6"
          },
          {
            "model": "hostapd",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "w1 fi",
            "version": "2.5"
          },
          {
            "model": "wpa supplicant",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "w1 fi",
            "version": "2.4"
          },
          {
            "model": "wpa supplicant",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "w1 fi",
            "version": "0.5.8"
          },
          {
            "model": "wpa supplicant",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "w1 fi",
            "version": "0.3.7"
          },
          {
            "model": "wpa supplicant",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "w1 fi",
            "version": "1.1"
          },
          {
            "model": "wpa supplicant",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "w1 fi",
            "version": "0.6.10"
          },
          {
            "model": "hostapd",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "w1 fi",
            "version": "0.5.7"
          },
          {
            "model": "wpa supplicant",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "w1 fi",
            "version": "0.7.3"
          },
          {
            "model": "wpa supplicant",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "w1 fi",
            "version": "1.0"
          },
          {
            "model": "hostapd",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "w1 fi",
            "version": "2.4"
          },
          {
            "model": "hostapd",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "w1 fi",
            "version": "0.5.8"
          },
          {
            "model": "wpa supplicant",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "w1 fi",
            "version": "2.6"
          },
          {
            "model": "hostapd",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "w1 fi",
            "version": "0.3.7"
          },
          {
            "model": "hostapd",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "w1 fi",
            "version": "0.6.10"
          },
          {
            "model": "wpa supplicant",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "w1 fi",
            "version": "0.2.8"
          },
          {
            "model": "hostapd",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "w1 fi",
            "version": "0.7.3"
          },
          {
            "model": "freebsd",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "freebsd",
            "version": "11.1"
          },
          {
            "model": "hostapd",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "w1 fi",
            "version": "1.0"
          },
          {
            "model": "wpa supplicant",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "w1 fi",
            "version": "0.3.9"
          },
          {
            "model": "hostapd",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "w1 fi",
            "version": "2.6"
          },
          {
            "model": "wpa supplicant",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "w1 fi",
            "version": "0.2.4"
          },
          {
            "model": "wpa supplicant",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "w1 fi",
            "version": "0.3.10"
          },
          {
            "model": "wpa supplicant",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "w1 fi",
            "version": "0.5.10"
          },
          {
            "model": "wpa supplicant",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "w1 fi",
            "version": "0.5.9"
          },
          {
            "model": "wpa supplicant",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "w1 fi",
            "version": "2.1"
          },
          {
            "model": "hostapd",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "w1 fi",
            "version": "0.2.8"
          },
          {
            "model": "leap",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "opensuse",
            "version": "42.2"
          },
          {
            "model": "wpa supplicant",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "w1 fi",
            "version": "0.4.7"
          },
          {
            "model": "ubuntu linux",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "canonical",
            "version": "17.04"
          },
          {
            "model": "hostapd",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "w1 fi",
            "version": "0.2.4"
          },
          {
            "model": "hostapd",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "w1 fi",
            "version": "0.3.10"
          },
          {
            "model": "wpa supplicant",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "w1 fi",
            "version": "2.3"
          },
          {
            "model": "freebsd",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "freebsd",
            "version": "10.4"
          },
          {
            "model": "hostapd",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "w1 fi",
            "version": "0.5.10"
          },
          {
            "model": "hostapd",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "w1 fi",
            "version": "0.5.9"
          },
          {
            "model": "hostapd",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "w1 fi",
            "version": "2.1"
          },
          {
            "model": "wpa supplicant",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "w1 fi",
            "version": "0.5.11"
          },
          {
            "model": "wpa supplicant",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "w1 fi",
            "version": "2.5"
          },
          {
            "model": "hostapd",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "w1 fi",
            "version": "0.4.7"
          },
          {
            "model": "hostapd",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "w1 fi",
            "version": "2.3"
          },
          {
            "model": "wpa supplicant",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "w1 fi",
            "version": "0.4.8"
          },
          {
            "model": "hostapd",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "w1 fi",
            "version": "0.5.11"
          },
          {
            "model": "ubuntu linux",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "canonical",
            "version": "16.04"
          },
          {
            "model": "hostapd",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "w1 fi",
            "version": "2.2"
          },
          {
            "model": "wpa supplicant",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "w1 fi",
            "version": "0.6.8"
          },
          {
            "model": "freebsd",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "freebsd",
            "version": "11"
          },
          {
            "model": "hostapd",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "w1 fi",
            "version": "0.4.8"
          },
          {
            "model": "wpa supplicant",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "w1 fi",
            "version": "2.0"
          },
          {
            "model": "leap",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "opensuse",
            "version": "42.3"
          },
          {
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "9front",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "adtran",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "avm",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "actiontec",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "aerohive",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "alcatel lucent",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "android open source",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "apple",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "arch linux",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "aruba",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "asustek computer",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "barracuda",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "broadcom",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "cambium",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "centos",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "cisco",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "cradlepoint",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "cypress semiconductor",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "d link",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "debian gnu linux",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "dell",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "digi",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "draytek",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "edimax computer",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "engenius",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "endian",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "espressif",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "extreme",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "f secure",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "fedora",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "fortinet",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "freebsd",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "gentoo linux",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "google",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "hewlett packard",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "hostap",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "ipfire",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "intel",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "juniper",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "lancom",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "lede",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "lifx",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "lenovo",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "microchip",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "microsoft",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "mojo",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "nest",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "netbsd",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "netgear",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "opnsense",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "omnirom",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "open mesh",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "openbsd",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "peplink",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "red hat",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "riverbed",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "rockwell automation",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "ruckus",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "suse linux",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "samsung mobile",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "sierra",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "slackware linux",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "sonos",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "sony",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "sophos",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "synology",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "tp link",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "technicolor",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "texas instruments",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "toshiba commerce",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "toshiba electronic devices storage",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "toshiba memory",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "turris omnia",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "ubiquiti",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "ubuntu",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "volumio",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "watchguard",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "xiaomi",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "xirrus",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "zebra",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "zyxel",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "dd wrt",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "eero",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "pfsense",
            "version": null
          },
          {
            "model": "ubuntu",
            "scope": null,
            "trust": 0.8,
            "vendor": "canonical",
            "version": null
          },
          {
            "model": "gnu/linux",
            "scope": null,
            "trust": 0.8,
            "vendor": "debian",
            "version": null
          },
          {
            "model": "freebsd",
            "scope": null,
            "trust": 0.8,
            "vendor": "freebsd",
            "version": null
          },
          {
            "model": "leap",
            "scope": null,
            "trust": 0.8,
            "vendor": "opensuse",
            "version": null
          },
          {
            "model": "linux enterprise desktop",
            "scope": null,
            "trust": 0.8,
            "vendor": "suse",
            "version": null
          },
          {
            "model": "linux enterprise point of sale",
            "scope": null,
            "trust": 0.8,
            "vendor": "suse",
            "version": null
          },
          {
            "model": "linux enterprise server",
            "scope": null,
            "trust": 0.8,
            "vendor": "suse",
            "version": null
          },
          {
            "model": "openstack cloud",
            "scope": null,
            "trust": 0.8,
            "vendor": "suse",
            "version": null
          },
          {
            "model": "hostapd",
            "scope": null,
            "trust": 0.8,
            "vendor": "w1 fi",
            "version": null
          },
          {
            "model": "wpa supplicant",
            "scope": null,
            "trust": 0.8,
            "vendor": "w1 fi",
            "version": null
          },
          {
            "model": "enterprise linux desktop",
            "scope": null,
            "trust": 0.8,
            "vendor": "red hat",
            "version": null
          },
          {
            "model": "enterprise linux server",
            "scope": null,
            "trust": 0.8,
            "vendor": "red hat",
            "version": null
          },
          {
            "model": "edge gateway",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "nec",
            "version": null
          },
          {
            "model": "sr-m20ac1",
            "scope": "lte",
            "trust": 0.8,
            "vendor": "fujitsu",
            "version": "v02.10"
          },
          {
            "model": "sr-m20ac2",
            "scope": "lte",
            "trust": 0.8,
            "vendor": "fujitsu",
            "version": "v02.10"
          },
          {
            "model": "alliance wi-fi protected access 2",
            "scope": null,
            "trust": 0.6,
            "vendor": "wi fi",
            "version": null
          },
          {
            "model": "scalance w-700",
            "scope": "eq",
            "trust": 0.6,
            "vendor": "siemens",
            "version": "0"
          },
          {
            "model": "atom processor c3200 series for yocto project bsp mr4",
            "scope": null,
            "trust": 0.3,
            "vendor": "intel",
            "version": null
          },
          {
            "model": "ios",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "10.3.2"
          },
          {
            "model": "active management technology",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "intel",
            "version": "6.1"
          },
          {
            "model": "pyxis supplystation",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "bd",
            "version": "0"
          },
          {
            "model": "sinamics smart access module",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "siemens",
            "version": "v200"
          },
          {
            "model": "active management technology",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "intel",
            "version": "11.6.27.3264"
          },
          {
            "model": "meraki mr34",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "0"
          },
          {
            "model": "ck71a-atex",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "pepperl fuchs",
            "version": "0"
          },
          {
            "model": "arubaos",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "arubanetworks",
            "version": "6.5.2.0"
          },
          {
            "model": "macbook air",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "0"
          },
          {
            "model": "aironet series access points",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "18500"
          },
          {
            "model": "active management technology",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "intel",
            "version": "8.0"
          },
          {
            "model": "meraki mr26",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "0"
          },
          {
            "model": "arubaos",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "arubanetworks",
            "version": "6.4"
          },
          {
            "model": "aironet series access points",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "28000"
          },
          {
            "model": "enterprise linux for power big endian extended update support",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "redhat",
            "version": "-7.5"
          },
          {
            "model": "meraki mr84",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "0"
          },
          {
            "model": "contact fl wlan",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "phoenix",
            "version": "510x0"
          },
          {
            "model": "windows server r2 for itanium-based systems sp1",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "microsoft",
            "version": "2008"
          },
          {
            "model": "contact itc",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "phoenix",
            "version": "81130"
          },
          {
            "model": "enterprise linux workstation",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "redhat",
            "version": "7"
          },
          {
            "model": "active management technology",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "intel",
            "version": "10.0"
          },
          {
            "model": "dual band wireless-ac",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "intel",
            "version": "726519.51.0.0"
          },
          {
            "model": "enterprise linux server extended update support",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "redhat",
            "version": "-7.6"
          },
          {
            "model": "meraki mr18",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "0"
          },
          {
            "model": "arubaos",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "arubanetworks",
            "version": "8.1.0.3"
          },
          {
            "model": "scalance w1750d",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "siemens",
            "version": "0"
          },
          {
            "model": "secure ii med-surg bed",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "stryker",
            "version": "3002"
          },
          {
            "model": "contact fl wlan",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "phoenix",
            "version": "210x0"
          },
          {
            "model": "windows version for x64-based systems",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "microsoft",
            "version": "1015110"
          },
          {
            "model": "aironet access points",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "0"
          },
          {
            "model": "contact fl wlan ap",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "phoenix",
            "version": "24802-110"
          },
          {
            "model": "active management technology",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "intel",
            "version": "11.0"
          },
          {
            "model": "instantos",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "arubanetworks",
            "version": "6.5.4.1"
          },
          {
            "model": "tvos",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "10.2"
          },
          {
            "model": "wap371 wireless-ac n access point with single point setup",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "0"
          },
          {
            "model": "ex-handy",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "pepperl fuchs",
            "version": "2090"
          },
          {
            "model": "arubaos",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "arubanetworks",
            "version": "6.5.3.2"
          },
          {
            "model": "contact rad-80211-xd",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "phoenix",
            "version": "0"
          },
          {
            "model": "ios",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "apple",
            "version": "11.2"
          },
          {
            "model": "contact fl wlan dap",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "phoenix",
            "version": "24802-110"
          },
          {
            "model": "dual band wireless-ac",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "intel",
            "version": "726519.10.9.1"
          },
          {
            "model": "arubaos",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "arubanetworks",
            "version": "6.3.1.25"
          },
          {
            "model": "pyxis medstation es",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "bd",
            "version": "0"
          },
          {
            "model": "wireless ip phone",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "88210"
          },
          {
            "model": "pyxis stockstation system",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "bd",
            "version": "0"
          },
          {
            "model": "macbook",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "0"
          },
          {
            "model": "dual band wireless-ac",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "intel",
            "version": "316819.51.7.1"
          },
          {
            "model": "dual band wireless-ac",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "intel",
            "version": "726519.10.9.2"
          },
          {
            "model": "scalance wlc712",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "siemens",
            "version": "0"
          },
          {
            "model": "contact fl wlan spa",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "phoenix",
            "version": "0"
          },
          {
            "model": "meraki mr62",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "0"
          },
          {
            "model": "simatic et200 pro im154-6 pn iwlan",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "siemens",
            "version": "0"
          },
          {
            "model": "tropos broadband mesh routers and bridges",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "abb",
            "version": "0"
          },
          {
            "model": "dual band wireless-ac",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "intel",
            "version": "316819.10.9.2"
          },
          {
            "model": "meraki mr33",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "0"
          },
          {
            "model": "instantos",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "arubanetworks",
            "version": "6.5.3.3"
          },
          {
            "model": "micros handheld terminal",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "oracle",
            "version": "0"
          },
          {
            "model": "windows server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "microsoft",
            "version": "20120"
          },
          {
            "model": "instantos",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "arubanetworks",
            "version": "6.5.2"
          },
          {
            "model": "dual band wireless-ac",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "intel",
            "version": "316018.33.9.2"
          },
          {
            "model": "windows version for 32-bit systems",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "microsoft",
            "version": "1017030"
          },
          {
            "model": "atom processor c3200 series for yocto project bsp mr4.1",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "intel",
            "version": null
          },
          {
            "model": "active management technology",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "intel",
            "version": "2.6"
          },
          {
            "model": "android",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "7.1.0"
          },
          {
            "model": "contact fl wlan",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "phoenix",
            "version": "110x0"
          },
          {
            "model": "windows for 32-bit systems",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "microsoft",
            "version": "100"
          },
          {
            "model": "s3 med-surg bed",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "stryker",
            "version": "3002"
          },
          {
            "model": "arubaos",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "arubanetworks",
            "version": "6.4.2.4"
          },
          {
            "model": "tvos",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "11.1"
          },
          {
            "model": "contact fl comserver wlan",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "phoenix",
            "version": "232/422/4850"
          },
          {
            "model": "airport base station",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "7.6.8"
          },
          {
            "model": "enterprise linux server update services for sap solutions",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "redhat",
            "version": "-7."
          },
          {
            "model": "active management technology",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "intel",
            "version": "7.1.91.3272"
          },
          {
            "model": "instantos",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "arubanetworks",
            "version": "4.2.4.9"
          },
          {
            "model": "contact fl wlan ap",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "phoenix",
            "version": "230802-110"
          },
          {
            "model": "android",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "6.1"
          },
          {
            "model": "enterprise linux for power little endian extended update supp",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "redhat",
            "version": "-7.6"
          },
          {
            "model": "meraki mr14",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "0"
          },
          {
            "model": "enterprise linux eus compute node",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "redhat",
            "version": "7.5"
          },
          {
            "model": "aironet series access points",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "18150"
          },
          {
            "model": "wireless client bridge 2.0.0.1-aruba501-b00",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "arubanetworks",
            "version": "501"
          },
          {
            "model": "enterprise linux server extended update support",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "redhat",
            "version": "-7.4"
          },
          {
            "model": "enterprise linux server tus",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "redhat",
            "version": "-7.6"
          },
          {
            "model": "dual band wireless-ac",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "intel",
            "version": "726018.33.9.2"
          },
          {
            "model": "airport express",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "0"
          },
          {
            "model": "meraki mr16",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "0"
          },
          {
            "model": "clarity engine",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "arubanetworks",
            "version": "1.0"
          },
          {
            "model": "meraki mr30h",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "0"
          },
          {
            "model": "airport extreme",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "0"
          },
          {
            "model": "windows server r2",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "microsoft",
            "version": "20120"
          },
          {
            "model": "dual band wireless-ac",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "intel",
            "version": "826520.0.2.3"
          },
          {
            "model": "android",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "8.0"
          },
          {
            "model": "contact bl2 bpc",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "phoenix",
            "version": "0"
          },
          {
            "model": "tvos",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "10.0.1"
          },
          {
            "model": "enterprise linux for ibm z systems",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "redhat",
            "version": "7"
          },
          {
            "model": "watch",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "0"
          },
          {
            "model": "meraki mr32",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "0"
          },
          {
            "model": "wpa supplicant",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "w1 f1",
            "version": "2.4"
          },
          {
            "model": "active management technology",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "intel",
            "version": "4.0"
          },
          {
            "model": "ruggedcom rx1400",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "siemens",
            "version": "0"
          },
          {
            "model": "cn70a-atex",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "pepperl fuchs",
            "version": "0"
          },
          {
            "model": "windows version for 32-bit systems",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "microsoft",
            "version": "1015110"
          },
          {
            "model": "arubaos",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "arubanetworks",
            "version": "6.5.3"
          },
          {
            "model": "pyxis parx handheld",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "bd",
            "version": "0"
          },
          {
            "model": "dual band wireless-ac",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "intel",
            "version": "726519.10"
          },
          {
            "model": "active management technology",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "intel",
            "version": "9.1.40.100"
          },
          {
            "model": "tvos",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "10.1.1"
          },
          {
            "model": "instantos",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "arubanetworks",
            "version": "6.5.3"
          },
          {
            "model": "windows rt",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "microsoft",
            "version": "8.1"
          },
          {
            "model": "meraki mr42",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "0"
          },
          {
            "model": "instantos",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "arubanetworks",
            "version": "4.3.1.6"
          },
          {
            "model": "airport base station",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "7.7.3"
          },
          {
            "model": "wap561 wireless-n dual radio selectable band access point",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "0"
          },
          {
            "model": "active management technology",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "intel",
            "version": "11.0.26.3000"
          },
          {
            "model": "instantos",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "arubanetworks",
            "version": "6.5.4.2"
          },
          {
            "model": "active management technology",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "intel",
            "version": "11.6"
          },
          {
            "model": "tvos",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "apple",
            "version": "11.2"
          },
          {
            "model": "active management technology",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "intel",
            "version": "6.0"
          },
          {
            "model": "windows server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "microsoft",
            "version": "2016"
          },
          {
            "model": "contact rad-whg/wlan-xd",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "phoenix",
            "version": "0"
          },
          {
            "model": "dual band wireless-ac",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "intel",
            "version": "726018.33.9.3"
          },
          {
            "model": "wi-fi update for boot camp",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "apple",
            "version": "6.4.0"
          },
          {
            "model": "suremark printer 2nr",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "toshiba",
            "version": "4610"
          },
          {
            "model": "android",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "7.1.1"
          },
          {
            "model": "arubaos",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "arubanetworks",
            "version": "6.5.4.2"
          },
          {
            "model": "enterprise linux for power little endian extended update supp",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "redhat",
            "version": "-7.5"
          },
          {
            "model": "enterprise linux for power little endian",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "redhat",
            "version": "7"
          },
          {
            "model": "dual band wireless-ac",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "intel",
            "version": "826520.0.0.0"
          },
          {
            "model": "tvos",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "10.2.1"
          },
          {
            "model": "arubaos",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "arubanetworks",
            "version": "6.3.1.8"
          },
          {
            "model": "windows server for x64-based systems sp2",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "microsoft",
            "version": "2008"
          },
          {
            "model": "pyxis supply roller",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "bd",
            "version": "0"
          },
          {
            "model": "airport base station",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "7.6.3"
          },
          {
            "model": "ios",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "10.3"
          },
          {
            "model": "telepresence collaboration endpoint",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "0"
          },
          {
            "model": "active management technology",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "intel",
            "version": "6.2.61.3535"
          },
          {
            "model": "contact vmt",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "phoenix",
            "version": "70xx0"
          },
          {
            "model": "imac",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "0"
          },
          {
            "model": "meraki mr72",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "0"
          },
          {
            "model": "watchos",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "4"
          },
          {
            "model": "enterprise linux for power little endian extended update supp",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "redhat",
            "version": "-7.4"
          },
          {
            "model": "active management technology",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "intel",
            "version": "11.0.25.3001"
          },
          {
            "model": "arubaos",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "arubanetworks",
            "version": "8.1.0.4"
          },
          {
            "model": "active management technology",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "intel",
            "version": "9.1"
          },
          {
            "model": "enterprise linux server tus",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "redhat",
            "version": "-7.4"
          },
          {
            "model": "active management technology",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "intel",
            "version": "6.2"
          },
          {
            "model": "meraki mr53",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "0"
          },
          {
            "model": "tvos",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "10.1"
          },
          {
            "model": "wap551 wireless-n single radio selectable band access point",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "0"
          },
          {
            "model": "instantos",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "arubanetworks",
            "version": "4.2"
          },
          {
            "model": "instantos",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "arubanetworks",
            "version": "6.5.3.2"
          },
          {
            "model": "dual band wireless-ac",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "intel",
            "version": "316519.10"
          },
          {
            "model": "dual band wireless-ac",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "intel",
            "version": "826020.0.0.0"
          },
          {
            "model": "wap121 wireless-n access point with single point setup",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "0"
          },
          {
            "model": "active management technology",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "intel",
            "version": "2.5"
          },
          {
            "model": "active management technology",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "intel",
            "version": "11.6.0.1000"
          },
          {
            "model": "wireless client bridge 1.0.1.3-hp501-b0012",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "arubanetworks",
            "version": "501"
          },
          {
            "model": "i.roc ci70-ex",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "pepperl fuchs",
            "version": "0"
          },
          {
            "model": "arubaos",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "arubanetworks",
            "version": "6.5.0.0"
          },
          {
            "model": "dual band wireless-ac",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "intel",
            "version": "826020.0.2.2"
          },
          {
            "model": "active management technology",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "intel",
            "version": "7.1"
          },
          {
            "model": "cn70e-atex",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "pepperl fuchs",
            "version": "0"
          },
          {
            "model": "dual band wireless-ac",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "intel",
            "version": "726018.0.0.0"
          },
          {
            "model": "meraki mr24",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "0"
          },
          {
            "model": "suremark printer 1nr",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "toshiba",
            "version": "4610"
          },
          {
            "model": "enterprise linux for ibm z systems extended update support",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "redhat",
            "version": "-7.6"
          },
          {
            "model": "contact vmt",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "phoenix",
            "version": "50xx0"
          },
          {
            "model": "meraki mr74",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "0"
          },
          {
            "model": "ex-handy",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "pepperl fuchs",
            "version": "090"
          },
          {
            "model": "arubaos",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "arubanetworks",
            "version": "6.4.4.15"
          },
          {
            "model": "dual band wireless-ac",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "intel",
            "version": "316519.51.7.1"
          },
          {
            "model": "dual band wireless-ac",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "intel",
            "version": "726519.51.7.20"
          },
          {
            "model": "anyconnect secure mobility client",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "0"
          },
          {
            "model": "dual band wireless-ac",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "intel",
            "version": "726519.51.7.1"
          },
          {
            "model": "systems esp32",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "espressif",
            "version": "0"
          },
          {
            "model": "watchos",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "4.1"
          },
          {
            "model": "enterprise linux server extended update support",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "redhat",
            "version": "-7.5"
          },
          {
            "model": "micros handheld terminal 2.03.0.0.021r",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "oracle",
            "version": null
          },
          {
            "model": "aironet series access points",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "38000"
          },
          {
            "model": "pyxis parx",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "bd",
            "version": "0"
          },
          {
            "model": "dx70",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "0"
          },
          {
            "model": "arubaos",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "arubanetworks",
            "version": "6.5.1.9"
          },
          {
            "model": "enterprise linux server update services for sap solutions",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "redhat",
            "version": "-7.6"
          },
          {
            "model": "intouch critical care bed",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "stryker",
            "version": "2141"
          },
          {
            "model": "pyxis anesthesia es",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "bd",
            "version": "0"
          },
          {
            "model": "aironet series officeextend access points",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "18100"
          },
          {
            "model": "windows for x64-based systems",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "microsoft",
            "version": "8.10"
          },
          {
            "model": "dual band wireless-ac",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "intel",
            "version": "316819.10.9.1"
          },
          {
            "model": "active management technology",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "intel",
            "version": "10.0.55.3000"
          },
          {
            "model": "windows for 32-bit systems",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "microsoft",
            "version": "8.10"
          },
          {
            "model": "android",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "6.0"
          },
          {
            "model": "meraki mr66",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "0"
          },
          {
            "model": "dual band wireless-ac",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "intel",
            "version": "316519.10.9.1"
          },
          {
            "model": "airport base station",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "7.6"
          },
          {
            "model": "intouch critical care bed",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "stryker",
            "version": "2131"
          },
          {
            "model": "android",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "7.1.2"
          },
          {
            "model": "aironet series access points",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "18300"
          },
          {
            "model": "enterprise linux server aus",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "redhat",
            "version": "-7.6"
          },
          {
            "model": "enterprise linux for power big endian extended update support",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "redhat",
            "version": "-7.6"
          },
          {
            "model": "active management technology",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "intel",
            "version": "10.0.0.50.1004"
          },
          {
            "model": "arubaos",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "arubanetworks",
            "version": "6.4.1.0"
          },
          {
            "model": "wap321 wireless-n access point with single point setup",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "0"
          },
          {
            "model": "simatic iwlan-pb/link",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "siemens",
            "version": "0"
          },
          {
            "model": "aironet 1810w series access points",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "0"
          },
          {
            "model": "meraki mr52",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "0"
          },
          {
            "model": "enterprise linux for ibm z systems extended update support",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "redhat",
            "version": "-7.5"
          },
          {
            "model": "meraki mr12",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "0"
          },
          {
            "model": "airmesh msr",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "arubanetworks",
            "version": "0"
          },
          {
            "model": "dual band wireless-ac",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "intel",
            "version": "316519.51.7.20"
          },
          {
            "model": "watchos",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "apple",
            "version": "4.2"
          },
          {
            "model": "contact fl wlan ec",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "phoenix",
            "version": "24802-110"
          },
          {
            "model": "instantos",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "arubanetworks",
            "version": "4.2.4.8"
          },
          {
            "model": "systems esp8266",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "espressif",
            "version": "0"
          },
          {
            "model": "tv",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "0"
          },
          {
            "model": "pad-ex",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "pepperl fuchs",
            "version": "010"
          },
          {
            "model": "active management technology",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "intel",
            "version": "11.0.0.1205"
          },
          {
            "model": "ip phone",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "88610"
          },
          {
            "model": "clarity engine",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "arubanetworks",
            "version": "1.0.0.1"
          },
          {
            "model": "aironet series access points",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "15600"
          },
          {
            "model": "windows for 32-bit systems sp1",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "microsoft",
            "version": "7"
          },
          {
            "model": "instantos",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "arubanetworks",
            "version": "4.3.1.5"
          },
          {
            "model": "airport base station",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "7.6.2"
          },
          {
            "model": "active management technology",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "intel",
            "version": "8.1"
          },
          {
            "model": "active management technology",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "intel",
            "version": "11.8"
          },
          {
            "model": "windows for x64-based systems sp1",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "microsoft",
            "version": "7"
          },
          {
            "model": "enterprise linux for ibm z systems extended update support",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "redhat",
            "version": "-7.4"
          },
          {
            "model": "meraki mr58",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "0"
          },
          {
            "model": "windows version for 32-bit systems",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "microsoft",
            "version": "1016070"
          },
          {
            "model": "dual band wireless-ac",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "intel",
            "version": "316519.10.9.2"
          },
          {
            "model": "pyxis parassist system",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "bd",
            "version": "0"
          },
          {
            "model": "windows server for 32-bit systems sp2",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "microsoft",
            "version": "2008"
          },
          {
            "model": "instantos",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "arubanetworks",
            "version": "4.3"
          },
          {
            "model": "android",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "7.0"
          },
          {
            "model": "simatic mobile panel 277 iwlan",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "siemens",
            "version": "0"
          },
          {
            "model": "pyxis medstation t2",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "bd",
            "version": "40000"
          },
          {
            "model": "dual band wireless-ac",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "intel",
            "version": "826020.0.2.3"
          },
          {
            "model": "android",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "6.0.1"
          },
          {
            "model": "airport base station",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "7.6.1"
          },
          {
            "model": "dual band wireless-ac",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "intel",
            "version": "316519.51.0.0"
          },
          {
            "model": "wi-fi update for boot camp",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "0"
          },
          {
            "model": "enterprise linux server update services for sap solutions",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "redhat",
            "version": "-7.4"
          },
          {
            "model": "ipad",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "0"
          },
          {
            "model": "contact vmt",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "phoenix",
            "version": "30xx0"
          },
          {
            "model": "enterprise linux for power big endian",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "redhat",
            "version": "7"
          },
          {
            "model": "wpa supplicant",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "w1 f1",
            "version": "2.6"
          },
          {
            "model": "wireless client bridge",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "arubanetworks",
            "version": "5010"
          },
          {
            "model": "ios",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "10.0.1"
          },
          {
            "model": "active management technology",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "intel",
            "version": "11.5"
          },
          {
            "model": "meraki mr11",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "0"
          },
          {
            "model": "ios",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "10.3.3"
          },
          {
            "model": "pyxis anesthesia system",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "bd",
            "version": "40000"
          },
          {
            "model": "tvos",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "10.2.2"
          },
          {
            "model": "pyxis anesthesia system",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "bd",
            "version": "35000"
          },
          {
            "model": "automation stratix 15.3 jc1",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "rockwell",
            "version": "5100"
          },
          {
            "model": "enterprise linux server aus",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "redhat",
            "version": "-7.4"
          },
          {
            "model": "pyxis ciisafe workstation",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "bd",
            "version": "??0"
          },
          {
            "model": "enterprise linux for power big endian extended update support",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "redhat",
            "version": "-7.4"
          },
          {
            "model": "airport base station",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "7.6.7"
          },
          {
            "model": "dual band wireless-ac",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "intel",
            "version": "316819.51.0.0"
          },
          {
            "model": "ipad air",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "0"
          },
          {
            "model": "active management technology",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "intel",
            "version": "7.0"
          },
          {
            "model": "arubaos",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "arubanetworks",
            "version": "6.5.4.1"
          },
          {
            "model": "enterprise linux eus compute node",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "redhat",
            "version": "7.6"
          },
          {
            "model": "enterprise linux for scientific computing",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "redhat",
            "version": "7"
          },
          {
            "model": "active management technology",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "intel",
            "version": "8.1.71.3608"
          },
          {
            "model": "active management technology",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "intel",
            "version": "9.1.41.3024"
          },
          {
            "model": "arubaos",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "arubanetworks",
            "version": "6.4.2.1"
          },
          {
            "model": "enterprise linux eus compute node",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "redhat",
            "version": "7.4"
          },
          {
            "model": "dx80",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "0"
          },
          {
            "model": "active management technology",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "intel",
            "version": "9.0"
          },
          {
            "model": "contact bl2 ppc",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "phoenix",
            "version": "0"
          },
          {
            "model": "contact tpc",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "phoenix",
            "version": "60130"
          },
          {
            "model": "ipod touch",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "0"
          },
          {
            "model": "arubaos",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "arubanetworks",
            "version": "6.5.1"
          },
          {
            "model": "ck70a-atex",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "pepperl fuchs",
            "version": "0"
          },
          {
            "model": "ios",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "10.2.1"
          },
          {
            "model": "ios",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "10.3.1"
          },
          {
            "model": "dual band wireless-ac",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "intel",
            "version": "316819.51.7.20"
          },
          {
            "model": "macbook pro",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "0"
          },
          {
            "model": "dual band wireless-ac",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "intel",
            "version": "316819.10"
          },
          {
            "model": "windows for x64-based systems",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "microsoft",
            "version": "100"
          },
          {
            "model": "airport base station",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "7.7.8"
          },
          {
            "model": "active management technology",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "intel",
            "version": "9.5"
          },
          {
            "model": "ios",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "10.1"
          },
          {
            "model": "ios",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "10.2"
          },
          {
            "model": "airport base station",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "7.6.4"
          },
          {
            "model": "smart-ex",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "pepperl fuchs",
            "version": "010"
          },
          {
            "model": "dual band wireless-ac",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "intel",
            "version": "826520.0.2.2"
          },
          {
            "model": "dual band wireless-ac",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "intel",
            "version": "316018.33.9.3"
          },
          {
            "model": "tab-ex",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "pepperl fuchs",
            "version": "010"
          },
          {
            "model": "arubaos",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "arubanetworks",
            "version": "6.5.3.3"
          },
          {
            "model": "iphone",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "0"
          },
          {
            "model": "macmini",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "0"
          },
          {
            "model": "arubaos",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "arubanetworks",
            "version": "6.4.4.16"
          },
          {
            "model": "contact fl wlan epa",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "phoenix",
            "version": "0"
          },
          {
            "model": "airport time capsule",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "0"
          },
          {
            "model": "alliance wpa2 (wi-fi protected access",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "wi fi",
            "version": "2)0"
          },
          {
            "model": "airport base station",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "apple",
            "version": "7.7.9"
          },
          {
            "model": "scalance wlc711",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "siemens",
            "version": "0"
          },
          {
            "model": "ruggedcom rs9xxw",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "siemens",
            "version": "0"
          },
          {
            "model": "arubaos",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "arubanetworks",
            "version": "6.3.1.15"
          },
          {
            "model": "networks unifi access point",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ubiquiti",
            "version": "0"
          },
          {
            "model": "suremark printer 2cr",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "toshiba",
            "version": "4610"
          },
          {
            "model": "ip phone",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "88650"
          },
          {
            "model": "arubaos",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "arubanetworks",
            "version": "6.5.4"
          },
          {
            "model": "airport base station",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "7.7.7"
          },
          {
            "model": "instantos",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "arubanetworks",
            "version": "6.5.4"
          },
          {
            "model": "asa 5506w-x w/ firepower services",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "0"
          },
          {
            "model": "windows version for x64-based systems",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "microsoft",
            "version": "1016070"
          },
          {
            "model": "airport base station",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "apple",
            "version": "7.6.9"
          },
          {
            "model": "s3 med-surg bed",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "stryker",
            "version": "3005"
          },
          {
            "model": "dual band wireless-ac",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "intel",
            "version": "316018.0.0.0"
          },
          {
            "model": "smart-ex",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "pepperl fuchs",
            "version": "2010"
          },
          {
            "model": "windows version for x64-based systems",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "microsoft",
            "version": "1017030"
          },
          {
            "model": "ios",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "11.1"
          },
          {
            "model": "alliance",
            "scope": "eq",
            "trust": 0.2,
            "vendor": "wi fi",
            "version": "*"
          },
          {
            "model": "protected access 2",
            "scope": null,
            "trust": 0.2,
            "vendor": "wi fi",
            "version": null
          }
        ],
        "sources": [
          {
            "db": "IVD",
            "id": "677462e3-ebb6-4e50-89c1-86a854509d8d"
          },
          {
            "db": "CERT/CC",
            "id": "VU#228519"
          },
          {
            "db": "CNVD",
            "id": "CNVD-2017-30399"
          },
          {
            "db": "BID",
            "id": "101274"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2017-009177"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201710-387"
          },
          {
            "db": "NVD",
            "id": "CVE-2017-13086"
          }
        ]
      },
      "configurations": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/configurations#",
          "children": {
            "@container": "@list"
          },
          "cpe_match": {
            "@container": "@list"
          },
          "data": {
            "@container": "@list"
          },
          "nodes": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "CVE_data_version": "4.0",
            "nodes": [
              {
                "cpe_match": [
                  {
                    "cpe22Uri": "cpe:/o:canonical:ubuntu",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:debian:debian_linux",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:freebsd:freebsd",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:opensuse_project:leap",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:suse:linux_enterprise_desktop",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:suse:suse_linux_enterprise_point_of_sale",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:suse:linux_enterprise_server",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/a:suse:openstack_cloud",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/a:w1.fi:hostapd",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/a:w1.fi:wpa_supplicant",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:redhat:enterprise_linux_desktop",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:redhat:enterprise_linux_server",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:nec:nec_edge_gateway",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/a:fujitsu:sr-m20ac1",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/a:fujitsu:sr-m20ac2",
                    "vulnerable": true
                  }
                ],
                "operator": "OR"
              }
            ]
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2017-009177"
          }
        ]
      },
      "credits": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/credits#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "Mathy Vanhoef from imec-DistriNet and KU Leuven.",
        "sources": [
          {
            "db": "BID",
            "id": "101274"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201710-387"
          }
        ],
        "trust": 0.9
      },
      "cve": "CVE-2017-13086",
      "cvss": {
        "@context": {
          "cvssV2": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
          },
          "cvssV3": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
          },
          "severity": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/cvss/severity#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/severity"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            },
            "@id": "https://www.variotdbs.pl/ref/sources"
          }
        },
        "data": [
          {
            "cvssV2": [
              {
                "accessComplexity": "MEDIUM",
                "accessVector": "ADJACENT_NETWORK",
                "authentication": "NONE",
                "author": "nvd@nist.gov",
                "availabilityImpact": "PARTIAL",
                "baseScore": 5.4,
                "confidentialityImpact": "PARTIAL",
                "exploitabilityScore": 5.5,
                "id": "CVE-2017-13086",
                "impactScore": 6.4,
                "integrityImpact": "PARTIAL",
                "severity": "MEDIUM",
                "trust": 1.9,
                "vectorString": "AV:A/AC:M/Au:N/C:P/I:P/A:P",
                "version": "2.0"
              },
              {
                "accessComplexity": "MEDIUM",
                "accessVector": "ADJACENT_NETWORK",
                "authentication": "NONE",
                "author": "CNVD",
                "availabilityImpact": "PARTIAL",
                "baseScore": 5.4,
                "confidentialityImpact": "PARTIAL",
                "exploitabilityScore": 5.5,
                "id": "CNVD-2017-30399",
                "impactScore": 6.4,
                "integrityImpact": "PARTIAL",
                "severity": "MEDIUM",
                "trust": 0.6,
                "vectorString": "AV:A/AC:M/Au:N/C:P/I:P/A:P",
                "version": "2.0"
              },
              {
                "accessComplexity": "MEDIUM",
                "accessVector": "ADJACENT_NETWORK",
                "authentication": "NONE",
                "author": "IVD",
                "availabilityImpact": "PARTIAL",
                "baseScore": 5.4,
                "confidentialityImpact": "PARTIAL",
                "exploitabilityScore": 5.5,
                "id": "677462e3-ebb6-4e50-89c1-86a854509d8d",
                "impactScore": 6.4,
                "integrityImpact": "PARTIAL",
                "severity": "MEDIUM",
                "trust": 0.2,
                "vectorString": "AV:A/AC:M/Au:N/C:P/I:P/A:P",
                "version": "2.9 [IVD]"
              }
            ],
            "cvssV3": [
              {
                "attackComplexity": "HIGH",
                "attackVector": "ADJACENT",
                "author": "nvd@nist.gov",
                "availabilityImpact": "NONE",
                "baseScore": 6.8,
                "baseSeverity": "MEDIUM",
                "confidentialityImpact": "HIGH",
                "exploitabilityScore": 1.6,
                "id": "CVE-2017-13086",
                "impactScore": 5.2,
                "integrityImpact": "HIGH",
                "privilegesRequired": "NONE",
                "scope": "UNCHANGED",
                "trust": 1.8,
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.0/AV:A/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N",
                "version": "3.0"
              }
            ],
            "severity": [
              {
                "author": "nvd@nist.gov",
                "id": "CVE-2017-13086",
                "trust": 1.0,
                "value": "MEDIUM"
              },
              {
                "author": "NVD",
                "id": "CVE-2017-13086",
                "trust": 0.8,
                "value": "Medium"
              },
              {
                "author": "CNVD",
                "id": "CNVD-2017-30399",
                "trust": 0.6,
                "value": "MEDIUM"
              },
              {
                "author": "CNNVD",
                "id": "CNNVD-201710-387",
                "trust": 0.6,
                "value": "MEDIUM"
              },
              {
                "author": "IVD",
                "id": "677462e3-ebb6-4e50-89c1-86a854509d8d",
                "trust": 0.2,
                "value": "MEDIUM"
              },
              {
                "author": "VULMON",
                "id": "CVE-2017-13086",
                "trust": 0.1,
                "value": "MEDIUM"
              }
            ]
          }
        ],
        "sources": [
          {
            "db": "IVD",
            "id": "677462e3-ebb6-4e50-89c1-86a854509d8d"
          },
          {
            "db": "CNVD",
            "id": "CNVD-2017-30399"
          },
          {
            "db": "VULMON",
            "id": "CVE-2017-13086"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2017-009177"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201710-387"
          },
          {
            "db": "NVD",
            "id": "CVE-2017-13086"
          }
        ]
      },
      "description": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/description#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "Wi-Fi Protected Access (WPA and WPA2) allows reinstallation of the Tunneled Direct-Link Setup (TDLS) Peer Key (TPK) during the TDLS handshake, allowing an attacker within radio range to replay, decrypt, or spoof frames. An attacker within range of an affected AP and client may leverage these vulnerabilities to conduct attacks that are dependent on the data confidentiality protocols being used. Attacks may include arbitrary packet decryption and injection, TCP connection hijacking, HTTP content injection, or the replay of unicast and group-addressed frames. These vulnerabilities are referred to as Key Reinstallation Attacks or \"KRACK\" attacks. WPA (Wi-Fi Protected Access) is a system that protects wireless computer networks (Wi-Fi). The WPA2 wireless network re-installs the tunnel in the TDLS handshake. The TPK key vulnerability exists when the PeerKey is set up directly. WPA2  is prone to multiple security weaknesses. \nExploiting these issues may allow an unauthorized user to intercept and manipulate data or disclose sensitive information. -----BEGIN PGP SIGNED MESSAGE-----\nHash: SHA1\n\n=====================================================================\n                   Red Hat Security Advisory\n\nSynopsis:          Important: wpa_supplicant security update\nAdvisory ID:       RHSA-2017:2907-01\nProduct:           Red Hat Enterprise Linux\nAdvisory URL:      https://access.redhat.com/errata/RHSA-2017:2907\nIssue date:        2017-10-17\nCVE Names:         CVE-2017-13077 CVE-2017-13078 CVE-2017-13080 \n                   CVE-2017-13082 CVE-2017-13086 CVE-2017-13087 \n                   CVE-2017-13088 \n=====================================================================\n\n1. Summary:\n\nAn update for wpa_supplicant is now available for Red Hat Enterprise Linux\n7. \n\nRed Hat Product Security has rated this update as having a security impact\nof Important. A Common Vulnerability Scoring System (CVSS) base score,\nwhich gives a detailed severity rating, is available for each vulnerability\nfrom the CVE link(s) in the References section. Relevant releases/architectures:\n\nRed Hat Enterprise Linux Client (v. 7) - x86_64\nRed Hat Enterprise Linux ComputeNode (v. 7) - x86_64\nRed Hat Enterprise Linux Server (v. 7) - aarch64, ppc64, ppc64le, s390x, x86_64\nRed Hat Enterprise Linux Workstation (v. 7) - x86_64\n\n3. Description:\n\nThe wpa_supplicant packages contain an 802.1X Supplicant with support for\nWEP, WPA, WPA2 (IEEE 802.11i / RSN), and various EAP authentication\nmethods. They implement key negotiation with a WPA Authenticator for client\nstations and controls the roaming and IEEE 802.11 authentication and\nassociation of the WLAN driver. A remote attacker within Wi-Fi range\ncould exploit these attacks to decrypt Wi-Fi traffic or possibly inject\nforged Wi-Fi packets by manipulating cryptographic handshakes used by the\nWPA2 protocol. (CVE-2017-13077, CVE-2017-13078, CVE-2017-13080,\nCVE-2017-13082, CVE-2017-13086, CVE-2017-13087, CVE-2017-13088)\n\nRed Hat would like to thank CERT for reporting these issues. Upstream\nacknowledges Mathy Vanhoef (University of Leuven) as the original reporter\nof these issues. Solution:\n\nFor details on how to apply this update, which includes the changes\ndescribed in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\n5. Bugs fixed (https://bugzilla.redhat.com/):\n\n1491692 - CVE-2017-13077 wpa_supplicant: Reinstallation of the pairwise key in the 4-way handshake\n1491693 - CVE-2017-13078 wpa_supplicant: Reinstallation of the group key in the 4-way handshake\n1491696 - CVE-2017-13080 wpa_supplicant: Reinstallation of the group key in the group key handshake\n1491698 - CVE-2017-13082 wpa_supplicant: Accepting a retransmitted FT Reassociation Request and reinstalling the pairwise key while processing it\n1500302 - CVE-2017-13086 wpa_supplicant: reinstallation of the Tunneled Direct-Link Setup (TDLS) PeerKey (TPK) key in the TDLS handshake\n1500303 - CVE-2017-13087 wpa_supplicant: reinstallation of the group key (GTK) when processing a Wireless Network Management (WNM) Sleep Mode Response frame\n1500304 - CVE-2017-13088 wpa_supplicant: reinstallation of the integrity group key (IGTK) when processing a Wireless Network Management (WNM) Sleep Mode Response frame\n\n6. Package List:\n\nRed Hat Enterprise Linux Client (v. 7):\n\nSource:\nwpa_supplicant-2.6-5.el7_4.1.src.rpm\n\nx86_64:\nwpa_supplicant-2.6-5.el7_4.1.x86_64.rpm\nwpa_supplicant-debuginfo-2.6-5.el7_4.1.x86_64.rpm\n\nRed Hat Enterprise Linux ComputeNode (v. 7):\n\nSource:\nwpa_supplicant-2.6-5.el7_4.1.src.rpm\n\nx86_64:\nwpa_supplicant-2.6-5.el7_4.1.x86_64.rpm\nwpa_supplicant-debuginfo-2.6-5.el7_4.1.x86_64.rpm\n\nRed Hat Enterprise Linux Server (v. 7):\n\nSource:\nwpa_supplicant-2.6-5.el7_4.1.src.rpm\n\naarch64:\nwpa_supplicant-2.6-5.el7_4.1.aarch64.rpm\nwpa_supplicant-debuginfo-2.6-5.el7_4.1.aarch64.rpm\n\nppc64:\nwpa_supplicant-2.6-5.el7_4.1.ppc64.rpm\nwpa_supplicant-debuginfo-2.6-5.el7_4.1.ppc64.rpm\n\nppc64le:\nwpa_supplicant-2.6-5.el7_4.1.ppc64le.rpm\nwpa_supplicant-debuginfo-2.6-5.el7_4.1.ppc64le.rpm\n\ns390x:\nwpa_supplicant-2.6-5.el7_4.1.s390x.rpm\nwpa_supplicant-debuginfo-2.6-5.el7_4.1.s390x.rpm\n\nx86_64:\nwpa_supplicant-2.6-5.el7_4.1.x86_64.rpm\nwpa_supplicant-debuginfo-2.6-5.el7_4.1.x86_64.rpm\n\nRed Hat Enterprise Linux Workstation (v. 7):\n\nSource:\nwpa_supplicant-2.6-5.el7_4.1.src.rpm\n\nx86_64:\nwpa_supplicant-2.6-5.el7_4.1.x86_64.rpm\nwpa_supplicant-debuginfo-2.6-5.el7_4.1.x86_64.rpm\n\nThese packages are GPG signed by Red Hat for security.  Our key and\ndetails on how to verify the signature are available from\nhttps://access.redhat.com/security/team/key/\n\n7. References:\n\nhttps://access.redhat.com/security/cve/CVE-2017-13077\nhttps://access.redhat.com/security/cve/CVE-2017-13078\nhttps://access.redhat.com/security/cve/CVE-2017-13080\nhttps://access.redhat.com/security/cve/CVE-2017-13082\nhttps://access.redhat.com/security/cve/CVE-2017-13086\nhttps://access.redhat.com/security/cve/CVE-2017-13087\nhttps://access.redhat.com/security/cve/CVE-2017-13088\nhttps://access.redhat.com/security/updates/classification/#important\nhttps://access.redhat.com/security/vulnerabilities/kracks\n\n8. Contact:\n\nThe Red Hat security contact is \u003csecalert@redhat.com\u003e. More contact\ndetails at https://access.redhat.com/security/team/contact/\n\nCopyright 2017 Red Hat, Inc. Those vulnerabilities applies to both the access point\n(implemented in hostapd) and the station (implemented in wpa_supplicant). \n\nAn attacker exploiting the vulnerabilities could force the vulnerable system to\nreuse cryptographic session keys, enabling a range of cryptographic attacks\nagainst the ciphers used in WPA1 and WPA2. \n\nFor the stable distribution (stretch), these problems have been fixed in\nversion 2:2.4-1+deb9u1. \n\nFor the testing distribution (buster), these problems have been fixed\nin version 2:2.4-1.1. \n\nFor the unstable distribution (sid), these problems have been fixed in\nversion 2:2.4-1.1. \n\nWe recommend that you upgrade your wpa packages. ==========================================================================\nUbuntu Security Notice USN-3455-1\nOctober 16, 2017\n\nwpa vulnerabilities\n==========================================================================\n\nA security issue affects these releases of Ubuntu and its derivatives:\n\n- Ubuntu 17.04\n- Ubuntu 16.04 LTS\n- Ubuntu 14.04 LTS\n\nSummary:\n\nSeveral security issues were fixed in wpa_supplicant. \n\nSoftware Description:\n- wpa: client support for WPA and WPA2\n\nDetails:\n\nMathy Vanhoef discovered that wpa_supplicant and hostapd incorrectly\nhandled WPA2. (CVE-2017-13077,\nCVE-2017-13078, CVE-2017-13079, CVE-2017-13080, CVE-2017-13081,\nCVE-2017-13082, CVE-2017-13086, CVE-2017-13087, CVE-2017-13088)\n\nImre Rad discovered that wpa_supplicant and hostapd incorrectly handled\ninvalid characters in passphrase parameters. A remote attacker could use\nthis issue to cause a denial of service. (CVE-2016-4476)\n\nImre Rad discovered that wpa_supplicant and hostapd incorrectly handled\ninvalid characters in passphrase parameters. A local attacker could use\nthis issue to cause a denial of service, or possibly execute arbitrary\ncode. (CVE-2016-4477)\n\nUpdate instructions:\n\nThe problem can be corrected by updating your system to the following\npackage versions:\n\nUbuntu 17.04:\n  hostapd                         2.4-0ubuntu9.1\n  wpasupplicant                   2.4-0ubuntu9.1\n\nUbuntu 16.04 LTS:\n  hostapd                         2.4-0ubuntu6.2\n  wpasupplicant                   2.4-0ubuntu6.2\n\nUbuntu 14.04 LTS:\n  hostapd                         2.1-0ubuntu1.5\n  wpasupplicant                   2.1-0ubuntu1.5\n\nAfter a standard system update you need to reboot your computer to make\nall the necessary changes. -----BEGIN PGP SIGNED MESSAGE-----\nHash: SHA512\n\n=============================================================================\nFreeBSD-SA-17:07.wpa                                        Security Advisory\n                                                          The FreeBSD Project\n\nTopic:          WPA2 protocol vulnerability\n\nCategory:       contrib\nModule:         wpa\nAnnounced:      2017-10-16\nCredits:        Mathy Vanhoef\nAffects:        All supported versions of FreeBSD. \nCorrected:      2017-10-17 17:30:18 UTC (stable/11, 11.1-STABLE)\n                2017-10-17 17:57:18 UTC (releng/11.1, 11.1-RELEASE-p2)\n                2017-10-17 17:56:03 UTC (releng/11.0, 11.0-RELEASE-p13)\n                2017-10-19 03:18:22 UTC (stable/10, 10.4-STABLE)\n                2017-10-19 03:20:17 UTC (releng/10.4, 10.4-RELEASE-p1)\n                2017-10-19 03:19:42 UTC (releng/10.3, 10.3-RELEASE-p22)\nCVE Name:       CVE-2017-13077, CVE-2017-13078, CVE-2017-13079,\n                CVE-2017-13080, CVE-2017-13081, CVE-2017-13082,\n                CVE-2017-13086, CVE-2017-13087, CVE-2017-13088\n\nFor general information regarding FreeBSD Security Advisories,\nincluding descriptions of the fields above, security branches, and the\nfollowing sections, please visit \u003cURL:https://security.FreeBSD.org/\u003e. \n\n0.   Revision history\n\nv1.0  2017-10-17 Initial release. \nv1.1  2017-10-19 Add patches for 10.x releases. \n\nI. \n\nhostapd and wpa_supplicant are implementations of user space daemon for\naccess points and wireless client that implements the WPA2 protocol. \n\nII.  Problem Description\n\nA vulnerability was found in how a number of implementations can be\ntriggered to reconfigure WPA/WPA2/RSN keys (TK, GTK, or IGTK) by\nreplaying a specific frame that is used to manage the keys. \n\nIII. Impact\n\nSuch reinstallation of the encryption key can result in two different\ntypes of vulnerabilities: disabling replay protection and significantly\nreducing the security of encryption to the point of allowing frames to\nbe decrypted or some parts of the keys to be determined by an attacker\ndepending on which cipher is used. \n\nIV.  Workaround\n\nAn updated version of wpa_supplicant is available in the FreeBSD Ports\nCollection. Install version 2.6_2 or later of the\nsecurity/wpa_supplicant port/pkg. Once installed, update /etc/rc.conf\nto use the new binary:\n\nwpa_supplicant_program=\"/usr/local/sbin/wpa_supplicant\"\n\nand restart networking. \n\nAn updated version of hostapd is available in the FreeBSD Ports\nCollection. Install version 2.6_1 or later of the net/hostapd port/pkg. \nOnce installed, update /etc/rc.conf to use the new binary:\n\nhostapd_program=\"/usr/local/sbin/hostapd\"\n\nand restart hostapd. \n\nV.   Solution\n\nPerform one of the following:\n\n1) Upgrade your vulnerable system to a supported FreeBSD stable or\nrelease / security branch (releng) dated after the correction date. \n\nRestart the Wi-Fi network interfaces/hostapd or reboot the system. \n\n2) To update your vulnerable system via a binary patch:\n\nSystems running a RELEASE version of FreeBSD on the i386 or amd64\nplatforms can be updated via the freebsd-update(8) utility:\n\n# freebsd-update fetch\n# freebsd-update install\n\nRestart the Wi-Fi network interfaces/hostapd or reboot the system. \n\n3) To update your vulnerable system via a source code patch:\n\nThe following patches have been verified to apply to the applicable\nFreeBSD release branches. \n\na) Download the relevant patch from the location below, and verify the\ndetached PGP signature using your PGP utility. \n\n[FreeBSD 11.0-RELEASE, 11.1-RELEASE, and 11-STABLE]\n# fetch https://security.FreeBSD.org/patches/SA-17:07/wpa-11.patch\n# fetch https://security.FreeBSD.org/patches/SA-17:07/wpa-11.patch.asc\n# gpg --verify wpa-11.patch.asc\n\n[FreeBSD 10.3-RELEASE, 10.4-RELEASE, and 10-STABLE]\n# fetch https://security.FreeBSD.org/patches/SA-17:07/wpa-10.patch\n# fetch https://security.FreeBSD.org/patches/SA-17:07/wpa-10.patch.asc\n# gpg --verify wpa-10.patch.asc\n\nb) Apply the patch.  Execute the following commands as root:\n\n# cd /usr/src\n# patch \u003c /path/to/patch\n\nc) Recompile the operating system using buildworld and installworld as\ndescribed in \u003cURL:https://www.FreeBSD.org/handbook/makeworld.html\u003e. \n\nRestart the applicable daemons, or reboot the system. \n\nVI.  Correction details\n\nThe following list contains the correction revision numbers for each\naffected branch. \n\nBranch/path                                                      Revision\n- -------------------------------------------------------------------------\nstable/11/                                                        r324697\nreleng/11.0/                                                      r324698\nreleng/11.1/                                                      r324699\nstable/10/                                                        r324739\nreleng/10.3/                                                      r324740\nreleng/10.4/                                                      r324741\n- -------------------------------------------------------------------------\n\nTo see which files were modified by a particular revision, run the\nfollowing command, replacing NNNNNN with the revision number, on a\nmachine with Subversion installed:\n\n# svn diff -cNNNNNN --summarize svn://svn.freebsd.org/base\n\nOr visit the following URL, replacing NNNNNN with the revision number:\n\n\u003cURL:https://svnweb.freebsd.org/base?view=revision\u0026revision=NNNNNN\u003e\n\nVII. References\n\n\u003cURL:https://w1.fi/security/2017-1/wpa-packet-number-reuse-with-replayed-messages.txt\u003e\n\u003cURL:https://www.krackattacks.com/\u003e\n\nThe latest revision of this advisory is available at\n\u003cURL:https://security.FreeBSD.org/advisories/FreeBSD-SA-17:07.wpa.asc\u003e\n-----BEGIN PGP SIGNATURE-----\n\niQKTBAEBCgB9FiEEHPf/b631yp++G4yy7Wfs1l3PaucFAlnoGpNfFIAAAAAALgAo\naXNzdWVyLWZwckBub3RhdGlvbnMub3BlbnBncC5maWZ0aGhvcnNlbWFuLm5ldDFD\nRjdGRjZGQURGNUNBOUZCRTFCOENCMkVENjdFQ0Q2NURDRjZBRTcACgkQ7Wfs1l3P\nauc7WBAAm27w+fujv5sJsRxauUMopTVtRh5utwbDuoHTP+L+RCWmQfVBmueNQ0gf\nuJzMNxBIkbtY9LvyukpRsH3iD7mh26c0pd9rxxkkr4F96C9B5+W0amxJF1gdm54/\nF/50FpY+lo7cNs5tiBjypPrg8UOBBI/1G4XR7130XC0HjaTwt1ngZ0oQUWUMSsIp\ngN5ZfPul81WPWd1NqF+vyObcJhwq/Y1uoexoO27o7GQCFZoL3enZy8c4f1xqMlVM\n4HHkTgNGac6E0aW+ArH4J0DFFAOJXPqF8rdt+9XINfoBbtliIyOixJ4oh1n6eAR0\nVpBWZKFNyXSlUKIvDGa+LDhxgL1jJXV0ABSyKlUOijdmr3bbbiQE9MW/MNv2AFTd\nOAFQ0QQtm9KCWp5JLh+FPIb/kR2l7MOUP+yz4zFcJpdGtl9tDLyPN8vRTq60bY8O\ny7tBcf/SMqkd/AIFdchL4zrOguKnRARydIlwTarp8wtAQI3MKSsa1B0wgsDtlL6K\nxfdjnwWMKvKKlNOW16e1WXXO0n/ucHV4njBE+bGPro3jLgXP2/WFZpIGAR3I4xrr\nSdD4AxSNiR9f3bL7LRfMIbugJAylWNSlTLWUOVUv0/ONh85LqbcCj13NI230B64K\nETx2QOZgKnCs2oDNiw4aQHb7kvi2w94Iw/R1sAPkkxYJWO3reyE=\n=h/5q\n-----END PGP SIGNATURE-----\n. \n\n\nHere are the details from the Slackware 14.2 ChangeLog:\n+--------------------------+\npatches/packages/wpa_supplicant-2.6-i586-1_slack14.2.txz:  Upgraded. \n  This update includes patches to mitigate the WPA2 protocol issues known\n  as \"KRACK\" (Key Reinstallation AttaCK), which may be used to decrypt data,\n  hijack TCP connections, and to forge and inject packets. \n  CVE-2017-13082: Accepting a retransmitted Fast BSS Transition (FT)\n    Reassociation Request and reinstalling the pairwise encryption key (PTK-TK)\n    while processing it. \n  For more information, see:\n    https://www.krackattacks.com/\n    https://w1.fi/security/2017-1/wpa-packet-number-reuse-with-replayed-messages.txt\n    https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-13077\n    https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-13078\n    https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-13079\n    https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-13080\n    https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-13081\n    https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-13082\n    https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-13084\n    https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-13086\n    https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-13087\n    https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-13088\n  (* Security fix *)\n+--------------------------+\n\n\nWhere to find the new packages:\n+-----------------------------+\n\nThanks to the friendly folks at the OSU Open Source Lab\n(http://osuosl.org) for donating FTP and rsync hosting\nto the Slackware project!  :-)\n\nAlso see the \"Get Slack\" section on http://slackware.com for\nadditional mirror sites near you. \n\nUpdated package for Slackware 14.0:\nftp://ftp.slackware.com/pub/slackware/slackware-14.0/patches/packages/wpa_supplicant-2.6-i486-1_slack14.0.txz\n\nUpdated package for Slackware x86_64 14.0:\nftp://ftp.slackware.com/pub/slackware/slackware64-14.0/patches/packages/wpa_supplicant-2.6-x86_64-1_slack14.0.txz\n\nUpdated package for Slackware 14.1:\nftp://ftp.slackware.com/pub/slackware/slackware-14.1/patches/packages/wpa_supplicant-2.6-i486-1_slack14.1.txz\n\nUpdated package for Slackware x86_64 14.1:\nftp://ftp.slackware.com/pub/slackware/slackware64-14.1/patches/packages/wpa_supplicant-2.6-x86_64-1_slack14.1.txz\n\nUpdated package for Slackware 14.2:\nftp://ftp.slackware.com/pub/slackware/slackware-14.2/patches/packages/wpa_supplicant-2.6-i586-1_slack14.2.txz\n\nUpdated package for Slackware x86_64 14.2:\nftp://ftp.slackware.com/pub/slackware/slackware64-14.2/patches/packages/wpa_supplicant-2.6-x86_64-1_slack14.2.txz\n\nUpdated package for Slackware -current:\nftp://ftp.slackware.com/pub/slackware/slackware-current/slackware/n/wpa_supplicant-2.6-i586-2.txz\n\nUpdated package for Slackware x86_64 -current:\nftp://ftp.slackware.com/pub/slackware/slackware64-current/slackware64/n/wpa_supplicant-2.6-x86_64-2.txz\n\n\nMD5 signatures:\n+-------------+\n\nSlackware 14.0 package:\nd8ecfaadb50b3547967ab53733ffc019  wpa_supplicant-2.6-i486-1_slack14.0.txz\n\nSlackware x86_64 14.0 package:\nf25216d28800504ce498705da7c9a825  wpa_supplicant-2.6-x86_64-1_slack14.0.txz\n\nSlackware 14.1 package:\n15c61050e4bab2581757befd86be74c0  wpa_supplicant-2.6-i486-1_slack14.1.txz\n\nSlackware x86_64 14.1 package:\n49fd537a520338744f7757615556d352  wpa_supplicant-2.6-x86_64-1_slack14.1.txz\n\nSlackware 14.2 package:\nc5539f40c8510af89be92945f0f80185  wpa_supplicant-2.6-i586-1_slack14.2.txz\n\nSlackware x86_64 14.2 package:\n4c527ff84fcdfd7839f217bbce2e4ae4  wpa_supplicant-2.6-x86_64-1_slack14.2.txz\n\nSlackware -current package:\n28bd88a54e96368f7a7020c1f5fb67fe  n/wpa_supplicant-2.6-i586-2.txz\n\nSlackware x86_64 -current package:\n464fc6b48d1ac077f47e9a3a8534c160  n/wpa_supplicant-2.6-x86_64-2.txz\n\n\nInstallation instructions:\n+------------------------+\n\nUpgrade the package as root:\n# upgradepkg wpa_supplicant-2.6-i586-1_slack14.2.txz\n\n\n+-----+\n\nSlackware Linux Security Team\nhttp://slackware.com/gpg-key\nsecurity@slackware.com\n\n+------------------------------------------------------------------------+\n| To leave the slackware-security mailing list:                          |\n+------------------------------------------------------------------------+\n| Send an email to majordomo@slackware.com with this text in the body of |\n| the email message:                                                     |\n|                                                                        |\n|   unsubscribe slackware-security                                       |\n|                                                                        |\n| You will get a confirmation message back containing instructions to    |\n| complete the process.  Please do not reply to this email address",
        "sources": [
          {
            "db": "NVD",
            "id": "CVE-2017-13086"
          },
          {
            "db": "CERT/CC",
            "id": "VU#228519"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2017-009177"
          },
          {
            "db": "CNVD",
            "id": "CNVD-2017-30399"
          },
          {
            "db": "BID",
            "id": "101274"
          },
          {
            "db": "IVD",
            "id": "677462e3-ebb6-4e50-89c1-86a854509d8d"
          },
          {
            "db": "VULMON",
            "id": "CVE-2017-13086"
          },
          {
            "db": "PACKETSTORM",
            "id": "144652"
          },
          {
            "db": "PACKETSTORM",
            "id": "144630"
          },
          {
            "db": "PACKETSTORM",
            "id": "144632"
          },
          {
            "db": "PACKETSTORM",
            "id": "144669"
          },
          {
            "db": "PACKETSTORM",
            "id": "144663"
          }
        ],
        "trust": 3.87
      },
      "external_ids": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/external_ids#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "db": "CERT/CC",
            "id": "VU#228519",
            "trust": 4.2
          },
          {
            "db": "NVD",
            "id": "CVE-2017-13086",
            "trust": 4.1
          },
          {
            "db": "BID",
            "id": "101274",
            "trust": 2.6
          },
          {
            "db": "LENOVO",
            "id": "LEN-17420",
            "trust": 2.5
          },
          {
            "db": "SECTRACK",
            "id": "1039577",
            "trust": 1.7
          },
          {
            "db": "SECTRACK",
            "id": "1039576",
            "trust": 1.7
          },
          {
            "db": "SECTRACK",
            "id": "1039581",
            "trust": 1.7
          },
          {
            "db": "SECTRACK",
            "id": "1039578",
            "trust": 1.7
          },
          {
            "db": "SECTRACK",
            "id": "1039573",
            "trust": 1.7
          },
          {
            "db": "SIEMENS",
            "id": "SSA-901333",
            "trust": 1.7
          },
          {
            "db": "CERT@VDE",
            "id": "VDE-2017-005",
            "trust": 1.7
          },
          {
            "db": "ICS CERT",
            "id": "ICSMA-18-114-01",
            "trust": 1.2
          },
          {
            "db": "ICS CERT",
            "id": "ICSMA-19-029-01",
            "trust": 1.1
          },
          {
            "db": "ICS CERT",
            "id": "ICSA-17-353-02",
            "trust": 1.1
          },
          {
            "db": "ICS CERT",
            "id": "ICSA-17-318-01",
            "trust": 1.1
          },
          {
            "db": "CNVD",
            "id": "CNVD-2017-30399",
            "trust": 0.8
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201710-387",
            "trust": 0.8
          },
          {
            "db": "JUNIPER",
            "id": "JSA10827",
            "trust": 0.8
          },
          {
            "db": "DLINK",
            "id": "SAP10075",
            "trust": 0.8
          },
          {
            "db": "ICS CERT",
            "id": "ICSA-17-318-02A",
            "trust": 0.8
          },
          {
            "db": "JVN",
            "id": "JVNVU90609033",
            "trust": 0.8
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2017-009177",
            "trust": 0.8
          },
          {
            "db": "AUSCERT",
            "id": "ESB-2020.4125",
            "trust": 0.6
          },
          {
            "db": "ICS CERT",
            "id": "ICSA-17-299-02",
            "trust": 0.3
          },
          {
            "db": "ICS CERT",
            "id": "ICSA-17-318-02",
            "trust": 0.3
          },
          {
            "db": "ICS CERT",
            "id": "ICSA-17-325-01",
            "trust": 0.3
          },
          {
            "db": "IVD",
            "id": "677462E3-EBB6-4E50-89C1-86A854509D8D",
            "trust": 0.2
          },
          {
            "db": "VULMON",
            "id": "CVE-2017-13086",
            "trust": 0.1
          },
          {
            "db": "PACKETSTORM",
            "id": "144652",
            "trust": 0.1
          },
          {
            "db": "PACKETSTORM",
            "id": "144630",
            "trust": 0.1
          },
          {
            "db": "PACKETSTORM",
            "id": "144632",
            "trust": 0.1
          },
          {
            "db": "PACKETSTORM",
            "id": "144669",
            "trust": 0.1
          },
          {
            "db": "PACKETSTORM",
            "id": "144663",
            "trust": 0.1
          }
        ],
        "sources": [
          {
            "db": "IVD",
            "id": "677462e3-ebb6-4e50-89c1-86a854509d8d"
          },
          {
            "db": "CERT/CC",
            "id": "VU#228519"
          },
          {
            "db": "CNVD",
            "id": "CNVD-2017-30399"
          },
          {
            "db": "VULMON",
            "id": "CVE-2017-13086"
          },
          {
            "db": "BID",
            "id": "101274"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2017-009177"
          },
          {
            "db": "PACKETSTORM",
            "id": "144652"
          },
          {
            "db": "PACKETSTORM",
            "id": "144630"
          },
          {
            "db": "PACKETSTORM",
            "id": "144632"
          },
          {
            "db": "PACKETSTORM",
            "id": "144669"
          },
          {
            "db": "PACKETSTORM",
            "id": "144663"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201710-387"
          },
          {
            "db": "NVD",
            "id": "CVE-2017-13086"
          }
        ]
      },
      "id": "VAR-201710-0214",
      "iot": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/iot#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": true,
        "sources": [
          {
            "db": "IVD",
            "id": "677462e3-ebb6-4e50-89c1-86a854509d8d"
          },
          {
            "db": "CNVD",
            "id": "CNVD-2017-30399"
          }
        ],
        "trust": 1.400319345
      },
      "iot_taxonomy": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "category": [
              "ICS"
            ],
            "sub_category": null,
            "trust": 0.8
          }
        ],
        "sources": [
          {
            "db": "IVD",
            "id": "677462e3-ebb6-4e50-89c1-86a854509d8d"
          },
          {
            "db": "CNVD",
            "id": "CNVD-2017-30399"
          }
        ]
      },
      "last_update_date": "2025-04-20T20:05:54.015000Z",
      "patch": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/patch#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "title": "ARUBA-PSA-2017-007",
            "trust": 0.8,
            "url": "http://www.arubanetworks.com/assets/alert/ARUBA-PSA-2017-007.txt"
          },
          {
            "title": "DSA-3999",
            "trust": 0.8,
            "url": "https://www.debian.org/security/2017/dsa-3999"
          },
          {
            "title": "FreeBSD-SA-17:07.wpa",
            "trust": 0.8,
            "url": "https://www.freebsd.org/security/advisories/FreeBSD-SA-17:07.wpa.asc"
          },
          {
            "title": "LEN-17420",
            "trust": 0.8,
            "url": "https://support.lenovo.com/jp/en/product_security/len-17420"
          },
          {
            "title": "NV17-024",
            "trust": 0.8,
            "url": "http://jpn.nec.com/security-info/secinfo/nv17-024.html"
          },
          {
            "title": "KRACKs - wpa_supplicant Multiple Vulnerabilities",
            "trust": 0.8,
            "url": "https://access.redhat.com/security/vulnerabilities/kracks"
          },
          {
            "title": "RHSA-2017:2907",
            "trust": 0.8,
            "url": "https://access.redhat.com/errata/RHSA-2017:2907"
          },
          {
            "title": "USN-3455-1",
            "trust": 0.8,
            "url": "https://usn.ubuntu.com/usn/USN-3455-1/"
          },
          {
            "title": "WPA packet number reuse with replayed messages and key reinstallation",
            "trust": 0.8,
            "url": "https://w1.fi/security/2017-1/wpa-packet-number-reuse-with-replayed-messages.txt"
          },
          {
            "title": "Wi-Fi\u306e\u8a8d\u8a3c\uff0f\u6697\u53f7\u5316\u6280\u8853WPA2\u304a\u3088\u3073WPA\u306e\u8907\u6570\u306e\u8106\u5f31\u6027\u306b\u3064\u3044\u3066 ",
            "trust": 0.8,
            "url": "http://www.fujitsu.com/jp/products/network/support/2017/srm-01/index.html"
          },
          {
            "title": "WPA2\u306e\u8106\u5f31\u6027\u306b\u95a2\u3059\u308b\u5f0a\u793e\u8abf\u67fb\u30fb\u5bfe\u5fdc\u72b6\u6cc1\u306b\u3064\u3044\u3066",
            "trust": 0.8,
            "url": "http://www.iodata.jp/support/information/2017/wpa2/"
          },
          {
            "title": "\u7121\u7ddaLAN \u8a8d\u8a3c\uff0f\u6697\u53f7\u5316\u6280\u8853WPA2\u304a\u3088\u3073WPA\u306b\u95a2\u3059\u308b\u8106\u5f31\u6027\u306e\u304a\u77e5\u3089\u305b ",
            "trust": 0.8,
            "url": "http://www.fmworld.net/biz/common/info/20171110/"
          },
          {
            "title": "WPA2 Wireless Network TPK Key Reload Vulnerability Patch",
            "trust": 0.6,
            "url": "https://www.cnvd.org.cn/patchInfo/show/103825"
          },
          {
            "title": "Multiple WiFi product WPA2 Security vulnerabilities",
            "trust": 0.6,
            "url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=75501"
          },
          {
            "title": "Red Hat: Important: wpa_supplicant security update",
            "trust": 0.1,
            "url": "https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories\u0026qid=RHSA-20172907 - Security Advisory"
          },
          {
            "title": "Red Hat: CVE-2017-13086",
            "trust": 0.1,
            "url": "https://vulmon.com/vendoradvisory?qidtp=red_hat_cve_database\u0026qid=CVE-2017-13086"
          },
          {
            "title": "Arch Linux Issues: ",
            "trust": 0.1,
            "url": "https://vulmon.com/vendoradvisory?qidtp=arch_linux_issues\u0026qid=CVE-2017-13086"
          },
          {
            "title": "Ubuntu Security Notice: wpa vulnerabilities",
            "trust": 0.1,
            "url": "https://vulmon.com/vendoradvisory?qidtp=ubuntu_security_notice\u0026qid=USN-3455-1"
          },
          {
            "title": "Debian Security Advisories: DSA-3999-1 wpa -- security update",
            "trust": 0.1,
            "url": "https://vulmon.com/vendoradvisory?qidtp=debian_security_advisories\u0026qid=08990d9925276738bd732fa4d58f9ef0"
          },
          {
            "title": "Siemens Security Advisories: Siemens Security Advisory",
            "trust": 0.1,
            "url": "https://vulmon.com/vendoradvisory?qidtp=siemens_security_advisories\u0026qid=6df91267eee9400a24a98876f50ffe84"
          },
          {
            "title": "Android Security Bulletins: Android Security Bulletin\u2014November 2017",
            "trust": 0.1,
            "url": "https://vulmon.com/vendoradvisory?qidtp=android_security_bulletins\u0026qid=8c29eb008bb212762e5cfb25c7c5c0d5"
          },
          {
            "title": "Cisco: Multiple Vulnerabilities in Wi-Fi Protected Access and Wi-Fi Protected Access II",
            "trust": 0.1,
            "url": "https://vulmon.com/vendoradvisory?qidtp=cisco_security_advisories_and_alerts_ciscoproducts\u0026qid=cisco-sa-20171016-wpa"
          },
          {
            "title": "Oracle Linux Bulletins: Oracle Linux Bulletin - October 2017",
            "trust": 0.1,
            "url": "https://vulmon.com/vendoradvisory?qidtp=oracle_linux_bulletins\u0026qid=7251d5e5f2b1771951980ad7cfde50ba"
          },
          {
            "title": "KRACK",
            "trust": 0.1,
            "url": "https://github.com/chinatso/KRACK "
          },
          {
            "title": "krackinfo",
            "trust": 0.1,
            "url": "https://github.com/kristate/krackinfo "
          },
          {
            "title": "nixos-issue-db-example",
            "trust": 0.1,
            "url": "https://github.com/andir/nixos-issue-db-example "
          },
          {
            "title": "The Register",
            "trust": 0.1,
            "url": "https://www.theregister.co.uk/2017/11/07/android_november_security_update/"
          },
          {
            "title": "The Register",
            "trust": 0.1,
            "url": "https://www.theregister.co.uk/2017/10/16/wpa2_inscure_krackattack/"
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2017-30399"
          },
          {
            "db": "VULMON",
            "id": "CVE-2017-13086"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2017-009177"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201710-387"
          }
        ]
      },
      "problemtype_data": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "problemtype": "CWE-323",
            "trust": 1.0
          },
          {
            "problemtype": "CWE-330",
            "trust": 1.0
          },
          {
            "problemtype": "CWE-254",
            "trust": 0.8
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2017-009177"
          },
          {
            "db": "NVD",
            "id": "CVE-2017-13086"
          }
        ]
      },
      "references": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/references#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "trust": 3.7,
            "url": "https://www.krackattacks.com/"
          },
          {
            "trust": 3.3,
            "url": "https://source.android.com/security/bulletin/2017-11-01"
          },
          {
            "trust": 2.9,
            "url": "http://www.securityfocus.com/bid/101274"
          },
          {
            "trust": 2.8,
            "url": "http://www.arubanetworks.com/assets/alert/aruba-psa-2017-007.txt"
          },
          {
            "trust": 2.8,
            "url": "https://tools.cisco.com/security/center/content/ciscosecurityadvisory/cisco-sa-20171016-wpa"
          },
          {
            "trust": 2.6,
            "url": "https://access.redhat.com/security/vulnerabilities/kracks"
          },
          {
            "trust": 2.5,
            "url": "http://www.debian.org/security/2017/dsa-3999"
          },
          {
            "trust": 2.2,
            "url": "https://access.redhat.com/errata/rhsa-2017:2907"
          },
          {
            "trust": 2.1,
            "url": "http://www.kb.cert.org/vuls/id/228519"
          },
          {
            "trust": 1.8,
            "url": "https://w1.fi/security/2017-1/wpa-packet-number-reuse-with-replayed-messages.txt"
          },
          {
            "trust": 1.8,
            "url": "http://www.ubuntu.com/usn/usn-3455-1"
          },
          {
            "trust": 1.7,
            "url": "http://www.securitytracker.com/id/1039581"
          },
          {
            "trust": 1.7,
            "url": "http://www.securitytracker.com/id/1039578"
          },
          {
            "trust": 1.7,
            "url": "http://www.securitytracker.com/id/1039577"
          },
          {
            "trust": 1.7,
            "url": "http://www.securitytracker.com/id/1039576"
          },
          {
            "trust": 1.7,
            "url": "http://www.securitytracker.com/id/1039573"
          },
          {
            "trust": 1.7,
            "url": "https://support.lenovo.com/us/en/product_security/len-17420"
          },
          {
            "trust": 1.7,
            "url": "https://security.freebsd.org/advisories/freebsd-sa-17:07.wpa.asc"
          },
          {
            "trust": 1.7,
            "url": "https://security.gentoo.org/glsa/201711-03"
          },
          {
            "trust": 1.7,
            "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-901333.pdf"
          },
          {
            "trust": 1.7,
            "url": "https://cert.vde.com/en-us/advisories/vde-2017-005"
          },
          {
            "trust": 1.3,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2017-13086"
          },
          {
            "trust": 1.2,
            "url": "https://ics-cert.us-cert.gov/advisories/icsma-18-114-01"
          },
          {
            "trust": 1.1,
            "url": "https://papers.mathyvanhoef.com/ccs2017.pdf"
          },
          {
            "trust": 1.1,
            "url": "https://w1.fi/security/2017-1/"
          },
          {
            "trust": 1.1,
            "url": "https://security-center.intel.com/advisory.aspx?intelid=intel-sa-00101\u0026languageid=en-fr"
          },
          {
            "trust": 1.1,
            "url": "https://portal.msrc.microsoft.com/en-us/security-guidance/advisory/cve-2017-13080"
          },
          {
            "trust": 1.1,
            "url": "https://ics-cert.us-cert.gov/advisories/icsa-17-353-02"
          },
          {
            "trust": 1.1,
            "url": "https://ics-cert.us-cert.gov/advisories/icsa-17-318-01"
          },
          {
            "trust": 1.1,
            "url": "https://ics-cert.us-cert.gov/advisories/icsma-19-029-01"
          },
          {
            "trust": 0.9,
            "url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2017-13086"
          },
          {
            "trust": 0.8,
            "url": "https://cwe.mitre.org/data/definitions/323.html"
          },
          {
            "trust": 0.8,
            "url": "https://actiontecsupport.zendesk.com/hc/en-us/articles/115005205283-krack-vulnerability"
          },
          {
            "trust": 0.8,
            "url": "https://www3.aerohive.com/support/security-bulletins/product-security-announcement-aerohives-response-to-krack-10162017.html"
          },
          {
            "trust": 0.8,
            "url": "https://www.al-enterprise.com/en/support/security-alert-krack"
          },
          {
            "trust": 0.8,
            "url": "https://support.apple.com/en-gb/ht208222"
          },
          {
            "trust": 0.8,
            "url": "https://security.archlinux.org/avg-447"
          },
          {
            "trust": 0.8,
            "url": "https://www.asus.com/static_webpage/asus-product-security-advisory/"
          },
          {
            "trust": 0.8,
            "url": "https://community.barracudanetworks.com/forum/index.php?/topic/23525-security-advisories/page-2"
          },
          {
            "trust": 0.8,
            "url": "https://lists.centos.org/pipermail/centos-announce/2017-october/022569.html"
          },
          {
            "trust": 0.8,
            "url": "https://community.cypress.com/docs/doc-13871"
          },
          {
            "trust": 0.8,
            "url": "http://supportannouncement.us.dlink.com/announcement/publication.aspx?name=sap10075"
          },
          {
            "trust": 0.8,
            "url": "http://www.dell.com/support/article/sln307822"
          },
          {
            "trust": 0.8,
            "url": "https://github.com/espressif/esp8266_nonos_sdk"
          },
          {
            "trust": 0.8,
            "url": "https://extremeportal.force.com/extrarticledetail?n=000018005"
          },
          {
            "trust": 0.8,
            "url": "https://bodhi.fedoraproject.org/updates/fedora-2017-60bfb576b7"
          },
          {
            "trust": 0.8,
            "url": "http://www.fortiguard.com/psirt/fg-ir-17-196"
          },
          {
            "trust": 0.8,
            "url": "https://www.freebsd.org/security/advisories/freebsd-sa-17:07.wpa.asc"
          },
          {
            "trust": 0.8,
            "url": "https://bugs.gentoo.org/634440"
          },
          {
            "trust": 0.8,
            "url": "https://support.hpe.com/hpsc/doc/public/display?sp4ts.oid=null\u0026doclocale=en_us\u0026docid=emr_na-a00029151en_us"
          },
          {
            "trust": 0.8,
            "url": "https://kb.juniper.net/jsa10827"
          },
          {
            "trust": 0.8,
            "url": "https://support.lenovo.com/ca/en/product_security/len-17420"
          },
          {
            "trust": 0.8,
            "url": "http://www.microchip.com/wwwproducts/en/atwinc1500"
          },
          {
            "trust": 0.8,
            "url": "http://mail-index.netbsd.org/source-changes/2017/10/16/msg088877.html"
          },
          {
            "trust": 0.8,
            "url": "https://kb.netgear.com/000049498/security-advisory-for-wpa-2-vulnerabilities-psv-2017-2826-psv-2017-2836-psv-2017-2837"
          },
          {
            "trust": 0.8,
            "url": "https://forum.peplink.com/t/security-advisory-wpa2-vulnerability-vu-228519/12715"
          },
          {
            "trust": 0.8,
            "url": "https://ruckus-www.s3.amazonaws.com/pdf/security/faq-security-advisory-id-101617-v1.0.pdf"
          },
          {
            "trust": 0.8,
            "url": "https://www.suse.com/de-de/support/kb/doc/?id=7022107"
          },
          {
            "trust": 0.8,
            "url": "https://source.sierrawireless.com/resources/airlink/software_reference_docs/technical-bulletin/sierra-wireless-technical-bulletin---wpa-and-wpa2-vulnerabilities/"
          },
          {
            "trust": 0.8,
            "url": "http://www.slackware.com/changelog/stable.php?cpu=x86_64"
          },
          {
            "trust": 0.8,
            "url": "https://community.sophos.com/kb/en-us/127658"
          },
          {
            "trust": 0.8,
            "url": "https://www.toshibacommerce.com/wps/myportal/%21ut/p/a1/rzrnc8igeiz_sw8egqhjcdmmwr8abw2dqcnfoyqotidrrk399uxrrwotuzgws7a87y6z88iuzmcq2u4uwcnlzypjnjj5-exr_wnhya-laxtrid-j3uchdtb8gylmuw6qzgktovtowsrrqlrs6-8dbeqhwc1mykqnlabgdjlf1yjvn7i5af4qtdwsn2tri7j"
          },
          {
            "trust": 0.8,
            "url": "http://www.toshiba-personalstorage.net/en/news/hdd/ot_notice/20171017.htm"
          },
          {
            "trust": 0.8,
            "url": "http://support.toshiba.com/support/staticcontentdetail?contentid=4015875\u0026isfromtoclink=false"
          },
          {
            "trust": 0.8,
            "url": "https://community.ubnt.com/t5/unifi-updates-blog/firmware-3-9-3-7537-for-uap-usw-has-been-released/ba-p/2099365"
          },
          {
            "trust": 0.8,
            "url": "https://usn.ubuntu.com/usn/usn-3455-1/"
          },
          {
            "trust": 0.8,
            "url": "http://en.miui.com/thread-954223-1-1.html"
          },
          {
            "trust": 0.8,
            "url": "https://www.zebra.com/content/dam/zebra_new_ia/en-us/support-and-downloads/lifeguard-security/krack-security-bulletin.pdf"
          },
          {
            "trust": 0.8,
            "url": "http://www.zyxel.com/support/announcement_wpa2_key_management.shtml"
          },
          {
            "trust": 0.8,
            "url": "https://supportcenter.checkpoint.com/supportcenter/portal?eventsubmit_dogoviewsolutiondetails=\u0026solutionid=sk120938"
          },
          {
            "trust": 0.8,
            "url": "https://community.rsa.com/docs/doc-84103"
          },
          {
            "trust": 0.8,
            "url": "https://support.f5.com/csp/article/k23642330"
          },
          {
            "trust": 0.8,
            "url": "https://forum.mikrotik.com/viewtopic.php?f=21\u0026t=126695"
          },
          {
            "trust": 0.8,
            "url": "https://community.linksys.com/t5/wireless-routers/krack-vulnerability/td-p/1218573"
          },
          {
            "trust": 0.8,
            "url": "https://ics-cert.us-cert.gov/advisories/icsa-17-318-02a"
          },
          {
            "trust": 0.8,
            "url": "https://www.ipa.go.jp/security/ciadr/vul/20171017_wpa2.html"
          },
          {
            "trust": 0.8,
            "url": "http://jvn.jp/vu/jvnvu90609033/index.html"
          },
          {
            "trust": 0.8,
            "url": "https://www.kb.cert.org/vuls/id/cheu-aqnmyp"
          },
          {
            "trust": 0.6,
            "url": "https://www.kb.cert.org/vuls/id/228519/"
          },
          {
            "trust": 0.6,
            "url": "https://www.auscert.org.au/bulletins/esb-2020.4125/"
          },
          {
            "trust": 0.5,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2017-13078"
          },
          {
            "trust": 0.5,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2017-13082"
          },
          {
            "trust": 0.5,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2017-13087"
          },
          {
            "trust": 0.5,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2017-13077"
          },
          {
            "trust": 0.5,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2017-13080"
          },
          {
            "trust": 0.5,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2017-13088"
          },
          {
            "trust": 0.4,
            "url": "https://access.redhat.com/security/cve/cve-2017-13077"
          },
          {
            "trust": 0.4,
            "url": "https://access.redhat.com/security/cve/cve-2017-13078"
          },
          {
            "trust": 0.4,
            "url": "https://access.redhat.com/security/cve/cve-2017-13080"
          },
          {
            "trust": 0.4,
            "url": "https://access.redhat.com/security/cve/cve-2017-13082"
          },
          {
            "trust": 0.4,
            "url": "https://access.redhat.com/security/cve/cve-2017-13086"
          },
          {
            "trust": 0.4,
            "url": "https://access.redhat.com/security/cve/cve-2017-13087"
          },
          {
            "trust": 0.4,
            "url": "https://access.redhat.com/security/cve/cve-2017-13088"
          },
          {
            "trust": 0.4,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2017-13081"
          },
          {
            "trust": 0.4,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2017-13079"
          },
          {
            "trust": 0.3,
            "url": "https://github.com/stevenhoneyman/wpa_gui/tree/master/wpa_supplicant-2.4"
          },
          {
            "trust": 0.3,
            "url": "http://www.wi-fi.org/index.php"
          },
          {
            "trust": 0.3,
            "url": "https://support.apple.com/en-ie/ht208847"
          },
          {
            "trust": 0.3,
            "url": "https://support.apple.com/en-in/ht208334"
          },
          {
            "trust": 0.3,
            "url": "https://support.apple.com/en-in/ht208327"
          },
          {
            "trust": 0.3,
            "url": "https://support.apple.com/en-in/ht208325"
          },
          {
            "trust": 0.3,
            "url": "https://lists.apple.com/archives/security-announce/2017/dec/msg00009.html"
          },
          {
            "trust": 0.3,
            "url": "https://lists.apple.com/archives/security-announce/2017/dec/msg00008.html"
          },
          {
            "trust": 0.3,
            "url": "https://lists.apple.com/archives/security-announce/2018/jul/msg00000.html"
          },
          {
            "trust": 0.3,
            "url": "https://access.redhat.com/security/cve/cve-2017-13079"
          },
          {
            "trust": 0.3,
            "url": "https://access.redhat.com/security/cve/cve-2017-13081"
          },
          {
            "trust": 0.3,
            "url": "https://access.redhat.com/security/cve/cve-2017-13084"
          },
          {
            "trust": 0.3,
            "url": "http://docs.fortinet.com/uploaded/files/3961/fortiap-v5.6.1-release-notes.pdf"
          },
          {
            "trust": 0.3,
            "url": "https://ics-cert.us-cert.gov/advisories/icsa-17-299-02"
          },
          {
            "trust": 0.3,
            "url": "https://ics-cert.us-cert.gov/advisories/icsa-17-318-02"
          },
          {
            "trust": 0.3,
            "url": "https://ics-cert.us-cert.gov/advisories/icsa-17-325-01"
          },
          {
            "trust": 0.3,
            "url": "http://www.oracle.com/technetwork/security-advisory/cpuapr2018-3678067.html"
          },
          {
            "trust": 0.3,
            "url": "https://access.redhat.com/errata/rhsa-2017:2911"
          },
          {
            "trust": 0.1,
            "url": "https://cwe.mitre.org/data/definitions/330.html"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov"
          },
          {
            "trust": 0.1,
            "url": "https://github.com/kristate/krackinfo"
          },
          {
            "trust": 0.1,
            "url": "https://access.redhat.com/security/updates/classification/#important"
          },
          {
            "trust": 0.1,
            "url": "https://access.redhat.com/articles/11258"
          },
          {
            "trust": 0.1,
            "url": "https://access.redhat.com/security/team/contact/"
          },
          {
            "trust": 0.1,
            "url": "https://www.redhat.com/mailman/listinfo/rhsa-announce"
          },
          {
            "trust": 0.1,
            "url": "https://bugzilla.redhat.com/):"
          },
          {
            "trust": 0.1,
            "url": "https://access.redhat.com/security/team/key/"
          },
          {
            "trust": 0.1,
            "url": "https://www.debian.org/security/faq"
          },
          {
            "trust": 0.1,
            "url": "https://www.debian.org/security/"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2016-4476"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2016-4477"
          },
          {
            "trust": 0.1,
            "url": "https://launchpad.net/ubuntu/+source/wpa/2.1-0ubuntu1.5"
          },
          {
            "trust": 0.1,
            "url": "https://launchpad.net/ubuntu/+source/wpa/2.4-0ubuntu9.1"
          },
          {
            "trust": 0.1,
            "url": "https://launchpad.net/ubuntu/+source/wpa/2.4-0ubuntu6.2"
          },
          {
            "trust": 0.1,
            "url": "https://security.freebsd.org/patches/sa-17:07/wpa-10.patch.asc"
          },
          {
            "trust": 0.1,
            "url": "https://security.freebsd.org/advisories/freebsd-sa-17:07.wpa.asc\u003e"
          },
          {
            "trust": 0.1,
            "url": "https://svnweb.freebsd.org/base?view=revision\u0026revision=nnnnnn\u003e"
          },
          {
            "trust": 0.1,
            "url": "https://www.krackattacks.com/\u003e"
          },
          {
            "trust": 0.1,
            "url": "https://security.freebsd.org/patches/sa-17:07/wpa-11.patch.asc"
          },
          {
            "trust": 0.1,
            "url": "https://security.freebsd.org/\u003e."
          },
          {
            "trust": 0.1,
            "url": "https://security.freebsd.org/patches/sa-17:07/wpa-11.patch"
          },
          {
            "trust": 0.1,
            "url": "https://security.freebsd.org/patches/sa-17:07/wpa-10.patch"
          },
          {
            "trust": 0.1,
            "url": "https://www.freebsd.org/handbook/makeworld.html\u003e."
          },
          {
            "trust": 0.1,
            "url": "https://w1.fi/security/2017-1/wpa-packet-number-reuse-with-replayed-messages.txt\u003e"
          },
          {
            "trust": 0.1,
            "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2017-13078"
          },
          {
            "trust": 0.1,
            "url": "http://slackware.com"
          },
          {
            "trust": 0.1,
            "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2017-13080"
          },
          {
            "trust": 0.1,
            "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2017-13082"
          },
          {
            "trust": 0.1,
            "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2017-13077"
          },
          {
            "trust": 0.1,
            "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2017-13087"
          },
          {
            "trust": 0.1,
            "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2017-13081"
          },
          {
            "trust": 0.1,
            "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2017-13084"
          },
          {
            "trust": 0.1,
            "url": "http://slackware.com/gpg-key"
          },
          {
            "trust": 0.1,
            "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2017-13088"
          },
          {
            "trust": 0.1,
            "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2017-13079"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2017-13084"
          },
          {
            "trust": 0.1,
            "url": "http://osuosl.org)"
          }
        ],
        "sources": [
          {
            "db": "CERT/CC",
            "id": "VU#228519"
          },
          {
            "db": "CNVD",
            "id": "CNVD-2017-30399"
          },
          {
            "db": "VULMON",
            "id": "CVE-2017-13086"
          },
          {
            "db": "BID",
            "id": "101274"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2017-009177"
          },
          {
            "db": "PACKETSTORM",
            "id": "144652"
          },
          {
            "db": "PACKETSTORM",
            "id": "144630"
          },
          {
            "db": "PACKETSTORM",
            "id": "144632"
          },
          {
            "db": "PACKETSTORM",
            "id": "144669"
          },
          {
            "db": "PACKETSTORM",
            "id": "144663"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201710-387"
          },
          {
            "db": "NVD",
            "id": "CVE-2017-13086"
          }
        ]
      },
      "sources": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "db": "IVD",
            "id": "677462e3-ebb6-4e50-89c1-86a854509d8d"
          },
          {
            "db": "CERT/CC",
            "id": "VU#228519"
          },
          {
            "db": "CNVD",
            "id": "CNVD-2017-30399"
          },
          {
            "db": "VULMON",
            "id": "CVE-2017-13086"
          },
          {
            "db": "BID",
            "id": "101274"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2017-009177"
          },
          {
            "db": "PACKETSTORM",
            "id": "144652"
          },
          {
            "db": "PACKETSTORM",
            "id": "144630"
          },
          {
            "db": "PACKETSTORM",
            "id": "144632"
          },
          {
            "db": "PACKETSTORM",
            "id": "144669"
          },
          {
            "db": "PACKETSTORM",
            "id": "144663"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201710-387"
          },
          {
            "db": "NVD",
            "id": "CVE-2017-13086"
          }
        ]
      },
      "sources_release_date": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "date": "2017-10-17T00:00:00",
            "db": "IVD",
            "id": "677462e3-ebb6-4e50-89c1-86a854509d8d"
          },
          {
            "date": "2017-10-16T00:00:00",
            "db": "CERT/CC",
            "id": "VU#228519"
          },
          {
            "date": "2017-10-18T00:00:00",
            "db": "CNVD",
            "id": "CNVD-2017-30399"
          },
          {
            "date": "2017-10-17T00:00:00",
            "db": "VULMON",
            "id": "CVE-2017-13086"
          },
          {
            "date": "2017-10-16T00:00:00",
            "db": "BID",
            "id": "101274"
          },
          {
            "date": "2017-11-06T00:00:00",
            "db": "JVNDB",
            "id": "JVNDB-2017-009177"
          },
          {
            "date": "2017-10-17T16:52:00",
            "db": "PACKETSTORM",
            "id": "144652"
          },
          {
            "date": "2017-10-16T13:49:34",
            "db": "PACKETSTORM",
            "id": "144630"
          },
          {
            "date": "2017-10-16T23:23:00",
            "db": "PACKETSTORM",
            "id": "144632"
          },
          {
            "date": "2017-10-19T14:28:55",
            "db": "PACKETSTORM",
            "id": "144669"
          },
          {
            "date": "2017-10-18T20:44:00",
            "db": "PACKETSTORM",
            "id": "144663"
          },
          {
            "date": "2017-10-17T00:00:00",
            "db": "CNNVD",
            "id": "CNNVD-201710-387"
          },
          {
            "date": "2017-10-17T13:29:00.553000",
            "db": "NVD",
            "id": "CVE-2017-13086"
          }
        ]
      },
      "sources_update_date": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "date": "2017-11-16T00:00:00",
            "db": "CERT/CC",
            "id": "VU#228519"
          },
          {
            "date": "2017-10-17T00:00:00",
            "db": "CNVD",
            "id": "CNVD-2017-30399"
          },
          {
            "date": "2019-10-03T00:00:00",
            "db": "VULMON",
            "id": "CVE-2017-13086"
          },
          {
            "date": "2019-02-21T09:00:00",
            "db": "BID",
            "id": "101274"
          },
          {
            "date": "2019-02-01T00:00:00",
            "db": "JVNDB",
            "id": "JVNDB-2017-009177"
          },
          {
            "date": "2020-11-23T00:00:00",
            "db": "CNNVD",
            "id": "CNNVD-201710-387"
          },
          {
            "date": "2025-04-20T01:37:25.860000",
            "db": "NVD",
            "id": "CVE-2017-13086"
          }
        ]
      },
      "threat_type": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/threat_type#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "remote or local",
        "sources": [
          {
            "db": "CNNVD",
            "id": "CNNVD-201710-387"
          }
        ],
        "trust": 0.6
      },
      "title": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/title#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "Wi-Fi Protected Access (WPA) handshake traffic can be manipulated to induce nonce and session key reuse",
        "sources": [
          {
            "db": "CERT/CC",
            "id": "VU#228519"
          }
        ],
        "trust": 0.8
      },
      "type": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/type#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "security feature problem",
        "sources": [
          {
            "db": "CNNVD",
            "id": "CNNVD-201710-387"
          }
        ],
        "trust": 0.6
      }
    }

    VAR-201710-0448

    Vulnerability from variot - Updated: 2025-04-20 19:55

    Heap-based buffer overflow in dnsmasq before 2.78 allows remote attackers to cause a denial of service (crash) or execute arbitrary code via a crafted IPv6 router advertisement request. Dnsmasq versions 2.77 and earlier contains multiple vulnerabilities. dnsmasq Contains a buffer error vulnerability.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. Attackers can exploit these issues to execute arbitrary code within the context of the affected application, bypass the ASLR, gain sensitive information, or cause a denial-of-service condition. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1

    ===================================================================== Red Hat Security Advisory

    Synopsis: Critical: dnsmasq security update Advisory ID: RHSA-2017:2836-01 Product: Red Hat Enterprise Linux Advisory URL: https://access.redhat.com/errata/RHSA-2017:2836 Issue date: 2017-10-02 CVE Names: CVE-2017-14491 CVE-2017-14492 CVE-2017-14493 CVE-2017-14494 CVE-2017-14495 CVE-2017-14496 =====================================================================

    1. Summary:

    An update for dnsmasq is now available for Red Hat Enterprise Linux 7.

    Red Hat Product Security has rated this update as having a security impact of Critical. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.

    1. Relevant releases/architectures:

    Red Hat Enterprise Linux Client (v. 7) - x86_64 Red Hat Enterprise Linux Client Optional (v. 7) - x86_64 Red Hat Enterprise Linux ComputeNode (v. 7) - x86_64 Red Hat Enterprise Linux ComputeNode Optional (v. 7) - x86_64 Red Hat Enterprise Linux Server (v. 7) - aarch64, ppc64, ppc64le, s390x, x86_64 Red Hat Enterprise Linux Server Optional (v. 7) - aarch64, ppc64, ppc64le, s390x, x86_64 Red Hat Enterprise Linux Workstation (v. 7) - x86_64 Red Hat Enterprise Linux Workstation Optional (v. 7) - x86_64

    1. Description:

    The dnsmasq packages contain Dnsmasq, a lightweight DNS (Domain Name Server) forwarder and DHCP (Dynamic Host Configuration Protocol) server.

    Security Fix(es):

    • A heap buffer overflow was found in dnsmasq in the code responsible for building DNS replies. This issue only affected configurations using one of these options: enable-ra, ra-only, slaac, ra-names, ra-advrouter, or ra-stateless. (CVE-2017-14492)

    • A stack buffer overflow was found in dnsmasq in the DHCPv6 code. (CVE-2017-14493)

    • An information leak was found in dnsmasq in the DHCPv6 relay code. An attacker on the local network could send crafted DHCPv6 packets to dnsmasq causing it to forward the contents of process memory, potentially leaking sensitive data. (CVE-2017-14494)

    • A memory exhaustion flaw was found in dnsmasq in the EDNS0 code. An attacker could send crafted DNS packets which would trigger memory allocations which would never be freed, leading to unbounded memory consumption and eventually a crash. This issue only affected configurations using one of the options: add-mac, add-cpe-id, or add-subnet. (CVE-2017-14495)

    • An integer underflow flaw leading to a buffer over-read was found in dnsmasq in the EDNS0 code. An attacker could send crafted DNS packets to dnsmasq which would cause it to crash. This issue only affected configurations using one of the options: add-mac, add-cpe-id, or add-subnet. (CVE-2017-14496)

    Red Hat would like to thank Felix Wilhelm (Google Security Team), Fermin J. Serna (Google Security Team), Gabriel Campana (Google Security Team), Kevin Hamacher (Google Security Team), and Ron Bowes (Google Security Team) for reporting these issues.

    1. Solution:

    For details on how to apply this update, which includes the changes described in this advisory, refer to:

    https://access.redhat.com/articles/11258

    1. Bugs fixed (https://bugzilla.redhat.com/):

    1495409 - CVE-2017-14491 dnsmasq: heap overflow in the code responsible for building DNS replies 1495410 - CVE-2017-14492 dnsmasq: heap overflow in the IPv6 router advertisement code 1495411 - CVE-2017-14493 dnsmasq: stack buffer overflow in the DHCPv6 code 1495412 - CVE-2017-14494 dnsmasq: information leak in the DHCPv6 relay code 1495415 - CVE-2017-14495 dnsmasq: memory exhaustion vulnerability in the EDNS0 code 1495416 - CVE-2017-14496 dnsmasq: integer underflow leading to buffer over-read in the EDNS0 code

    1. Package List:

    Red Hat Enterprise Linux Client (v. 7):

    Source: dnsmasq-2.76-2.el7_4.2.src.rpm

    x86_64: dnsmasq-2.76-2.el7_4.2.x86_64.rpm dnsmasq-debuginfo-2.76-2.el7_4.2.x86_64.rpm

    Red Hat Enterprise Linux Client Optional (v. 7):

    x86_64: dnsmasq-debuginfo-2.76-2.el7_4.2.x86_64.rpm dnsmasq-utils-2.76-2.el7_4.2.x86_64.rpm

    Red Hat Enterprise Linux ComputeNode (v. 7):

    Source: dnsmasq-2.76-2.el7_4.2.src.rpm

    x86_64: dnsmasq-2.76-2.el7_4.2.x86_64.rpm dnsmasq-debuginfo-2.76-2.el7_4.2.x86_64.rpm

    Red Hat Enterprise Linux ComputeNode Optional (v. 7):

    x86_64: dnsmasq-debuginfo-2.76-2.el7_4.2.x86_64.rpm dnsmasq-utils-2.76-2.el7_4.2.x86_64.rpm

    Red Hat Enterprise Linux Server (v. 7):

    Source: dnsmasq-2.76-2.el7_4.2.src.rpm

    aarch64: dnsmasq-2.76-2.el7_4.2.aarch64.rpm dnsmasq-debuginfo-2.76-2.el7_4.2.aarch64.rpm

    ppc64: dnsmasq-2.76-2.el7_4.2.ppc64.rpm dnsmasq-debuginfo-2.76-2.el7_4.2.ppc64.rpm

    ppc64le: dnsmasq-2.76-2.el7_4.2.ppc64le.rpm dnsmasq-debuginfo-2.76-2.el7_4.2.ppc64le.rpm

    s390x: dnsmasq-2.76-2.el7_4.2.s390x.rpm dnsmasq-debuginfo-2.76-2.el7_4.2.s390x.rpm

    x86_64: dnsmasq-2.76-2.el7_4.2.x86_64.rpm dnsmasq-debuginfo-2.76-2.el7_4.2.x86_64.rpm

    Red Hat Enterprise Linux Server Optional (v. 7):

    aarch64: dnsmasq-debuginfo-2.76-2.el7_4.2.aarch64.rpm dnsmasq-utils-2.76-2.el7_4.2.aarch64.rpm

    ppc64: dnsmasq-debuginfo-2.76-2.el7_4.2.ppc64.rpm dnsmasq-utils-2.76-2.el7_4.2.ppc64.rpm

    ppc64le: dnsmasq-debuginfo-2.76-2.el7_4.2.ppc64le.rpm dnsmasq-utils-2.76-2.el7_4.2.ppc64le.rpm

    s390x: dnsmasq-debuginfo-2.76-2.el7_4.2.s390x.rpm dnsmasq-utils-2.76-2.el7_4.2.s390x.rpm

    x86_64: dnsmasq-debuginfo-2.76-2.el7_4.2.x86_64.rpm dnsmasq-utils-2.76-2.el7_4.2.x86_64.rpm

    Red Hat Enterprise Linux Workstation (v. 7):

    Source: dnsmasq-2.76-2.el7_4.2.src.rpm

    x86_64: dnsmasq-2.76-2.el7_4.2.x86_64.rpm dnsmasq-debuginfo-2.76-2.el7_4.2.x86_64.rpm

    Red Hat Enterprise Linux Workstation Optional (v. 7):

    x86_64: dnsmasq-debuginfo-2.76-2.el7_4.2.x86_64.rpm dnsmasq-utils-2.76-2.el7_4.2.x86_64.rpm

    These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key/

    1. References:

    https://access.redhat.com/security/cve/CVE-2017-14491 https://access.redhat.com/security/cve/CVE-2017-14492 https://access.redhat.com/security/cve/CVE-2017-14493 https://access.redhat.com/security/cve/CVE-2017-14494 https://access.redhat.com/security/cve/CVE-2017-14495 https://access.redhat.com/security/cve/CVE-2017-14496 https://access.redhat.com/security/updates/classification/#critical https://access.redhat.com/security/vulnerabilities/3199382

    1. Contact:

    The Red Hat security contact is secalert@redhat.com. More contact details at https://access.redhat.com/security/team/contact/

    Copyright 2017 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1

    iD8DBQFZ0opYXlSAg2UNWIIRAr0dAJ9rIL1FgNTJUf2I9jjKFFlfkCd/kwCfV+bX SfoCV7+qG2nwqlHKLZOlhIU= =iWfU -----END PGP SIGNATURE-----

    -- RHSA-announce mailing list RHSA-announce@redhat.com https://www.redhat.com/mailman/listinfo/rhsa-announce . =========================================================================== Ubuntu Security Notice USN-3430-3 January 04, 2018

    dnsmasq regression

    A security issue affects these releases of Ubuntu and its derivatives:

    • Ubuntu 12.04 ESM

    Summary:

    USN-3430-2 introduced regression in Dnsmasq.

    Software Description: - dnsmasq: Small caching DNS proxy and DHCP/TFTP server

    Details:

    USN-3430-2 fixed several vulnerabilities. The update introduced a new regression that breaks DNS resolution. This update addresses the problem.

    We apologize for the inconvenience.

    Original advisory details:

    Felix Wilhelm, Fermin J. Serna, Gabriel Campana and Kevin Hamacher discovered that Dnsmasq incorrectly handled DNS requests. (CVE-2017-14491)

    Felix Wilhelm, Fermin J. (CVE-2017-14492)

    Felix Wilhelm, Fermin J. Serna, Gabriel Campana and Kevin Hamacher discovered that Dnsmasq incorrectly handled DHCPv6 requests. (CVE-2017-14493)

    Felix Wilhelm, Fermin J. Serna, Gabriel Campana and Kevin Hamacher discovered that Dnsmasq incorrectly handled DHCPv6 packets. (CVE-2017-14494)

    Felix Wilhelm, Fermin J. Serna, Gabriel Campana and Kevin Hamacher discovered that Dnsmasq incorrectly handled DNS requests. A remote attacker could use this issue to cause Dnsmasq to consume memory, resulting in a denial of service. (CVE-2017-14495)

    Felix Wilhelm, Fermin J. Serna, Gabriel Campana and Kevin Hamacher discovered that Dnsmasq incorrectly handled DNS requests. (CVE-2017-14496)

    Update instructions:

    The problem can be corrected by updating your system to the following package versions:

    Ubuntu 12.04 ESM: dnsmasq=C2=A02.59-4ubuntu0.4 dnsmasq-base2.59-4ubuntu0.4 dnsmasq-utils2.59-4ubuntu0.4

    After a standard system update you need to reboot your computer to make all the necessary changes. 7.3) - ppc64, ppc64le, s390x, x86_64


    1. Gentoo Linux Security Advisory GLSA 201710-27

                                           https://security.gentoo.org/
    

    Severity: Normal Title: Dnsmasq: Multiple vulnerabilities Date: October 23, 2017 Bugs: #632692 ID: 201710-27


    Synopsis

    Multiple vulnerabilities have been found in Dnsmasq, the worst of which may allow remote attackers to execute arbitrary code.

    Affected packages

    -------------------------------------------------------------------
     Package              /     Vulnerable     /            Unaffected
    -------------------------------------------------------------------
    

    1 net-dns/dnsmasq < 2.78 >= 2.78

    Description

    Multiple vulnerabilities have been discovered in Dnsmasq.

    Workaround

    There is no known workaround at this time.

    Resolution

    All Dnsmasq users should upgrade to the latest version:

    # emerge --sync # emerge --ask --oneshot --verbose ">=net-dns/dnsmasq-2.78"

    References

    [ 1 ] CVE-2017-14491 https://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-14491 [ 2 ] CVE-2017-14492 https://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-14492 [ 3 ] CVE-2017-14493 https://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-14493 [ 4 ] CVE-2017-14494 https://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-14494 [ 5 ] CVE-2017-14495 https://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-14495 [ 6 ] CVE-2017-14496 https://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-14496

    Availability

    This GLSA and any updates to it are available for viewing at the Gentoo Security Website:

    https://security.gentoo.org/glsa/201710-27

    Concerns?

    Security is a primary focus of Gentoo Linux and ensuring the confidentiality and security of our users' machines is of utmost importance to us. Any security concerns should be addressed to security@gentoo.org or alternatively, you may file a bug at https://bugs.gentoo.org.

    License

    Copyright 2017 Gentoo Foundation, Inc; referenced text belongs to its owner(s).

    The contents of this document are licensed under the Creative Commons - Attribution / Share Alike license.

    http://creativecommons.org/licenses/by-sa/2.5

    Show details on source website

    {
      "@context": {
        "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
        "affected_products": {
          "@id": "https://www.variotdbs.pl/ref/affected_products"
        },
        "configurations": {
          "@id": "https://www.variotdbs.pl/ref/configurations"
        },
        "credits": {
          "@id": "https://www.variotdbs.pl/ref/credits"
        },
        "cvss": {
          "@id": "https://www.variotdbs.pl/ref/cvss/"
        },
        "description": {
          "@id": "https://www.variotdbs.pl/ref/description/"
        },
        "exploit_availability": {
          "@id": "https://www.variotdbs.pl/ref/exploit_availability/"
        },
        "external_ids": {
          "@id": "https://www.variotdbs.pl/ref/external_ids/"
        },
        "iot": {
          "@id": "https://www.variotdbs.pl/ref/iot/"
        },
        "iot_taxonomy": {
          "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
        },
        "patch": {
          "@id": "https://www.variotdbs.pl/ref/patch/"
        },
        "problemtype_data": {
          "@id": "https://www.variotdbs.pl/ref/problemtype_data/"
        },
        "references": {
          "@id": "https://www.variotdbs.pl/ref/references/"
        },
        "sources": {
          "@id": "https://www.variotdbs.pl/ref/sources/"
        },
        "sources_release_date": {
          "@id": "https://www.variotdbs.pl/ref/sources_release_date/"
        },
        "sources_update_date": {
          "@id": "https://www.variotdbs.pl/ref/sources_update_date/"
        },
        "threat_type": {
          "@id": "https://www.variotdbs.pl/ref/threat_type/"
        },
        "title": {
          "@id": "https://www.variotdbs.pl/ref/title/"
        },
        "type": {
          "@id": "https://www.variotdbs.pl/ref/type/"
        }
      },
      "@id": "https://www.variotdbs.pl/vuln/VAR-201710-0448",
      "affected_products": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/affected_products#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            },
            "@id": "https://www.variotdbs.pl/ref/sources"
          }
        },
        "data": [
          {
            "model": "enterprise linux workstation",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "redhat",
            "version": "7.0"
          },
          {
            "model": "ubuntu linux",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "canonical",
            "version": "16.04"
          },
          {
            "model": "linux",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "debian",
            "version": "9.0"
          },
          {
            "model": "ubuntu linux",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "canonical",
            "version": "14.04"
          },
          {
            "model": "enterprise linux desktop",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "redhat",
            "version": "7.0"
          },
          {
            "model": "linux",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "debian",
            "version": "7.0"
          },
          {
            "model": "dnsmasq",
            "scope": "lte",
            "trust": 1.0,
            "vendor": "thekelleys",
            "version": "2.77"
          },
          {
            "model": "linux",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "debian",
            "version": "7.1"
          },
          {
            "model": "ubuntu linux",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "canonical",
            "version": "17.04"
          },
          {
            "model": "enterprise linux server",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "redhat",
            "version": "7.0"
          },
          {
            "model": "dnsmasq",
            "scope": "eq",
            "trust": 0.9,
            "vendor": "thekelleys",
            "version": "2.77"
          },
          {
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "ruckus",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "technicolor",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "zyxel",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "dnsmasq",
            "version": null
          },
          {
            "model": "ubuntu",
            "scope": null,
            "trust": 0.8,
            "vendor": "canonical",
            "version": null
          },
          {
            "model": "gnu/linux",
            "scope": null,
            "trust": 0.8,
            "vendor": "debian",
            "version": null
          },
          {
            "model": "leap",
            "scope": null,
            "trust": 0.8,
            "vendor": "opensuse",
            "version": null
          },
          {
            "model": "dnsmasq",
            "scope": "lt",
            "trust": 0.8,
            "vendor": "thekelleys",
            "version": "2.78"
          },
          {
            "model": "enterprise linux desktop",
            "scope": null,
            "trust": 0.8,
            "vendor": "red hat",
            "version": null
          },
          {
            "model": "enterprise linux server",
            "scope": null,
            "trust": 0.8,
            "vendor": "red hat",
            "version": null
          },
          {
            "model": "enterprise linux workstation",
            "scope": null,
            "trust": 0.8,
            "vendor": "red hat",
            "version": null
          },
          {
            "model": "enterprise linux server year extended update support",
            "scope": "eq",
            "trust": 0.6,
            "vendor": "redhat",
            "version": "-47.4"
          },
          {
            "model": "linux",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ubuntu",
            "version": "17.04"
          },
          {
            "model": "linux lts",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ubuntu",
            "version": "16.04"
          },
          {
            "model": "linux lts",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ubuntu",
            "version": "14.04"
          },
          {
            "model": "dnsmasq",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "thekelleys",
            "version": "1.2.2"
          },
          {
            "model": "dnsmasq",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "thekelleys",
            "version": "2.75"
          },
          {
            "model": "dnsmasq",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "thekelleys",
            "version": "2.72"
          },
          {
            "model": "dnsmasq",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "thekelleys",
            "version": "2.71"
          },
          {
            "model": "dnsmasq",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "thekelleys",
            "version": "2.70"
          },
          {
            "model": "dnsmasq",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "thekelleys",
            "version": "2.7"
          },
          {
            "model": "dnsmasq",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "thekelleys",
            "version": "2.65"
          },
          {
            "model": "dnsmasq",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "thekelleys",
            "version": "2.64"
          },
          {
            "model": "dnsmasq",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "thekelleys",
            "version": "2.63"
          },
          {
            "model": "dnsmasq",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "thekelleys",
            "version": "2.62"
          },
          {
            "model": "dnsmasq",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "thekelleys",
            "version": "2.61"
          },
          {
            "model": "dnsmasq",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "thekelleys",
            "version": "2.60"
          },
          {
            "model": "dnsmasq",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "thekelleys",
            "version": "2.6"
          },
          {
            "model": "dnsmasq",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "thekelleys",
            "version": "2.59"
          },
          {
            "model": "dnsmasq",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "thekelleys",
            "version": "2.58"
          },
          {
            "model": "dnsmasq",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "thekelleys",
            "version": "2.57"
          },
          {
            "model": "dnsmasq",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "thekelleys",
            "version": "2.56"
          },
          {
            "model": "dnsmasq",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "thekelleys",
            "version": "2.55"
          },
          {
            "model": "dnsmasq",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "thekelleys",
            "version": "2.54"
          },
          {
            "model": "dnsmasq",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "thekelleys",
            "version": "2.53"
          },
          {
            "model": "dnsmasq",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "thekelleys",
            "version": "2.52"
          },
          {
            "model": "dnsmasq",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "thekelleys",
            "version": "2.51"
          },
          {
            "model": "dnsmasq",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "thekelleys",
            "version": "2.50"
          },
          {
            "model": "dnsmasq",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "thekelleys",
            "version": "2.49"
          },
          {
            "model": "dnsmasq",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "thekelleys",
            "version": "2.48"
          },
          {
            "model": "dnsmasq",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "thekelleys",
            "version": "2.47"
          },
          {
            "model": "dnsmasq",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "thekelleys",
            "version": "2.46"
          },
          {
            "model": "dnsmasq",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "thekelleys",
            "version": "2.45"
          },
          {
            "model": "dnsmasq",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "thekelleys",
            "version": "2.44"
          },
          {
            "model": "dnsmasq",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "thekelleys",
            "version": "2.43"
          },
          {
            "model": "dnsmasq",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "thekelleys",
            "version": "2.42"
          },
          {
            "model": "dnsmasq",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "thekelleys",
            "version": "2.41"
          },
          {
            "model": "dnsmasq",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "thekelleys",
            "version": "2.40"
          },
          {
            "model": "dnsmasq",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "thekelleys",
            "version": "2.4"
          },
          {
            "model": "dnsmasq",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "thekelleys",
            "version": "2.38"
          },
          {
            "model": "dnsmasq",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "thekelleys",
            "version": "2.37"
          },
          {
            "model": "dnsmasq",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "thekelleys",
            "version": "2.36"
          },
          {
            "model": "dnsmasq",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "thekelleys",
            "version": "2.35"
          },
          {
            "model": "dnsmasq",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "thekelleys",
            "version": "2.34"
          },
          {
            "model": "dnsmasq",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "thekelleys",
            "version": "2.33"
          },
          {
            "model": "dnsmasq",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "thekelleys",
            "version": "2.30"
          },
          {
            "model": "dnsmasq",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "thekelleys",
            "version": "2.29"
          },
          {
            "model": "dnsmasq",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "thekelleys",
            "version": "2.28"
          },
          {
            "model": "dnsmasq",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "thekelleys",
            "version": "2.27"
          },
          {
            "model": "dnsmasq",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "thekelleys",
            "version": "2.26"
          },
          {
            "model": "dnsmasq",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "thekelleys",
            "version": "2.25"
          },
          {
            "model": "dnsmasq",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "thekelleys",
            "version": "2.24"
          },
          {
            "model": "dnsmasq",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "thekelleys",
            "version": "2.23"
          },
          {
            "model": "dnsmasq",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "thekelleys",
            "version": "2.22"
          },
          {
            "model": "dnsmasq",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "thekelleys",
            "version": "2.21"
          },
          {
            "model": "dnsmasq",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "thekelleys",
            "version": "2.20"
          },
          {
            "model": "dnsmasq",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "thekelleys",
            "version": "2.2"
          },
          {
            "model": "dnsmasq",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "thekelleys",
            "version": "2.19"
          },
          {
            "model": "dnsmasq",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "thekelleys",
            "version": "2.18"
          },
          {
            "model": "dnsmasq",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "thekelleys",
            "version": "2.17"
          },
          {
            "model": "dnsmasq",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "thekelleys",
            "version": "2.16"
          },
          {
            "model": "dnsmasq",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "thekelleys",
            "version": "2.15"
          },
          {
            "model": "dnsmasq",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "thekelleys",
            "version": "2.14"
          },
          {
            "model": "dnsmasq",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "thekelleys",
            "version": "2.13"
          },
          {
            "model": "dnsmasq",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "thekelleys",
            "version": "2.12"
          },
          {
            "model": "dnsmasq",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "thekelleys",
            "version": "2.11"
          },
          {
            "model": "dnsmasq",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "thekelleys",
            "version": "2.10"
          },
          {
            "model": "dnsmasq",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "thekelleys",
            "version": "1.9"
          },
          {
            "model": "dnsmasq",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "thekelleys",
            "version": "1.8"
          },
          {
            "model": "dnsmasq",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "thekelleys",
            "version": "1.6"
          },
          {
            "model": "dnsmasq",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "thekelleys",
            "version": "1.5"
          },
          {
            "model": "dnsmasq",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "thekelleys",
            "version": "1.4"
          },
          {
            "model": "dnsmasq",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "thekelleys",
            "version": "1.3"
          },
          {
            "model": "dnsmasq",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "thekelleys",
            "version": "1.18"
          },
          {
            "model": "dnsmasq",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "thekelleys",
            "version": "1.17"
          },
          {
            "model": "dnsmasq",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "thekelleys",
            "version": "1.16"
          },
          {
            "model": "dnsmasq",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "thekelleys",
            "version": "1.15"
          },
          {
            "model": "dnsmasq",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "thekelleys",
            "version": "1.14"
          },
          {
            "model": "dnsmasq",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "thekelleys",
            "version": "1.13"
          },
          {
            "model": "dnsmasq",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "thekelleys",
            "version": "1.12"
          },
          {
            "model": "dnsmasq",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "thekelleys",
            "version": "1.11"
          },
          {
            "model": "dnsmasq",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "thekelleys",
            "version": "1.10"
          },
          {
            "model": "dnsmasq",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "thekelleys",
            "version": "1.0"
          },
          {
            "model": "dnsmasq",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "thekelleys",
            "version": "0.996"
          },
          {
            "model": "dnsmasq",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "thekelleys",
            "version": "0.992"
          },
          {
            "model": "dnsmasq",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "thekelleys",
            "version": "0.98"
          },
          {
            "model": "dnsmasq",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "thekelleys",
            "version": "0.96"
          },
          {
            "model": "dnsmasq",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "thekelleys",
            "version": "0.95"
          },
          {
            "model": "dnsmasq",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "thekelleys",
            "version": "0.7"
          },
          {
            "model": "dnsmasq",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "thekelleys",
            "version": "0.6"
          },
          {
            "model": "dnsmasq",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "thekelleys",
            "version": "0.5"
          },
          {
            "model": "dnsmasq",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "thekelleys",
            "version": "0.4"
          },
          {
            "model": "linux",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "slackware",
            "version": "14.2"
          },
          {
            "model": "linux",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "slackware",
            "version": "14.1"
          },
          {
            "model": "linux",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "slackware",
            "version": "14.0"
          },
          {
            "model": "linux",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "slackware",
            "version": "13.37"
          },
          {
            "model": "linux",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "slackware",
            "version": "13.1"
          },
          {
            "model": "linux",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "slackware",
            "version": "13.0"
          },
          {
            "model": "enterprise linux workstation optional",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "redhat",
            "version": "7"
          },
          {
            "model": "enterprise linux workstation optional",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "redhat",
            "version": "6"
          },
          {
            "model": "enterprise linux workstation",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "redhat",
            "version": "7"
          },
          {
            "model": "enterprise linux workstation",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "redhat",
            "version": "6"
          },
          {
            "model": "enterprise linux server tus",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "redhat",
            "version": "6.6"
          },
          {
            "model": "enterprise linux server tus",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "redhat",
            "version": "6.5"
          },
          {
            "model": "enterprise linux server optional eus",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "redhat",
            "version": "7.3"
          },
          {
            "model": "enterprise linux server optional eus",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "redhat",
            "version": "7.2"
          },
          {
            "model": "enterprise linux server optional eus",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "redhat",
            "version": "6.5"
          },
          {
            "model": "enterprise linux server optional aus",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "redhat",
            "version": "6.6"
          },
          {
            "model": "enterprise linux server optional aus",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "redhat",
            "version": "6.5"
          },
          {
            "model": "enterprise linux server optional aus",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "redhat",
            "version": "6.4"
          },
          {
            "model": "enterprise linux server optional",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "redhat",
            "version": "7"
          },
          {
            "model": "enterprise linux server optional",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "redhat",
            "version": "6"
          },
          {
            "model": "enterprise linux server for arm",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "redhat",
            "version": "7"
          },
          {
            "model": "enterprise linux server eus",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "redhat",
            "version": "7.3"
          },
          {
            "model": "enterprise linux server eus",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "redhat",
            "version": "7.2"
          },
          {
            "model": "enterprise linux server aus",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "redhat",
            "version": "6.6"
          },
          {
            "model": "enterprise linux server aus",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "redhat",
            "version": "6.5"
          },
          {
            "model": "enterprise linux server aus",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "redhat",
            "version": "6.4"
          },
          {
            "model": "enterprise linux server aus",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "redhat",
            "version": "6.2"
          },
          {
            "model": "enterprise linux server tus",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "redhat",
            "version": "-7.4"
          },
          {
            "model": "enterprise linux server tus",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "redhat",
            "version": "-7.3"
          },
          {
            "model": "enterprise linux server tus",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "redhat",
            "version": "-7.2"
          },
          {
            "model": "enterprise linux server extended update support",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "redhat",
            "version": "-7.4"
          },
          {
            "model": "enterprise linux server extended update support",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "redhat",
            "version": "-7.2"
          },
          {
            "model": "enterprise linux server extended update suppor",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "redhat",
            "version": "-7.3"
          },
          {
            "model": "enterprise linux server aus",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "redhat",
            "version": "-7.4"
          },
          {
            "model": "enterprise linux server aus",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "redhat",
            "version": "-7.3"
          },
          {
            "model": "enterprise linux server aus",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "redhat",
            "version": "-7.2"
          },
          {
            "model": "enterprise linux server year extended update support",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "redhat",
            "version": "-47.2"
          },
          {
            "model": "enterprise linux server year extended upd",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "redhat",
            "version": "-47.3"
          },
          {
            "model": "enterprise linux server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "redhat",
            "version": "7"
          },
          {
            "model": "enterprise linux server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "redhat",
            "version": "6"
          },
          {
            "model": "enterprise linux server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "redhat",
            "version": "5"
          },
          {
            "model": "enterprise linux long life server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "redhat",
            "version": "5.9"
          },
          {
            "model": "enterprise linux hpc node optional",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "redhat",
            "version": "6"
          },
          {
            "model": "enterprise linux hpc node",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "redhat",
            "version": "6"
          },
          {
            "model": "enterprise linux for scientific computing",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "redhat",
            "version": "7"
          },
          {
            "model": "enterprise linux for power little endian extended update supp",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "redhat",
            "version": "-7.4"
          },
          {
            "model": "enterprise linux for power little endian",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "redhat",
            "version": "7"
          },
          {
            "model": "enterprise linux for power big endian extended update support",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "redhat",
            "version": "-7.4"
          },
          {
            "model": "enterprise linux for power big endian",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "redhat",
            "version": "7"
          },
          {
            "model": "enterprise linux for power little endian extended update suppo",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "redhat",
            "version": "-7.3"
          },
          {
            "model": "enterprise linux for power little endian extended update suppo",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "redhat",
            "version": "-7.2"
          },
          {
            "model": "enterprise linux for power big endian extended update support",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "redhat",
            "version": "-7.3"
          },
          {
            "model": "enterprise linux for power big endian extended update support",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "redhat",
            "version": "-7.2"
          },
          {
            "model": "enterprise linux for ibm z systems extended update support",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "redhat",
            "version": "-7.4"
          },
          {
            "model": "enterprise linux for ibm z systems extended update support",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "redhat",
            "version": "-7.3"
          },
          {
            "model": "enterprise linux for ibm z systems extended update support",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "redhat",
            "version": "-7.2"
          },
          {
            "model": "enterprise linux for ibm z systems",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "redhat",
            "version": "7"
          },
          {
            "model": "enterprise linux eus compute node",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "redhat",
            "version": "7.4"
          },
          {
            "model": "enterprise linux eus compute node",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "redhat",
            "version": "7.3"
          },
          {
            "model": "enterprise linux eus compute node",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "redhat",
            "version": "7.2"
          },
          {
            "model": "enterprise linux desktop optional",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "redhat",
            "version": "6"
          },
          {
            "model": "enterprise linux desktop",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "redhat",
            "version": "7"
          },
          {
            "model": "enterprise linux desktop",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "redhat",
            "version": "6"
          },
          {
            "model": "enterprise linux computenode optional eus",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "redhat",
            "version": "7.3"
          },
          {
            "model": "enterprise linux computenode optional eus",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "redhat",
            "version": "7.2"
          },
          {
            "model": "enterprise linux computenode optional",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "redhat",
            "version": "7"
          },
          {
            "model": "enterprise linux computenode eus",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "redhat",
            "version": "7.3"
          },
          {
            "model": "enterprise linux computenode eus",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "redhat",
            "version": "7.2"
          },
          {
            "model": "enterprise linux computenode",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "redhat",
            "version": "7"
          },
          {
            "model": "linux",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "oracle",
            "version": "7"
          },
          {
            "model": "linux",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "oracle",
            "version": "6"
          },
          {
            "model": "leap",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "opensuse",
            "version": "42.3"
          },
          {
            "model": "leap",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "opensuse",
            "version": "42.2"
          },
          {
            "model": "kubernetes",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "kubernetes",
            "version": "1.7.6"
          },
          {
            "model": "kubernetes",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "kubernetes",
            "version": "1.7"
          },
          {
            "model": "kubernetes",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "kubernetes",
            "version": "1.6.10"
          },
          {
            "model": "kubernetes",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "kubernetes",
            "version": "1.6"
          },
          {
            "model": "kubernetes",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "kubernetes",
            "version": "1.5.7"
          },
          {
            "model": "kubernetes",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "kubernetes",
            "version": "1.5"
          },
          {
            "model": "kubernetes",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "kubernetes",
            "version": "1.2"
          },
          {
            "model": "android",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "7.1.1"
          },
          {
            "model": "android",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "6.0.1"
          },
          {
            "model": "android",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "5.1.1"
          },
          {
            "model": "android",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "5.0.2"
          },
          {
            "model": "android",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "4.4.4"
          },
          {
            "model": "android",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "8.0"
          },
          {
            "model": "android",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "7.1.2"
          },
          {
            "model": "android",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "7.0"
          },
          {
            "model": "android",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "6.0"
          },
          {
            "model": "fedora",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "fedoraproject",
            "version": "27"
          },
          {
            "model": "linux sparc",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "debian",
            "version": "6.0"
          },
          {
            "model": "linux s/390",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "debian",
            "version": "6.0"
          },
          {
            "model": "linux powerpc",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "debian",
            "version": "6.0"
          },
          {
            "model": "linux mips",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "debian",
            "version": "6.0"
          },
          {
            "model": "linux ia-64",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "debian",
            "version": "6.0"
          },
          {
            "model": "linux ia-32",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "debian",
            "version": "6.0"
          },
          {
            "model": "linux ia-30",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "debian",
            "version": "6.0"
          },
          {
            "model": "linux arm",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "debian",
            "version": "6.0"
          },
          {
            "model": "linux amd64",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "debian",
            "version": "6.0"
          },
          {
            "model": "centos",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "centos",
            "version": "7"
          },
          {
            "model": "centos",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "centos",
            "version": "6"
          },
          {
            "model": "dnsmasq",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "thekelleys",
            "version": "2.78"
          },
          {
            "model": "kubernetes",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "kubernetes",
            "version": "1.8"
          },
          {
            "model": "kubernetes",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "kubernetes",
            "version": "1.7.7"
          },
          {
            "model": "kubernetes",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "kubernetes",
            "version": "1.6.11"
          },
          {
            "model": "kubernetes",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "kubernetes",
            "version": "1.5.8"
          }
        ],
        "sources": [
          {
            "db": "CERT/CC",
            "id": "VU#973527"
          },
          {
            "db": "BID",
            "id": "101085"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2017-008619"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201709-746"
          },
          {
            "db": "NVD",
            "id": "CVE-2017-14492"
          }
        ]
      },
      "configurations": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/configurations#",
          "children": {
            "@container": "@list"
          },
          "cpe_match": {
            "@container": "@list"
          },
          "data": {
            "@container": "@list"
          },
          "nodes": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "CVE_data_version": "4.0",
            "nodes": [
              {
                "cpe_match": [
                  {
                    "cpe22Uri": "cpe:/o:canonical:ubuntu",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:debian:debian_linux",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:opensuse_project:leap",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/a:thekelleys:dnsmasq",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:redhat:enterprise_linux_desktop",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:redhat:enterprise_linux_server",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:redhat:enterprise_linux_workstation",
                    "vulnerable": true
                  }
                ],
                "operator": "OR"
              }
            ]
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2017-008619"
          }
        ]
      },
      "credits": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/credits#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "Gabriel Campana, Kevin Hamacher and Ron Bowes of the Google Security Team,Felix Wilhelm, Fermin J. Serna",
        "sources": [
          {
            "db": "CNNVD",
            "id": "CNNVD-201709-746"
          }
        ],
        "trust": 0.6
      },
      "cve": "CVE-2017-14492",
      "cvss": {
        "@context": {
          "cvssV2": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
          },
          "cvssV3": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
          },
          "severity": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/cvss/severity#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/severity"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            },
            "@id": "https://www.variotdbs.pl/ref/sources"
          }
        },
        "data": [
          {
            "cvssV2": [
              {
                "accessComplexity": "LOW",
                "accessVector": "NETWORK",
                "authentication": "NONE",
                "author": "nvd@nist.gov",
                "availabilityImpact": "PARTIAL",
                "baseScore": 7.5,
                "confidentialityImpact": "PARTIAL",
                "exploitabilityScore": 10.0,
                "id": "CVE-2017-14492",
                "impactScore": 6.4,
                "integrityImpact": "PARTIAL",
                "severity": "HIGH",
                "trust": 1.9,
                "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
                "version": "2.0"
              }
            ],
            "cvssV3": [
              {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "author": "nvd@nist.gov",
                "availabilityImpact": "HIGH",
                "baseScore": 9.8,
                "baseSeverity": "CRITICAL",
                "confidentialityImpact": "HIGH",
                "exploitabilityScore": 3.9,
                "id": "CVE-2017-14492",
                "impactScore": 5.9,
                "integrityImpact": "HIGH",
                "privilegesRequired": "NONE",
                "scope": "UNCHANGED",
                "trust": 1.8,
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
                "version": "3.0"
              }
            ],
            "severity": [
              {
                "author": "nvd@nist.gov",
                "id": "CVE-2017-14492",
                "trust": 1.0,
                "value": "CRITICAL"
              },
              {
                "author": "NVD",
                "id": "CVE-2017-14492",
                "trust": 0.8,
                "value": "Critical"
              },
              {
                "author": "CNNVD",
                "id": "CNNVD-201709-746",
                "trust": 0.6,
                "value": "HIGH"
              },
              {
                "author": "VULMON",
                "id": "CVE-2017-14492",
                "trust": 0.1,
                "value": "HIGH"
              }
            ]
          }
        ],
        "sources": [
          {
            "db": "VULMON",
            "id": "CVE-2017-14492"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2017-008619"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201709-746"
          },
          {
            "db": "NVD",
            "id": "CVE-2017-14492"
          }
        ]
      },
      "description": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/description#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "Heap-based buffer overflow in dnsmasq before 2.78 allows remote attackers to cause a denial of service (crash) or execute arbitrary code via a crafted IPv6 router advertisement request. Dnsmasq versions 2.77 and earlier contains multiple vulnerabilities. dnsmasq Contains a buffer error vulnerability.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. \nAttackers can exploit these issues to execute arbitrary code within  the context of the affected application, bypass the ASLR, gain sensitive  information, or cause a denial-of-service condition. -----BEGIN PGP SIGNED MESSAGE-----\nHash: SHA1\n\n=====================================================================\n                   Red Hat Security Advisory\n\nSynopsis:          Critical: dnsmasq security update\nAdvisory ID:       RHSA-2017:2836-01\nProduct:           Red Hat Enterprise Linux\nAdvisory URL:      https://access.redhat.com/errata/RHSA-2017:2836\nIssue date:        2017-10-02\nCVE Names:         CVE-2017-14491 CVE-2017-14492 CVE-2017-14493 \n                   CVE-2017-14494 CVE-2017-14495 CVE-2017-14496 \n=====================================================================\n\n1. Summary:\n\nAn update for dnsmasq is now available for Red Hat Enterprise Linux 7. \n\nRed Hat Product Security has rated this update as having a security impact\nof Critical. A Common Vulnerability Scoring System (CVSS) base score, which\ngives a detailed severity rating, is available for each vulnerability from\nthe CVE link(s) in the References section. \n\n2. Relevant releases/architectures:\n\nRed Hat Enterprise Linux Client (v. 7) - x86_64\nRed Hat Enterprise Linux Client Optional (v. 7) - x86_64\nRed Hat Enterprise Linux ComputeNode (v. 7) - x86_64\nRed Hat Enterprise Linux ComputeNode Optional (v. 7) - x86_64\nRed Hat Enterprise Linux Server (v. 7) - aarch64, ppc64, ppc64le, s390x, x86_64\nRed Hat Enterprise Linux Server Optional (v. 7) - aarch64, ppc64, ppc64le, s390x, x86_64\nRed Hat Enterprise Linux Workstation (v. 7) - x86_64\nRed Hat Enterprise Linux Workstation Optional (v. 7) - x86_64\n\n3. Description:\n\nThe dnsmasq packages contain Dnsmasq, a lightweight DNS (Domain Name\nServer) forwarder and DHCP (Dynamic Host Configuration Protocol) server. \n\nSecurity Fix(es):\n\n* A heap buffer overflow was found in dnsmasq in the code responsible for\nbuilding DNS replies. This issue only affected\nconfigurations using one of these options: enable-ra, ra-only, slaac,\nra-names, ra-advrouter, or ra-stateless. (CVE-2017-14492)\n\n* A stack buffer overflow was found in dnsmasq in the DHCPv6 code. (CVE-2017-14493)\n\n* An information leak was found in dnsmasq in the DHCPv6 relay code. An\nattacker on the local network could send crafted DHCPv6 packets to dnsmasq\ncausing it to forward the contents of process memory, potentially leaking\nsensitive data. (CVE-2017-14494)\n\n* A memory exhaustion flaw was found in dnsmasq in the EDNS0 code. An\nattacker could send crafted DNS packets which would trigger memory\nallocations which would never be freed, leading to unbounded memory\nconsumption and eventually a crash. This issue only affected configurations\nusing one of the options: add-mac, add-cpe-id, or add-subnet. \n(CVE-2017-14495)\n\n* An integer underflow flaw leading to a buffer over-read was found in\ndnsmasq in the EDNS0 code. An attacker could send crafted DNS packets to\ndnsmasq which would cause it to crash. This issue only affected\nconfigurations using one of the options: add-mac, add-cpe-id, or\nadd-subnet. (CVE-2017-14496)\n\nRed Hat would like to thank Felix Wilhelm (Google Security Team), Fermin J. \nSerna (Google Security Team), Gabriel Campana (Google Security Team), Kevin\nHamacher (Google Security Team), and Ron Bowes (Google Security Team) for\nreporting these issues. \n\n4. Solution:\n\nFor details on how to apply this update, which includes the changes\ndescribed in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\n5. Bugs fixed (https://bugzilla.redhat.com/):\n\n1495409 - CVE-2017-14491 dnsmasq: heap overflow in the code responsible for building DNS replies\n1495410 - CVE-2017-14492 dnsmasq: heap overflow in the IPv6 router advertisement code\n1495411 - CVE-2017-14493 dnsmasq: stack buffer overflow in the DHCPv6 code\n1495412 - CVE-2017-14494 dnsmasq: information leak in the DHCPv6 relay code\n1495415 - CVE-2017-14495 dnsmasq: memory exhaustion vulnerability in the EDNS0 code\n1495416 - CVE-2017-14496 dnsmasq: integer underflow leading to buffer over-read in the EDNS0 code\n\n6. Package List:\n\nRed Hat Enterprise Linux Client (v. 7):\n\nSource:\ndnsmasq-2.76-2.el7_4.2.src.rpm\n\nx86_64:\ndnsmasq-2.76-2.el7_4.2.x86_64.rpm\ndnsmasq-debuginfo-2.76-2.el7_4.2.x86_64.rpm\n\nRed Hat Enterprise Linux Client Optional (v. 7):\n\nx86_64:\ndnsmasq-debuginfo-2.76-2.el7_4.2.x86_64.rpm\ndnsmasq-utils-2.76-2.el7_4.2.x86_64.rpm\n\nRed Hat Enterprise Linux ComputeNode (v. 7):\n\nSource:\ndnsmasq-2.76-2.el7_4.2.src.rpm\n\nx86_64:\ndnsmasq-2.76-2.el7_4.2.x86_64.rpm\ndnsmasq-debuginfo-2.76-2.el7_4.2.x86_64.rpm\n\nRed Hat Enterprise Linux ComputeNode Optional (v. 7):\n\nx86_64:\ndnsmasq-debuginfo-2.76-2.el7_4.2.x86_64.rpm\ndnsmasq-utils-2.76-2.el7_4.2.x86_64.rpm\n\nRed Hat Enterprise Linux Server (v. 7):\n\nSource:\ndnsmasq-2.76-2.el7_4.2.src.rpm\n\naarch64:\ndnsmasq-2.76-2.el7_4.2.aarch64.rpm\ndnsmasq-debuginfo-2.76-2.el7_4.2.aarch64.rpm\n\nppc64:\ndnsmasq-2.76-2.el7_4.2.ppc64.rpm\ndnsmasq-debuginfo-2.76-2.el7_4.2.ppc64.rpm\n\nppc64le:\ndnsmasq-2.76-2.el7_4.2.ppc64le.rpm\ndnsmasq-debuginfo-2.76-2.el7_4.2.ppc64le.rpm\n\ns390x:\ndnsmasq-2.76-2.el7_4.2.s390x.rpm\ndnsmasq-debuginfo-2.76-2.el7_4.2.s390x.rpm\n\nx86_64:\ndnsmasq-2.76-2.el7_4.2.x86_64.rpm\ndnsmasq-debuginfo-2.76-2.el7_4.2.x86_64.rpm\n\nRed Hat Enterprise Linux Server Optional (v. 7):\n\naarch64:\ndnsmasq-debuginfo-2.76-2.el7_4.2.aarch64.rpm\ndnsmasq-utils-2.76-2.el7_4.2.aarch64.rpm\n\nppc64:\ndnsmasq-debuginfo-2.76-2.el7_4.2.ppc64.rpm\ndnsmasq-utils-2.76-2.el7_4.2.ppc64.rpm\n\nppc64le:\ndnsmasq-debuginfo-2.76-2.el7_4.2.ppc64le.rpm\ndnsmasq-utils-2.76-2.el7_4.2.ppc64le.rpm\n\ns390x:\ndnsmasq-debuginfo-2.76-2.el7_4.2.s390x.rpm\ndnsmasq-utils-2.76-2.el7_4.2.s390x.rpm\n\nx86_64:\ndnsmasq-debuginfo-2.76-2.el7_4.2.x86_64.rpm\ndnsmasq-utils-2.76-2.el7_4.2.x86_64.rpm\n\nRed Hat Enterprise Linux Workstation (v. 7):\n\nSource:\ndnsmasq-2.76-2.el7_4.2.src.rpm\n\nx86_64:\ndnsmasq-2.76-2.el7_4.2.x86_64.rpm\ndnsmasq-debuginfo-2.76-2.el7_4.2.x86_64.rpm\n\nRed Hat Enterprise Linux Workstation Optional (v. 7):\n\nx86_64:\ndnsmasq-debuginfo-2.76-2.el7_4.2.x86_64.rpm\ndnsmasq-utils-2.76-2.el7_4.2.x86_64.rpm\n\nThese packages are GPG signed by Red Hat for security.  Our key and\ndetails on how to verify the signature are available from\nhttps://access.redhat.com/security/team/key/\n\n7. References:\n\nhttps://access.redhat.com/security/cve/CVE-2017-14491\nhttps://access.redhat.com/security/cve/CVE-2017-14492\nhttps://access.redhat.com/security/cve/CVE-2017-14493\nhttps://access.redhat.com/security/cve/CVE-2017-14494\nhttps://access.redhat.com/security/cve/CVE-2017-14495\nhttps://access.redhat.com/security/cve/CVE-2017-14496\nhttps://access.redhat.com/security/updates/classification/#critical\nhttps://access.redhat.com/security/vulnerabilities/3199382\n\n8. Contact:\n\nThe Red Hat security contact is \u003csecalert@redhat.com\u003e. More contact\ndetails at https://access.redhat.com/security/team/contact/\n\nCopyright 2017 Red Hat, Inc. \n-----BEGIN PGP SIGNATURE-----\nVersion: GnuPG v1\n\niD8DBQFZ0opYXlSAg2UNWIIRAr0dAJ9rIL1FgNTJUf2I9jjKFFlfkCd/kwCfV+bX\nSfoCV7+qG2nwqlHKLZOlhIU=\n=iWfU\n-----END PGP SIGNATURE-----\n\n--\nRHSA-announce mailing list\nRHSA-announce@redhat.com\nhttps://www.redhat.com/mailman/listinfo/rhsa-announce\n. \n===========================================================================\nUbuntu Security Notice USN-3430-3\nJanuary 04, 2018\n\ndnsmasq regression\n===========================================================================\n\nA security issue affects these releases of Ubuntu and its derivatives:\n\n- Ubuntu 12.04 ESM\n\nSummary:\n\nUSN-3430-2 introduced regression in Dnsmasq. \n\nSoftware Description:\n- dnsmasq: Small caching DNS proxy and DHCP/TFTP server\n\nDetails:\n\nUSN-3430-2 fixed several vulnerabilities. The update introduced a new\nregression that breaks DNS resolution. This update addresses the\nproblem. \n\nWe apologize for the inconvenience. \n\nOriginal advisory details:\n\nFelix Wilhelm, Fermin J. Serna, Gabriel Campana and Kevin Hamacher\ndiscovered that Dnsmasq incorrectly handled DNS requests. \n(CVE-2017-14491)\n\nFelix Wilhelm, Fermin J. (CVE-2017-14492)\n\nFelix Wilhelm, Fermin J. Serna, Gabriel Campana and Kevin Hamacher\ndiscovered that Dnsmasq incorrectly handled DHCPv6 requests. \n(CVE-2017-14493)\n\nFelix Wilhelm, Fermin J. Serna, Gabriel Campana and Kevin Hamacher\ndiscovered that Dnsmasq incorrectly handled DHCPv6 packets. (CVE-2017-14494)\n\nFelix Wilhelm, Fermin J. Serna, Gabriel Campana and Kevin Hamacher\ndiscovered that Dnsmasq incorrectly handled DNS requests. A remote\nattacker could use this issue to cause Dnsmasq to consume memory,\nresulting in a denial of service. (CVE-2017-14495)\n\nFelix Wilhelm, Fermin J. Serna, Gabriel Campana and Kevin Hamacher\ndiscovered that Dnsmasq incorrectly handled DNS requests. (CVE-2017-14496)\n\nUpdate instructions:\n\nThe problem can be corrected by updating your system to the following\npackage versions:\n\nUbuntu 12.04 ESM:\n dnsmasq=C2=A02.59-4ubuntu0.4\n dnsmasq-base2.59-4ubuntu0.4\n dnsmasq-utils2.59-4ubuntu0.4\n\nAfter a standard system update you need to reboot your computer to make\nall the necessary changes. 7.3) - ppc64, ppc64le, s390x, x86_64\n\n3. - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\nGentoo Linux Security Advisory                           GLSA 201710-27\n- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\n                                           https://security.gentoo.org/\n- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\n\n Severity: Normal\n    Title: Dnsmasq: Multiple vulnerabilities\n     Date: October 23, 2017\n     Bugs: #632692\n       ID: 201710-27\n\n- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\n\nSynopsis\n========\n\nMultiple vulnerabilities have been found in Dnsmasq, the worst of which\nmay allow remote attackers to execute arbitrary code. \n\nAffected packages\n=================\n\n    -------------------------------------------------------------------\n     Package              /     Vulnerable     /            Unaffected\n    -------------------------------------------------------------------\n  1  net-dns/dnsmasq               \u003c 2.78                     \u003e= 2.78 \n\nDescription\n===========\n\nMultiple vulnerabilities have been discovered in Dnsmasq. \n\nWorkaround\n==========\n\nThere is no known workaround at this time. \n\nResolution\n==========\n\nAll Dnsmasq users should upgrade to the latest version:\n\n  # emerge --sync\n  # emerge --ask --oneshot --verbose \"\u003e=net-dns/dnsmasq-2.78\"\n\nReferences\n==========\n\n[ 1 ] CVE-2017-14491\n      https://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-14491\n[ 2 ] CVE-2017-14492\n      https://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-14492\n[ 3 ] CVE-2017-14493\n      https://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-14493\n[ 4 ] CVE-2017-14494\n      https://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-14494\n[ 5 ] CVE-2017-14495\n      https://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-14495\n[ 6 ] CVE-2017-14496\n      https://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-14496\n\nAvailability\n============\n\nThis GLSA and any updates to it are available for viewing at\nthe Gentoo Security Website:\n\n https://security.gentoo.org/glsa/201710-27\n\nConcerns?\n=========\n\nSecurity is a primary focus of Gentoo Linux and ensuring the\nconfidentiality and security of our users\u0027 machines is of utmost\nimportance to us. Any security concerns should be addressed to\nsecurity@gentoo.org or alternatively, you may file a bug at\nhttps://bugs.gentoo.org. \n\nLicense\n=======\n\nCopyright 2017 Gentoo Foundation, Inc; referenced text\nbelongs to its owner(s). \n\nThe contents of this document are licensed under the\nCreative Commons - Attribution / Share Alike license. \n\nhttp://creativecommons.org/licenses/by-sa/2.5\n",
        "sources": [
          {
            "db": "NVD",
            "id": "CVE-2017-14492"
          },
          {
            "db": "CERT/CC",
            "id": "VU#973527"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2017-008619"
          },
          {
            "db": "BID",
            "id": "101085"
          },
          {
            "db": "VULMON",
            "id": "CVE-2017-14492"
          },
          {
            "db": "PACKETSTORM",
            "id": "144490"
          },
          {
            "db": "PACKETSTORM",
            "id": "144484"
          },
          {
            "db": "PACKETSTORM",
            "id": "145652"
          },
          {
            "db": "PACKETSTORM",
            "id": "144477"
          },
          {
            "db": "PACKETSTORM",
            "id": "144469"
          },
          {
            "db": "PACKETSTORM",
            "id": "144706"
          }
        ],
        "trust": 3.24
      },
      "exploit_availability": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/exploit_availability#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "reference": "https://vulmon.com/exploitdetails?qidtp=exploitdb\u0026qid=42942",
            "trust": 0.1,
            "type": "exploit"
          }
        ],
        "sources": [
          {
            "db": "VULMON",
            "id": "CVE-2017-14492"
          }
        ]
      },
      "external_ids": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/external_ids#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "db": "NVD",
            "id": "CVE-2017-14492",
            "trust": 3.4
          },
          {
            "db": "CERT/CC",
            "id": "VU#973527",
            "trust": 2.8
          },
          {
            "db": "BID",
            "id": "101085",
            "trust": 2.0
          },
          {
            "db": "SECTRACK",
            "id": "1039474",
            "trust": 1.1
          },
          {
            "db": "EXPLOIT-DB",
            "id": "42942",
            "trust": 1.1
          },
          {
            "db": "ICS CERT",
            "id": "ICSA-17-332-01",
            "trust": 0.9
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2017-008619",
            "trust": 0.8
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201709-746",
            "trust": 0.6
          },
          {
            "db": "VULMON",
            "id": "CVE-2017-14492",
            "trust": 0.1
          },
          {
            "db": "PACKETSTORM",
            "id": "144490",
            "trust": 0.1
          },
          {
            "db": "PACKETSTORM",
            "id": "144484",
            "trust": 0.1
          },
          {
            "db": "PACKETSTORM",
            "id": "145652",
            "trust": 0.1
          },
          {
            "db": "PACKETSTORM",
            "id": "144477",
            "trust": 0.1
          },
          {
            "db": "PACKETSTORM",
            "id": "144469",
            "trust": 0.1
          },
          {
            "db": "PACKETSTORM",
            "id": "144706",
            "trust": 0.1
          }
        ],
        "sources": [
          {
            "db": "CERT/CC",
            "id": "VU#973527"
          },
          {
            "db": "VULMON",
            "id": "CVE-2017-14492"
          },
          {
            "db": "BID",
            "id": "101085"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2017-008619"
          },
          {
            "db": "PACKETSTORM",
            "id": "144490"
          },
          {
            "db": "PACKETSTORM",
            "id": "144484"
          },
          {
            "db": "PACKETSTORM",
            "id": "145652"
          },
          {
            "db": "PACKETSTORM",
            "id": "144477"
          },
          {
            "db": "PACKETSTORM",
            "id": "144469"
          },
          {
            "db": "PACKETSTORM",
            "id": "144706"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201709-746"
          },
          {
            "db": "NVD",
            "id": "CVE-2017-14492"
          }
        ]
      },
      "id": "VAR-201710-0448",
      "iot": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/iot#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": true,
        "sources": [
          {
            "db": "VARIoT devices database",
            "id": null
          }
        ],
        "trust": 0.25396827
      },
      "last_update_date": "2025-04-20T19:55:52.285000Z",
      "patch": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/patch#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "title": "DSA-3989",
            "trust": 0.8,
            "url": "https://www.debian.org/security/2017/dsa-3989"
          },
          {
            "title": "Security Bulletin: NVIDIA Tegra Jetson L4T contains multiple vulnerabilities; updates for \u201cBlueBorne\u201d and \u201cDnsmasq\u201d.",
            "trust": 0.8,
            "url": "http://nvidia.custhelp.com/app/answers/detail/a_id/4561"
          },
          {
            "title": "openSUSE-SU-2017:2633",
            "trust": 0.8,
            "url": "https://lists.opensuse.org/opensuse-security-announce/2017-10/msg00006.html"
          },
          {
            "title": "RHSA-2017:2837",
            "trust": 0.8,
            "url": "https://access.redhat.com/errata/RHSA-2017:2837"
          },
          {
            "title": "dnsmasq: Multiple Critical and Important vulnerabilities",
            "trust": 0.8,
            "url": "https://access.redhat.com/security/vulnerabilities/3199382"
          },
          {
            "title": "CHANGELOG",
            "trust": 0.8,
            "url": "http://thekelleys.org.uk/dnsmasq/CHANGELOG"
          },
          {
            "title": "Security fix, CVE-2017-14492, DHCPv6 RA heap overflow.",
            "trust": 0.8,
            "url": "http://thekelleys.org.uk/gitweb/?p=dnsmasq.git;a=commit;h=24036ea507862c7b7898b68289c8130f85599c10"
          },
          {
            "title": "USN-3430-2",
            "trust": 0.8,
            "url": "https://usn.ubuntu.com/usn/USN-3430-2/"
          },
          {
            "title": "USN-3430-1",
            "trust": 0.8,
            "url": "https://usn.ubuntu.com/usn/USN-3430-1/"
          },
          {
            "title": "Dnsmasq Buffer error vulnerability fix",
            "trust": 0.6,
            "url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=92842"
          },
          {
            "title": "Red Hat: Critical: dnsmasq security update",
            "trust": 0.1,
            "url": "https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories\u0026qid=RHSA-20172837 - Security Advisory"
          },
          {
            "title": "Red Hat: Critical: dnsmasq security update",
            "trust": 0.1,
            "url": "https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories\u0026qid=RHSA-20172836 - Security Advisory"
          },
          {
            "title": "Arch Linux Issues: ",
            "trust": 0.1,
            "url": "https://vulmon.com/vendoradvisory?qidtp=arch_linux_issues\u0026qid=CVE-2017-14492"
          },
          {
            "title": "Ubuntu Security Notice: dnsmasq vulnerabilities",
            "trust": 0.1,
            "url": "https://vulmon.com/vendoradvisory?qidtp=ubuntu_security_notice\u0026qid=USN-3430-2"
          },
          {
            "title": "Ubuntu Security Notice: dnsmasq regression",
            "trust": 0.1,
            "url": "https://vulmon.com/vendoradvisory?qidtp=ubuntu_security_notice\u0026qid=USN-3430-3"
          },
          {
            "title": "Ubuntu Security Notice: dnsmasq vulnerabilities",
            "trust": 0.1,
            "url": "https://vulmon.com/vendoradvisory?qidtp=ubuntu_security_notice\u0026qid=USN-3430-1"
          },
          {
            "title": "Debian Security Advisories: DSA-3989-1 dnsmasq -- security update",
            "trust": 0.1,
            "url": "https://vulmon.com/vendoradvisory?qidtp=debian_security_advisories\u0026qid=5c18698ecfe74c7de381531f8ed44dcf"
          },
          {
            "title": "Amazon Linux 2: ALAS2-2019-1251",
            "trust": 0.1,
            "url": "https://vulmon.com/vendoradvisory?qidtp=amazon_linux2\u0026qid=ALAS2-2019-1251"
          },
          {
            "title": "Amazon Linux AMI: ALAS-2017-907",
            "trust": 0.1,
            "url": "https://vulmon.com/vendoradvisory?qidtp=amazon_linux_ami\u0026qid=ALAS-2017-907"
          },
          {
            "title": "Arch Linux Advisories: [ASA-201710-1] dnsmasq: multiple issues",
            "trust": 0.1,
            "url": "https://vulmon.com/vendoradvisory?qidtp=arch_linux_advisories\u0026qid=ASA-201710-1"
          },
          {
            "title": "Oracle Solaris Third Party Bulletins: Oracle Solaris Third Party Bulletin - October 2017",
            "trust": 0.1,
            "url": "https://vulmon.com/vendoradvisory?qidtp=oracle_solaris_third_party_bulletins\u0026qid=6283337cd31f81f24d445925f2138c0e"
          },
          {
            "title": "Oracle Linux Bulletins: Oracle Linux Bulletin - October 2017",
            "trust": 0.1,
            "url": "https://vulmon.com/vendoradvisory?qidtp=oracle_linux_bulletins\u0026qid=7251d5e5f2b1771951980ad7cfde50ba"
          },
          {
            "title": "Awesome CVE PoC",
            "trust": 0.1,
            "url": "https://github.com/lnick2023/nicenice "
          },
          {
            "title": "Awesome CVE PoC",
            "trust": 0.1,
            "url": "https://github.com/xbl3/awesome-cve-poc_qazbnm456 "
          },
          {
            "title": "Awesome CVE PoC",
            "trust": 0.1,
            "url": "https://github.com/qazbnm456/awesome-cve-poc "
          },
          {
            "title": "Threatpost",
            "trust": 0.1,
            "url": "https://threatpost.com/google-warns-of-dos-and-rce-bugs-in-dnsmasq/128238/"
          }
        ],
        "sources": [
          {
            "db": "VULMON",
            "id": "CVE-2017-14492"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2017-008619"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201709-746"
          }
        ]
      },
      "problemtype_data": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "problemtype": "CWE-119",
            "trust": 1.8
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2017-008619"
          },
          {
            "db": "NVD",
            "id": "CVE-2017-14492"
          }
        ]
      },
      "references": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/references#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "trust": 2.8,
            "url": "https://security.googleblog.com/2017/10/behind-masq-yet-more-dns-and-dhcp.html"
          },
          {
            "trust": 2.3,
            "url": "http://www.securityfocus.com/bid/101085"
          },
          {
            "trust": 2.2,
            "url": "https://access.redhat.com/errata/rhsa-2017:2837"
          },
          {
            "trust": 2.1,
            "url": "https://www.kb.cert.org/vuls/id/973527"
          },
          {
            "trust": 2.1,
            "url": "https://access.redhat.com/errata/rhsa-2017:2836"
          },
          {
            "trust": 2.0,
            "url": "http://www.debian.org/security/2017/dsa-3989"
          },
          {
            "trust": 1.7,
            "url": "http://www.thekelleys.org.uk/dnsmasq/doc.html"
          },
          {
            "trust": 1.4,
            "url": "http://www.ubuntu.com/usn/usn-3430-1"
          },
          {
            "trust": 1.4,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2017-14492"
          },
          {
            "trust": 1.3,
            "url": "https://access.redhat.com/security/vulnerabilities/3199382"
          },
          {
            "trust": 1.2,
            "url": "https://www.exploit-db.com/exploits/42942/"
          },
          {
            "trust": 1.2,
            "url": "http://www.ubuntu.com/usn/usn-3430-2"
          },
          {
            "trust": 1.2,
            "url": "https://security.gentoo.org/glsa/201710-27"
          },
          {
            "trust": 1.1,
            "url": "http://thekelleys.org.uk/dnsmasq/changelog"
          },
          {
            "trust": 1.1,
            "url": "http://lists.opensuse.org/opensuse-security-announce/2017-10/msg00006.html"
          },
          {
            "trust": 1.1,
            "url": "http://nvidia.custhelp.com/app/answers/detail/a_id/4561"
          },
          {
            "trust": 1.1,
            "url": "http://www.arubanetworks.com/assets/alert/aruba-psa-2017-005.txt"
          },
          {
            "trust": 1.1,
            "url": "https://www.synology.com/support/security/synology_sa_17_59_dnsmasq"
          },
          {
            "trust": 1.1,
            "url": "http://www.securitytracker.com/id/1039474"
          },
          {
            "trust": 1.1,
            "url": "http://thekelleys.org.uk/gitweb/?p=dnsmasq.git%3ba=commit%3bh=24036ea507862c7b7898b68289c8130f85599c10"
          },
          {
            "trust": 1.1,
            "url": "https://www.mail-archive.com/dnsmasq-discuss%40lists.thekelleys.org.uk/msg11665.html"
          },
          {
            "trust": 1.1,
            "url": "https://www.mail-archive.com/dnsmasq-discuss%40lists.thekelleys.org.uk/msg11664.html"
          },
          {
            "trust": 1.1,
            "url": "https://access.redhat.com/security/cve/cve-2017-14491"
          },
          {
            "trust": 1.1,
            "url": "https://access.redhat.com/security/cve/cve-2017-14492"
          },
          {
            "trust": 1.1,
            "url": "https://access.redhat.com/security/cve/cve-2017-14493"
          },
          {
            "trust": 1.1,
            "url": "https://access.redhat.com/security/cve/cve-2017-14494"
          },
          {
            "trust": 1.0,
            "url": "https://access.redhat.com/security/cve/cve-2017-14495"
          },
          {
            "trust": 1.0,
            "url": "https://access.redhat.com/security/cve/cve-2017-14496"
          },
          {
            "trust": 0.9,
            "url": "http://www.thekelleys.org.uk/dnsmasq/changelog"
          },
          {
            "trust": 0.9,
            "url": "https://github.com/google/security-research-pocs/blob/master/vulnerabilities/dnsmasq/cve-2017-14491.py"
          },
          {
            "trust": 0.9,
            "url": "https://github.com/google/security-research-pocs/blob/master/vulnerabilities/dnsmasq/cve-2017-14492.py"
          },
          {
            "trust": 0.9,
            "url": "https://github.com/google/security-research-pocs/blob/master/vulnerabilities/dnsmasq/cve-2017-14493.py"
          },
          {
            "trust": 0.9,
            "url": "https://github.com/google/security-research-pocs/blob/master/vulnerabilities/dnsmasq/cve-2017-14494.py"
          },
          {
            "trust": 0.9,
            "url": "https://github.com/google/security-research-pocs/blob/master/vulnerabilities/dnsmasq/cve-2017-14495.py"
          },
          {
            "trust": 0.9,
            "url": "https://github.com/kubernetes/kubernetes/blob/master/changelog.md"
          },
          {
            "trust": 0.9,
            "url": "http://www.slackware.com/security/viewer.php?l=slackware-security\u0026y=2017\u0026m=slackware-security.601472"
          },
          {
            "trust": 0.9,
            "url": "https://source.android.com/security/bulletin/2017-10-01"
          },
          {
            "trust": 0.9,
            "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1495410"
          },
          {
            "trust": 0.9,
            "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1495411"
          },
          {
            "trust": 0.9,
            "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1495412"
          },
          {
            "trust": 0.9,
            "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1495415"
          },
          {
            "trust": 0.9,
            "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1495416"
          },
          {
            "trust": 0.9,
            "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1495510"
          },
          {
            "trust": 0.9,
            "url": "https://access.redhat.com/security/cve/cve-2017-13704"
          },
          {
            "trust": 0.9,
            "url": "https://github.com/google/security-research-pocs/blob/master/vulnerabilities/dnsmasq/cve-2017-14496.py"
          },
          {
            "trust": 0.9,
            "url": "https://ics-cert.us-cert.gov/advisories/icsa-17-332-01"
          },
          {
            "trust": 0.8,
            "url": "https://www.ruckuswireless.com/security"
          },
          {
            "trust": 0.8,
            "url": "https://www.zyxel.com/support/announcement_dnsmasq_vulnerabilities.shtml"
          },
          {
            "trust": 0.8,
            "url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2017-14492"
          },
          {
            "trust": 0.6,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2017-14491"
          },
          {
            "trust": 0.6,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2017-14494"
          },
          {
            "trust": 0.6,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2017-14493"
          },
          {
            "trust": 0.6,
            "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1495409bug1495409"
          },
          {
            "trust": 0.5,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2017-14496"
          },
          {
            "trust": 0.5,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2017-14495"
          },
          {
            "trust": 0.3,
            "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1495409 bug 1495409"
          },
          {
            "trust": 0.2,
            "url": "https://access.redhat.com/security/updates/classification/#critical"
          },
          {
            "trust": 0.2,
            "url": "https://access.redhat.com/articles/11258"
          },
          {
            "trust": 0.2,
            "url": "https://access.redhat.com/security/team/contact/"
          },
          {
            "trust": 0.2,
            "url": "https://www.redhat.com/mailman/listinfo/rhsa-announce"
          },
          {
            "trust": 0.2,
            "url": "https://bugzilla.redhat.com/):"
          },
          {
            "trust": 0.2,
            "url": "https://access.redhat.com/security/team/key/"
          },
          {
            "trust": 0.1,
            "url": "https://cwe.mitre.org/data/definitions/119.html"
          },
          {
            "trust": 0.1,
            "url": "https://tools.cisco.com/security/center/viewalert.x?alertid=55495"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov"
          },
          {
            "trust": 0.1,
            "url": "https://usn.ubuntu.com/3430-2/"
          },
          {
            "trust": 0.1,
            "url": "https://launchpad.net/bugs/1741262"
          },
          {
            "trust": 0.1,
            "url": "https://www.ubuntu.com/usn/usn-3430-3"
          },
          {
            "trust": 0.1,
            "url": "https://launchpad.net/ubuntu/+source/dnsmasq/2.76-5ubuntu0.1"
          },
          {
            "trust": 0.1,
            "url": "https://launchpad.net/ubuntu/+source/dnsmasq/2.75-1ubuntu0.16.04.3"
          },
          {
            "trust": 0.1,
            "url": "https://launchpad.net/ubuntu/+source/dnsmasq/2.68-1ubuntu0.2"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/nvd.cfm?cvename=cve-2017-14495"
          },
          {
            "trust": 0.1,
            "url": "http://creativecommons.org/licenses/by-sa/2.5"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/nvd.cfm?cvename=cve-2017-14493"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/nvd.cfm?cvename=cve-2017-14492"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/nvd.cfm?cvename=cve-2017-14491"
          },
          {
            "trust": 0.1,
            "url": "https://security.gentoo.org/"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/nvd.cfm?cvename=cve-2017-14496"
          },
          {
            "trust": 0.1,
            "url": "https://bugs.gentoo.org."
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/nvd.cfm?cvename=cve-2017-14494"
          }
        ],
        "sources": [
          {
            "db": "CERT/CC",
            "id": "VU#973527"
          },
          {
            "db": "VULMON",
            "id": "CVE-2017-14492"
          },
          {
            "db": "BID",
            "id": "101085"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2017-008619"
          },
          {
            "db": "PACKETSTORM",
            "id": "144490"
          },
          {
            "db": "PACKETSTORM",
            "id": "144484"
          },
          {
            "db": "PACKETSTORM",
            "id": "145652"
          },
          {
            "db": "PACKETSTORM",
            "id": "144477"
          },
          {
            "db": "PACKETSTORM",
            "id": "144469"
          },
          {
            "db": "PACKETSTORM",
            "id": "144706"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201709-746"
          },
          {
            "db": "NVD",
            "id": "CVE-2017-14492"
          }
        ]
      },
      "sources": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "db": "CERT/CC",
            "id": "VU#973527"
          },
          {
            "db": "VULMON",
            "id": "CVE-2017-14492"
          },
          {
            "db": "BID",
            "id": "101085"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2017-008619"
          },
          {
            "db": "PACKETSTORM",
            "id": "144490"
          },
          {
            "db": "PACKETSTORM",
            "id": "144484"
          },
          {
            "db": "PACKETSTORM",
            "id": "145652"
          },
          {
            "db": "PACKETSTORM",
            "id": "144477"
          },
          {
            "db": "PACKETSTORM",
            "id": "144469"
          },
          {
            "db": "PACKETSTORM",
            "id": "144706"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201709-746"
          },
          {
            "db": "NVD",
            "id": "CVE-2017-14492"
          }
        ]
      },
      "sources_release_date": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "date": "2017-10-02T00:00:00",
            "db": "CERT/CC",
            "id": "VU#973527"
          },
          {
            "date": "2017-10-03T00:00:00",
            "db": "VULMON",
            "id": "CVE-2017-14492"
          },
          {
            "date": "2017-10-02T00:00:00",
            "db": "BID",
            "id": "101085"
          },
          {
            "date": "2017-10-24T00:00:00",
            "db": "JVNDB",
            "id": "JVNDB-2017-008619"
          },
          {
            "date": "2017-10-03T20:21:00",
            "db": "PACKETSTORM",
            "id": "144490"
          },
          {
            "date": "2017-10-03T05:19:24",
            "db": "PACKETSTORM",
            "id": "144484"
          },
          {
            "date": "2018-01-04T17:50:40",
            "db": "PACKETSTORM",
            "id": "145652"
          },
          {
            "date": "2017-10-02T11:11:00",
            "db": "PACKETSTORM",
            "id": "144477"
          },
          {
            "date": "2017-10-02T13:13:00",
            "db": "PACKETSTORM",
            "id": "144469"
          },
          {
            "date": "2017-10-23T13:54:05",
            "db": "PACKETSTORM",
            "id": "144706"
          },
          {
            "date": "2017-09-18T00:00:00",
            "db": "CNNVD",
            "id": "CNNVD-201709-746"
          },
          {
            "date": "2017-10-03T01:29:02.027000",
            "db": "NVD",
            "id": "CVE-2017-14492"
          }
        ]
      },
      "sources_update_date": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "date": "2018-02-02T00:00:00",
            "db": "CERT/CC",
            "id": "VU#973527"
          },
          {
            "date": "2023-11-07T00:00:00",
            "db": "VULMON",
            "id": "CVE-2017-14492"
          },
          {
            "date": "2017-10-02T00:00:00",
            "db": "BID",
            "id": "101085"
          },
          {
            "date": "2017-10-24T00:00:00",
            "db": "JVNDB",
            "id": "JVNDB-2017-008619"
          },
          {
            "date": "2019-05-24T00:00:00",
            "db": "CNNVD",
            "id": "CNNVD-201709-746"
          },
          {
            "date": "2025-04-20T01:37:25.860000",
            "db": "NVD",
            "id": "CVE-2017-14492"
          }
        ]
      },
      "threat_type": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/threat_type#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "remote or local",
        "sources": [
          {
            "db": "CNNVD",
            "id": "CNNVD-201709-746"
          }
        ],
        "trust": 0.6
      },
      "title": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/title#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "dnsmasq Buffer error vulnerability",
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2017-008619"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201709-746"
          }
        ],
        "trust": 1.4
      },
      "type": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/type#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "buffer error",
        "sources": [
          {
            "db": "CNNVD",
            "id": "CNNVD-201709-746"
          }
        ],
        "trust": 0.6
      }
    }

    VAR-201708-0816

    Vulnerability from variot - Updated: 2025-04-20 19:43

    Persistent XSS through the SSID of nearby Wi-Fi devices on Technicolor TC7337 routers 08.89.17.20.00 allows an attacker to cause DNS Poisoning and steal credentials from the router. Technicolor TC7337 The router contains a cross-site scripting vulnerability.Information may be obtained and information may be altered. TechnicolorTC7337routers is a wireless router from Technicolor, France

    Show details on source website

    {
      "@context": {
        "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
        "affected_products": {
          "@id": "https://www.variotdbs.pl/ref/affected_products"
        },
        "configurations": {
          "@id": "https://www.variotdbs.pl/ref/configurations"
        },
        "credits": {
          "@id": "https://www.variotdbs.pl/ref/credits"
        },
        "cvss": {
          "@id": "https://www.variotdbs.pl/ref/cvss/"
        },
        "description": {
          "@id": "https://www.variotdbs.pl/ref/description/"
        },
        "exploit_availability": {
          "@id": "https://www.variotdbs.pl/ref/exploit_availability/"
        },
        "external_ids": {
          "@id": "https://www.variotdbs.pl/ref/external_ids/"
        },
        "iot": {
          "@id": "https://www.variotdbs.pl/ref/iot/"
        },
        "iot_taxonomy": {
          "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
        },
        "patch": {
          "@id": "https://www.variotdbs.pl/ref/patch/"
        },
        "problemtype_data": {
          "@id": "https://www.variotdbs.pl/ref/problemtype_data/"
        },
        "references": {
          "@id": "https://www.variotdbs.pl/ref/references/"
        },
        "sources": {
          "@id": "https://www.variotdbs.pl/ref/sources/"
        },
        "sources_release_date": {
          "@id": "https://www.variotdbs.pl/ref/sources_release_date/"
        },
        "sources_update_date": {
          "@id": "https://www.variotdbs.pl/ref/sources_update_date/"
        },
        "threat_type": {
          "@id": "https://www.variotdbs.pl/ref/threat_type/"
        },
        "title": {
          "@id": "https://www.variotdbs.pl/ref/title/"
        },
        "type": {
          "@id": "https://www.variotdbs.pl/ref/type/"
        }
      },
      "@id": "https://www.variotdbs.pl/vuln/VAR-201708-0816",
      "affected_products": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/affected_products#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            },
            "@id": "https://www.variotdbs.pl/ref/sources"
          }
        },
        "data": [
          {
            "model": "tc7337",
            "scope": "eq",
            "trust": 2.4,
            "vendor": "technicolor",
            "version": "08.89.17.20.00"
          },
          {
            "model": "tc7337 no",
            "scope": null,
            "trust": 0.6,
            "vendor": "technicolor",
            "version": null
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2017-20272"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2017-006796"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201707-642"
          },
          {
            "db": "NVD",
            "id": "CVE-2017-11320"
          }
        ]
      },
      "configurations": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/configurations#",
          "children": {
            "@container": "@list"
          },
          "cpe_match": {
            "@container": "@list"
          },
          "data": {
            "@container": "@list"
          },
          "nodes": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "CVE_data_version": "4.0",
            "nodes": [
              {
                "cpe_match": [
                  {
                    "cpe22Uri": "cpe:/o:technicolor:tc7337_firmware",
                    "vulnerable": true
                  }
                ],
                "operator": "OR"
              }
            ]
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2017-006796"
          }
        ]
      },
      "cve": "CVE-2017-11320",
      "cvss": {
        "@context": {
          "cvssV2": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
          },
          "cvssV3": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
          },
          "severity": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/cvss/severity#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/severity"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            },
            "@id": "https://www.variotdbs.pl/ref/sources"
          }
        },
        "data": [
          {
            "cvssV2": [
              {
                "accessComplexity": "MEDIUM",
                "accessVector": "NETWORK",
                "authentication": "NONE",
                "author": "nvd@nist.gov",
                "availabilityImpact": "NONE",
                "baseScore": 4.3,
                "confidentialityImpact": "NONE",
                "exploitabilityScore": 8.6,
                "id": "CVE-2017-11320",
                "impactScore": 2.9,
                "integrityImpact": "PARTIAL",
                "severity": "MEDIUM",
                "trust": 1.8,
                "vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N",
                "version": "2.0"
              },
              {
                "accessComplexity": "MEDIUM",
                "accessVector": "NETWORK",
                "authentication": "NONE",
                "author": "CNVD",
                "availabilityImpact": "NONE",
                "baseScore": 4.3,
                "confidentialityImpact": "NONE",
                "exploitabilityScore": 8.6,
                "id": "CNVD-2017-20272",
                "impactScore": 2.9,
                "integrityImpact": "PARTIAL",
                "severity": "MEDIUM",
                "trust": 0.6,
                "vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N",
                "version": "2.0"
              },
              {
                "accessComplexity": "MEDIUM",
                "accessVector": "NETWORK",
                "authentication": "NONE",
                "author": "VULHUB",
                "availabilityImpact": "NONE",
                "baseScore": 4.3,
                "confidentialityImpact": "NONE",
                "exploitabilityScore": 8.6,
                "id": "VHN-101731",
                "impactScore": 2.9,
                "integrityImpact": "PARTIAL",
                "severity": "MEDIUM",
                "trust": 0.1,
                "vectorString": "AV:N/AC:M/AU:N/C:N/I:P/A:N",
                "version": "2.0"
              }
            ],
            "cvssV3": [
              {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "author": "nvd@nist.gov",
                "availabilityImpact": "NONE",
                "baseScore": 6.1,
                "baseSeverity": "MEDIUM",
                "confidentialityImpact": "LOW",
                "exploitabilityScore": 2.8,
                "id": "CVE-2017-11320",
                "impactScore": 2.7,
                "integrityImpact": "LOW",
                "privilegesRequired": "NONE",
                "scope": "CHANGED",
                "trust": 1.8,
                "userInteraction": "REQUIRED",
                "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
                "version": "3.0"
              }
            ],
            "severity": [
              {
                "author": "nvd@nist.gov",
                "id": "CVE-2017-11320",
                "trust": 1.0,
                "value": "MEDIUM"
              },
              {
                "author": "NVD",
                "id": "CVE-2017-11320",
                "trust": 0.8,
                "value": "Medium"
              },
              {
                "author": "CNVD",
                "id": "CNVD-2017-20272",
                "trust": 0.6,
                "value": "MEDIUM"
              },
              {
                "author": "CNNVD",
                "id": "CNNVD-201707-642",
                "trust": 0.6,
                "value": "MEDIUM"
              },
              {
                "author": "VULHUB",
                "id": "VHN-101731",
                "trust": 0.1,
                "value": "MEDIUM"
              }
            ]
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2017-20272"
          },
          {
            "db": "VULHUB",
            "id": "VHN-101731"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2017-006796"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201707-642"
          },
          {
            "db": "NVD",
            "id": "CVE-2017-11320"
          }
        ]
      },
      "description": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/description#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "Persistent XSS through the SSID of nearby Wi-Fi devices on Technicolor TC7337 routers 08.89.17.20.00 allows an attacker to cause DNS Poisoning and steal credentials from the router. Technicolor TC7337 The router contains a cross-site scripting vulnerability.Information may be obtained and information may be altered. TechnicolorTC7337routers is a wireless router from Technicolor, France",
        "sources": [
          {
            "db": "NVD",
            "id": "CVE-2017-11320"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2017-006796"
          },
          {
            "db": "CNVD",
            "id": "CNVD-2017-20272"
          },
          {
            "db": "VULHUB",
            "id": "VHN-101731"
          }
        ],
        "trust": 2.25
      },
      "exploit_availability": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/exploit_availability#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "reference": "https://www.scap.org.cn/vuln/vhn-101731",
            "trust": 0.1,
            "type": "unknown"
          }
        ],
        "sources": [
          {
            "db": "VULHUB",
            "id": "VHN-101731"
          }
        ]
      },
      "external_ids": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/external_ids#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "db": "NVD",
            "id": "CVE-2017-11320",
            "trust": 3.2
          },
          {
            "db": "EXPLOIT-DB",
            "id": "42427",
            "trust": 1.1
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2017-006796",
            "trust": 0.8
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201707-642",
            "trust": 0.7
          },
          {
            "db": "CNVD",
            "id": "CNVD-2017-20272",
            "trust": 0.6
          },
          {
            "db": "OTHER",
            "id": "NONE",
            "trust": 0.1
          },
          {
            "db": "PACKETSTORM",
            "id": "143637",
            "trust": 0.1
          },
          {
            "db": "VULHUB",
            "id": "VHN-101731",
            "trust": 0.1
          }
        ],
        "sources": [
          {
            "db": "OTHER",
            "id": null
          },
          {
            "db": "CNVD",
            "id": "CNVD-2017-20272"
          },
          {
            "db": "VULHUB",
            "id": "VHN-101731"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2017-006796"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201707-642"
          },
          {
            "db": "NVD",
            "id": "CVE-2017-11320"
          }
        ]
      },
      "id": "VAR-201708-0816",
      "iot": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/iot#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": true,
        "sources": [
          {
            "db": "OTHER",
            "id": null
          },
          {
            "db": "CNVD",
            "id": "CNVD-2017-20272"
          },
          {
            "db": "VULHUB",
            "id": "VHN-101731"
          }
        ],
        "trust": 1.8
      },
      "iot_taxonomy": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "category": [
              "Network device"
            ],
            "sub_category": null,
            "trust": 0.6
          },
          {
            "category": [
              "network device"
            ],
            "sub_category": "router",
            "trust": 0.1
          }
        ],
        "sources": [
          {
            "db": "OTHER",
            "id": null
          },
          {
            "db": "CNVD",
            "id": "CNVD-2017-20272"
          }
        ]
      },
      "last_update_date": "2025-04-20T19:43:00.402000Z",
      "patch": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/patch#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "title": "Top Page",
            "trust": 0.8,
            "url": "http://www.technicolor.com/"
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2017-006796"
          }
        ]
      },
      "problemtype_data": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "problemtype": "CWE-79",
            "trust": 1.9
          }
        ],
        "sources": [
          {
            "db": "VULHUB",
            "id": "VHN-101731"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2017-006796"
          },
          {
            "db": "NVD",
            "id": "CVE-2017-11320"
          }
        ]
      },
      "references": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/references#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "trust": 3.1,
            "url": "http://seclists.org/fulldisclosure/2017/aug/3"
          },
          {
            "trust": 1.1,
            "url": "https://www.exploit-db.com/exploits/42427/"
          },
          {
            "trust": 0.8,
            "url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2017-11320"
          },
          {
            "trust": 0.8,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2017-11320"
          },
          {
            "trust": 0.1,
            "url": "https://ieeexplore.ieee.org/abstract/document/10769424"
          }
        ],
        "sources": [
          {
            "db": "OTHER",
            "id": null
          },
          {
            "db": "CNVD",
            "id": "CNVD-2017-20272"
          },
          {
            "db": "VULHUB",
            "id": "VHN-101731"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2017-006796"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201707-642"
          },
          {
            "db": "NVD",
            "id": "CVE-2017-11320"
          }
        ]
      },
      "sources": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "db": "OTHER",
            "id": null
          },
          {
            "db": "CNVD",
            "id": "CNVD-2017-20272"
          },
          {
            "db": "VULHUB",
            "id": "VHN-101731"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2017-006796"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201707-642"
          },
          {
            "db": "NVD",
            "id": "CVE-2017-11320"
          }
        ]
      },
      "sources_release_date": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "date": "2017-08-10T00:00:00",
            "db": "CNVD",
            "id": "CNVD-2017-20272"
          },
          {
            "date": "2017-08-03T00:00:00",
            "db": "VULHUB",
            "id": "VHN-101731"
          },
          {
            "date": "2017-09-04T00:00:00",
            "db": "JVNDB",
            "id": "JVNDB-2017-006796"
          },
          {
            "date": "2017-07-17T00:00:00",
            "db": "CNNVD",
            "id": "CNNVD-201707-642"
          },
          {
            "date": "2017-08-03T08:29:00.227000",
            "db": "NVD",
            "id": "CVE-2017-11320"
          }
        ]
      },
      "sources_update_date": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "date": "2017-08-10T00:00:00",
            "db": "CNVD",
            "id": "CNVD-2017-20272"
          },
          {
            "date": "2017-08-12T00:00:00",
            "db": "VULHUB",
            "id": "VHN-101731"
          },
          {
            "date": "2017-09-04T00:00:00",
            "db": "JVNDB",
            "id": "JVNDB-2017-006796"
          },
          {
            "date": "2017-08-04T00:00:00",
            "db": "CNNVD",
            "id": "CNNVD-201707-642"
          },
          {
            "date": "2025-04-20T01:37:25.860000",
            "db": "NVD",
            "id": "CVE-2017-11320"
          }
        ]
      },
      "threat_type": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/threat_type#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "remote",
        "sources": [
          {
            "db": "CNNVD",
            "id": "CNNVD-201707-642"
          }
        ],
        "trust": 0.6
      },
      "title": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/title#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "Technicolor TC7337 Router cross-site scripting vulnerability",
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2017-006796"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201707-642"
          }
        ],
        "trust": 1.4
      },
      "type": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/type#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "XSS",
        "sources": [
          {
            "db": "CNNVD",
            "id": "CNNVD-201707-642"
          }
        ],
        "trust": 0.6
      }
    }

    VAR-201710-0975

    Vulnerability from variot - Updated: 2025-04-20 19:33

    Wi-Fi Protected Access (WPA and WPA2) that support 802.11v allows reinstallation of the Integrity Group Temporal Key (IGTK) when processing a Wireless Network Management (WNM) Sleep Mode Response frame, allowing an attacker within radio range to replay frames from access points to clients. An attacker within range of an affected AP and client may leverage these vulnerabilities to conduct attacks that are dependent on the data confidentiality protocols being used. Attacks may include arbitrary packet decryption and injection, TCP connection hijacking, HTTP content injection, or the replay of unicast and group-addressed frames. These vulnerabilities are referred to as Key Reinstallation Attacks or "KRACK" attacks. WPA (Wi-Fi Protected Access) is a system that protects wireless computer networks (Wi-Fi). The WIG2 wireless network sleep mode has an IGTK key complete reload vulnerability. WPA2 is prone to multiple security weaknesses. Exploiting these issues may allow an unauthorized user to intercept and manipulate data or disclose sensitive information. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1

    ===================================================================== Red Hat Security Advisory

    Synopsis: Important: wpa_supplicant security update Advisory ID: RHSA-2017:2907-01 Product: Red Hat Enterprise Linux Advisory URL: https://access.redhat.com/errata/RHSA-2017:2907 Issue date: 2017-10-17 CVE Names: CVE-2017-13077 CVE-2017-13078 CVE-2017-13080 CVE-2017-13082 CVE-2017-13086 CVE-2017-13087 CVE-2017-13088 =====================================================================

    1. Summary:

    An update for wpa_supplicant is now available for Red Hat Enterprise Linux 7.

    Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. Relevant releases/architectures:

    Red Hat Enterprise Linux Client (v. 7) - x86_64 Red Hat Enterprise Linux ComputeNode (v. 7) - x86_64 Red Hat Enterprise Linux Server (v. 7) - aarch64, ppc64, ppc64le, s390x, x86_64 Red Hat Enterprise Linux Workstation (v. 7) - x86_64

    1. Description:

    The wpa_supplicant packages contain an 802.1X Supplicant with support for WEP, WPA, WPA2 (IEEE 802.11i / RSN), and various EAP authentication methods. They implement key negotiation with a WPA Authenticator for client stations and controls the roaming and IEEE 802.11 authentication and association of the WLAN driver. A remote attacker within Wi-Fi range could exploit these attacks to decrypt Wi-Fi traffic or possibly inject forged Wi-Fi packets by manipulating cryptographic handshakes used by the WPA2 protocol. (CVE-2017-13077, CVE-2017-13078, CVE-2017-13080, CVE-2017-13082, CVE-2017-13086, CVE-2017-13087, CVE-2017-13088)

    Red Hat would like to thank CERT for reporting these issues. Upstream acknowledges Mathy Vanhoef (University of Leuven) as the original reporter of these issues. Solution:

    For details on how to apply this update, which includes the changes described in this advisory, refer to:

    https://access.redhat.com/articles/11258

    1. Package List:

    Red Hat Enterprise Linux Client (v. 7):

    Source: wpa_supplicant-2.6-5.el7_4.1.src.rpm

    x86_64: wpa_supplicant-2.6-5.el7_4.1.x86_64.rpm wpa_supplicant-debuginfo-2.6-5.el7_4.1.x86_64.rpm

    Red Hat Enterprise Linux ComputeNode (v. 7):

    Source: wpa_supplicant-2.6-5.el7_4.1.src.rpm

    x86_64: wpa_supplicant-2.6-5.el7_4.1.x86_64.rpm wpa_supplicant-debuginfo-2.6-5.el7_4.1.x86_64.rpm

    Red Hat Enterprise Linux Server (v. 7):

    Source: wpa_supplicant-2.6-5.el7_4.1.src.rpm

    aarch64: wpa_supplicant-2.6-5.el7_4.1.aarch64.rpm wpa_supplicant-debuginfo-2.6-5.el7_4.1.aarch64.rpm

    ppc64: wpa_supplicant-2.6-5.el7_4.1.ppc64.rpm wpa_supplicant-debuginfo-2.6-5.el7_4.1.ppc64.rpm

    ppc64le: wpa_supplicant-2.6-5.el7_4.1.ppc64le.rpm wpa_supplicant-debuginfo-2.6-5.el7_4.1.ppc64le.rpm

    s390x: wpa_supplicant-2.6-5.el7_4.1.s390x.rpm wpa_supplicant-debuginfo-2.6-5.el7_4.1.s390x.rpm

    x86_64: wpa_supplicant-2.6-5.el7_4.1.x86_64.rpm wpa_supplicant-debuginfo-2.6-5.el7_4.1.x86_64.rpm

    Red Hat Enterprise Linux Workstation (v. 7):

    Source: wpa_supplicant-2.6-5.el7_4.1.src.rpm

    x86_64: wpa_supplicant-2.6-5.el7_4.1.x86_64.rpm wpa_supplicant-debuginfo-2.6-5.el7_4.1.x86_64.rpm

    These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key/

    1. References:

    https://access.redhat.com/security/cve/CVE-2017-13077 https://access.redhat.com/security/cve/CVE-2017-13078 https://access.redhat.com/security/cve/CVE-2017-13080 https://access.redhat.com/security/cve/CVE-2017-13082 https://access.redhat.com/security/cve/CVE-2017-13086 https://access.redhat.com/security/cve/CVE-2017-13087 https://access.redhat.com/security/cve/CVE-2017-13088 https://access.redhat.com/security/updates/classification/#important https://access.redhat.com/security/vulnerabilities/kracks

    1. Contact:

    The Red Hat security contact is secalert@redhat.com. More contact details at https://access.redhat.com/security/team/contact/

    Copyright 2017 Red Hat, Inc. Those vulnerabilities applies to both the access point (implemented in hostapd) and the station (implemented in wpa_supplicant).

    An attacker exploiting the vulnerabilities could force the vulnerable system to reuse cryptographic session keys, enabling a range of cryptographic attacks against the ciphers used in WPA1 and WPA2.

    For the stable distribution (stretch), these problems have been fixed in version 2:2.4-1+deb9u1.

    For the testing distribution (buster), these problems have been fixed in version 2:2.4-1.1.

    For the unstable distribution (sid), these problems have been fixed in version 2:2.4-1.1.

    We recommend that you upgrade your wpa packages. ========================================================================== Ubuntu Security Notice USN-3455-1 October 16, 2017

    wpa vulnerabilities

    A security issue affects these releases of Ubuntu and its derivatives:

    • Ubuntu 17.04
    • Ubuntu 16.04 LTS
    • Ubuntu 14.04 LTS

    Summary:

    Several security issues were fixed in wpa_supplicant.

    Software Description: - wpa: client support for WPA and WPA2

    Details:

    Mathy Vanhoef discovered that wpa_supplicant and hostapd incorrectly handled WPA2. (CVE-2017-13077, CVE-2017-13078, CVE-2017-13079, CVE-2017-13080, CVE-2017-13081, CVE-2017-13082, CVE-2017-13086, CVE-2017-13087, CVE-2017-13088)

    Imre Rad discovered that wpa_supplicant and hostapd incorrectly handled invalid characters in passphrase parameters. A remote attacker could use this issue to cause a denial of service. (CVE-2016-4476)

    Imre Rad discovered that wpa_supplicant and hostapd incorrectly handled invalid characters in passphrase parameters. A local attacker could use this issue to cause a denial of service, or possibly execute arbitrary code. (CVE-2016-4477)

    Update instructions:

    The problem can be corrected by updating your system to the following package versions:

    Ubuntu 17.04: hostapd 2.4-0ubuntu9.1 wpasupplicant 2.4-0ubuntu9.1

    Ubuntu 16.04 LTS: hostapd 2.4-0ubuntu6.2 wpasupplicant 2.4-0ubuntu6.2

    Ubuntu 14.04 LTS: hostapd 2.1-0ubuntu1.5 wpasupplicant 2.1-0ubuntu1.5

    After a standard system update you need to reboot your computer to make all the necessary changes.

    Here are the details from the Slackware 14.2 ChangeLog: +--------------------------+ patches/packages/wpa_supplicant-2.6-i586-1_slack14.2.txz: Upgraded. This update includes patches to mitigate the WPA2 protocol issues known as "KRACK" (Key Reinstallation AttaCK), which may be used to decrypt data, hijack TCP connections, and to forge and inject packets. CVE-2017-13082: Accepting a retransmitted Fast BSS Transition (FT) Reassociation Request and reinstalling the pairwise encryption key (PTK-TK) while processing it. For more information, see: https://www.krackattacks.com/ https://w1.fi/security/2017-1/wpa-packet-number-reuse-with-replayed-messages.txt https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-13077 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-13078 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-13079 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-13080 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-13081 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-13082 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-13084 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-13086 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-13087 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-13088 ( Security fix ) +--------------------------+

    Where to find the new packages: +-----------------------------+

    Thanks to the friendly folks at the OSU Open Source Lab (http://osuosl.org) for donating FTP and rsync hosting to the Slackware project! :-)

    Also see the "Get Slack" section on http://slackware.com for additional mirror sites near you.

    Updated package for Slackware 14.0: ftp://ftp.slackware.com/pub/slackware/slackware-14.0/patches/packages/wpa_supplicant-2.6-i486-1_slack14.0.txz

    Updated package for Slackware x86_64 14.0: ftp://ftp.slackware.com/pub/slackware/slackware64-14.0/patches/packages/wpa_supplicant-2.6-x86_64-1_slack14.0.txz

    Updated package for Slackware 14.1: ftp://ftp.slackware.com/pub/slackware/slackware-14.1/patches/packages/wpa_supplicant-2.6-i486-1_slack14.1.txz

    Updated package for Slackware x86_64 14.1: ftp://ftp.slackware.com/pub/slackware/slackware64-14.1/patches/packages/wpa_supplicant-2.6-x86_64-1_slack14.1.txz

    Updated package for Slackware 14.2: ftp://ftp.slackware.com/pub/slackware/slackware-14.2/patches/packages/wpa_supplicant-2.6-i586-1_slack14.2.txz

    Updated package for Slackware x86_64 14.2: ftp://ftp.slackware.com/pub/slackware/slackware64-14.2/patches/packages/wpa_supplicant-2.6-x86_64-1_slack14.2.txz

    Updated package for Slackware -current: ftp://ftp.slackware.com/pub/slackware/slackware-current/slackware/n/wpa_supplicant-2.6-i586-2.txz

    Updated package for Slackware x86_64 -current: ftp://ftp.slackware.com/pub/slackware/slackware64-current/slackware64/n/wpa_supplicant-2.6-x86_64-2.txz

    MD5 signatures: +-------------+

    Slackware 14.0 package: d8ecfaadb50b3547967ab53733ffc019 wpa_supplicant-2.6-i486-1_slack14.0.txz

    Slackware x86_64 14.0 package: f25216d28800504ce498705da7c9a825 wpa_supplicant-2.6-x86_64-1_slack14.0.txz

    Slackware 14.1 package: 15c61050e4bab2581757befd86be74c0 wpa_supplicant-2.6-i486-1_slack14.1.txz

    Slackware x86_64 14.1 package: 49fd537a520338744f7757615556d352 wpa_supplicant-2.6-x86_64-1_slack14.1.txz

    Slackware 14.2 package: c5539f40c8510af89be92945f0f80185 wpa_supplicant-2.6-i586-1_slack14.2.txz

    Slackware x86_64 14.2 package: 4c527ff84fcdfd7839f217bbce2e4ae4 wpa_supplicant-2.6-x86_64-1_slack14.2.txz

    Slackware -current package: 28bd88a54e96368f7a7020c1f5fb67fe n/wpa_supplicant-2.6-i586-2.txz

    Slackware x86_64 -current package: 464fc6b48d1ac077f47e9a3a8534c160 n/wpa_supplicant-2.6-x86_64-2.txz

    Installation instructions: +------------------------+

    Upgrade the package as root:

    upgradepkg wpa_supplicant-2.6-i586-1_slack14.2.txz

    +-----+

    Slackware Linux Security Team http://slackware.com/gpg-key security@slackware.com

    +------------------------------------------------------------------------+ | To leave the slackware-security mailing list: | +------------------------------------------------------------------------+ | Send an email to majordomo@slackware.com with this text in the body of | | the email message: | | | | unsubscribe slackware-security | | | | You will get a confirmation message back containing instructions to | | complete the process. Please do not reply to this email address. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512

    ============================================================================= FreeBSD-SA-17:07.wpa Security Advisory The FreeBSD Project

    Topic: WPA2 protocol vulnerability

    Category: contrib Module: wpa Announced: 2017-10-16 Credits: Mathy Vanhoef Affects: All supported versions of FreeBSD. Corrected: 2017-10-17 17:30:18 UTC (stable/11, 11.1-STABLE) 2017-10-17 17:57:18 UTC (releng/11.1, 11.1-RELEASE-p2) 2017-10-17 17:56:03 UTC (releng/11.0, 11.0-RELEASE-p13) 2017-10-19 03:18:22 UTC (stable/10, 10.4-STABLE) 2017-10-19 03:20:17 UTC (releng/10.4, 10.4-RELEASE-p1) 2017-10-19 03:19:42 UTC (releng/10.3, 10.3-RELEASE-p22) CVE Name: CVE-2017-13077, CVE-2017-13078, CVE-2017-13079, CVE-2017-13080, CVE-2017-13081, CVE-2017-13082, CVE-2017-13086, CVE-2017-13087, CVE-2017-13088

    For general information regarding FreeBSD Security Advisories, including descriptions of the fields above, security branches, and the following sections, please visit .

    1. Revision history

    v1.0 2017-10-17 Initial release. v1.1 2017-10-19 Add patches for 10.x releases.

    I.

    hostapd and wpa_supplicant are implementations of user space daemon for access points and wireless client that implements the WPA2 protocol.

    II. Problem Description

    A vulnerability was found in how a number of implementations can be triggered to reconfigure WPA/WPA2/RSN keys (TK, GTK, or IGTK) by replaying a specific frame that is used to manage the keys.

    III. Impact

    Such reinstallation of the encryption key can result in two different types of vulnerabilities: disabling replay protection and significantly reducing the security of encryption to the point of allowing frames to be decrypted or some parts of the keys to be determined by an attacker depending on which cipher is used.

    IV. Workaround

    An updated version of wpa_supplicant is available in the FreeBSD Ports Collection. Install version 2.6_2 or later of the security/wpa_supplicant port/pkg. Once installed, update /etc/rc.conf to use the new binary:

    wpa_supplicant_program="/usr/local/sbin/wpa_supplicant"

    and restart networking.

    An updated version of hostapd is available in the FreeBSD Ports Collection. Install version 2.6_1 or later of the net/hostapd port/pkg. Once installed, update /etc/rc.conf to use the new binary:

    hostapd_program="/usr/local/sbin/hostapd"

    and restart hostapd.

    V. Solution

    Perform one of the following:

    1) Upgrade your vulnerable system to a supported FreeBSD stable or release / security branch (releng) dated after the correction date.

    Restart the Wi-Fi network interfaces/hostapd or reboot the system.

    2) To update your vulnerable system via a binary patch:

    Systems running a RELEASE version of FreeBSD on the i386 or amd64 platforms can be updated via the freebsd-update(8) utility:

    freebsd-update fetch

    freebsd-update install

    Restart the Wi-Fi network interfaces/hostapd or reboot the system.

    3) To update your vulnerable system via a source code patch:

    The following patches have been verified to apply to the applicable FreeBSD release branches.

    a) Download the relevant patch from the location below, and verify the detached PGP signature using your PGP utility.

    [FreeBSD 11.0-RELEASE, 11.1-RELEASE, and 11-STABLE]

    fetch https://security.FreeBSD.org/patches/SA-17:07/wpa-11.patch

    fetch https://security.FreeBSD.org/patches/SA-17:07/wpa-11.patch.asc

    gpg --verify wpa-11.patch.asc

    [FreeBSD 10.3-RELEASE, 10.4-RELEASE, and 10-STABLE]

    fetch https://security.FreeBSD.org/patches/SA-17:07/wpa-10.patch

    fetch https://security.FreeBSD.org/patches/SA-17:07/wpa-10.patch.asc

    gpg --verify wpa-10.patch.asc

    b) Apply the patch. Execute the following commands as root:

    cd /usr/src

    patch < /path/to/patch

    c) Recompile the operating system using buildworld and installworld as described in .

    Restart the applicable daemons, or reboot the system.

    VI. Correction details

    The following list contains the correction revision numbers for each affected branch.

    Branch/path Revision


    stable/11/ r324697 releng/11.0/ r324698 releng/11.1/ r324699 stable/10/ r324739 releng/10.3/ r324740 releng/10.4/ r324741


    To see which files were modified by a particular revision, run the following command, replacing NNNNNN with the revision number, on a machine with Subversion installed:

    svn diff -cNNNNNN --summarize svn://svn.freebsd.org/base

    Or visit the following URL, replacing NNNNNN with the revision number:

    VII. References

    The latest revision of this advisory is available at -----BEGIN PGP SIGNATURE-----

    iQKTBAEBCgB9FiEEHPf/b631yp++G4yy7Wfs1l3PaucFAlnoGpNfFIAAAAAALgAo aXNzdWVyLWZwckBub3RhdGlvbnMub3BlbnBncC5maWZ0aGhvcnNlbWFuLm5ldDFD RjdGRjZGQURGNUNBOUZCRTFCOENCMkVENjdFQ0Q2NURDRjZBRTcACgkQ7Wfs1l3P auc7WBAAm27w+fujv5sJsRxauUMopTVtRh5utwbDuoHTP+L+RCWmQfVBmueNQ0gf uJzMNxBIkbtY9LvyukpRsH3iD7mh26c0pd9rxxkkr4F96C9B5+W0amxJF1gdm54/ F/50FpY+lo7cNs5tiBjypPrg8UOBBI/1G4XR7130XC0HjaTwt1ngZ0oQUWUMSsIp gN5ZfPul81WPWd1NqF+vyObcJhwq/Y1uoexoO27o7GQCFZoL3enZy8c4f1xqMlVM 4HHkTgNGac6E0aW+ArH4J0DFFAOJXPqF8rdt+9XINfoBbtliIyOixJ4oh1n6eAR0 VpBWZKFNyXSlUKIvDGa+LDhxgL1jJXV0ABSyKlUOijdmr3bbbiQE9MW/MNv2AFTd OAFQ0QQtm9KCWp5JLh+FPIb/kR2l7MOUP+yz4zFcJpdGtl9tDLyPN8vRTq60bY8O y7tBcf/SMqkd/AIFdchL4zrOguKnRARydIlwTarp8wtAQI3MKSsa1B0wgsDtlL6K xfdjnwWMKvKKlNOW16e1WXXO0n/ucHV4njBE+bGPro3jLgXP2/WFZpIGAR3I4xrr SdD4AxSNiR9f3bL7LRfMIbugJAylWNSlTLWUOVUv0/ONh85LqbcCj13NI230B64K ETx2QOZgKnCs2oDNiw4aQHb7kvi2w94Iw/R1sAPkkxYJWO3reyE= =h/5q -----END PGP SIGNATURE-----

    Show details on source website

    {
      "@context": {
        "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
        "affected_products": {
          "@id": "https://www.variotdbs.pl/ref/affected_products"
        },
        "configurations": {
          "@id": "https://www.variotdbs.pl/ref/configurations"
        },
        "credits": {
          "@id": "https://www.variotdbs.pl/ref/credits"
        },
        "cvss": {
          "@id": "https://www.variotdbs.pl/ref/cvss/"
        },
        "description": {
          "@id": "https://www.variotdbs.pl/ref/description/"
        },
        "exploit_availability": {
          "@id": "https://www.variotdbs.pl/ref/exploit_availability/"
        },
        "external_ids": {
          "@id": "https://www.variotdbs.pl/ref/external_ids/"
        },
        "iot": {
          "@id": "https://www.variotdbs.pl/ref/iot/"
        },
        "iot_taxonomy": {
          "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
        },
        "patch": {
          "@id": "https://www.variotdbs.pl/ref/patch/"
        },
        "problemtype_data": {
          "@id": "https://www.variotdbs.pl/ref/problemtype_data/"
        },
        "references": {
          "@id": "https://www.variotdbs.pl/ref/references/"
        },
        "sources": {
          "@id": "https://www.variotdbs.pl/ref/sources/"
        },
        "sources_release_date": {
          "@id": "https://www.variotdbs.pl/ref/sources_release_date/"
        },
        "sources_update_date": {
          "@id": "https://www.variotdbs.pl/ref/sources_update_date/"
        },
        "threat_type": {
          "@id": "https://www.variotdbs.pl/ref/threat_type/"
        },
        "title": {
          "@id": "https://www.variotdbs.pl/ref/title/"
        },
        "type": {
          "@id": "https://www.variotdbs.pl/ref/type/"
        }
      },
      "@id": "https://www.variotdbs.pl/vuln/VAR-201710-0975",
      "affected_products": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/affected_products#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            },
            "@id": "https://www.variotdbs.pl/ref/sources"
          }
        },
        "data": [
          {
            "model": "linux enterprise point of sale",
            "scope": "eq",
            "trust": 1.6,
            "vendor": "suse",
            "version": "11"
          },
          {
            "model": "linux enterprise server",
            "scope": "eq",
            "trust": 1.6,
            "vendor": "suse",
            "version": "11"
          },
          {
            "model": "openstack cloud",
            "scope": "eq",
            "trust": 1.6,
            "vendor": "suse",
            "version": "6"
          },
          {
            "model": "linux enterprise desktop",
            "scope": "eq",
            "trust": 1.6,
            "vendor": "suse",
            "version": "12"
          },
          {
            "model": "linux enterprise server",
            "scope": "eq",
            "trust": 1.6,
            "vendor": "suse",
            "version": "12"
          },
          {
            "model": "enterprise linux desktop",
            "scope": "eq",
            "trust": 1.3,
            "vendor": "redhat",
            "version": "7"
          },
          {
            "model": "enterprise linux server",
            "scope": "eq",
            "trust": 1.3,
            "vendor": "redhat",
            "version": "7"
          },
          {
            "model": "wpa supplicant",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "w1 fi",
            "version": "0.6.9"
          },
          {
            "model": "wpa supplicant",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "w1 fi",
            "version": "0.2.5"
          },
          {
            "model": "hostapd",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "w1 fi",
            "version": "1.1"
          },
          {
            "model": "linux",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "debian",
            "version": "9.0"
          },
          {
            "model": "hostapd",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "w1 fi",
            "version": "0.6.8"
          },
          {
            "model": "hostapd",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "w1 fi",
            "version": "2.0"
          },
          {
            "model": "hostapd",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "w1 fi",
            "version": "0.6.9"
          },
          {
            "model": "ubuntu linux",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "canonical",
            "version": "14.04"
          },
          {
            "model": "hostapd",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "w1 fi",
            "version": "0.2.5"
          },
          {
            "model": "wpa supplicant",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "w1 fi",
            "version": "0.4.9"
          },
          {
            "model": "hostapd",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "w1 fi",
            "version": "0.3.9"
          },
          {
            "model": "wpa supplicant",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "w1 fi",
            "version": "0.4.10"
          },
          {
            "model": "wpa supplicant",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "w1 fi",
            "version": "0.3.11"
          },
          {
            "model": "wpa supplicant",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "w1 fi",
            "version": "0.2.7"
          },
          {
            "model": "freebsd",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "freebsd",
            "version": "*"
          },
          {
            "model": "wpa supplicant",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "w1 fi",
            "version": "0.4.11"
          },
          {
            "model": "wpa supplicant",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "w1 fi",
            "version": "0.3.8"
          },
          {
            "model": "hostapd",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "w1 fi",
            "version": "0.4.9"
          },
          {
            "model": "wpa supplicant",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "w1 fi",
            "version": "0.2.6"
          },
          {
            "model": "freebsd",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "freebsd",
            "version": "10"
          },
          {
            "model": "hostapd",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "w1 fi",
            "version": "0.4.10"
          },
          {
            "model": "linux",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "debian",
            "version": "8.0"
          },
          {
            "model": "hostapd",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "w1 fi",
            "version": "0.3.11"
          },
          {
            "model": "wpa supplicant",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "w1 fi",
            "version": "2.2"
          },
          {
            "model": "hostapd",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "w1 fi",
            "version": "0.4.11"
          },
          {
            "model": "wpa supplicant",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "w1 fi",
            "version": "0.5.7"
          },
          {
            "model": "hostapd",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "w1 fi",
            "version": "0.2.6"
          },
          {
            "model": "hostapd",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "w1 fi",
            "version": "2.5"
          },
          {
            "model": "wpa supplicant",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "w1 fi",
            "version": "2.4"
          },
          {
            "model": "wpa supplicant",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "w1 fi",
            "version": "0.5.8"
          },
          {
            "model": "wpa supplicant",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "w1 fi",
            "version": "0.3.7"
          },
          {
            "model": "wpa supplicant",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "w1 fi",
            "version": "1.1"
          },
          {
            "model": "wpa supplicant",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "w1 fi",
            "version": "0.6.10"
          },
          {
            "model": "hostapd",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "w1 fi",
            "version": "0.5.7"
          },
          {
            "model": "wpa supplicant",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "w1 fi",
            "version": "0.7.3"
          },
          {
            "model": "wpa supplicant",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "w1 fi",
            "version": "1.0"
          },
          {
            "model": "hostapd",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "w1 fi",
            "version": "2.4"
          },
          {
            "model": "hostapd",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "w1 fi",
            "version": "0.5.8"
          },
          {
            "model": "wpa supplicant",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "w1 fi",
            "version": "2.6"
          },
          {
            "model": "hostapd",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "w1 fi",
            "version": "0.3.7"
          },
          {
            "model": "hostapd",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "w1 fi",
            "version": "0.6.10"
          },
          {
            "model": "wpa supplicant",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "w1 fi",
            "version": "0.2.8"
          },
          {
            "model": "hostapd",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "w1 fi",
            "version": "0.7.3"
          },
          {
            "model": "freebsd",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "freebsd",
            "version": "11.1"
          },
          {
            "model": "hostapd",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "w1 fi",
            "version": "1.0"
          },
          {
            "model": "wpa supplicant",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "w1 fi",
            "version": "0.3.9"
          },
          {
            "model": "hostapd",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "w1 fi",
            "version": "2.6"
          },
          {
            "model": "wpa supplicant",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "w1 fi",
            "version": "0.2.4"
          },
          {
            "model": "wpa supplicant",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "w1 fi",
            "version": "0.3.10"
          },
          {
            "model": "wpa supplicant",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "w1 fi",
            "version": "0.5.10"
          },
          {
            "model": "wpa supplicant",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "w1 fi",
            "version": "0.5.9"
          },
          {
            "model": "wpa supplicant",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "w1 fi",
            "version": "2.1"
          },
          {
            "model": "hostapd",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "w1 fi",
            "version": "0.2.8"
          },
          {
            "model": "leap",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "opensuse",
            "version": "42.2"
          },
          {
            "model": "wpa supplicant",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "w1 fi",
            "version": "0.4.7"
          },
          {
            "model": "ubuntu linux",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "canonical",
            "version": "17.04"
          },
          {
            "model": "hostapd",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "w1 fi",
            "version": "0.2.4"
          },
          {
            "model": "hostapd",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "w1 fi",
            "version": "0.3.10"
          },
          {
            "model": "wpa supplicant",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "w1 fi",
            "version": "2.3"
          },
          {
            "model": "freebsd",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "freebsd",
            "version": "10.4"
          },
          {
            "model": "hostapd",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "w1 fi",
            "version": "0.5.10"
          },
          {
            "model": "hostapd",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "w1 fi",
            "version": "0.5.9"
          },
          {
            "model": "hostapd",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "w1 fi",
            "version": "2.1"
          },
          {
            "model": "wpa supplicant",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "w1 fi",
            "version": "0.5.11"
          },
          {
            "model": "wpa supplicant",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "w1 fi",
            "version": "2.5"
          },
          {
            "model": "hostapd",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "w1 fi",
            "version": "0.4.7"
          },
          {
            "model": "hostapd",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "w1 fi",
            "version": "2.3"
          },
          {
            "model": "wpa supplicant",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "w1 fi",
            "version": "0.4.8"
          },
          {
            "model": "hostapd",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "w1 fi",
            "version": "0.5.11"
          },
          {
            "model": "ubuntu linux",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "canonical",
            "version": "16.04"
          },
          {
            "model": "hostapd",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "w1 fi",
            "version": "2.2"
          },
          {
            "model": "wpa supplicant",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "w1 fi",
            "version": "0.6.8"
          },
          {
            "model": "freebsd",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "freebsd",
            "version": "11"
          },
          {
            "model": "hostapd",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "w1 fi",
            "version": "0.4.8"
          },
          {
            "model": "wpa supplicant",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "w1 fi",
            "version": "2.0"
          },
          {
            "model": "leap",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "opensuse",
            "version": "42.3"
          },
          {
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "9front",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "adtran",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "avm",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "actiontec",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "aerohive",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "alcatel lucent",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "android open source",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "apple",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "arch linux",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "aruba",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "asustek computer",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "barracuda",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "broadcom",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "cambium",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "centos",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "cisco",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "cradlepoint",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "cypress semiconductor",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "d link",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "debian gnu linux",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "dell",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "digi",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "draytek",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "edimax computer",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "engenius",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "endian",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "espressif",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "extreme",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "f secure",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "fedora",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "fortinet",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "freebsd",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "gentoo linux",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "google",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "hewlett packard",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "hostap",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "ipfire",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "intel",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "juniper",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "lancom",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "lede",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "lifx",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "lenovo",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "microchip",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "microsoft",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "mojo",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "nest",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "netbsd",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "netgear",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "opnsense",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "omnirom",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "open mesh",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "openbsd",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "peplink",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "red hat",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "riverbed",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "rockwell automation",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "ruckus",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "suse linux",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "samsung mobile",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "sierra",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "slackware linux",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "sonos",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "sony",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "sophos",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "synology",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "tp link",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "technicolor",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "texas instruments",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "toshiba commerce",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "toshiba electronic devices storage",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "toshiba memory",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "turris omnia",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "ubiquiti",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "ubuntu",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "volumio",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "watchguard",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "xiaomi",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "xirrus",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "zebra",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "zyxel",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "dd wrt",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "eero",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "pfsense",
            "version": null
          },
          {
            "model": "ubuntu",
            "scope": null,
            "trust": 0.8,
            "vendor": "canonical",
            "version": null
          },
          {
            "model": "gnu/linux",
            "scope": null,
            "trust": 0.8,
            "vendor": "debian",
            "version": null
          },
          {
            "model": "freebsd",
            "scope": null,
            "trust": 0.8,
            "vendor": "freebsd",
            "version": null
          },
          {
            "model": "leap",
            "scope": null,
            "trust": 0.8,
            "vendor": "opensuse",
            "version": null
          },
          {
            "model": "linux enterprise desktop",
            "scope": null,
            "trust": 0.8,
            "vendor": "suse",
            "version": null
          },
          {
            "model": "linux enterprise point of sale",
            "scope": null,
            "trust": 0.8,
            "vendor": "suse",
            "version": null
          },
          {
            "model": "linux enterprise server",
            "scope": null,
            "trust": 0.8,
            "vendor": "suse",
            "version": null
          },
          {
            "model": "openstack cloud",
            "scope": null,
            "trust": 0.8,
            "vendor": "suse",
            "version": null
          },
          {
            "model": "hostapd",
            "scope": null,
            "trust": 0.8,
            "vendor": "w1 fi",
            "version": null
          },
          {
            "model": "wpa supplicant",
            "scope": null,
            "trust": 0.8,
            "vendor": "w1 fi",
            "version": null
          },
          {
            "model": "enterprise linux desktop",
            "scope": null,
            "trust": 0.8,
            "vendor": "red hat",
            "version": null
          },
          {
            "model": "enterprise linux server",
            "scope": null,
            "trust": 0.8,
            "vendor": "red hat",
            "version": null
          },
          {
            "model": "edge gateway",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "nec",
            "version": null
          },
          {
            "model": "sr-m20ac1",
            "scope": "lte",
            "trust": 0.8,
            "vendor": "fujitsu",
            "version": "v02.10"
          },
          {
            "model": "sr-m20ac2",
            "scope": "lte",
            "trust": 0.8,
            "vendor": "fujitsu",
            "version": "v02.10"
          },
          {
            "model": "alliance wi-fi protected access 2",
            "scope": null,
            "trust": 0.6,
            "vendor": "wi fi",
            "version": null
          },
          {
            "model": "scalance w-700",
            "scope": "eq",
            "trust": 0.6,
            "vendor": "siemens",
            "version": "0"
          },
          {
            "model": null,
            "scope": "eq",
            "trust": 0.4,
            "vendor": "linux desktop",
            "version": "12"
          },
          {
            "model": null,
            "scope": "eq",
            "trust": 0.4,
            "vendor": "linux server",
            "version": "11"
          },
          {
            "model": "atom processor c3200 series for yocto project bsp mr4",
            "scope": null,
            "trust": 0.3,
            "vendor": "intel",
            "version": null
          },
          {
            "model": "ios",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "10.3.2"
          },
          {
            "model": "active management technology",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "intel",
            "version": "6.1"
          },
          {
            "model": "pyxis supplystation",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "bd",
            "version": "0"
          },
          {
            "model": "sinamics smart access module",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "siemens",
            "version": "v200"
          },
          {
            "model": "active management technology",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "intel",
            "version": "11.6.27.3264"
          },
          {
            "model": "meraki mr34",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "0"
          },
          {
            "model": "ck71a-atex",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "pepperl fuchs",
            "version": "0"
          },
          {
            "model": "arubaos",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "arubanetworks",
            "version": "6.5.2.0"
          },
          {
            "model": "macbook air",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "0"
          },
          {
            "model": "aironet series access points",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "18500"
          },
          {
            "model": "active management technology",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "intel",
            "version": "8.0"
          },
          {
            "model": "meraki mr26",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "0"
          },
          {
            "model": "arubaos",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "arubanetworks",
            "version": "6.4"
          },
          {
            "model": "aironet series access points",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "28000"
          },
          {
            "model": "enterprise linux for power big endian extended update support",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "redhat",
            "version": "-7.5"
          },
          {
            "model": "meraki mr84",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "0"
          },
          {
            "model": "contact fl wlan",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "phoenix",
            "version": "510x0"
          },
          {
            "model": "windows server r2 for itanium-based systems sp1",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "microsoft",
            "version": "2008"
          },
          {
            "model": "contact itc",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "phoenix",
            "version": "81130"
          },
          {
            "model": "enterprise linux workstation",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "redhat",
            "version": "7"
          },
          {
            "model": "active management technology",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "intel",
            "version": "10.0"
          },
          {
            "model": "dual band wireless-ac",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "intel",
            "version": "726519.51.0.0"
          },
          {
            "model": "enterprise linux server extended update support",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "redhat",
            "version": "-7.6"
          },
          {
            "model": "meraki mr18",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "0"
          },
          {
            "model": "arubaos",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "arubanetworks",
            "version": "8.1.0.3"
          },
          {
            "model": "scalance w1750d",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "siemens",
            "version": "0"
          },
          {
            "model": "secure ii med-surg bed",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "stryker",
            "version": "3002"
          },
          {
            "model": "contact fl wlan",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "phoenix",
            "version": "210x0"
          },
          {
            "model": "windows version for x64-based systems",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "microsoft",
            "version": "1015110"
          },
          {
            "model": "aironet access points",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "0"
          },
          {
            "model": "contact fl wlan ap",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "phoenix",
            "version": "24802-110"
          },
          {
            "model": "active management technology",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "intel",
            "version": "11.0"
          },
          {
            "model": "instantos",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "arubanetworks",
            "version": "6.5.4.1"
          },
          {
            "model": "tvos",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "10.2"
          },
          {
            "model": "wap371 wireless-ac n access point with single point setup",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "0"
          },
          {
            "model": "ex-handy",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "pepperl fuchs",
            "version": "2090"
          },
          {
            "model": "arubaos",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "arubanetworks",
            "version": "6.5.3.2"
          },
          {
            "model": "contact rad-80211-xd",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "phoenix",
            "version": "0"
          },
          {
            "model": "ios",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "apple",
            "version": "11.2"
          },
          {
            "model": "contact fl wlan dap",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "phoenix",
            "version": "24802-110"
          },
          {
            "model": "dual band wireless-ac",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "intel",
            "version": "726519.10.9.1"
          },
          {
            "model": "arubaos",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "arubanetworks",
            "version": "6.3.1.25"
          },
          {
            "model": "pyxis medstation es",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "bd",
            "version": "0"
          },
          {
            "model": "wireless ip phone",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "88210"
          },
          {
            "model": "pyxis stockstation system",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "bd",
            "version": "0"
          },
          {
            "model": "macbook",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "0"
          },
          {
            "model": "dual band wireless-ac",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "intel",
            "version": "316819.51.7.1"
          },
          {
            "model": "dual band wireless-ac",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "intel",
            "version": "726519.10.9.2"
          },
          {
            "model": "scalance wlc712",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "siemens",
            "version": "0"
          },
          {
            "model": "contact fl wlan spa",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "phoenix",
            "version": "0"
          },
          {
            "model": "meraki mr62",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "0"
          },
          {
            "model": "simatic et200 pro im154-6 pn iwlan",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "siemens",
            "version": "0"
          },
          {
            "model": "tropos broadband mesh routers and bridges",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "abb",
            "version": "0"
          },
          {
            "model": "dual band wireless-ac",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "intel",
            "version": "316819.10.9.2"
          },
          {
            "model": "meraki mr33",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "0"
          },
          {
            "model": "instantos",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "arubanetworks",
            "version": "6.5.3.3"
          },
          {
            "model": "micros handheld terminal",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "oracle",
            "version": "0"
          },
          {
            "model": "windows server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "microsoft",
            "version": "20120"
          },
          {
            "model": "instantos",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "arubanetworks",
            "version": "6.5.2"
          },
          {
            "model": "dual band wireless-ac",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "intel",
            "version": "316018.33.9.2"
          },
          {
            "model": "windows version for 32-bit systems",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "microsoft",
            "version": "1017030"
          },
          {
            "model": "atom processor c3200 series for yocto project bsp mr4.1",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "intel",
            "version": null
          },
          {
            "model": "active management technology",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "intel",
            "version": "2.6"
          },
          {
            "model": "android",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "7.1.0"
          },
          {
            "model": "contact fl wlan",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "phoenix",
            "version": "110x0"
          },
          {
            "model": "windows for 32-bit systems",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "microsoft",
            "version": "100"
          },
          {
            "model": "s3 med-surg bed",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "stryker",
            "version": "3002"
          },
          {
            "model": "arubaos",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "arubanetworks",
            "version": "6.4.2.4"
          },
          {
            "model": "tvos",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "11.1"
          },
          {
            "model": "contact fl comserver wlan",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "phoenix",
            "version": "232/422/4850"
          },
          {
            "model": "airport base station",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "7.6.8"
          },
          {
            "model": "enterprise linux server update services for sap solutions",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "redhat",
            "version": "-7."
          },
          {
            "model": "active management technology",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "intel",
            "version": "7.1.91.3272"
          },
          {
            "model": "instantos",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "arubanetworks",
            "version": "4.2.4.9"
          },
          {
            "model": "contact fl wlan ap",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "phoenix",
            "version": "230802-110"
          },
          {
            "model": "android",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "6.1"
          },
          {
            "model": "enterprise linux for power little endian extended update supp",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "redhat",
            "version": "-7.6"
          },
          {
            "model": "meraki mr14",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "0"
          },
          {
            "model": "enterprise linux eus compute node",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "redhat",
            "version": "7.5"
          },
          {
            "model": "aironet series access points",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "18150"
          },
          {
            "model": "wireless client bridge 2.0.0.1-aruba501-b00",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "arubanetworks",
            "version": "501"
          },
          {
            "model": "enterprise linux server extended update support",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "redhat",
            "version": "-7.4"
          },
          {
            "model": "enterprise linux server tus",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "redhat",
            "version": "-7.6"
          },
          {
            "model": "dual band wireless-ac",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "intel",
            "version": "726018.33.9.2"
          },
          {
            "model": "airport express",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "0"
          },
          {
            "model": "meraki mr16",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "0"
          },
          {
            "model": "clarity engine",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "arubanetworks",
            "version": "1.0"
          },
          {
            "model": "meraki mr30h",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "0"
          },
          {
            "model": "airport extreme",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "0"
          },
          {
            "model": "windows server r2",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "microsoft",
            "version": "20120"
          },
          {
            "model": "dual band wireless-ac",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "intel",
            "version": "826520.0.2.3"
          },
          {
            "model": "android",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "8.0"
          },
          {
            "model": "contact bl2 bpc",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "phoenix",
            "version": "0"
          },
          {
            "model": "tvos",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "10.0.1"
          },
          {
            "model": "enterprise linux for ibm z systems",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "redhat",
            "version": "7"
          },
          {
            "model": "watch",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "0"
          },
          {
            "model": "meraki mr32",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "0"
          },
          {
            "model": "wpa supplicant",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "w1 f1",
            "version": "2.4"
          },
          {
            "model": "active management technology",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "intel",
            "version": "4.0"
          },
          {
            "model": "ruggedcom rx1400",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "siemens",
            "version": "0"
          },
          {
            "model": "cn70a-atex",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "pepperl fuchs",
            "version": "0"
          },
          {
            "model": "windows version for 32-bit systems",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "microsoft",
            "version": "1015110"
          },
          {
            "model": "arubaos",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "arubanetworks",
            "version": "6.5.3"
          },
          {
            "model": "pyxis parx handheld",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "bd",
            "version": "0"
          },
          {
            "model": "dual band wireless-ac",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "intel",
            "version": "726519.10"
          },
          {
            "model": "active management technology",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "intel",
            "version": "9.1.40.100"
          },
          {
            "model": "tvos",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "10.1.1"
          },
          {
            "model": "instantos",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "arubanetworks",
            "version": "6.5.3"
          },
          {
            "model": "windows rt",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "microsoft",
            "version": "8.1"
          },
          {
            "model": "meraki mr42",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "0"
          },
          {
            "model": "instantos",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "arubanetworks",
            "version": "4.3.1.6"
          },
          {
            "model": "airport base station",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "7.7.3"
          },
          {
            "model": "wap561 wireless-n dual radio selectable band access point",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "0"
          },
          {
            "model": "active management technology",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "intel",
            "version": "11.0.26.3000"
          },
          {
            "model": "instantos",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "arubanetworks",
            "version": "6.5.4.2"
          },
          {
            "model": "active management technology",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "intel",
            "version": "11.6"
          },
          {
            "model": "tvos",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "apple",
            "version": "11.2"
          },
          {
            "model": "active management technology",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "intel",
            "version": "6.0"
          },
          {
            "model": "windows server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "microsoft",
            "version": "2016"
          },
          {
            "model": "contact rad-whg/wlan-xd",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "phoenix",
            "version": "0"
          },
          {
            "model": "dual band wireless-ac",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "intel",
            "version": "726018.33.9.3"
          },
          {
            "model": "wi-fi update for boot camp",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "apple",
            "version": "6.4.0"
          },
          {
            "model": "suremark printer 2nr",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "toshiba",
            "version": "4610"
          },
          {
            "model": "android",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "7.1.1"
          },
          {
            "model": "arubaos",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "arubanetworks",
            "version": "6.5.4.2"
          },
          {
            "model": "enterprise linux for power little endian extended update supp",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "redhat",
            "version": "-7.5"
          },
          {
            "model": "enterprise linux for power little endian",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "redhat",
            "version": "7"
          },
          {
            "model": "dual band wireless-ac",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "intel",
            "version": "826520.0.0.0"
          },
          {
            "model": "tvos",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "10.2.1"
          },
          {
            "model": "arubaos",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "arubanetworks",
            "version": "6.3.1.8"
          },
          {
            "model": "windows server for x64-based systems sp2",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "microsoft",
            "version": "2008"
          },
          {
            "model": "pyxis supply roller",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "bd",
            "version": "0"
          },
          {
            "model": "airport base station",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "7.6.3"
          },
          {
            "model": "ios",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "10.3"
          },
          {
            "model": "telepresence collaboration endpoint",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "0"
          },
          {
            "model": "active management technology",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "intel",
            "version": "6.2.61.3535"
          },
          {
            "model": "contact vmt",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "phoenix",
            "version": "70xx0"
          },
          {
            "model": "imac",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "0"
          },
          {
            "model": "meraki mr72",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "0"
          },
          {
            "model": "watchos",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "4"
          },
          {
            "model": "enterprise linux for power little endian extended update supp",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "redhat",
            "version": "-7.4"
          },
          {
            "model": "active management technology",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "intel",
            "version": "11.0.25.3001"
          },
          {
            "model": "arubaos",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "arubanetworks",
            "version": "8.1.0.4"
          },
          {
            "model": "active management technology",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "intel",
            "version": "9.1"
          },
          {
            "model": "enterprise linux server tus",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "redhat",
            "version": "-7.4"
          },
          {
            "model": "active management technology",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "intel",
            "version": "6.2"
          },
          {
            "model": "meraki mr53",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "0"
          },
          {
            "model": "tvos",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "10.1"
          },
          {
            "model": "wap551 wireless-n single radio selectable band access point",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "0"
          },
          {
            "model": "instantos",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "arubanetworks",
            "version": "4.2"
          },
          {
            "model": "instantos",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "arubanetworks",
            "version": "6.5.3.2"
          },
          {
            "model": "dual band wireless-ac",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "intel",
            "version": "316519.10"
          },
          {
            "model": "dual band wireless-ac",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "intel",
            "version": "826020.0.0.0"
          },
          {
            "model": "wap121 wireless-n access point with single point setup",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "0"
          },
          {
            "model": "active management technology",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "intel",
            "version": "2.5"
          },
          {
            "model": "active management technology",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "intel",
            "version": "11.6.0.1000"
          },
          {
            "model": "wireless client bridge 1.0.1.3-hp501-b0012",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "arubanetworks",
            "version": "501"
          },
          {
            "model": "i.roc ci70-ex",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "pepperl fuchs",
            "version": "0"
          },
          {
            "model": "arubaos",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "arubanetworks",
            "version": "6.5.0.0"
          },
          {
            "model": "dual band wireless-ac",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "intel",
            "version": "826020.0.2.2"
          },
          {
            "model": "active management technology",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "intel",
            "version": "7.1"
          },
          {
            "model": "cn70e-atex",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "pepperl fuchs",
            "version": "0"
          },
          {
            "model": "dual band wireless-ac",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "intel",
            "version": "726018.0.0.0"
          },
          {
            "model": "meraki mr24",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "0"
          },
          {
            "model": "suremark printer 1nr",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "toshiba",
            "version": "4610"
          },
          {
            "model": "enterprise linux for ibm z systems extended update support",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "redhat",
            "version": "-7.6"
          },
          {
            "model": "contact vmt",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "phoenix",
            "version": "50xx0"
          },
          {
            "model": "meraki mr74",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "0"
          },
          {
            "model": "ex-handy",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "pepperl fuchs",
            "version": "090"
          },
          {
            "model": "arubaos",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "arubanetworks",
            "version": "6.4.4.15"
          },
          {
            "model": "dual band wireless-ac",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "intel",
            "version": "316519.51.7.1"
          },
          {
            "model": "dual band wireless-ac",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "intel",
            "version": "726519.51.7.20"
          },
          {
            "model": "anyconnect secure mobility client",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "0"
          },
          {
            "model": "dual band wireless-ac",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "intel",
            "version": "726519.51.7.1"
          },
          {
            "model": "systems esp32",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "espressif",
            "version": "0"
          },
          {
            "model": "watchos",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "4.1"
          },
          {
            "model": "enterprise linux server extended update support",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "redhat",
            "version": "-7.5"
          },
          {
            "model": "micros handheld terminal 2.03.0.0.021r",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "oracle",
            "version": null
          },
          {
            "model": "aironet series access points",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "38000"
          },
          {
            "model": "pyxis parx",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "bd",
            "version": "0"
          },
          {
            "model": "dx70",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "0"
          },
          {
            "model": "arubaos",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "arubanetworks",
            "version": "6.5.1.9"
          },
          {
            "model": "enterprise linux server update services for sap solutions",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "redhat",
            "version": "-7.6"
          },
          {
            "model": "intouch critical care bed",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "stryker",
            "version": "2141"
          },
          {
            "model": "pyxis anesthesia es",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "bd",
            "version": "0"
          },
          {
            "model": "aironet series officeextend access points",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "18100"
          },
          {
            "model": "windows for x64-based systems",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "microsoft",
            "version": "8.10"
          },
          {
            "model": "dual band wireless-ac",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "intel",
            "version": "316819.10.9.1"
          },
          {
            "model": "active management technology",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "intel",
            "version": "10.0.55.3000"
          },
          {
            "model": "windows for 32-bit systems",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "microsoft",
            "version": "8.10"
          },
          {
            "model": "android",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "6.0"
          },
          {
            "model": "meraki mr66",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "0"
          },
          {
            "model": "dual band wireless-ac",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "intel",
            "version": "316519.10.9.1"
          },
          {
            "model": "airport base station",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "7.6"
          },
          {
            "model": "intouch critical care bed",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "stryker",
            "version": "2131"
          },
          {
            "model": "android",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "7.1.2"
          },
          {
            "model": "aironet series access points",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "18300"
          },
          {
            "model": "enterprise linux server aus",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "redhat",
            "version": "-7.6"
          },
          {
            "model": "enterprise linux for power big endian extended update support",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "redhat",
            "version": "-7.6"
          },
          {
            "model": "active management technology",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "intel",
            "version": "10.0.0.50.1004"
          },
          {
            "model": "arubaos",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "arubanetworks",
            "version": "6.4.1.0"
          },
          {
            "model": "wap321 wireless-n access point with single point setup",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "0"
          },
          {
            "model": "simatic iwlan-pb/link",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "siemens",
            "version": "0"
          },
          {
            "model": "aironet 1810w series access points",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "0"
          },
          {
            "model": "meraki mr52",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "0"
          },
          {
            "model": "enterprise linux for ibm z systems extended update support",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "redhat",
            "version": "-7.5"
          },
          {
            "model": "meraki mr12",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "0"
          },
          {
            "model": "airmesh msr",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "arubanetworks",
            "version": "0"
          },
          {
            "model": "dual band wireless-ac",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "intel",
            "version": "316519.51.7.20"
          },
          {
            "model": "watchos",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "apple",
            "version": "4.2"
          },
          {
            "model": "contact fl wlan ec",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "phoenix",
            "version": "24802-110"
          },
          {
            "model": "instantos",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "arubanetworks",
            "version": "4.2.4.8"
          },
          {
            "model": "systems esp8266",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "espressif",
            "version": "0"
          },
          {
            "model": "tv",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "0"
          },
          {
            "model": "pad-ex",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "pepperl fuchs",
            "version": "010"
          },
          {
            "model": "active management technology",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "intel",
            "version": "11.0.0.1205"
          },
          {
            "model": "ip phone",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "88610"
          },
          {
            "model": "clarity engine",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "arubanetworks",
            "version": "1.0.0.1"
          },
          {
            "model": "aironet series access points",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "15600"
          },
          {
            "model": "windows for 32-bit systems sp1",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "microsoft",
            "version": "7"
          },
          {
            "model": "instantos",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "arubanetworks",
            "version": "4.3.1.5"
          },
          {
            "model": "airport base station",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "7.6.2"
          },
          {
            "model": "active management technology",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "intel",
            "version": "8.1"
          },
          {
            "model": "active management technology",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "intel",
            "version": "11.8"
          },
          {
            "model": "windows for x64-based systems sp1",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "microsoft",
            "version": "7"
          },
          {
            "model": "enterprise linux for ibm z systems extended update support",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "redhat",
            "version": "-7.4"
          },
          {
            "model": "meraki mr58",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "0"
          },
          {
            "model": "windows version for 32-bit systems",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "microsoft",
            "version": "1016070"
          },
          {
            "model": "dual band wireless-ac",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "intel",
            "version": "316519.10.9.2"
          },
          {
            "model": "pyxis parassist system",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "bd",
            "version": "0"
          },
          {
            "model": "windows server for 32-bit systems sp2",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "microsoft",
            "version": "2008"
          },
          {
            "model": "instantos",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "arubanetworks",
            "version": "4.3"
          },
          {
            "model": "android",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "7.0"
          },
          {
            "model": "simatic mobile panel 277 iwlan",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "siemens",
            "version": "0"
          },
          {
            "model": "pyxis medstation t2",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "bd",
            "version": "40000"
          },
          {
            "model": "dual band wireless-ac",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "intel",
            "version": "826020.0.2.3"
          },
          {
            "model": "android",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "6.0.1"
          },
          {
            "model": "airport base station",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "7.6.1"
          },
          {
            "model": "dual band wireless-ac",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "intel",
            "version": "316519.51.0.0"
          },
          {
            "model": "wi-fi update for boot camp",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "0"
          },
          {
            "model": "enterprise linux server update services for sap solutions",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "redhat",
            "version": "-7.4"
          },
          {
            "model": "ipad",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "0"
          },
          {
            "model": "contact vmt",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "phoenix",
            "version": "30xx0"
          },
          {
            "model": "enterprise linux for power big endian",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "redhat",
            "version": "7"
          },
          {
            "model": "wpa supplicant",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "w1 f1",
            "version": "2.6"
          },
          {
            "model": "wireless client bridge",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "arubanetworks",
            "version": "5010"
          },
          {
            "model": "ios",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "10.0.1"
          },
          {
            "model": "active management technology",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "intel",
            "version": "11.5"
          },
          {
            "model": "meraki mr11",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "0"
          },
          {
            "model": "ios",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "10.3.3"
          },
          {
            "model": "pyxis anesthesia system",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "bd",
            "version": "40000"
          },
          {
            "model": "tvos",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "10.2.2"
          },
          {
            "model": "pyxis anesthesia system",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "bd",
            "version": "35000"
          },
          {
            "model": "automation stratix 15.3 jc1",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "rockwell",
            "version": "5100"
          },
          {
            "model": "enterprise linux server aus",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "redhat",
            "version": "-7.4"
          },
          {
            "model": "pyxis ciisafe workstation",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "bd",
            "version": "??0"
          },
          {
            "model": "enterprise linux for power big endian extended update support",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "redhat",
            "version": "-7.4"
          },
          {
            "model": "airport base station",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "7.6.7"
          },
          {
            "model": "dual band wireless-ac",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "intel",
            "version": "316819.51.0.0"
          },
          {
            "model": "ipad air",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "0"
          },
          {
            "model": "active management technology",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "intel",
            "version": "7.0"
          },
          {
            "model": "arubaos",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "arubanetworks",
            "version": "6.5.4.1"
          },
          {
            "model": "enterprise linux eus compute node",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "redhat",
            "version": "7.6"
          },
          {
            "model": "enterprise linux for scientific computing",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "redhat",
            "version": "7"
          },
          {
            "model": "active management technology",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "intel",
            "version": "8.1.71.3608"
          },
          {
            "model": "active management technology",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "intel",
            "version": "9.1.41.3024"
          },
          {
            "model": "arubaos",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "arubanetworks",
            "version": "6.4.2.1"
          },
          {
            "model": "enterprise linux eus compute node",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "redhat",
            "version": "7.4"
          },
          {
            "model": "dx80",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "0"
          },
          {
            "model": "active management technology",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "intel",
            "version": "9.0"
          },
          {
            "model": "contact bl2 ppc",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "phoenix",
            "version": "0"
          },
          {
            "model": "contact tpc",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "phoenix",
            "version": "60130"
          },
          {
            "model": "ipod touch",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "0"
          },
          {
            "model": "arubaos",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "arubanetworks",
            "version": "6.5.1"
          },
          {
            "model": "ck70a-atex",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "pepperl fuchs",
            "version": "0"
          },
          {
            "model": "ios",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "10.2.1"
          },
          {
            "model": "ios",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "10.3.1"
          },
          {
            "model": "dual band wireless-ac",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "intel",
            "version": "316819.51.7.20"
          },
          {
            "model": "macbook pro",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "0"
          },
          {
            "model": "dual band wireless-ac",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "intel",
            "version": "316819.10"
          },
          {
            "model": "windows for x64-based systems",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "microsoft",
            "version": "100"
          },
          {
            "model": "airport base station",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "7.7.8"
          },
          {
            "model": "active management technology",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "intel",
            "version": "9.5"
          },
          {
            "model": "ios",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "10.1"
          },
          {
            "model": "ios",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "10.2"
          },
          {
            "model": "airport base station",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "7.6.4"
          },
          {
            "model": "smart-ex",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "pepperl fuchs",
            "version": "010"
          },
          {
            "model": "dual band wireless-ac",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "intel",
            "version": "826520.0.2.2"
          },
          {
            "model": "dual band wireless-ac",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "intel",
            "version": "316018.33.9.3"
          },
          {
            "model": "tab-ex",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "pepperl fuchs",
            "version": "010"
          },
          {
            "model": "arubaos",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "arubanetworks",
            "version": "6.5.3.3"
          },
          {
            "model": "iphone",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "0"
          },
          {
            "model": "macmini",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "0"
          },
          {
            "model": "arubaos",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "arubanetworks",
            "version": "6.4.4.16"
          },
          {
            "model": "contact fl wlan epa",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "phoenix",
            "version": "0"
          },
          {
            "model": "airport time capsule",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "0"
          },
          {
            "model": "alliance wpa2 (wi-fi protected access",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "wi fi",
            "version": "2)0"
          },
          {
            "model": "airport base station",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "apple",
            "version": "7.7.9"
          },
          {
            "model": "scalance wlc711",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "siemens",
            "version": "0"
          },
          {
            "model": "ruggedcom rs9xxw",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "siemens",
            "version": "0"
          },
          {
            "model": "arubaos",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "arubanetworks",
            "version": "6.3.1.15"
          },
          {
            "model": "networks unifi access point",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ubiquiti",
            "version": "0"
          },
          {
            "model": "suremark printer 2cr",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "toshiba",
            "version": "4610"
          },
          {
            "model": "ip phone",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "88650"
          },
          {
            "model": "arubaos",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "arubanetworks",
            "version": "6.5.4"
          },
          {
            "model": "airport base station",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "7.7.7"
          },
          {
            "model": "instantos",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "arubanetworks",
            "version": "6.5.4"
          },
          {
            "model": "asa 5506w-x w/ firepower services",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "0"
          },
          {
            "model": "windows version for x64-based systems",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "microsoft",
            "version": "1016070"
          },
          {
            "model": "airport base station",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "apple",
            "version": "7.6.9"
          },
          {
            "model": "s3 med-surg bed",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "stryker",
            "version": "3005"
          },
          {
            "model": "dual band wireless-ac",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "intel",
            "version": "316018.0.0.0"
          },
          {
            "model": "smart-ex",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "pepperl fuchs",
            "version": "2010"
          },
          {
            "model": "windows version for x64-based systems",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "microsoft",
            "version": "1017030"
          },
          {
            "model": "ios",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "11.1"
          },
          {
            "model": null,
            "scope": "eq",
            "trust": 0.2,
            "vendor": "ubuntu linux",
            "version": "14.04"
          },
          {
            "model": null,
            "scope": "eq",
            "trust": 0.2,
            "vendor": "ubuntu linux",
            "version": "16.04"
          },
          {
            "model": null,
            "scope": "eq",
            "trust": 0.2,
            "vendor": "ubuntu linux",
            "version": "17.04"
          },
          {
            "model": null,
            "scope": "eq",
            "trust": 0.2,
            "vendor": "debian linux",
            "version": "8.0"
          },
          {
            "model": null,
            "scope": "eq",
            "trust": 0.2,
            "vendor": "debian linux",
            "version": "9.0"
          },
          {
            "model": null,
            "scope": "eq",
            "trust": 0.2,
            "vendor": "freebsd",
            "version": "*"
          },
          {
            "model": null,
            "scope": "eq",
            "trust": 0.2,
            "vendor": "freebsd",
            "version": "10"
          },
          {
            "model": null,
            "scope": "eq",
            "trust": 0.2,
            "vendor": "freebsd",
            "version": "10.4"
          },
          {
            "model": null,
            "scope": "eq",
            "trust": 0.2,
            "vendor": "freebsd",
            "version": "11"
          },
          {
            "model": null,
            "scope": "eq",
            "trust": 0.2,
            "vendor": "freebsd",
            "version": "11.1"
          },
          {
            "model": null,
            "scope": "eq",
            "trust": 0.2,
            "vendor": "leap",
            "version": "42.2"
          },
          {
            "model": null,
            "scope": "eq",
            "trust": 0.2,
            "vendor": "leap",
            "version": "42.3"
          },
          {
            "model": null,
            "scope": "eq",
            "trust": 0.2,
            "vendor": "linux desktop",
            "version": "7"
          },
          {
            "model": null,
            "scope": "eq",
            "trust": 0.2,
            "vendor": "linux server",
            "version": "7"
          },
          {
            "model": null,
            "scope": "eq",
            "trust": 0.2,
            "vendor": "hostapd",
            "version": "0.2.4"
          },
          {
            "model": null,
            "scope": "eq",
            "trust": 0.2,
            "vendor": "hostapd",
            "version": "0.2.5"
          },
          {
            "model": null,
            "scope": "eq",
            "trust": 0.2,
            "vendor": "hostapd",
            "version": "0.2.6"
          },
          {
            "model": null,
            "scope": "eq",
            "trust": 0.2,
            "vendor": "hostapd",
            "version": "0.2.8"
          },
          {
            "model": null,
            "scope": "eq",
            "trust": 0.2,
            "vendor": "hostapd",
            "version": "0.3.7"
          },
          {
            "model": null,
            "scope": "eq",
            "trust": 0.2,
            "vendor": "hostapd",
            "version": "0.3.9"
          },
          {
            "model": null,
            "scope": "eq",
            "trust": 0.2,
            "vendor": "hostapd",
            "version": "0.3.10"
          },
          {
            "model": null,
            "scope": "eq",
            "trust": 0.2,
            "vendor": "hostapd",
            "version": "0.3.11"
          },
          {
            "model": null,
            "scope": "eq",
            "trust": 0.2,
            "vendor": "hostapd",
            "version": "0.4.7"
          },
          {
            "model": null,
            "scope": "eq",
            "trust": 0.2,
            "vendor": "hostapd",
            "version": "0.4.8"
          },
          {
            "model": null,
            "scope": "eq",
            "trust": 0.2,
            "vendor": "hostapd",
            "version": "0.4.9"
          },
          {
            "model": null,
            "scope": "eq",
            "trust": 0.2,
            "vendor": "hostapd",
            "version": "0.4.10"
          },
          {
            "model": null,
            "scope": "eq",
            "trust": 0.2,
            "vendor": "hostapd",
            "version": "0.4.11"
          },
          {
            "model": null,
            "scope": "eq",
            "trust": 0.2,
            "vendor": "hostapd",
            "version": "0.5.7"
          },
          {
            "model": null,
            "scope": "eq",
            "trust": 0.2,
            "vendor": "hostapd",
            "version": "0.5.8"
          },
          {
            "model": null,
            "scope": "eq",
            "trust": 0.2,
            "vendor": "hostapd",
            "version": "0.5.9"
          },
          {
            "model": null,
            "scope": "eq",
            "trust": 0.2,
            "vendor": "hostapd",
            "version": "0.5.10"
          },
          {
            "model": null,
            "scope": "eq",
            "trust": 0.2,
            "vendor": "hostapd",
            "version": "0.5.11"
          },
          {
            "model": null,
            "scope": "eq",
            "trust": 0.2,
            "vendor": "hostapd",
            "version": "0.6.8"
          },
          {
            "model": null,
            "scope": "eq",
            "trust": 0.2,
            "vendor": "hostapd",
            "version": "0.6.9"
          },
          {
            "model": null,
            "scope": "eq",
            "trust": 0.2,
            "vendor": "hostapd",
            "version": "0.6.10"
          },
          {
            "model": null,
            "scope": "eq",
            "trust": 0.2,
            "vendor": "hostapd",
            "version": "0.7.3"
          },
          {
            "model": null,
            "scope": "eq",
            "trust": 0.2,
            "vendor": "hostapd",
            "version": "1.0"
          },
          {
            "model": null,
            "scope": "eq",
            "trust": 0.2,
            "vendor": "hostapd",
            "version": "1.1"
          },
          {
            "model": null,
            "scope": "eq",
            "trust": 0.2,
            "vendor": "hostapd",
            "version": "2.0"
          },
          {
            "model": null,
            "scope": "eq",
            "trust": 0.2,
            "vendor": "hostapd",
            "version": "2.1"
          },
          {
            "model": null,
            "scope": "eq",
            "trust": 0.2,
            "vendor": "hostapd",
            "version": "2.2"
          },
          {
            "model": null,
            "scope": "eq",
            "trust": 0.2,
            "vendor": "hostapd",
            "version": "2.3"
          },
          {
            "model": null,
            "scope": "eq",
            "trust": 0.2,
            "vendor": "hostapd",
            "version": "2.4"
          },
          {
            "model": null,
            "scope": "eq",
            "trust": 0.2,
            "vendor": "hostapd",
            "version": "2.5"
          },
          {
            "model": null,
            "scope": "eq",
            "trust": 0.2,
            "vendor": "hostapd",
            "version": "2.6"
          },
          {
            "model": null,
            "scope": "eq",
            "trust": 0.2,
            "vendor": "wpa supplicant",
            "version": "0.2.4"
          },
          {
            "model": null,
            "scope": "eq",
            "trust": 0.2,
            "vendor": "wpa supplicant",
            "version": "0.2.5"
          },
          {
            "model": null,
            "scope": "eq",
            "trust": 0.2,
            "vendor": "wpa supplicant",
            "version": "0.2.6"
          },
          {
            "model": null,
            "scope": "eq",
            "trust": 0.2,
            "vendor": "wpa supplicant",
            "version": "0.2.7"
          },
          {
            "model": null,
            "scope": "eq",
            "trust": 0.2,
            "vendor": "wpa supplicant",
            "version": "0.2.8"
          },
          {
            "model": null,
            "scope": "eq",
            "trust": 0.2,
            "vendor": "wpa supplicant",
            "version": "0.3.7"
          },
          {
            "model": null,
            "scope": "eq",
            "trust": 0.2,
            "vendor": "wpa supplicant",
            "version": "0.3.8"
          },
          {
            "model": null,
            "scope": "eq",
            "trust": 0.2,
            "vendor": "wpa supplicant",
            "version": "0.3.9"
          },
          {
            "model": null,
            "scope": "eq",
            "trust": 0.2,
            "vendor": "wpa supplicant",
            "version": "0.3.10"
          },
          {
            "model": null,
            "scope": "eq",
            "trust": 0.2,
            "vendor": "wpa supplicant",
            "version": "0.3.11"
          },
          {
            "model": null,
            "scope": "eq",
            "trust": 0.2,
            "vendor": "wpa supplicant",
            "version": "0.4.7"
          },
          {
            "model": null,
            "scope": "eq",
            "trust": 0.2,
            "vendor": "wpa supplicant",
            "version": "0.4.8"
          },
          {
            "model": null,
            "scope": "eq",
            "trust": 0.2,
            "vendor": "wpa supplicant",
            "version": "0.4.9"
          },
          {
            "model": null,
            "scope": "eq",
            "trust": 0.2,
            "vendor": "wpa supplicant",
            "version": "0.4.10"
          },
          {
            "model": null,
            "scope": "eq",
            "trust": 0.2,
            "vendor": "wpa supplicant",
            "version": "0.4.11"
          },
          {
            "model": null,
            "scope": "eq",
            "trust": 0.2,
            "vendor": "wpa supplicant",
            "version": "0.5.7"
          },
          {
            "model": null,
            "scope": "eq",
            "trust": 0.2,
            "vendor": "wpa supplicant",
            "version": "0.5.8"
          },
          {
            "model": null,
            "scope": "eq",
            "trust": 0.2,
            "vendor": "wpa supplicant",
            "version": "0.5.9"
          },
          {
            "model": null,
            "scope": "eq",
            "trust": 0.2,
            "vendor": "wpa supplicant",
            "version": "0.5.10"
          },
          {
            "model": null,
            "scope": "eq",
            "trust": 0.2,
            "vendor": "wpa supplicant",
            "version": "0.5.11"
          },
          {
            "model": null,
            "scope": "eq",
            "trust": 0.2,
            "vendor": "wpa supplicant",
            "version": "0.6.8"
          },
          {
            "model": null,
            "scope": "eq",
            "trust": 0.2,
            "vendor": "wpa supplicant",
            "version": "0.6.9"
          },
          {
            "model": null,
            "scope": "eq",
            "trust": 0.2,
            "vendor": "wpa supplicant",
            "version": "0.6.10"
          },
          {
            "model": null,
            "scope": "eq",
            "trust": 0.2,
            "vendor": "wpa supplicant",
            "version": "0.7.3"
          },
          {
            "model": null,
            "scope": "eq",
            "trust": 0.2,
            "vendor": "wpa supplicant",
            "version": "1.0"
          },
          {
            "model": null,
            "scope": "eq",
            "trust": 0.2,
            "vendor": "wpa supplicant",
            "version": "1.1"
          },
          {
            "model": null,
            "scope": "eq",
            "trust": 0.2,
            "vendor": "wpa supplicant",
            "version": "2.0"
          },
          {
            "model": null,
            "scope": "eq",
            "trust": 0.2,
            "vendor": "wpa supplicant",
            "version": "2.1"
          },
          {
            "model": null,
            "scope": "eq",
            "trust": 0.2,
            "vendor": "wpa supplicant",
            "version": "2.2"
          },
          {
            "model": null,
            "scope": "eq",
            "trust": 0.2,
            "vendor": "wpa supplicant",
            "version": "2.3"
          },
          {
            "model": null,
            "scope": "eq",
            "trust": 0.2,
            "vendor": "wpa supplicant",
            "version": "2.4"
          },
          {
            "model": null,
            "scope": "eq",
            "trust": 0.2,
            "vendor": "wpa supplicant",
            "version": "2.5"
          },
          {
            "model": null,
            "scope": "eq",
            "trust": 0.2,
            "vendor": "wpa supplicant",
            "version": "2.6"
          },
          {
            "model": null,
            "scope": "eq",
            "trust": 0.2,
            "vendor": "linux point of sale",
            "version": "11"
          },
          {
            "model": null,
            "scope": "eq",
            "trust": 0.2,
            "vendor": "linux server",
            "version": "12"
          },
          {
            "model": null,
            "scope": "eq",
            "trust": 0.2,
            "vendor": "openstack cloud",
            "version": "6"
          }
        ],
        "sources": [
          {
            "db": "IVD",
            "id": "b8631bf1-6bd8-4549-b275-107397f54fc7"
          },
          {
            "db": "CERT/CC",
            "id": "VU#228519"
          },
          {
            "db": "CNVD",
            "id": "CNVD-2017-30397"
          },
          {
            "db": "BID",
            "id": "101274"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2017-009179"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201710-389"
          },
          {
            "db": "NVD",
            "id": "CVE-2017-13088"
          }
        ]
      },
      "configurations": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/configurations#",
          "children": {
            "@container": "@list"
          },
          "cpe_match": {
            "@container": "@list"
          },
          "data": {
            "@container": "@list"
          },
          "nodes": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "CVE_data_version": "4.0",
            "nodes": [
              {
                "cpe_match": [
                  {
                    "cpe22Uri": "cpe:/o:canonical:ubuntu",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:debian:debian_linux",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:freebsd:freebsd",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:opensuse_project:leap",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:suse:linux_enterprise_desktop",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:suse:suse_linux_enterprise_point_of_sale",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:suse:linux_enterprise_server",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/a:suse:openstack_cloud",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/a:w1.fi:hostapd",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/a:w1.fi:wpa_supplicant",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:redhat:enterprise_linux_desktop",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:redhat:enterprise_linux_server",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:nec:nec_edge_gateway",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/a:fujitsu:sr-m20ac1",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/a:fujitsu:sr-m20ac2",
                    "vulnerable": true
                  }
                ],
                "operator": "OR"
              }
            ]
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2017-009179"
          }
        ]
      },
      "credits": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/credits#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "Mathy Vanhoef from imec-DistriNet and KU Leuven.",
        "sources": [
          {
            "db": "BID",
            "id": "101274"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201710-389"
          }
        ],
        "trust": 0.9
      },
      "cve": "CVE-2017-13088",
      "cvss": {
        "@context": {
          "cvssV2": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
          },
          "cvssV3": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
          },
          "severity": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/cvss/severity#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/severity"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            },
            "@id": "https://www.variotdbs.pl/ref/sources"
          }
        },
        "data": [
          {
            "cvssV2": [
              {
                "accessComplexity": "MEDIUM",
                "accessVector": "ADJACENT_NETWORK",
                "authentication": "NONE",
                "author": "nvd@nist.gov",
                "availabilityImpact": "NONE",
                "baseScore": 2.9,
                "confidentialityImpact": "NONE",
                "exploitabilityScore": 5.5,
                "id": "CVE-2017-13088",
                "impactScore": 2.9,
                "integrityImpact": "PARTIAL",
                "severity": "LOW",
                "trust": 1.9,
                "vectorString": "AV:A/AC:M/Au:N/C:N/I:P/A:N",
                "version": "2.0"
              },
              {
                "accessComplexity": "MEDIUM",
                "accessVector": "ADJACENT_NETWORK",
                "authentication": "NONE",
                "author": "CNVD",
                "availabilityImpact": "PARTIAL",
                "baseScore": 5.4,
                "confidentialityImpact": "PARTIAL",
                "exploitabilityScore": 5.5,
                "id": "CNVD-2017-30397",
                "impactScore": 6.4,
                "integrityImpact": "PARTIAL",
                "severity": "MEDIUM",
                "trust": 0.6,
                "vectorString": "AV:A/AC:M/Au:N/C:P/I:P/A:P",
                "version": "2.0"
              },
              {
                "accessComplexity": "MEDIUM",
                "accessVector": "ADJACENT_NETWORK",
                "authentication": "NONE",
                "author": "IVD",
                "availabilityImpact": "PARTIAL",
                "baseScore": 5.4,
                "confidentialityImpact": "PARTIAL",
                "exploitabilityScore": 5.5,
                "id": "b8631bf1-6bd8-4549-b275-107397f54fc7",
                "impactScore": 6.4,
                "integrityImpact": "PARTIAL",
                "severity": "MEDIUM",
                "trust": 0.2,
                "vectorString": "AV:A/AC:M/Au:N/C:P/I:P/A:P",
                "version": "2.9 [IVD]"
              }
            ],
            "cvssV3": [
              {
                "attackComplexity": "HIGH",
                "attackVector": "ADJACENT",
                "author": "nvd@nist.gov",
                "availabilityImpact": "NONE",
                "baseScore": 5.3,
                "baseSeverity": "MEDIUM",
                "confidentialityImpact": "NONE",
                "exploitabilityScore": 1.6,
                "id": "CVE-2017-13088",
                "impactScore": 3.6,
                "integrityImpact": "HIGH",
                "privilegesRequired": "NONE",
                "scope": "UNCHANGED",
                "trust": 1.8,
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.0/AV:A/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N",
                "version": "3.0"
              }
            ],
            "severity": [
              {
                "author": "nvd@nist.gov",
                "id": "CVE-2017-13088",
                "trust": 1.0,
                "value": "MEDIUM"
              },
              {
                "author": "NVD",
                "id": "CVE-2017-13088",
                "trust": 0.8,
                "value": "Medium"
              },
              {
                "author": "CNVD",
                "id": "CNVD-2017-30397",
                "trust": 0.6,
                "value": "MEDIUM"
              },
              {
                "author": "CNNVD",
                "id": "CNNVD-201710-389",
                "trust": 0.6,
                "value": "MEDIUM"
              },
              {
                "author": "IVD",
                "id": "b8631bf1-6bd8-4549-b275-107397f54fc7",
                "trust": 0.2,
                "value": "MEDIUM"
              },
              {
                "author": "VULMON",
                "id": "CVE-2017-13088",
                "trust": 0.1,
                "value": "LOW"
              }
            ]
          }
        ],
        "sources": [
          {
            "db": "IVD",
            "id": "b8631bf1-6bd8-4549-b275-107397f54fc7"
          },
          {
            "db": "CNVD",
            "id": "CNVD-2017-30397"
          },
          {
            "db": "VULMON",
            "id": "CVE-2017-13088"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2017-009179"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201710-389"
          },
          {
            "db": "NVD",
            "id": "CVE-2017-13088"
          }
        ]
      },
      "description": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/description#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "Wi-Fi Protected Access (WPA and WPA2) that support 802.11v allows reinstallation of the Integrity Group Temporal Key (IGTK) when processing a Wireless Network Management (WNM) Sleep Mode Response frame, allowing an attacker within radio range to replay frames from access points to clients. An attacker within range of an affected AP and client may leverage these vulnerabilities to conduct attacks that are dependent on the data confidentiality protocols being used. Attacks may include arbitrary packet decryption and injection, TCP connection hijacking, HTTP content injection, or the replay of unicast and group-addressed frames. These vulnerabilities are referred to as Key Reinstallation Attacks or \"KRACK\" attacks. WPA (Wi-Fi Protected Access) is a system that protects wireless computer networks (Wi-Fi). The WIG2 wireless network sleep mode has an IGTK key complete reload vulnerability. WPA2  is prone to multiple security weaknesses. \nExploiting these issues may allow an unauthorized user to intercept and manipulate data or disclose sensitive information. -----BEGIN PGP SIGNED MESSAGE-----\nHash: SHA1\n\n=====================================================================\n                   Red Hat Security Advisory\n\nSynopsis:          Important: wpa_supplicant security update\nAdvisory ID:       RHSA-2017:2907-01\nProduct:           Red Hat Enterprise Linux\nAdvisory URL:      https://access.redhat.com/errata/RHSA-2017:2907\nIssue date:        2017-10-17\nCVE Names:         CVE-2017-13077 CVE-2017-13078 CVE-2017-13080 \n                   CVE-2017-13082 CVE-2017-13086 CVE-2017-13087 \n                   CVE-2017-13088 \n=====================================================================\n\n1. Summary:\n\nAn update for wpa_supplicant is now available for Red Hat Enterprise Linux\n7. \n\nRed Hat Product Security has rated this update as having a security impact\nof Important. A Common Vulnerability Scoring System (CVSS) base score,\nwhich gives a detailed severity rating, is available for each vulnerability\nfrom the CVE link(s) in the References section. Relevant releases/architectures:\n\nRed Hat Enterprise Linux Client (v. 7) - x86_64\nRed Hat Enterprise Linux ComputeNode (v. 7) - x86_64\nRed Hat Enterprise Linux Server (v. 7) - aarch64, ppc64, ppc64le, s390x, x86_64\nRed Hat Enterprise Linux Workstation (v. 7) - x86_64\n\n3. Description:\n\nThe wpa_supplicant packages contain an 802.1X Supplicant with support for\nWEP, WPA, WPA2 (IEEE 802.11i / RSN), and various EAP authentication\nmethods. They implement key negotiation with a WPA Authenticator for client\nstations and controls the roaming and IEEE 802.11 authentication and\nassociation of the WLAN driver. A remote attacker within Wi-Fi range\ncould exploit these attacks to decrypt Wi-Fi traffic or possibly inject\nforged Wi-Fi packets by manipulating cryptographic handshakes used by the\nWPA2 protocol. (CVE-2017-13077, CVE-2017-13078, CVE-2017-13080,\nCVE-2017-13082, CVE-2017-13086, CVE-2017-13087, CVE-2017-13088)\n\nRed Hat would like to thank CERT for reporting these issues. Upstream\nacknowledges Mathy Vanhoef (University of Leuven) as the original reporter\nof these issues. Solution:\n\nFor details on how to apply this update, which includes the changes\ndescribed in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\n5. Package List:\n\nRed Hat Enterprise Linux Client (v. 7):\n\nSource:\nwpa_supplicant-2.6-5.el7_4.1.src.rpm\n\nx86_64:\nwpa_supplicant-2.6-5.el7_4.1.x86_64.rpm\nwpa_supplicant-debuginfo-2.6-5.el7_4.1.x86_64.rpm\n\nRed Hat Enterprise Linux ComputeNode (v. 7):\n\nSource:\nwpa_supplicant-2.6-5.el7_4.1.src.rpm\n\nx86_64:\nwpa_supplicant-2.6-5.el7_4.1.x86_64.rpm\nwpa_supplicant-debuginfo-2.6-5.el7_4.1.x86_64.rpm\n\nRed Hat Enterprise Linux Server (v. 7):\n\nSource:\nwpa_supplicant-2.6-5.el7_4.1.src.rpm\n\naarch64:\nwpa_supplicant-2.6-5.el7_4.1.aarch64.rpm\nwpa_supplicant-debuginfo-2.6-5.el7_4.1.aarch64.rpm\n\nppc64:\nwpa_supplicant-2.6-5.el7_4.1.ppc64.rpm\nwpa_supplicant-debuginfo-2.6-5.el7_4.1.ppc64.rpm\n\nppc64le:\nwpa_supplicant-2.6-5.el7_4.1.ppc64le.rpm\nwpa_supplicant-debuginfo-2.6-5.el7_4.1.ppc64le.rpm\n\ns390x:\nwpa_supplicant-2.6-5.el7_4.1.s390x.rpm\nwpa_supplicant-debuginfo-2.6-5.el7_4.1.s390x.rpm\n\nx86_64:\nwpa_supplicant-2.6-5.el7_4.1.x86_64.rpm\nwpa_supplicant-debuginfo-2.6-5.el7_4.1.x86_64.rpm\n\nRed Hat Enterprise Linux Workstation (v. 7):\n\nSource:\nwpa_supplicant-2.6-5.el7_4.1.src.rpm\n\nx86_64:\nwpa_supplicant-2.6-5.el7_4.1.x86_64.rpm\nwpa_supplicant-debuginfo-2.6-5.el7_4.1.x86_64.rpm\n\nThese packages are GPG signed by Red Hat for security.  Our key and\ndetails on how to verify the signature are available from\nhttps://access.redhat.com/security/team/key/\n\n7. References:\n\nhttps://access.redhat.com/security/cve/CVE-2017-13077\nhttps://access.redhat.com/security/cve/CVE-2017-13078\nhttps://access.redhat.com/security/cve/CVE-2017-13080\nhttps://access.redhat.com/security/cve/CVE-2017-13082\nhttps://access.redhat.com/security/cve/CVE-2017-13086\nhttps://access.redhat.com/security/cve/CVE-2017-13087\nhttps://access.redhat.com/security/cve/CVE-2017-13088\nhttps://access.redhat.com/security/updates/classification/#important\nhttps://access.redhat.com/security/vulnerabilities/kracks\n\n8. Contact:\n\nThe Red Hat security contact is \u003csecalert@redhat.com\u003e. More contact\ndetails at https://access.redhat.com/security/team/contact/\n\nCopyright 2017 Red Hat, Inc. Those vulnerabilities applies to both the access point\n(implemented in hostapd) and the station (implemented in wpa_supplicant). \n\nAn attacker exploiting the vulnerabilities could force the vulnerable system to\nreuse cryptographic session keys, enabling a range of cryptographic attacks\nagainst the ciphers used in WPA1 and WPA2. \n\nFor the stable distribution (stretch), these problems have been fixed in\nversion 2:2.4-1+deb9u1. \n\nFor the testing distribution (buster), these problems have been fixed\nin version 2:2.4-1.1. \n\nFor the unstable distribution (sid), these problems have been fixed in\nversion 2:2.4-1.1. \n\nWe recommend that you upgrade your wpa packages. ==========================================================================\nUbuntu Security Notice USN-3455-1\nOctober 16, 2017\n\nwpa vulnerabilities\n==========================================================================\n\nA security issue affects these releases of Ubuntu and its derivatives:\n\n- Ubuntu 17.04\n- Ubuntu 16.04 LTS\n- Ubuntu 14.04 LTS\n\nSummary:\n\nSeveral security issues were fixed in wpa_supplicant. \n\nSoftware Description:\n- wpa: client support for WPA and WPA2\n\nDetails:\n\nMathy Vanhoef discovered that wpa_supplicant and hostapd incorrectly\nhandled WPA2. (CVE-2017-13077,\nCVE-2017-13078, CVE-2017-13079, CVE-2017-13080, CVE-2017-13081,\nCVE-2017-13082, CVE-2017-13086, CVE-2017-13087, CVE-2017-13088)\n\nImre Rad discovered that wpa_supplicant and hostapd incorrectly handled\ninvalid characters in passphrase parameters. A remote attacker could use\nthis issue to cause a denial of service. (CVE-2016-4476)\n\nImre Rad discovered that wpa_supplicant and hostapd incorrectly handled\ninvalid characters in passphrase parameters. A local attacker could use\nthis issue to cause a denial of service, or possibly execute arbitrary\ncode. (CVE-2016-4477)\n\nUpdate instructions:\n\nThe problem can be corrected by updating your system to the following\npackage versions:\n\nUbuntu 17.04:\n  hostapd                         2.4-0ubuntu9.1\n  wpasupplicant                   2.4-0ubuntu9.1\n\nUbuntu 16.04 LTS:\n  hostapd                         2.4-0ubuntu6.2\n  wpasupplicant                   2.4-0ubuntu6.2\n\nUbuntu 14.04 LTS:\n  hostapd                         2.1-0ubuntu1.5\n  wpasupplicant                   2.1-0ubuntu1.5\n\nAfter a standard system update you need to reboot your computer to make\nall the necessary changes. \n\n\nHere are the details from the Slackware 14.2 ChangeLog:\n+--------------------------+\npatches/packages/wpa_supplicant-2.6-i586-1_slack14.2.txz:  Upgraded. \n  This update includes patches to mitigate the WPA2 protocol issues known\n  as \"KRACK\" (Key Reinstallation AttaCK), which may be used to decrypt data,\n  hijack TCP connections, and to forge and inject packets. \n  CVE-2017-13082: Accepting a retransmitted Fast BSS Transition (FT)\n    Reassociation Request and reinstalling the pairwise encryption key (PTK-TK)\n    while processing it. \n  For more information, see:\n    https://www.krackattacks.com/\n    https://w1.fi/security/2017-1/wpa-packet-number-reuse-with-replayed-messages.txt\n    https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-13077\n    https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-13078\n    https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-13079\n    https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-13080\n    https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-13081\n    https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-13082\n    https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-13084\n    https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-13086\n    https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-13087\n    https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-13088\n  (* Security fix *)\n+--------------------------+\n\n\nWhere to find the new packages:\n+-----------------------------+\n\nThanks to the friendly folks at the OSU Open Source Lab\n(http://osuosl.org) for donating FTP and rsync hosting\nto the Slackware project!  :-)\n\nAlso see the \"Get Slack\" section on http://slackware.com for\nadditional mirror sites near you. \n\nUpdated package for Slackware 14.0:\nftp://ftp.slackware.com/pub/slackware/slackware-14.0/patches/packages/wpa_supplicant-2.6-i486-1_slack14.0.txz\n\nUpdated package for Slackware x86_64 14.0:\nftp://ftp.slackware.com/pub/slackware/slackware64-14.0/patches/packages/wpa_supplicant-2.6-x86_64-1_slack14.0.txz\n\nUpdated package for Slackware 14.1:\nftp://ftp.slackware.com/pub/slackware/slackware-14.1/patches/packages/wpa_supplicant-2.6-i486-1_slack14.1.txz\n\nUpdated package for Slackware x86_64 14.1:\nftp://ftp.slackware.com/pub/slackware/slackware64-14.1/patches/packages/wpa_supplicant-2.6-x86_64-1_slack14.1.txz\n\nUpdated package for Slackware 14.2:\nftp://ftp.slackware.com/pub/slackware/slackware-14.2/patches/packages/wpa_supplicant-2.6-i586-1_slack14.2.txz\n\nUpdated package for Slackware x86_64 14.2:\nftp://ftp.slackware.com/pub/slackware/slackware64-14.2/patches/packages/wpa_supplicant-2.6-x86_64-1_slack14.2.txz\n\nUpdated package for Slackware -current:\nftp://ftp.slackware.com/pub/slackware/slackware-current/slackware/n/wpa_supplicant-2.6-i586-2.txz\n\nUpdated package for Slackware x86_64 -current:\nftp://ftp.slackware.com/pub/slackware/slackware64-current/slackware64/n/wpa_supplicant-2.6-x86_64-2.txz\n\n\nMD5 signatures:\n+-------------+\n\nSlackware 14.0 package:\nd8ecfaadb50b3547967ab53733ffc019  wpa_supplicant-2.6-i486-1_slack14.0.txz\n\nSlackware x86_64 14.0 package:\nf25216d28800504ce498705da7c9a825  wpa_supplicant-2.6-x86_64-1_slack14.0.txz\n\nSlackware 14.1 package:\n15c61050e4bab2581757befd86be74c0  wpa_supplicant-2.6-i486-1_slack14.1.txz\n\nSlackware x86_64 14.1 package:\n49fd537a520338744f7757615556d352  wpa_supplicant-2.6-x86_64-1_slack14.1.txz\n\nSlackware 14.2 package:\nc5539f40c8510af89be92945f0f80185  wpa_supplicant-2.6-i586-1_slack14.2.txz\n\nSlackware x86_64 14.2 package:\n4c527ff84fcdfd7839f217bbce2e4ae4  wpa_supplicant-2.6-x86_64-1_slack14.2.txz\n\nSlackware -current package:\n28bd88a54e96368f7a7020c1f5fb67fe  n/wpa_supplicant-2.6-i586-2.txz\n\nSlackware x86_64 -current package:\n464fc6b48d1ac077f47e9a3a8534c160  n/wpa_supplicant-2.6-x86_64-2.txz\n\n\nInstallation instructions:\n+------------------------+\n\nUpgrade the package as root:\n# upgradepkg wpa_supplicant-2.6-i586-1_slack14.2.txz\n\n\n+-----+\n\nSlackware Linux Security Team\nhttp://slackware.com/gpg-key\nsecurity@slackware.com\n\n+------------------------------------------------------------------------+\n| To leave the slackware-security mailing list:                          |\n+------------------------------------------------------------------------+\n| Send an email to majordomo@slackware.com with this text in the body of |\n| the email message:                                                     |\n|                                                                        |\n|   unsubscribe slackware-security                                       |\n|                                                                        |\n| You will get a confirmation message back containing instructions to    |\n| complete the process.  Please do not reply to this email address. -----BEGIN PGP SIGNED MESSAGE-----\nHash: SHA512\n\n=============================================================================\nFreeBSD-SA-17:07.wpa                                        Security Advisory\n                                                          The FreeBSD Project\n\nTopic:          WPA2 protocol vulnerability\n\nCategory:       contrib\nModule:         wpa\nAnnounced:      2017-10-16\nCredits:        Mathy Vanhoef\nAffects:        All supported versions of FreeBSD. \nCorrected:      2017-10-17 17:30:18 UTC (stable/11, 11.1-STABLE)\n                2017-10-17 17:57:18 UTC (releng/11.1, 11.1-RELEASE-p2)\n                2017-10-17 17:56:03 UTC (releng/11.0, 11.0-RELEASE-p13)\n                2017-10-19 03:18:22 UTC (stable/10, 10.4-STABLE)\n                2017-10-19 03:20:17 UTC (releng/10.4, 10.4-RELEASE-p1)\n                2017-10-19 03:19:42 UTC (releng/10.3, 10.3-RELEASE-p22)\nCVE Name:       CVE-2017-13077, CVE-2017-13078, CVE-2017-13079,\n                CVE-2017-13080, CVE-2017-13081, CVE-2017-13082,\n                CVE-2017-13086, CVE-2017-13087, CVE-2017-13088\n\nFor general information regarding FreeBSD Security Advisories,\nincluding descriptions of the fields above, security branches, and the\nfollowing sections, please visit \u003cURL:https://security.FreeBSD.org/\u003e. \n\n0.   Revision history\n\nv1.0  2017-10-17 Initial release. \nv1.1  2017-10-19 Add patches for 10.x releases. \n\nI. \n\nhostapd and wpa_supplicant are implementations of user space daemon for\naccess points and wireless client that implements the WPA2 protocol. \n\nII.  Problem Description\n\nA vulnerability was found in how a number of implementations can be\ntriggered to reconfigure WPA/WPA2/RSN keys (TK, GTK, or IGTK) by\nreplaying a specific frame that is used to manage the keys. \n\nIII. Impact\n\nSuch reinstallation of the encryption key can result in two different\ntypes of vulnerabilities: disabling replay protection and significantly\nreducing the security of encryption to the point of allowing frames to\nbe decrypted or some parts of the keys to be determined by an attacker\ndepending on which cipher is used. \n\nIV.  Workaround\n\nAn updated version of wpa_supplicant is available in the FreeBSD Ports\nCollection. Install version 2.6_2 or later of the\nsecurity/wpa_supplicant port/pkg. Once installed, update /etc/rc.conf\nto use the new binary:\n\nwpa_supplicant_program=\"/usr/local/sbin/wpa_supplicant\"\n\nand restart networking. \n\nAn updated version of hostapd is available in the FreeBSD Ports\nCollection. Install version 2.6_1 or later of the net/hostapd port/pkg. \nOnce installed, update /etc/rc.conf to use the new binary:\n\nhostapd_program=\"/usr/local/sbin/hostapd\"\n\nand restart hostapd. \n\nV.   Solution\n\nPerform one of the following:\n\n1) Upgrade your vulnerable system to a supported FreeBSD stable or\nrelease / security branch (releng) dated after the correction date. \n\nRestart the Wi-Fi network interfaces/hostapd or reboot the system. \n\n2) To update your vulnerable system via a binary patch:\n\nSystems running a RELEASE version of FreeBSD on the i386 or amd64\nplatforms can be updated via the freebsd-update(8) utility:\n\n# freebsd-update fetch\n# freebsd-update install\n\nRestart the Wi-Fi network interfaces/hostapd or reboot the system. \n\n3) To update your vulnerable system via a source code patch:\n\nThe following patches have been verified to apply to the applicable\nFreeBSD release branches. \n\na) Download the relevant patch from the location below, and verify the\ndetached PGP signature using your PGP utility. \n\n[FreeBSD 11.0-RELEASE, 11.1-RELEASE, and 11-STABLE]\n# fetch https://security.FreeBSD.org/patches/SA-17:07/wpa-11.patch\n# fetch https://security.FreeBSD.org/patches/SA-17:07/wpa-11.patch.asc\n# gpg --verify wpa-11.patch.asc\n\n[FreeBSD 10.3-RELEASE, 10.4-RELEASE, and 10-STABLE]\n# fetch https://security.FreeBSD.org/patches/SA-17:07/wpa-10.patch\n# fetch https://security.FreeBSD.org/patches/SA-17:07/wpa-10.patch.asc\n# gpg --verify wpa-10.patch.asc\n\nb) Apply the patch.  Execute the following commands as root:\n\n# cd /usr/src\n# patch \u003c /path/to/patch\n\nc) Recompile the operating system using buildworld and installworld as\ndescribed in \u003cURL:https://www.FreeBSD.org/handbook/makeworld.html\u003e. \n\nRestart the applicable daemons, or reboot the system. \n\nVI.  Correction details\n\nThe following list contains the correction revision numbers for each\naffected branch. \n\nBranch/path                                                      Revision\n- -------------------------------------------------------------------------\nstable/11/                                                        r324697\nreleng/11.0/                                                      r324698\nreleng/11.1/                                                      r324699\nstable/10/                                                        r324739\nreleng/10.3/                                                      r324740\nreleng/10.4/                                                      r324741\n- -------------------------------------------------------------------------\n\nTo see which files were modified by a particular revision, run the\nfollowing command, replacing NNNNNN with the revision number, on a\nmachine with Subversion installed:\n\n# svn diff -cNNNNNN --summarize svn://svn.freebsd.org/base\n\nOr visit the following URL, replacing NNNNNN with the revision number:\n\n\u003cURL:https://svnweb.freebsd.org/base?view=revision\u0026revision=NNNNNN\u003e\n\nVII. References\n\n\u003cURL:https://w1.fi/security/2017-1/wpa-packet-number-reuse-with-replayed-messages.txt\u003e\n\u003cURL:https://www.krackattacks.com/\u003e\n\nThe latest revision of this advisory is available at\n\u003cURL:https://security.FreeBSD.org/advisories/FreeBSD-SA-17:07.wpa.asc\u003e\n-----BEGIN PGP SIGNATURE-----\n\niQKTBAEBCgB9FiEEHPf/b631yp++G4yy7Wfs1l3PaucFAlnoGpNfFIAAAAAALgAo\naXNzdWVyLWZwckBub3RhdGlvbnMub3BlbnBncC5maWZ0aGhvcnNlbWFuLm5ldDFD\nRjdGRjZGQURGNUNBOUZCRTFCOENCMkVENjdFQ0Q2NURDRjZBRTcACgkQ7Wfs1l3P\nauc7WBAAm27w+fujv5sJsRxauUMopTVtRh5utwbDuoHTP+L+RCWmQfVBmueNQ0gf\nuJzMNxBIkbtY9LvyukpRsH3iD7mh26c0pd9rxxkkr4F96C9B5+W0amxJF1gdm54/\nF/50FpY+lo7cNs5tiBjypPrg8UOBBI/1G4XR7130XC0HjaTwt1ngZ0oQUWUMSsIp\ngN5ZfPul81WPWd1NqF+vyObcJhwq/Y1uoexoO27o7GQCFZoL3enZy8c4f1xqMlVM\n4HHkTgNGac6E0aW+ArH4J0DFFAOJXPqF8rdt+9XINfoBbtliIyOixJ4oh1n6eAR0\nVpBWZKFNyXSlUKIvDGa+LDhxgL1jJXV0ABSyKlUOijdmr3bbbiQE9MW/MNv2AFTd\nOAFQ0QQtm9KCWp5JLh+FPIb/kR2l7MOUP+yz4zFcJpdGtl9tDLyPN8vRTq60bY8O\ny7tBcf/SMqkd/AIFdchL4zrOguKnRARydIlwTarp8wtAQI3MKSsa1B0wgsDtlL6K\nxfdjnwWMKvKKlNOW16e1WXXO0n/ucHV4njBE+bGPro3jLgXP2/WFZpIGAR3I4xrr\nSdD4AxSNiR9f3bL7LRfMIbugJAylWNSlTLWUOVUv0/ONh85LqbcCj13NI230B64K\nETx2QOZgKnCs2oDNiw4aQHb7kvi2w94Iw/R1sAPkkxYJWO3reyE=\n=h/5q\n-----END PGP SIGNATURE-----\n",
        "sources": [
          {
            "db": "NVD",
            "id": "CVE-2017-13088"
          },
          {
            "db": "CERT/CC",
            "id": "VU#228519"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2017-009179"
          },
          {
            "db": "CNVD",
            "id": "CNVD-2017-30397"
          },
          {
            "db": "BID",
            "id": "101274"
          },
          {
            "db": "IVD",
            "id": "b8631bf1-6bd8-4549-b275-107397f54fc7"
          },
          {
            "db": "VULMON",
            "id": "CVE-2017-13088"
          },
          {
            "db": "PACKETSTORM",
            "id": "144652"
          },
          {
            "db": "PACKETSTORM",
            "id": "144630"
          },
          {
            "db": "PACKETSTORM",
            "id": "144632"
          },
          {
            "db": "PACKETSTORM",
            "id": "144663"
          },
          {
            "db": "PACKETSTORM",
            "id": "144669"
          }
        ],
        "trust": 3.87
      },
      "external_ids": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/external_ids#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "db": "CERT/CC",
            "id": "VU#228519",
            "trust": 4.2
          },
          {
            "db": "NVD",
            "id": "CVE-2017-13088",
            "trust": 4.1
          },
          {
            "db": "BID",
            "id": "101274",
            "trust": 2.6
          },
          {
            "db": "LENOVO",
            "id": "LEN-17420",
            "trust": 2.5
          },
          {
            "db": "SECTRACK",
            "id": "1039577",
            "trust": 1.7
          },
          {
            "db": "SECTRACK",
            "id": "1039576",
            "trust": 1.7
          },
          {
            "db": "SECTRACK",
            "id": "1039581",
            "trust": 1.7
          },
          {
            "db": "SECTRACK",
            "id": "1039578",
            "trust": 1.7
          },
          {
            "db": "SECTRACK",
            "id": "1039573",
            "trust": 1.7
          },
          {
            "db": "SIEMENS",
            "id": "SSA-901333",
            "trust": 1.7
          },
          {
            "db": "CERT@VDE",
            "id": "VDE-2017-005",
            "trust": 1.7
          },
          {
            "db": "ICS CERT",
            "id": "ICSMA-18-114-01",
            "trust": 1.2
          },
          {
            "db": "ICS CERT",
            "id": "ICSMA-19-029-01",
            "trust": 1.1
          },
          {
            "db": "ICS CERT",
            "id": "ICSA-17-353-02",
            "trust": 1.1
          },
          {
            "db": "ICS CERT",
            "id": "ICSA-17-318-01",
            "trust": 1.1
          },
          {
            "db": "CNVD",
            "id": "CNVD-2017-30397",
            "trust": 0.8
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201710-389",
            "trust": 0.8
          },
          {
            "db": "JUNIPER",
            "id": "JSA10827",
            "trust": 0.8
          },
          {
            "db": "DLINK",
            "id": "SAP10075",
            "trust": 0.8
          },
          {
            "db": "ICS CERT",
            "id": "ICSA-17-318-02A",
            "trust": 0.8
          },
          {
            "db": "JVN",
            "id": "JVNVU90609033",
            "trust": 0.8
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2017-009179",
            "trust": 0.8
          },
          {
            "db": "AUSCERT",
            "id": "ESB-2020.4125",
            "trust": 0.6
          },
          {
            "db": "ICS CERT",
            "id": "ICSA-17-299-02",
            "trust": 0.3
          },
          {
            "db": "ICS CERT",
            "id": "ICSA-17-318-02",
            "trust": 0.3
          },
          {
            "db": "ICS CERT",
            "id": "ICSA-17-325-01",
            "trust": 0.3
          },
          {
            "db": "IVD",
            "id": "B8631BF1-6BD8-4549-B275-107397F54FC7",
            "trust": 0.2
          },
          {
            "db": "VULMON",
            "id": "CVE-2017-13088",
            "trust": 0.1
          },
          {
            "db": "PACKETSTORM",
            "id": "144652",
            "trust": 0.1
          },
          {
            "db": "PACKETSTORM",
            "id": "144630",
            "trust": 0.1
          },
          {
            "db": "PACKETSTORM",
            "id": "144632",
            "trust": 0.1
          },
          {
            "db": "PACKETSTORM",
            "id": "144663",
            "trust": 0.1
          },
          {
            "db": "PACKETSTORM",
            "id": "144669",
            "trust": 0.1
          }
        ],
        "sources": [
          {
            "db": "IVD",
            "id": "b8631bf1-6bd8-4549-b275-107397f54fc7"
          },
          {
            "db": "CERT/CC",
            "id": "VU#228519"
          },
          {
            "db": "CNVD",
            "id": "CNVD-2017-30397"
          },
          {
            "db": "VULMON",
            "id": "CVE-2017-13088"
          },
          {
            "db": "BID",
            "id": "101274"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2017-009179"
          },
          {
            "db": "PACKETSTORM",
            "id": "144652"
          },
          {
            "db": "PACKETSTORM",
            "id": "144630"
          },
          {
            "db": "PACKETSTORM",
            "id": "144632"
          },
          {
            "db": "PACKETSTORM",
            "id": "144663"
          },
          {
            "db": "PACKETSTORM",
            "id": "144669"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201710-389"
          },
          {
            "db": "NVD",
            "id": "CVE-2017-13088"
          }
        ]
      },
      "id": "VAR-201710-0975",
      "iot": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/iot#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": true,
        "sources": [
          {
            "db": "IVD",
            "id": "b8631bf1-6bd8-4549-b275-107397f54fc7"
          },
          {
            "db": "CNVD",
            "id": "CNVD-2017-30397"
          }
        ],
        "trust": 1.4003193450000002
      },
      "iot_taxonomy": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "category": [
              "ICS"
            ],
            "sub_category": null,
            "trust": 0.8
          }
        ],
        "sources": [
          {
            "db": "IVD",
            "id": "b8631bf1-6bd8-4549-b275-107397f54fc7"
          },
          {
            "db": "CNVD",
            "id": "CNVD-2017-30397"
          }
        ]
      },
      "last_update_date": "2025-04-20T19:33:45.856000Z",
      "patch": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/patch#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "title": "ARUBA-PSA-2017-007",
            "trust": 0.8,
            "url": "http://www.arubanetworks.com/assets/alert/ARUBA-PSA-2017-007.txt"
          },
          {
            "title": "DSA-3999",
            "trust": 0.8,
            "url": "https://www.debian.org/security/2017/dsa-3999"
          },
          {
            "title": "FreeBSD-SA-17:07.wpa",
            "trust": 0.8,
            "url": "https://www.freebsd.org/security/advisories/FreeBSD-SA-17:07.wpa.asc"
          },
          {
            "title": "LEN-17420",
            "trust": 0.8,
            "url": "https://support.lenovo.com/jp/en/product_security/len-17420"
          },
          {
            "title": "NV17-024",
            "trust": 0.8,
            "url": "http://jpn.nec.com/security-info/secinfo/nv17-024.html"
          },
          {
            "title": "SUSE-SU-2017:2745",
            "trust": 0.8,
            "url": "https://lists.opensuse.org/opensuse-security-announce/2017-10/msg00020.html"
          },
          {
            "title": "SUSE-SU-2017:2752",
            "trust": 0.8,
            "url": "https://lists.opensuse.org/opensuse-security-announce/2017-10/msg00023.html"
          },
          {
            "title": "openSUSE-SU-2017:2755",
            "trust": 0.8,
            "url": "https://lists.opensuse.org/opensuse-security-announce/2017-10/msg00024.html"
          },
          {
            "title": "KRACKs - wpa_supplicant Multiple Vulnerabilities",
            "trust": 0.8,
            "url": "https://access.redhat.com/security/vulnerabilities/kracks"
          },
          {
            "title": "RHSA-2017:2907",
            "trust": 0.8,
            "url": "https://access.redhat.com/errata/RHSA-2017:2907"
          },
          {
            "title": "USN-3455-1",
            "trust": 0.8,
            "url": "https://usn.ubuntu.com/usn/USN-3455-1/"
          },
          {
            "title": "WPA packet number reuse with replayed messages and key reinstallation",
            "trust": 0.8,
            "url": "https://w1.fi/security/2017-1/wpa-packet-number-reuse-with-replayed-messages.txt"
          },
          {
            "title": "Wi-Fi\u306e\u8a8d\u8a3c\uff0f\u6697\u53f7\u5316\u6280\u8853WPA2\u304a\u3088\u3073WPA\u306e\u8907\u6570\u306e\u8106\u5f31\u6027\u306b\u3064\u3044\u3066  ",
            "trust": 0.8,
            "url": "http://www.fujitsu.com/jp/products/network/support/2017/srm-01/index.html"
          },
          {
            "title": "WPA2\u306e\u8106\u5f31\u6027\u306b\u95a2\u3059\u308b\u5f0a\u793e\u8abf\u67fb\u30fb\u5bfe\u5fdc\u72b6\u6cc1\u306b\u3064\u3044\u3066",
            "trust": 0.8,
            "url": "http://www.iodata.jp/support/information/2017/wpa2/"
          },
          {
            "title": "\u7121\u7ddaLAN \u8a8d\u8a3c\uff0f\u6697\u53f7\u5316\u6280\u8853WPA2\u304a\u3088\u3073WPA\u306b\u95a2\u3059\u308b\u8106\u5f31\u6027\u306e\u304a\u77e5\u3089\u305b ",
            "trust": 0.8,
            "url": "http://www.fmworld.net/biz/common/info/20171110/"
          },
          {
            "title": "Patch for WPA2 Wireless Network Sleep Mode IGTK Key Reload Vulnerability",
            "trust": 0.6,
            "url": "https://www.cnvd.org.cn/patchInfo/show/103827"
          },
          {
            "title": "Multiple WiFi product WPA2 Security vulnerabilities",
            "trust": 0.6,
            "url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=75503"
          },
          {
            "title": "Red Hat: Important: wpa_supplicant security update",
            "trust": 0.1,
            "url": "https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories\u0026qid=RHSA-20172907 - Security Advisory"
          },
          {
            "title": "Red Hat: CVE-2017-13088",
            "trust": 0.1,
            "url": "https://vulmon.com/vendoradvisory?qidtp=red_hat_cve_database\u0026qid=CVE-2017-13088"
          },
          {
            "title": "Arch Linux Issues: ",
            "trust": 0.1,
            "url": "https://vulmon.com/vendoradvisory?qidtp=arch_linux_issues\u0026qid=CVE-2017-13088"
          },
          {
            "title": "Ubuntu Security Notice: wpa vulnerabilities",
            "trust": 0.1,
            "url": "https://vulmon.com/vendoradvisory?qidtp=ubuntu_security_notice\u0026qid=USN-3455-1"
          },
          {
            "title": "Debian Security Advisories: DSA-3999-1 wpa -- security update",
            "trust": 0.1,
            "url": "https://vulmon.com/vendoradvisory?qidtp=debian_security_advisories\u0026qid=08990d9925276738bd732fa4d58f9ef0"
          },
          {
            "title": "Arch Linux Advisories: [ASA-201710-23] hostapd: man-in-the-middle",
            "trust": 0.1,
            "url": "https://vulmon.com/vendoradvisory?qidtp=arch_linux_advisories\u0026qid=ASA-201710-23"
          },
          {
            "title": "Arch Linux Advisories: [ASA-201710-22] wpa_supplicant: man-in-the-middle",
            "trust": 0.1,
            "url": "https://vulmon.com/vendoradvisory?qidtp=arch_linux_advisories\u0026qid=ASA-201710-22"
          },
          {
            "title": "Siemens Security Advisories: Siemens Security Advisory",
            "trust": 0.1,
            "url": "https://vulmon.com/vendoradvisory?qidtp=siemens_security_advisories\u0026qid=6df91267eee9400a24a98876f50ffe84"
          },
          {
            "title": "Android Security Bulletins: Android Security Bulletin\u2014November 2017",
            "trust": 0.1,
            "url": "https://vulmon.com/vendoradvisory?qidtp=android_security_bulletins\u0026qid=8c29eb008bb212762e5cfb25c7c5c0d5"
          },
          {
            "title": "Cisco: Multiple Vulnerabilities in Wi-Fi Protected Access and Wi-Fi Protected Access II",
            "trust": 0.1,
            "url": "https://vulmon.com/vendoradvisory?qidtp=cisco_security_advisories_and_alerts_ciscoproducts\u0026qid=cisco-sa-20171016-wpa"
          },
          {
            "title": "Oracle: Oracle Critical Patch Update Advisory - July 2018",
            "trust": 0.1,
            "url": "https://vulmon.com/vendoradvisory?qidtp=oracle_advisories\u0026qid=5f8c525f1408011628af1792207b2099"
          },
          {
            "title": "Oracle Linux Bulletins: Oracle Linux Bulletin - October 2017",
            "trust": 0.1,
            "url": "https://vulmon.com/vendoradvisory?qidtp=oracle_linux_bulletins\u0026qid=7251d5e5f2b1771951980ad7cfde50ba"
          },
          {
            "title": "KRACK",
            "trust": 0.1,
            "url": "https://github.com/chinatso/KRACK "
          },
          {
            "title": "krackinfo",
            "trust": 0.1,
            "url": "https://github.com/kristate/krackinfo "
          },
          {
            "title": "nixos-issue-db-example",
            "trust": 0.1,
            "url": "https://github.com/andir/nixos-issue-db-example "
          },
          {
            "title": "The Register",
            "trust": 0.1,
            "url": "https://www.theregister.co.uk/2017/11/07/android_november_security_update/"
          },
          {
            "title": "The Register",
            "trust": 0.1,
            "url": "https://www.theregister.co.uk/2017/10/16/wpa2_inscure_krackattack/"
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2017-30397"
          },
          {
            "db": "VULMON",
            "id": "CVE-2017-13088"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2017-009179"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201710-389"
          }
        ]
      },
      "problemtype_data": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "problemtype": "CWE-323",
            "trust": 1.0
          },
          {
            "problemtype": "CWE-330",
            "trust": 1.0
          },
          {
            "problemtype": "CWE-254",
            "trust": 0.8
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2017-009179"
          },
          {
            "db": "NVD",
            "id": "CVE-2017-13088"
          }
        ]
      },
      "references": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/references#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "trust": 3.7,
            "url": "https://www.krackattacks.com/"
          },
          {
            "trust": 3.3,
            "url": "https://source.android.com/security/bulletin/2017-11-01"
          },
          {
            "trust": 2.9,
            "url": "http://www.securityfocus.com/bid/101274"
          },
          {
            "trust": 2.8,
            "url": "http://www.arubanetworks.com/assets/alert/aruba-psa-2017-007.txt"
          },
          {
            "trust": 2.8,
            "url": "https://tools.cisco.com/security/center/content/ciscosecurityadvisory/cisco-sa-20171016-wpa"
          },
          {
            "trust": 2.6,
            "url": "https://access.redhat.com/security/vulnerabilities/kracks"
          },
          {
            "trust": 2.5,
            "url": "http://www.debian.org/security/2017/dsa-3999"
          },
          {
            "trust": 2.2,
            "url": "https://access.redhat.com/errata/rhsa-2017:2907"
          },
          {
            "trust": 2.1,
            "url": "http://www.kb.cert.org/vuls/id/228519"
          },
          {
            "trust": 1.8,
            "url": "https://w1.fi/security/2017-1/wpa-packet-number-reuse-with-replayed-messages.txt"
          },
          {
            "trust": 1.8,
            "url": "http://www.ubuntu.com/usn/usn-3455-1"
          },
          {
            "trust": 1.7,
            "url": "http://www.securitytracker.com/id/1039581"
          },
          {
            "trust": 1.7,
            "url": "http://www.securitytracker.com/id/1039578"
          },
          {
            "trust": 1.7,
            "url": "http://www.securitytracker.com/id/1039577"
          },
          {
            "trust": 1.7,
            "url": "http://www.securitytracker.com/id/1039576"
          },
          {
            "trust": 1.7,
            "url": "http://www.securitytracker.com/id/1039573"
          },
          {
            "trust": 1.7,
            "url": "https://support.lenovo.com/us/en/product_security/len-17420"
          },
          {
            "trust": 1.7,
            "url": "https://security.freebsd.org/advisories/freebsd-sa-17:07.wpa.asc"
          },
          {
            "trust": 1.7,
            "url": "http://lists.opensuse.org/opensuse-security-announce/2017-10/msg00024.html"
          },
          {
            "trust": 1.7,
            "url": "http://lists.opensuse.org/opensuse-security-announce/2017-10/msg00023.html"
          },
          {
            "trust": 1.7,
            "url": "http://lists.opensuse.org/opensuse-security-announce/2017-10/msg00020.html"
          },
          {
            "trust": 1.7,
            "url": "https://security.gentoo.org/glsa/201711-03"
          },
          {
            "trust": 1.7,
            "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-901333.pdf"
          },
          {
            "trust": 1.7,
            "url": "https://cert.vde.com/en-us/advisories/vde-2017-005"
          },
          {
            "trust": 1.7,
            "url": "http://www.oracle.com/technetwork/security-advisory/cpujul2018-4258247.html"
          },
          {
            "trust": 1.3,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2017-13088"
          },
          {
            "trust": 1.2,
            "url": "https://ics-cert.us-cert.gov/advisories/icsma-18-114-01"
          },
          {
            "trust": 1.1,
            "url": "https://papers.mathyvanhoef.com/ccs2017.pdf"
          },
          {
            "trust": 1.1,
            "url": "https://w1.fi/security/2017-1/"
          },
          {
            "trust": 1.1,
            "url": "https://security-center.intel.com/advisory.aspx?intelid=intel-sa-00101\u0026languageid=en-fr"
          },
          {
            "trust": 1.1,
            "url": "https://portal.msrc.microsoft.com/en-us/security-guidance/advisory/cve-2017-13080"
          },
          {
            "trust": 1.1,
            "url": "https://ics-cert.us-cert.gov/advisories/icsa-17-353-02"
          },
          {
            "trust": 1.1,
            "url": "https://ics-cert.us-cert.gov/advisories/icsa-17-318-01"
          },
          {
            "trust": 1.1,
            "url": "https://ics-cert.us-cert.gov/advisories/icsma-19-029-01"
          },
          {
            "trust": 0.9,
            "url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2017-13088"
          },
          {
            "trust": 0.8,
            "url": "https://cwe.mitre.org/data/definitions/323.html"
          },
          {
            "trust": 0.8,
            "url": "https://actiontecsupport.zendesk.com/hc/en-us/articles/115005205283-krack-vulnerability"
          },
          {
            "trust": 0.8,
            "url": "https://www3.aerohive.com/support/security-bulletins/product-security-announcement-aerohives-response-to-krack-10162017.html"
          },
          {
            "trust": 0.8,
            "url": "https://www.al-enterprise.com/en/support/security-alert-krack"
          },
          {
            "trust": 0.8,
            "url": "https://support.apple.com/en-gb/ht208222"
          },
          {
            "trust": 0.8,
            "url": "https://security.archlinux.org/avg-447"
          },
          {
            "trust": 0.8,
            "url": "https://www.asus.com/static_webpage/asus-product-security-advisory/"
          },
          {
            "trust": 0.8,
            "url": "https://community.barracudanetworks.com/forum/index.php?/topic/23525-security-advisories/page-2"
          },
          {
            "trust": 0.8,
            "url": "https://lists.centos.org/pipermail/centos-announce/2017-october/022569.html"
          },
          {
            "trust": 0.8,
            "url": "https://community.cypress.com/docs/doc-13871"
          },
          {
            "trust": 0.8,
            "url": "http://supportannouncement.us.dlink.com/announcement/publication.aspx?name=sap10075"
          },
          {
            "trust": 0.8,
            "url": "http://www.dell.com/support/article/sln307822"
          },
          {
            "trust": 0.8,
            "url": "https://github.com/espressif/esp8266_nonos_sdk"
          },
          {
            "trust": 0.8,
            "url": "https://extremeportal.force.com/extrarticledetail?n=000018005"
          },
          {
            "trust": 0.8,
            "url": "https://bodhi.fedoraproject.org/updates/fedora-2017-60bfb576b7"
          },
          {
            "trust": 0.8,
            "url": "http://www.fortiguard.com/psirt/fg-ir-17-196"
          },
          {
            "trust": 0.8,
            "url": "https://www.freebsd.org/security/advisories/freebsd-sa-17:07.wpa.asc"
          },
          {
            "trust": 0.8,
            "url": "https://bugs.gentoo.org/634440"
          },
          {
            "trust": 0.8,
            "url": "https://support.hpe.com/hpsc/doc/public/display?sp4ts.oid=null\u0026doclocale=en_us\u0026docid=emr_na-a00029151en_us"
          },
          {
            "trust": 0.8,
            "url": "https://kb.juniper.net/jsa10827"
          },
          {
            "trust": 0.8,
            "url": "https://support.lenovo.com/ca/en/product_security/len-17420"
          },
          {
            "trust": 0.8,
            "url": "http://www.microchip.com/wwwproducts/en/atwinc1500"
          },
          {
            "trust": 0.8,
            "url": "http://mail-index.netbsd.org/source-changes/2017/10/16/msg088877.html"
          },
          {
            "trust": 0.8,
            "url": "https://kb.netgear.com/000049498/security-advisory-for-wpa-2-vulnerabilities-psv-2017-2826-psv-2017-2836-psv-2017-2837"
          },
          {
            "trust": 0.8,
            "url": "https://forum.peplink.com/t/security-advisory-wpa2-vulnerability-vu-228519/12715"
          },
          {
            "trust": 0.8,
            "url": "https://ruckus-www.s3.amazonaws.com/pdf/security/faq-security-advisory-id-101617-v1.0.pdf"
          },
          {
            "trust": 0.8,
            "url": "https://www.suse.com/de-de/support/kb/doc/?id=7022107"
          },
          {
            "trust": 0.8,
            "url": "https://source.sierrawireless.com/resources/airlink/software_reference_docs/technical-bulletin/sierra-wireless-technical-bulletin---wpa-and-wpa2-vulnerabilities/"
          },
          {
            "trust": 0.8,
            "url": "http://www.slackware.com/changelog/stable.php?cpu=x86_64"
          },
          {
            "trust": 0.8,
            "url": "https://community.sophos.com/kb/en-us/127658"
          },
          {
            "trust": 0.8,
            "url": "https://www.toshibacommerce.com/wps/myportal/%21ut/p/a1/rzrnc8igeiz_sw8egqhjcdmmwr8abw2dqcnfoyqotidrrk399uxrrwotuzgws7a87y6z88iuzmcq2u4uwcnlzypjnjj5-exr_wnhya-laxtrid-j3uchdtb8gylmuw6qzgktovtowsrrqlrs6-8dbeqhwc1mykqnlabgdjlf1yjvn7i5af4qtdwsn2tri7j"
          },
          {
            "trust": 0.8,
            "url": "http://www.toshiba-personalstorage.net/en/news/hdd/ot_notice/20171017.htm"
          },
          {
            "trust": 0.8,
            "url": "http://support.toshiba.com/support/staticcontentdetail?contentid=4015875\u0026isfromtoclink=false"
          },
          {
            "trust": 0.8,
            "url": "https://community.ubnt.com/t5/unifi-updates-blog/firmware-3-9-3-7537-for-uap-usw-has-been-released/ba-p/2099365"
          },
          {
            "trust": 0.8,
            "url": "https://usn.ubuntu.com/usn/usn-3455-1/"
          },
          {
            "trust": 0.8,
            "url": "http://en.miui.com/thread-954223-1-1.html"
          },
          {
            "trust": 0.8,
            "url": "https://www.zebra.com/content/dam/zebra_new_ia/en-us/support-and-downloads/lifeguard-security/krack-security-bulletin.pdf"
          },
          {
            "trust": 0.8,
            "url": "http://www.zyxel.com/support/announcement_wpa2_key_management.shtml"
          },
          {
            "trust": 0.8,
            "url": "https://supportcenter.checkpoint.com/supportcenter/portal?eventsubmit_dogoviewsolutiondetails=\u0026solutionid=sk120938"
          },
          {
            "trust": 0.8,
            "url": "https://community.rsa.com/docs/doc-84103"
          },
          {
            "trust": 0.8,
            "url": "https://support.f5.com/csp/article/k23642330"
          },
          {
            "trust": 0.8,
            "url": "https://forum.mikrotik.com/viewtopic.php?f=21\u0026t=126695"
          },
          {
            "trust": 0.8,
            "url": "https://community.linksys.com/t5/wireless-routers/krack-vulnerability/td-p/1218573"
          },
          {
            "trust": 0.8,
            "url": "https://ics-cert.us-cert.gov/advisories/icsa-17-318-02a"
          },
          {
            "trust": 0.8,
            "url": "https://www.ipa.go.jp/security/ciadr/vul/20171017_wpa2.html"
          },
          {
            "trust": 0.8,
            "url": "http://jvn.jp/vu/jvnvu90609033/index.html"
          },
          {
            "trust": 0.8,
            "url": "https://www.kb.cert.org/vuls/id/cheu-aqnmyp"
          },
          {
            "trust": 0.6,
            "url": "https://www.kb.cert.org/vuls/id/228519/"
          },
          {
            "trust": 0.6,
            "url": "https://www.auscert.org.au/bulletins/esb-2020.4125/"
          },
          {
            "trust": 0.5,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2017-13078"
          },
          {
            "trust": 0.5,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2017-13082"
          },
          {
            "trust": 0.5,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2017-13087"
          },
          {
            "trust": 0.5,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2017-13086"
          },
          {
            "trust": 0.5,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2017-13077"
          },
          {
            "trust": 0.5,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2017-13080"
          },
          {
            "trust": 0.4,
            "url": "https://access.redhat.com/security/cve/cve-2017-13077"
          },
          {
            "trust": 0.4,
            "url": "https://access.redhat.com/security/cve/cve-2017-13078"
          },
          {
            "trust": 0.4,
            "url": "https://access.redhat.com/security/cve/cve-2017-13080"
          },
          {
            "trust": 0.4,
            "url": "https://access.redhat.com/security/cve/cve-2017-13082"
          },
          {
            "trust": 0.4,
            "url": "https://access.redhat.com/security/cve/cve-2017-13086"
          },
          {
            "trust": 0.4,
            "url": "https://access.redhat.com/security/cve/cve-2017-13087"
          },
          {
            "trust": 0.4,
            "url": "https://access.redhat.com/security/cve/cve-2017-13088"
          },
          {
            "trust": 0.4,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2017-13081"
          },
          {
            "trust": 0.4,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2017-13079"
          },
          {
            "trust": 0.3,
            "url": "https://github.com/stevenhoneyman/wpa_gui/tree/master/wpa_supplicant-2.4"
          },
          {
            "trust": 0.3,
            "url": "http://www.wi-fi.org/index.php"
          },
          {
            "trust": 0.3,
            "url": "https://support.apple.com/en-ie/ht208847"
          },
          {
            "trust": 0.3,
            "url": "https://support.apple.com/en-in/ht208334"
          },
          {
            "trust": 0.3,
            "url": "https://support.apple.com/en-in/ht208327"
          },
          {
            "trust": 0.3,
            "url": "https://support.apple.com/en-in/ht208325"
          },
          {
            "trust": 0.3,
            "url": "https://lists.apple.com/archives/security-announce/2017/dec/msg00009.html"
          },
          {
            "trust": 0.3,
            "url": "https://lists.apple.com/archives/security-announce/2017/dec/msg00008.html"
          },
          {
            "trust": 0.3,
            "url": "https://lists.apple.com/archives/security-announce/2018/jul/msg00000.html"
          },
          {
            "trust": 0.3,
            "url": "https://access.redhat.com/security/cve/cve-2017-13079"
          },
          {
            "trust": 0.3,
            "url": "https://access.redhat.com/security/cve/cve-2017-13081"
          },
          {
            "trust": 0.3,
            "url": "https://access.redhat.com/security/cve/cve-2017-13084"
          },
          {
            "trust": 0.3,
            "url": "http://docs.fortinet.com/uploaded/files/3961/fortiap-v5.6.1-release-notes.pdf"
          },
          {
            "trust": 0.3,
            "url": "https://ics-cert.us-cert.gov/advisories/icsa-17-299-02"
          },
          {
            "trust": 0.3,
            "url": "https://ics-cert.us-cert.gov/advisories/icsa-17-318-02"
          },
          {
            "trust": 0.3,
            "url": "https://ics-cert.us-cert.gov/advisories/icsa-17-325-01"
          },
          {
            "trust": 0.3,
            "url": "http://www.oracle.com/technetwork/security-advisory/cpuapr2018-3678067.html"
          },
          {
            "trust": 0.3,
            "url": "https://access.redhat.com/errata/rhsa-2017:2911"
          },
          {
            "trust": 0.1,
            "url": "https://cwe.mitre.org/data/definitions/330.html"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov"
          },
          {
            "trust": 0.1,
            "url": "https://github.com/kristate/krackinfo"
          },
          {
            "trust": 0.1,
            "url": "https://access.redhat.com/security/updates/classification/#important"
          },
          {
            "trust": 0.1,
            "url": "https://access.redhat.com/articles/11258"
          },
          {
            "trust": 0.1,
            "url": "https://access.redhat.com/security/team/contact/"
          },
          {
            "trust": 0.1,
            "url": "https://www.redhat.com/mailman/listinfo/rhsa-announce"
          },
          {
            "trust": 0.1,
            "url": "https://bugzilla.redhat.com/):"
          },
          {
            "trust": 0.1,
            "url": "https://access.redhat.com/security/team/key/"
          },
          {
            "trust": 0.1,
            "url": "https://www.debian.org/security/faq"
          },
          {
            "trust": 0.1,
            "url": "https://www.debian.org/security/"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2016-4476"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2016-4477"
          },
          {
            "trust": 0.1,
            "url": "https://launchpad.net/ubuntu/+source/wpa/2.1-0ubuntu1.5"
          },
          {
            "trust": 0.1,
            "url": "https://launchpad.net/ubuntu/+source/wpa/2.4-0ubuntu9.1"
          },
          {
            "trust": 0.1,
            "url": "https://launchpad.net/ubuntu/+source/wpa/2.4-0ubuntu6.2"
          },
          {
            "trust": 0.1,
            "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2017-13078"
          },
          {
            "trust": 0.1,
            "url": "http://slackware.com"
          },
          {
            "trust": 0.1,
            "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2017-13080"
          },
          {
            "trust": 0.1,
            "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2017-13082"
          },
          {
            "trust": 0.1,
            "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2017-13077"
          },
          {
            "trust": 0.1,
            "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2017-13087"
          },
          {
            "trust": 0.1,
            "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2017-13081"
          },
          {
            "trust": 0.1,
            "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2017-13084"
          },
          {
            "trust": 0.1,
            "url": "http://slackware.com/gpg-key"
          },
          {
            "trust": 0.1,
            "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2017-13086"
          },
          {
            "trust": 0.1,
            "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2017-13079"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2017-13084"
          },
          {
            "trust": 0.1,
            "url": "http://osuosl.org)"
          },
          {
            "trust": 0.1,
            "url": "https://security.freebsd.org/patches/sa-17:07/wpa-10.patch.asc"
          },
          {
            "trust": 0.1,
            "url": "https://security.freebsd.org/advisories/freebsd-sa-17:07.wpa.asc\u003e"
          },
          {
            "trust": 0.1,
            "url": "https://svnweb.freebsd.org/base?view=revision\u0026revision=nnnnnn\u003e"
          },
          {
            "trust": 0.1,
            "url": "https://www.krackattacks.com/\u003e"
          },
          {
            "trust": 0.1,
            "url": "https://security.freebsd.org/patches/sa-17:07/wpa-11.patch.asc"
          },
          {
            "trust": 0.1,
            "url": "https://security.freebsd.org/\u003e."
          },
          {
            "trust": 0.1,
            "url": "https://security.freebsd.org/patches/sa-17:07/wpa-11.patch"
          },
          {
            "trust": 0.1,
            "url": "https://security.freebsd.org/patches/sa-17:07/wpa-10.patch"
          },
          {
            "trust": 0.1,
            "url": "https://www.freebsd.org/handbook/makeworld.html\u003e."
          },
          {
            "trust": 0.1,
            "url": "https://w1.fi/security/2017-1/wpa-packet-number-reuse-with-replayed-messages.txt\u003e"
          }
        ],
        "sources": [
          {
            "db": "CERT/CC",
            "id": "VU#228519"
          },
          {
            "db": "CNVD",
            "id": "CNVD-2017-30397"
          },
          {
            "db": "VULMON",
            "id": "CVE-2017-13088"
          },
          {
            "db": "BID",
            "id": "101274"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2017-009179"
          },
          {
            "db": "PACKETSTORM",
            "id": "144652"
          },
          {
            "db": "PACKETSTORM",
            "id": "144630"
          },
          {
            "db": "PACKETSTORM",
            "id": "144632"
          },
          {
            "db": "PACKETSTORM",
            "id": "144663"
          },
          {
            "db": "PACKETSTORM",
            "id": "144669"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201710-389"
          },
          {
            "db": "NVD",
            "id": "CVE-2017-13088"
          }
        ]
      },
      "sources": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "db": "IVD",
            "id": "b8631bf1-6bd8-4549-b275-107397f54fc7"
          },
          {
            "db": "CERT/CC",
            "id": "VU#228519"
          },
          {
            "db": "CNVD",
            "id": "CNVD-2017-30397"
          },
          {
            "db": "VULMON",
            "id": "CVE-2017-13088"
          },
          {
            "db": "BID",
            "id": "101274"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2017-009179"
          },
          {
            "db": "PACKETSTORM",
            "id": "144652"
          },
          {
            "db": "PACKETSTORM",
            "id": "144630"
          },
          {
            "db": "PACKETSTORM",
            "id": "144632"
          },
          {
            "db": "PACKETSTORM",
            "id": "144663"
          },
          {
            "db": "PACKETSTORM",
            "id": "144669"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201710-389"
          },
          {
            "db": "NVD",
            "id": "CVE-2017-13088"
          }
        ]
      },
      "sources_release_date": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "date": "2017-10-17T00:00:00",
            "db": "IVD",
            "id": "b8631bf1-6bd8-4549-b275-107397f54fc7"
          },
          {
            "date": "2017-10-16T00:00:00",
            "db": "CERT/CC",
            "id": "VU#228519"
          },
          {
            "date": "2017-10-17T00:00:00",
            "db": "CNVD",
            "id": "CNVD-2017-30397"
          },
          {
            "date": "2017-10-17T00:00:00",
            "db": "VULMON",
            "id": "CVE-2017-13088"
          },
          {
            "date": "2017-10-16T00:00:00",
            "db": "BID",
            "id": "101274"
          },
          {
            "date": "2017-11-06T00:00:00",
            "db": "JVNDB",
            "id": "JVNDB-2017-009179"
          },
          {
            "date": "2017-10-17T16:52:00",
            "db": "PACKETSTORM",
            "id": "144652"
          },
          {
            "date": "2017-10-16T13:49:34",
            "db": "PACKETSTORM",
            "id": "144630"
          },
          {
            "date": "2017-10-16T23:23:00",
            "db": "PACKETSTORM",
            "id": "144632"
          },
          {
            "date": "2017-10-18T20:44:00",
            "db": "PACKETSTORM",
            "id": "144663"
          },
          {
            "date": "2017-10-19T14:28:55",
            "db": "PACKETSTORM",
            "id": "144669"
          },
          {
            "date": "2017-10-17T00:00:00",
            "db": "CNNVD",
            "id": "CNNVD-201710-389"
          },
          {
            "date": "2017-10-17T13:29:00.630000",
            "db": "NVD",
            "id": "CVE-2017-13088"
          }
        ]
      },
      "sources_update_date": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "date": "2017-11-16T00:00:00",
            "db": "CERT/CC",
            "id": "VU#228519"
          },
          {
            "date": "2017-10-17T00:00:00",
            "db": "CNVD",
            "id": "CNVD-2017-30397"
          },
          {
            "date": "2019-10-03T00:00:00",
            "db": "VULMON",
            "id": "CVE-2017-13088"
          },
          {
            "date": "2019-02-21T09:00:00",
            "db": "BID",
            "id": "101274"
          },
          {
            "date": "2019-02-01T00:00:00",
            "db": "JVNDB",
            "id": "JVNDB-2017-009179"
          },
          {
            "date": "2020-11-23T00:00:00",
            "db": "CNNVD",
            "id": "CNNVD-201710-389"
          },
          {
            "date": "2025-04-20T01:37:25.860000",
            "db": "NVD",
            "id": "CVE-2017-13088"
          }
        ]
      },
      "threat_type": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/threat_type#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "remote or local",
        "sources": [
          {
            "db": "CNNVD",
            "id": "CNNVD-201710-389"
          }
        ],
        "trust": 0.6
      },
      "title": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/title#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "Wi-Fi Protected Access (WPA) handshake traffic can be manipulated to induce nonce and session key reuse",
        "sources": [
          {
            "db": "CERT/CC",
            "id": "VU#228519"
          }
        ],
        "trust": 0.8
      },
      "type": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/type#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "security feature problem",
        "sources": [
          {
            "db": "CNNVD",
            "id": "CNNVD-201710-389"
          }
        ],
        "trust": 0.6
      }
    }

    VAR-201412-0424

    Vulnerability from variot - Updated: 2025-04-13 23:10

    Technicolor Router TD5130 with firmware 2.05.C29GV allows remote attackers to execute arbitrary commands via shell metacharacters in the ping field (setobject_ip parameter). Supplementary information : CWE Vulnerability type by CWE-77: Improper Neutralization of Special Elements used in a Command ( Command injection ) Has been identified. The Technicolor ADSL2+ Router is a router device. An attacker could exploit this vulnerability to execute arbitrary commands or initiate a denial of service in the context of an affected application. Failed exploit attempts will result in a denial-of-service condition. ADSL2+ 2.05.C29GV is vulnerable; other versions may also be affected. Product: Wireless N ADSL 2/2+ Modem Router Firmware Version : V2.05.C29GV Modem Type : ADSL2+ Router Modem Vendor : Technicolor Model: DT5130

    Bugs: 1- Unauth Xss - CVE-2014-9142 user=teste&password=teste& userlevel=15&refer=%2Fnigga.html&failrefer=/basicauth.cgi?index.html?failrefer=alert('TESTE')"%0A&login=Login&password=pass&refer=/index.html&user=teste&userlevel=15&login=Login

    2- Arbitrari URL redirect - CVE-2014-9143 failrefer=http://blog.dclabs.com.br&login=Login&password= pass&refer=/index.html&user=1&userlevel=15

    3- Command Injection in ping field - CVE-2014-9144 setobject_token=SESSION_CONTRACT_TOKEN_TAG%3D0123456789012345&setobject_ip=s1.3.6.1.4.1.283.1000.2.1.6.4.1.0%3Dwww.google.com.br|id&setobject_ping=i1.3.6.1.4.1.283.1000.2.1.6.4.2.0%3D1&getobject_result=IGNORE

    -- Ewerson Guimaraes (Crash) Pentester/Researcher DcLabs / Ibliss Security Team www.dclabs.com.br / www.ibliss.com.br

    Show details on source website

    {
      "@context": {
        "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
        "affected_products": {
          "@id": "https://www.variotdbs.pl/ref/affected_products"
        },
        "configurations": {
          "@id": "https://www.variotdbs.pl/ref/configurations"
        },
        "credits": {
          "@id": "https://www.variotdbs.pl/ref/credits"
        },
        "cvss": {
          "@id": "https://www.variotdbs.pl/ref/cvss/"
        },
        "description": {
          "@id": "https://www.variotdbs.pl/ref/description/"
        },
        "exploit_availability": {
          "@id": "https://www.variotdbs.pl/ref/exploit_availability/"
        },
        "external_ids": {
          "@id": "https://www.variotdbs.pl/ref/external_ids/"
        },
        "iot": {
          "@id": "https://www.variotdbs.pl/ref/iot/"
        },
        "iot_taxonomy": {
          "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
        },
        "patch": {
          "@id": "https://www.variotdbs.pl/ref/patch/"
        },
        "problemtype_data": {
          "@id": "https://www.variotdbs.pl/ref/problemtype_data/"
        },
        "references": {
          "@id": "https://www.variotdbs.pl/ref/references/"
        },
        "sources": {
          "@id": "https://www.variotdbs.pl/ref/sources/"
        },
        "sources_release_date": {
          "@id": "https://www.variotdbs.pl/ref/sources_release_date/"
        },
        "sources_update_date": {
          "@id": "https://www.variotdbs.pl/ref/sources_update_date/"
        },
        "threat_type": {
          "@id": "https://www.variotdbs.pl/ref/threat_type/"
        },
        "title": {
          "@id": "https://www.variotdbs.pl/ref/title/"
        },
        "type": {
          "@id": "https://www.variotdbs.pl/ref/type/"
        }
      },
      "@id": "https://www.variotdbs.pl/vuln/VAR-201412-0424",
      "affected_products": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/affected_products#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            },
            "@id": "https://www.variotdbs.pl/ref/sources"
          }
        },
        "data": [
          {
            "model": "td5130 router",
            "scope": "eq",
            "trust": 1.6,
            "vendor": "technicolor",
            "version": "2.05.c29gv"
          },
          {
            "model": "td5130",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "technicolor",
            "version": "2.05.c29gv"
          },
          {
            "model": "adsl2+ router 2.05.c29gv",
            "scope": null,
            "trust": 0.6,
            "vendor": "technicolor",
            "version": null
          },
          {
            "model": "adsl2+ 2.05.c29gv",
            "scope": null,
            "trust": 0.3,
            "vendor": "technicolor",
            "version": null
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2014-08783"
          },
          {
            "db": "BID",
            "id": "71497"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2014-005783"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201412-126"
          },
          {
            "db": "NVD",
            "id": "CVE-2014-9144"
          }
        ]
      },
      "configurations": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/configurations#",
          "children": {
            "@container": "@list"
          },
          "cpe_match": {
            "@container": "@list"
          },
          "data": {
            "@container": "@list"
          },
          "nodes": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "CVE_data_version": "4.0",
            "nodes": [
              {
                "cpe_match": [
                  {
                    "cpe22Uri": "cpe:/o:technicolor:td5130_router_firmware",
                    "vulnerable": true
                  }
                ],
                "operator": "OR"
              }
            ]
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2014-005783"
          }
        ]
      },
      "credits": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/credits#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "Ewerson Guimaraes",
        "sources": [
          {
            "db": "BID",
            "id": "71497"
          },
          {
            "db": "PACKETSTORM",
            "id": "129374"
          }
        ],
        "trust": 0.4
      },
      "cve": "CVE-2014-9144",
      "cvss": {
        "@context": {
          "cvssV2": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
          },
          "cvssV3": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
          },
          "severity": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/cvss/severity#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/severity"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            },
            "@id": "https://www.variotdbs.pl/ref/sources"
          }
        },
        "data": [
          {
            "cvssV2": [
              {
                "accessComplexity": "LOW",
                "accessVector": "NETWORK",
                "authentication": "NONE",
                "author": "nvd@nist.gov",
                "availabilityImpact": "PARTIAL",
                "baseScore": 7.5,
                "confidentialityImpact": "PARTIAL",
                "exploitabilityScore": 10.0,
                "id": "CVE-2014-9144",
                "impactScore": 6.4,
                "integrityImpact": "PARTIAL",
                "severity": "HIGH",
                "trust": 1.8,
                "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
                "version": "2.0"
              },
              {
                "accessComplexity": "LOW",
                "accessVector": "NETWORK",
                "authentication": "NONE",
                "author": "CNVD",
                "availabilityImpact": "PARTIAL",
                "baseScore": 7.5,
                "confidentialityImpact": "PARTIAL",
                "exploitabilityScore": 10.0,
                "id": "CNVD-2014-08783",
                "impactScore": 6.4,
                "integrityImpact": "PARTIAL",
                "severity": "HIGH",
                "trust": 0.6,
                "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
                "version": "2.0"
              },
              {
                "accessComplexity": "LOW",
                "accessVector": "NETWORK",
                "authentication": "NONE",
                "author": "VULHUB",
                "availabilityImpact": "PARTIAL",
                "baseScore": 7.5,
                "confidentialityImpact": "PARTIAL",
                "exploitabilityScore": 10.0,
                "id": "VHN-77089",
                "impactScore": 6.4,
                "integrityImpact": "PARTIAL",
                "severity": "HIGH",
                "trust": 0.1,
                "vectorString": "AV:N/AC:L/AU:N/C:P/I:P/A:P",
                "version": "2.0"
              }
            ],
            "cvssV3": [],
            "severity": [
              {
                "author": "nvd@nist.gov",
                "id": "CVE-2014-9144",
                "trust": 1.0,
                "value": "HIGH"
              },
              {
                "author": "NVD",
                "id": "CVE-2014-9144",
                "trust": 0.8,
                "value": "High"
              },
              {
                "author": "CNVD",
                "id": "CNVD-2014-08783",
                "trust": 0.6,
                "value": "HIGH"
              },
              {
                "author": "CNNVD",
                "id": "CNNVD-201412-126",
                "trust": 0.6,
                "value": "HIGH"
              },
              {
                "author": "VULHUB",
                "id": "VHN-77089",
                "trust": 0.1,
                "value": "HIGH"
              }
            ]
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2014-08783"
          },
          {
            "db": "VULHUB",
            "id": "VHN-77089"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2014-005783"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201412-126"
          },
          {
            "db": "NVD",
            "id": "CVE-2014-9144"
          }
        ]
      },
      "description": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/description#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "Technicolor Router TD5130 with firmware 2.05.C29GV allows remote attackers to execute arbitrary commands via shell metacharacters in the ping field (setobject_ip parameter). Supplementary information : CWE Vulnerability type by CWE-77: Improper Neutralization of Special Elements used in a Command ( Command injection ) Has been identified. The Technicolor ADSL2+ Router is a router device. An attacker could exploit this vulnerability to execute arbitrary commands or initiate a denial of service in the context of an affected application. Failed exploit attempts will result in a denial-of-service condition. \nADSL2+  2.05.C29GV is vulnerable; other versions may also be affected. Product: Wireless N ADSL 2/2+ Modem Router\nFirmware Version : V2.05.C29GV\nModem Type : ADSL2+ Router\nModem Vendor : Technicolor\nModel: DT5130\n\nBugs:\n1- Unauth Xss - CVE-2014-9142\nuser=teste\u0026password=teste\u0026\nuserlevel=15\u0026refer=%2Fnigga.html\u0026failrefer=/basicauth.cgi?index.html?failrefer=\u003cscript\u003e\u003c/script\u003e\u003cscript\u003ealert(\u0027TESTE\u0027)\u003c/script\u003e\"%0A\u0026login=Login\u0026password=pass\u0026refer=/index.html\u0026user=teste\u0026userlevel=15\u0026login=Login\n\n2- Arbitrari URL redirect - CVE-2014-9143\nfailrefer=http://blog.dclabs.com.br\u0026login=Login\u0026password=\npass\u0026refer=/index.html\u0026user=1\u0026userlevel=15\n\n3- Command Injection in ping field - CVE-2014-9144\nsetobject_token=SESSION_CONTRACT_TOKEN_TAG%3D0123456789012345\u0026setobject_ip=s1.3.6.1.4.1.283.1000.2.1.6.4.1.0%3Dwww.google.com.br|`id`\u0026setobject_ping=i1.3.6.1.4.1.283.1000.2.1.6.4.2.0%3D1\u0026getobject_result=IGNORE\n\n\n-- \nEwerson Guimaraes (Crash)\nPentester/Researcher\nDcLabs / Ibliss  Security Team\nwww.dclabs.com.br / www.ibliss.com.br\n",
        "sources": [
          {
            "db": "NVD",
            "id": "CVE-2014-9144"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2014-005783"
          },
          {
            "db": "CNVD",
            "id": "CNVD-2014-08783"
          },
          {
            "db": "BID",
            "id": "71497"
          },
          {
            "db": "VULHUB",
            "id": "VHN-77089"
          },
          {
            "db": "PACKETSTORM",
            "id": "129374"
          }
        ],
        "trust": 2.61
      },
      "exploit_availability": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/exploit_availability#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "reference": "https://www.scap.org.cn/vuln/vhn-77089",
            "trust": 0.1,
            "type": "unknown"
          }
        ],
        "sources": [
          {
            "db": "VULHUB",
            "id": "VHN-77089"
          }
        ]
      },
      "external_ids": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/external_ids#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "db": "NVD",
            "id": "CVE-2014-9144",
            "trust": 3.5
          },
          {
            "db": "PACKETSTORM",
            "id": "129374",
            "trust": 2.6
          },
          {
            "db": "EXPLOIT-DB",
            "id": "35462",
            "trust": 2.3
          },
          {
            "db": "BID",
            "id": "71497",
            "trust": 1.0
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2014-005783",
            "trust": 0.8
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201412-126",
            "trust": 0.7
          },
          {
            "db": "EXPLOITDB",
            "id": "35462",
            "trust": 0.6
          },
          {
            "db": "BID",
            "id": "71498",
            "trust": 0.6
          },
          {
            "db": "OSVDB",
            "id": "115284",
            "trust": 0.6
          },
          {
            "db": "CNVD",
            "id": "CNVD-2014-08783",
            "trust": 0.6
          },
          {
            "db": "VULHUB",
            "id": "VHN-77089",
            "trust": 0.1
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2014-08783"
          },
          {
            "db": "VULHUB",
            "id": "VHN-77089"
          },
          {
            "db": "BID",
            "id": "71497"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2014-005783"
          },
          {
            "db": "PACKETSTORM",
            "id": "129374"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201412-126"
          },
          {
            "db": "NVD",
            "id": "CVE-2014-9144"
          }
        ]
      },
      "id": "VAR-201412-0424",
      "iot": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/iot#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": true,
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2014-08783"
          },
          {
            "db": "VULHUB",
            "id": "VHN-77089"
          }
        ],
        "trust": 1.7
      },
      "iot_taxonomy": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "category": [
              "Network device"
            ],
            "sub_category": null,
            "trust": 0.6
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2014-08783"
          }
        ]
      },
      "last_update_date": "2025-04-13T23:10:05.010000Z",
      "patch": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/patch#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "title": "Top Page",
            "trust": 0.8,
            "url": "http://www.technicolor.com/"
          },
          {
            "title": "TD5130 (Setup \u0026 User Guide)",
            "trust": 0.8,
            "url": "http://setuprouter.com/router/technicolor/td5130/manual-1247.pdf"
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2014-005783"
          }
        ]
      },
      "problemtype_data": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "problemtype": "CWE-77",
            "trust": 1.1
          },
          {
            "problemtype": "CWE-Other",
            "trust": 0.8
          }
        ],
        "sources": [
          {
            "db": "VULHUB",
            "id": "VHN-77089"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2014-005783"
          },
          {
            "db": "NVD",
            "id": "CVE-2014-9144"
          }
        ]
      },
      "references": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/references#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "trust": 2.5,
            "url": "http://packetstormsecurity.com/files/129374/adsl2-2.05.c29gv-xss-url-redirect-command-injection.html"
          },
          {
            "trust": 1.7,
            "url": "http://www.exploit-db.com/exploits/35462"
          },
          {
            "trust": 1.1,
            "url": "http://www.securityfocus.com/archive/1/534143/100/0/threaded"
          },
          {
            "trust": 0.8,
            "url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2014-9144"
          },
          {
            "trust": 0.8,
            "url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2014-9144"
          },
          {
            "trust": 0.6,
            "url": "http://www.securityfocus.com/bid/71498/info"
          },
          {
            "trust": 0.6,
            "url": "http://www.exploit-db.com/exploits/35462/"
          },
          {
            "trust": 0.6,
            "url": "http://www.securityfocus.com/archive/1/archive/1/534143/100/0/threaded"
          },
          {
            "trust": 0.3,
            "url": "http://www.technicolor.com"
          },
          {
            "trust": 0.1,
            "url": "https://www.dclabs.com.br"
          },
          {
            "trust": 0.1,
            "url": "http://blog.dclabs.com.br\u0026login=login\u0026password="
          },
          {
            "trust": 0.1,
            "url": "https://www.google.com.br|`id`\u0026setobject_ping=i1.3.6.1.4.1.283.1000.2.1.6.4.2.0%3d1\u0026getobject_result=ignore"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2014-9143"
          },
          {
            "trust": 0.1,
            "url": "https://www.ibliss.com.br"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2014-9142"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2014-9144"
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2014-08783"
          },
          {
            "db": "VULHUB",
            "id": "VHN-77089"
          },
          {
            "db": "BID",
            "id": "71497"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2014-005783"
          },
          {
            "db": "PACKETSTORM",
            "id": "129374"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201412-126"
          },
          {
            "db": "NVD",
            "id": "CVE-2014-9144"
          }
        ]
      },
      "sources": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "db": "CNVD",
            "id": "CNVD-2014-08783"
          },
          {
            "db": "VULHUB",
            "id": "VHN-77089"
          },
          {
            "db": "BID",
            "id": "71497"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2014-005783"
          },
          {
            "db": "PACKETSTORM",
            "id": "129374"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201412-126"
          },
          {
            "db": "NVD",
            "id": "CVE-2014-9144"
          }
        ]
      },
      "sources_release_date": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "date": "2014-12-09T00:00:00",
            "db": "CNVD",
            "id": "CNVD-2014-08783"
          },
          {
            "date": "2014-12-05T00:00:00",
            "db": "VULHUB",
            "id": "VHN-77089"
          },
          {
            "date": "2014-12-03T00:00:00",
            "db": "BID",
            "id": "71497"
          },
          {
            "date": "2014-12-08T00:00:00",
            "db": "JVNDB",
            "id": "JVNDB-2014-005783"
          },
          {
            "date": "2014-12-03T19:05:57",
            "db": "PACKETSTORM",
            "id": "129374"
          },
          {
            "date": "2014-12-08T00:00:00",
            "db": "CNNVD",
            "id": "CNNVD-201412-126"
          },
          {
            "date": "2014-12-05T15:59:07.043000",
            "db": "NVD",
            "id": "CVE-2014-9144"
          }
        ]
      },
      "sources_update_date": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "date": "2014-12-09T00:00:00",
            "db": "CNVD",
            "id": "CNVD-2014-08783"
          },
          {
            "date": "2018-10-09T00:00:00",
            "db": "VULHUB",
            "id": "VHN-77089"
          },
          {
            "date": "2014-12-03T00:00:00",
            "db": "BID",
            "id": "71497"
          },
          {
            "date": "2014-12-08T00:00:00",
            "db": "JVNDB",
            "id": "JVNDB-2014-005783"
          },
          {
            "date": "2014-12-08T00:00:00",
            "db": "CNNVD",
            "id": "CNNVD-201412-126"
          },
          {
            "date": "2025-04-12T10:46:40.837000",
            "db": "NVD",
            "id": "CVE-2014-9144"
          }
        ]
      },
      "threat_type": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/threat_type#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "remote",
        "sources": [
          {
            "db": "CNNVD",
            "id": "CNNVD-201412-126"
          }
        ],
        "trust": 0.6
      },
      "title": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/title#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "Technicolor Router  TD5130 Vulnerability to execute arbitrary commands in firmware",
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2014-005783"
          }
        ],
        "trust": 0.8
      },
      "type": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/type#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "operating system commend injection",
        "sources": [
          {
            "db": "CNNVD",
            "id": "CNNVD-201412-126"
          }
        ],
        "trust": 0.6
      }
    }

    VAR-201412-0422

    Vulnerability from variot - Updated: 2025-04-13 23:10

    Cross-site scripting (XSS) vulnerability in Technicolor Router TD5130 with firmware 2.05.C29GV allows remote attackers to inject arbitrary web script or HTML via the failrefer parameter. The Technicolor ADSL2+ Router is a router device. An attacker could exploit this vulnerability to execute arbitrary script code or steal a cookie-based authentication certificate in the browser of an affected site's uninformed user. This may allow the attacker to steal cookie-based authentication credentials and launch other attacks. ADSL2+ 2.05.C29GV is vulnerable; other versions may also be affected. Product: Wireless N ADSL 2/2+ Modem Router Firmware Version : V2.05.C29GV Modem Type : ADSL2+ Router Modem Vendor : Technicolor Model: DT5130

    Bugs: 1- Unauth Xss - CVE-2014-9142 user=teste&password=teste& userlevel=15&refer=%2Fnigga.html&failrefer=/basicauth.cgi?index.html?failrefer=alert('TESTE')"%0A&login=Login&password=pass&refer=/index.html&user=teste&userlevel=15&login=Login

    2- Arbitrari URL redirect - CVE-2014-9143 failrefer=http://blog.dclabs.com.br&login=Login&password= pass&refer=/index.html&user=1&userlevel=15

    3- Command Injection in ping field - CVE-2014-9144 setobject_token=SESSION_CONTRACT_TOKEN_TAG%3D0123456789012345&setobject_ip=s1.3.6.1.4.1.283.1000.2.1.6.4.1.0%3Dwww.google.com.br|id&setobject_ping=i1.3.6.1.4.1.283.1000.2.1.6.4.2.0%3D1&getobject_result=IGNORE

    -- Ewerson Guimaraes (Crash) Pentester/Researcher DcLabs / Ibliss Security Team www.dclabs.com.br / www.ibliss.com.br

    Show details on source website

    {
      "@context": {
        "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
        "affected_products": {
          "@id": "https://www.variotdbs.pl/ref/affected_products"
        },
        "configurations": {
          "@id": "https://www.variotdbs.pl/ref/configurations"
        },
        "credits": {
          "@id": "https://www.variotdbs.pl/ref/credits"
        },
        "cvss": {
          "@id": "https://www.variotdbs.pl/ref/cvss/"
        },
        "description": {
          "@id": "https://www.variotdbs.pl/ref/description/"
        },
        "exploit_availability": {
          "@id": "https://www.variotdbs.pl/ref/exploit_availability/"
        },
        "external_ids": {
          "@id": "https://www.variotdbs.pl/ref/external_ids/"
        },
        "iot": {
          "@id": "https://www.variotdbs.pl/ref/iot/"
        },
        "iot_taxonomy": {
          "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
        },
        "patch": {
          "@id": "https://www.variotdbs.pl/ref/patch/"
        },
        "problemtype_data": {
          "@id": "https://www.variotdbs.pl/ref/problemtype_data/"
        },
        "references": {
          "@id": "https://www.variotdbs.pl/ref/references/"
        },
        "sources": {
          "@id": "https://www.variotdbs.pl/ref/sources/"
        },
        "sources_release_date": {
          "@id": "https://www.variotdbs.pl/ref/sources_release_date/"
        },
        "sources_update_date": {
          "@id": "https://www.variotdbs.pl/ref/sources_update_date/"
        },
        "threat_type": {
          "@id": "https://www.variotdbs.pl/ref/threat_type/"
        },
        "title": {
          "@id": "https://www.variotdbs.pl/ref/title/"
        },
        "type": {
          "@id": "https://www.variotdbs.pl/ref/type/"
        }
      },
      "@id": "https://www.variotdbs.pl/vuln/VAR-201412-0422",
      "affected_products": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/affected_products#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            },
            "@id": "https://www.variotdbs.pl/ref/sources"
          }
        },
        "data": [
          {
            "model": "td5130 router",
            "scope": "eq",
            "trust": 1.6,
            "vendor": "technicolor",
            "version": "2.05.c29gv"
          },
          {
            "model": "td5130",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "technicolor",
            "version": "2.05.c29gv"
          },
          {
            "model": "adsl2+ router 2.05.c29gv",
            "scope": null,
            "trust": 0.6,
            "vendor": "technicolor",
            "version": null
          },
          {
            "model": "adsl2+ 2.05.c29gv",
            "scope": null,
            "trust": 0.3,
            "vendor": "technicolor",
            "version": null
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2014-08781"
          },
          {
            "db": "BID",
            "id": "71495"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2014-005781"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201412-124"
          },
          {
            "db": "NVD",
            "id": "CVE-2014-9142"
          }
        ]
      },
      "configurations": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/configurations#",
          "children": {
            "@container": "@list"
          },
          "cpe_match": {
            "@container": "@list"
          },
          "data": {
            "@container": "@list"
          },
          "nodes": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "CVE_data_version": "4.0",
            "nodes": [
              {
                "cpe_match": [
                  {
                    "cpe22Uri": "cpe:/o:technicolor:td5130_router_firmware",
                    "vulnerable": true
                  }
                ],
                "operator": "OR"
              }
            ]
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2014-005781"
          }
        ]
      },
      "credits": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/credits#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "Ewerson Guimaraes",
        "sources": [
          {
            "db": "BID",
            "id": "71495"
          },
          {
            "db": "PACKETSTORM",
            "id": "129374"
          }
        ],
        "trust": 0.4
      },
      "cve": "CVE-2014-9142",
      "cvss": {
        "@context": {
          "cvssV2": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
          },
          "cvssV3": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
          },
          "severity": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/cvss/severity#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/severity"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            },
            "@id": "https://www.variotdbs.pl/ref/sources"
          }
        },
        "data": [
          {
            "cvssV2": [
              {
                "accessComplexity": "MEDIUM",
                "accessVector": "NETWORK",
                "authentication": "NONE",
                "author": "nvd@nist.gov",
                "availabilityImpact": "NONE",
                "baseScore": 4.3,
                "confidentialityImpact": "NONE",
                "exploitabilityScore": 8.6,
                "id": "CVE-2014-9142",
                "impactScore": 2.9,
                "integrityImpact": "PARTIAL",
                "severity": "MEDIUM",
                "trust": 1.8,
                "vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N",
                "version": "2.0"
              },
              {
                "accessComplexity": "MEDIUM",
                "accessVector": "NETWORK",
                "authentication": "NONE",
                "author": "CNVD",
                "availabilityImpact": "NONE",
                "baseScore": 4.3,
                "confidentialityImpact": "NONE",
                "exploitabilityScore": 8.6,
                "id": "CNVD-2014-08781",
                "impactScore": 2.9,
                "integrityImpact": "PARTIAL",
                "severity": "MEDIUM",
                "trust": 0.6,
                "vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N",
                "version": "2.0"
              },
              {
                "accessComplexity": "MEDIUM",
                "accessVector": "NETWORK",
                "authentication": "NONE",
                "author": "VULHUB",
                "availabilityImpact": "NONE",
                "baseScore": 4.3,
                "confidentialityImpact": "NONE",
                "exploitabilityScore": 8.6,
                "id": "VHN-77087",
                "impactScore": 2.9,
                "integrityImpact": "PARTIAL",
                "severity": "MEDIUM",
                "trust": 0.1,
                "vectorString": "AV:N/AC:M/AU:N/C:N/I:P/A:N",
                "version": "2.0"
              }
            ],
            "cvssV3": [],
            "severity": [
              {
                "author": "nvd@nist.gov",
                "id": "CVE-2014-9142",
                "trust": 1.0,
                "value": "MEDIUM"
              },
              {
                "author": "NVD",
                "id": "CVE-2014-9142",
                "trust": 0.8,
                "value": "Medium"
              },
              {
                "author": "CNVD",
                "id": "CNVD-2014-08781",
                "trust": 0.6,
                "value": "MEDIUM"
              },
              {
                "author": "CNNVD",
                "id": "CNNVD-201412-124",
                "trust": 0.6,
                "value": "MEDIUM"
              },
              {
                "author": "VULHUB",
                "id": "VHN-77087",
                "trust": 0.1,
                "value": "MEDIUM"
              }
            ]
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2014-08781"
          },
          {
            "db": "VULHUB",
            "id": "VHN-77087"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2014-005781"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201412-124"
          },
          {
            "db": "NVD",
            "id": "CVE-2014-9142"
          }
        ]
      },
      "description": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/description#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "Cross-site scripting (XSS) vulnerability in Technicolor Router TD5130 with firmware 2.05.C29GV allows remote attackers to inject arbitrary web script or HTML via the failrefer parameter. The Technicolor ADSL2+ Router is a router device. An attacker could exploit this vulnerability to execute arbitrary script code or steal a cookie-based authentication certificate in the browser of an affected site\u0027s uninformed user. This may allow the attacker to steal cookie-based authentication credentials and launch other attacks. \nADSL2+  2.05.C29GV is vulnerable; other versions may also be affected. Product: Wireless N ADSL 2/2+ Modem Router\nFirmware Version : V2.05.C29GV\nModem Type : ADSL2+ Router\nModem Vendor : Technicolor\nModel: DT5130\n\nBugs:\n1- Unauth Xss - CVE-2014-9142\nuser=teste\u0026password=teste\u0026\nuserlevel=15\u0026refer=%2Fnigga.html\u0026failrefer=/basicauth.cgi?index.html?failrefer=\u003cscript\u003e\u003c/script\u003e\u003cscript\u003ealert(\u0027TESTE\u0027)\u003c/script\u003e\"%0A\u0026login=Login\u0026password=pass\u0026refer=/index.html\u0026user=teste\u0026userlevel=15\u0026login=Login\n\n2- Arbitrari URL redirect - CVE-2014-9143\nfailrefer=http://blog.dclabs.com.br\u0026login=Login\u0026password=\npass\u0026refer=/index.html\u0026user=1\u0026userlevel=15\n\n3- Command Injection in ping field - CVE-2014-9144\nsetobject_token=SESSION_CONTRACT_TOKEN_TAG%3D0123456789012345\u0026setobject_ip=s1.3.6.1.4.1.283.1000.2.1.6.4.1.0%3Dwww.google.com.br|`id`\u0026setobject_ping=i1.3.6.1.4.1.283.1000.2.1.6.4.2.0%3D1\u0026getobject_result=IGNORE\n\n\n-- \nEwerson Guimaraes (Crash)\nPentester/Researcher\nDcLabs / Ibliss  Security Team\nwww.dclabs.com.br / www.ibliss.com.br\n",
        "sources": [
          {
            "db": "NVD",
            "id": "CVE-2014-9142"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2014-005781"
          },
          {
            "db": "CNVD",
            "id": "CNVD-2014-08781"
          },
          {
            "db": "BID",
            "id": "71495"
          },
          {
            "db": "VULHUB",
            "id": "VHN-77087"
          },
          {
            "db": "PACKETSTORM",
            "id": "129374"
          }
        ],
        "trust": 2.61
      },
      "exploit_availability": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/exploit_availability#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "reference": "https://www.scap.org.cn/vuln/vhn-77087",
            "trust": 0.1,
            "type": "unknown"
          }
        ],
        "sources": [
          {
            "db": "VULHUB",
            "id": "VHN-77087"
          }
        ]
      },
      "external_ids": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/external_ids#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "db": "NVD",
            "id": "CVE-2014-9142",
            "trust": 3.5
          },
          {
            "db": "PACKETSTORM",
            "id": "129374",
            "trust": 2.6
          },
          {
            "db": "EXPLOIT-DB",
            "id": "35462",
            "trust": 2.3
          },
          {
            "db": "BID",
            "id": "71495",
            "trust": 1.0
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2014-005781",
            "trust": 0.8
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201412-124",
            "trust": 0.7
          },
          {
            "db": "EXPLOITDB",
            "id": "35462",
            "trust": 0.6
          },
          {
            "db": "CNVD",
            "id": "CNVD-2014-08781",
            "trust": 0.6
          },
          {
            "db": "VULHUB",
            "id": "VHN-77087",
            "trust": 0.1
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2014-08781"
          },
          {
            "db": "VULHUB",
            "id": "VHN-77087"
          },
          {
            "db": "BID",
            "id": "71495"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2014-005781"
          },
          {
            "db": "PACKETSTORM",
            "id": "129374"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201412-124"
          },
          {
            "db": "NVD",
            "id": "CVE-2014-9142"
          }
        ]
      },
      "id": "VAR-201412-0422",
      "iot": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/iot#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": true,
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2014-08781"
          },
          {
            "db": "VULHUB",
            "id": "VHN-77087"
          }
        ],
        "trust": 1.7
      },
      "iot_taxonomy": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "category": [
              "Network device"
            ],
            "sub_category": null,
            "trust": 0.6
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2014-08781"
          }
        ]
      },
      "last_update_date": "2025-04-13T23:10:04.971000Z",
      "patch": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/patch#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "title": "Top Page",
            "trust": 0.8,
            "url": "http://www.technicolor.com/"
          },
          {
            "title": "TD5130 (Setup \u0026 User Guide)",
            "trust": 0.8,
            "url": "http://setuprouter.com/router/technicolor/td5130/manual-1247.pdf"
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2014-005781"
          }
        ]
      },
      "problemtype_data": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "problemtype": "CWE-79",
            "trust": 1.9
          }
        ],
        "sources": [
          {
            "db": "VULHUB",
            "id": "VHN-77087"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2014-005781"
          },
          {
            "db": "NVD",
            "id": "CVE-2014-9142"
          }
        ]
      },
      "references": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/references#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "trust": 2.5,
            "url": "http://packetstormsecurity.com/files/129374/adsl2-2.05.c29gv-xss-url-redirect-command-injection.html"
          },
          {
            "trust": 1.7,
            "url": "http://www.exploit-db.com/exploits/35462"
          },
          {
            "trust": 1.1,
            "url": "http://www.securityfocus.com/archive/1/534143/100/0/threaded"
          },
          {
            "trust": 0.8,
            "url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2014-9142"
          },
          {
            "trust": 0.8,
            "url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2014-9142"
          },
          {
            "trust": 0.6,
            "url": "http://www.securityfocus.com/bid/71495/info"
          },
          {
            "trust": 0.6,
            "url": "http://www.exploit-db.com/exploits/35462/"
          },
          {
            "trust": 0.6,
            "url": "http://www.securityfocus.com/archive/1/archive/1/534143/100/0/threaded"
          },
          {
            "trust": 0.3,
            "url": "http://www.technicolor.com"
          },
          {
            "trust": 0.1,
            "url": "https://www.dclabs.com.br"
          },
          {
            "trust": 0.1,
            "url": "http://blog.dclabs.com.br\u0026login=login\u0026password="
          },
          {
            "trust": 0.1,
            "url": "https://www.google.com.br|`id`\u0026setobject_ping=i1.3.6.1.4.1.283.1000.2.1.6.4.2.0%3d1\u0026getobject_result=ignore"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2014-9143"
          },
          {
            "trust": 0.1,
            "url": "https://www.ibliss.com.br"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2014-9142"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2014-9144"
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2014-08781"
          },
          {
            "db": "VULHUB",
            "id": "VHN-77087"
          },
          {
            "db": "BID",
            "id": "71495"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2014-005781"
          },
          {
            "db": "PACKETSTORM",
            "id": "129374"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201412-124"
          },
          {
            "db": "NVD",
            "id": "CVE-2014-9142"
          }
        ]
      },
      "sources": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "db": "CNVD",
            "id": "CNVD-2014-08781"
          },
          {
            "db": "VULHUB",
            "id": "VHN-77087"
          },
          {
            "db": "BID",
            "id": "71495"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2014-005781"
          },
          {
            "db": "PACKETSTORM",
            "id": "129374"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201412-124"
          },
          {
            "db": "NVD",
            "id": "CVE-2014-9142"
          }
        ]
      },
      "sources_release_date": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "date": "2014-12-09T00:00:00",
            "db": "CNVD",
            "id": "CNVD-2014-08781"
          },
          {
            "date": "2014-12-05T00:00:00",
            "db": "VULHUB",
            "id": "VHN-77087"
          },
          {
            "date": "2014-12-03T00:00:00",
            "db": "BID",
            "id": "71495"
          },
          {
            "date": "2014-12-08T00:00:00",
            "db": "JVNDB",
            "id": "JVNDB-2014-005781"
          },
          {
            "date": "2014-12-03T19:05:57",
            "db": "PACKETSTORM",
            "id": "129374"
          },
          {
            "date": "2014-12-08T00:00:00",
            "db": "CNNVD",
            "id": "CNNVD-201412-124"
          },
          {
            "date": "2014-12-05T15:59:05.043000",
            "db": "NVD",
            "id": "CVE-2014-9142"
          }
        ]
      },
      "sources_update_date": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "date": "2014-12-09T00:00:00",
            "db": "CNVD",
            "id": "CNVD-2014-08781"
          },
          {
            "date": "2018-10-09T00:00:00",
            "db": "VULHUB",
            "id": "VHN-77087"
          },
          {
            "date": "2014-12-03T00:00:00",
            "db": "BID",
            "id": "71495"
          },
          {
            "date": "2014-12-08T00:00:00",
            "db": "JVNDB",
            "id": "JVNDB-2014-005781"
          },
          {
            "date": "2014-12-08T00:00:00",
            "db": "CNNVD",
            "id": "CNNVD-201412-124"
          },
          {
            "date": "2025-04-12T10:46:40.837000",
            "db": "NVD",
            "id": "CVE-2014-9142"
          }
        ]
      },
      "threat_type": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/threat_type#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "remote",
        "sources": [
          {
            "db": "CNNVD",
            "id": "CNNVD-201412-124"
          }
        ],
        "trust": 0.6
      },
      "title": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/title#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "Technicolor Router  TD5130 Firmware cross-site scripting vulnerability",
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2014-005781"
          }
        ],
        "trust": 0.8
      },
      "type": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/type#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "xss",
        "sources": [
          {
            "db": "PACKETSTORM",
            "id": "129374"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201412-124"
          }
        ],
        "trust": 0.7
      }
    }

    VAR-201412-0423

    Vulnerability from variot - Updated: 2025-04-13 23:10

    Open redirect vulnerability in Technicolor Router TD5130 with firmware 2.05.C29GV allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via a URL in the failrefer parameter. Supplementary information : CWE Vulnerability type by CWE-17: Code ( code ) Has been identified. The Technicolor ADSL2+ Router is a router device. An attacker can trick a user into being redirected to an attacker-controlled website by constructing a specially crafted URI. Other attacks are possible. ADSL2+ 2.05.C29GV is vulnerable; other versions may also be affected. Product: Wireless N ADSL 2/2+ Modem Router Firmware Version : V2.05.C29GV Modem Type : ADSL2+ Router Modem Vendor : Technicolor Model: DT5130

    Bugs: 1- Unauth Xss - CVE-2014-9142 user=teste&password=teste& userlevel=15&refer=%2Fnigga.html&failrefer=/basicauth.cgi?index.html?failrefer=alert('TESTE')"%0A&login=Login&password=pass&refer=/index.html&user=teste&userlevel=15&login=Login

    2- Arbitrari URL redirect - CVE-2014-9143 failrefer=http://blog.dclabs.com.br&login=Login&password= pass&refer=/index.html&user=1&userlevel=15

    3- Command Injection in ping field - CVE-2014-9144 setobject_token=SESSION_CONTRACT_TOKEN_TAG%3D0123456789012345&setobject_ip=s1.3.6.1.4.1.283.1000.2.1.6.4.1.0%3Dwww.google.com.br|id&setobject_ping=i1.3.6.1.4.1.283.1000.2.1.6.4.2.0%3D1&getobject_result=IGNORE

    -- Ewerson Guimaraes (Crash) Pentester/Researcher DcLabs / Ibliss Security Team www.dclabs.com.br / www.ibliss.com.br

    Show details on source website

    {
      "@context": {
        "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
        "affected_products": {
          "@id": "https://www.variotdbs.pl/ref/affected_products"
        },
        "configurations": {
          "@id": "https://www.variotdbs.pl/ref/configurations"
        },
        "credits": {
          "@id": "https://www.variotdbs.pl/ref/credits"
        },
        "cvss": {
          "@id": "https://www.variotdbs.pl/ref/cvss/"
        },
        "description": {
          "@id": "https://www.variotdbs.pl/ref/description/"
        },
        "exploit_availability": {
          "@id": "https://www.variotdbs.pl/ref/exploit_availability/"
        },
        "external_ids": {
          "@id": "https://www.variotdbs.pl/ref/external_ids/"
        },
        "iot": {
          "@id": "https://www.variotdbs.pl/ref/iot/"
        },
        "iot_taxonomy": {
          "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
        },
        "patch": {
          "@id": "https://www.variotdbs.pl/ref/patch/"
        },
        "problemtype_data": {
          "@id": "https://www.variotdbs.pl/ref/problemtype_data/"
        },
        "references": {
          "@id": "https://www.variotdbs.pl/ref/references/"
        },
        "sources": {
          "@id": "https://www.variotdbs.pl/ref/sources/"
        },
        "sources_release_date": {
          "@id": "https://www.variotdbs.pl/ref/sources_release_date/"
        },
        "sources_update_date": {
          "@id": "https://www.variotdbs.pl/ref/sources_update_date/"
        },
        "threat_type": {
          "@id": "https://www.variotdbs.pl/ref/threat_type/"
        },
        "title": {
          "@id": "https://www.variotdbs.pl/ref/title/"
        },
        "type": {
          "@id": "https://www.variotdbs.pl/ref/type/"
        }
      },
      "@id": "https://www.variotdbs.pl/vuln/VAR-201412-0423",
      "affected_products": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/affected_products#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            },
            "@id": "https://www.variotdbs.pl/ref/sources"
          }
        },
        "data": [
          {
            "model": "td5130 router",
            "scope": "eq",
            "trust": 1.6,
            "vendor": "technicolor",
            "version": "2.05.c29gv"
          },
          {
            "model": "td5130",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "technicolor",
            "version": "2.05.c29gv"
          },
          {
            "model": "adsl2+ router 2.05.c29gv",
            "scope": null,
            "trust": 0.6,
            "vendor": "technicolor",
            "version": null
          },
          {
            "model": "adsl2+ 2.05.c29gv",
            "scope": null,
            "trust": 0.3,
            "vendor": "technicolor",
            "version": null
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2014-08782"
          },
          {
            "db": "BID",
            "id": "71496"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2014-005782"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201412-125"
          },
          {
            "db": "NVD",
            "id": "CVE-2014-9143"
          }
        ]
      },
      "configurations": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/configurations#",
          "children": {
            "@container": "@list"
          },
          "cpe_match": {
            "@container": "@list"
          },
          "data": {
            "@container": "@list"
          },
          "nodes": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "CVE_data_version": "4.0",
            "nodes": [
              {
                "cpe_match": [
                  {
                    "cpe22Uri": "cpe:/o:technicolor:td5130_router_firmware",
                    "vulnerable": true
                  }
                ],
                "operator": "OR"
              }
            ]
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2014-005782"
          }
        ]
      },
      "credits": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/credits#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "Ewerson Guimaraes",
        "sources": [
          {
            "db": "BID",
            "id": "71496"
          },
          {
            "db": "PACKETSTORM",
            "id": "129374"
          }
        ],
        "trust": 0.4
      },
      "cve": "CVE-2014-9143",
      "cvss": {
        "@context": {
          "cvssV2": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
          },
          "cvssV3": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
          },
          "severity": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/cvss/severity#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/severity"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            },
            "@id": "https://www.variotdbs.pl/ref/sources"
          }
        },
        "data": [
          {
            "cvssV2": [
              {
                "accessComplexity": "MEDIUM",
                "accessVector": "NETWORK",
                "authentication": "NONE",
                "author": "nvd@nist.gov",
                "availabilityImpact": "NONE",
                "baseScore": 4.3,
                "confidentialityImpact": "NONE",
                "exploitabilityScore": 8.6,
                "id": "CVE-2014-9143",
                "impactScore": 2.9,
                "integrityImpact": "PARTIAL",
                "severity": "MEDIUM",
                "trust": 1.8,
                "vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N",
                "version": "2.0"
              },
              {
                "accessComplexity": "MEDIUM",
                "accessVector": "NETWORK",
                "authentication": "NONE",
                "author": "CNVD",
                "availabilityImpact": "NONE",
                "baseScore": 4.3,
                "confidentialityImpact": "NONE",
                "exploitabilityScore": 8.6,
                "id": "CNVD-2014-08782",
                "impactScore": 2.9,
                "integrityImpact": "PARTIAL",
                "severity": "MEDIUM",
                "trust": 0.6,
                "vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N",
                "version": "2.0"
              },
              {
                "accessComplexity": "MEDIUM",
                "accessVector": "NETWORK",
                "authentication": "NONE",
                "author": "VULHUB",
                "availabilityImpact": "NONE",
                "baseScore": 4.3,
                "confidentialityImpact": "NONE",
                "exploitabilityScore": 8.6,
                "id": "VHN-77088",
                "impactScore": 2.9,
                "integrityImpact": "PARTIAL",
                "severity": "MEDIUM",
                "trust": 0.1,
                "vectorString": "AV:N/AC:M/AU:N/C:N/I:P/A:N",
                "version": "2.0"
              }
            ],
            "cvssV3": [],
            "severity": [
              {
                "author": "nvd@nist.gov",
                "id": "CVE-2014-9143",
                "trust": 1.0,
                "value": "MEDIUM"
              },
              {
                "author": "NVD",
                "id": "CVE-2014-9143",
                "trust": 0.8,
                "value": "Medium"
              },
              {
                "author": "CNVD",
                "id": "CNVD-2014-08782",
                "trust": 0.6,
                "value": "MEDIUM"
              },
              {
                "author": "CNNVD",
                "id": "CNNVD-201412-125",
                "trust": 0.6,
                "value": "MEDIUM"
              },
              {
                "author": "VULHUB",
                "id": "VHN-77088",
                "trust": 0.1,
                "value": "MEDIUM"
              }
            ]
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2014-08782"
          },
          {
            "db": "VULHUB",
            "id": "VHN-77088"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2014-005782"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201412-125"
          },
          {
            "db": "NVD",
            "id": "CVE-2014-9143"
          }
        ]
      },
      "description": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/description#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "Open redirect vulnerability in Technicolor Router TD5130 with firmware 2.05.C29GV allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via a URL in the failrefer parameter. Supplementary information : CWE Vulnerability type by CWE-17: Code ( code ) Has been identified. The Technicolor ADSL2+ Router is a router device. An attacker can trick a user into being redirected to an attacker-controlled website by constructing a specially crafted URI. Other attacks are possible. \nADSL2+  2.05.C29GV is vulnerable; other versions may also be affected. Product: Wireless N ADSL 2/2+ Modem Router\nFirmware Version : V2.05.C29GV\nModem Type : ADSL2+ Router\nModem Vendor : Technicolor\nModel: DT5130\n\nBugs:\n1- Unauth Xss - CVE-2014-9142\nuser=teste\u0026password=teste\u0026\nuserlevel=15\u0026refer=%2Fnigga.html\u0026failrefer=/basicauth.cgi?index.html?failrefer=\u003cscript\u003e\u003c/script\u003e\u003cscript\u003ealert(\u0027TESTE\u0027)\u003c/script\u003e\"%0A\u0026login=Login\u0026password=pass\u0026refer=/index.html\u0026user=teste\u0026userlevel=15\u0026login=Login\n\n2- Arbitrari URL redirect - CVE-2014-9143\nfailrefer=http://blog.dclabs.com.br\u0026login=Login\u0026password=\npass\u0026refer=/index.html\u0026user=1\u0026userlevel=15\n\n3- Command Injection in ping field - CVE-2014-9144\nsetobject_token=SESSION_CONTRACT_TOKEN_TAG%3D0123456789012345\u0026setobject_ip=s1.3.6.1.4.1.283.1000.2.1.6.4.1.0%3Dwww.google.com.br|`id`\u0026setobject_ping=i1.3.6.1.4.1.283.1000.2.1.6.4.2.0%3D1\u0026getobject_result=IGNORE\n\n\n-- \nEwerson Guimaraes (Crash)\nPentester/Researcher\nDcLabs / Ibliss  Security Team\nwww.dclabs.com.br / www.ibliss.com.br\n",
        "sources": [
          {
            "db": "NVD",
            "id": "CVE-2014-9143"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2014-005782"
          },
          {
            "db": "CNVD",
            "id": "CNVD-2014-08782"
          },
          {
            "db": "BID",
            "id": "71496"
          },
          {
            "db": "VULHUB",
            "id": "VHN-77088"
          },
          {
            "db": "PACKETSTORM",
            "id": "129374"
          }
        ],
        "trust": 2.61
      },
      "exploit_availability": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/exploit_availability#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "reference": "https://www.scap.org.cn/vuln/vhn-77088",
            "trust": 0.1,
            "type": "unknown"
          }
        ],
        "sources": [
          {
            "db": "VULHUB",
            "id": "VHN-77088"
          }
        ]
      },
      "external_ids": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/external_ids#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "db": "NVD",
            "id": "CVE-2014-9143",
            "trust": 3.5
          },
          {
            "db": "PACKETSTORM",
            "id": "129374",
            "trust": 2.6
          },
          {
            "db": "EXPLOIT-DB",
            "id": "35462",
            "trust": 2.3
          },
          {
            "db": "BID",
            "id": "71496",
            "trust": 1.0
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2014-005782",
            "trust": 0.8
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201412-125",
            "trust": 0.7
          },
          {
            "db": "EXPLOITDB",
            "id": "35462",
            "trust": 0.6
          },
          {
            "db": "CNVD",
            "id": "CNVD-2014-08782",
            "trust": 0.6
          },
          {
            "db": "VULHUB",
            "id": "VHN-77088",
            "trust": 0.1
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2014-08782"
          },
          {
            "db": "VULHUB",
            "id": "VHN-77088"
          },
          {
            "db": "BID",
            "id": "71496"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2014-005782"
          },
          {
            "db": "PACKETSTORM",
            "id": "129374"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201412-125"
          },
          {
            "db": "NVD",
            "id": "CVE-2014-9143"
          }
        ]
      },
      "id": "VAR-201412-0423",
      "iot": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/iot#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": true,
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2014-08782"
          },
          {
            "db": "VULHUB",
            "id": "VHN-77088"
          }
        ],
        "trust": 1.7
      },
      "iot_taxonomy": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "category": [
              "Network device"
            ],
            "sub_category": null,
            "trust": 0.6
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2014-08782"
          }
        ]
      },
      "last_update_date": "2025-04-13T23:10:04.932000Z",
      "patch": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/patch#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "title": "Top Page",
            "trust": 0.8,
            "url": "http://www.technicolor.com/"
          },
          {
            "title": "TD5130 (Setup \u0026 User Guide)",
            "trust": 0.8,
            "url": "http://setuprouter.com/router/technicolor/td5130/manual-1247.pdf"
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2014-005782"
          }
        ]
      },
      "problemtype_data": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "problemtype": "CWE-17",
            "trust": 1.1
          },
          {
            "problemtype": "CWE-Other",
            "trust": 0.8
          }
        ],
        "sources": [
          {
            "db": "VULHUB",
            "id": "VHN-77088"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2014-005782"
          },
          {
            "db": "NVD",
            "id": "CVE-2014-9143"
          }
        ]
      },
      "references": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/references#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "trust": 2.5,
            "url": "http://packetstormsecurity.com/files/129374/adsl2-2.05.c29gv-xss-url-redirect-command-injection.html"
          },
          {
            "trust": 1.7,
            "url": "http://www.exploit-db.com/exploits/35462"
          },
          {
            "trust": 1.1,
            "url": "http://www.securityfocus.com/archive/1/534143/100/0/threaded"
          },
          {
            "trust": 0.8,
            "url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2014-9143"
          },
          {
            "trust": 0.8,
            "url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2014-9143"
          },
          {
            "trust": 0.6,
            "url": "http://www.securityfocus.com/bid/71496/info"
          },
          {
            "trust": 0.6,
            "url": "http://www.exploit-db.com/exploits/35462/"
          },
          {
            "trust": 0.6,
            "url": "http://www.securityfocus.com/archive/1/archive/1/534143/100/0/threaded"
          },
          {
            "trust": 0.3,
            "url": "http://www.technicolor.com"
          },
          {
            "trust": 0.1,
            "url": "https://www.dclabs.com.br"
          },
          {
            "trust": 0.1,
            "url": "http://blog.dclabs.com.br\u0026login=login\u0026password="
          },
          {
            "trust": 0.1,
            "url": "https://www.google.com.br|`id`\u0026setobject_ping=i1.3.6.1.4.1.283.1000.2.1.6.4.2.0%3d1\u0026getobject_result=ignore"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2014-9143"
          },
          {
            "trust": 0.1,
            "url": "https://www.ibliss.com.br"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2014-9142"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2014-9144"
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2014-08782"
          },
          {
            "db": "VULHUB",
            "id": "VHN-77088"
          },
          {
            "db": "BID",
            "id": "71496"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2014-005782"
          },
          {
            "db": "PACKETSTORM",
            "id": "129374"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201412-125"
          },
          {
            "db": "NVD",
            "id": "CVE-2014-9143"
          }
        ]
      },
      "sources": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "db": "CNVD",
            "id": "CNVD-2014-08782"
          },
          {
            "db": "VULHUB",
            "id": "VHN-77088"
          },
          {
            "db": "BID",
            "id": "71496"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2014-005782"
          },
          {
            "db": "PACKETSTORM",
            "id": "129374"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201412-125"
          },
          {
            "db": "NVD",
            "id": "CVE-2014-9143"
          }
        ]
      },
      "sources_release_date": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "date": "2014-12-09T00:00:00",
            "db": "CNVD",
            "id": "CNVD-2014-08782"
          },
          {
            "date": "2014-12-05T00:00:00",
            "db": "VULHUB",
            "id": "VHN-77088"
          },
          {
            "date": "2014-12-03T00:00:00",
            "db": "BID",
            "id": "71496"
          },
          {
            "date": "2014-12-08T00:00:00",
            "db": "JVNDB",
            "id": "JVNDB-2014-005782"
          },
          {
            "date": "2014-12-03T19:05:57",
            "db": "PACKETSTORM",
            "id": "129374"
          },
          {
            "date": "2014-12-08T00:00:00",
            "db": "CNNVD",
            "id": "CNNVD-201412-125"
          },
          {
            "date": "2014-12-05T15:59:06.010000",
            "db": "NVD",
            "id": "CVE-2014-9143"
          }
        ]
      },
      "sources_update_date": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "date": "2014-12-09T00:00:00",
            "db": "CNVD",
            "id": "CNVD-2014-08782"
          },
          {
            "date": "2018-10-09T00:00:00",
            "db": "VULHUB",
            "id": "VHN-77088"
          },
          {
            "date": "2014-12-03T00:00:00",
            "db": "BID",
            "id": "71496"
          },
          {
            "date": "2014-12-08T00:00:00",
            "db": "JVNDB",
            "id": "JVNDB-2014-005782"
          },
          {
            "date": "2014-12-08T00:00:00",
            "db": "CNNVD",
            "id": "CNNVD-201412-125"
          },
          {
            "date": "2025-04-12T10:46:40.837000",
            "db": "NVD",
            "id": "CVE-2014-9143"
          }
        ]
      },
      "threat_type": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/threat_type#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "remote",
        "sources": [
          {
            "db": "CNNVD",
            "id": "CNNVD-201412-125"
          }
        ],
        "trust": 0.6
      },
      "title": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/title#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "Technicolor Router  TD5130 Open redirect vulnerability in firmware",
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2014-005782"
          }
        ],
        "trust": 0.8
      },
      "type": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/type#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "code injection",
        "sources": [
          {
            "db": "CNNVD",
            "id": "CNNVD-201412-125"
          }
        ],
        "trust": 0.6
      }
    }