Action not permitted
Modal body text goes here.
Modal Title
Modal Body
CVE-2023-44487 (GCVE-0-2023-44487)
Vulnerability from cvelistv5 – Published: 2023-10-10 00:00 – Updated: 2026-05-12 10:52- n/a
- CWE-400 - Uncontrolled Resource Consumption
| Vendor | Product | Version | |
|---|---|---|---|
| ietf | http |
Affected:
2.0
cpe:2.3:a:ietf:http:2.0:*:*:*:*:*:*:* |
|
| Siemens | RUGGEDCOM APE1808 |
Affected:
0 , < *
(custom)
|
|
| Siemens | SIMATIC S7-1500 CPU 1518-4 PN/DP MFP |
Affected:
V3.1.5 , < *
(custom)
|
|
| Siemens | SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP |
Affected:
V3.1.5 , < *
(custom)
|
|
| Siemens | SINEC NMS |
Affected:
0 , < V3.0
(custom)
|
|
| Siemens | SIPLUS S7-1500 CPU 1518-4 PN/DP MFP |
Affected:
V3.1.5 , < *
(custom)
|
CISA
Known Exploited Vulnerability - GCVE BCP-07 Compliant
Exploited: Yes
Timestamps
Scope
Evidence
Type: Vendor Report
Signal: Successful Exploitation
Confidence: 80%
Source: cisa-kev
Details
| Cwes | CWE-400 |
|---|---|
| Feed | CISA Known Exploited Vulnerabilities Catalog |
| Product | HTTP/2 |
| Due Date | 2023-10-31 |
| Date Added | 2023-10-10 |
| Vendorproject | IETF |
| Vulnerabilityname | HTTP/2 Rapid Reset Attack Vulnerability |
| Knownransomwarecampaignuse | Unknown |
References
KEVIntel
Known Exploited Vulnerability - GCVE BCP-07 Compliant
Exploited: Yes
Timestamps
Scope
Evidence
Type: Public Report
Signal: Successful Exploitation
Confidence: 70%
Source: kevintel
Details
| Feed | KEVIntel (kevintel.com) |
|---|---|
| Title | The HTTP/2 protocol allows a denial of service (server resource consumption) because request cancellation can reset many streams quickly, as... |
| Vendor | |
| Product | Cloud Platform |
| Added Date | 2023-10-10T00:00:00.000Z |
| Cvss Score | 7.5 |
| Epss Score | 0.99999 |
| Cvss Severity | HIGH |
| Epss Percentile | 0.99996 |
| Used In Malware | unknown |
| Ahead Of Cisa Kev | None |
| Not Yet In Cisa Kev | False |
References
{
"containers": {
"adp": [
{
"affected": [
{
"cpes": [
"cpe:2.3:a:ietf:http:2.0:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "http",
"vendor": "ietf",
"versions": [
{
"status": "affected",
"version": "2.0"
}
]
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
}
},
{
"other": {
"content": {
"id": "CVE-2023-44487",
"options": [
{
"Exploitation": "active"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-07-23T20:34:21.334116Z",
"version": "2.0.3"
},
"type": "ssvc"
}
},
{
"other": {
"content": {
"dateAdded": "2023-10-10",
"reference": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2023-44487"
},
"type": "kev"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-400",
"description": "CWE-400 Uncontrolled Resource Consumption",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-10-21T23:05:35.187Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"references": [
{
"tags": [
"government-resource"
],
"url": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2023-44487"
}
],
"timeline": [
{
"lang": "en",
"time": "2023-10-10T00:00:00.000Z",
"value": "CVE-2023-44487 added to CISA KEV"
}
],
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2025-11-04T21:08:27.383Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://github.com/dotnet/core/blob/e4613450ea0da7fd2fc6b61dfb2c1c1dec1ce9ec/release-notes/6.0/6.0.23/6.0.23.md?plain=1#L73"
},
{
"tags": [
"x_transferred"
],
"url": "https://blog.cloudflare.com/technical-breakdown-http2-rapid-reset-ddos-attack/"
},
{
"tags": [
"x_transferred"
],
"url": "https://aws.amazon.com/security/security-bulletins/AWS-2023-011/"
},
{
"tags": [
"x_transferred"
],
"url": "https://cloud.google.com/blog/products/identity-security/how-it-works-the-novel-http2-rapid-reset-ddos-attack"
},
{
"tags": [
"x_transferred"
],
"url": "https://www.nginx.com/blog/http-2-rapid-reset-attack-impacting-f5-nginx-products/"
},
{
"tags": [
"x_transferred"
],
"url": "https://cloud.google.com/blog/products/identity-security/google-cloud-mitigated-largest-ddos-attack-peaking-above-398-million-rps/"
},
{
"tags": [
"x_transferred"
],
"url": "https://news.ycombinator.com/item?id=37831062"
},
{
"tags": [
"x_transferred"
],
"url": "https://blog.cloudflare.com/zero-day-rapid-reset-http2-record-breaking-ddos-attack/"
},
{
"tags": [
"x_transferred"
],
"url": "https://www.phoronix.com/news/HTTP2-Rapid-Reset-Attack"
},
{
"tags": [
"x_transferred"
],
"url": "https://github.com/envoyproxy/envoy/pull/30055"
},
{
"tags": [
"x_transferred"
],
"url": "https://github.com/haproxy/haproxy/issues/2312"
},
{
"tags": [
"x_transferred"
],
"url": "https://github.com/eclipse/jetty.project/issues/10679"
},
{
"tags": [
"x_transferred"
],
"url": "https://forums.swift.org/t/swift-nio-http2-security-update-cve-2023-44487-http-2-dos/67764"
},
{
"tags": [
"x_transferred"
],
"url": "https://github.com/nghttp2/nghttp2/pull/1961"
},
{
"tags": [
"x_transferred"
],
"url": "https://github.com/netty/netty/commit/58f75f665aa81a8cbcf6ffa74820042a285c5e61"
},
{
"tags": [
"x_transferred"
],
"url": "https://github.com/alibaba/tengine/issues/1872"
},
{
"tags": [
"x_transferred"
],
"url": "https://github.com/apache/tomcat/tree/main/java/org/apache/coyote/http2"
},
{
"tags": [
"x_transferred"
],
"url": "https://news.ycombinator.com/item?id=37830987"
},
{
"tags": [
"x_transferred"
],
"url": "https://news.ycombinator.com/item?id=37830998"
},
{
"tags": [
"x_transferred"
],
"url": "https://github.com/caddyserver/caddy/issues/5877"
},
{
"tags": [
"x_transferred"
],
"url": "https://www.bleepingcomputer.com/news/security/new-http-2-rapid-reset-zero-day-attack-breaks-ddos-records/"
},
{
"tags": [
"x_transferred"
],
"url": "https://github.com/bcdannyboy/CVE-2023-44487"
},
{
"tags": [
"x_transferred"
],
"url": "https://github.com/grpc/grpc-go/pull/6703"
},
{
"tags": [
"x_transferred"
],
"url": "https://github.com/icing/mod_h2/blob/0a864782af0a942aa2ad4ed960a6b32cd35bcf0a/mod_http2/README.md?plain=1#L239-L244"
},
{
"tags": [
"x_transferred"
],
"url": "https://github.com/nghttp2/nghttp2/releases/tag/v1.57.0"
},
{
"tags": [
"x_transferred"
],
"url": "https://mailman.nginx.org/pipermail/nginx-devel/2023-October/S36Q5HBXR7CAIMPLLPRSSSYR4PCMWILK.html"
},
{
"tags": [
"x_transferred"
],
"url": "https://my.f5.com/manage/s/article/K000137106"
},
{
"tags": [
"x_transferred"
],
"url": "https://msrc.microsoft.com/blog/2023/10/microsoft-response-to-distributed-denial-of-service-ddos-attacks-against-http/2/"
},
{
"tags": [
"x_transferred"
],
"url": "https://bugzilla.proxmox.com/show_bug.cgi?id=4988"
},
{
"tags": [
"x_transferred"
],
"url": "https://cgit.freebsd.org/ports/commit/?id=c64c329c2c1752f46b73e3e6ce9f4329be6629f9"
},
{
"tags": [
"x_transferred"
],
"url": "https://seanmonstar.com/post/730794151136935936/hyper-http2-rapid-reset-unaffected"
},
{
"tags": [
"x_transferred"
],
"url": "https://github.com/microsoft/CBL-Mariner/pull/6381"
},
{
"tags": [
"x_transferred"
],
"url": "https://groups.google.com/g/golang-announce/c/iNNxDTCjZvo"
},
{
"tags": [
"x_transferred"
],
"url": "https://github.com/facebook/proxygen/pull/466"
},
{
"tags": [
"x_transferred"
],
"url": "https://gist.github.com/adulau/7c2bfb8e9cdbe4b35a5e131c66a0c088"
},
{
"tags": [
"x_transferred"
],
"url": "https://github.com/micrictor/http2-rst-stream"
},
{
"tags": [
"x_transferred"
],
"url": "https://edg.io/lp/blog/resets-leaks-ddos-and-the-tale-of-a-hidden-cve"
},
{
"tags": [
"x_transferred"
],
"url": "https://openssf.org/blog/2023/10/10/http-2-rapid-reset-vulnerability-highlights-need-for-rapid-response/"
},
{
"tags": [
"x_transferred"
],
"url": "https://github.com/h2o/h2o/security/advisories/GHSA-2m7v-gc89-fjqf"
},
{
"tags": [
"x_transferred"
],
"url": "https://github.com/h2o/h2o/pull/3291"
},
{
"tags": [
"x_transferred"
],
"url": "https://github.com/nodejs/node/pull/50121"
},
{
"tags": [
"x_transferred"
],
"url": "https://github.com/dotnet/announcements/issues/277"
},
{
"tags": [
"x_transferred"
],
"url": "https://github.com/golang/go/issues/63417"
},
{
"tags": [
"x_transferred"
],
"url": "https://github.com/advisories/GHSA-vx74-f528-fxqg"
},
{
"tags": [
"x_transferred"
],
"url": "https://github.com/apache/trafficserver/pull/10564"
},
{
"tags": [
"x_transferred"
],
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-44487"
},
{
"tags": [
"x_transferred"
],
"url": "https://tomcat.apache.org/security-10.html#Fixed_in_Apache_Tomcat_10.1.14"
},
{
"tags": [
"x_transferred"
],
"url": "https://lists.apache.org/thread/5py8h42mxfsn8l1wy6o41xwhsjlsd87q"
},
{
"tags": [
"x_transferred"
],
"url": "https://www.openwall.com/lists/oss-security/2023/10/10/6"
},
{
"tags": [
"x_transferred"
],
"url": "https://www.haproxy.com/blog/haproxy-is-not-affected-by-the-http-2-rapid-reset-attack-cve-2023-44487"
},
{
"tags": [
"x_transferred"
],
"url": "https://github.com/opensearch-project/data-prepper/issues/3474"
},
{
"tags": [
"x_transferred"
],
"url": "https://github.com/kubernetes/kubernetes/pull/121120"
},
{
"tags": [
"x_transferred"
],
"url": "https://github.com/oqtane/oqtane.framework/discussions/3367"
},
{
"tags": [
"x_transferred"
],
"url": "https://github.com/advisories/GHSA-xpw8-rcwv-8f8p"
},
{
"tags": [
"x_transferred"
],
"url": "https://netty.io/news/2023/10/10/4-1-100-Final.html"
},
{
"tags": [
"x_transferred"
],
"url": "https://www.cisa.gov/news-events/alerts/2023/10/10/http2-rapid-reset-vulnerability-cve-2023-44487"
},
{
"tags": [
"x_transferred"
],
"url": "https://www.theregister.com/2023/10/10/http2_rapid_reset_zeroday/"
},
{
"tags": [
"x_transferred"
],
"url": "https://blog.qualys.com/vulnerabilities-threat-research/2023/10/10/cve-2023-44487-http-2-rapid-reset-attack"
},
{
"tags": [
"x_transferred"
],
"url": "https://news.ycombinator.com/item?id=37837043"
},
{
"tags": [
"x_transferred"
],
"url": "https://github.com/kazu-yamamoto/http2/issues/93"
},
{
"tags": [
"x_transferred"
],
"url": "https://martinthomson.github.io/h2-stream-limits/draft-thomson-httpbis-h2-stream-limits.html"
},
{
"tags": [
"x_transferred"
],
"url": "https://github.com/kazu-yamamoto/http2/commit/f61d41a502bd0f60eb24e1ce14edc7b6df6722a1"
},
{
"tags": [
"x_transferred"
],
"url": "https://github.com/apache/httpd/blob/afcdbeebbff4b0c50ea26cdd16e178c0d1f24152/modules/http2/h2_mplx.c#L1101-L1113"
},
{
"name": "DSA-5522",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://www.debian.org/security/2023/dsa-5522"
},
{
"name": "DSA-5521",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://www.debian.org/security/2023/dsa-5521"
},
{
"tags": [
"x_transferred"
],
"url": "https://access.redhat.com/security/cve/cve-2023-44487"
},
{
"tags": [
"x_transferred"
],
"url": "https://github.com/ninenines/cowboy/issues/1615"
},
{
"tags": [
"x_transferred"
],
"url": "https://github.com/varnishcache/varnish-cache/issues/3996"
},
{
"tags": [
"x_transferred"
],
"url": "https://github.com/tempesta-tech/tempesta/issues/1986"
},
{
"tags": [
"x_transferred"
],
"url": "https://blog.vespa.ai/cve-2023-44487/"
},
{
"tags": [
"x_transferred"
],
"url": "https://github.com/etcd-io/etcd/issues/16740"
},
{
"tags": [
"x_transferred"
],
"url": "https://www.darkreading.com/cloud/internet-wide-zero-day-bug-fuels-largest-ever-ddos-event"
},
{
"tags": [
"x_transferred"
],
"url": "https://istio.io/latest/news/security/istio-security-2023-004/"
},
{
"tags": [
"x_transferred"
],
"url": "https://github.com/junkurihara/rust-rpxy/issues/97"
},
{
"tags": [
"x_transferred"
],
"url": "https://bugzilla.suse.com/show_bug.cgi?id=1216123"
},
{
"tags": [
"x_transferred"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2242803"
},
{
"tags": [
"x_transferred"
],
"url": "https://ubuntu.com/security/CVE-2023-44487"
},
{
"tags": [
"x_transferred"
],
"url": "https://community.traefik.io/t/is-traefik-vulnerable-to-cve-2023-44487/20125"
},
{
"tags": [
"x_transferred"
],
"url": "https://github.com/advisories/GHSA-qppj-fm5r-hxr3"
},
{
"tags": [
"x_transferred"
],
"url": "https://github.com/apache/httpd-site/pull/10"
},
{
"tags": [
"x_transferred"
],
"url": "https://github.com/projectcontour/contour/pull/5826"
},
{
"tags": [
"x_transferred"
],
"url": "https://github.com/linkerd/website/pull/1695/commits/4b9c6836471bc8270ab48aae6fd2181bc73fd632"
},
{
"tags": [
"x_transferred"
],
"url": "https://github.com/line/armeria/pull/5232"
},
{
"tags": [
"x_transferred"
],
"url": "https://blog.litespeedtech.com/2023/10/11/rapid-reset-http-2-vulnerablilty/"
},
{
"tags": [
"x_transferred"
],
"url": "https://security.paloaltonetworks.com/CVE-2023-44487"
},
{
"tags": [
"x_transferred"
],
"url": "https://github.com/akka/akka-http/issues/4323"
},
{
"tags": [
"x_transferred"
],
"url": "https://github.com/openresty/openresty/issues/930"
},
{
"tags": [
"x_transferred"
],
"url": "https://github.com/apache/apisix/issues/10320"
},
{
"tags": [
"x_transferred"
],
"url": "https://github.com/Azure/AKS/issues/3947"
},
{
"tags": [
"x_transferred"
],
"url": "https://github.com/Kong/kong/discussions/11741"
},
{
"tags": [
"x_transferred"
],
"url": "https://github.com/arkrwn/PoC/tree/main/CVE-2023-44487"
},
{
"tags": [
"x_transferred"
],
"url": "https://www.netlify.com/blog/netlify-successfully-mitigates-cve-2023-44487/"
},
{
"tags": [
"x_transferred"
],
"url": "https://github.com/caddyserver/caddy/releases/tag/v2.7.5"
},
{
"name": "[debian-lts-announce] 20231013 [SECURITY] [DLA 3617-1] tomcat9 security update",
"tags": [
"mailing-list",
"x_transferred"
],
"url": "https://lists.debian.org/debian-lts-announce/2023/10/msg00020.html"
},
{
"name": "[oss-security] 20231013 Re: CVE-2023-44487: HTTP/2 Rapid Reset attack against many implementations",
"tags": [
"mailing-list",
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2023/10/13/4"
},
{
"name": "[oss-security] 20231013 Re: CVE-2023-44487: HTTP/2 Rapid Reset attack against many implementations",
"tags": [
"mailing-list",
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2023/10/13/9"
},
{
"tags": [
"x_transferred"
],
"url": "https://arstechnica.com/security/2023/10/how-ddosers-used-the-http-2-protocol-to-deliver-attacks-of-unprecedented-size/"
},
{
"tags": [
"x_transferred"
],
"url": "https://lists.w3.org/Archives/Public/ietf-http-wg/2023OctDec/0025.html"
},
{
"name": "FEDORA-2023-ed2642fd58",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/JMEXY22BFG5Q64HQCM5CK2Q7KDKVV4TY/"
},
{
"tags": [
"x_transferred"
],
"url": "https://linkerd.io/2023/10/12/linkerd-cve-2023-44487/"
},
{
"name": "[debian-lts-announce] 20231016 [SECURITY] [DLA 3621-1] nghttp2 security update",
"tags": [
"mailing-list",
"x_transferred"
],
"url": "https://lists.debian.org/debian-lts-announce/2023/10/msg00023.html"
},
{
"tags": [
"x_transferred"
],
"url": "https://security.netapp.com/advisory/ntap-20231016-0001/"
},
{
"name": "[debian-lts-announce] 20231016 [SECURITY] [DLA 3617-2] tomcat9 regression update",
"tags": [
"mailing-list",
"x_transferred"
],
"url": "https://lists.debian.org/debian-lts-announce/2023/10/msg00024.html"
},
{
"name": "[oss-security] 20231018 Vulnerability in Jenkins",
"tags": [
"mailing-list",
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2023/10/18/4"
},
{
"name": "[oss-security] 20231018 Re: CVE-2023-44487: HTTP/2 Rapid Reset attack against many implementations",
"tags": [
"mailing-list",
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2023/10/18/8"
},
{
"name": "[oss-security] 20231019 CVE-2023-45802: Apache HTTP Server: HTTP/2 stream memory not reclaimed right away on RST",
"tags": [
"mailing-list",
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2023/10/19/6"
},
{
"name": "FEDORA-2023-54fadada12",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZKQSIKIAT5TJ3WSLU3RDBQ35YX4GY4V3/"
},
{
"name": "FEDORA-2023-5ff7bf1dd8",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/JIZSEFC3YKCGABA2BZW6ZJRMDZJMB7PJ/"
},
{
"name": "[oss-security] 20231020 Re: CVE-2023-44487: HTTP/2 Rapid Reset attack against many implementations",
"tags": [
"mailing-list",
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2023/10/20/8"
},
{
"name": "FEDORA-2023-17efd3f2cd",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/WLPRQ5TWUQQXYWBJM7ECYDAIL2YVKIUH/"
},
{
"name": "FEDORA-2023-d5030c983c",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/E72T67UPDRXHIDLO3OROR25YAMN4GGW5/"
},
{
"name": "FEDORA-2023-0259c3f26f",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/BFQD3KUEMFBHPAPBGLWQC34L4OWL5HAZ/"
},
{
"name": "FEDORA-2023-2a9214af5f",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZLU6U2R2IC2K64NDPNMV55AUAO65MAF4/"
},
{
"name": "FEDORA-2023-e9c04d81c1",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/X6QXN4ORIVF6XBW4WWFE7VNPVC74S45Y/"
},
{
"name": "FEDORA-2023-f66fc0f62a",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/LKYHSZQFDNR7RSA7LHVLLIAQMVYCUGBG/"
},
{
"name": "FEDORA-2023-4d2fd884ea",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/FNA62Q767CFAFHBCDKYNPBMZWB7TWYVU/"
},
{
"name": "FEDORA-2023-b2c50535cb",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/LNMZJCDHGLJJLXO4OXWJMTVQRNWOC7UL/"
},
{
"name": "FEDORA-2023-fe53e13b5b",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/KSEGD2IWKNUO3DWY4KQGUQM5BISRWHQE/"
},
{
"name": "FEDORA-2023-4bf641255e",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/CLB4TW7KALB3EEQWNWCN7OUIWWVWWCG2/"
},
{
"name": "[debian-lts-announce] 20231030 [SECURITY] [DLA 3641-1] jetty9 security update",
"tags": [
"mailing-list",
"x_transferred"
],
"url": "https://lists.debian.org/debian-lts-announce/2023/10/msg00045.html"
},
{
"name": "DSA-5540",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://www.debian.org/security/2023/dsa-5540"
},
{
"name": "[debian-lts-announce] 20231031 [SECURITY] [DLA 3638-1] h2o security update",
"tags": [
"mailing-list",
"x_transferred"
],
"url": "https://lists.debian.org/debian-lts-announce/2023/10/msg00047.html"
},
{
"tags": [
"x_transferred"
],
"url": "https://discuss.hashicorp.com/t/hcsec-2023-32-vault-consul-and-boundary-affected-by-http-2-rapid-reset-denial-of-service-vulnerability-cve-2023-44487/59715"
},
{
"name": "FEDORA-2023-1caffb88af",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/VHUHTSXLXGXS7JYKBXTA3VINUPHTNGVU/"
},
{
"name": "FEDORA-2023-3f70b8d406",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/VSRDIV77HNKUSM7SJC5BKE5JSHLHU2NK/"
},
{
"name": "FEDORA-2023-7b52921cae",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/3N4NJ7FR4X4FPZUGNTQAPSTVB2HB2Y4A/"
},
{
"name": "FEDORA-2023-7934802344",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZB43REMKRQR62NJEI7I5NQ4FSXNLBKRT/"
},
{
"name": "FEDORA-2023-dbe64661af",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/HT7T2R4MQKLIF4ODV4BDLPARWFPCJ5CZ/"
},
{
"name": "FEDORA-2023-822aab0a5a",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/XFOIBB4YFICHDM7IBOP7PWXW3FX4HLL2/"
},
{
"name": "[debian-lts-announce] 20231105 [SECURITY] [DLA 3645-1] trafficserver security update",
"tags": [
"mailing-list",
"x_transferred"
],
"url": "https://lists.debian.org/debian-lts-announce/2023/11/msg00001.html"
},
{
"name": "DSA-5549",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://www.debian.org/security/2023/dsa-5549"
},
{
"name": "FEDORA-2023-c0c6a91330",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/2MBEPPC36UBVOZZNAXFHKLFGSLCMN5LI/"
},
{
"name": "FEDORA-2023-492b7be466",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/WE2I52RHNNU42PX6NZ2RBUHSFFJ2LVZX/"
},
{
"name": "DSA-5558",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://www.debian.org/security/2023/dsa-5558"
},
{
"name": "[debian-lts-announce] 20231119 [SECURITY] [DLA 3656-1] netty security update",
"tags": [
"mailing-list",
"x_transferred"
],
"url": "https://lists.debian.org/debian-lts-announce/2023/11/msg00012.html"
},
{
"name": "GLSA-202311-09",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://security.gentoo.org/glsa/202311-09"
},
{
"name": "DSA-5570",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://www.debian.org/security/2023/dsa-5570"
},
{
"tags": [
"x_transferred"
],
"url": "https://security.netapp.com/advisory/ntap-20240426-0007/"
},
{
"tags": [
"x_transferred"
],
"url": "https://security.netapp.com/advisory/ntap-20240621-0006/"
},
{
"tags": [
"x_transferred"
],
"url": "https://security.netapp.com/advisory/ntap-20240621-0007/"
},
{
"url": "https://www.vicarius.io/vsociety/posts/rapid-reset-cve-2023-44487-dos-in-http2-understanding-the-root-cause"
},
{
"url": "http://www.openwall.com/lists/oss-security/2025/08/13/6"
}
],
"title": "CVE Program Container"
},
{
"affected": [
{
"defaultStatus": "unknown",
"product": "RUGGEDCOM APE1808",
"vendor": "Siemens",
"versions": [
{
"lessThan": "*",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIMATIC S7-1500 CPU 1518-4 PN/DP MFP",
"vendor": "Siemens",
"versions": [
{
"lessThan": "*",
"status": "affected",
"version": "V3.1.5",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIMATIC S7-1500 CPU 1518-4 PN/DP MFP",
"vendor": "Siemens",
"versions": [
{
"lessThan": "*",
"status": "affected",
"version": "V3.1.5",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP",
"vendor": "Siemens",
"versions": [
{
"lessThan": "*",
"status": "affected",
"version": "V3.1.5",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP",
"vendor": "Siemens",
"versions": [
{
"lessThan": "*",
"status": "affected",
"version": "V3.1.5",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SINEC NMS",
"vendor": "Siemens",
"versions": [
{
"lessThan": "V3.0",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIPLUS S7-1500 CPU 1518-4 PN/DP MFP",
"vendor": "Siemens",
"versions": [
{
"lessThan": "*",
"status": "affected",
"version": "V3.1.5",
"versionType": "custom"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-05-12T10:52:23.784Z",
"orgId": "0b142b55-0307-4c5a-b3c9-f314f3fb7c5e",
"shortName": "siemens-SADP"
},
"references": [
{
"url": "https://cert-portal.siemens.com/productcert/html/ssa-832273.html"
},
{
"url": "https://cert-portal.siemens.com/productcert/html/ssa-341067.html"
},
{
"url": "https://cert-portal.siemens.com/productcert/html/ssa-784301.html"
},
{
"url": "https://cert-portal.siemens.com/productcert/html/ssa-915275.html"
},
{
"url": "https://cert-portal.siemens.com/productcert/html/ssa-082556.html"
}
],
"x_adpType": "supplier"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "The HTTP/2 protocol allows a denial of service (server resource consumption) because request cancellation can reset many streams quickly, as exploited in the wild in August through October 2023."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-06-07T20:05:34.376Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"url": "https://github.com/dotnet/core/blob/e4613450ea0da7fd2fc6b61dfb2c1c1dec1ce9ec/release-notes/6.0/6.0.23/6.0.23.md?plain=1#L73"
},
{
"url": "https://blog.cloudflare.com/technical-breakdown-http2-rapid-reset-ddos-attack/"
},
{
"url": "https://aws.amazon.com/security/security-bulletins/AWS-2023-011/"
},
{
"url": "https://cloud.google.com/blog/products/identity-security/how-it-works-the-novel-http2-rapid-reset-ddos-attack"
},
{
"url": "https://www.nginx.com/blog/http-2-rapid-reset-attack-impacting-f5-nginx-products/"
},
{
"url": "https://cloud.google.com/blog/products/identity-security/google-cloud-mitigated-largest-ddos-attack-peaking-above-398-million-rps/"
},
{
"url": "https://news.ycombinator.com/item?id=37831062"
},
{
"url": "https://blog.cloudflare.com/zero-day-rapid-reset-http2-record-breaking-ddos-attack/"
},
{
"url": "https://www.phoronix.com/news/HTTP2-Rapid-Reset-Attack"
},
{
"url": "https://github.com/envoyproxy/envoy/pull/30055"
},
{
"url": "https://github.com/haproxy/haproxy/issues/2312"
},
{
"url": "https://github.com/eclipse/jetty.project/issues/10679"
},
{
"url": "https://forums.swift.org/t/swift-nio-http2-security-update-cve-2023-44487-http-2-dos/67764"
},
{
"url": "https://github.com/nghttp2/nghttp2/pull/1961"
},
{
"url": "https://github.com/netty/netty/commit/58f75f665aa81a8cbcf6ffa74820042a285c5e61"
},
{
"url": "https://github.com/alibaba/tengine/issues/1872"
},
{
"url": "https://github.com/apache/tomcat/tree/main/java/org/apache/coyote/http2"
},
{
"url": "https://news.ycombinator.com/item?id=37830987"
},
{
"url": "https://news.ycombinator.com/item?id=37830998"
},
{
"url": "https://github.com/caddyserver/caddy/issues/5877"
},
{
"url": "https://www.bleepingcomputer.com/news/security/new-http-2-rapid-reset-zero-day-attack-breaks-ddos-records/"
},
{
"url": "https://github.com/bcdannyboy/CVE-2023-44487"
},
{
"url": "https://github.com/grpc/grpc-go/pull/6703"
},
{
"url": "https://github.com/icing/mod_h2/blob/0a864782af0a942aa2ad4ed960a6b32cd35bcf0a/mod_http2/README.md?plain=1#L239-L244"
},
{
"url": "https://github.com/nghttp2/nghttp2/releases/tag/v1.57.0"
},
{
"url": "https://mailman.nginx.org/pipermail/nginx-devel/2023-October/S36Q5HBXR7CAIMPLLPRSSSYR4PCMWILK.html"
},
{
"url": "https://my.f5.com/manage/s/article/K000137106"
},
{
"url": "https://msrc.microsoft.com/blog/2023/10/microsoft-response-to-distributed-denial-of-service-ddos-attacks-against-http/2/"
},
{
"url": "https://bugzilla.proxmox.com/show_bug.cgi?id=4988"
},
{
"url": "https://cgit.freebsd.org/ports/commit/?id=c64c329c2c1752f46b73e3e6ce9f4329be6629f9"
},
{
"name": "[oss-security] 20231010 Re: CVE-2023-44487: HTTP/2 Rapid Reset attack against many implementations",
"tags": [
"mailing-list"
],
"url": "http://www.openwall.com/lists/oss-security/2023/10/10/7"
},
{
"name": "[oss-security] 20231010 CVE-2023-44487: HTTP/2 Rapid Reset attack against many implementations",
"tags": [
"mailing-list"
],
"url": "http://www.openwall.com/lists/oss-security/2023/10/10/6"
},
{
"url": "https://seanmonstar.com/post/730794151136935936/hyper-http2-rapid-reset-unaffected"
},
{
"url": "https://github.com/microsoft/CBL-Mariner/pull/6381"
},
{
"url": "https://groups.google.com/g/golang-announce/c/iNNxDTCjZvo"
},
{
"url": "https://github.com/facebook/proxygen/pull/466"
},
{
"url": "https://gist.github.com/adulau/7c2bfb8e9cdbe4b35a5e131c66a0c088"
},
{
"url": "https://github.com/micrictor/http2-rst-stream"
},
{
"url": "https://edg.io/lp/blog/resets-leaks-ddos-and-the-tale-of-a-hidden-cve"
},
{
"url": "https://openssf.org/blog/2023/10/10/http-2-rapid-reset-vulnerability-highlights-need-for-rapid-response/"
},
{
"url": "https://github.com/h2o/h2o/security/advisories/GHSA-2m7v-gc89-fjqf"
},
{
"url": "https://github.com/h2o/h2o/pull/3291"
},
{
"url": "https://github.com/nodejs/node/pull/50121"
},
{
"url": "https://github.com/dotnet/announcements/issues/277"
},
{
"url": "https://github.com/golang/go/issues/63417"
},
{
"url": "https://github.com/advisories/GHSA-vx74-f528-fxqg"
},
{
"url": "https://github.com/apache/trafficserver/pull/10564"
},
{
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-44487"
},
{
"url": "https://tomcat.apache.org/security-10.html#Fixed_in_Apache_Tomcat_10.1.14"
},
{
"url": "https://lists.apache.org/thread/5py8h42mxfsn8l1wy6o41xwhsjlsd87q"
},
{
"url": "https://www.openwall.com/lists/oss-security/2023/10/10/6"
},
{
"url": "https://www.haproxy.com/blog/haproxy-is-not-affected-by-the-http-2-rapid-reset-attack-cve-2023-44487"
},
{
"url": "https://github.com/opensearch-project/data-prepper/issues/3474"
},
{
"url": "https://github.com/kubernetes/kubernetes/pull/121120"
},
{
"url": "https://github.com/oqtane/oqtane.framework/discussions/3367"
},
{
"url": "https://github.com/advisories/GHSA-xpw8-rcwv-8f8p"
},
{
"url": "https://netty.io/news/2023/10/10/4-1-100-Final.html"
},
{
"url": "https://www.cisa.gov/news-events/alerts/2023/10/10/http2-rapid-reset-vulnerability-cve-2023-44487"
},
{
"url": "https://www.theregister.com/2023/10/10/http2_rapid_reset_zeroday/"
},
{
"url": "https://blog.qualys.com/vulnerabilities-threat-research/2023/10/10/cve-2023-44487-http-2-rapid-reset-attack"
},
{
"url": "https://news.ycombinator.com/item?id=37837043"
},
{
"url": "https://github.com/kazu-yamamoto/http2/issues/93"
},
{
"url": "https://martinthomson.github.io/h2-stream-limits/draft-thomson-httpbis-h2-stream-limits.html"
},
{
"url": "https://github.com/kazu-yamamoto/http2/commit/f61d41a502bd0f60eb24e1ce14edc7b6df6722a1"
},
{
"url": "https://github.com/apache/httpd/blob/afcdbeebbff4b0c50ea26cdd16e178c0d1f24152/modules/http2/h2_mplx.c#L1101-L1113"
},
{
"name": "DSA-5522",
"tags": [
"vendor-advisory"
],
"url": "https://www.debian.org/security/2023/dsa-5522"
},
{
"name": "DSA-5521",
"tags": [
"vendor-advisory"
],
"url": "https://www.debian.org/security/2023/dsa-5521"
},
{
"url": "https://access.redhat.com/security/cve/cve-2023-44487"
},
{
"url": "https://github.com/ninenines/cowboy/issues/1615"
},
{
"url": "https://github.com/varnishcache/varnish-cache/issues/3996"
},
{
"url": "https://github.com/tempesta-tech/tempesta/issues/1986"
},
{
"url": "https://blog.vespa.ai/cve-2023-44487/"
},
{
"url": "https://github.com/etcd-io/etcd/issues/16740"
},
{
"url": "https://www.darkreading.com/cloud/internet-wide-zero-day-bug-fuels-largest-ever-ddos-event"
},
{
"url": "https://istio.io/latest/news/security/istio-security-2023-004/"
},
{
"url": "https://github.com/junkurihara/rust-rpxy/issues/97"
},
{
"url": "https://bugzilla.suse.com/show_bug.cgi?id=1216123"
},
{
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2242803"
},
{
"url": "https://ubuntu.com/security/CVE-2023-44487"
},
{
"url": "https://community.traefik.io/t/is-traefik-vulnerable-to-cve-2023-44487/20125"
},
{
"url": "https://github.com/advisories/GHSA-qppj-fm5r-hxr3"
},
{
"url": "https://github.com/apache/httpd-site/pull/10"
},
{
"url": "https://github.com/projectcontour/contour/pull/5826"
},
{
"url": "https://github.com/linkerd/website/pull/1695/commits/4b9c6836471bc8270ab48aae6fd2181bc73fd632"
},
{
"url": "https://github.com/line/armeria/pull/5232"
},
{
"url": "https://blog.litespeedtech.com/2023/10/11/rapid-reset-http-2-vulnerablilty/"
},
{
"url": "https://security.paloaltonetworks.com/CVE-2023-44487"
},
{
"url": "https://github.com/akka/akka-http/issues/4323"
},
{
"url": "https://github.com/openresty/openresty/issues/930"
},
{
"url": "https://github.com/apache/apisix/issues/10320"
},
{
"url": "https://github.com/Azure/AKS/issues/3947"
},
{
"url": "https://github.com/Kong/kong/discussions/11741"
},
{
"url": "https://github.com/arkrwn/PoC/tree/main/CVE-2023-44487"
},
{
"url": "https://www.netlify.com/blog/netlify-successfully-mitigates-cve-2023-44487/"
},
{
"url": "https://github.com/caddyserver/caddy/releases/tag/v2.7.5"
},
{
"name": "[debian-lts-announce] 20231013 [SECURITY] [DLA 3617-1] tomcat9 security update",
"tags": [
"mailing-list"
],
"url": "https://lists.debian.org/debian-lts-announce/2023/10/msg00020.html"
},
{
"name": "[oss-security] 20231013 Re: CVE-2023-44487: HTTP/2 Rapid Reset attack against many implementations",
"tags": [
"mailing-list"
],
"url": "http://www.openwall.com/lists/oss-security/2023/10/13/4"
},
{
"name": "[oss-security] 20231013 Re: CVE-2023-44487: HTTP/2 Rapid Reset attack against many implementations",
"tags": [
"mailing-list"
],
"url": "http://www.openwall.com/lists/oss-security/2023/10/13/9"
},
{
"url": "https://arstechnica.com/security/2023/10/how-ddosers-used-the-http-2-protocol-to-deliver-attacks-of-unprecedented-size/"
},
{
"url": "https://lists.w3.org/Archives/Public/ietf-http-wg/2023OctDec/0025.html"
},
{
"name": "FEDORA-2023-ed2642fd58",
"tags": [
"vendor-advisory"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/JMEXY22BFG5Q64HQCM5CK2Q7KDKVV4TY/"
},
{
"url": "https://linkerd.io/2023/10/12/linkerd-cve-2023-44487/"
},
{
"name": "[debian-lts-announce] 20231016 [SECURITY] [DLA 3621-1] nghttp2 security update",
"tags": [
"mailing-list"
],
"url": "https://lists.debian.org/debian-lts-announce/2023/10/msg00023.html"
},
{
"url": "https://security.netapp.com/advisory/ntap-20231016-0001/"
},
{
"name": "[debian-lts-announce] 20231016 [SECURITY] [DLA 3617-2] tomcat9 regression update",
"tags": [
"mailing-list"
],
"url": "https://lists.debian.org/debian-lts-announce/2023/10/msg00024.html"
},
{
"name": "[oss-security] 20231018 Vulnerability in Jenkins",
"tags": [
"mailing-list"
],
"url": "http://www.openwall.com/lists/oss-security/2023/10/18/4"
},
{
"name": "[oss-security] 20231018 Re: CVE-2023-44487: HTTP/2 Rapid Reset attack against many implementations",
"tags": [
"mailing-list"
],
"url": "http://www.openwall.com/lists/oss-security/2023/10/18/8"
},
{
"name": "[oss-security] 20231019 CVE-2023-45802: Apache HTTP Server: HTTP/2 stream memory not reclaimed right away on RST",
"tags": [
"mailing-list"
],
"url": "http://www.openwall.com/lists/oss-security/2023/10/19/6"
},
{
"name": "FEDORA-2023-54fadada12",
"tags": [
"vendor-advisory"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZKQSIKIAT5TJ3WSLU3RDBQ35YX4GY4V3/"
},
{
"name": "FEDORA-2023-5ff7bf1dd8",
"tags": [
"vendor-advisory"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/JIZSEFC3YKCGABA2BZW6ZJRMDZJMB7PJ/"
},
{
"name": "[oss-security] 20231020 Re: CVE-2023-44487: HTTP/2 Rapid Reset attack against many implementations",
"tags": [
"mailing-list"
],
"url": "http://www.openwall.com/lists/oss-security/2023/10/20/8"
},
{
"name": "FEDORA-2023-17efd3f2cd",
"tags": [
"vendor-advisory"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WLPRQ5TWUQQXYWBJM7ECYDAIL2YVKIUH/"
},
{
"name": "FEDORA-2023-d5030c983c",
"tags": [
"vendor-advisory"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/E72T67UPDRXHIDLO3OROR25YAMN4GGW5/"
},
{
"name": "FEDORA-2023-0259c3f26f",
"tags": [
"vendor-advisory"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/BFQD3KUEMFBHPAPBGLWQC34L4OWL5HAZ/"
},
{
"name": "FEDORA-2023-2a9214af5f",
"tags": [
"vendor-advisory"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZLU6U2R2IC2K64NDPNMV55AUAO65MAF4/"
},
{
"name": "FEDORA-2023-e9c04d81c1",
"tags": [
"vendor-advisory"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/X6QXN4ORIVF6XBW4WWFE7VNPVC74S45Y/"
},
{
"name": "FEDORA-2023-f66fc0f62a",
"tags": [
"vendor-advisory"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/LKYHSZQFDNR7RSA7LHVLLIAQMVYCUGBG/"
},
{
"name": "FEDORA-2023-4d2fd884ea",
"tags": [
"vendor-advisory"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/FNA62Q767CFAFHBCDKYNPBMZWB7TWYVU/"
},
{
"name": "FEDORA-2023-b2c50535cb",
"tags": [
"vendor-advisory"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/LNMZJCDHGLJJLXO4OXWJMTVQRNWOC7UL/"
},
{
"name": "FEDORA-2023-fe53e13b5b",
"tags": [
"vendor-advisory"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KSEGD2IWKNUO3DWY4KQGUQM5BISRWHQE/"
},
{
"name": "FEDORA-2023-4bf641255e",
"tags": [
"vendor-advisory"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CLB4TW7KALB3EEQWNWCN7OUIWWVWWCG2/"
},
{
"name": "[debian-lts-announce] 20231030 [SECURITY] [DLA 3641-1] jetty9 security update",
"tags": [
"mailing-list"
],
"url": "https://lists.debian.org/debian-lts-announce/2023/10/msg00045.html"
},
{
"name": "DSA-5540",
"tags": [
"vendor-advisory"
],
"url": "https://www.debian.org/security/2023/dsa-5540"
},
{
"name": "[debian-lts-announce] 20231031 [SECURITY] [DLA 3638-1] h2o security update",
"tags": [
"mailing-list"
],
"url": "https://lists.debian.org/debian-lts-announce/2023/10/msg00047.html"
},
{
"url": "https://discuss.hashicorp.com/t/hcsec-2023-32-vault-consul-and-boundary-affected-by-http-2-rapid-reset-denial-of-service-vulnerability-cve-2023-44487/59715"
},
{
"name": "FEDORA-2023-1caffb88af",
"tags": [
"vendor-advisory"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/VHUHTSXLXGXS7JYKBXTA3VINUPHTNGVU/"
},
{
"name": "FEDORA-2023-3f70b8d406",
"tags": [
"vendor-advisory"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/VSRDIV77HNKUSM7SJC5BKE5JSHLHU2NK/"
},
{
"name": "FEDORA-2023-7b52921cae",
"tags": [
"vendor-advisory"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3N4NJ7FR4X4FPZUGNTQAPSTVB2HB2Y4A/"
},
{
"name": "FEDORA-2023-7934802344",
"tags": [
"vendor-advisory"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZB43REMKRQR62NJEI7I5NQ4FSXNLBKRT/"
},
{
"name": "FEDORA-2023-dbe64661af",
"tags": [
"vendor-advisory"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/HT7T2R4MQKLIF4ODV4BDLPARWFPCJ5CZ/"
},
{
"name": "FEDORA-2023-822aab0a5a",
"tags": [
"vendor-advisory"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XFOIBB4YFICHDM7IBOP7PWXW3FX4HLL2/"
},
{
"name": "[debian-lts-announce] 20231105 [SECURITY] [DLA 3645-1] trafficserver security update",
"tags": [
"mailing-list"
],
"url": "https://lists.debian.org/debian-lts-announce/2023/11/msg00001.html"
},
{
"name": "DSA-5549",
"tags": [
"vendor-advisory"
],
"url": "https://www.debian.org/security/2023/dsa-5549"
},
{
"name": "FEDORA-2023-c0c6a91330",
"tags": [
"vendor-advisory"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/2MBEPPC36UBVOZZNAXFHKLFGSLCMN5LI/"
},
{
"name": "FEDORA-2023-492b7be466",
"tags": [
"vendor-advisory"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WE2I52RHNNU42PX6NZ2RBUHSFFJ2LVZX/"
},
{
"name": "DSA-5558",
"tags": [
"vendor-advisory"
],
"url": "https://www.debian.org/security/2023/dsa-5558"
},
{
"name": "[debian-lts-announce] 20231119 [SECURITY] [DLA 3656-1] netty security update",
"tags": [
"mailing-list"
],
"url": "https://lists.debian.org/debian-lts-announce/2023/11/msg00012.html"
},
{
"name": "GLSA-202311-09",
"tags": [
"vendor-advisory"
],
"url": "https://security.gentoo.org/glsa/202311-09"
},
{
"name": "DSA-5570",
"tags": [
"vendor-advisory"
],
"url": "https://www.debian.org/security/2023/dsa-5570"
},
{
"url": "https://security.netapp.com/advisory/ntap-20240426-0007/"
},
{
"url": "https://security.netapp.com/advisory/ntap-20240621-0006/"
},
{
"url": "https://security.netapp.com/advisory/ntap-20240621-0007/"
},
{
"url": "https://github.com/grpc/grpc/releases/tag/v1.59.2"
},
{
"url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-http2-reset-d8Kf32vZ"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2023-44487",
"datePublished": "2023-10-10T00:00:00.000Z",
"dateReserved": "2023-09-29T00:00:00.000Z",
"dateUpdated": "2026-05-12T10:52:23.784Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2",
"vulnerability-lookup:meta": {
"cisa_known_exploited": {
"cveID": "CVE-2023-44487",
"cwes": "[\"CWE-400\"]",
"dateAdded": "2023-10-10",
"dueDate": "2023-10-31",
"knownRansomwareCampaignUse": "Unknown",
"notes": "This vulnerability affects a common open-source component, third-party library, or protocol used by different products. For more information, please see: HTTP/2 Rapid Reset Vulnerability, CVE-2023-44487 | CISA: https://www.cisa.gov/news-events/alerts/2023/10/10/http2-rapid-reset-vulnerability-cve-2023-44487; https://blog.cloudflare.com/technical-breakdown-http2-rapid-reset-ddos-attack/; https://nvd.nist.gov/vuln/detail/CVE-2023-44487",
"product": "HTTP/2",
"requiredAction": "Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable.",
"shortDescription": "HTTP/2 contains a rapid reset vulnerability that allows for a distributed denial-of-service attack (DDoS).",
"vendorProject": "IETF",
"vulnerabilityName": "HTTP/2 Rapid Reset Attack Vulnerability"
},
"epss": {
"cve": "CVE-2023-44487",
"date": "2026-06-30",
"epss": "0.99999",
"percentile": "0.99996"
},
"nvd": "{\"cve\":{\"id\":\"CVE-2023-44487\",\"sourceIdentifier\":\"cve@mitre.org\",\"published\":\"2023-10-10T14:15:10.883\",\"lastModified\":\"2026-06-17T06:27:44.067\",\"vulnStatus\":\"Analyzed\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"The HTTP/2 protocol allows a denial of service (server resource consumption) because request cancellation can reset many streams quickly, as exploited in the wild in August through October 2023.\"},{\"lang\":\"es\",\"value\":\"El protocolo HTTP/2 permite una denegaci\u00f3n de servicio (consumo de recursos del servidor) porque la cancelaci\u00f3n de solicitudes puede restablecer muchas transmisiones r\u00e1pidamente, como se explot\u00f3 en la naturaleza entre agosto y octubre de 2023.\"}],\"affected\":[{\"source\":\"cve@mitre.org\",\"affectedData\":[{\"vendor\":\"n/a\",\"product\":\"n/a\",\"versions\":[{\"version\":\"n/a\",\"status\":\"affected\"}]}]},{\"source\":\"134c704f-9b21-4f2e-91b3-4a467353bcc0\",\"affectedData\":[{\"vendor\":\"ietf\",\"product\":\"http\",\"defaultStatus\":\"unknown\",\"cpes\":[\"cpe:2.3:a:ietf:http:2.0:*:*:*:*:*:*:*\"],\"versions\":[{\"version\":\"2.0\",\"status\":\"affected\"}]}]},{\"source\":\"0b142b55-0307-4c5a-b3c9-f314f3fb7c5e\",\"affectedData\":[{\"vendor\":\"Siemens\",\"product\":\"RUGGEDCOM APE1808\",\"defaultStatus\":\"unknown\",\"versions\":[{\"version\":\"0\",\"lessThan\":\"*\",\"versionType\":\"custom\",\"status\":\"affected\"}]},{\"vendor\":\"Siemens\",\"product\":\"SIMATIC S7-1500 CPU 1518-4 PN/DP MFP\",\"defaultStatus\":\"unknown\",\"versions\":[{\"version\":\"V3.1.5\",\"lessThan\":\"*\",\"versionType\":\"custom\",\"status\":\"affected\"}]},{\"vendor\":\"Siemens\",\"product\":\"SIMATIC S7-1500 CPU 1518-4 PN/DP MFP\",\"defaultStatus\":\"unknown\",\"versions\":[{\"version\":\"V3.1.5\",\"lessThan\":\"*\",\"versionType\":\"custom\",\"status\":\"affected\"}]},{\"vendor\":\"Siemens\",\"product\":\"SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP\",\"defaultStatus\":\"unknown\",\"versions\":[{\"version\":\"V3.1.5\",\"lessThan\":\"*\",\"versionType\":\"custom\",\"status\":\"affected\"}]},{\"vendor\":\"Siemens\",\"product\":\"SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP\",\"defaultStatus\":\"unknown\",\"versions\":[{\"version\":\"V3.1.5\",\"lessThan\":\"*\",\"versionType\":\"custom\",\"status\":\"affected\"}]},{\"vendor\":\"Siemens\",\"product\":\"SINEC NMS\",\"defaultStatus\":\"unknown\",\"versions\":[{\"version\":\"0\",\"lessThan\":\"V3.0\",\"versionType\":\"custom\",\"status\":\"affected\"}]},{\"vendor\":\"Siemens\",\"product\":\"SIPLUS S7-1500 CPU 1518-4 PN/DP MFP\",\"defaultStatus\":\"unknown\",\"versions\":[{\"version\":\"V3.1.5\",\"lessThan\":\"*\",\"versionType\":\"custom\",\"status\":\"affected\"}]}]}],\"metrics\":{\"cvssMetricV31\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H\",\"baseScore\":7.5,\"baseSeverity\":\"HIGH\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"NONE\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"NONE\",\"integrityImpact\":\"NONE\",\"availabilityImpact\":\"HIGH\"},\"exploitabilityScore\":3.9,\"impactScore\":3.6},{\"source\":\"134c704f-9b21-4f2e-91b3-4a467353bcc0\",\"type\":\"Secondary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H\",\"baseScore\":7.5,\"baseSeverity\":\"HIGH\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"NONE\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"NONE\",\"integrityImpact\":\"NONE\",\"availabilityImpact\":\"HIGH\"},\"exploitabilityScore\":3.9,\"impactScore\":3.6}],\"ssvcV203\":[{\"source\":\"134c704f-9b21-4f2e-91b3-4a467353bcc0\",\"ssvcData\":{\"timestamp\":\"2024-07-23T20:34:21.334116Z\",\"id\":\"CVE-2023-44487\",\"options\":[{\"exploitation\":\"active\"},{\"automatable\":\"yes\"},{\"technicalImpact\":\"partial\"}],\"role\":\"CISA Coordinator\",\"version\":\"2.0.3\"}}]},\"cisaExploitAdd\":\"2023-10-10\",\"cisaActionDue\":\"2023-10-31\",\"cisaRequiredAction\":\"Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable.\",\"cisaVulnerabilityName\":\"HTTP/2 Rapid Reset Attack Vulnerability\",\"weaknesses\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"NVD-CWE-noinfo\"}]},{\"source\":\"134c704f-9b21-4f2e-91b3-4a467353bcc0\",\"type\":\"Secondary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-400\"}]}],\"configurations\":[{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:siemens:simatic_s7-1500_cpu_1518f-4_pn\\\\/dp_mfp_firmware:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"3.1.5\",\"matchCriteriaId\":\"2A7548B8-3DF7-46D9-8A4F-87C38969D900\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:siemens:simatic_s7-1500_cpu_1518f-4_pn\\\\/dp_mfp:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"5B1EE93D-BAD2-4B86-910C-8784FCC9F398\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:siemens:sinec_ins:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"1.0\",\"matchCriteriaId\":\"C89891C1-DFD7-4E1F-80A9-7485D86A15B5\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:siemens:sinec_ins:1.0:-:*:*:*:*:*:*\",\"matchCriteriaId\":\"4664B195-AF14-4834-82B3-0B2C98020EB6\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:siemens:sinec_ins:1.0:sp1:*:*:*:*:*:*\",\"matchCriteriaId\":\"75BC588E-CDF0-404E-AD61-02093A1DF343\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:siemens:sinec_ins:1.0:sp2:*:*:*:*:*:*\",\"matchCriteriaId\":\"A334F7B4-7283-4453-BAED-D2E01B7F8A6E\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:siemens:sinec_ins:1.0:sp2_update_1:*:*:*:*:*:*\",\"matchCriteriaId\":\"A6BEA71C-CA81-4B5D-A688-2B21E62DC351\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:siemens:sinec_ins:1.0:sp2_update_2:*:*:*:*:*:*\",\"matchCriteriaId\":\"6B405F22-5517-49F5-A7CA-1E50D58DFC75\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:siemens:sinec_nms:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"3.0\",\"matchCriteriaId\":\"AE06B8AF-B36C-4743-A056-30712163F75B\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:siemens:st7_scadaconnect:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"1.1\",\"matchCriteriaId\":\"BCBD17AE-C1AE-4ECF-A991-0FFBDD06D687\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:siemens:ruggedcom_ape1808_firmware:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"37FDCA69-9049-40B4-88AF-F476901022B6\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:siemens:ruggedcom_ape1808:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"B89A6863-B602-4404-8D26-337FECABFFF0\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:siemens:simatic_s7-1500_cpu_1518-4_pn\\\\/dp_mfp_firmware:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"3.1.5\",\"matchCriteriaId\":\"99E36624-A573-47D9-B158-B18A8A822FBA\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:siemens:simatic_s7-1500_cpu_1518-4_pn\\\\/dp:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"40F38253-92F5-4A3A-AA07-292F7542D8A6\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:siemens:siplus_s7-1500_cpu_1518-4_pn\\\\/dp_mfp_firmware:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"3.1.5\",\"matchCriteriaId\":\"19F1C257-0EE6-47DE-B4BE-169F801FFDD8\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:siemens:siplus_s7-1500_cpu_1518-4_pn\\\\/dp_mfp:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"E2F63E0A-126D-4A93-8159-45EB5E606F81\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:ietf:http:2.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"D5200E35-222B-42E0-83E0-5B702684D992\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:nghttp2:nghttp2:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"1.57.0\",\"matchCriteriaId\":\"C3BDC297-F023-4E87-8518-B84CCF9DD6A8\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:netty:netty:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"4.1.100\",\"matchCriteriaId\":\"D12D5257-7ED2-400F-9EF7-40E0D3650C2B\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:envoyproxy:envoy:1.24.10:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"1B058776-B5B7-4079-B0AF-23F40926DCEC\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:envoyproxy:envoy:1.25.9:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"6D565975-EFD9-467C-B6E3-1866A4EF17A4\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:envoyproxy:envoy:1.26.4:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"6D487271-1B5E-4F16-B0CB-A7B8908935C6\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:envoyproxy:envoy:1.27.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"BA6ED627-EFB3-4BDD-8ECC-C5947A1470B2\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:eclipse:jetty:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"9.4.53\",\"matchCriteriaId\":\"A4A6F189-6C43-462D-85C9-B0EBDA8A4683\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:eclipse:jetty:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"10.0.0\",\"versionEndExcluding\":\"10.0.17\",\"matchCriteriaId\":\"C993C920-85C0-4181-A95E-5D965A670738\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:eclipse:jetty:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"11.0.0\",\"versionEndExcluding\":\"11.0.17\",\"matchCriteriaId\":\"08E79A8E-E12C-498F-AF4F-1AAA7135661E\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:eclipse:jetty:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"12.0.0\",\"versionEndExcluding\":\"12.0.2\",\"matchCriteriaId\":\"F138D800-9A3B-4C76-8A3C-4793083A1517\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:caddyserver:caddy:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"2.7.5\",\"matchCriteriaId\":\"6341DDDA-AD27-4087-9D59-0A212F0037B4\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:golang:go:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"1.20.10\",\"matchCriteriaId\":\"328120E4-C031-44B4-9BE5-03B0CDAA066F\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:golang:go:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"1.21.0\",\"versionEndExcluding\":\"1.21.3\",\"matchCriteriaId\":\"5FD9AB15-E5F6-4DBC-9EC7-D0ABA705802A\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:golang:http2:*:*:*:*:*:go:*:*\",\"versionEndExcluding\":\"0.17.0\",\"matchCriteriaId\":\"D7D2F801-6F65-4705-BCB9-D057EA54A707\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:golang:networking:*:*:*:*:*:go:*:*\",\"versionEndExcluding\":\"0.17.0\",\"matchCriteriaId\":\"801F25DA-F38C-4452-8E90-235A3B1A5FF0\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:f5:big-ip_access_policy_manager:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"13.1.0\",\"versionEndIncluding\":\"13.1.5\",\"matchCriteriaId\":\"D93F04AD-DF14-48AB-9F13-8B2E491CF42E\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:f5:big-ip_access_policy_manager:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"14.1.0\",\"versionEndIncluding\":\"14.1.5\",\"matchCriteriaId\":\"7522C760-7E07-406F-BF50-5656D5723C4F\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:f5:big-ip_access_policy_manager:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"15.1.0\",\"versionEndIncluding\":\"15.1.10\",\"matchCriteriaId\":\"3A7F605E-EB10-40FB-98D6-7E3A95E310BC\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:f5:big-ip_access_policy_manager:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"16.1.0\",\"versionEndIncluding\":\"16.1.4\",\"matchCriteriaId\":\"783E62F2-F867-48F1-B123-D1227C970674\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:f5:big-ip_access_policy_manager:17.1.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"0A8D90B7-A1AF-4EFB-B688-1563D81E5C6D\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:f5:big-ip_advanced_firewall_manager:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"13.1.0\",\"versionEndIncluding\":\"13.1.5\",\"matchCriteriaId\":\"6603ED6A-3366-4572-AFCD-B3D4B1EC7606\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:f5:big-ip_advanced_firewall_manager:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"14.1.0\",\"versionEndIncluding\":\"14.1.5\",\"matchCriteriaId\":\"88978E38-81D3-4EFE-8525-A300B101FA69\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:f5:big-ip_advanced_firewall_manager:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"15.1.0\",\"versionEndIncluding\":\"15.1.10\",\"matchCriteriaId\":\"0510296F-92D7-4388-AE3A-0D9799C2FC4D\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:f5:big-ip_advanced_firewall_manager:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"16.1.0\",\"versionEndIncluding\":\"16.1.4\",\"matchCriteriaId\":\"D7698D6C-B1F7-43C1-BBA6-88E956356B3D\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:f5:big-ip_advanced_firewall_manager:17.1.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"1A1CC91B-6920-4AF0-9EDD-DD3189E78F4D\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:f5:big-ip_advanced_web_application_firewall:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"13.1.0\",\"versionEndIncluding\":\"13.1.5\",\"matchCriteriaId\":\"05E452AA-A520-4CBE-8767-147772B69194\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:f5:big-ip_advanced_web_application_firewall:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"14.1.0\",\"versionEndIncluding\":\"14.1.5\",\"matchCriteriaId\":\"596FC5D5-7329-4E39-841E-CAE937C02219\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:f5:big-ip_advanced_web_application_firewall:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"15.1.0\",\"versionEndIncluding\":\"15.1.10\",\"matchCriteriaId\":\"B3C7A168-F370-441E-8790-73014BCEC39F\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:f5:big-ip_advanced_web_application_firewall:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"16.1.0\",\"versionEndIncluding\":\"16.1.4\",\"matchCriteriaId\":\"CF16FD01-7704-40AB-ACB2-80A883804D22\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:f5:big-ip_advanced_web_application_firewall:17.1.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"1769D69A-CB59-46B1-89B3-FB97DC6DEB9B\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:f5:big-ip_analytics:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"13.1.0\",\"versionEndIncluding\":\"13.1.5\",\"matchCriteriaId\":\"9167FEC1-2C37-4946-9657-B4E69301FB24\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:f5:big-ip_analytics:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"14.1.0\",\"versionEndIncluding\":\"14.1.5\",\"matchCriteriaId\":\"7B4B3442-E0C0-48CD-87AD-060E15C9801E\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:f5:big-ip_analytics:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"15.1.0\",\"versionEndIncluding\":\"15.1.10\",\"matchCriteriaId\":\"8FA85EC1-D91A-49DD-949B-2AF7AC813CA5\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:f5:big-ip_analytics:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"16.1.0\",\"versionEndIncluding\":\"16.1.4\",\"matchCriteriaId\":\"20662BB0-4C3D-4CF0-B068-3555C65DD06C\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:f5:big-ip_analytics:17.1.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"59203EBF-C52A-45A1-B8DF-00E17E3EFB51\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:f5:big-ip_application_acceleration_manager:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"13.1.0\",\"versionEndIncluding\":\"13.1.5\",\"matchCriteriaId\":\"7EC2324D-EC8B-41DF-88A7-819E53AAD0FC\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:f5:big-ip_application_acceleration_manager:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"14.1.0\",\"versionEndIncluding\":\"14.1.5\",\"matchCriteriaId\":\"9B88F9D1-B54B-40C7-A18A-26C4A071D7EC\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:f5:big-ip_application_acceleration_manager:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"15.1.0\",\"versionEndIncluding\":\"15.1.10\",\"matchCriteriaId\":\"C8F39403-C259-4D6F-9E9A-53671017EEDB\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:f5:big-ip_application_acceleration_manager:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"16.1.0\",\"versionEndIncluding\":\"16.1.4\",\"matchCriteriaId\":\"220F2D38-FA82-45EF-B957-7678C9FEDBC1\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:f5:big-ip_application_acceleration_manager:17.1.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"5C698C1C-A3DD-46E2-B05A-12F2604E7F85\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:f5:big-ip_application_security_manager:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"13.1.0\",\"versionEndIncluding\":\"13.1.5\",\"matchCriteriaId\":\"922AA845-530A-4B4B-9976-4CBC30C8A324\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:f5:big-ip_application_security_manager:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"14.1.0\",\"versionEndIncluding\":\"14.1.5\",\"matchCriteriaId\":\"F938EB43-8373-47EB-B269-C6DF058A9244\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:f5:big-ip_application_security_manager:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"15.1.0\",\"versionEndIncluding\":\"15.1.10\",\"matchCriteriaId\":\"1771493E-ACAA-477F-8AB4-25DB12F6AD6E\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:f5:big-ip_application_security_manager:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"16.1.0\",\"versionEndIncluding\":\"16.1.4\",\"matchCriteriaId\":\"5E86F3D5-65A4-48CE-A6A2-736BBB88E3F8\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:f5:big-ip_application_security_manager:17.1.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"87670A74-34FE-45DF-A725-25B804C845B3\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:f5:big-ip_application_visibility_and_reporting:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"13.1.0\",\"versionEndIncluding\":\"13.1.5\",\"matchCriteriaId\":\"C7E422F6-C4C2-43AC-B137-0997B5739030\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:f5:big-ip_application_visibility_and_reporting:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"14.1.0\",\"versionEndIncluding\":\"14.1.5\",\"matchCriteriaId\":\"CC3F710F-DBCB-4976-9719-CF063DA22377\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:f5:big-ip_application_visibility_and_reporting:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"15.1.0\",\"versionEndIncluding\":\"15.1.10\",\"matchCriteriaId\":\"4B9B76A1-7C5A-453F-A4ED-F1A81BCEBEB5\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:f5:big-ip_application_visibility_and_reporting:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"16.1.0\",\"versionEndIncluding\":\"16.1.4\",\"matchCriteriaId\":\"88EDFCD9-775C-48FA-9CDA-2B04DA8D0612\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:f5:big-ip_application_visibility_and_reporting:17.1.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"67DB21AE-DF53-442D-B492-C4ED9A20B105\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:f5:big-ip_carrier-grade_nat:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"13.1.0\",\"versionEndIncluding\":\"13.1.5\",\"matchCriteriaId\":\"4C9FCBCB-9CE0-49E7-85C8-69E71D211912\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:f5:big-ip_carrier-grade_nat:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"14.1.0\",\"versionEndIncluding\":\"14.1.5\",\"matchCriteriaId\":\"112DFA85-90AD-478D-BD70-8C7C0C074F1B\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:f5:big-ip_carrier-grade_nat:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"15.1.0\",\"versionEndIncluding\":\"15.1.10\",\"matchCriteriaId\":\"DB704A1C-D8B7-48BB-A15A-C14DB591FE4A\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:f5:big-ip_carrier-grade_nat:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"16.1.0\",\"versionEndIncluding\":\"16.1.4\",\"matchCriteriaId\":\"21D51D9F-2840-4DEA-A007-D20111A1745C\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:f5:big-ip_carrier-grade_nat:17.1.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"7BC1D037-74D2-4F92-89AD-C90F6CBF440B\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:f5:big-ip_ddos_hybrid_defender:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"13.1.0\",\"versionEndIncluding\":\"13.1.5\",\"matchCriteriaId\":\"CAEF3EA4-7D5A-4B44-9CE3-258AEC745866\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:f5:big-ip_ddos_hybrid_defender:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"14.1.0\",\"versionEndIncluding\":\"14.1.5\",\"matchCriteriaId\":\"2FBCE2D1-9D93-415D-AB2C-2060307C305A\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:f5:big-ip_ddos_hybrid_defender:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"15.1.0\",\"versionEndIncluding\":\"15.1.10\",\"matchCriteriaId\":\"8070B469-8CC4-4D2F-97D7-12D0ABB963C1\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:f5:big-ip_ddos_hybrid_defender:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"16.1.0\",\"versionEndIncluding\":\"16.1.4\",\"matchCriteriaId\":\"A326597E-725D-45DE-BEF7-2ED92137B253\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:f5:big-ip_ddos_hybrid_defender:17.1.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"7B235A78-649B-46C5-B24B-AB485A884654\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:f5:big-ip_domain_name_system:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"13.1.0\",\"versionEndIncluding\":\"13.1.5\",\"matchCriteriaId\":\"08B25AAB-A98C-4F89-9131-29E3A8C0ED23\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:f5:big-ip_domain_name_system:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"14.1.0\",\"versionEndIncluding\":\"14.1.5\",\"matchCriteriaId\":\"ED9B976A-D3AD-4445-BF8A-067C3EBDFBB0\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:f5:big-ip_domain_name_system:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"15.1.0\",\"versionEndIncluding\":\"15.1.10\",\"matchCriteriaId\":\"98D2CE1E-DED0-470A-AA78-C78EF769C38E\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:f5:big-ip_domain_name_system:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"16.1.0\",\"versionEndIncluding\":\"16.1.4\",\"matchCriteriaId\":\"C966FABA-7199-4F0D-AB8C-4590FE9D2FFF\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:f5:big-ip_domain_name_system:17.1.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"84D00768-E71B-4FF7-A7BF-F2C8CFBC900D\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:f5:big-ip_fraud_protection_service:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"13.1.0\",\"versionEndIncluding\":\"13.1.5\",\"matchCriteriaId\":\"E3D2ABA3-D4A9-4267-B0DF-7C3BBEEAEB66\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:f5:big-ip_fraud_protection_service:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"14.1.0\",\"versionEndIncluding\":\"14.1.5\",\"matchCriteriaId\":\"BC36311E-BB00-4750-85C8-51F5A2604F07\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:f5:big-ip_fraud_protection_service:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"15.1.0\",\"versionEndIncluding\":\"15.1.10\",\"matchCriteriaId\":\"A65D357E-4B40-42EC-9AAA-2B6CEF78C401\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:f5:big-ip_fraud_protection_service:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"16.1.0\",\"versionEndIncluding\":\"16.1.4\",\"matchCriteriaId\":\"D7EF9865-FE65-4DFB-BF21-62FBCE65FF1C\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:f5:big-ip_fraud_protection_service:17.1.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"ABBD10E8-6054-408F-9687-B9BF6375CA09\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:f5:big-ip_global_traffic_manager:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"13.1.0\",\"versionEndIncluding\":\"13.1.5\",\"matchCriteriaId\":\"E6018B01-048C-43BB-A78D-66910ED60CA9\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:f5:big-ip_global_traffic_manager:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"14.1.0\",\"versionEndIncluding\":\"14.1.5\",\"matchCriteriaId\":\"3A6A5686-5A8B-45D5-9165-BC99D2CCAC47\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:f5:big-ip_global_traffic_manager:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"15.1.0\",\"versionEndIncluding\":\"15.1.10\",\"matchCriteriaId\":\"5D2A121F-5BD2-4263-8ED3-1DDE25B5C306\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:f5:big-ip_global_traffic_manager:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"16.1.0\",\"versionEndIncluding\":\"16.1.4\",\"matchCriteriaId\":\"0A4F7BAD-3EDD-4DE0-AAB7-DE5ACA34DD79\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:f5:big-ip_global_traffic_manager:17.1.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"83794B04-87E2-4CA9-81F5-BB820D0F5395\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:f5:big-ip_link_controller:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"13.1.0\",\"versionEndIncluding\":\"13.1.5\",\"matchCriteriaId\":\"D9EC2237-117F-43BD-ADEC-516CF72E04EF\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:f5:big-ip_link_controller:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"14.1.0\",\"versionEndIncluding\":\"14.1.5\",\"matchCriteriaId\":\"F70D4B6F-65CF-48F4-9A07-072DFBCE53D9\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:f5:big-ip_link_controller:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"15.1.0\",\"versionEndIncluding\":\"15.1.10\",\"matchCriteriaId\":\"29563719-1AF2-4BB8-8CCA-A0869F87795D\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:f5:big-ip_link_controller:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"16.1.0\",\"versionEndIncluding\":\"16.1.4\",\"matchCriteriaId\":\"D24815DD-579A-46D1-B9F2-3BB2C56BC54D\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:f5:big-ip_link_controller:17.1.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"0A6E7035-3299-474F-8F67-945EA9A059D0\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:f5:big-ip_local_traffic_manager:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"13.1.0\",\"versionEndIncluding\":\"13.1.5\",\"matchCriteriaId\":\"0360F76D-E75E-4B05-A294-B47012323ED9\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:f5:big-ip_local_traffic_manager:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"14.1.0\",\"versionEndIncluding\":\"14.1.5\",\"matchCriteriaId\":\"7A4607BF-41AC-4E84-A110-74E085FF0445\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:f5:big-ip_local_traffic_manager:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"15.1.0\",\"versionEndIncluding\":\"15.1.10\",\"matchCriteriaId\":\"441CC945-7CA3-49C0-AE10-94725301E31D\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:f5:big-ip_local_traffic_manager:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"16.1.0\",\"versionEndIncluding\":\"16.1.4\",\"matchCriteriaId\":\"46BA8E8A-6ED5-4FB2-8BBC-586AA031085A\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:f5:big-ip_local_traffic_manager:17.1.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"56FB92F7-FF1E-425D-A5AB-9D9FB0BB9450\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:f5:big-ip_next:20.0.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"969C4F14-F6D6-46D6-B348-FC1463877680\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:f5:big-ip_next_service_proxy_for_kubernetes:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"1.5.0\",\"versionEndIncluding\":\"1.8.2\",\"matchCriteriaId\":\"41AD5040-1250-45F5-AB63-63F333D49BCC\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:f5:big-ip_policy_enforcement_manager:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"13.1.0\",\"versionEndIncluding\":\"13.1.5\",\"matchCriteriaId\":\"8257AA59-C14D-4EC1-B22C-DFBB92CBC297\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:f5:big-ip_policy_enforcement_manager:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"14.1.0\",\"versionEndIncluding\":\"14.1.5\",\"matchCriteriaId\":\"37DB32BB-F4BA-4FB5-94B1-55C3F06749CF\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:f5:big-ip_policy_enforcement_manager:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"15.1.0\",\"versionEndIncluding\":\"15.1.10\",\"matchCriteriaId\":\"FFF5007E-761C-4697-8D34-C064DF0ABE8D\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:f5:big-ip_policy_enforcement_manager:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"16.1.0\",\"versionEndIncluding\":\"16.1.4\",\"matchCriteriaId\":\"910441D3-90EF-4375-B007-D51120A60AB2\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:f5:big-ip_policy_enforcement_manager:17.1.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"667EB77B-DA13-4BA4-9371-EE3F3A109F38\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:f5:big-ip_ssl_orchestrator:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"13.1.0\",\"versionEndIncluding\":\"13.1.5\",\"matchCriteriaId\":\"8A6F9699-A485-4614-8F38-5A556D31617E\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:f5:big-ip_ssl_orchestrator:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"14.1.0\",\"versionEndIncluding\":\"14.1.5\",\"matchCriteriaId\":\"5A90F547-97A2-41EC-9FDF-25F869F0FA38\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:f5:big-ip_ssl_orchestrator:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"15.1.0\",\"versionEndIncluding\":\"15.1.10\",\"matchCriteriaId\":\"E76E1B82-F1DC-4366-B388-DBDF16C586A0\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:f5:big-ip_ssl_orchestrator:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"16.1.0\",\"versionEndIncluding\":\"16.1.4\",\"matchCriteriaId\":\"660137F4-15A1-42D1-BBAC-99A1D5BB398B\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:f5:big-ip_ssl_orchestrator:17.1.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"C446827A-1F71-4FAD-9422-580642D26AD1\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:f5:big-ip_webaccelerator:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"13.1.0\",\"versionEndIncluding\":\"13.1.5\",\"matchCriteriaId\":\"1932D32D-0E4B-4BBD-816F-6D47AB2E2F04\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:f5:big-ip_webaccelerator:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"14.1.0\",\"versionEndIncluding\":\"14.1.5\",\"matchCriteriaId\":\"D47B7691-A95B-45C0-BAB4-27E047F3C379\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:f5:big-ip_webaccelerator:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"15.1.0\",\"versionEndIncluding\":\"15.1.10\",\"matchCriteriaId\":\"2CD1637D-0E42-4928-867A-BA0FDB6E8462\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:f5:big-ip_webaccelerator:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"16.1.0\",\"versionEndIncluding\":\"16.1.4\",\"matchCriteriaId\":\"3A599F90-F66B-4DF0-AD7D-D234F328BD59\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:f5:big-ip_webaccelerator:17.1.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"3D1B2000-C3FE-4B4C-885A-A5076EB164E1\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:f5:big-ip_websafe:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"13.1.0\",\"versionEndIncluding\":\"13.1.5\",\"matchCriteriaId\":\"5326759A-AFB0-4A15-B4E9-3C9A2E5DB32A\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:f5:big-ip_websafe:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"14.1.0\",\"versionEndIncluding\":\"14.1.5\",\"matchCriteriaId\":\"57D92D05-C67D-437E-88F3-DCC3F6B0ED2F\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:f5:big-ip_websafe:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"15.1.0\",\"versionEndIncluding\":\"15.1.10\",\"matchCriteriaId\":\"ECCB8C30-861E-4E48-A5F5-30EE523C1FB6\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:f5:big-ip_websafe:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"16.1.0\",\"versionEndIncluding\":\"16.1.4\",\"matchCriteriaId\":\"F5FEAD2A-3A58-432E-BEBB-6E3FDE24395F\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:f5:big-ip_websafe:17.1.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"8AB23AE6-245E-43D6-B832-933F8259F937\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"1.9.5\",\"versionEndIncluding\":\"1.25.2\",\"matchCriteriaId\":\"1188B4A9-2684-413C-83D1-E91C75AE0FCF\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:f5:nginx_ingress_controller:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"2.0.0\",\"versionEndIncluding\":\"2.4.2\",\"matchCriteriaId\":\"3337609D-5291-4A52-BC6A-6A8D4E60EB20\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:f5:nginx_ingress_controller:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"3.0.0\",\"versionEndIncluding\":\"3.3.0\",\"matchCriteriaId\":\"6CF0ABD9-EB28-4966-8C31-EED7AFBF1527\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:f5:nginx_plus:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"r25\",\"versionEndExcluding\":\"r29\",\"matchCriteriaId\":\"F291CB34-47A4-425A-A200-087CC295AEC8\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:f5:nginx_plus:r29:-:*:*:*:*:*:*\",\"matchCriteriaId\":\"5892B558-EC3A-43FF-A1D5-B2D9F70796F0\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:f5:nginx_plus:r30:-:*:*:*:*:*:*\",\"matchCriteriaId\":\"96BF2B19-52C7-4051-BA58-CAE6F912B72F\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:tomcat:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"8.5.0\",\"versionEndIncluding\":\"8.5.93\",\"matchCriteriaId\":\"ABD26B48-CC80-4FAE-BD3D-78DE4C80C92B\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:tomcat:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"9.0.0\",\"versionEndIncluding\":\"9.0.80\",\"matchCriteriaId\":\"F3EC20B6-B2AB-41F5-9BF9-D16C1FE67C34\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:tomcat:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"10.1.0\",\"versionEndIncluding\":\"10.1.13\",\"matchCriteriaId\":\"0765CC3D-AB1A-4147-8900-EF4C105321F2\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:tomcat:11.0.0:milestone1:*:*:*:*:*:*\",\"matchCriteriaId\":\"D1AA7FF6-E8E7-4BF6-983E-0A99B0183008\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:tomcat:11.0.0:milestone10:*:*:*:*:*:*\",\"matchCriteriaId\":\"57088BDD-A136-45EF-A8A1-2EBF79CEC2CE\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:tomcat:11.0.0:milestone11:*:*:*:*:*:*\",\"matchCriteriaId\":\"B32D1D7A-A04F-444E-8F45-BB9A9E4B0199\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:tomcat:11.0.0:milestone2:*:*:*:*:*:*\",\"matchCriteriaId\":\"2AAD52CE-94F5-4F98-A027-9A7E68818CB6\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:tomcat:11.0.0:milestone3:*:*:*:*:*:*\",\"matchCriteriaId\":\"F1F981F5-035A-4EDD-8A9F-481EE8BC7FF7\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:tomcat:11.0.0:milestone4:*:*:*:*:*:*\",\"matchCriteriaId\":\"03A171AF-2EC8-4422-912C-547CDB58CAAA\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:tomcat:11.0.0:milestone5:*:*:*:*:*:*\",\"matchCriteriaId\":\"538E68C4-0BA4-495F-AEF8-4EF6EE7963CF\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:tomcat:11.0.0:milestone6:*:*:*:*:*:*\",\"matchCriteriaId\":\"49350A6E-5E1D-45B2-A874-3B8601B3ADCC\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:tomcat:11.0.0:milestone7:*:*:*:*:*:*\",\"matchCriteriaId\":\"5F50942F-DF54-46C0-8371-9A476DD3EEA3\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:tomcat:11.0.0:milestone8:*:*:*:*:*:*\",\"matchCriteriaId\":\"D12C2C95-B79F-4AA4-8CE3-99A3EE7991AB\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:tomcat:11.0.0:milestone9:*:*:*:*:*:*\",\"matchCriteriaId\":\"98792138-DD56-42DF-9612-3BDC65EEC117\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apple:swiftnio_http\\\\/2:*:*:*:*:*:swift:*:*\",\"versionEndExcluding\":\"1.28.0\",\"matchCriteriaId\":\"08190072-3880-4EF5-B642-BA053090D95B\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:grpc:grpc:*:*:*:*:*:go:*:*\",\"versionEndExcluding\":\"1.56.3\",\"matchCriteriaId\":\"5F4CDEA9-CB47-4881-B096-DA896E2364F3\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:grpc:grpc:*:*:*:*:*:-:*:*\",\"versionEndIncluding\":\"1.59.2\",\"matchCriteriaId\":\"E65AF7BC-7DAE-408A-8485-FBED22815F75\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:grpc:grpc:*:*:*:*:*:go:*:*\",\"versionStartIncluding\":\"1.58.0\",\"versionEndExcluding\":\"1.58.3\",\"matchCriteriaId\":\"DD868DDF-C889-4F36-B5E6-68B6D9EA48CC\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:grpc:grpc:1.57.0:-:*:*:*:go:*:*\",\"matchCriteriaId\":\"FBD991E2-DB5A-4AAD-95BA-4B5ACB811C96\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:microsoft:.net:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"6.0.0\",\"versionEndExcluding\":\"6.0.23\",\"matchCriteriaId\":\"4496821E-BD55-4F31-AD9C-A3D66CBBD6BD\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:microsoft:.net:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"7.0.0\",\"versionEndExcluding\":\"7.0.12\",\"matchCriteriaId\":\"8DF7ECF6-178D-433C-AA21-BAE9EF248F37\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:microsoft:asp.net_core:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"6.0.0\",\"versionEndExcluding\":\"6.0.23\",\"matchCriteriaId\":\"1C3418F4-B8BF-4666-BB39-C188AB01F45C\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:microsoft:asp.net_core:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"7.0.0\",\"versionEndExcluding\":\"7.0.12\",\"matchCriteriaId\":\"1278DD1C-EFA9-4316-AD32-24C1B1FB0CEA\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:microsoft:azure_kubernetes_service:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"2023-10-08\",\"matchCriteriaId\":\"3BDFB0FF-0F4A-4B7B-94E8-ED72A8106314\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:microsoft:visual_studio_2022:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"17.0\",\"versionEndExcluding\":\"17.2.20\",\"matchCriteriaId\":\"16A8F269-E07E-402F-BFD5-60F3988A5EAF\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:microsoft:visual_studio_2022:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"17.4\",\"versionEndExcluding\":\"17.4.12\",\"matchCriteriaId\":\"C4B2B972-69E2-4D21-9A7C-B2AFF1D89EB8\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:microsoft:visual_studio_2022:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"17.6\",\"versionEndExcluding\":\"17.6.8\",\"matchCriteriaId\":\"DA5834D4-F52F-41C0-AA11-C974FFEEA063\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:microsoft:visual_studio_2022:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"17.7\",\"versionEndExcluding\":\"17.7.5\",\"matchCriteriaId\":\"2166106F-ACD6-4C7B-B0CC-977B83CC5F73\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:microsoft:windows_10_1607:*:*:*:*:*:*:x64:*\",\"versionEndExcluding\":\"10.0.14393.6351\",\"matchCriteriaId\":\"4CD49C41-6D90-47D3-AB4F-4A74169D3A8F\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:microsoft:windows_10_1607:*:*:*:*:*:*:x86:*\",\"versionEndExcluding\":\"10.0.14393.6351\",\"matchCriteriaId\":\"BAEFEE13-9CD7-46A2-8AF6-0A33C79C05F1\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:microsoft:windows_10_1809:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"10.0.17763.4974\",\"matchCriteriaId\":\"E500D59C-6597-45E9-A57B-BE26C0C231D3\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:microsoft:windows_10_21h2:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"10.0.19044.3570\",\"matchCriteriaId\":\"C9F9A643-90C6-489C-98A0-D2739CE72F86\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:microsoft:windows_10_22h2:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"10.0.19045.3570\",\"matchCriteriaId\":\"1814619C-ED07-49E0-A50A-E28D824D43BC\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:microsoft:windows_11_21h2:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"10.0.22000.2538\",\"matchCriteriaId\":\"100A27D3-87B0-4E72-83F6-7605E3F35E63\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:microsoft:windows_11_22h2:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"10.0.22621.2428\",\"matchCriteriaId\":\"C6A36795-0238-45C9-ABE6-3DCCF751915B\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:microsoft:windows_server_2016:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"041FF8BA-0B12-4A1F-B4BF-9C4F33B7C1E7\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:microsoft:windows_server_2019:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"DB79EE26-FC32-417D-A49C-A1A63165A968\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:microsoft:windows_server_2022:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"821614DD-37DD-44E2-A8A4-FE8D23A33C3C\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:nodejs:node.js:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"18.0.0\",\"versionEndExcluding\":\"18.18.2\",\"matchCriteriaId\":\"94BAB9EB-1527-4D9A-BADE-0708579536CF\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:nodejs:node.js:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"20.0.0\",\"versionEndExcluding\":\"20.8.1\",\"matchCriteriaId\":\"69843DE4-4721-4F0A-A9B7-0F6DF5AAA388\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:microsoft:cbl-mariner:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"2023-10-11\",\"matchCriteriaId\":\"B25279EF-C406-4133-99ED-0492703E0A4E\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:dena:h2o:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"2023-10-10\",\"matchCriteriaId\":\"9FFFF84B-F35C-43DE-959A-A5D10C3AE9F5\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:facebook:proxygen:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"2023.10.16.00\",\"matchCriteriaId\":\"9DCE8C89-7C22-48CA-AF22-B34C8AA2CB8C\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:apisix:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"3.6.1\",\"matchCriteriaId\":\"EDEB508E-0EBD-4450-9074-983DDF568AB4\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:traffic_server:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"8.0.0\",\"versionEndExcluding\":\"8.1.9\",\"matchCriteriaId\":\"93A1A748-6C71-4191-8A16-A93E94E2CDE4\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:traffic_server:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"9.0.0\",\"versionEndExcluding\":\"9.2.3\",\"matchCriteriaId\":\"4E4BCAF6-B246-41EC-9EE1-24296BFC4F5A\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:amazon:opensearch_data_prepper:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"2.5.0\",\"matchCriteriaId\":\"6F70360D-6214-46BA-AF82-6AB01E13E4E9\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"07B237A9-69A3-4A9C-9DA0-4E06BD37AE73\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:debian:debian_linux:11.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"FA6FEEC2-9F11-4643-8827-749718254FED\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:debian:debian_linux:12.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"46D69DCC-AE4D-4EA5-861C-D60951444C6C\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:kazu-yamamoto:http2:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"4.2.2\",\"matchCriteriaId\":\"E2DA759E-1AF8-49D3-A3FC-1B426C13CA82\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:istio:istio:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"1.17.6\",\"matchCriteriaId\":\"28BE6F7B-AE66-4C8A-AAFA-F1262671E9BF\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:istio:istio:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"1.18.0\",\"versionEndExcluding\":\"1.18.3\",\"matchCriteriaId\":\"F0C8E760-C8D2-483A-BBD4-6A6D292A3874\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:istio:istio:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"1.19.0\",\"versionEndExcluding\":\"1.19.1\",\"matchCriteriaId\":\"5D0F78BB-6A05-4C97-A8DB-E731B6CC8CC7\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:varnish_cache_project:varnish_cache:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"2023-10-10\",\"matchCriteriaId\":\"050AE218-3871-44D6-94DA-12D84C2093CB\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:traefik:traefik:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"2.10.5\",\"matchCriteriaId\":\"B36BFFB0-C0EC-4926-A1DB-0B711C846A68\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:traefik:traefik:3.0.0:beta1:*:*:*:*:*:*\",\"matchCriteriaId\":\"376EAF9B-E994-4268-9704-0A45EA30270F\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:traefik:traefik:3.0.0:beta2:*:*:*:*:*:*\",\"matchCriteriaId\":\"F3D08335-C291-4623-B80C-3B14C4D1FA32\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:traefik:traefik:3.0.0:beta3:*:*:*:*:*:*\",\"matchCriteriaId\":\"21033CEE-CEF5-4B0D-A565-4A6FC764AA6D\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:projectcontour:contour:*:*:*:*:*:kubernetes:*:*\",\"versionEndExcluding\":\"2023-10-11\",\"matchCriteriaId\":\"FC4C66B1-42C0-495D-AE63-2889DE0BED84\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:linkerd:linkerd:*:*:*:*:stable:kubernetes:*:*\",\"versionStartIncluding\":\"2.12.0\",\"versionEndIncluding\":\"2.12.5\",\"matchCriteriaId\":\"8633E263-F066-4DD8-A734-90207207A873\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:linkerd:linkerd:2.13.0:*:*:*:stable:kubernetes:*:*\",\"matchCriteriaId\":\"34A23BD9-A0F4-4D85-8011-EAC93C29B4E8\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:linkerd:linkerd:2.13.1:*:*:*:stable:kubernetes:*:*\",\"matchCriteriaId\":\"27ED3533-A795-422F-B923-68BE071DC00D\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:linkerd:linkerd:2.14.0:*:*:*:stable:kubernetes:*:*\",\"matchCriteriaId\":\"45F7E352-3208-4188-A5B1-906E00DF9896\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:linkerd:linkerd:2.14.1:*:*:*:stable:kubernetes:*:*\",\"matchCriteriaId\":\"DF89A8AD-66FE-439A-B732-CAAB304D765B\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:linecorp:armeria:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"1.26.0\",\"matchCriteriaId\":\"A400C637-AF18-4BEE-B57C-145261B65DEC\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:redhat:3scale_api_management_platform:2.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"653A5B08-0D02-4362-A8B1-D00B24C6C6F2\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:redhat:advanced_cluster_management_for_kubernetes:2.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"4B0E6B4B-BAA6-474E-A18C-72C9719CEC1F\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:redhat:advanced_cluster_security:3.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"F0FD736A-8730-446A-BA3A-7B608DB62B0E\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:redhat:advanced_cluster_security:4.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"F4C504B6-3902-46E2-82B7-48AEC9CDD48D\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:redhat:ansible_automation_platform:2.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"7B4BE2D6-43C3-4065-A213-5DB1325DC78F\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:redhat:build_of_optaplanner:8.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"1D54F5AE-61EC-4434-9D5F-9394A3979894\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:redhat:build_of_quarkus:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"CE29B9D6-63DC-4779-ACE8-4E51E6A0AF37\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:redhat:ceph_storage:5.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"4E37E1B3-6F68-4502-85D6-68333643BDFF\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:redhat:cert-manager_operator_for_red_hat_openshift:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"6D5A7736-A403-4617-8790-18E46CB74DA6\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:redhat:certification_for_red_hat_enterprise_linux:8.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"33F13B03-69BF-4A8B-A0A0-7F47FD857461\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:redhat:certification_for_red_hat_enterprise_linux:9.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"9393119E-F018-463F-9548-60436F104195\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:redhat:cost_management:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"DC45EE1E-2365-42D4-9D55-92FA24E5ED3A\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:redhat:cryostat:2.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"E567CD9F-5A43-4D25-B911-B5D0440698F4\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:redhat:decision_manager:7.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"68146098-58F8-417E-B165-5182527117C4\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:redhat:fence_agents_remediation_operator:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"CB4D6790-63E5-4043-B8BE-B489D649061D\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:redhat:integration_camel_for_spring_boot:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"78698F40-0777-4990-822D-02E1B5D0E2C0\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:redhat:integration_camel_k:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"B87C8AD3-8878-4546-86C2-BF411876648C\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:redhat:integration_service_registry:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"EF03BDE8-602D-4DEE-BA5B-5B20FDF47741\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:redhat:jboss_a-mq:7:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"A58966CB-36AF-4E64-AB39-BE3A0753E155\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:redhat:jboss_a-mq_streams:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"585BC540-073B-425B-B664-5EA4C00AFED6\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:redhat:jboss_core_services:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"9B453CF7-9AA6-4B94-A003-BF7AE0B82F53\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:redhat:jboss_data_grid:7.0.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"CD354E32-A8B0-484C-B4C6-9FBCD3430D2D\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:redhat:jboss_enterprise_application_platform:6.0.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"B142ACCC-F7A9-4A3B-BE60-0D6691D5058D\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:redhat:jboss_enterprise_application_platform:7.0.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"72A54BDA-311C-413B-8E4D-388AD65A170A\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:redhat:jboss_fuse:6.0.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"A305F012-544E-4245-9D69-1C8CD37748B1\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:redhat:jboss_fuse:7.0.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"B40CCE4F-EA2C-453D-BB76-6388767E5C6D\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:redhat:logging_subsystem_for_red_hat_openshift:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"EF93A27E-AA2B-4C2E-9B8D-FE7267847326\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:redhat:machine_deletion_remediation_operator:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"2B12A3A8-6456-481A-A0C9-524543FCC149\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:redhat:migration_toolkit_for_applications:6.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"3C2E7E3C-A507-4AB2-97E5-4944D8775CF7\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:redhat:migration_toolkit_for_containers:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"4E22EBF9-AA0D-4712-9D69-DD97679CE835\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:redhat:migration_toolkit_for_virtualization:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"941B114C-FBD7-42FF-B1D8-4EA30E99102C\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:redhat:network_observability_operator:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"339CFB34-A795-49F9-BF6D-A00F3A1A4F63\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:redhat:node_healthcheck_operator:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"8D044DBE-6F5A-4C53-828E-7B1A570CACFF\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:redhat:node_maintenance_operator:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"E23FA47F-B967-44AD-AB76-1BB2CAD3CA5B\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:redhat:openshift:-:*:*:*:*:aws:*:*\",\"matchCriteriaId\":\"65203CA1-5225-4E55-A187-6454C091F532\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:redhat:openshift_api_for_data_protection:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"7BF8EFFB-5686-4F28-A68F-1A8854E098CE\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:redhat:openshift_container_platform:4.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"932D137F-528B-4526-9A89-CD59FA1AB0FE\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:redhat:openshift_container_platform_assisted_installer:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"5DA9B2E2-958B-478D-87D6-E5CDDCD44315\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:redhat:openshift_data_science:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"B3F5FF1E-5DA3-4EC3-B41A-A362BDFC4C69\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:redhat:openshift_dev_spaces:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"99B8A88B-0B31-4CFF-AFD7-C9D3DDD5790D\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:redhat:openshift_developer_tools_and_services:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"97321212-0E07-4CC2-A917-7B5F61AB9A5A\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:redhat:openshift_distributed_tracing:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"DF390236-3259-4C8F-891C-62ACC4386CD1\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:redhat:openshift_gitops:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"C0AAA300-691A-4957-8B69-F6888CC971B1\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:redhat:openshift_pipelines:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"45937289-2D64-47CB-A750-5B4F0D4664A0\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:redhat:openshift_sandboxed_containers:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"B129311C-EB4B-4041-B85C-44D5E53FCAA3\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:redhat:openshift_secondary_scheduler_operator:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"F1AB54DB-3FB4-41CB-88ED-1400FD22AB85\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:redhat:openshift_serverless:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"77675CB7-67D7-44E9-B7FF-D224B3341AA5\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:redhat:openshift_service_mesh:2.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"A76A2BCE-4AAE-46D7-93D6-2EDE0FC83145\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:redhat:openshift_virtualization:4:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"9C877879-B84B-471C-80CF-0656521CA8AB\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:redhat:openstack_platform:16.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"DCC81071-B46D-4F5D-AC25-B4A4CCC20C73\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:redhat:openstack_platform:16.2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"4B3000D2-35DF-4A93-9FC0-1AD3AB8349B8\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:redhat:openstack_platform:17.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"E315FC5C-FF19-43C9-A58A-CF2A5FF13824\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:redhat:process_automation:7.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"20A6B40D-F991-4712-8E30-5FE008505CB7\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:redhat:quay:3.0.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"B1987BDA-0113-4603-B9BE-76647EB043F2\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:redhat:run_once_duration_override_operator:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"D482A3D2-6E9B-42BA-9926-35E5BDD5F3BF\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:redhat:satellite:6.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"848C92A9-0677-442B-8D52-A448F2019903\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:redhat:self_node_remediation_operator:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"6F564701-EDC1-43CF-BB9F-287D6992C6CB\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:redhat:service_interconnect:1.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"12B0CF2B-D1E1-4E20-846E-6F0D873499A9\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:redhat:single_sign-on:7.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"9EFEC7CA-8DDA-48A6-A7B6-1F1D14792890\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:redhat:support_for_spring_boot:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"E8885C2C-7FB8-40CA-BCB9-B48C50BF2499\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:redhat:web_terminal:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"9D88B140-D2A1-4A0A-A2E9-1A3B50C295AD\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:redhat:enterprise_linux:6.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"2F6AB192-9D7D-4A9A-8995-E53A9DE9EAFC\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:redhat:enterprise_linux:8.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"F4CFF558-3C47-480D-A2F0-BABF26042943\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:redhat:enterprise_linux:9.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"7F6FB57C-2BC7-487C-96DD-132683AEB35D\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:redhat:service_telemetry_framework:1.5:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"A903C3AD-2D25-45B5-BF4A-A5BEB2286627\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:o:redhat:enterprise_linux:8.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"F4CFF558-3C47-480D-A2F0-BABF26042943\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:fedoraproject:fedora:37:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"E30D0E6F-4AE8-4284-8716-991DFA48CC5D\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:fedoraproject:fedora:38:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"CC559B26-5DFC-4B7A-A27C-B77DE755DFF9\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:netapp:astra_control_center:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"EC5EBD2A-32A3-46D5-B155-B44DCB7F6902\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:netapp:oncommand_insight:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"F1BE6C1F-2565-4E97-92AA-16563E5660A5\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:akka:http_server:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"10.5.3\",\"matchCriteriaId\":\"C2792650-851F-4820-B003-06A4BEA092D7\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:konghq:kong_gateway:*:*:*:*:enterprise:*:*:*\",\"versionEndExcluding\":\"3.4.2\",\"matchCriteriaId\":\"9F6B63B9-F4C9-4A3F-9310-E0918E1070D1\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:jenkins:jenkins:*:*:*:*:lts:*:*:*\",\"versionEndIncluding\":\"2.414.2\",\"matchCriteriaId\":\"E6FF5F80-A991-43D4-B49F-D843E2BC5798\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:jenkins:jenkins:*:*:*:*:-:*:*:*\",\"versionEndIncluding\":\"2.427\",\"matchCriteriaId\":\"54D25DA9-12D0-4F14-83E6-C69D0293AAB9\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:solr:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"9.4.0\",\"matchCriteriaId\":\"8E1AFFB9-C717-4727-B0C9-5A0C281710E2\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:openresty:openresty:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"1.21.4.3\",\"matchCriteriaId\":\"25C85001-E0AB-4B01-8EE7-1D9C77CD956E\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:cisco:business_process_automation:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"3.2.003.009\",\"matchCriteriaId\":\"FB2BDBAC-8D19-4F81-8D31-6D0955A53D82\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:cisco:connected_mobile_experiences:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"11.1\",\"matchCriteriaId\":\"F98F9D27-6659-413F-8F29-4FDB0882AAC5\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:cisco:crosswork_data_gateway:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"4.1.3\",\"matchCriteriaId\":\"C98BF315-C563-47C2-BAD1-63347A3D1008\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:cisco:crosswork_data_gateway:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"5.0.0\",\"versionEndExcluding\":\"5.0.2\",\"matchCriteriaId\":\"3F30E209-FA52-4D3B-9B88-4193EA388554\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:cisco:crosswork_situation_manager:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"3178F3A5-A072-44E1-A225-B04BC536F4FB\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:cisco:crosswork_zero_touch_provisioning:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"6.0.0\",\"matchCriteriaId\":\"AA2BE0F1-DD16-4876-8EBA-F187BD38B159\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:cisco:data_center_network_manager:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"796B6C58-2140-4105-A2A1-69865A194A75\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:cisco:enterprise_chat_and_email:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"DEA99DC6-EA03-469F-A8BE-7F96FDF0B333\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:cisco:expressway:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"x14.3.3\",\"matchCriteriaId\":\"6560DBF4-AFE6-4672-95DE-74A0B8F4170A\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:cisco:firepower_threat_defense:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"7.4.2\",\"matchCriteriaId\":\"84785919-796D-41E5-B652-6B5765C81D4A\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:cisco:iot_field_network_director:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"4.11.0\",\"matchCriteriaId\":\"92A74A1A-C69F-41E6-86D0-D6BB1C5D0A1E\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:cisco:prime_access_registrar:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"9.3.3\",\"matchCriteriaId\":\"6FE7BA33-2AC0-4A85-97AD-6D77F20BA2AD\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:cisco:prime_cable_provisioning:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"7.2.1\",\"matchCriteriaId\":\"4FE2F959-1084-48D1-B1F1-8182FC9862DD\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:cisco:prime_infrastructure:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"3.10.4\",\"matchCriteriaId\":\"5CC17E6B-D7AB-40D7-AEC5-F5B555AC4D7F\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:cisco:prime_network_registrar:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"11.2\",\"matchCriteriaId\":\"1BB6B48E-EA36-40A0-96D0-AF909BEC1147\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:cisco:secure_dynamic_attributes_connector:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"2.2.0\",\"matchCriteriaId\":\"2CBED844-7F94-498C-836D-8593381A9657\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:cisco:secure_malware_analytics:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"2.19.2\",\"matchCriteriaId\":\"C170DBA1-0899-4ECC-9A0D-8FEB1DA1B510\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:cisco:telepresence_video_communication_server:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"x14.3.3\",\"matchCriteriaId\":\"358FA1DC-63D3-49F6-AC07-9E277DD0D9DA\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:cisco:ultra_cloud_core_-_policy_control_function:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"2024.01.0\",\"matchCriteriaId\":\"BFF2D182-7599-4B81-B56B-F44EDA1384C0\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:cisco:ultra_cloud_core_-_policy_control_function:2024.01.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"4868BCCA-24DE-4F24-A8AF-B3A545C0396E\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:cisco:ultra_cloud_core_-_serving_gateway_function:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"2024.02.0\",\"matchCriteriaId\":\"194F7A1F-FD43-4FF7-9AE2-C13AA5567E8A\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:cisco:ultra_cloud_core_-_session_management_function:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"2024.02.0\",\"matchCriteriaId\":\"BEC75F99-C7F0-47EB-9032-C9D3A42EBA20\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:cisco:unified_attendant_console_advanced:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"B6638F4E-16F7-447D-B755-52640BCB1C61\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:cisco:unified_contact_center_domain_manager:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"AC34F742-530E-4AB4-8AFC-D1E088E256B4\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:cisco:unified_contact_center_enterprise:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"D31CC0E9-8E21-436B-AB84-EA1B1BC60DCD\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:cisco:unified_contact_center_enterprise_-_live_data_server:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"12.6.2\",\"matchCriteriaId\":\"E22AD683-345B-4E16-BB9E-E9B1783E09AD\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:cisco:unified_contact_center_management_portal:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"D5C0D694-9E24-4782-B35F-D7C3E3B0F2ED\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:cisco:fog_director:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"1.22\",\"matchCriteriaId\":\"2955BEE9-F567-4006-B96D-92E10FF84DB4\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:cisco:ios_xe:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"17.15.1\",\"matchCriteriaId\":\"67502878-DB20-4410-ABA0-A1C5705064CD\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:cisco:ios_xr:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"7.11.2\",\"matchCriteriaId\":\"177DED2D-8089-4494-BDD9-7F84FC06CD5B\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:cisco:secure_web_appliance_firmware:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"15.1.0\",\"matchCriteriaId\":\"54A29FD3-4128-4333-8445-A7DD04A6ECF6\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:secure_web_appliance:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"67074526-9933-46B3-9FE3-A0BE73C5E8A7\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:cisco:nx-os:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"10.2\\\\(7\\\\)\",\"matchCriteriaId\":\"EEB32D2E-AD9D-44A0-AEF7-689F7D2605C9\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:cisco:nx-os:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"10.3\\\\(1\\\\)\",\"versionEndExcluding\":\"10.3\\\\(5\\\\)\",\"matchCriteriaId\":\"0A236A0A-6956-4D79-B8E5-B2D0C79FAE88\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:cisco:nx-os:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"10.4\\\\(1\\\\)\",\"versionEndExcluding\":\"10.4\\\\(2\\\\)\",\"matchCriteriaId\":\"BE71D34C-227A-4789-BA4D-79E5FDE311DB\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:nexus_3016:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"528ED62B-D739-4E06-AC64-B506FD73BBAB\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:nexus_3016q:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"2D402AB0-BCFB-4F42-8C50-5DC930AEEC8B\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:nexus_3048:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"FC2A6C31-438A-4CF5-A3F3-364B1672EB7D\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:nexus_3064:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"76C10D85-88AC-4A79-8866-BED88A0F8DF8\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:nexus_3064-32t:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"09AC2BAD-F536-48D0-A2F0-D4E290519EB6\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:nexus_3064-t:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"65CB7F6D-A82B-4A31-BFAC-FF4A4B8DF9C1\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:nexus_3064-x:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"ECC4FFCC-E886-49BC-9737-5B5BA2AAB14B\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:nexus_3064t:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"5F4E8EE4-031D-47D3-A12E-EE5F792172EE\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:nexus_3064x:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"00CDD8C3-67D5-4E9F-9D48-A77B55DB0AB1\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:nexus_3100:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"41C14CC9-C244-4B86-AEA6-C50BAD5DA9A6\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:nexus_3100-v:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"A8FF2EC4-0C09-4C00-9956-A2A4A894F63D\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:nexus_3100-z:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"D14D4B4E-120E-4607-A4F1-447C7BF3052E\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:nexus_3100v:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"15702ACB-29F3-412D-8805-E107E0729E35\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:nexus_31108pc-v:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"4E930332-CDDD-48D5-93BC-C22D693BBFA2\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:nexus_31108pv-v:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"29B34855-D8D2-4114-80D2-A4D159C62458\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:nexus_31108tc-v:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"7BF4B8FE-E134-4491-B5C2-C1CFEB64731B\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:nexus_31128pq:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"F4226DA0-9371-401C-8247-E6E636A116C3\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:nexus_3132c-z:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"7664666F-BCE4-4799-AEEA-3A73E6AD33F4\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:nexus_3132q:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"D3DBBFE9-835C-4411-8492-6006E74BAC65\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:nexus_3132q-v:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"B3293438-3D18-45A2-B093-2C3F65783336\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:nexus_3132q-x:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"C97C29EE-9426-4BBE-8D84-AB5FF748703D\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:nexus_3132q-x\\\\/3132q-xl:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"E142C18F-9FB5-4D96-866A-141D7D16CAF7\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:nexus_3132q-xl:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"8F43B770-D96C-44EA-BC12-9F39FC4317B9\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:nexus_3164q:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"FA782EB3-E8E6-4DCF-B39C-B3CBD46E4384\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:nexus_3172:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"7817F4E6-B2DA-4F06-95A4-AF329F594C02\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:nexus_3172pq:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"CED628B5-97A8-4B26-AA40-BEC854982157\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:nexus_3172pq-xl:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"7BB9DD73-E31D-4921-A6D6-E14E04703588\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:nexus_3172pq\\\\/pq-xl:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"8EFC116A-627F-4E05-B631-651D161217C8\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:nexus_3172tq:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"4532F513-0543-4960-9877-01F23CA7BA1B\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:nexus_3172tq-32t:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"0B43502B-FD53-465A-B60F-6A359C6ACD99\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:nexus_3172tq-xl:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"F3229124-B097-4AAC-8ACD-2F9C89DCC3AB\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:nexus_3200:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"32A532C0-B0E3-484A-B356-88970E7D0248\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:nexus_3232:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"1C84D24C-2256-42AF-898A-221EBE9FE1E4\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:nexus_3232c:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"652A2849-668D-4156-88FB-C19844A59F33\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:nexus_3232c_:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"D008CA1C-6F5A-40EA-BB12-A9D84D5AF700\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:nexus_3264c-e:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"24FBE87B-8A4F-43A8-98A3-4A7D9C630937\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:nexus_3264q:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"6ACD09AC-8B28-4ACB-967B-AB3D450BC137\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:nexus_3400:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"43913A0E-50D5-47DD-94D8-DD3391633619\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:nexus_3408-s:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"7D397349-CCC6-479B-9273-FB1FFF4F34F2\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:nexus_34180yc:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"DC7286A7-780F-4A45-940A-4AD5C9D0F201\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:nexus_34200yc-sm:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"CA52D5C1-13D8-4D23-B022-954CCEF491F1\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:nexus_3432d-s:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"5F7AF8D7-431B-43CE-840F-CC0817D159C0\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:nexus_3464c:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"DAC204C8-1A5A-4E85-824E-DC9B8F6A802D\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:nexus_3500:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"A8E1073F-D374-4311-8F12-AD8C72FAA293\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:nexus_3524:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"EAF5AF71-15DF-4151-A1CF-E138A7103FC8\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:nexus_3524-x:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"10F80A72-AD54-4699-B8AE-82715F0B58E2\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:nexus_3524-x\\\\/xl:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"E505C0B1-2119-4C6A-BF96-C282C633D169\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:nexus_3524-xl:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"9354B6A2-D7D6-442E-BF4C-FE8A336D9E94\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:nexus_3548:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"088C0323-683A-44F5-8D42-FF6EC85D080E\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:nexus_3548-x:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"74CB4002-7636-4382-B33E-FBA060A13C34\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:nexus_3548-x\\\\/xl:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"915EF8F6-6039-4DD0-B875-30D911752B74\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:nexus_3548-xl:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"10CEBF73-3EE0-459A-86C5-F8F6243FE27C\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:nexus_3600:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"97217080-455C-48E4-8CE1-6D5B9485864F\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:nexus_36180yc-r:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"95D2C4C3-65CE-4612-A027-AF70CEFC3233\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:nexus_3636c-r:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"57572E4A-78D5-4D1A-938B-F05F01759612\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:cisco:nx-os:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"10.2\\\\(7\\\\)\",\"matchCriteriaId\":\"EEB32D2E-AD9D-44A0-AEF7-689F7D2605C9\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:cisco:nx-os:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"10.3\\\\(1\\\\)\",\"versionEndExcluding\":\"10.3\\\\(5\\\\)\",\"matchCriteriaId\":\"0A236A0A-6956-4D79-B8E5-B2D0C79FAE88\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:cisco:nx-os:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"10.4\\\\(1\\\\)\",\"versionEndExcluding\":\"10.4\\\\(2\\\\)\",\"matchCriteriaId\":\"BE71D34C-227A-4789-BA4D-79E5FDE311DB\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:nexus_9000v:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"0CD9C1F1-8582-4F67-A77D-97CBFECB88B8\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:nexus_9200:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"532CE4B0-A3C9-4613-AAAF-727817D06FB4\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:nexus_9200yc:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"24CA1A59-2681-4507-AC74-53BD481099B9\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:nexus_92160yc-x:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"4283E433-7F8C-4410-B565-471415445811\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:nexus_92160yc_switch:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"AF9147C9-5D8B-40F5-9AAA-66A3495A0AD8\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:nexus_9221c:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"FFB9FDE8-8533-4F65-BF32-4066D042B2F7\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:nexus_92300yc:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"F80AB6FB-32FD-43D7-A9F1-80FA47696210\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:nexus_92300yc_switch:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"3AA5389A-8AD1-476E-983A-54DF573C30F5\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:nexus_92304qc:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"D5B2E4C1-2627-4B9D-8E92-4B483F647651\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:nexus_92304qc_switch:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"C1B1A8F1-45B1-4E64-A254-7191FA93CB6D\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:nexus_9232e:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"83DA8BFA-D7A2-476C-A6F5-CAE610033BC2\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:nexus_92348gc-x:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"557ED31C-C26A-4FAE-8B14-D06B49F7F08B\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:nexus_9236c:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"11411BFD-3F4D-4309-AB35-A3629A360FB0\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:nexus_9236c_switch:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"DB2FFD26-8255-4351-8594-29D2AEFC06EF\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:nexus_9272q:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"E663DE91-C86D-48DC-B771-FA72A8DF7A7C\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:nexus_9272q_switch:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"61E10975-B47E-4F4D-8096-AEC7B7733612\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:nexus_9300:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"92E2CB2B-DA11-4CF7-9D57-3D4D48990DC0\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:nexus_93108tc-ex:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"A90184B3-C82F-4CE5-B2AD-97D5E4690871\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:nexus_93108tc-ex-24:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"40E40F42-632A-47DF-BE33-DC25B826310B\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:nexus_93108tc-ex_switch:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"2C67B7A6-9BB2-41FC-8FA3-8D0DF67CBC68\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:nexus_93108tc-fx:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"4AB89849-6DA4-4C9D-BC3F-EE0E41FD1901\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:nexus_93108tc-fx-24:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"C47F6BF9-2ADB-41A4-8D7D-8BB00141BB23\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:nexus_93108tc-fx3h:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"16C64136-89C2-443C-AF7B-BED81D3DE25A\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:nexus_93108tc-fx3p:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"BBEF7F26-BB47-44BD-872E-130820557C23\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:nexus_93120tx:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"07DE6F63-2C7D-415B-8C34-01EC05C062F3\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:nexus_93120tx_switch:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"182000E0-8204-4D8B-B7DE-B191AFE12E28\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:nexus_93128:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"F309E7B9-B828-4CD2-9D2B-8966EE5B9CC1\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:nexus_93128tx:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"F423E45D-A6DD-4305-9C6A-EAB26293E53A\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:nexus_93128tx_switch:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"BDC208BC-7E19-48C6-A20E-A79A51B7362C\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:nexus_9316d-gx:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"102F91CD-DFB6-43D4-AE5B-DA157A696230\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:nexus_93180lc-ex:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"E952A96A-0F48-4357-B7DD-1127D8827650\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:nexus_93180lc-ex_switch:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"084D0191-563B-4FF0-B589-F35DA118E1C6\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:nexus_93180tc-ex:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"B7DB6FC5-762A-4F16-AE8C-69330EFCF640\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:nexus_93180yc-ex:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"F70D81F1-8B12-4474-9060-B4934D8A3873\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:nexus_93180yc-ex-24:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"5394DE31-3863-4CA9-B7B1-E5227183100D\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:nexus_93180yc-ex_switch:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"968390BC-B430-4903-B614-13104BFAE635\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:nexus_93180yc-fx:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"7349D69B-D8FA-4462-AA28-69DD18A652D9\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:nexus_93180yc-fx-24:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"FE4BB834-2C00-4384-A78E-AF3BCDDC58AF\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:nexus_93180yc-fx3:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"B0D30D52-837F-4FDA-B8E5-A9066E9C6D2F\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:nexus_93180yc-fx3h:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"E6678B8A-D905-447E-BE7E-6BFB4CC5DAFE\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:nexus_93180yc-fx3s:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"7CE49B45-F2E9-491D-9C29-1B46E9CE14E2\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:nexus_93216tc-fx2:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"B1CC5F78-E88B-4B82-9E3E-C73D3A49DE26\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:nexus_93240tc-fx2:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"4BFAD21E-59EE-4CCE-8F1E-621D2EA50905\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:nexus_93240yc-fx2:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"91231DC6-2773-4238-8C14-A346F213B5E5\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:nexus_9332c:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"2DF88547-BAF4-47B0-9F60-80A30297FCEB\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:nexus_9332d-gx2b:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"02C3CE6D-BD54-48B1-A188-8E53DA001424\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:nexus_9332d-h2r:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"498991F7-39D6-428C-8C7D-DD8DC72A0346\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:nexus_9332pq:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"113772B6-E9D2-4094-9468-3F4E1A87D07D\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:nexus_9332pq_switch:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"F7B90D36-5124-4669-8462-4EAF35B0F53D\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:nexus_93360yc-fx2:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"C45A38D6-BED6-4FEF-AD87-A1E813695DE0\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:nexus_9336c-fx2:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"F1FC2B1F-232E-4754-8076-CC82F3648730\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:nexus_9336c-fx2-e:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"7CDD27C9-5EAF-4956-8AB7-740C84C9D4FC\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:nexus_9336pq:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"5F1127D2-12C0-454F-91EF-5EE334070D06\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:nexus_9336pq_aci:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"7D6EB963-E0F2-4A02-8765-AB2064BE19E9\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:nexus_9336pq_aci_spine:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"785FD17C-F32E-4042-9DDE-A89B3AAE0334\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:nexus_9336pq_aci_spine_switch:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"DEAAF99B-5406-4722-81FB-A91CBAC2DF41\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:nexus_9348d-gx2a:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"73DC1E93-561E-490C-AE0E-B02BAB9A7C8E\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:nexus_9348gc-fx3:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"12DA2DE5-8ADA-4D6A-BC1A-9C06FA163B1C\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:nexus_9348gc-fxp:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"17C7E3DB-8E1A-47AD-B1C5-61747DC0CFB9\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:nexus_93600cd-gx:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"2CF467E2-4567-426E-8F48-39669E0F514C\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:nexus_9364c:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"63842B25-8C32-4988-BBBD-61E9CB09B4F3\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:nexus_9364c-gx:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"68EA1FEF-B6B6-49FE-A0A4-5387F76303F8\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:nexus_9364d-gx2a:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"40D6DB7F-C025-4971-9615-73393ED61078\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:nexus_9372px:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"4364ADB9-8162-451D-806A-B98924E6B2CF\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:nexus_9372px-e:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"B53BCB42-ED61-4FCF-8068-CB467631C63C\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:nexus_9372px-e_switch:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"737C724A-B6CD-4FF7-96E0-EBBF645D660E\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:nexus_9372px_switch:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"7067AEC7-DFC8-4437-9338-C5165D9A8F36\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:nexus_9372tx:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"49E0371B-FDE2-473C-AA59-47E1269D050F\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:nexus_9372tx-e:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"489D11EC-5A18-4F32-BC7C-AC1FCEC27222\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:nexus_9372tx-e_switch:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"71D4CF15-B293-4403-A1A9-96AD3933BAEF\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:nexus_9372tx_switch:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"DBCC1515-2DBE-4DF2-8E83-29A869170F36\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:nexus_9396px:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"1BC5293E-F2B4-46DC-85DA-167EA323FCFD\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:nexus_9396px_switch:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"7282AAFF-ED18-4992-AC12-D953C35EC328\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:nexus_9396tx:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"EA022E77-6557-4A33-9A3A-D028E2DB669A\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:nexus_9396tx_switch:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"360409CC-4172-4878-A76B-EA1C1F8C7A79\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:nexus_9408:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"D8D5D5E2-B40B-475D-9EF3-8441016E37E9\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:nexus_9432pq:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"FDA8E1F0-74A6-4725-B6AA-A1112EFC5D0C\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:nexus_9500:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"63BE0266-1C00-4D6A-AD96-7F82532ABAA7\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:nexus_9500_16-slot:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"73F59A4B-AE92-4533-8EDC-D1DD850309FF\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:nexus_9500_4-slot:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"492A2C86-DD38-466B-9965-77629A73814F\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:nexus_9500_8-slot:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"1FB7AA46-4018-4925-963E-719E1037F759\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:nexus_9500_supervisor_a:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"31B9D1E4-10B9-4B6F-B848-D93ABF6486D6\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:nexus_9500_supervisor_a\\\\+:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"CB270C45-756E-400A-979F-D07D750C881A\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:nexus_9500_supervisor_b:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"4E8A085C-2DBA-4269-AB01-B16019FBB4DA\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:nexus_9500_supervisor_b\\\\+:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"A79DD582-AF68-44F1-B640-766B46EF2BE2\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:nexus_9500r:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"B04484DA-AA59-4833-916E-6A8C96D34F0D\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:nexus_9504:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"768BE390-5ED5-48A7-9E80-C4DE8BA979B1\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:nexus_9504_switch:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"D07B5399-44C7-468D-9D57-BB5B5E26CE50\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:nexus_9508:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"DDC2F709-AFBE-48EA-A3A2-DA1134534FB6\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:nexus_9508_switch:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"B76FB64F-16F0-4B0B-B304-B46258D434BA\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:nexus_9516:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"7E02DC82-0D26-436F-BA64-73C958932B0A\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:nexus_9516_switch:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"2E128053-834B-4DD5-A517-D14B4FC2B56F\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:nexus_9536pq:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"163743A1-09E7-4EC5-8ECA-79E4B9CE173B\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:nexus_9636pq:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"CE340E4C-DC48-4FC8-921B-EE304DB5AE0A\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:nexus_9716d-gx:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"C367BBE0-D71F-4CB5-B50E-72B033E73FE1\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:nexus_9736pq:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"85E1D224-4751-4233-A127-A041068C804A\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:nexus_9800:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"BD31B075-01B1-429E-83F4-B999356A0EB9\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:nexus_9804:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"A10C9C0A-C96A-4B45-90D0-6ED457EB5F4C\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:nexus_9808:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"3284D16F-3275-4F8D-8AE4-D413DE19C4FA\"}]}]}],\"references\":[{\"url\":\"http://www.openwall.com/lists/oss-security/2023/10/10/6\",\"source\":\"cve@mitre.org\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"http://www.openwall.com/lists/oss-security/2023/10/10/7\",\"source\":\"cve@mitre.org\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"http://www.openwall.com/lists/oss-security/2023/10/13/4\",\"source\":\"cve@mitre.org\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"http://www.openwall.com/lists/oss-security/2023/10/13/9\",\"source\":\"cve@mitre.org\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"http://www.openwall.com/lists/oss-security/2023/10/18/4\",\"source\":\"cve@mitre.org\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"http://www.openwall.com/lists/oss-security/2023/10/18/8\",\"source\":\"cve@mitre.org\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"http://www.openwall.com/lists/oss-security/2023/10/19/6\",\"source\":\"cve@mitre.org\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"http://www.openwall.com/lists/oss-security/2023/10/20/8\",\"source\":\"cve@mitre.org\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"https://access.redhat.com/security/cve/cve-2023-44487\",\"source\":\"cve@mitre.org\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"https://arstechnica.com/security/2023/10/how-ddosers-used-the-http-2-protocol-to-deliver-attacks-of-unprecedented-size/\",\"source\":\"cve@mitre.org\",\"tags\":[\"Press/Media Coverage\",\"Third Party Advisory\"]},{\"url\":\"https://aws.amazon.com/security/security-bulletins/AWS-2023-011/\",\"source\":\"cve@mitre.org\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://blog.cloudflare.com/technical-breakdown-http2-rapid-reset-ddos-attack/\",\"source\":\"cve@mitre.org\",\"tags\":[\"Technical Description\",\"Vendor Advisory\"]},{\"url\":\"https://blog.cloudflare.com/zero-day-rapid-reset-http2-record-breaking-ddos-attack/\",\"source\":\"cve@mitre.org\",\"tags\":[\"Third Party Advisory\",\"Vendor Advisory\"]},{\"url\":\"https://blog.litespeedtech.com/2023/10/11/rapid-reset-http-2-vulnerablilty/\",\"source\":\"cve@mitre.org\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"https://blog.qualys.com/vulnerabilities-threat-research/2023/10/10/cve-2023-44487-http-2-rapid-reset-attack\",\"source\":\"cve@mitre.org\",\"tags\":[\"Press/Media Coverage\",\"Third Party Advisory\"]},{\"url\":\"https://blog.vespa.ai/cve-2023-44487/\",\"source\":\"cve@mitre.org\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"https://bugzilla.proxmox.com/show_bug.cgi?id=4988\",\"source\":\"cve@mitre.org\",\"tags\":[\"Issue Tracking\",\"Third Party Advisory\"]},{\"url\":\"https://bugzilla.redhat.com/show_bug.cgi?id=2242803\",\"source\":\"cve@mitre.org\",\"tags\":[\"Issue Tracking\",\"Vendor Advisory\"]},{\"url\":\"https://bugzilla.suse.com/show_bug.cgi?id=1216123\",\"source\":\"cve@mitre.org\",\"tags\":[\"Issue Tracking\",\"Vendor Advisory\"]},{\"url\":\"https://cgit.freebsd.org/ports/commit/?id=c64c329c2c1752f46b73e3e6ce9f4329be6629f9\",\"source\":\"cve@mitre.org\",\"tags\":[\"Mailing List\",\"Patch\",\"Vendor Advisory\"]},{\"url\":\"https://cloud.google.com/blog/products/identity-security/google-cloud-mitigated-largest-ddos-attack-peaking-above-398-million-rps/\",\"source\":\"cve@mitre.org\",\"tags\":[\"Technical Description\",\"Vendor Advisory\"]},{\"url\":\"https://cloud.google.com/blog/products/identity-security/how-it-works-the-novel-http2-rapid-reset-ddos-attack\",\"source\":\"cve@mitre.org\",\"tags\":[\"Technical Description\",\"Vendor Advisory\"]},{\"url\":\"https://community.traefik.io/t/is-traefik-vulnerable-to-cve-2023-44487/20125\",\"source\":\"cve@mitre.org\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"https://discuss.hashicorp.com/t/hcsec-2023-32-vault-consul-and-boundary-affected-by-http-2-rapid-reset-denial-of-service-vulnerability-cve-2023-44487/59715\",\"source\":\"cve@mitre.org\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://edg.io/lp/blog/resets-leaks-ddos-and-the-tale-of-a-hidden-cve\",\"source\":\"cve@mitre.org\",\"tags\":[\"Broken Link\"]},{\"url\":\"https://forums.swift.org/t/swift-nio-http2-security-update-cve-2023-44487-http-2-dos/67764\",\"source\":\"cve@mitre.org\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"https://gist.github.com/adulau/7c2bfb8e9cdbe4b35a5e131c66a0c088\",\"source\":\"cve@mitre.org\",\"tags\":[\"Issue Tracking\",\"Patch\"]},{\"url\":\"https://github.com/Azure/AKS/issues/3947\",\"source\":\"cve@mitre.org\",\"tags\":[\"Issue Tracking\"]},{\"url\":\"https://github.com/Kong/kong/discussions/11741\",\"source\":\"cve@mitre.org\",\"tags\":[\"Issue Tracking\"]},{\"url\":\"https://github.com/advisories/GHSA-qppj-fm5r-hxr3\",\"source\":\"cve@mitre.org\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"https://github.com/advisories/GHSA-vx74-f528-fxqg\",\"source\":\"cve@mitre.org\",\"tags\":[\"Mitigation\",\"Patch\",\"Vendor Advisory\"]},{\"url\":\"https://github.com/advisories/GHSA-xpw8-rcwv-8f8p\",\"source\":\"cve@mitre.org\",\"tags\":[\"Patch\",\"Vendor Advisory\"]},{\"url\":\"https://github.com/akka/akka-http/issues/4323\",\"source\":\"cve@mitre.org\",\"tags\":[\"Issue Tracking\"]},{\"url\":\"https://github.com/alibaba/tengine/issues/1872\",\"source\":\"cve@mitre.org\",\"tags\":[\"Issue Tracking\"]},{\"url\":\"https://github.com/apache/apisix/issues/10320\",\"source\":\"cve@mitre.org\",\"tags\":[\"Issue Tracking\"]},{\"url\":\"https://github.com/apache/httpd-site/pull/10\",\"source\":\"cve@mitre.org\",\"tags\":[\"Issue Tracking\"]},{\"url\":\"https://github.com/apache/httpd/blob/afcdbeebbff4b0c50ea26cdd16e178c0d1f24152/modules/http2/h2_mplx.c#L1101-L1113\",\"source\":\"cve@mitre.org\",\"tags\":[\"Product\"]},{\"url\":\"https://github.com/apache/tomcat/tree/main/java/org/apache/coyote/http2\",\"source\":\"cve@mitre.org\",\"tags\":[\"Product\",\"Third Party Advisory\"]},{\"url\":\"https://github.com/apache/trafficserver/pull/10564\",\"source\":\"cve@mitre.org\",\"tags\":[\"Issue Tracking\",\"Patch\"]},{\"url\":\"https://github.com/arkrwn/PoC/tree/main/CVE-2023-44487\",\"source\":\"cve@mitre.org\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"https://github.com/bcdannyboy/CVE-2023-44487\",\"source\":\"cve@mitre.org\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://github.com/caddyserver/caddy/issues/5877\",\"source\":\"cve@mitre.org\",\"tags\":[\"Issue Tracking\",\"Vendor Advisory\"]},{\"url\":\"https://github.com/caddyserver/caddy/releases/tag/v2.7.5\",\"source\":\"cve@mitre.org\",\"tags\":[\"Release Notes\",\"Third Party Advisory\"]},{\"url\":\"https://github.com/dotnet/announcements/issues/277\",\"source\":\"cve@mitre.org\",\"tags\":[\"Issue Tracking\",\"Mitigation\",\"Vendor Advisory\"]},{\"url\":\"https://github.com/dotnet/core/blob/e4613450ea0da7fd2fc6b61dfb2c1c1dec1ce9ec/release-notes/6.0/6.0.23/6.0.23.md?plain=1#L73\",\"source\":\"cve@mitre.org\",\"tags\":[\"Product\",\"Release Notes\"]},{\"url\":\"https://github.com/eclipse/jetty.project/issues/10679\",\"source\":\"cve@mitre.org\",\"tags\":[\"Issue Tracking\"]},{\"url\":\"https://github.com/envoyproxy/envoy/pull/30055\",\"source\":\"cve@mitre.org\",\"tags\":[\"Issue Tracking\",\"Patch\"]},{\"url\":\"https://github.com/etcd-io/etcd/issues/16740\",\"source\":\"cve@mitre.org\",\"tags\":[\"Issue Tracking\",\"Patch\"]},{\"url\":\"https://github.com/facebook/proxygen/pull/466\",\"source\":\"cve@mitre.org\",\"tags\":[\"Issue Tracking\",\"Patch\"]},{\"url\":\"https://github.com/golang/go/issues/63417\",\"source\":\"cve@mitre.org\",\"tags\":[\"Issue Tracking\"]},{\"url\":\"https://github.com/grpc/grpc-go/pull/6703\",\"source\":\"cve@mitre.org\",\"tags\":[\"Issue Tracking\",\"Patch\"]},{\"url\":\"https://github.com/grpc/grpc/releases/tag/v1.59.2\",\"source\":\"cve@mitre.org\",\"tags\":[\"Mailing List\"]},{\"url\":\"https://github.com/h2o/h2o/pull/3291\",\"source\":\"cve@mitre.org\",\"tags\":[\"Issue Tracking\",\"Patch\"]},{\"url\":\"https://github.com/h2o/h2o/security/advisories/GHSA-2m7v-gc89-fjqf\",\"source\":\"cve@mitre.org\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"https://github.com/haproxy/haproxy/issues/2312\",\"source\":\"cve@mitre.org\",\"tags\":[\"Issue Tracking\"]},{\"url\":\"https://github.com/icing/mod_h2/blob/0a864782af0a942aa2ad4ed960a6b32cd35bcf0a/mod_http2/README.md?plain=1#L239-L244\",\"source\":\"cve@mitre.org\",\"tags\":[\"Product\"]},{\"url\":\"https://github.com/junkurihara/rust-rpxy/issues/97\",\"source\":\"cve@mitre.org\",\"tags\":[\"Issue Tracking\"]},{\"url\":\"https://github.com/kazu-yamamoto/http2/commit/f61d41a502bd0f60eb24e1ce14edc7b6df6722a1\",\"source\":\"cve@mitre.org\",\"tags\":[\"Patch\"]},{\"url\":\"https://github.com/kazu-yamamoto/http2/issues/93\",\"source\":\"cve@mitre.org\",\"tags\":[\"Issue Tracking\"]},{\"url\":\"https://github.com/kubernetes/kubernetes/pull/121120\",\"source\":\"cve@mitre.org\",\"tags\":[\"Issue Tracking\",\"Patch\"]},{\"url\":\"https://github.com/line/armeria/pull/5232\",\"source\":\"cve@mitre.org\",\"tags\":[\"Issue Tracking\",\"Patch\"]},{\"url\":\"https://github.com/linkerd/website/pull/1695/commits/4b9c6836471bc8270ab48aae6fd2181bc73fd632\",\"source\":\"cve@mitre.org\",\"tags\":[\"Patch\"]},{\"url\":\"https://github.com/micrictor/http2-rst-stream\",\"source\":\"cve@mitre.org\",\"tags\":[\"Exploit\",\"Third Party Advisory\"]},{\"url\":\"https://github.com/microsoft/CBL-Mariner/pull/6381\",\"source\":\"cve@mitre.org\",\"tags\":[\"Issue Tracking\",\"Patch\"]},{\"url\":\"https://github.com/netty/netty/commit/58f75f665aa81a8cbcf6ffa74820042a285c5e61\",\"source\":\"cve@mitre.org\",\"tags\":[\"Patch\"]},{\"url\":\"https://github.com/nghttp2/nghttp2/pull/1961\",\"source\":\"cve@mitre.org\",\"tags\":[\"Issue Tracking\",\"Patch\"]},{\"url\":\"https://github.com/nghttp2/nghttp2/releases/tag/v1.57.0\",\"source\":\"cve@mitre.org\",\"tags\":[\"Release Notes\"]},{\"url\":\"https://github.com/ninenines/cowboy/issues/1615\",\"source\":\"cve@mitre.org\",\"tags\":[\"Issue Tracking\"]},{\"url\":\"https://github.com/nodejs/node/pull/50121\",\"source\":\"cve@mitre.org\",\"tags\":[\"Issue Tracking\"]},{\"url\":\"https://github.com/openresty/openresty/issues/930\",\"source\":\"cve@mitre.org\",\"tags\":[\"Issue Tracking\"]},{\"url\":\"https://github.com/opensearch-project/data-prepper/issues/3474\",\"source\":\"cve@mitre.org\",\"tags\":[\"Issue Tracking\",\"Patch\"]},{\"url\":\"https://github.com/oqtane/oqtane.framework/discussions/3367\",\"source\":\"cve@mitre.org\",\"tags\":[\"Issue Tracking\"]},{\"url\":\"https://github.com/projectcontour/contour/pull/5826\",\"source\":\"cve@mitre.org\",\"tags\":[\"Issue Tracking\",\"Patch\"]},{\"url\":\"https://github.com/tempesta-tech/tempesta/issues/1986\",\"source\":\"cve@mitre.org\",\"tags\":[\"Issue Tracking\"]},{\"url\":\"https://github.com/varnishcache/varnish-cache/issues/3996\",\"source\":\"cve@mitre.org\",\"tags\":[\"Issue Tracking\"]},{\"url\":\"https://groups.google.com/g/golang-announce/c/iNNxDTCjZvo\",\"source\":\"cve@mitre.org\",\"tags\":[\"Mailing List\",\"Release Notes\",\"Vendor Advisory\"]},{\"url\":\"https://istio.io/latest/news/security/istio-security-2023-004/\",\"source\":\"cve@mitre.org\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"https://linkerd.io/2023/10/12/linkerd-cve-2023-44487/\",\"source\":\"cve@mitre.org\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"https://lists.apache.org/thread/5py8h42mxfsn8l1wy6o41xwhsjlsd87q\",\"source\":\"cve@mitre.org\",\"tags\":[\"Mailing List\"]},{\"url\":\"https://lists.debian.org/debian-lts-announce/2023/10/msg00020.html\",\"source\":\"cve@mitre.org\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"https://lists.debian.org/debian-lts-announce/2023/10/msg00023.html\",\"source\":\"cve@mitre.org\",\"tags\":[\"Mailing List\"]},{\"url\":\"https://lists.debian.org/debian-lts-announce/2023/10/msg00024.html\",\"source\":\"cve@mitre.org\",\"tags\":[\"Mailing List\"]},{\"url\":\"https://lists.debian.org/debian-lts-announce/2023/10/msg00045.html\",\"source\":\"cve@mitre.org\",\"tags\":[\"Mailing List\"]},{\"url\":\"https://lists.debian.org/debian-lts-announce/2023/10/msg00047.html\",\"source\":\"cve@mitre.org\",\"tags\":[\"Mailing List\"]},{\"url\":\"https://lists.debian.org/debian-lts-announce/2023/11/msg00001.html\",\"source\":\"cve@mitre.org\",\"tags\":[\"Mailing List\"]},{\"url\":\"https://lists.debian.org/debian-lts-announce/2023/11/msg00012.html\",\"source\":\"cve@mitre.org\",\"tags\":[\"Mailing List\"]},{\"url\":\"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/2MBEPPC36UBVOZZNAXFHKLFGSLCMN5LI/\",\"source\":\"cve@mitre.org\",\"tags\":[\"Mailing List\"]},{\"url\":\"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3N4NJ7FR4X4FPZUGNTQAPSTVB2HB2Y4A/\",\"source\":\"cve@mitre.org\",\"tags\":[\"Mailing List\"]},{\"url\":\"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/BFQD3KUEMFBHPAPBGLWQC34L4OWL5HAZ/\",\"source\":\"cve@mitre.org\",\"tags\":[\"Mailing List\"]},{\"url\":\"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CLB4TW7KALB3EEQWNWCN7OUIWWVWWCG2/\",\"source\":\"cve@mitre.org\",\"tags\":[\"Mailing List\"]},{\"url\":\"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/E72T67UPDRXHIDLO3OROR25YAMN4GGW5/\",\"source\":\"cve@mitre.org\",\"tags\":[\"Mailing List\"]},{\"url\":\"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/FNA62Q767CFAFHBCDKYNPBMZWB7TWYVU/\",\"source\":\"cve@mitre.org\",\"tags\":[\"Mailing List\"]},{\"url\":\"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/HT7T2R4MQKLIF4ODV4BDLPARWFPCJ5CZ/\",\"source\":\"cve@mitre.org\",\"tags\":[\"Mailing List\"]},{\"url\":\"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/JIZSEFC3YKCGABA2BZW6ZJRMDZJMB7PJ/\",\"source\":\"cve@mitre.org\",\"tags\":[\"Mailing List\"]},{\"url\":\"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/JMEXY22BFG5Q64HQCM5CK2Q7KDKVV4TY/\",\"source\":\"cve@mitre.org\",\"tags\":[\"Mailing List\"]},{\"url\":\"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KSEGD2IWKNUO3DWY4KQGUQM5BISRWHQE/\",\"source\":\"cve@mitre.org\",\"tags\":[\"Mailing List\"]},{\"url\":\"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/LKYHSZQFDNR7RSA7LHVLLIAQMVYCUGBG/\",\"source\":\"cve@mitre.org\",\"tags\":[\"Mailing List\"]},{\"url\":\"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/LNMZJCDHGLJJLXO4OXWJMTVQRNWOC7UL/\",\"source\":\"cve@mitre.org\",\"tags\":[\"Mailing List\"]},{\"url\":\"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/VHUHTSXLXGXS7JYKBXTA3VINUPHTNGVU/\",\"source\":\"cve@mitre.org\",\"tags\":[\"Mailing List\"]},{\"url\":\"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/VSRDIV77HNKUSM7SJC5BKE5JSHLHU2NK/\",\"source\":\"cve@mitre.org\",\"tags\":[\"Mailing List\"]},{\"url\":\"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WE2I52RHNNU42PX6NZ2RBUHSFFJ2LVZX/\",\"source\":\"cve@mitre.org\",\"tags\":[\"Mailing List\"]},{\"url\":\"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WLPRQ5TWUQQXYWBJM7ECYDAIL2YVKIUH/\",\"source\":\"cve@mitre.org\",\"tags\":[\"Mailing List\"]},{\"url\":\"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/X6QXN4ORIVF6XBW4WWFE7VNPVC74S45Y/\",\"source\":\"cve@mitre.org\",\"tags\":[\"Mailing List\"]},{\"url\":\"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XFOIBB4YFICHDM7IBOP7PWXW3FX4HLL2/\",\"source\":\"cve@mitre.org\",\"tags\":[\"Mailing List\"]},{\"url\":\"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZB43REMKRQR62NJEI7I5NQ4FSXNLBKRT/\",\"source\":\"cve@mitre.org\",\"tags\":[\"Mailing List\"]},{\"url\":\"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZKQSIKIAT5TJ3WSLU3RDBQ35YX4GY4V3/\",\"source\":\"cve@mitre.org\",\"tags\":[\"Mailing List\"]},{\"url\":\"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZLU6U2R2IC2K64NDPNMV55AUAO65MAF4/\",\"source\":\"cve@mitre.org\",\"tags\":[\"Mailing List\"]},{\"url\":\"https://lists.w3.org/Archives/Public/ietf-http-wg/2023OctDec/0025.html\",\"source\":\"cve@mitre.org\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"https://mailman.nginx.org/pipermail/nginx-devel/2023-October/S36Q5HBXR7CAIMPLLPRSSSYR4PCMWILK.html\",\"source\":\"cve@mitre.org\",\"tags\":[\"Mailing List\",\"Patch\",\"Third Party Advisory\"]},{\"url\":\"https://martinthomson.github.io/h2-stream-limits/draft-thomson-httpbis-h2-stream-limits.html\",\"source\":\"cve@mitre.org\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://msrc.microsoft.com/blog/2023/10/microsoft-response-to-distributed-denial-of-service-ddos-attacks-against-http/2/\",\"source\":\"cve@mitre.org\",\"tags\":[\"Patch\",\"Vendor Advisory\"]},{\"url\":\"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-44487\",\"source\":\"cve@mitre.org\",\"tags\":[\"Mitigation\",\"Patch\",\"Vendor Advisory\"]},{\"url\":\"https://my.f5.com/manage/s/article/K000137106\",\"source\":\"cve@mitre.org\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"https://netty.io/news/2023/10/10/4-1-100-Final.html\",\"source\":\"cve@mitre.org\",\"tags\":[\"Release Notes\",\"Vendor Advisory\"]},{\"url\":\"https://news.ycombinator.com/item?id=37830987\",\"source\":\"cve@mitre.org\",\"tags\":[\"Issue Tracking\"]},{\"url\":\"https://news.ycombinator.com/item?id=37830998\",\"source\":\"cve@mitre.org\",\"tags\":[\"Issue Tracking\",\"Press/Media Coverage\"]},{\"url\":\"https://news.ycombinator.com/item?id=37831062\",\"source\":\"cve@mitre.org\",\"tags\":[\"Issue Tracking\"]},{\"url\":\"https://news.ycombinator.com/item?id=37837043\",\"source\":\"cve@mitre.org\",\"tags\":[\"Issue Tracking\"]},{\"url\":\"https://openssf.org/blog/2023/10/10/http-2-rapid-reset-vulnerability-highlights-need-for-rapid-response/\",\"source\":\"cve@mitre.org\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://seanmonstar.com/post/730794151136935936/hyper-http2-rapid-reset-unaffected\",\"source\":\"cve@mitre.org\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-http2-reset-d8Kf32vZ\",\"source\":\"cve@mitre.org\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"https://security.gentoo.org/glsa/202311-09\",\"source\":\"cve@mitre.org\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://security.netapp.com/advisory/ntap-20231016-0001/\",\"source\":\"cve@mitre.org\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://security.netapp.com/advisory/ntap-20240426-0007/\",\"source\":\"cve@mitre.org\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://security.netapp.com/advisory/ntap-20240621-0006/\",\"source\":\"cve@mitre.org\",\"tags\":[\"Exploit\",\"Third Party Advisory\"]},{\"url\":\"https://security.netapp.com/advisory/ntap-20240621-0007/\",\"source\":\"cve@mitre.org\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://security.paloaltonetworks.com/CVE-2023-44487\",\"source\":\"cve@mitre.org\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"https://tomcat.apache.org/security-10.html#Fixed_in_Apache_Tomcat_10.1.14\",\"source\":\"cve@mitre.org\",\"tags\":[\"Release Notes\"]},{\"url\":\"https://ubuntu.com/security/CVE-2023-44487\",\"source\":\"cve@mitre.org\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"https://www.bleepingcomputer.com/news/security/new-http-2-rapid-reset-zero-day-attack-breaks-ddos-records/\",\"source\":\"cve@mitre.org\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://www.cisa.gov/news-events/alerts/2023/10/10/http2-rapid-reset-vulnerability-cve-2023-44487\",\"source\":\"cve@mitre.org\",\"tags\":[\"Third Party Advisory\",\"US Government Resource\"]},{\"url\":\"https://www.darkreading.com/cloud/internet-wide-zero-day-bug-fuels-largest-ever-ddos-event\",\"source\":\"cve@mitre.org\",\"tags\":[\"Press/Media Coverage\",\"Third Party Advisory\"]},{\"url\":\"https://www.debian.org/security/2023/dsa-5521\",\"source\":\"cve@mitre.org\",\"tags\":[\"Mailing List\",\"Vendor Advisory\"]},{\"url\":\"https://www.debian.org/security/2023/dsa-5522\",\"source\":\"cve@mitre.org\",\"tags\":[\"Mailing List\",\"Vendor Advisory\"]},{\"url\":\"https://www.debian.org/security/2023/dsa-5540\",\"source\":\"cve@mitre.org\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"https://www.debian.org/security/2023/dsa-5549\",\"source\":\"cve@mitre.org\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"https://www.debian.org/security/2023/dsa-5558\",\"source\":\"cve@mitre.org\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"https://www.debian.org/security/2023/dsa-5570\",\"source\":\"cve@mitre.org\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://www.haproxy.com/blog/haproxy-is-not-affected-by-the-http-2-rapid-reset-attack-cve-2023-44487\",\"source\":\"cve@mitre.org\",\"tags\":[\"Third Party Advisory\",\"Vendor Advisory\"]},{\"url\":\"https://www.netlify.com/blog/netlify-successfully-mitigates-cve-2023-44487/\",\"source\":\"cve@mitre.org\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"https://www.nginx.com/blog/http-2-rapid-reset-attack-impacting-f5-nginx-products/\",\"source\":\"cve@mitre.org\",\"tags\":[\"Mitigation\",\"Vendor Advisory\"]},{\"url\":\"https://www.openwall.com/lists/oss-security/2023/10/10/6\",\"source\":\"cve@mitre.org\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"https://www.phoronix.com/news/HTTP2-Rapid-Reset-Attack\",\"source\":\"cve@mitre.org\",\"tags\":[\"Press/Media Coverage\"]},{\"url\":\"https://www.theregister.com/2023/10/10/http2_rapid_reset_zeroday/\",\"source\":\"cve@mitre.org\",\"tags\":[\"Press/Media Coverage\",\"Third Party Advisory\"]},{\"url\":\"http://www.openwall.com/lists/oss-security/2023/10/13/4\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"http://www.openwall.com/lists/oss-security/2023/10/13/9\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"http://www.openwall.com/lists/oss-security/2023/10/18/4\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"http://www.openwall.com/lists/oss-security/2023/10/18/8\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"http://www.openwall.com/lists/oss-security/2023/10/19/6\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"http://www.openwall.com/lists/oss-security/2023/10/20/8\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"http://www.openwall.com/lists/oss-security/2025/08/13/6\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://access.redhat.com/security/cve/cve-2023-44487\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"https://arstechnica.com/security/2023/10/how-ddosers-used-the-http-2-protocol-to-deliver-attacks-of-unprecedented-size/\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Press/Media Coverage\",\"Third Party Advisory\"]},{\"url\":\"https://aws.amazon.com/security/security-bulletins/AWS-2023-011/\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://blog.cloudflare.com/technical-breakdown-http2-rapid-reset-ddos-attack/\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Technical Description\",\"Vendor Advisory\"]},{\"url\":\"https://blog.cloudflare.com/zero-day-rapid-reset-http2-record-breaking-ddos-attack/\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\",\"Vendor Advisory\"]},{\"url\":\"https://blog.litespeedtech.com/2023/10/11/rapid-reset-http-2-vulnerablilty/\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"https://blog.qualys.com/vulnerabilities-threat-research/2023/10/10/cve-2023-44487-http-2-rapid-reset-attack\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Press/Media Coverage\",\"Third Party Advisory\"]},{\"url\":\"https://blog.vespa.ai/cve-2023-44487/\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"https://bugzilla.proxmox.com/show_bug.cgi?id=4988\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Issue Tracking\",\"Third Party Advisory\"]},{\"url\":\"https://bugzilla.redhat.com/show_bug.cgi?id=2242803\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Issue Tracking\",\"Vendor Advisory\"]},{\"url\":\"https://bugzilla.suse.com/show_bug.cgi?id=1216123\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Issue Tracking\",\"Vendor Advisory\"]},{\"url\":\"https://cgit.freebsd.org/ports/commit/?id=c64c329c2c1752f46b73e3e6ce9f4329be6629f9\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mailing List\",\"Patch\",\"Vendor Advisory\"]},{\"url\":\"https://cloud.google.com/blog/products/identity-security/google-cloud-mitigated-largest-ddos-attack-peaking-above-398-million-rps/\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Technical Description\",\"Vendor Advisory\"]},{\"url\":\"https://cloud.google.com/blog/products/identity-security/how-it-works-the-novel-http2-rapid-reset-ddos-attack\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Technical Description\",\"Vendor Advisory\"]},{\"url\":\"https://community.traefik.io/t/is-traefik-vulnerable-to-cve-2023-44487/20125\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"https://discuss.hashicorp.com/t/hcsec-2023-32-vault-consul-and-boundary-affected-by-http-2-rapid-reset-denial-of-service-vulnerability-cve-2023-44487/59715\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://edg.io/lp/blog/resets-leaks-ddos-and-the-tale-of-a-hidden-cve\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Broken Link\"]},{\"url\":\"https://forums.swift.org/t/swift-nio-http2-security-update-cve-2023-44487-http-2-dos/67764\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"https://gist.github.com/adulau/7c2bfb8e9cdbe4b35a5e131c66a0c088\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Issue Tracking\",\"Patch\"]},{\"url\":\"https://github.com/Azure/AKS/issues/3947\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Issue Tracking\"]},{\"url\":\"https://github.com/Kong/kong/discussions/11741\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Issue Tracking\"]},{\"url\":\"https://github.com/advisories/GHSA-qppj-fm5r-hxr3\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"https://github.com/advisories/GHSA-vx74-f528-fxqg\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mitigation\",\"Patch\",\"Vendor Advisory\"]},{\"url\":\"https://github.com/advisories/GHSA-xpw8-rcwv-8f8p\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Patch\",\"Vendor Advisory\"]},{\"url\":\"https://github.com/akka/akka-http/issues/4323\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Issue Tracking\"]},{\"url\":\"https://github.com/alibaba/tengine/issues/1872\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Issue Tracking\"]},{\"url\":\"https://github.com/apache/apisix/issues/10320\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Issue Tracking\"]},{\"url\":\"https://github.com/apache/httpd-site/pull/10\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Issue Tracking\"]},{\"url\":\"https://github.com/apache/httpd/blob/afcdbeebbff4b0c50ea26cdd16e178c0d1f24152/modules/http2/h2_mplx.c#L1101-L1113\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Product\"]},{\"url\":\"https://github.com/apache/tomcat/tree/main/java/org/apache/coyote/http2\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Product\",\"Third Party Advisory\"]},{\"url\":\"https://github.com/apache/trafficserver/pull/10564\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Issue Tracking\",\"Patch\"]},{\"url\":\"https://github.com/arkrwn/PoC/tree/main/CVE-2023-44487\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"https://github.com/bcdannyboy/CVE-2023-44487\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://github.com/caddyserver/caddy/issues/5877\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Issue Tracking\",\"Vendor Advisory\"]},{\"url\":\"https://github.com/caddyserver/caddy/releases/tag/v2.7.5\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Release Notes\",\"Third Party Advisory\"]},{\"url\":\"https://github.com/dotnet/announcements/issues/277\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Issue Tracking\",\"Mitigation\",\"Vendor Advisory\"]},{\"url\":\"https://github.com/dotnet/core/blob/e4613450ea0da7fd2fc6b61dfb2c1c1dec1ce9ec/release-notes/6.0/6.0.23/6.0.23.md?plain=1#L73\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Product\",\"Release Notes\"]},{\"url\":\"https://github.com/eclipse/jetty.project/issues/10679\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Issue Tracking\"]},{\"url\":\"https://github.com/envoyproxy/envoy/pull/30055\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Issue Tracking\",\"Patch\"]},{\"url\":\"https://github.com/etcd-io/etcd/issues/16740\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Issue Tracking\",\"Patch\"]},{\"url\":\"https://github.com/facebook/proxygen/pull/466\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Issue Tracking\",\"Patch\"]},{\"url\":\"https://github.com/golang/go/issues/63417\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Issue Tracking\"]},{\"url\":\"https://github.com/grpc/grpc-go/pull/6703\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Issue Tracking\",\"Patch\"]},{\"url\":\"https://github.com/h2o/h2o/pull/3291\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Issue Tracking\",\"Patch\"]},{\"url\":\"https://github.com/h2o/h2o/security/advisories/GHSA-2m7v-gc89-fjqf\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"https://github.com/haproxy/haproxy/issues/2312\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Issue Tracking\"]},{\"url\":\"https://github.com/icing/mod_h2/blob/0a864782af0a942aa2ad4ed960a6b32cd35bcf0a/mod_http2/README.md?plain=1#L239-L244\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Product\"]},{\"url\":\"https://github.com/junkurihara/rust-rpxy/issues/97\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Issue Tracking\"]},{\"url\":\"https://github.com/kazu-yamamoto/http2/commit/f61d41a502bd0f60eb24e1ce14edc7b6df6722a1\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Patch\"]},{\"url\":\"https://github.com/kazu-yamamoto/http2/issues/93\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Issue Tracking\"]},{\"url\":\"https://github.com/kubernetes/kubernetes/pull/121120\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Issue Tracking\",\"Patch\"]},{\"url\":\"https://github.com/line/armeria/pull/5232\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Issue Tracking\",\"Patch\"]},{\"url\":\"https://github.com/linkerd/website/pull/1695/commits/4b9c6836471bc8270ab48aae6fd2181bc73fd632\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Patch\"]},{\"url\":\"https://github.com/micrictor/http2-rst-stream\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Exploit\",\"Third Party Advisory\"]},{\"url\":\"https://github.com/microsoft/CBL-Mariner/pull/6381\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Issue Tracking\",\"Patch\"]},{\"url\":\"https://github.com/netty/netty/commit/58f75f665aa81a8cbcf6ffa74820042a285c5e61\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Patch\"]},{\"url\":\"https://github.com/nghttp2/nghttp2/pull/1961\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Issue Tracking\",\"Patch\"]},{\"url\":\"https://github.com/nghttp2/nghttp2/releases/tag/v1.57.0\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Release Notes\"]},{\"url\":\"https://github.com/ninenines/cowboy/issues/1615\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Issue Tracking\"]},{\"url\":\"https://github.com/nodejs/node/pull/50121\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Issue Tracking\"]},{\"url\":\"https://github.com/openresty/openresty/issues/930\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Issue Tracking\"]},{\"url\":\"https://github.com/opensearch-project/data-prepper/issues/3474\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Issue Tracking\",\"Patch\"]},{\"url\":\"https://github.com/oqtane/oqtane.framework/discussions/3367\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Issue Tracking\"]},{\"url\":\"https://github.com/projectcontour/contour/pull/5826\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Issue Tracking\",\"Patch\"]},{\"url\":\"https://github.com/tempesta-tech/tempesta/issues/1986\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Issue Tracking\"]},{\"url\":\"https://github.com/varnishcache/varnish-cache/issues/3996\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Issue Tracking\"]},{\"url\":\"https://groups.google.com/g/golang-announce/c/iNNxDTCjZvo\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mailing List\",\"Release Notes\",\"Vendor Advisory\"]},{\"url\":\"https://istio.io/latest/news/security/istio-security-2023-004/\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"https://linkerd.io/2023/10/12/linkerd-cve-2023-44487/\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"https://lists.apache.org/thread/5py8h42mxfsn8l1wy6o41xwhsjlsd87q\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mailing List\"]},{\"url\":\"https://lists.debian.org/debian-lts-announce/2023/10/msg00020.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"https://lists.debian.org/debian-lts-announce/2023/10/msg00023.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mailing List\"]},{\"url\":\"https://lists.debian.org/debian-lts-announce/2023/10/msg00024.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mailing List\"]},{\"url\":\"https://lists.debian.org/debian-lts-announce/2023/10/msg00045.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mailing List\"]},{\"url\":\"https://lists.debian.org/debian-lts-announce/2023/10/msg00047.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mailing List\"]},{\"url\":\"https://lists.debian.org/debian-lts-announce/2023/11/msg00001.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mailing List\"]},{\"url\":\"https://lists.debian.org/debian-lts-announce/2023/11/msg00012.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mailing List\"]},{\"url\":\"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/2MBEPPC36UBVOZZNAXFHKLFGSLCMN5LI/\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mailing List\"]},{\"url\":\"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/3N4NJ7FR4X4FPZUGNTQAPSTVB2HB2Y4A/\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mailing List\"]},{\"url\":\"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/BFQD3KUEMFBHPAPBGLWQC34L4OWL5HAZ/\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mailing List\"]},{\"url\":\"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/CLB4TW7KALB3EEQWNWCN7OUIWWVWWCG2/\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mailing List\"]},{\"url\":\"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/E72T67UPDRXHIDLO3OROR25YAMN4GGW5/\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mailing List\"]},{\"url\":\"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/FNA62Q767CFAFHBCDKYNPBMZWB7TWYVU/\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mailing List\"]},{\"url\":\"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/HT7T2R4MQKLIF4ODV4BDLPARWFPCJ5CZ/\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mailing List\"]},{\"url\":\"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/JIZSEFC3YKCGABA2BZW6ZJRMDZJMB7PJ/\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mailing List\"]},{\"url\":\"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/JMEXY22BFG5Q64HQCM5CK2Q7KDKVV4TY/\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mailing List\"]},{\"url\":\"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/KSEGD2IWKNUO3DWY4KQGUQM5BISRWHQE/\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mailing List\"]},{\"url\":\"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/LKYHSZQFDNR7RSA7LHVLLIAQMVYCUGBG/\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mailing List\"]},{\"url\":\"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/LNMZJCDHGLJJLXO4OXWJMTVQRNWOC7UL/\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mailing List\"]},{\"url\":\"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/VHUHTSXLXGXS7JYKBXTA3VINUPHTNGVU/\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mailing List\"]},{\"url\":\"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/VSRDIV77HNKUSM7SJC5BKE5JSHLHU2NK/\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mailing List\"]},{\"url\":\"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/WE2I52RHNNU42PX6NZ2RBUHSFFJ2LVZX/\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mailing List\"]},{\"url\":\"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/WLPRQ5TWUQQXYWBJM7ECYDAIL2YVKIUH/\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mailing List\"]},{\"url\":\"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/X6QXN4ORIVF6XBW4WWFE7VNPVC74S45Y/\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mailing List\"]},{\"url\":\"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/XFOIBB4YFICHDM7IBOP7PWXW3FX4HLL2/\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mailing List\"]},{\"url\":\"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZB43REMKRQR62NJEI7I5NQ4FSXNLBKRT/\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mailing List\"]},{\"url\":\"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZKQSIKIAT5TJ3WSLU3RDBQ35YX4GY4V3/\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mailing List\"]},{\"url\":\"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZLU6U2R2IC2K64NDPNMV55AUAO65MAF4/\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"https://lists.w3.org/Archives/Public/ietf-http-wg/2023OctDec/0025.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"https://mailman.nginx.org/pipermail/nginx-devel/2023-October/S36Q5HBXR7CAIMPLLPRSSSYR4PCMWILK.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mailing List\",\"Patch\",\"Third Party Advisory\"]},{\"url\":\"https://martinthomson.github.io/h2-stream-limits/draft-thomson-httpbis-h2-stream-limits.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://msrc.microsoft.com/blog/2023/10/microsoft-response-to-distributed-denial-of-service-ddos-attacks-against-http/2/\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Patch\",\"Vendor Advisory\"]},{\"url\":\"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-44487\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mitigation\",\"Patch\",\"Vendor Advisory\"]},{\"url\":\"https://my.f5.com/manage/s/article/K000137106\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"https://netty.io/news/2023/10/10/4-1-100-Final.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Release Notes\",\"Vendor Advisory\"]},{\"url\":\"https://news.ycombinator.com/item?id=37830987\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Issue Tracking\"]},{\"url\":\"https://news.ycombinator.com/item?id=37830998\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Issue Tracking\",\"Press/Media Coverage\"]},{\"url\":\"https://news.ycombinator.com/item?id=37831062\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Issue Tracking\"]},{\"url\":\"https://news.ycombinator.com/item?id=37837043\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Issue Tracking\"]},{\"url\":\"https://openssf.org/blog/2023/10/10/http-2-rapid-reset-vulnerability-highlights-need-for-rapid-response/\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://seanmonstar.com/post/730794151136935936/hyper-http2-rapid-reset-unaffected\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://security.gentoo.org/glsa/202311-09\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://security.netapp.com/advisory/ntap-20231016-0001/\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://security.netapp.com/advisory/ntap-20240426-0007/\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://security.netapp.com/advisory/ntap-20240621-0006/\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Exploit\",\"Third Party Advisory\"]},{\"url\":\"https://security.netapp.com/advisory/ntap-20240621-0007/\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://security.paloaltonetworks.com/CVE-2023-44487\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"https://tomcat.apache.org/security-10.html#Fixed_in_Apache_Tomcat_10.1.14\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Release Notes\"]},{\"url\":\"https://ubuntu.com/security/CVE-2023-44487\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"https://www.bleepingcomputer.com/news/security/new-http-2-rapid-reset-zero-day-attack-breaks-ddos-records/\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://www.cisa.gov/news-events/alerts/2023/10/10/http2-rapid-reset-vulnerability-cve-2023-44487\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\",\"US Government Resource\"]},{\"url\":\"https://www.darkreading.com/cloud/internet-wide-zero-day-bug-fuels-largest-ever-ddos-event\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Press/Media Coverage\",\"Third Party Advisory\"]},{\"url\":\"https://www.debian.org/security/2023/dsa-5521\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mailing List\",\"Vendor Advisory\"]},{\"url\":\"https://www.debian.org/security/2023/dsa-5522\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mailing List\",\"Vendor Advisory\"]},{\"url\":\"https://www.debian.org/security/2023/dsa-5540\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"https://www.debian.org/security/2023/dsa-5549\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"https://www.debian.org/security/2023/dsa-5558\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"https://www.debian.org/security/2023/dsa-5570\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://www.haproxy.com/blog/haproxy-is-not-affected-by-the-http-2-rapid-reset-attack-cve-2023-44487\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\",\"Vendor Advisory\"]},{\"url\":\"https://www.netlify.com/blog/netlify-successfully-mitigates-cve-2023-44487/\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"https://www.nginx.com/blog/http-2-rapid-reset-attack-impacting-f5-nginx-products/\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mitigation\",\"Vendor Advisory\"]},{\"url\":\"https://www.openwall.com/lists/oss-security/2023/10/10/6\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"https://www.phoronix.com/news/HTTP2-Rapid-Reset-Attack\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Press/Media Coverage\"]},{\"url\":\"https://www.theregister.com/2023/10/10/http2_rapid_reset_zeroday/\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Press/Media Coverage\",\"Third Party Advisory\"]},{\"url\":\"https://www.vicarius.io/vsociety/posts/rapid-reset-cve-2023-44487-dos-in-http2-understanding-the-root-cause\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://cert-portal.siemens.com/productcert/html/ssa-082556.html\",\"source\":\"0b142b55-0307-4c5a-b3c9-f314f3fb7c5e\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://cert-portal.siemens.com/productcert/html/ssa-341067.html\",\"source\":\"0b142b55-0307-4c5a-b3c9-f314f3fb7c5e\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://cert-portal.siemens.com/productcert/html/ssa-784301.html\",\"source\":\"0b142b55-0307-4c5a-b3c9-f314f3fb7c5e\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://cert-portal.siemens.com/productcert/html/ssa-832273.html\",\"source\":\"0b142b55-0307-4c5a-b3c9-f314f3fb7c5e\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://cert-portal.siemens.com/productcert/html/ssa-915275.html\",\"source\":\"0b142b55-0307-4c5a-b3c9-f314f3fb7c5e\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2023-44487\",\"source\":\"134c704f-9b21-4f2e-91b3-4a467353bcc0\",\"tags\":[\"US Government Resource\"]}]}}",
"vulnrichment": {
"containers": "{\"adp\": [{\"title\": \"CVE Program Container\", \"references\": [{\"url\": \"https://github.com/dotnet/core/blob/e4613450ea0da7fd2fc6b61dfb2c1c1dec1ce9ec/release-notes/6.0/6.0.23/6.0.23.md?plain=1#L73\", \"tags\": [\"x_transferred\"]}, {\"url\": \"https://blog.cloudflare.com/technical-breakdown-http2-rapid-reset-ddos-attack/\", \"tags\": [\"x_transferred\"]}, {\"url\": \"https://aws.amazon.com/security/security-bulletins/AWS-2023-011/\", \"tags\": [\"x_transferred\"]}, {\"url\": \"https://cloud.google.com/blog/products/identity-security/how-it-works-the-novel-http2-rapid-reset-ddos-attack\", \"tags\": [\"x_transferred\"]}, {\"url\": \"https://www.nginx.com/blog/http-2-rapid-reset-attack-impacting-f5-nginx-products/\", \"tags\": [\"x_transferred\"]}, {\"url\": \"https://cloud.google.com/blog/products/identity-security/google-cloud-mitigated-largest-ddos-attack-peaking-above-398-million-rps/\", \"tags\": [\"x_transferred\"]}, {\"url\": \"https://news.ycombinator.com/item?id=37831062\", \"tags\": [\"x_transferred\"]}, {\"url\": \"https://blog.cloudflare.com/zero-day-rapid-reset-http2-record-breaking-ddos-attack/\", \"tags\": [\"x_transferred\"]}, {\"url\": \"https://www.phoronix.com/news/HTTP2-Rapid-Reset-Attack\", \"tags\": [\"x_transferred\"]}, {\"url\": \"https://github.com/envoyproxy/envoy/pull/30055\", \"tags\": [\"x_transferred\"]}, {\"url\": \"https://github.com/haproxy/haproxy/issues/2312\", \"tags\": [\"x_transferred\"]}, {\"url\": \"https://github.com/eclipse/jetty.project/issues/10679\", \"tags\": [\"x_transferred\"]}, {\"url\": \"https://forums.swift.org/t/swift-nio-http2-security-update-cve-2023-44487-http-2-dos/67764\", \"tags\": [\"x_transferred\"]}, {\"url\": \"https://github.com/nghttp2/nghttp2/pull/1961\", \"tags\": [\"x_transferred\"]}, {\"url\": \"https://github.com/netty/netty/commit/58f75f665aa81a8cbcf6ffa74820042a285c5e61\", \"tags\": [\"x_transferred\"]}, {\"url\": \"https://github.com/alibaba/tengine/issues/1872\", \"tags\": [\"x_transferred\"]}, {\"url\": \"https://github.com/apache/tomcat/tree/main/java/org/apache/coyote/http2\", \"tags\": [\"x_transferred\"]}, {\"url\": \"https://news.ycombinator.com/item?id=37830987\", \"tags\": [\"x_transferred\"]}, {\"url\": \"https://news.ycombinator.com/item?id=37830998\", \"tags\": [\"x_transferred\"]}, {\"url\": \"https://github.com/caddyserver/caddy/issues/5877\", \"tags\": [\"x_transferred\"]}, {\"url\": \"https://www.bleepingcomputer.com/news/security/new-http-2-rapid-reset-zero-day-attack-breaks-ddos-records/\", \"tags\": [\"x_transferred\"]}, {\"url\": \"https://github.com/bcdannyboy/CVE-2023-44487\", \"tags\": [\"x_transferred\"]}, {\"url\": \"https://github.com/grpc/grpc-go/pull/6703\", \"tags\": [\"x_transferred\"]}, {\"url\": \"https://github.com/icing/mod_h2/blob/0a864782af0a942aa2ad4ed960a6b32cd35bcf0a/mod_http2/README.md?plain=1#L239-L244\", \"tags\": [\"x_transferred\"]}, {\"url\": \"https://github.com/nghttp2/nghttp2/releases/tag/v1.57.0\", \"tags\": [\"x_transferred\"]}, {\"url\": \"https://mailman.nginx.org/pipermail/nginx-devel/2023-October/S36Q5HBXR7CAIMPLLPRSSSYR4PCMWILK.html\", \"tags\": [\"x_transferred\"]}, {\"url\": \"https://my.f5.com/manage/s/article/K000137106\", \"tags\": [\"x_transferred\"]}, {\"url\": \"https://msrc.microsoft.com/blog/2023/10/microsoft-response-to-distributed-denial-of-service-ddos-attacks-against-http/2/\", \"tags\": [\"x_transferred\"]}, {\"url\": \"https://bugzilla.proxmox.com/show_bug.cgi?id=4988\", \"tags\": [\"x_transferred\"]}, {\"url\": \"https://cgit.freebsd.org/ports/commit/?id=c64c329c2c1752f46b73e3e6ce9f4329be6629f9\", \"tags\": [\"x_transferred\"]}, {\"url\": \"https://seanmonstar.com/post/730794151136935936/hyper-http2-rapid-reset-unaffected\", \"tags\": [\"x_transferred\"]}, {\"url\": \"https://github.com/microsoft/CBL-Mariner/pull/6381\", \"tags\": [\"x_transferred\"]}, {\"url\": \"https://groups.google.com/g/golang-announce/c/iNNxDTCjZvo\", \"tags\": [\"x_transferred\"]}, {\"url\": \"https://github.com/facebook/proxygen/pull/466\", \"tags\": [\"x_transferred\"]}, {\"url\": \"https://gist.github.com/adulau/7c2bfb8e9cdbe4b35a5e131c66a0c088\", \"tags\": [\"x_transferred\"]}, {\"url\": \"https://github.com/micrictor/http2-rst-stream\", \"tags\": [\"x_transferred\"]}, {\"url\": \"https://edg.io/lp/blog/resets-leaks-ddos-and-the-tale-of-a-hidden-cve\", \"tags\": [\"x_transferred\"]}, {\"url\": \"https://openssf.org/blog/2023/10/10/http-2-rapid-reset-vulnerability-highlights-need-for-rapid-response/\", \"tags\": [\"x_transferred\"]}, {\"url\": \"https://github.com/h2o/h2o/security/advisories/GHSA-2m7v-gc89-fjqf\", \"tags\": [\"x_transferred\"]}, {\"url\": \"https://github.com/h2o/h2o/pull/3291\", \"tags\": [\"x_transferred\"]}, {\"url\": \"https://github.com/nodejs/node/pull/50121\", \"tags\": [\"x_transferred\"]}, {\"url\": \"https://github.com/dotnet/announcements/issues/277\", \"tags\": [\"x_transferred\"]}, {\"url\": \"https://github.com/golang/go/issues/63417\", \"tags\": [\"x_transferred\"]}, {\"url\": \"https://github.com/advisories/GHSA-vx74-f528-fxqg\", \"tags\": [\"x_transferred\"]}, {\"url\": \"https://github.com/apache/trafficserver/pull/10564\", \"tags\": [\"x_transferred\"]}, {\"url\": \"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-44487\", \"tags\": [\"x_transferred\"]}, {\"url\": \"https://tomcat.apache.org/security-10.html#Fixed_in_Apache_Tomcat_10.1.14\", \"tags\": [\"x_transferred\"]}, {\"url\": \"https://lists.apache.org/thread/5py8h42mxfsn8l1wy6o41xwhsjlsd87q\", \"tags\": [\"x_transferred\"]}, {\"url\": \"https://www.openwall.com/lists/oss-security/2023/10/10/6\", \"tags\": [\"x_transferred\"]}, {\"url\": \"https://www.haproxy.com/blog/haproxy-is-not-affected-by-the-http-2-rapid-reset-attack-cve-2023-44487\", \"tags\": [\"x_transferred\"]}, {\"url\": \"https://github.com/opensearch-project/data-prepper/issues/3474\", \"tags\": [\"x_transferred\"]}, {\"url\": \"https://github.com/kubernetes/kubernetes/pull/121120\", \"tags\": [\"x_transferred\"]}, {\"url\": \"https://github.com/oqtane/oqtane.framework/discussions/3367\", \"tags\": [\"x_transferred\"]}, {\"url\": \"https://github.com/advisories/GHSA-xpw8-rcwv-8f8p\", \"tags\": [\"x_transferred\"]}, {\"url\": \"https://netty.io/news/2023/10/10/4-1-100-Final.html\", \"tags\": [\"x_transferred\"]}, {\"url\": \"https://www.cisa.gov/news-events/alerts/2023/10/10/http2-rapid-reset-vulnerability-cve-2023-44487\", \"tags\": [\"x_transferred\"]}, {\"url\": \"https://www.theregister.com/2023/10/10/http2_rapid_reset_zeroday/\", \"tags\": [\"x_transferred\"]}, {\"url\": \"https://blog.qualys.com/vulnerabilities-threat-research/2023/10/10/cve-2023-44487-http-2-rapid-reset-attack\", \"tags\": [\"x_transferred\"]}, {\"url\": \"https://news.ycombinator.com/item?id=37837043\", \"tags\": [\"x_transferred\"]}, {\"url\": \"https://github.com/kazu-yamamoto/http2/issues/93\", \"tags\": [\"x_transferred\"]}, {\"url\": \"https://martinthomson.github.io/h2-stream-limits/draft-thomson-httpbis-h2-stream-limits.html\", \"tags\": [\"x_transferred\"]}, {\"url\": \"https://github.com/kazu-yamamoto/http2/commit/f61d41a502bd0f60eb24e1ce14edc7b6df6722a1\", \"tags\": [\"x_transferred\"]}, {\"url\": \"https://github.com/apache/httpd/blob/afcdbeebbff4b0c50ea26cdd16e178c0d1f24152/modules/http2/h2_mplx.c#L1101-L1113\", \"tags\": [\"x_transferred\"]}, {\"url\": \"https://www.debian.org/security/2023/dsa-5522\", \"name\": \"DSA-5522\", \"tags\": [\"vendor-advisory\", \"x_transferred\"]}, {\"url\": \"https://www.debian.org/security/2023/dsa-5521\", \"name\": \"DSA-5521\", \"tags\": [\"vendor-advisory\", \"x_transferred\"]}, {\"url\": \"https://access.redhat.com/security/cve/cve-2023-44487\", \"tags\": [\"x_transferred\"]}, {\"url\": \"https://github.com/ninenines/cowboy/issues/1615\", \"tags\": [\"x_transferred\"]}, {\"url\": \"https://github.com/varnishcache/varnish-cache/issues/3996\", \"tags\": [\"x_transferred\"]}, {\"url\": \"https://github.com/tempesta-tech/tempesta/issues/1986\", \"tags\": [\"x_transferred\"]}, {\"url\": \"https://blog.vespa.ai/cve-2023-44487/\", \"tags\": [\"x_transferred\"]}, {\"url\": \"https://github.com/etcd-io/etcd/issues/16740\", \"tags\": [\"x_transferred\"]}, {\"url\": \"https://www.darkreading.com/cloud/internet-wide-zero-day-bug-fuels-largest-ever-ddos-event\", \"tags\": [\"x_transferred\"]}, {\"url\": \"https://istio.io/latest/news/security/istio-security-2023-004/\", \"tags\": [\"x_transferred\"]}, {\"url\": \"https://github.com/junkurihara/rust-rpxy/issues/97\", \"tags\": [\"x_transferred\"]}, {\"url\": \"https://bugzilla.suse.com/show_bug.cgi?id=1216123\", \"tags\": [\"x_transferred\"]}, {\"url\": \"https://bugzilla.redhat.com/show_bug.cgi?id=2242803\", \"tags\": [\"x_transferred\"]}, {\"url\": \"https://ubuntu.com/security/CVE-2023-44487\", \"tags\": [\"x_transferred\"]}, {\"url\": \"https://community.traefik.io/t/is-traefik-vulnerable-to-cve-2023-44487/20125\", \"tags\": [\"x_transferred\"]}, {\"url\": \"https://github.com/advisories/GHSA-qppj-fm5r-hxr3\", \"tags\": [\"x_transferred\"]}, {\"url\": \"https://github.com/apache/httpd-site/pull/10\", \"tags\": [\"x_transferred\"]}, {\"url\": \"https://github.com/projectcontour/contour/pull/5826\", \"tags\": [\"x_transferred\"]}, {\"url\": \"https://github.com/linkerd/website/pull/1695/commits/4b9c6836471bc8270ab48aae6fd2181bc73fd632\", \"tags\": [\"x_transferred\"]}, {\"url\": \"https://github.com/line/armeria/pull/5232\", \"tags\": [\"x_transferred\"]}, {\"url\": \"https://blog.litespeedtech.com/2023/10/11/rapid-reset-http-2-vulnerablilty/\", \"tags\": [\"x_transferred\"]}, {\"url\": \"https://security.paloaltonetworks.com/CVE-2023-44487\", \"tags\": [\"x_transferred\"]}, {\"url\": \"https://github.com/akka/akka-http/issues/4323\", \"tags\": [\"x_transferred\"]}, {\"url\": \"https://github.com/openresty/openresty/issues/930\", \"tags\": [\"x_transferred\"]}, {\"url\": \"https://github.com/apache/apisix/issues/10320\", \"tags\": [\"x_transferred\"]}, {\"url\": \"https://github.com/Azure/AKS/issues/3947\", \"tags\": [\"x_transferred\"]}, {\"url\": \"https://github.com/Kong/kong/discussions/11741\", \"tags\": [\"x_transferred\"]}, {\"url\": \"https://github.com/arkrwn/PoC/tree/main/CVE-2023-44487\", \"tags\": [\"x_transferred\"]}, {\"url\": \"https://www.netlify.com/blog/netlify-successfully-mitigates-cve-2023-44487/\", \"tags\": [\"x_transferred\"]}, {\"url\": \"https://github.com/caddyserver/caddy/releases/tag/v2.7.5\", \"tags\": [\"x_transferred\"]}, {\"url\": \"https://lists.debian.org/debian-lts-announce/2023/10/msg00020.html\", \"name\": \"[debian-lts-announce] 20231013 [SECURITY] [DLA 3617-1] tomcat9 security update\", \"tags\": [\"mailing-list\", \"x_transferred\"]}, {\"url\": \"http://www.openwall.com/lists/oss-security/2023/10/13/4\", \"name\": \"[oss-security] 20231013 Re: CVE-2023-44487: HTTP/2 Rapid Reset attack against many implementations\", \"tags\": [\"mailing-list\", \"x_transferred\"]}, {\"url\": \"http://www.openwall.com/lists/oss-security/2023/10/13/9\", \"name\": \"[oss-security] 20231013 Re: CVE-2023-44487: HTTP/2 Rapid Reset attack against many implementations\", \"tags\": [\"mailing-list\", \"x_transferred\"]}, {\"url\": \"https://arstechnica.com/security/2023/10/how-ddosers-used-the-http-2-protocol-to-deliver-attacks-of-unprecedented-size/\", \"tags\": [\"x_transferred\"]}, {\"url\": \"https://lists.w3.org/Archives/Public/ietf-http-wg/2023OctDec/0025.html\", \"tags\": [\"x_transferred\"]}, {\"url\": \"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/JMEXY22BFG5Q64HQCM5CK2Q7KDKVV4TY/\", \"name\": \"FEDORA-2023-ed2642fd58\", \"tags\": [\"vendor-advisory\", \"x_transferred\"]}, {\"url\": \"https://linkerd.io/2023/10/12/linkerd-cve-2023-44487/\", \"tags\": [\"x_transferred\"]}, {\"url\": \"https://lists.debian.org/debian-lts-announce/2023/10/msg00023.html\", \"name\": \"[debian-lts-announce] 20231016 [SECURITY] [DLA 3621-1] nghttp2 security update\", \"tags\": [\"mailing-list\", \"x_transferred\"]}, {\"url\": \"https://security.netapp.com/advisory/ntap-20231016-0001/\", \"tags\": [\"x_transferred\"]}, {\"url\": \"https://lists.debian.org/debian-lts-announce/2023/10/msg00024.html\", \"name\": \"[debian-lts-announce] 20231016 [SECURITY] [DLA 3617-2] tomcat9 regression update\", \"tags\": [\"mailing-list\", \"x_transferred\"]}, {\"url\": \"http://www.openwall.com/lists/oss-security/2023/10/18/4\", \"name\": \"[oss-security] 20231018 Vulnerability in Jenkins\", \"tags\": [\"mailing-list\", \"x_transferred\"]}, {\"url\": \"http://www.openwall.com/lists/oss-security/2023/10/18/8\", \"name\": \"[oss-security] 20231018 Re: CVE-2023-44487: HTTP/2 Rapid Reset attack against many implementations\", \"tags\": [\"mailing-list\", \"x_transferred\"]}, {\"url\": \"http://www.openwall.com/lists/oss-security/2023/10/19/6\", \"name\": \"[oss-security] 20231019 CVE-2023-45802: Apache HTTP Server: HTTP/2 stream memory not reclaimed right away on RST\", \"tags\": [\"mailing-list\", \"x_transferred\"]}, {\"url\": \"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZKQSIKIAT5TJ3WSLU3RDBQ35YX4GY4V3/\", \"name\": \"FEDORA-2023-54fadada12\", \"tags\": [\"vendor-advisory\", \"x_transferred\"]}, {\"url\": \"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/JIZSEFC3YKCGABA2BZW6ZJRMDZJMB7PJ/\", \"name\": \"FEDORA-2023-5ff7bf1dd8\", \"tags\": [\"vendor-advisory\", \"x_transferred\"]}, {\"url\": \"http://www.openwall.com/lists/oss-security/2023/10/20/8\", \"name\": \"[oss-security] 20231020 Re: CVE-2023-44487: HTTP/2 Rapid Reset attack against many implementations\", \"tags\": [\"mailing-list\", \"x_transferred\"]}, {\"url\": \"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/WLPRQ5TWUQQXYWBJM7ECYDAIL2YVKIUH/\", \"name\": \"FEDORA-2023-17efd3f2cd\", \"tags\": [\"vendor-advisory\", \"x_transferred\"]}, {\"url\": \"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/E72T67UPDRXHIDLO3OROR25YAMN4GGW5/\", \"name\": \"FEDORA-2023-d5030c983c\", \"tags\": [\"vendor-advisory\", \"x_transferred\"]}, {\"url\": \"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/BFQD3KUEMFBHPAPBGLWQC34L4OWL5HAZ/\", \"name\": \"FEDORA-2023-0259c3f26f\", \"tags\": [\"vendor-advisory\", \"x_transferred\"]}, {\"url\": \"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZLU6U2R2IC2K64NDPNMV55AUAO65MAF4/\", \"name\": \"FEDORA-2023-2a9214af5f\", \"tags\": [\"vendor-advisory\", \"x_transferred\"]}, {\"url\": \"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/X6QXN4ORIVF6XBW4WWFE7VNPVC74S45Y/\", \"name\": \"FEDORA-2023-e9c04d81c1\", \"tags\": [\"vendor-advisory\", \"x_transferred\"]}, {\"url\": \"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/LKYHSZQFDNR7RSA7LHVLLIAQMVYCUGBG/\", \"name\": \"FEDORA-2023-f66fc0f62a\", \"tags\": [\"vendor-advisory\", \"x_transferred\"]}, {\"url\": \"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/FNA62Q767CFAFHBCDKYNPBMZWB7TWYVU/\", \"name\": \"FEDORA-2023-4d2fd884ea\", \"tags\": [\"vendor-advisory\", \"x_transferred\"]}, {\"url\": \"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/LNMZJCDHGLJJLXO4OXWJMTVQRNWOC7UL/\", \"name\": \"FEDORA-2023-b2c50535cb\", \"tags\": [\"vendor-advisory\", \"x_transferred\"]}, {\"url\": \"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/KSEGD2IWKNUO3DWY4KQGUQM5BISRWHQE/\", \"name\": \"FEDORA-2023-fe53e13b5b\", \"tags\": [\"vendor-advisory\", \"x_transferred\"]}, {\"url\": \"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/CLB4TW7KALB3EEQWNWCN7OUIWWVWWCG2/\", \"name\": \"FEDORA-2023-4bf641255e\", \"tags\": [\"vendor-advisory\", \"x_transferred\"]}, {\"url\": \"https://lists.debian.org/debian-lts-announce/2023/10/msg00045.html\", \"name\": \"[debian-lts-announce] 20231030 [SECURITY] [DLA 3641-1] jetty9 security update\", \"tags\": [\"mailing-list\", \"x_transferred\"]}, {\"url\": \"https://www.debian.org/security/2023/dsa-5540\", \"name\": \"DSA-5540\", \"tags\": [\"vendor-advisory\", \"x_transferred\"]}, {\"url\": \"https://lists.debian.org/debian-lts-announce/2023/10/msg00047.html\", \"name\": \"[debian-lts-announce] 20231031 [SECURITY] [DLA 3638-1] h2o security update\", \"tags\": [\"mailing-list\", \"x_transferred\"]}, {\"url\": \"https://discuss.hashicorp.com/t/hcsec-2023-32-vault-consul-and-boundary-affected-by-http-2-rapid-reset-denial-of-service-vulnerability-cve-2023-44487/59715\", \"tags\": [\"x_transferred\"]}, {\"url\": \"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/VHUHTSXLXGXS7JYKBXTA3VINUPHTNGVU/\", \"name\": \"FEDORA-2023-1caffb88af\", \"tags\": [\"vendor-advisory\", \"x_transferred\"]}, {\"url\": \"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/VSRDIV77HNKUSM7SJC5BKE5JSHLHU2NK/\", \"name\": \"FEDORA-2023-3f70b8d406\", \"tags\": [\"vendor-advisory\", \"x_transferred\"]}, {\"url\": \"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/3N4NJ7FR4X4FPZUGNTQAPSTVB2HB2Y4A/\", \"name\": \"FEDORA-2023-7b52921cae\", \"tags\": [\"vendor-advisory\", \"x_transferred\"]}, {\"url\": \"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZB43REMKRQR62NJEI7I5NQ4FSXNLBKRT/\", \"name\": \"FEDORA-2023-7934802344\", \"tags\": [\"vendor-advisory\", \"x_transferred\"]}, {\"url\": \"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/HT7T2R4MQKLIF4ODV4BDLPARWFPCJ5CZ/\", \"name\": \"FEDORA-2023-dbe64661af\", \"tags\": [\"vendor-advisory\", \"x_transferred\"]}, {\"url\": \"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/XFOIBB4YFICHDM7IBOP7PWXW3FX4HLL2/\", \"name\": \"FEDORA-2023-822aab0a5a\", \"tags\": [\"vendor-advisory\", \"x_transferred\"]}, {\"url\": \"https://lists.debian.org/debian-lts-announce/2023/11/msg00001.html\", \"name\": \"[debian-lts-announce] 20231105 [SECURITY] [DLA 3645-1] trafficserver security update\", \"tags\": [\"mailing-list\", \"x_transferred\"]}, {\"url\": \"https://www.debian.org/security/2023/dsa-5549\", \"name\": \"DSA-5549\", \"tags\": [\"vendor-advisory\", \"x_transferred\"]}, {\"url\": \"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/2MBEPPC36UBVOZZNAXFHKLFGSLCMN5LI/\", \"name\": \"FEDORA-2023-c0c6a91330\", \"tags\": [\"vendor-advisory\", \"x_transferred\"]}, {\"url\": \"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/WE2I52RHNNU42PX6NZ2RBUHSFFJ2LVZX/\", \"name\": \"FEDORA-2023-492b7be466\", \"tags\": [\"vendor-advisory\", \"x_transferred\"]}, {\"url\": \"https://www.debian.org/security/2023/dsa-5558\", \"name\": \"DSA-5558\", \"tags\": [\"vendor-advisory\", \"x_transferred\"]}, {\"url\": \"https://lists.debian.org/debian-lts-announce/2023/11/msg00012.html\", \"name\": \"[debian-lts-announce] 20231119 [SECURITY] [DLA 3656-1] netty security update\", \"tags\": [\"mailing-list\", \"x_transferred\"]}, {\"url\": \"https://security.gentoo.org/glsa/202311-09\", \"name\": \"GLSA-202311-09\", \"tags\": [\"vendor-advisory\", \"x_transferred\"]}, {\"url\": \"https://www.debian.org/security/2023/dsa-5570\", \"name\": \"DSA-5570\", \"tags\": [\"vendor-advisory\", \"x_transferred\"]}, {\"url\": \"https://security.netapp.com/advisory/ntap-20240426-0007/\", \"tags\": [\"x_transferred\"]}, {\"url\": \"https://security.netapp.com/advisory/ntap-20240621-0006/\", \"tags\": [\"x_transferred\"]}, {\"url\": \"https://security.netapp.com/advisory/ntap-20240621-0007/\", \"tags\": [\"x_transferred\"]}, {\"url\": \"https://www.vicarius.io/vsociety/posts/rapid-reset-cve-2023-44487-dos-in-http2-understanding-the-root-cause\"}, {\"url\": \"http://www.openwall.com/lists/oss-security/2025/08/13/6\"}], \"providerMetadata\": {\"orgId\": \"af854a3a-2127-422b-91ae-364da2661108\", \"shortName\": \"CVE\", \"dateUpdated\": \"2025-11-04T21:08:27.383Z\"}}, {\"affected\": [{\"vendor\": \"Siemens\", \"product\": \"RUGGEDCOM APE1808\", \"versions\": [{\"status\": \"affected\", \"version\": \"0\", \"lessThan\": \"*\", \"versionType\": \"custom\"}], \"defaultStatus\": \"unknown\"}, {\"vendor\": \"Siemens\", \"product\": \"SIMATIC S7-1500 CPU 1518-4 PN/DP MFP\", \"versions\": [{\"status\": \"affected\", \"version\": \"V3.1.5\", \"lessThan\": \"*\", \"versionType\": \"custom\"}], \"defaultStatus\": \"unknown\"}, {\"vendor\": \"Siemens\", \"product\": \"SIMATIC S7-1500 CPU 1518-4 PN/DP MFP\", \"versions\": [{\"status\": \"affected\", \"version\": \"V3.1.5\", \"lessThan\": \"*\", \"versionType\": \"custom\"}], \"defaultStatus\": \"unknown\"}, {\"vendor\": \"Siemens\", \"product\": \"SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP\", \"versions\": [{\"status\": \"affected\", \"version\": \"V3.1.5\", \"lessThan\": \"*\", \"versionType\": \"custom\"}], \"defaultStatus\": \"unknown\"}, {\"vendor\": \"Siemens\", \"product\": \"SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP\", \"versions\": [{\"status\": \"affected\", \"version\": \"V3.1.5\", \"lessThan\": \"*\", \"versionType\": \"custom\"}], \"defaultStatus\": \"unknown\"}, {\"vendor\": \"Siemens\", \"product\": \"SINEC NMS\", \"versions\": [{\"status\": \"affected\", \"version\": \"0\", \"lessThan\": \"V3.0\", \"versionType\": \"custom\"}], \"defaultStatus\": \"unknown\"}, {\"vendor\": \"Siemens\", \"product\": \"SIPLUS S7-1500 CPU 1518-4 PN/DP MFP\", \"versions\": [{\"status\": \"affected\", \"version\": \"V3.1.5\", \"lessThan\": \"*\", \"versionType\": \"custom\"}], \"defaultStatus\": \"unknown\"}], \"x_adpType\": \"supplier\", \"references\": [{\"url\": \"https://cert-portal.siemens.com/productcert/html/ssa-832273.html\"}, {\"url\": \"https://cert-portal.siemens.com/productcert/html/ssa-341067.html\"}, {\"url\": \"https://cert-portal.siemens.com/productcert/html/ssa-784301.html\"}, {\"url\": \"https://cert-portal.siemens.com/productcert/html/ssa-915275.html\"}, {\"url\": \"https://cert-portal.siemens.com/productcert/html/ssa-082556.html\"}], \"providerMetadata\": {\"orgId\": \"0b142b55-0307-4c5a-b3c9-f314f3fb7c5e\", \"shortName\": \"siemens-SADP\", \"dateUpdated\": \"2026-05-12T10:52:23.784Z\"}}, {\"title\": \"CISA ADP Vulnrichment\", \"metrics\": [{\"cvssV3_1\": {\"scope\": \"UNCHANGED\", \"version\": \"3.1\", \"baseScore\": 7.5, \"attackVector\": \"NETWORK\", \"baseSeverity\": \"HIGH\", \"vectorString\": \"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H\", \"integrityImpact\": \"NONE\", \"userInteraction\": \"NONE\", \"attackComplexity\": \"LOW\", \"availabilityImpact\": \"HIGH\", \"privilegesRequired\": \"NONE\", \"confidentialityImpact\": \"NONE\"}}, {\"other\": {\"type\": \"ssvc\", \"content\": {\"id\": \"CVE-2023-44487\", \"role\": \"CISA Coordinator\", \"options\": [{\"Exploitation\": \"active\"}, {\"Automatable\": \"yes\"}, {\"Technical Impact\": \"partial\"}], \"version\": \"2.0.3\", \"timestamp\": \"2024-07-23T20:34:21.334116Z\"}}}, {\"other\": {\"type\": \"kev\", \"content\": {\"dateAdded\": \"2023-10-10\", \"reference\": \"https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2023-44487\"}}}], \"affected\": [{\"cpes\": [\"cpe:2.3:a:ietf:http:2.0:*:*:*:*:*:*:*\"], \"vendor\": \"ietf\", \"product\": \"http\", \"versions\": [{\"status\": \"affected\", \"version\": \"2.0\"}], \"defaultStatus\": \"unknown\"}], \"timeline\": [{\"lang\": \"en\", \"time\": \"2023-10-10T00:00:00.000Z\", \"value\": \"CVE-2023-44487 added to CISA KEV\"}], \"references\": [{\"url\": \"https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2023-44487\", \"tags\": [\"government-resource\"]}], \"problemTypes\": [{\"descriptions\": [{\"lang\": \"en\", \"type\": \"CWE\", \"cweId\": \"CWE-400\", \"description\": \"CWE-400 Uncontrolled Resource Consumption\"}]}], \"providerMetadata\": {\"orgId\": \"134c704f-9b21-4f2e-91b3-4a467353bcc0\", \"shortName\": \"CISA-ADP\", \"dateUpdated\": \"2024-07-16T18:31:22.372Z\"}}], \"cna\": {\"affected\": [{\"vendor\": \"n/a\", \"product\": \"n/a\", \"versions\": [{\"status\": \"affected\", \"version\": \"n/a\"}]}], \"references\": [{\"url\": \"https://github.com/dotnet/core/blob/e4613450ea0da7fd2fc6b61dfb2c1c1dec1ce9ec/release-notes/6.0/6.0.23/6.0.23.md?plain=1#L73\"}, {\"url\": \"https://blog.cloudflare.com/technical-breakdown-http2-rapid-reset-ddos-attack/\"}, {\"url\": \"https://aws.amazon.com/security/security-bulletins/AWS-2023-011/\"}, {\"url\": \"https://cloud.google.com/blog/products/identity-security/how-it-works-the-novel-http2-rapid-reset-ddos-attack\"}, {\"url\": \"https://www.nginx.com/blog/http-2-rapid-reset-attack-impacting-f5-nginx-products/\"}, {\"url\": \"https://cloud.google.com/blog/products/identity-security/google-cloud-mitigated-largest-ddos-attack-peaking-above-398-million-rps/\"}, {\"url\": \"https://news.ycombinator.com/item?id=37831062\"}, {\"url\": \"https://blog.cloudflare.com/zero-day-rapid-reset-http2-record-breaking-ddos-attack/\"}, {\"url\": \"https://www.phoronix.com/news/HTTP2-Rapid-Reset-Attack\"}, {\"url\": \"https://github.com/envoyproxy/envoy/pull/30055\"}, {\"url\": \"https://github.com/haproxy/haproxy/issues/2312\"}, {\"url\": \"https://github.com/eclipse/jetty.project/issues/10679\"}, {\"url\": \"https://forums.swift.org/t/swift-nio-http2-security-update-cve-2023-44487-http-2-dos/67764\"}, {\"url\": \"https://github.com/nghttp2/nghttp2/pull/1961\"}, {\"url\": \"https://github.com/netty/netty/commit/58f75f665aa81a8cbcf6ffa74820042a285c5e61\"}, {\"url\": \"https://github.com/alibaba/tengine/issues/1872\"}, {\"url\": \"https://github.com/apache/tomcat/tree/main/java/org/apache/coyote/http2\"}, {\"url\": \"https://news.ycombinator.com/item?id=37830987\"}, {\"url\": \"https://news.ycombinator.com/item?id=37830998\"}, {\"url\": \"https://github.com/caddyserver/caddy/issues/5877\"}, {\"url\": \"https://www.bleepingcomputer.com/news/security/new-http-2-rapid-reset-zero-day-attack-breaks-ddos-records/\"}, {\"url\": \"https://github.com/bcdannyboy/CVE-2023-44487\"}, {\"url\": \"https://github.com/grpc/grpc-go/pull/6703\"}, {\"url\": \"https://github.com/icing/mod_h2/blob/0a864782af0a942aa2ad4ed960a6b32cd35bcf0a/mod_http2/README.md?plain=1#L239-L244\"}, {\"url\": \"https://github.com/nghttp2/nghttp2/releases/tag/v1.57.0\"}, {\"url\": \"https://mailman.nginx.org/pipermail/nginx-devel/2023-October/S36Q5HBXR7CAIMPLLPRSSSYR4PCMWILK.html\"}, {\"url\": \"https://my.f5.com/manage/s/article/K000137106\"}, {\"url\": \"https://msrc.microsoft.com/blog/2023/10/microsoft-response-to-distributed-denial-of-service-ddos-attacks-against-http/2/\"}, {\"url\": \"https://bugzilla.proxmox.com/show_bug.cgi?id=4988\"}, {\"url\": \"https://cgit.freebsd.org/ports/commit/?id=c64c329c2c1752f46b73e3e6ce9f4329be6629f9\"}, {\"url\": \"http://www.openwall.com/lists/oss-security/2023/10/10/7\", \"name\": \"[oss-security] 20231010 Re: CVE-2023-44487: HTTP/2 Rapid Reset attack against many implementations\", \"tags\": [\"mailing-list\"]}, {\"url\": \"http://www.openwall.com/lists/oss-security/2023/10/10/6\", \"name\": \"[oss-security] 20231010 CVE-2023-44487: HTTP/2 Rapid Reset attack against many implementations\", \"tags\": [\"mailing-list\"]}, {\"url\": \"https://seanmonstar.com/post/730794151136935936/hyper-http2-rapid-reset-unaffected\"}, {\"url\": \"https://github.com/microsoft/CBL-Mariner/pull/6381\"}, {\"url\": \"https://groups.google.com/g/golang-announce/c/iNNxDTCjZvo\"}, {\"url\": \"https://github.com/facebook/proxygen/pull/466\"}, {\"url\": \"https://gist.github.com/adulau/7c2bfb8e9cdbe4b35a5e131c66a0c088\"}, {\"url\": \"https://github.com/micrictor/http2-rst-stream\"}, {\"url\": \"https://edg.io/lp/blog/resets-leaks-ddos-and-the-tale-of-a-hidden-cve\"}, {\"url\": \"https://openssf.org/blog/2023/10/10/http-2-rapid-reset-vulnerability-highlights-need-for-rapid-response/\"}, {\"url\": \"https://github.com/h2o/h2o/security/advisories/GHSA-2m7v-gc89-fjqf\"}, {\"url\": \"https://github.com/h2o/h2o/pull/3291\"}, {\"url\": \"https://github.com/nodejs/node/pull/50121\"}, {\"url\": \"https://github.com/dotnet/announcements/issues/277\"}, {\"url\": \"https://github.com/golang/go/issues/63417\"}, {\"url\": \"https://github.com/advisories/GHSA-vx74-f528-fxqg\"}, {\"url\": \"https://github.com/apache/trafficserver/pull/10564\"}, {\"url\": \"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-44487\"}, {\"url\": \"https://tomcat.apache.org/security-10.html#Fixed_in_Apache_Tomcat_10.1.14\"}, {\"url\": \"https://lists.apache.org/thread/5py8h42mxfsn8l1wy6o41xwhsjlsd87q\"}, {\"url\": \"https://www.openwall.com/lists/oss-security/2023/10/10/6\"}, {\"url\": \"https://www.haproxy.com/blog/haproxy-is-not-affected-by-the-http-2-rapid-reset-attack-cve-2023-44487\"}, {\"url\": \"https://github.com/opensearch-project/data-prepper/issues/3474\"}, {\"url\": \"https://github.com/kubernetes/kubernetes/pull/121120\"}, {\"url\": \"https://github.com/oqtane/oqtane.framework/discussions/3367\"}, {\"url\": \"https://github.com/advisories/GHSA-xpw8-rcwv-8f8p\"}, {\"url\": \"https://netty.io/news/2023/10/10/4-1-100-Final.html\"}, {\"url\": \"https://www.cisa.gov/news-events/alerts/2023/10/10/http2-rapid-reset-vulnerability-cve-2023-44487\"}, {\"url\": \"https://www.theregister.com/2023/10/10/http2_rapid_reset_zeroday/\"}, {\"url\": \"https://blog.qualys.com/vulnerabilities-threat-research/2023/10/10/cve-2023-44487-http-2-rapid-reset-attack\"}, {\"url\": \"https://news.ycombinator.com/item?id=37837043\"}, {\"url\": \"https://github.com/kazu-yamamoto/http2/issues/93\"}, {\"url\": \"https://martinthomson.github.io/h2-stream-limits/draft-thomson-httpbis-h2-stream-limits.html\"}, {\"url\": \"https://github.com/kazu-yamamoto/http2/commit/f61d41a502bd0f60eb24e1ce14edc7b6df6722a1\"}, {\"url\": \"https://github.com/apache/httpd/blob/afcdbeebbff4b0c50ea26cdd16e178c0d1f24152/modules/http2/h2_mplx.c#L1101-L1113\"}, {\"url\": \"https://www.debian.org/security/2023/dsa-5522\", \"name\": \"DSA-5522\", \"tags\": [\"vendor-advisory\"]}, {\"url\": \"https://www.debian.org/security/2023/dsa-5521\", \"name\": \"DSA-5521\", \"tags\": [\"vendor-advisory\"]}, {\"url\": \"https://access.redhat.com/security/cve/cve-2023-44487\"}, {\"url\": \"https://github.com/ninenines/cowboy/issues/1615\"}, {\"url\": \"https://github.com/varnishcache/varnish-cache/issues/3996\"}, {\"url\": \"https://github.com/tempesta-tech/tempesta/issues/1986\"}, {\"url\": \"https://blog.vespa.ai/cve-2023-44487/\"}, {\"url\": \"https://github.com/etcd-io/etcd/issues/16740\"}, {\"url\": \"https://www.darkreading.com/cloud/internet-wide-zero-day-bug-fuels-largest-ever-ddos-event\"}, {\"url\": \"https://istio.io/latest/news/security/istio-security-2023-004/\"}, {\"url\": \"https://github.com/junkurihara/rust-rpxy/issues/97\"}, {\"url\": \"https://bugzilla.suse.com/show_bug.cgi?id=1216123\"}, {\"url\": \"https://bugzilla.redhat.com/show_bug.cgi?id=2242803\"}, {\"url\": \"https://ubuntu.com/security/CVE-2023-44487\"}, {\"url\": \"https://community.traefik.io/t/is-traefik-vulnerable-to-cve-2023-44487/20125\"}, {\"url\": \"https://github.com/advisories/GHSA-qppj-fm5r-hxr3\"}, {\"url\": \"https://github.com/apache/httpd-site/pull/10\"}, {\"url\": \"https://github.com/projectcontour/contour/pull/5826\"}, {\"url\": \"https://github.com/linkerd/website/pull/1695/commits/4b9c6836471bc8270ab48aae6fd2181bc73fd632\"}, {\"url\": \"https://github.com/line/armeria/pull/5232\"}, {\"url\": \"https://blog.litespeedtech.com/2023/10/11/rapid-reset-http-2-vulnerablilty/\"}, {\"url\": \"https://security.paloaltonetworks.com/CVE-2023-44487\"}, {\"url\": \"https://github.com/akka/akka-http/issues/4323\"}, {\"url\": \"https://github.com/openresty/openresty/issues/930\"}, {\"url\": \"https://github.com/apache/apisix/issues/10320\"}, {\"url\": \"https://github.com/Azure/AKS/issues/3947\"}, {\"url\": \"https://github.com/Kong/kong/discussions/11741\"}, {\"url\": \"https://github.com/arkrwn/PoC/tree/main/CVE-2023-44487\"}, {\"url\": \"https://www.netlify.com/blog/netlify-successfully-mitigates-cve-2023-44487/\"}, {\"url\": \"https://github.com/caddyserver/caddy/releases/tag/v2.7.5\"}, {\"url\": \"https://lists.debian.org/debian-lts-announce/2023/10/msg00020.html\", \"name\": \"[debian-lts-announce] 20231013 [SECURITY] [DLA 3617-1] tomcat9 security update\", \"tags\": [\"mailing-list\"]}, {\"url\": \"http://www.openwall.com/lists/oss-security/2023/10/13/4\", \"name\": \"[oss-security] 20231013 Re: CVE-2023-44487: HTTP/2 Rapid Reset attack against many implementations\", \"tags\": [\"mailing-list\"]}, {\"url\": \"http://www.openwall.com/lists/oss-security/2023/10/13/9\", \"name\": \"[oss-security] 20231013 Re: CVE-2023-44487: HTTP/2 Rapid Reset attack against many implementations\", \"tags\": [\"mailing-list\"]}, {\"url\": \"https://arstechnica.com/security/2023/10/how-ddosers-used-the-http-2-protocol-to-deliver-attacks-of-unprecedented-size/\"}, {\"url\": \"https://lists.w3.org/Archives/Public/ietf-http-wg/2023OctDec/0025.html\"}, {\"url\": \"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/JMEXY22BFG5Q64HQCM5CK2Q7KDKVV4TY/\", \"name\": \"FEDORA-2023-ed2642fd58\", \"tags\": [\"vendor-advisory\"]}, {\"url\": \"https://linkerd.io/2023/10/12/linkerd-cve-2023-44487/\"}, {\"url\": \"https://lists.debian.org/debian-lts-announce/2023/10/msg00023.html\", \"name\": \"[debian-lts-announce] 20231016 [SECURITY] [DLA 3621-1] nghttp2 security update\", \"tags\": [\"mailing-list\"]}, {\"url\": \"https://security.netapp.com/advisory/ntap-20231016-0001/\"}, {\"url\": \"https://lists.debian.org/debian-lts-announce/2023/10/msg00024.html\", \"name\": \"[debian-lts-announce] 20231016 [SECURITY] [DLA 3617-2] tomcat9 regression update\", \"tags\": [\"mailing-list\"]}, {\"url\": \"http://www.openwall.com/lists/oss-security/2023/10/18/4\", \"name\": \"[oss-security] 20231018 Vulnerability in Jenkins\", \"tags\": [\"mailing-list\"]}, {\"url\": \"http://www.openwall.com/lists/oss-security/2023/10/18/8\", \"name\": \"[oss-security] 20231018 Re: CVE-2023-44487: HTTP/2 Rapid Reset attack against many implementations\", \"tags\": [\"mailing-list\"]}, {\"url\": \"http://www.openwall.com/lists/oss-security/2023/10/19/6\", \"name\": \"[oss-security] 20231019 CVE-2023-45802: Apache HTTP Server: HTTP/2 stream memory not reclaimed right away on RST\", \"tags\": [\"mailing-list\"]}, {\"url\": \"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZKQSIKIAT5TJ3WSLU3RDBQ35YX4GY4V3/\", \"name\": \"FEDORA-2023-54fadada12\", \"tags\": [\"vendor-advisory\"]}, {\"url\": \"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/JIZSEFC3YKCGABA2BZW6ZJRMDZJMB7PJ/\", \"name\": \"FEDORA-2023-5ff7bf1dd8\", \"tags\": [\"vendor-advisory\"]}, {\"url\": \"http://www.openwall.com/lists/oss-security/2023/10/20/8\", \"name\": \"[oss-security] 20231020 Re: CVE-2023-44487: HTTP/2 Rapid Reset attack against many implementations\", \"tags\": [\"mailing-list\"]}, {\"url\": \"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WLPRQ5TWUQQXYWBJM7ECYDAIL2YVKIUH/\", \"name\": \"FEDORA-2023-17efd3f2cd\", \"tags\": [\"vendor-advisory\"]}, {\"url\": \"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/E72T67UPDRXHIDLO3OROR25YAMN4GGW5/\", \"name\": \"FEDORA-2023-d5030c983c\", \"tags\": [\"vendor-advisory\"]}, {\"url\": \"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/BFQD3KUEMFBHPAPBGLWQC34L4OWL5HAZ/\", \"name\": \"FEDORA-2023-0259c3f26f\", \"tags\": [\"vendor-advisory\"]}, {\"url\": \"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZLU6U2R2IC2K64NDPNMV55AUAO65MAF4/\", \"name\": \"FEDORA-2023-2a9214af5f\", \"tags\": [\"vendor-advisory\"]}, {\"url\": \"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/X6QXN4ORIVF6XBW4WWFE7VNPVC74S45Y/\", \"name\": \"FEDORA-2023-e9c04d81c1\", \"tags\": [\"vendor-advisory\"]}, {\"url\": \"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/LKYHSZQFDNR7RSA7LHVLLIAQMVYCUGBG/\", \"name\": \"FEDORA-2023-f66fc0f62a\", \"tags\": [\"vendor-advisory\"]}, {\"url\": \"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/FNA62Q767CFAFHBCDKYNPBMZWB7TWYVU/\", \"name\": \"FEDORA-2023-4d2fd884ea\", \"tags\": [\"vendor-advisory\"]}, {\"url\": \"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/LNMZJCDHGLJJLXO4OXWJMTVQRNWOC7UL/\", \"name\": \"FEDORA-2023-b2c50535cb\", \"tags\": [\"vendor-advisory\"]}, {\"url\": \"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KSEGD2IWKNUO3DWY4KQGUQM5BISRWHQE/\", \"name\": \"FEDORA-2023-fe53e13b5b\", \"tags\": [\"vendor-advisory\"]}, {\"url\": \"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CLB4TW7KALB3EEQWNWCN7OUIWWVWWCG2/\", \"name\": \"FEDORA-2023-4bf641255e\", \"tags\": [\"vendor-advisory\"]}, {\"url\": \"https://lists.debian.org/debian-lts-announce/2023/10/msg00045.html\", \"name\": \"[debian-lts-announce] 20231030 [SECURITY] [DLA 3641-1] jetty9 security update\", \"tags\": [\"mailing-list\"]}, {\"url\": \"https://www.debian.org/security/2023/dsa-5540\", \"name\": \"DSA-5540\", \"tags\": [\"vendor-advisory\"]}, {\"url\": \"https://lists.debian.org/debian-lts-announce/2023/10/msg00047.html\", \"name\": \"[debian-lts-announce] 20231031 [SECURITY] [DLA 3638-1] h2o security update\", \"tags\": [\"mailing-list\"]}, {\"url\": \"https://discuss.hashicorp.com/t/hcsec-2023-32-vault-consul-and-boundary-affected-by-http-2-rapid-reset-denial-of-service-vulnerability-cve-2023-44487/59715\"}, {\"url\": \"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/VHUHTSXLXGXS7JYKBXTA3VINUPHTNGVU/\", \"name\": \"FEDORA-2023-1caffb88af\", \"tags\": [\"vendor-advisory\"]}, {\"url\": \"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/VSRDIV77HNKUSM7SJC5BKE5JSHLHU2NK/\", \"name\": \"FEDORA-2023-3f70b8d406\", \"tags\": [\"vendor-advisory\"]}, {\"url\": \"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3N4NJ7FR4X4FPZUGNTQAPSTVB2HB2Y4A/\", \"name\": \"FEDORA-2023-7b52921cae\", \"tags\": [\"vendor-advisory\"]}, {\"url\": \"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZB43REMKRQR62NJEI7I5NQ4FSXNLBKRT/\", \"name\": \"FEDORA-2023-7934802344\", \"tags\": [\"vendor-advisory\"]}, {\"url\": \"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/HT7T2R4MQKLIF4ODV4BDLPARWFPCJ5CZ/\", \"name\": \"FEDORA-2023-dbe64661af\", \"tags\": [\"vendor-advisory\"]}, {\"url\": \"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XFOIBB4YFICHDM7IBOP7PWXW3FX4HLL2/\", \"name\": \"FEDORA-2023-822aab0a5a\", \"tags\": [\"vendor-advisory\"]}, {\"url\": \"https://lists.debian.org/debian-lts-announce/2023/11/msg00001.html\", \"name\": \"[debian-lts-announce] 20231105 [SECURITY] [DLA 3645-1] trafficserver security update\", \"tags\": [\"mailing-list\"]}, {\"url\": \"https://www.debian.org/security/2023/dsa-5549\", \"name\": \"DSA-5549\", \"tags\": [\"vendor-advisory\"]}, {\"url\": \"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/2MBEPPC36UBVOZZNAXFHKLFGSLCMN5LI/\", \"name\": \"FEDORA-2023-c0c6a91330\", \"tags\": [\"vendor-advisory\"]}, {\"url\": \"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WE2I52RHNNU42PX6NZ2RBUHSFFJ2LVZX/\", \"name\": \"FEDORA-2023-492b7be466\", \"tags\": [\"vendor-advisory\"]}, {\"url\": \"https://www.debian.org/security/2023/dsa-5558\", \"name\": \"DSA-5558\", \"tags\": [\"vendor-advisory\"]}, {\"url\": \"https://lists.debian.org/debian-lts-announce/2023/11/msg00012.html\", \"name\": \"[debian-lts-announce] 20231119 [SECURITY] [DLA 3656-1] netty security update\", \"tags\": [\"mailing-list\"]}, {\"url\": \"https://security.gentoo.org/glsa/202311-09\", \"name\": \"GLSA-202311-09\", \"tags\": [\"vendor-advisory\"]}, {\"url\": \"https://www.debian.org/security/2023/dsa-5570\", \"name\": \"DSA-5570\", \"tags\": [\"vendor-advisory\"]}, {\"url\": \"https://security.netapp.com/advisory/ntap-20240426-0007/\"}, {\"url\": \"https://security.netapp.com/advisory/ntap-20240621-0006/\"}, {\"url\": \"https://security.netapp.com/advisory/ntap-20240621-0007/\"}, {\"url\": \"https://github.com/grpc/grpc/releases/tag/v1.59.2\"}, {\"url\": \"https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-http2-reset-d8Kf32vZ\"}], \"descriptions\": [{\"lang\": \"en\", \"value\": \"The HTTP/2 protocol allows a denial of service (server resource consumption) because request cancellation can reset many streams quickly, as exploited in the wild in August through October 2023.\"}], \"problemTypes\": [{\"descriptions\": [{\"lang\": \"en\", \"type\": \"text\", \"description\": \"n/a\"}]}], \"providerMetadata\": {\"orgId\": \"8254265b-2729-46b6-b9e3-3dfca2d5bfca\", \"shortName\": \"mitre\", \"dateUpdated\": \"2025-06-07T20:05:34.376Z\"}}}",
"cveMetadata": "{\"cveId\": \"CVE-2023-44487\", \"state\": \"PUBLISHED\", \"dateUpdated\": \"2026-05-12T10:52:23.784Z\", \"dateReserved\": \"2023-09-29T00:00:00.000Z\", \"assignerOrgId\": \"8254265b-2729-46b6-b9e3-3dfca2d5bfca\", \"datePublished\": \"2023-10-10T00:00:00.000Z\", \"assignerShortName\": \"mitre\"}",
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
}
}
WID-SEC-W-2024-0108
Vulnerability from csaf_certbund - Published: 2024-01-16 23:00 - Updated: 2024-01-16 23:00In Oracle Commerce existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein entfernter, anonymer Angreifer die Integrität und Verfügbarkeit gefährden. Für die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion notwendig. Oracle veröffentlicht keine weiteren Details zu diesen Schwachstellen (außer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadenshöhe ausschließlich auf Basis der CVSS Impact Matrix. Der Maximalwert für diese Produkte ist "HIGH" für "Integrity" und "Availability" über alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert "MITTEL" für die Schadenshöhe.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Oracle Commerce 11.3.2
Oracle
|
cpe:/a:oracle:commerce:11.3.2
|
— |
In Oracle Commerce existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein entfernter, anonymer Angreifer die Integrität und Verfügbarkeit gefährden. Für die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion notwendig. Oracle veröffentlicht keine weiteren Details zu diesen Schwachstellen (außer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadenshöhe ausschließlich auf Basis der CVSS Impact Matrix. Der Maximalwert für diese Produkte ist "HIGH" für "Integrity" und "Availability" über alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert "MITTEL" für die Schadenshöhe.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Oracle Commerce 11.3.2
Oracle
|
cpe:/a:oracle:commerce:11.3.2
|
— |
In Oracle Commerce existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein entfernter, anonymer Angreifer die Integrität und Verfügbarkeit gefährden. Für die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion notwendig. Oracle veröffentlicht keine weiteren Details zu diesen Schwachstellen (außer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadenshöhe ausschließlich auf Basis der CVSS Impact Matrix. Der Maximalwert für diese Produkte ist "HIGH" für "Integrity" und "Availability" über alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert "MITTEL" für die Schadenshöhe.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Oracle Commerce 11.3.2
Oracle
|
cpe:/a:oracle:commerce:11.3.2
|
— |
In Oracle Commerce existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein entfernter, anonymer Angreifer die Integrität und Verfügbarkeit gefährden. Für die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion notwendig. Oracle veröffentlicht keine weiteren Details zu diesen Schwachstellen (außer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadenshöhe ausschließlich auf Basis der CVSS Impact Matrix. Der Maximalwert für diese Produkte ist "HIGH" für "Integrity" und "Availability" über alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert "MITTEL" für die Schadenshöhe.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Oracle Commerce 11.3.2
Oracle
|
cpe:/a:oracle:commerce:11.3.2
|
— |
In Oracle Commerce existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein entfernter, anonymer Angreifer die Integrität und Verfügbarkeit gefährden. Für die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion notwendig. Oracle veröffentlicht keine weiteren Details zu diesen Schwachstellen (außer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadenshöhe ausschließlich auf Basis der CVSS Impact Matrix. Der Maximalwert für diese Produkte ist "HIGH" für "Integrity" und "Availability" über alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert "MITTEL" für die Schadenshöhe.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Oracle Commerce 11.3.2
Oracle
|
cpe:/a:oracle:commerce:11.3.2
|
— |
{
"document": {
"aggregate_severity": {
"text": "mittel"
},
"category": "csaf_base",
"csaf_version": "2.0",
"distribution": {
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "de-DE",
"notes": [
{
"category": "legal_disclaimer",
"text": "Das BSI ist als Anbieter f\u00fcr die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch daf\u00fcr verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgf\u00e4ltig im Einzelfall zu pr\u00fcfen."
},
{
"category": "description",
"text": "Oracle Commerce ist eine elektronische Handelsplattform.",
"title": "Produktbeschreibung"
},
{
"category": "summary",
"text": "Ein entfernter, anonymer Angreifer kann mehrere Schwachstellen in Oracle Commerce ausnutzen, um die Integrit\u00e4t und Verf\u00fcgbarkeit zu gef\u00e4hrden.",
"title": "Angriff"
},
{
"category": "general",
"text": "- UNIX\n- Linux\n- Windows",
"title": "Betroffene Betriebssysteme"
}
],
"publisher": {
"category": "other",
"contact_details": "csaf-provider@cert-bund.de",
"name": "Bundesamt f\u00fcr Sicherheit in der Informationstechnik",
"namespace": "https://www.bsi.bund.de"
},
"references": [
{
"category": "self",
"summary": "WID-SEC-W-2024-0108 - CSAF Version",
"url": "https://wid.cert-bund.de/.well-known/csaf/white/2024/wid-sec-w-2024-0108.json"
},
{
"category": "self",
"summary": "WID-SEC-2024-0108 - Portal Version",
"url": "https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2024-0108"
},
{
"category": "external",
"summary": "Oracle Critical Patch Update Advisory - January 2024 - Appendix Oracle Commerce vom 2024-01-16",
"url": "https://www.oracle.com/security-alerts/cpujan2024.html#AppendixOCOM"
}
],
"source_lang": "en-US",
"title": "Oracle Commerce: Mehrere Schwachstellen",
"tracking": {
"current_release_date": "2024-01-16T23:00:00.000+00:00",
"generator": {
"date": "2024-08-15T18:03:44.679+00:00",
"engine": {
"name": "BSI-WID",
"version": "1.3.5"
}
},
"id": "WID-SEC-W-2024-0108",
"initial_release_date": "2024-01-16T23:00:00.000+00:00",
"revision_history": [
{
"date": "2024-01-16T23:00:00.000+00:00",
"number": "1",
"summary": "Initiale Fassung"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Oracle Commerce 11.3.2",
"product": {
"name": "Oracle Commerce 11.3.2",
"product_id": "T018933",
"product_identification_helper": {
"cpe": "cpe:/a:oracle:commerce:11.3.2"
}
}
}
],
"category": "vendor",
"name": "Oracle"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2023-5072",
"notes": [
{
"category": "description",
"text": "In Oracle Commerce existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein entfernter, anonymer Angreifer die Integrit\u00e4t und Verf\u00fcgbarkeit gef\u00e4hrden. F\u00fcr die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion notwendig. Oracle ver\u00f6ffentlicht keine weiteren Details zu diesen Schwachstellen (au\u00dfer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadensh\u00f6he ausschlie\u00dflich auf Basis der CVSS Impact Matrix. Der Maximalwert f\u00fcr diese Produkte ist \"HIGH\" f\u00fcr \"Integrity\" und \"Availability\" \u00fcber alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert \"MITTEL\" f\u00fcr die Schadensh\u00f6he."
}
],
"product_status": {
"known_affected": [
"T018933"
]
},
"release_date": "2024-01-16T23:00:00.000+00:00",
"title": "CVE-2023-5072"
},
{
"cve": "CVE-2023-46589",
"notes": [
{
"category": "description",
"text": "In Oracle Commerce existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein entfernter, anonymer Angreifer die Integrit\u00e4t und Verf\u00fcgbarkeit gef\u00e4hrden. F\u00fcr die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion notwendig. Oracle ver\u00f6ffentlicht keine weiteren Details zu diesen Schwachstellen (au\u00dfer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadensh\u00f6he ausschlie\u00dflich auf Basis der CVSS Impact Matrix. Der Maximalwert f\u00fcr diese Produkte ist \"HIGH\" f\u00fcr \"Integrity\" und \"Availability\" \u00fcber alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert \"MITTEL\" f\u00fcr die Schadensh\u00f6he."
}
],
"product_status": {
"known_affected": [
"T018933"
]
},
"release_date": "2024-01-16T23:00:00.000+00:00",
"title": "CVE-2023-46589"
},
{
"cve": "CVE-2023-44487",
"notes": [
{
"category": "description",
"text": "In Oracle Commerce existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein entfernter, anonymer Angreifer die Integrit\u00e4t und Verf\u00fcgbarkeit gef\u00e4hrden. F\u00fcr die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion notwendig. Oracle ver\u00f6ffentlicht keine weiteren Details zu diesen Schwachstellen (au\u00dfer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadensh\u00f6he ausschlie\u00dflich auf Basis der CVSS Impact Matrix. Der Maximalwert f\u00fcr diese Produkte ist \"HIGH\" f\u00fcr \"Integrity\" und \"Availability\" \u00fcber alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert \"MITTEL\" f\u00fcr die Schadensh\u00f6he."
}
],
"product_status": {
"known_affected": [
"T018933"
]
},
"release_date": "2024-01-16T23:00:00.000+00:00",
"title": "CVE-2023-44487"
},
{
"cve": "CVE-2022-40152",
"notes": [
{
"category": "description",
"text": "In Oracle Commerce existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein entfernter, anonymer Angreifer die Integrit\u00e4t und Verf\u00fcgbarkeit gef\u00e4hrden. F\u00fcr die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion notwendig. Oracle ver\u00f6ffentlicht keine weiteren Details zu diesen Schwachstellen (au\u00dfer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadensh\u00f6he ausschlie\u00dflich auf Basis der CVSS Impact Matrix. Der Maximalwert f\u00fcr diese Produkte ist \"HIGH\" f\u00fcr \"Integrity\" und \"Availability\" \u00fcber alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert \"MITTEL\" f\u00fcr die Schadensh\u00f6he."
}
],
"product_status": {
"known_affected": [
"T018933"
]
},
"release_date": "2024-01-16T23:00:00.000+00:00",
"title": "CVE-2022-40152"
},
{
"cve": "CVE-2022-33879",
"notes": [
{
"category": "description",
"text": "In Oracle Commerce existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein entfernter, anonymer Angreifer die Integrit\u00e4t und Verf\u00fcgbarkeit gef\u00e4hrden. F\u00fcr die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion notwendig. Oracle ver\u00f6ffentlicht keine weiteren Details zu diesen Schwachstellen (au\u00dfer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadensh\u00f6he ausschlie\u00dflich auf Basis der CVSS Impact Matrix. Der Maximalwert f\u00fcr diese Produkte ist \"HIGH\" f\u00fcr \"Integrity\" und \"Availability\" \u00fcber alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert \"MITTEL\" f\u00fcr die Schadensh\u00f6he."
}
],
"product_status": {
"known_affected": [
"T018933"
]
},
"release_date": "2024-01-16T23:00:00.000+00:00",
"title": "CVE-2022-33879"
}
]
}
WID-SEC-W-2024-0115
Vulnerability from csaf_certbund - Published: 2024-01-16 23:00 - Updated: 2025-02-24 23:00| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Ubuntu Linux
Ubuntu
|
cpe:/o:canonical:ubuntu_linux:-
|
— | |
|
Oracle Supply Chain <6.2.4.2
Oracle / Supply Chain
|
<6.2.4.2 | ||
|
Oracle Supply Chain 9.3.6
Oracle / Supply Chain
|
cpe:/a:oracle:supply_chain:9.3.6
|
9.3.6 | |
|
Oracle Supply Chain 11.5
Oracle / Supply Chain
|
cpe:/a:oracle:supply_chain:11.5
|
11.5 | |
|
Oracle Supply Chain 12.1
Oracle / Supply Chain
|
cpe:/a:oracle:supply_chain:12.1
|
12.1 | |
|
Oracle Supply Chain 12.2
Oracle / Supply Chain
|
cpe:/a:oracle:supply_chain:12.2
|
12.2 |
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Ubuntu Linux
Ubuntu
|
cpe:/o:canonical:ubuntu_linux:-
|
— | |
|
Oracle Supply Chain <6.2.4.2
Oracle / Supply Chain
|
<6.2.4.2 | ||
|
Oracle Supply Chain 9.3.6
Oracle / Supply Chain
|
cpe:/a:oracle:supply_chain:9.3.6
|
9.3.6 | |
|
Oracle Supply Chain 11.5
Oracle / Supply Chain
|
cpe:/a:oracle:supply_chain:11.5
|
11.5 | |
|
Oracle Supply Chain 12.1
Oracle / Supply Chain
|
cpe:/a:oracle:supply_chain:12.1
|
12.1 | |
|
Oracle Supply Chain 12.2
Oracle / Supply Chain
|
cpe:/a:oracle:supply_chain:12.2
|
12.2 |
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Ubuntu Linux
Ubuntu
|
cpe:/o:canonical:ubuntu_linux:-
|
— | |
|
Oracle Supply Chain <6.2.4.2
Oracle / Supply Chain
|
<6.2.4.2 | ||
|
Oracle Supply Chain 9.3.6
Oracle / Supply Chain
|
cpe:/a:oracle:supply_chain:9.3.6
|
9.3.6 | |
|
Oracle Supply Chain 11.5
Oracle / Supply Chain
|
cpe:/a:oracle:supply_chain:11.5
|
11.5 | |
|
Oracle Supply Chain 12.1
Oracle / Supply Chain
|
cpe:/a:oracle:supply_chain:12.1
|
12.1 | |
|
Oracle Supply Chain 12.2
Oracle / Supply Chain
|
cpe:/a:oracle:supply_chain:12.2
|
12.2 |
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Ubuntu Linux
Ubuntu
|
cpe:/o:canonical:ubuntu_linux:-
|
— | |
|
Oracle Supply Chain <6.2.4.2
Oracle / Supply Chain
|
<6.2.4.2 | ||
|
Oracle Supply Chain 9.3.6
Oracle / Supply Chain
|
cpe:/a:oracle:supply_chain:9.3.6
|
9.3.6 | |
|
Oracle Supply Chain 11.5
Oracle / Supply Chain
|
cpe:/a:oracle:supply_chain:11.5
|
11.5 | |
|
Oracle Supply Chain 12.1
Oracle / Supply Chain
|
cpe:/a:oracle:supply_chain:12.1
|
12.1 | |
|
Oracle Supply Chain 12.2
Oracle / Supply Chain
|
cpe:/a:oracle:supply_chain:12.2
|
12.2 |
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Ubuntu Linux
Ubuntu
|
cpe:/o:canonical:ubuntu_linux:-
|
— | |
|
Oracle Supply Chain <6.2.4.2
Oracle / Supply Chain
|
<6.2.4.2 | ||
|
Oracle Supply Chain 9.3.6
Oracle / Supply Chain
|
cpe:/a:oracle:supply_chain:9.3.6
|
9.3.6 | |
|
Oracle Supply Chain 11.5
Oracle / Supply Chain
|
cpe:/a:oracle:supply_chain:11.5
|
11.5 | |
|
Oracle Supply Chain 12.1
Oracle / Supply Chain
|
cpe:/a:oracle:supply_chain:12.1
|
12.1 | |
|
Oracle Supply Chain 12.2
Oracle / Supply Chain
|
cpe:/a:oracle:supply_chain:12.2
|
12.2 |
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Ubuntu Linux
Ubuntu
|
cpe:/o:canonical:ubuntu_linux:-
|
— | |
|
Oracle Supply Chain <6.2.4.2
Oracle / Supply Chain
|
<6.2.4.2 | ||
|
Oracle Supply Chain 9.3.6
Oracle / Supply Chain
|
cpe:/a:oracle:supply_chain:9.3.6
|
9.3.6 | |
|
Oracle Supply Chain 11.5
Oracle / Supply Chain
|
cpe:/a:oracle:supply_chain:11.5
|
11.5 | |
|
Oracle Supply Chain 12.1
Oracle / Supply Chain
|
cpe:/a:oracle:supply_chain:12.1
|
12.1 | |
|
Oracle Supply Chain 12.2
Oracle / Supply Chain
|
cpe:/a:oracle:supply_chain:12.2
|
12.2 |
{
"document": {
"aggregate_severity": {
"text": "hoch"
},
"category": "csaf_base",
"csaf_version": "2.0",
"distribution": {
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "de-DE",
"notes": [
{
"category": "legal_disclaimer",
"text": "Das BSI ist als Anbieter f\u00fcr die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch daf\u00fcr verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgf\u00e4ltig im Einzelfall zu pr\u00fcfen."
},
{
"category": "description",
"text": "Die Oracle Supply Chain ist eine Sammlung von Applikationen f\u00fcr verschiedene Zwecke.",
"title": "Produktbeschreibung"
},
{
"category": "summary",
"text": "Ein entfernter, anonymer oder authentisierter Angreifer kann mehrere Schwachstellen in Oracle Supply Chain ausnutzen, um die Vertraulichkeit, Integrit\u00e4t und Verf\u00fcgbarkeit zu gef\u00e4hrden.",
"title": "Angriff"
},
{
"category": "general",
"text": "- Linux\n- UNIX\n- Windows",
"title": "Betroffene Betriebssysteme"
}
],
"publisher": {
"category": "other",
"contact_details": "csaf-provider@cert-bund.de",
"name": "Bundesamt f\u00fcr Sicherheit in der Informationstechnik",
"namespace": "https://www.bsi.bund.de"
},
"references": [
{
"category": "self",
"summary": "WID-SEC-W-2024-0115 - CSAF Version",
"url": "https://wid.cert-bund.de/.well-known/csaf/white/2024/wid-sec-w-2024-0115.json"
},
{
"category": "self",
"summary": "WID-SEC-2024-0115 - Portal Version",
"url": "https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2024-0115"
},
{
"category": "external",
"summary": "Oracle Critical Patch Update Advisory - January 2024 - Appendix Oracle Supply Chain vom 2024-01-16",
"url": "https://www.oracle.com/security-alerts/cpujan2024.html#AppendixSCP"
},
{
"category": "external",
"summary": "Ubuntu Security Notice USN-6683-1 vom 2024-03-07",
"url": "https://ubuntu.com/security/notices/USN-6683-1"
},
{
"category": "external",
"summary": "CISA Known Exploited Vulnerabilities Catalog vom 2025-02-24",
"url": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog"
}
],
"source_lang": "en-US",
"title": "Oracle Supply Chain: Mehrere Schwachstellen",
"tracking": {
"current_release_date": "2025-02-24T23:00:00.000+00:00",
"generator": {
"date": "2025-02-25T09:12:06.370+00:00",
"engine": {
"name": "BSI-WID",
"version": "1.3.12"
}
},
"id": "WID-SEC-W-2024-0115",
"initial_release_date": "2024-01-16T23:00:00.000+00:00",
"revision_history": [
{
"date": "2024-01-16T23:00:00.000+00:00",
"number": "1",
"summary": "Initiale Fassung"
},
{
"date": "2024-03-07T23:00:00.000+00:00",
"number": "2",
"summary": "Neue Updates von Ubuntu aufgenommen"
},
{
"date": "2025-02-24T23:00:00.000+00:00",
"number": "3",
"summary": "CVE-2024-20953 wird ausgenutzt"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "9.3.6",
"product": {
"name": "Oracle Supply Chain 9.3.6",
"product_id": "T019052",
"product_identification_helper": {
"cpe": "cpe:/a:oracle:supply_chain:9.3.6"
}
}
},
{
"category": "product_version",
"name": "12.1",
"product": {
"name": "Oracle Supply Chain 12.1",
"product_id": "T019054",
"product_identification_helper": {
"cpe": "cpe:/a:oracle:supply_chain:12.1"
}
}
},
{
"category": "product_version",
"name": "12.2",
"product": {
"name": "Oracle Supply Chain 12.2",
"product_id": "T019055",
"product_identification_helper": {
"cpe": "cpe:/a:oracle:supply_chain:12.2"
}
}
},
{
"category": "product_version_range",
"name": "\u003c6.2.4.2",
"product": {
"name": "Oracle Supply Chain \u003c6.2.4.2",
"product_id": "T032129"
}
},
{
"category": "product_version",
"name": "6.2.4.2",
"product": {
"name": "Oracle Supply Chain 6.2.4.2",
"product_id": "T032129-fixed",
"product_identification_helper": {
"cpe": "cpe:/a:oracle:supply_chain:6.2.4.2"
}
}
},
{
"category": "product_version",
"name": "11.5",
"product": {
"name": "Oracle Supply Chain 11.5",
"product_id": "T032130",
"product_identification_helper": {
"cpe": "cpe:/a:oracle:supply_chain:11.5"
}
}
}
],
"category": "product_name",
"name": "Supply Chain"
}
],
"category": "vendor",
"name": "Oracle"
},
{
"branches": [
{
"category": "product_name",
"name": "Ubuntu Linux",
"product": {
"name": "Ubuntu Linux",
"product_id": "T000126",
"product_identification_helper": {
"cpe": "cpe:/o:canonical:ubuntu_linux:-"
}
}
}
],
"category": "vendor",
"name": "Ubuntu"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2023-2976",
"product_status": {
"known_affected": [
"T000126",
"T032129",
"T019052",
"T032130",
"T019054",
"T019055"
]
},
"release_date": "2024-01-16T23:00:00.000+00:00",
"title": "CVE-2023-2976"
},
{
"cve": "CVE-2023-34624",
"product_status": {
"known_affected": [
"T000126",
"T032129",
"T019052",
"T032130",
"T019054",
"T019055"
]
},
"release_date": "2024-01-16T23:00:00.000+00:00",
"title": "CVE-2023-34624"
},
{
"cve": "CVE-2023-44487",
"product_status": {
"known_affected": [
"T000126",
"T032129",
"T019052",
"T032130",
"T019054",
"T019055"
]
},
"release_date": "2024-01-16T23:00:00.000+00:00",
"title": "CVE-2023-44487"
},
{
"cve": "CVE-2024-20942",
"product_status": {
"known_affected": [
"T000126",
"T032129",
"T019052",
"T032130",
"T019054",
"T019055"
]
},
"release_date": "2024-01-16T23:00:00.000+00:00",
"title": "CVE-2024-20942"
},
{
"cve": "CVE-2024-20953",
"product_status": {
"known_affected": [
"T000126",
"T032129",
"T019052",
"T032130",
"T019054",
"T019055"
]
},
"release_date": "2024-01-16T23:00:00.000+00:00",
"title": "CVE-2024-20953"
},
{
"cve": "CVE-2024-20956",
"product_status": {
"known_affected": [
"T000126",
"T032129",
"T019052",
"T032130",
"T019054",
"T019055"
]
},
"release_date": "2024-01-16T23:00:00.000+00:00",
"title": "CVE-2024-20956"
}
]
}
WID-SEC-W-2024-0116
Vulnerability from csaf_certbund - Published: 2024-01-16 23:00 - Updated: 2024-01-16 23:00In Oracle Siebel CRM existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein entfernter, anonymer Angreifer die Verfügbarkeit gefährden. Für die Ausnutzung dieser Schwachstellen ist keine Benutzerinteraktion notwendig. Oracle veröffentlicht keine weiteren Details zu diesen Schwachstellen (außer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadenshöhe ausschließlich auf Basis der CVSS Impact Matrix. Der Maximalwert für diese Produkte ist "HIGH" für "Availability" über alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert "MITTEL" für die Schadenshöhe.
In Oracle Siebel CRM existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein entfernter, anonymer Angreifer die Verfügbarkeit gefährden. Für die Ausnutzung dieser Schwachstellen ist keine Benutzerinteraktion notwendig. Oracle veröffentlicht keine weiteren Details zu diesen Schwachstellen (außer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadenshöhe ausschließlich auf Basis der CVSS Impact Matrix. Der Maximalwert für diese Produkte ist "HIGH" für "Availability" über alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert "MITTEL" für die Schadenshöhe.
{
"document": {
"aggregate_severity": {
"text": "mittel"
},
"category": "csaf_base",
"csaf_version": "2.0",
"distribution": {
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "de-DE",
"notes": [
{
"category": "legal_disclaimer",
"text": "Das BSI ist als Anbieter f\u00fcr die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch daf\u00fcr verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgf\u00e4ltig im Einzelfall zu pr\u00fcfen."
},
{
"category": "description",
"text": "Siebel CRM ist eine CRM-L\u00f6sung von Oracle.",
"title": "Produktbeschreibung"
},
{
"category": "summary",
"text": "Ein entfernter, anonymer Angreifer kann mehrere Schwachstellen in Oracle Siebel CRM ausnutzen, um die Verf\u00fcgbarkeit zu gef\u00e4hrden.",
"title": "Angriff"
},
{
"category": "general",
"text": "- UNIX\n- Linux\n- Windows",
"title": "Betroffene Betriebssysteme"
}
],
"publisher": {
"category": "other",
"contact_details": "csaf-provider@cert-bund.de",
"name": "Bundesamt f\u00fcr Sicherheit in der Informationstechnik",
"namespace": "https://www.bsi.bund.de"
},
"references": [
{
"category": "self",
"summary": "WID-SEC-W-2024-0116 - CSAF Version",
"url": "https://wid.cert-bund.de/.well-known/csaf/white/2024/wid-sec-w-2024-0116.json"
},
{
"category": "self",
"summary": "WID-SEC-2024-0116 - Portal Version",
"url": "https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2024-0116"
},
{
"category": "external",
"summary": "Oracle Critical Patch Update Advisory - January 2024 - Appendix Oracle Siebel CRM vom 2024-01-16",
"url": "https://www.oracle.com/security-alerts/cpujan2024.html#AppendixSECR"
}
],
"source_lang": "en-US",
"title": "Oracle Siebel CRM: Mehrere Schwachstellen",
"tracking": {
"current_release_date": "2024-01-16T23:00:00.000+00:00",
"generator": {
"date": "2024-08-15T18:03:46.701+00:00",
"engine": {
"name": "BSI-WID",
"version": "1.3.5"
}
},
"id": "WID-SEC-W-2024-0116",
"initial_release_date": "2024-01-16T23:00:00.000+00:00",
"revision_history": [
{
"date": "2024-01-16T23:00:00.000+00:00",
"number": "1",
"summary": "Initiale Fassung"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Oracle Siebel CRM \u003c 23.8",
"product": {
"name": "Oracle Siebel CRM \u003c 23.8",
"product_id": "T030617",
"product_identification_helper": {
"cpe": "cpe:/a:oracle:siebel_crm:23.8"
}
}
},
{
"category": "product_name",
"name": "Oracle Siebel CRM \u003c 23.12",
"product": {
"name": "Oracle Siebel CRM \u003c 23.12",
"product_id": "T032128",
"product_identification_helper": {
"cpe": "cpe:/a:oracle:siebel_crm:23.12"
}
}
}
],
"category": "product_name",
"name": "Siebel CRM"
}
],
"category": "vendor",
"name": "Oracle"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2023-44487",
"notes": [
{
"category": "description",
"text": "In Oracle Siebel CRM existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein entfernter, anonymer Angreifer die Verf\u00fcgbarkeit gef\u00e4hrden. F\u00fcr die Ausnutzung dieser Schwachstellen ist keine Benutzerinteraktion notwendig. Oracle ver\u00f6ffentlicht keine weiteren Details zu diesen Schwachstellen (au\u00dfer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadensh\u00f6he ausschlie\u00dflich auf Basis der CVSS Impact Matrix. Der Maximalwert f\u00fcr diese Produkte ist \"HIGH\" f\u00fcr \"Availability\" \u00fcber alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert \"MITTEL\" f\u00fcr die Schadensh\u00f6he."
}
],
"release_date": "2024-01-16T23:00:00.000+00:00",
"title": "CVE-2023-44487"
},
{
"cve": "CVE-2023-1436",
"notes": [
{
"category": "description",
"text": "In Oracle Siebel CRM existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein entfernter, anonymer Angreifer die Verf\u00fcgbarkeit gef\u00e4hrden. F\u00fcr die Ausnutzung dieser Schwachstellen ist keine Benutzerinteraktion notwendig. Oracle ver\u00f6ffentlicht keine weiteren Details zu diesen Schwachstellen (au\u00dfer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadensh\u00f6he ausschlie\u00dflich auf Basis der CVSS Impact Matrix. Der Maximalwert f\u00fcr diese Produkte ist \"HIGH\" f\u00fcr \"Availability\" \u00fcber alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert \"MITTEL\" f\u00fcr die Schadensh\u00f6he."
}
],
"release_date": "2024-01-16T23:00:00.000+00:00",
"title": "CVE-2023-1436"
}
]
}
WID-SEC-W-2024-0117
Vulnerability from csaf_certbund - Published: 2024-01-16 23:00 - Updated: 2024-01-16 23:00In Oracle Retail Applications existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein entfernter, anonymer oder authentisierter Angreifer die Vertraulichkeit, Integrität und Verfügbarkeit gefährden. Für die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion notwendig. Oracle veröffentlicht keine weiteren Details zu diesen Schwachstellen (außer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadenshöhe ausschließlich auf Basis der CVSS Impact Matrix. Der Maximalwert für diese Produkte ist "HIGH" für "Confidentiality", "Integrity" und "Availability" über alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert "HOCH" für die Schadenshöhe.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Oracle Retail Applications 19.0.0.8
Oracle / Retail Applications
|
cpe:/a:oracle:retail_applications:19.0.0.8
|
— | |
|
Oracle Retail Applications 18.0.0.14
Oracle / Retail Applications
|
cpe:/a:oracle:retail_applications:18.0.0.14
|
— | |
|
Oracle Retail Applications 20.0.1
Oracle / Retail Applications
|
cpe:/a:oracle:retail_applications:20.0.1
|
— | |
|
Oracle Retail Applications 15.0.3
Oracle / Retail Applications
|
cpe:/a:oracle:retail_applications:15.0.3
|
— | |
|
Oracle Retail Applications 16.0.3
Oracle / Retail Applications
|
cpe:/a:oracle:retail_applications:16.0.3
|
— |
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Oracle Retail Applications <= 23.0.0
Oracle / Retail Applications
|
cpe:/a:oracle:retail_applications:23.0.0
|
— |
In Oracle Retail Applications existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein entfernter, anonymer oder authentisierter Angreifer die Vertraulichkeit, Integrität und Verfügbarkeit gefährden. Für die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion notwendig. Oracle veröffentlicht keine weiteren Details zu diesen Schwachstellen (außer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadenshöhe ausschließlich auf Basis der CVSS Impact Matrix. Der Maximalwert für diese Produkte ist "HIGH" für "Confidentiality", "Integrity" und "Availability" über alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert "HOCH" für die Schadenshöhe.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Oracle Retail Applications 19.0.0.8
Oracle / Retail Applications
|
cpe:/a:oracle:retail_applications:19.0.0.8
|
— | |
|
Oracle Retail Applications 18.0.0.14
Oracle / Retail Applications
|
cpe:/a:oracle:retail_applications:18.0.0.14
|
— | |
|
Oracle Retail Applications 20.0.1
Oracle / Retail Applications
|
cpe:/a:oracle:retail_applications:20.0.1
|
— | |
|
Oracle Retail Applications 15.0.3
Oracle / Retail Applications
|
cpe:/a:oracle:retail_applications:15.0.3
|
— | |
|
Oracle Retail Applications 16.0.3
Oracle / Retail Applications
|
cpe:/a:oracle:retail_applications:16.0.3
|
— |
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Oracle Retail Applications <= 23.0.0
Oracle / Retail Applications
|
cpe:/a:oracle:retail_applications:23.0.0
|
— |
In Oracle Retail Applications existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein entfernter, anonymer oder authentisierter Angreifer die Vertraulichkeit, Integrität und Verfügbarkeit gefährden. Für die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion notwendig. Oracle veröffentlicht keine weiteren Details zu diesen Schwachstellen (außer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadenshöhe ausschließlich auf Basis der CVSS Impact Matrix. Der Maximalwert für diese Produkte ist "HIGH" für "Confidentiality", "Integrity" und "Availability" über alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert "HOCH" für die Schadenshöhe.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Oracle Retail Applications 19.0.0.8
Oracle / Retail Applications
|
cpe:/a:oracle:retail_applications:19.0.0.8
|
— | |
|
Oracle Retail Applications 18.0.0.14
Oracle / Retail Applications
|
cpe:/a:oracle:retail_applications:18.0.0.14
|
— | |
|
Oracle Retail Applications 20.0.1
Oracle / Retail Applications
|
cpe:/a:oracle:retail_applications:20.0.1
|
— | |
|
Oracle Retail Applications 15.0.3
Oracle / Retail Applications
|
cpe:/a:oracle:retail_applications:15.0.3
|
— | |
|
Oracle Retail Applications 16.0.3
Oracle / Retail Applications
|
cpe:/a:oracle:retail_applications:16.0.3
|
— |
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Oracle Retail Applications <= 23.0.0
Oracle / Retail Applications
|
cpe:/a:oracle:retail_applications:23.0.0
|
— |
In Oracle Retail Applications existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein entfernter, anonymer oder authentisierter Angreifer die Vertraulichkeit, Integrität und Verfügbarkeit gefährden. Für die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion notwendig. Oracle veröffentlicht keine weiteren Details zu diesen Schwachstellen (außer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadenshöhe ausschließlich auf Basis der CVSS Impact Matrix. Der Maximalwert für diese Produkte ist "HIGH" für "Confidentiality", "Integrity" und "Availability" über alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert "HOCH" für die Schadenshöhe.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Oracle Retail Applications 19.0.0.8
Oracle / Retail Applications
|
cpe:/a:oracle:retail_applications:19.0.0.8
|
— | |
|
Oracle Retail Applications 18.0.0.14
Oracle / Retail Applications
|
cpe:/a:oracle:retail_applications:18.0.0.14
|
— | |
|
Oracle Retail Applications 20.0.1
Oracle / Retail Applications
|
cpe:/a:oracle:retail_applications:20.0.1
|
— | |
|
Oracle Retail Applications 15.0.3
Oracle / Retail Applications
|
cpe:/a:oracle:retail_applications:15.0.3
|
— | |
|
Oracle Retail Applications 16.0.3
Oracle / Retail Applications
|
cpe:/a:oracle:retail_applications:16.0.3
|
— |
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Oracle Retail Applications <= 23.0.0
Oracle / Retail Applications
|
cpe:/a:oracle:retail_applications:23.0.0
|
— |
In Oracle Retail Applications existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein entfernter, anonymer oder authentisierter Angreifer die Vertraulichkeit, Integrität und Verfügbarkeit gefährden. Für die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion notwendig. Oracle veröffentlicht keine weiteren Details zu diesen Schwachstellen (außer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadenshöhe ausschließlich auf Basis der CVSS Impact Matrix. Der Maximalwert für diese Produkte ist "HIGH" für "Confidentiality", "Integrity" und "Availability" über alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert "HOCH" für die Schadenshöhe.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Oracle Retail Applications 19.0.0.8
Oracle / Retail Applications
|
cpe:/a:oracle:retail_applications:19.0.0.8
|
— | |
|
Oracle Retail Applications 18.0.0.14
Oracle / Retail Applications
|
cpe:/a:oracle:retail_applications:18.0.0.14
|
— | |
|
Oracle Retail Applications 20.0.1
Oracle / Retail Applications
|
cpe:/a:oracle:retail_applications:20.0.1
|
— | |
|
Oracle Retail Applications 15.0.3
Oracle / Retail Applications
|
cpe:/a:oracle:retail_applications:15.0.3
|
— | |
|
Oracle Retail Applications 16.0.3
Oracle / Retail Applications
|
cpe:/a:oracle:retail_applications:16.0.3
|
— |
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Oracle Retail Applications <= 23.0.0
Oracle / Retail Applications
|
cpe:/a:oracle:retail_applications:23.0.0
|
— |
In Oracle Retail Applications existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein entfernter, anonymer oder authentisierter Angreifer die Vertraulichkeit, Integrität und Verfügbarkeit gefährden. Für die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion notwendig. Oracle veröffentlicht keine weiteren Details zu diesen Schwachstellen (außer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadenshöhe ausschließlich auf Basis der CVSS Impact Matrix. Der Maximalwert für diese Produkte ist "HIGH" für "Confidentiality", "Integrity" und "Availability" über alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert "HOCH" für die Schadenshöhe.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Oracle Retail Applications 19.0.0.8
Oracle / Retail Applications
|
cpe:/a:oracle:retail_applications:19.0.0.8
|
— | |
|
Oracle Retail Applications 18.0.0.14
Oracle / Retail Applications
|
cpe:/a:oracle:retail_applications:18.0.0.14
|
— | |
|
Oracle Retail Applications 20.0.1
Oracle / Retail Applications
|
cpe:/a:oracle:retail_applications:20.0.1
|
— | |
|
Oracle Retail Applications 15.0.3
Oracle / Retail Applications
|
cpe:/a:oracle:retail_applications:15.0.3
|
— | |
|
Oracle Retail Applications 16.0.3
Oracle / Retail Applications
|
cpe:/a:oracle:retail_applications:16.0.3
|
— |
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Oracle Retail Applications <= 23.0.0
Oracle / Retail Applications
|
cpe:/a:oracle:retail_applications:23.0.0
|
— |
{
"document": {
"aggregate_severity": {
"text": "hoch"
},
"category": "csaf_base",
"csaf_version": "2.0",
"distribution": {
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "de-DE",
"notes": [
{
"category": "legal_disclaimer",
"text": "Das BSI ist als Anbieter f\u00fcr die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch daf\u00fcr verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgf\u00e4ltig im Einzelfall zu pr\u00fcfen."
},
{
"category": "description",
"text": "Oracle Retail Applications ist eine Sammlung von Produkten zur Unterst\u00fctzung u. a. von Handelsfirmen und der Gastronomie.",
"title": "Produktbeschreibung"
},
{
"category": "summary",
"text": "Ein entfernter, anonymer oder authentisierter Angreifer kann mehrere Schwachstellen in Oracle Retail Applications ausnutzen, um die Vertraulichkeit, Integrit\u00e4t und Verf\u00fcgbarkeit zu gef\u00e4hrden.",
"title": "Angriff"
},
{
"category": "general",
"text": "- UNIX\n- Linux\n- Windows\n- Sonstiges",
"title": "Betroffene Betriebssysteme"
}
],
"publisher": {
"category": "other",
"contact_details": "csaf-provider@cert-bund.de",
"name": "Bundesamt f\u00fcr Sicherheit in der Informationstechnik",
"namespace": "https://www.bsi.bund.de"
},
"references": [
{
"category": "self",
"summary": "WID-SEC-W-2024-0117 - CSAF Version",
"url": "https://wid.cert-bund.de/.well-known/csaf/white/2024/wid-sec-w-2024-0117.json"
},
{
"category": "self",
"summary": "WID-SEC-2024-0117 - Portal Version",
"url": "https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2024-0117"
},
{
"category": "external",
"summary": "Oracle Critical Patch Update Advisory - January 2024 - Appendix Oracle Retail Applications vom 2024-01-16",
"url": "https://www.oracle.com/security-alerts/cpujan2024.html#AppendixRAPP"
}
],
"source_lang": "en-US",
"title": "Oracle Retail Applications: Mehrere Schwachstellen",
"tracking": {
"current_release_date": "2024-01-16T23:00:00.000+00:00",
"generator": {
"date": "2024-08-15T18:03:46.978+00:00",
"engine": {
"name": "BSI-WID",
"version": "1.3.5"
}
},
"id": "WID-SEC-W-2024-0117",
"initial_release_date": "2024-01-16T23:00:00.000+00:00",
"revision_history": [
{
"date": "2024-01-16T23:00:00.000+00:00",
"number": "1",
"summary": "Initiale Fassung"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Oracle Retail Applications 16.0.3",
"product": {
"name": "Oracle Retail Applications 16.0.3",
"product_id": "T019034",
"product_identification_helper": {
"cpe": "cpe:/a:oracle:retail_applications:16.0.3"
}
}
},
{
"category": "product_name",
"name": "Oracle Retail Applications 20.0.1",
"product": {
"name": "Oracle Retail Applications 20.0.1",
"product_id": "T019911",
"product_identification_helper": {
"cpe": "cpe:/a:oracle:retail_applications:20.0.1"
}
}
},
{
"category": "product_name",
"name": "Oracle Retail Applications 15.0.3",
"product": {
"name": "Oracle Retail Applications 15.0.3",
"product_id": "T020721",
"product_identification_helper": {
"cpe": "cpe:/a:oracle:retail_applications:15.0.3"
}
}
},
{
"category": "product_name",
"name": "Oracle Retail Applications 18.0.0.14",
"product": {
"name": "Oracle Retail Applications 18.0.0.14",
"product_id": "T032125",
"product_identification_helper": {
"cpe": "cpe:/a:oracle:retail_applications:18.0.0.14"
}
}
},
{
"category": "product_name",
"name": "Oracle Retail Applications 19.0.0.8",
"product": {
"name": "Oracle Retail Applications 19.0.0.8",
"product_id": "T032126",
"product_identification_helper": {
"cpe": "cpe:/a:oracle:retail_applications:19.0.0.8"
}
}
},
{
"category": "product_name",
"name": "Oracle Retail Applications \u003c= 23.0.0",
"product": {
"name": "Oracle Retail Applications \u003c= 23.0.0",
"product_id": "T032127",
"product_identification_helper": {
"cpe": "cpe:/a:oracle:retail_applications:23.0.0"
}
}
}
],
"category": "product_name",
"name": "Retail Applications"
}
],
"category": "vendor",
"name": "Oracle"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2023-44487",
"notes": [
{
"category": "description",
"text": "In Oracle Retail Applications existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein entfernter, anonymer oder authentisierter Angreifer die Vertraulichkeit, Integrit\u00e4t und Verf\u00fcgbarkeit gef\u00e4hrden. F\u00fcr die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion notwendig. Oracle ver\u00f6ffentlicht keine weiteren Details zu diesen Schwachstellen (au\u00dfer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadensh\u00f6he ausschlie\u00dflich auf Basis der CVSS Impact Matrix. Der Maximalwert f\u00fcr diese Produkte ist \"HIGH\" f\u00fcr \"Confidentiality\", \"Integrity\" und \"Availability\" \u00fcber alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert \"HOCH\" f\u00fcr die Schadensh\u00f6he."
}
],
"product_status": {
"known_affected": [
"T032126",
"T032125",
"T019911",
"T020721",
"T019034"
],
"last_affected": [
"T032127"
]
},
"release_date": "2024-01-16T23:00:00.000+00:00",
"title": "CVE-2023-44487"
},
{
"cve": "CVE-2023-35887",
"notes": [
{
"category": "description",
"text": "In Oracle Retail Applications existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein entfernter, anonymer oder authentisierter Angreifer die Vertraulichkeit, Integrit\u00e4t und Verf\u00fcgbarkeit gef\u00e4hrden. F\u00fcr die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion notwendig. Oracle ver\u00f6ffentlicht keine weiteren Details zu diesen Schwachstellen (au\u00dfer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadensh\u00f6he ausschlie\u00dflich auf Basis der CVSS Impact Matrix. Der Maximalwert f\u00fcr diese Produkte ist \"HIGH\" f\u00fcr \"Confidentiality\", \"Integrity\" und \"Availability\" \u00fcber alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert \"HOCH\" f\u00fcr die Schadensh\u00f6he."
}
],
"product_status": {
"known_affected": [
"T032126",
"T032125",
"T019911",
"T020721",
"T019034"
],
"last_affected": [
"T032127"
]
},
"release_date": "2024-01-16T23:00:00.000+00:00",
"title": "CVE-2023-35887"
},
{
"cve": "CVE-2023-24998",
"notes": [
{
"category": "description",
"text": "In Oracle Retail Applications existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein entfernter, anonymer oder authentisierter Angreifer die Vertraulichkeit, Integrit\u00e4t und Verf\u00fcgbarkeit gef\u00e4hrden. F\u00fcr die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion notwendig. Oracle ver\u00f6ffentlicht keine weiteren Details zu diesen Schwachstellen (au\u00dfer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadensh\u00f6he ausschlie\u00dflich auf Basis der CVSS Impact Matrix. Der Maximalwert f\u00fcr diese Produkte ist \"HIGH\" f\u00fcr \"Confidentiality\", \"Integrity\" und \"Availability\" \u00fcber alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert \"HOCH\" f\u00fcr die Schadensh\u00f6he."
}
],
"product_status": {
"known_affected": [
"T032126",
"T032125",
"T019911",
"T020721",
"T019034"
],
"last_affected": [
"T032127"
]
},
"release_date": "2024-01-16T23:00:00.000+00:00",
"title": "CVE-2023-24998"
},
{
"cve": "CVE-2022-42920",
"notes": [
{
"category": "description",
"text": "In Oracle Retail Applications existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein entfernter, anonymer oder authentisierter Angreifer die Vertraulichkeit, Integrit\u00e4t und Verf\u00fcgbarkeit gef\u00e4hrden. F\u00fcr die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion notwendig. Oracle ver\u00f6ffentlicht keine weiteren Details zu diesen Schwachstellen (au\u00dfer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadensh\u00f6he ausschlie\u00dflich auf Basis der CVSS Impact Matrix. Der Maximalwert f\u00fcr diese Produkte ist \"HIGH\" f\u00fcr \"Confidentiality\", \"Integrity\" und \"Availability\" \u00fcber alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert \"HOCH\" f\u00fcr die Schadensh\u00f6he."
}
],
"product_status": {
"known_affected": [
"T032126",
"T032125",
"T019911",
"T020721",
"T019034"
],
"last_affected": [
"T032127"
]
},
"release_date": "2024-01-16T23:00:00.000+00:00",
"title": "CVE-2022-42920"
},
{
"cve": "CVE-2021-41182",
"notes": [
{
"category": "description",
"text": "In Oracle Retail Applications existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein entfernter, anonymer oder authentisierter Angreifer die Vertraulichkeit, Integrit\u00e4t und Verf\u00fcgbarkeit gef\u00e4hrden. F\u00fcr die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion notwendig. Oracle ver\u00f6ffentlicht keine weiteren Details zu diesen Schwachstellen (au\u00dfer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadensh\u00f6he ausschlie\u00dflich auf Basis der CVSS Impact Matrix. Der Maximalwert f\u00fcr diese Produkte ist \"HIGH\" f\u00fcr \"Confidentiality\", \"Integrity\" und \"Availability\" \u00fcber alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert \"HOCH\" f\u00fcr die Schadensh\u00f6he."
}
],
"product_status": {
"known_affected": [
"T032126",
"T032125",
"T019911",
"T020721",
"T019034"
],
"last_affected": [
"T032127"
]
},
"release_date": "2024-01-16T23:00:00.000+00:00",
"title": "CVE-2021-41182"
},
{
"cve": "CVE-2020-26870",
"notes": [
{
"category": "description",
"text": "In Oracle Retail Applications existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein entfernter, anonymer oder authentisierter Angreifer die Vertraulichkeit, Integrit\u00e4t und Verf\u00fcgbarkeit gef\u00e4hrden. F\u00fcr die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion notwendig. Oracle ver\u00f6ffentlicht keine weiteren Details zu diesen Schwachstellen (au\u00dfer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadensh\u00f6he ausschlie\u00dflich auf Basis der CVSS Impact Matrix. Der Maximalwert f\u00fcr diese Produkte ist \"HIGH\" f\u00fcr \"Confidentiality\", \"Integrity\" und \"Availability\" \u00fcber alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert \"HOCH\" f\u00fcr die Schadensh\u00f6he."
}
],
"product_status": {
"known_affected": [
"T032126",
"T032125",
"T019911",
"T020721",
"T019034"
],
"last_affected": [
"T032127"
]
},
"release_date": "2024-01-16T23:00:00.000+00:00",
"title": "CVE-2020-26870"
}
]
}
WID-SEC-W-2024-0118
Vulnerability from csaf_certbund - Published: 2024-01-16 23:00 - Updated: 2024-01-16 23:00In Oracle PeopleSoft existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein entfernter, anonymer oder authentisierter Angreifer die Vertraulichkeit, Integrität und Verfügbarkeit gefährden. Für die Ausnutzung dieser Schwachstellen ist keine Benutzerinteraktion notwendig. Oracle veröffentlicht keine weiteren Details zu diesen Schwachstellen (außer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadenshöhe ausschließlich auf Basis der CVSS Impact Matrix. Der Maximalwert für diese Produkte ist "HIGH" für "Confidentiality", "Integrity" und "Availability" über alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert "MITTEL-HOCH" für die Schadenshöhe.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Oracle PeopleSoft 8.61
Oracle / PeopleSoft
|
cpe:/a:oracle:peoplesoft:8.61
|
— | |
|
Oracle PeopleSoft 8.60
Oracle / PeopleSoft
|
cpe:/a:oracle:peoplesoft:8.60
|
— | |
|
Oracle PeopleSoft 8.59
Oracle / PeopleSoft
|
cpe:/a:oracle:peoplesoft:8.59
|
— |
In Oracle PeopleSoft existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein entfernter, anonymer oder authentisierter Angreifer die Vertraulichkeit, Integrität und Verfügbarkeit gefährden. Für die Ausnutzung dieser Schwachstellen ist keine Benutzerinteraktion notwendig. Oracle veröffentlicht keine weiteren Details zu diesen Schwachstellen (außer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadenshöhe ausschließlich auf Basis der CVSS Impact Matrix. Der Maximalwert für diese Produkte ist "HIGH" für "Confidentiality", "Integrity" und "Availability" über alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert "MITTEL-HOCH" für die Schadenshöhe.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Oracle PeopleSoft 8.61
Oracle / PeopleSoft
|
cpe:/a:oracle:peoplesoft:8.61
|
— | |
|
Oracle PeopleSoft 8.60
Oracle / PeopleSoft
|
cpe:/a:oracle:peoplesoft:8.60
|
— | |
|
Oracle PeopleSoft 8.59
Oracle / PeopleSoft
|
cpe:/a:oracle:peoplesoft:8.59
|
— |
In Oracle PeopleSoft existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein entfernter, anonymer oder authentisierter Angreifer die Vertraulichkeit, Integrität und Verfügbarkeit gefährden. Für die Ausnutzung dieser Schwachstellen ist keine Benutzerinteraktion notwendig. Oracle veröffentlicht keine weiteren Details zu diesen Schwachstellen (außer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadenshöhe ausschließlich auf Basis der CVSS Impact Matrix. Der Maximalwert für diese Produkte ist "HIGH" für "Confidentiality", "Integrity" und "Availability" über alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert "MITTEL-HOCH" für die Schadenshöhe.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Oracle PeopleSoft 8.61
Oracle / PeopleSoft
|
cpe:/a:oracle:peoplesoft:8.61
|
— | |
|
Oracle PeopleSoft 8.60
Oracle / PeopleSoft
|
cpe:/a:oracle:peoplesoft:8.60
|
— | |
|
Oracle PeopleSoft 8.59
Oracle / PeopleSoft
|
cpe:/a:oracle:peoplesoft:8.59
|
— |
In Oracle PeopleSoft existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein entfernter, anonymer oder authentisierter Angreifer die Vertraulichkeit, Integrität und Verfügbarkeit gefährden. Für die Ausnutzung dieser Schwachstellen ist keine Benutzerinteraktion notwendig. Oracle veröffentlicht keine weiteren Details zu diesen Schwachstellen (außer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadenshöhe ausschließlich auf Basis der CVSS Impact Matrix. Der Maximalwert für diese Produkte ist "HIGH" für "Confidentiality", "Integrity" und "Availability" über alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert "MITTEL-HOCH" für die Schadenshöhe.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Oracle PeopleSoft 8.61
Oracle / PeopleSoft
|
cpe:/a:oracle:peoplesoft:8.61
|
— | |
|
Oracle PeopleSoft 8.60
Oracle / PeopleSoft
|
cpe:/a:oracle:peoplesoft:8.60
|
— | |
|
Oracle PeopleSoft 8.59
Oracle / PeopleSoft
|
cpe:/a:oracle:peoplesoft:8.59
|
— |
{
"document": {
"aggregate_severity": {
"text": "mittel"
},
"category": "csaf_base",
"csaf_version": "2.0",
"distribution": {
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "de-DE",
"notes": [
{
"category": "legal_disclaimer",
"text": "Das BSI ist als Anbieter f\u00fcr die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch daf\u00fcr verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgf\u00e4ltig im Einzelfall zu pr\u00fcfen."
},
{
"category": "description",
"text": "Oracle PeopleSoft ist eine ERP Anwendung.",
"title": "Produktbeschreibung"
},
{
"category": "summary",
"text": "Ein entfernter, anonymer oder authentisierter Angreifer kann mehrere Schwachstellen in Oracle PeopleSoft ausnutzen, um die Vertraulichkeit, Integrit\u00e4t und Verf\u00fcgbarkeit zu gef\u00e4hrden.",
"title": "Angriff"
},
{
"category": "general",
"text": "- UNIX\n- Linux\n- Windows",
"title": "Betroffene Betriebssysteme"
}
],
"publisher": {
"category": "other",
"contact_details": "csaf-provider@cert-bund.de",
"name": "Bundesamt f\u00fcr Sicherheit in der Informationstechnik",
"namespace": "https://www.bsi.bund.de"
},
"references": [
{
"category": "self",
"summary": "WID-SEC-W-2024-0118 - CSAF Version",
"url": "https://wid.cert-bund.de/.well-known/csaf/white/2024/wid-sec-w-2024-0118.json"
},
{
"category": "self",
"summary": "WID-SEC-2024-0118 - Portal Version",
"url": "https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2024-0118"
},
{
"category": "external",
"summary": "Oracle Critical Patch Update Advisory - January 2024 - Appendix Oracle PeopleSoft vom 2024-01-16",
"url": "https://www.oracle.com/security-alerts/cpujan2024.html#AppendixPS"
}
],
"source_lang": "en-US",
"title": "Oracle PeopleSoft: Mehrere Schwachstellen",
"tracking": {
"current_release_date": "2024-01-16T23:00:00.000+00:00",
"generator": {
"date": "2024-08-15T18:03:47.267+00:00",
"engine": {
"name": "BSI-WID",
"version": "1.3.5"
}
},
"id": "WID-SEC-W-2024-0118",
"initial_release_date": "2024-01-16T23:00:00.000+00:00",
"revision_history": [
{
"date": "2024-01-16T23:00:00.000+00:00",
"number": "1",
"summary": "Initiale Fassung"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Oracle PeopleSoft 8.59",
"product": {
"name": "Oracle PeopleSoft 8.59",
"product_id": "T019905",
"product_identification_helper": {
"cpe": "cpe:/a:oracle:peoplesoft:8.59"
}
}
},
{
"category": "product_name",
"name": "Oracle PeopleSoft 8.60",
"product": {
"name": "Oracle PeopleSoft 8.60",
"product_id": "T025008",
"product_identification_helper": {
"cpe": "cpe:/a:oracle:peoplesoft:8.60"
}
}
},
{
"category": "product_name",
"name": "Oracle PeopleSoft 8.61",
"product": {
"name": "Oracle PeopleSoft 8.61",
"product_id": "T032124",
"product_identification_helper": {
"cpe": "cpe:/a:oracle:peoplesoft:8.61"
}
}
}
],
"category": "product_name",
"name": "PeopleSoft"
}
],
"category": "vendor",
"name": "Oracle"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2023-5072",
"notes": [
{
"category": "description",
"text": "In Oracle PeopleSoft existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein entfernter, anonymer oder authentisierter Angreifer die Vertraulichkeit, Integrit\u00e4t und Verf\u00fcgbarkeit gef\u00e4hrden. F\u00fcr die Ausnutzung dieser Schwachstellen ist keine Benutzerinteraktion notwendig. Oracle ver\u00f6ffentlicht keine weiteren Details zu diesen Schwachstellen (au\u00dfer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadensh\u00f6he ausschlie\u00dflich auf Basis der CVSS Impact Matrix. Der Maximalwert f\u00fcr diese Produkte ist \"HIGH\" f\u00fcr \"Confidentiality\", \"Integrity\" und \"Availability\" \u00fcber alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert \"MITTEL-HOCH\" f\u00fcr die Schadensh\u00f6he."
}
],
"product_status": {
"known_affected": [
"T032124",
"T025008",
"T019905"
]
},
"release_date": "2024-01-16T23:00:00.000+00:00",
"title": "CVE-2023-5072"
},
{
"cve": "CVE-2023-44487",
"notes": [
{
"category": "description",
"text": "In Oracle PeopleSoft existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein entfernter, anonymer oder authentisierter Angreifer die Vertraulichkeit, Integrit\u00e4t und Verf\u00fcgbarkeit gef\u00e4hrden. F\u00fcr die Ausnutzung dieser Schwachstellen ist keine Benutzerinteraktion notwendig. Oracle ver\u00f6ffentlicht keine weiteren Details zu diesen Schwachstellen (au\u00dfer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadensh\u00f6he ausschlie\u00dflich auf Basis der CVSS Impact Matrix. Der Maximalwert f\u00fcr diese Produkte ist \"HIGH\" f\u00fcr \"Confidentiality\", \"Integrity\" und \"Availability\" \u00fcber alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert \"MITTEL-HOCH\" f\u00fcr die Schadensh\u00f6he."
}
],
"product_status": {
"known_affected": [
"T032124",
"T025008",
"T019905"
]
},
"release_date": "2024-01-16T23:00:00.000+00:00",
"title": "CVE-2023-44487"
},
{
"cve": "CVE-2023-44483",
"notes": [
{
"category": "description",
"text": "In Oracle PeopleSoft existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein entfernter, anonymer oder authentisierter Angreifer die Vertraulichkeit, Integrit\u00e4t und Verf\u00fcgbarkeit gef\u00e4hrden. F\u00fcr die Ausnutzung dieser Schwachstellen ist keine Benutzerinteraktion notwendig. Oracle ver\u00f6ffentlicht keine weiteren Details zu diesen Schwachstellen (au\u00dfer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadensh\u00f6he ausschlie\u00dflich auf Basis der CVSS Impact Matrix. Der Maximalwert f\u00fcr diese Produkte ist \"HIGH\" f\u00fcr \"Confidentiality\", \"Integrity\" und \"Availability\" \u00fcber alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert \"MITTEL-HOCH\" f\u00fcr die Schadensh\u00f6he."
}
],
"product_status": {
"known_affected": [
"T032124",
"T025008",
"T019905"
]
},
"release_date": "2024-01-16T23:00:00.000+00:00",
"title": "CVE-2023-44483"
},
{
"cve": "CVE-2023-2976",
"notes": [
{
"category": "description",
"text": "In Oracle PeopleSoft existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein entfernter, anonymer oder authentisierter Angreifer die Vertraulichkeit, Integrit\u00e4t und Verf\u00fcgbarkeit gef\u00e4hrden. F\u00fcr die Ausnutzung dieser Schwachstellen ist keine Benutzerinteraktion notwendig. Oracle ver\u00f6ffentlicht keine weiteren Details zu diesen Schwachstellen (au\u00dfer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadensh\u00f6he ausschlie\u00dflich auf Basis der CVSS Impact Matrix. Der Maximalwert f\u00fcr diese Produkte ist \"HIGH\" f\u00fcr \"Confidentiality\", \"Integrity\" und \"Availability\" \u00fcber alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert \"MITTEL-HOCH\" f\u00fcr die Schadensh\u00f6he."
}
],
"product_status": {
"known_affected": [
"T032124",
"T025008",
"T019905"
]
},
"release_date": "2024-01-16T23:00:00.000+00:00",
"title": "CVE-2023-2976"
}
]
}
WID-SEC-W-2024-0121
Vulnerability from csaf_certbund - Published: 2024-01-16 23:00 - Updated: 2025-09-29 22:00| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
IBM Security Access Manager for Enterprise Single Sign-On 8.2.1
IBM / Security Access Manager for Enterprise Single Sign-On
|
cpe:/a:ibm:security_access_manager_for_enterprise_single_sign_on:8.2.1
|
8.2.1 | |
|
Dell NetWorker Runtime Environment <8.0.20
Dell / NetWorker
|
Runtime Environment <8.0.20 | ||
|
Hitachi Command Suite
Hitachi
|
cpe:/a:hitachi:command_suite:-
|
— | |
|
IBM Storage Insights
IBM
|
cpe:/a:ibm:storage_insights:-
|
— | |
|
IBM MQ <9.2.0.25
IBM / MQ
|
<9.2.0.25 | ||
|
Amazon Corretto <8.402.06.1
Amazon / Corretto
|
<8.402.06.1 | ||
|
Oracle Linux
Oracle
|
cpe:/o:oracle:linux:-
|
— | |
|
IBM WebSphere Application Server 8.5
IBM / WebSphere Application Server
|
cpe:/a:ibm:websphere_application_server:8.5
|
8.5 | |
|
IBM Rational Business Developer 9.6
IBM / Rational Business Developer
|
cpe:/a:ibm:rational_business_developer:9.6
|
9.6 | |
|
IBM WebSphere Application Server 9.0
IBM / WebSphere Application Server
|
cpe:/a:ibm:websphere_application_server:9.0
|
9 | |
|
SolarWinds Security Event Manager <2024.2
SolarWinds / Security Event Manager
|
<2024.2 | ||
|
IBM MQ <9.3.0.17
IBM / MQ
|
<9.3.0.17 | ||
|
IBM AIX 7.3
IBM / AIX
|
cpe:/o:ibm:aix:7.3
|
7.3 | |
|
IBM SAN Volume Controller
IBM
|
cpe:/a:ibm:san_volume_controller:-
|
— | |
|
Amazon Corretto 11.0.22.7.1
Amazon / Corretto
|
cpe:/a:amazon:corretto:11.0.22.7.1
|
11.0.22.7.1 | |
|
Amazon Linux 2
Amazon
|
cpe:/o:amazon:linux_2:-
|
— | |
|
IBM Rational Business Developer 9.7
IBM / Rational Business Developer
|
cpe:/a:ibm:rational_business_developer:9.7
|
9.7 | |
|
Dell NetWorker Runtime Environment (NRE) 8.0.19
Dell / NetWorker
|
cpe:/a:dell:networker:runtime_environment_8.0.19
|
Runtime Environment (NRE) 8.0.19 | |
|
Oracle Java SE 22.3.4
Oracle / Java SE
|
cpe:/a:oracle:java_se:22.3.4
|
22.3.4 | |
|
Oracle Java SE 11.0.21
Oracle / Java SE
|
cpe:/a:oracle:java_se:11.0.21
|
11.0.21 | |
|
Oracle Java SE 21.3.8
Oracle / Java SE
|
cpe:/a:oracle:java_se:21.3.8
|
21.3.8 | |
|
IBM InfoSphere Information Server
IBM / InfoSphere Information Server
|
cpe:/a:ibm:infosphere_information_server:-
|
— | |
|
IBM AIX 7.2
IBM / AIX
|
cpe:/o:ibm:aix:7.2
|
7.2 | |
|
Oracle Java SE 17.0.9
Oracle / Java SE
|
cpe:/a:oracle:java_se:17.0.9
|
17.0.9 | |
|
IBM VIOS 3.1
IBM / VIOS
|
cpe:/a:ibm:vios:3.1
|
3.1 | |
|
IBM VIOS 4.1
IBM / VIOS
|
cpe:/a:ibm:vios:4.1
|
4.1 | |
|
IBM Storage Scale 5.1.0.0-5.1.9.2
IBM / Storage Scale
|
cpe:/a:ibm:spectrum_scale:5.1.0.0_-_5.1.9.2
|
5.1.0.0-5.1.9.2 | |
|
Gentoo Linux
Gentoo
|
cpe:/o:gentoo:linux:-
|
— | |
|
IBM Java <7.1.5.21
IBM / Java
|
<7.1.5.21 | ||
|
IBM Java <8.0.8.20
IBM / Java
|
<8.0.8.20 | ||
|
Hitachi Ops Center
Hitachi
|
cpe:/a:hitachi:ops_center:-
|
— | |
|
IBM QRadar SIEM 7.5
IBM / QRadar SIEM
|
cpe:/a:ibm:qradar_siem:7.5
|
7.5 | |
|
Kyocera Printer
Kyocera
|
cpe:/h:kyocera:printer:-
|
— | |
|
IBM Storwize
IBM
|
cpe:/a:ibm:storwize:-
|
— | |
|
EMC Avamar
EMC
|
cpe:/a:emc:avamar:-
|
— | |
|
Debian Linux
Debian
|
cpe:/o:debian:debian_linux:-
|
— | |
|
SUSE Linux
SUSE
|
cpe:/o:suse:suse_linux:-
|
— | |
|
IBM InfoSphere Information Server 11.7
IBM / InfoSphere Information Server
|
cpe:/a:ibm:infosphere_information_server:11.7
|
11.7 | |
|
SUSE openSUSE
SUSE
|
cpe:/o:suse:opensuse:-
|
— | |
|
IBM Tivoli Netcool/OMNIbus
IBM / Tivoli Netcool/OMNIbus
|
cpe:/a:ibm:tivoli_netcool%2fomnibus:-
|
— | |
|
IBM Tivoli Key Lifecycle Manager
IBM
|
cpe:/a:ibm:tivoli_key_lifecycle_manager:-
|
— | |
|
IBM WebSphere Service Registry and Repository 8.5
IBM / WebSphere Service Registry and Repository
|
cpe:/a:ibm:websphere_service_registry_and_repository:8.5
|
8.5 | |
|
IBM DB2 11.5
IBM / DB2
|
cpe:/a:ibm:db2:11.5
|
11.5 | |
|
IBM TXSeries for multiplatforms_8.1
IBM / TXSeries
|
cpe:/a:ibm:txseries:for_multiplatforms_8.1
|
for multiplatforms_8.1 | |
|
IBM DB2 11.1
IBM / DB2
|
cpe:/a:ibm:db2:11.1
|
11.1 | |
|
IBM DataPower Gateway <10.5.4
IBM / DataPower Gateway
|
<10.5.4 | ||
|
IBM TXSeries for multiplatforms_8.2
IBM / TXSeries
|
cpe:/a:ibm:txseries:for_multiplatforms_8.2
|
for multiplatforms_8.2 | |
|
Oracle Java SE 21.0.1
Oracle / Java SE
|
cpe:/a:oracle:java_se:21.0.1
|
21.0.1 | |
|
IBM TXSeries for multiplatforms_9.1
IBM / TXSeries
|
cpe:/a:ibm:txseries:for_multiplatforms_9.1
|
for multiplatforms_9.1 | |
|
Oracle GraalVM Enterprise Edition 21.3.8
Oracle / GraalVM
|
cpe:/a:oracle:graalvm:21.3.8::enterprise_edition
|
Enterprise Edition 21.3.8 | |
|
IBM Security Guardium 11.3
IBM / Security Guardium
|
cpe:/a:ibm:security_guardium:11.3
|
11.3 | |
|
IBM Business Automation Workflow <23.0.2-IF003
IBM / Business Automation Workflow
|
<23.0.2-IF003 | ||
|
Red Hat Enterprise Linux
Red Hat
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
IBM DataPower Gateway <10.5.0.10
IBM / DataPower Gateway
|
<10.5.0.10 | ||
|
IBM Rational Business Developer 9.1
IBM / Rational Business Developer
|
cpe:/a:ibm:rational_business_developer:9.1
|
9.1 | |
|
IBM InfoSphere Identity Insight 10.0.0.0
IBM / InfoSphere Identity Insight
|
cpe:/a:ibm:infosphere_identity_insight:10.0.0.0
|
10.0.0.0 | |
|
IBM DataPower Gateway <10.0.1.18
IBM / DataPower Gateway
|
<10.0.1.18 | ||
|
IBM Tivoli Netcool/OMNIbus 8.1.0
IBM / Tivoli Netcool/OMNIbus
|
cpe:/a:ibm:tivoli_netcool%2fomnibus:8.1.0
|
8.1.0 | |
|
Dell NetWorker virtual
Dell / NetWorker
|
cpe:/a:dell:networker:virtual
|
virtual | |
|
Dell ECS <3.8.1.1
Dell / ECS
|
<3.8.1.1 | ||
|
Oracle GraalVM for JDK 21.0.1
Oracle / GraalVM
|
cpe:/a:oracle:graalvm:21.0.1::for_jdk
|
for JDK 21.0.1 | |
|
IBM Integration Bus <=10.1.0.3
IBM / Integration Bus
|
<=10.1.0.3 | ||
|
Oracle Java SE 8u391
Oracle / Java SE
|
cpe:/a:oracle:java_se:8u391
|
8u391 | |
|
Oracle GraalVM for JDK 17.0.9
Oracle / GraalVM
|
cpe:/a:oracle:graalvm:17.0.9::for_jdk
|
for JDK 17.0.9 | |
|
Oracle GraalVM Enterprise Edition 20.3.12
Oracle / GraalVM
|
cpe:/a:oracle:graalvm:20.3.12::enterprise_edition
|
Enterprise Edition 20.3.12 | |
|
IBM App Connect Enterprise <12.0.11.2
IBM / App Connect Enterprise
|
<12.0.11.2 | ||
|
IBM Tivoli Monitoring for Virtual Environments Base <7.3.7
IBM / Tivoli Monitoring
|
for Virtual Environments Base <7.3.7 | ||
|
Hitachi Configuration Manager
Hitachi
|
cpe:/a:hitachi:configuration_manager:-
|
— | |
|
IBM FlashSystem
IBM
|
cpe:/a:ibm:flashsystem:-
|
— | |
|
HCL BigFix Compliance <2.0.11
HCL / BigFix
|
Compliance <2.0.11 | ||
|
IBM Tivoli Monitoring 6.3.0.7
IBM / Tivoli Monitoring
|
cpe:/a:ibm:tivoli_monitoring:6.3.0.7
|
6.3.0.7 | |
|
IBM MQ
IBM / MQ
|
cpe:/a:ibm:mq:-
|
— | |
|
IBM Power Hardware Management Console v10
IBM / Power Hardware Management Console
|
cpe:/a:ibm:hardware_management_console:v10
|
v10 | |
|
IBM MQ <9.3.5.1
IBM / MQ
|
<9.3.5.1 | ||
|
Amazon Corretto <8.402.08.1
Amazon / Corretto
|
<8.402.08.1 | ||
|
IBM Tivoli Network Manager <4.2.0.19
IBM / Tivoli Network Manager
|
<4.2.0.19 | ||
|
IBM Tivoli Netcool/OMNIbus <8.1.0.32
IBM / Tivoli Netcool/OMNIbus
|
<8.1.0.32 | ||
|
IBM MQ <9.1.0.21
IBM / MQ
|
<9.1.0.21 | ||
|
IBM MQ <9.0.0.24
IBM / MQ
|
<9.0.0.24 | ||
|
IBM DB2 10.5
IBM / DB2
|
cpe:/a:ibm:db2:10.5
|
10.5 | |
|
IBM Security Guardium 10.6
IBM / Security Guardium
|
cpe:/a:ibm:security_guardium:10.6
|
10.6 | |
|
IBM App Connect Enterprise <=11.0.0.24
IBM / App Connect Enterprise
|
<=11.0.0.24 | ||
|
IBM App Connect Enterprise
IBM / App Connect Enterprise
|
cpe:/a:ibm:app_connect_enterprise:-
|
— | |
|
Ubuntu Linux
Ubuntu
|
cpe:/o:canonical:ubuntu_linux:-
|
— | |
|
Amazon Corretto <8.442.06.1
Amazon / Corretto
|
<8.442.06.1 | ||
|
Amazon Corretto <11.0.26.4.1
Amazon / Corretto
|
<11.0.26.4.1 | ||
|
IBM Security Access Manager for Enterprise Single Sign-On 8.2.2
IBM / Security Access Manager for Enterprise Single Sign-On
|
cpe:/a:ibm:security_access_manager_for_enterprise_single_sign_on:8.2.2
|
8.2.2 | |
|
Broadcom Brocade SANnav
Broadcom
|
cpe:/a:broadcom:brocade_sannav:-
|
— | |
|
IBM Business Automation Workflow <21.0.3-IF031
IBM / Business Automation Workflow
|
<21.0.3-IF031 | ||
|
Open Source CentOS
Open Source
|
cpe:/o:centos:centos:-
|
— |
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
IBM Security Access Manager for Enterprise Single Sign-On 8.2.1
IBM / Security Access Manager for Enterprise Single Sign-On
|
cpe:/a:ibm:security_access_manager_for_enterprise_single_sign_on:8.2.1
|
8.2.1 | |
|
Dell NetWorker Runtime Environment <8.0.20
Dell / NetWorker
|
Runtime Environment <8.0.20 | ||
|
Hitachi Command Suite
Hitachi
|
cpe:/a:hitachi:command_suite:-
|
— | |
|
IBM Storage Insights
IBM
|
cpe:/a:ibm:storage_insights:-
|
— | |
|
IBM MQ <9.2.0.25
IBM / MQ
|
<9.2.0.25 | ||
|
Amazon Corretto <8.402.06.1
Amazon / Corretto
|
<8.402.06.1 | ||
|
Oracle Linux
Oracle
|
cpe:/o:oracle:linux:-
|
— | |
|
IBM WebSphere Application Server 8.5
IBM / WebSphere Application Server
|
cpe:/a:ibm:websphere_application_server:8.5
|
8.5 | |
|
IBM Rational Business Developer 9.6
IBM / Rational Business Developer
|
cpe:/a:ibm:rational_business_developer:9.6
|
9.6 | |
|
IBM WebSphere Application Server 9.0
IBM / WebSphere Application Server
|
cpe:/a:ibm:websphere_application_server:9.0
|
9 | |
|
SolarWinds Security Event Manager <2024.2
SolarWinds / Security Event Manager
|
<2024.2 | ||
|
IBM MQ <9.3.0.17
IBM / MQ
|
<9.3.0.17 | ||
|
IBM AIX 7.3
IBM / AIX
|
cpe:/o:ibm:aix:7.3
|
7.3 | |
|
IBM SAN Volume Controller
IBM
|
cpe:/a:ibm:san_volume_controller:-
|
— | |
|
Amazon Corretto 11.0.22.7.1
Amazon / Corretto
|
cpe:/a:amazon:corretto:11.0.22.7.1
|
11.0.22.7.1 | |
|
Amazon Linux 2
Amazon
|
cpe:/o:amazon:linux_2:-
|
— | |
|
IBM Rational Business Developer 9.7
IBM / Rational Business Developer
|
cpe:/a:ibm:rational_business_developer:9.7
|
9.7 | |
|
Dell NetWorker Runtime Environment (NRE) 8.0.19
Dell / NetWorker
|
cpe:/a:dell:networker:runtime_environment_8.0.19
|
Runtime Environment (NRE) 8.0.19 | |
|
Oracle Java SE 22.3.4
Oracle / Java SE
|
cpe:/a:oracle:java_se:22.3.4
|
22.3.4 | |
|
Oracle Java SE 11.0.21
Oracle / Java SE
|
cpe:/a:oracle:java_se:11.0.21
|
11.0.21 | |
|
Oracle Java SE 21.3.8
Oracle / Java SE
|
cpe:/a:oracle:java_se:21.3.8
|
21.3.8 | |
|
IBM InfoSphere Information Server
IBM / InfoSphere Information Server
|
cpe:/a:ibm:infosphere_information_server:-
|
— | |
|
IBM AIX 7.2
IBM / AIX
|
cpe:/o:ibm:aix:7.2
|
7.2 | |
|
Oracle Java SE 17.0.9
Oracle / Java SE
|
cpe:/a:oracle:java_se:17.0.9
|
17.0.9 | |
|
IBM VIOS 3.1
IBM / VIOS
|
cpe:/a:ibm:vios:3.1
|
3.1 | |
|
IBM VIOS 4.1
IBM / VIOS
|
cpe:/a:ibm:vios:4.1
|
4.1 | |
|
IBM Storage Scale 5.1.0.0-5.1.9.2
IBM / Storage Scale
|
cpe:/a:ibm:spectrum_scale:5.1.0.0_-_5.1.9.2
|
5.1.0.0-5.1.9.2 | |
|
Gentoo Linux
Gentoo
|
cpe:/o:gentoo:linux:-
|
— | |
|
IBM Java <7.1.5.21
IBM / Java
|
<7.1.5.21 | ||
|
IBM Java <8.0.8.20
IBM / Java
|
<8.0.8.20 | ||
|
Hitachi Ops Center
Hitachi
|
cpe:/a:hitachi:ops_center:-
|
— | |
|
IBM QRadar SIEM 7.5
IBM / QRadar SIEM
|
cpe:/a:ibm:qradar_siem:7.5
|
7.5 | |
|
Kyocera Printer
Kyocera
|
cpe:/h:kyocera:printer:-
|
— | |
|
IBM Storwize
IBM
|
cpe:/a:ibm:storwize:-
|
— | |
|
EMC Avamar
EMC
|
cpe:/a:emc:avamar:-
|
— | |
|
Debian Linux
Debian
|
cpe:/o:debian:debian_linux:-
|
— | |
|
SUSE Linux
SUSE
|
cpe:/o:suse:suse_linux:-
|
— | |
|
IBM InfoSphere Information Server 11.7
IBM / InfoSphere Information Server
|
cpe:/a:ibm:infosphere_information_server:11.7
|
11.7 | |
|
SUSE openSUSE
SUSE
|
cpe:/o:suse:opensuse:-
|
— | |
|
IBM Tivoli Netcool/OMNIbus
IBM / Tivoli Netcool/OMNIbus
|
cpe:/a:ibm:tivoli_netcool%2fomnibus:-
|
— | |
|
IBM Tivoli Key Lifecycle Manager
IBM
|
cpe:/a:ibm:tivoli_key_lifecycle_manager:-
|
— | |
|
IBM WebSphere Service Registry and Repository 8.5
IBM / WebSphere Service Registry and Repository
|
cpe:/a:ibm:websphere_service_registry_and_repository:8.5
|
8.5 | |
|
IBM DB2 11.5
IBM / DB2
|
cpe:/a:ibm:db2:11.5
|
11.5 | |
|
IBM TXSeries for multiplatforms_8.1
IBM / TXSeries
|
cpe:/a:ibm:txseries:for_multiplatforms_8.1
|
for multiplatforms_8.1 | |
|
IBM DB2 11.1
IBM / DB2
|
cpe:/a:ibm:db2:11.1
|
11.1 | |
|
IBM DataPower Gateway <10.5.4
IBM / DataPower Gateway
|
<10.5.4 | ||
|
IBM TXSeries for multiplatforms_8.2
IBM / TXSeries
|
cpe:/a:ibm:txseries:for_multiplatforms_8.2
|
for multiplatforms_8.2 | |
|
Oracle Java SE 21.0.1
Oracle / Java SE
|
cpe:/a:oracle:java_se:21.0.1
|
21.0.1 | |
|
IBM TXSeries for multiplatforms_9.1
IBM / TXSeries
|
cpe:/a:ibm:txseries:for_multiplatforms_9.1
|
for multiplatforms_9.1 | |
|
Oracle GraalVM Enterprise Edition 21.3.8
Oracle / GraalVM
|
cpe:/a:oracle:graalvm:21.3.8::enterprise_edition
|
Enterprise Edition 21.3.8 | |
|
IBM Security Guardium 11.3
IBM / Security Guardium
|
cpe:/a:ibm:security_guardium:11.3
|
11.3 | |
|
IBM Business Automation Workflow <23.0.2-IF003
IBM / Business Automation Workflow
|
<23.0.2-IF003 | ||
|
Red Hat Enterprise Linux
Red Hat
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
IBM DataPower Gateway <10.5.0.10
IBM / DataPower Gateway
|
<10.5.0.10 | ||
|
IBM Rational Business Developer 9.1
IBM / Rational Business Developer
|
cpe:/a:ibm:rational_business_developer:9.1
|
9.1 | |
|
IBM InfoSphere Identity Insight 10.0.0.0
IBM / InfoSphere Identity Insight
|
cpe:/a:ibm:infosphere_identity_insight:10.0.0.0
|
10.0.0.0 | |
|
IBM DataPower Gateway <10.0.1.18
IBM / DataPower Gateway
|
<10.0.1.18 | ||
|
IBM Tivoli Netcool/OMNIbus 8.1.0
IBM / Tivoli Netcool/OMNIbus
|
cpe:/a:ibm:tivoli_netcool%2fomnibus:8.1.0
|
8.1.0 | |
|
Dell NetWorker virtual
Dell / NetWorker
|
cpe:/a:dell:networker:virtual
|
virtual | |
|
Dell ECS <3.8.1.1
Dell / ECS
|
<3.8.1.1 | ||
|
Oracle GraalVM for JDK 21.0.1
Oracle / GraalVM
|
cpe:/a:oracle:graalvm:21.0.1::for_jdk
|
for JDK 21.0.1 | |
|
IBM Integration Bus <=10.1.0.3
IBM / Integration Bus
|
<=10.1.0.3 | ||
|
Oracle Java SE 8u391
Oracle / Java SE
|
cpe:/a:oracle:java_se:8u391
|
8u391 | |
|
Oracle GraalVM for JDK 17.0.9
Oracle / GraalVM
|
cpe:/a:oracle:graalvm:17.0.9::for_jdk
|
for JDK 17.0.9 | |
|
Oracle GraalVM Enterprise Edition 20.3.12
Oracle / GraalVM
|
cpe:/a:oracle:graalvm:20.3.12::enterprise_edition
|
Enterprise Edition 20.3.12 | |
|
IBM App Connect Enterprise <12.0.11.2
IBM / App Connect Enterprise
|
<12.0.11.2 | ||
|
IBM Tivoli Monitoring for Virtual Environments Base <7.3.7
IBM / Tivoli Monitoring
|
for Virtual Environments Base <7.3.7 | ||
|
Hitachi Configuration Manager
Hitachi
|
cpe:/a:hitachi:configuration_manager:-
|
— | |
|
IBM FlashSystem
IBM
|
cpe:/a:ibm:flashsystem:-
|
— | |
|
HCL BigFix Compliance <2.0.11
HCL / BigFix
|
Compliance <2.0.11 | ||
|
IBM Tivoli Monitoring 6.3.0.7
IBM / Tivoli Monitoring
|
cpe:/a:ibm:tivoli_monitoring:6.3.0.7
|
6.3.0.7 | |
|
IBM MQ
IBM / MQ
|
cpe:/a:ibm:mq:-
|
— | |
|
IBM Power Hardware Management Console v10
IBM / Power Hardware Management Console
|
cpe:/a:ibm:hardware_management_console:v10
|
v10 | |
|
IBM MQ <9.3.5.1
IBM / MQ
|
<9.3.5.1 | ||
|
Amazon Corretto <8.402.08.1
Amazon / Corretto
|
<8.402.08.1 | ||
|
IBM Tivoli Network Manager <4.2.0.19
IBM / Tivoli Network Manager
|
<4.2.0.19 | ||
|
IBM Tivoli Netcool/OMNIbus <8.1.0.32
IBM / Tivoli Netcool/OMNIbus
|
<8.1.0.32 | ||
|
IBM MQ <9.1.0.21
IBM / MQ
|
<9.1.0.21 | ||
|
IBM MQ <9.0.0.24
IBM / MQ
|
<9.0.0.24 | ||
|
IBM DB2 10.5
IBM / DB2
|
cpe:/a:ibm:db2:10.5
|
10.5 | |
|
IBM Security Guardium 10.6
IBM / Security Guardium
|
cpe:/a:ibm:security_guardium:10.6
|
10.6 | |
|
IBM App Connect Enterprise <=11.0.0.24
IBM / App Connect Enterprise
|
<=11.0.0.24 | ||
|
IBM App Connect Enterprise
IBM / App Connect Enterprise
|
cpe:/a:ibm:app_connect_enterprise:-
|
— | |
|
Ubuntu Linux
Ubuntu
|
cpe:/o:canonical:ubuntu_linux:-
|
— | |
|
Amazon Corretto <8.442.06.1
Amazon / Corretto
|
<8.442.06.1 | ||
|
Amazon Corretto <11.0.26.4.1
Amazon / Corretto
|
<11.0.26.4.1 | ||
|
IBM Security Access Manager for Enterprise Single Sign-On 8.2.2
IBM / Security Access Manager for Enterprise Single Sign-On
|
cpe:/a:ibm:security_access_manager_for_enterprise_single_sign_on:8.2.2
|
8.2.2 | |
|
Broadcom Brocade SANnav
Broadcom
|
cpe:/a:broadcom:brocade_sannav:-
|
— | |
|
IBM Business Automation Workflow <21.0.3-IF031
IBM / Business Automation Workflow
|
<21.0.3-IF031 | ||
|
Open Source CentOS
Open Source
|
cpe:/o:centos:centos:-
|
— |
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
IBM Security Access Manager for Enterprise Single Sign-On 8.2.1
IBM / Security Access Manager for Enterprise Single Sign-On
|
cpe:/a:ibm:security_access_manager_for_enterprise_single_sign_on:8.2.1
|
8.2.1 | |
|
Dell NetWorker Runtime Environment <8.0.20
Dell / NetWorker
|
Runtime Environment <8.0.20 | ||
|
Hitachi Command Suite
Hitachi
|
cpe:/a:hitachi:command_suite:-
|
— | |
|
IBM Storage Insights
IBM
|
cpe:/a:ibm:storage_insights:-
|
— | |
|
IBM MQ <9.2.0.25
IBM / MQ
|
<9.2.0.25 | ||
|
Amazon Corretto <8.402.06.1
Amazon / Corretto
|
<8.402.06.1 | ||
|
Oracle Linux
Oracle
|
cpe:/o:oracle:linux:-
|
— | |
|
IBM WebSphere Application Server 8.5
IBM / WebSphere Application Server
|
cpe:/a:ibm:websphere_application_server:8.5
|
8.5 | |
|
IBM Rational Business Developer 9.6
IBM / Rational Business Developer
|
cpe:/a:ibm:rational_business_developer:9.6
|
9.6 | |
|
IBM WebSphere Application Server 9.0
IBM / WebSphere Application Server
|
cpe:/a:ibm:websphere_application_server:9.0
|
9 | |
|
SolarWinds Security Event Manager <2024.2
SolarWinds / Security Event Manager
|
<2024.2 | ||
|
IBM MQ <9.3.0.17
IBM / MQ
|
<9.3.0.17 | ||
|
IBM AIX 7.3
IBM / AIX
|
cpe:/o:ibm:aix:7.3
|
7.3 | |
|
IBM SAN Volume Controller
IBM
|
cpe:/a:ibm:san_volume_controller:-
|
— | |
|
Amazon Corretto 11.0.22.7.1
Amazon / Corretto
|
cpe:/a:amazon:corretto:11.0.22.7.1
|
11.0.22.7.1 | |
|
Amazon Linux 2
Amazon
|
cpe:/o:amazon:linux_2:-
|
— | |
|
IBM Rational Business Developer 9.7
IBM / Rational Business Developer
|
cpe:/a:ibm:rational_business_developer:9.7
|
9.7 | |
|
Dell NetWorker Runtime Environment (NRE) 8.0.19
Dell / NetWorker
|
cpe:/a:dell:networker:runtime_environment_8.0.19
|
Runtime Environment (NRE) 8.0.19 | |
|
Oracle Java SE 22.3.4
Oracle / Java SE
|
cpe:/a:oracle:java_se:22.3.4
|
22.3.4 | |
|
Oracle Java SE 11.0.21
Oracle / Java SE
|
cpe:/a:oracle:java_se:11.0.21
|
11.0.21 | |
|
Oracle Java SE 21.3.8
Oracle / Java SE
|
cpe:/a:oracle:java_se:21.3.8
|
21.3.8 | |
|
IBM InfoSphere Information Server
IBM / InfoSphere Information Server
|
cpe:/a:ibm:infosphere_information_server:-
|
— | |
|
IBM AIX 7.2
IBM / AIX
|
cpe:/o:ibm:aix:7.2
|
7.2 | |
|
Oracle Java SE 17.0.9
Oracle / Java SE
|
cpe:/a:oracle:java_se:17.0.9
|
17.0.9 | |
|
IBM VIOS 3.1
IBM / VIOS
|
cpe:/a:ibm:vios:3.1
|
3.1 | |
|
IBM VIOS 4.1
IBM / VIOS
|
cpe:/a:ibm:vios:4.1
|
4.1 | |
|
IBM Storage Scale 5.1.0.0-5.1.9.2
IBM / Storage Scale
|
cpe:/a:ibm:spectrum_scale:5.1.0.0_-_5.1.9.2
|
5.1.0.0-5.1.9.2 | |
|
Gentoo Linux
Gentoo
|
cpe:/o:gentoo:linux:-
|
— | |
|
IBM Java <7.1.5.21
IBM / Java
|
<7.1.5.21 | ||
|
IBM Java <8.0.8.20
IBM / Java
|
<8.0.8.20 | ||
|
Hitachi Ops Center
Hitachi
|
cpe:/a:hitachi:ops_center:-
|
— | |
|
IBM QRadar SIEM 7.5
IBM / QRadar SIEM
|
cpe:/a:ibm:qradar_siem:7.5
|
7.5 | |
|
Kyocera Printer
Kyocera
|
cpe:/h:kyocera:printer:-
|
— | |
|
IBM Storwize
IBM
|
cpe:/a:ibm:storwize:-
|
— | |
|
EMC Avamar
EMC
|
cpe:/a:emc:avamar:-
|
— | |
|
Debian Linux
Debian
|
cpe:/o:debian:debian_linux:-
|
— | |
|
SUSE Linux
SUSE
|
cpe:/o:suse:suse_linux:-
|
— | |
|
IBM InfoSphere Information Server 11.7
IBM / InfoSphere Information Server
|
cpe:/a:ibm:infosphere_information_server:11.7
|
11.7 | |
|
SUSE openSUSE
SUSE
|
cpe:/o:suse:opensuse:-
|
— | |
|
IBM Tivoli Netcool/OMNIbus
IBM / Tivoli Netcool/OMNIbus
|
cpe:/a:ibm:tivoli_netcool%2fomnibus:-
|
— | |
|
IBM Tivoli Key Lifecycle Manager
IBM
|
cpe:/a:ibm:tivoli_key_lifecycle_manager:-
|
— | |
|
IBM WebSphere Service Registry and Repository 8.5
IBM / WebSphere Service Registry and Repository
|
cpe:/a:ibm:websphere_service_registry_and_repository:8.5
|
8.5 | |
|
IBM DB2 11.5
IBM / DB2
|
cpe:/a:ibm:db2:11.5
|
11.5 | |
|
IBM TXSeries for multiplatforms_8.1
IBM / TXSeries
|
cpe:/a:ibm:txseries:for_multiplatforms_8.1
|
for multiplatforms_8.1 | |
|
IBM DB2 11.1
IBM / DB2
|
cpe:/a:ibm:db2:11.1
|
11.1 | |
|
IBM DataPower Gateway <10.5.4
IBM / DataPower Gateway
|
<10.5.4 | ||
|
IBM TXSeries for multiplatforms_8.2
IBM / TXSeries
|
cpe:/a:ibm:txseries:for_multiplatforms_8.2
|
for multiplatforms_8.2 | |
|
Oracle Java SE 21.0.1
Oracle / Java SE
|
cpe:/a:oracle:java_se:21.0.1
|
21.0.1 | |
|
IBM TXSeries for multiplatforms_9.1
IBM / TXSeries
|
cpe:/a:ibm:txseries:for_multiplatforms_9.1
|
for multiplatforms_9.1 | |
|
Oracle GraalVM Enterprise Edition 21.3.8
Oracle / GraalVM
|
cpe:/a:oracle:graalvm:21.3.8::enterprise_edition
|
Enterprise Edition 21.3.8 | |
|
IBM Security Guardium 11.3
IBM / Security Guardium
|
cpe:/a:ibm:security_guardium:11.3
|
11.3 | |
|
IBM Business Automation Workflow <23.0.2-IF003
IBM / Business Automation Workflow
|
<23.0.2-IF003 | ||
|
Red Hat Enterprise Linux
Red Hat
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
IBM DataPower Gateway <10.5.0.10
IBM / DataPower Gateway
|
<10.5.0.10 | ||
|
IBM Rational Business Developer 9.1
IBM / Rational Business Developer
|
cpe:/a:ibm:rational_business_developer:9.1
|
9.1 | |
|
IBM InfoSphere Identity Insight 10.0.0.0
IBM / InfoSphere Identity Insight
|
cpe:/a:ibm:infosphere_identity_insight:10.0.0.0
|
10.0.0.0 | |
|
IBM DataPower Gateway <10.0.1.18
IBM / DataPower Gateway
|
<10.0.1.18 | ||
|
IBM Tivoli Netcool/OMNIbus 8.1.0
IBM / Tivoli Netcool/OMNIbus
|
cpe:/a:ibm:tivoli_netcool%2fomnibus:8.1.0
|
8.1.0 | |
|
Dell NetWorker virtual
Dell / NetWorker
|
cpe:/a:dell:networker:virtual
|
virtual | |
|
Dell ECS <3.8.1.1
Dell / ECS
|
<3.8.1.1 | ||
|
Oracle GraalVM for JDK 21.0.1
Oracle / GraalVM
|
cpe:/a:oracle:graalvm:21.0.1::for_jdk
|
for JDK 21.0.1 | |
|
IBM Integration Bus <=10.1.0.3
IBM / Integration Bus
|
<=10.1.0.3 | ||
|
Oracle Java SE 8u391
Oracle / Java SE
|
cpe:/a:oracle:java_se:8u391
|
8u391 | |
|
Oracle GraalVM for JDK 17.0.9
Oracle / GraalVM
|
cpe:/a:oracle:graalvm:17.0.9::for_jdk
|
for JDK 17.0.9 | |
|
Oracle GraalVM Enterprise Edition 20.3.12
Oracle / GraalVM
|
cpe:/a:oracle:graalvm:20.3.12::enterprise_edition
|
Enterprise Edition 20.3.12 | |
|
IBM App Connect Enterprise <12.0.11.2
IBM / App Connect Enterprise
|
<12.0.11.2 | ||
|
IBM Tivoli Monitoring for Virtual Environments Base <7.3.7
IBM / Tivoli Monitoring
|
for Virtual Environments Base <7.3.7 | ||
|
Hitachi Configuration Manager
Hitachi
|
cpe:/a:hitachi:configuration_manager:-
|
— | |
|
IBM FlashSystem
IBM
|
cpe:/a:ibm:flashsystem:-
|
— | |
|
HCL BigFix Compliance <2.0.11
HCL / BigFix
|
Compliance <2.0.11 | ||
|
IBM Tivoli Monitoring 6.3.0.7
IBM / Tivoli Monitoring
|
cpe:/a:ibm:tivoli_monitoring:6.3.0.7
|
6.3.0.7 | |
|
IBM MQ
IBM / MQ
|
cpe:/a:ibm:mq:-
|
— | |
|
IBM Power Hardware Management Console v10
IBM / Power Hardware Management Console
|
cpe:/a:ibm:hardware_management_console:v10
|
v10 | |
|
IBM MQ <9.3.5.1
IBM / MQ
|
<9.3.5.1 | ||
|
Amazon Corretto <8.402.08.1
Amazon / Corretto
|
<8.402.08.1 | ||
|
IBM Tivoli Network Manager <4.2.0.19
IBM / Tivoli Network Manager
|
<4.2.0.19 | ||
|
IBM Tivoli Netcool/OMNIbus <8.1.0.32
IBM / Tivoli Netcool/OMNIbus
|
<8.1.0.32 | ||
|
IBM MQ <9.1.0.21
IBM / MQ
|
<9.1.0.21 | ||
|
IBM MQ <9.0.0.24
IBM / MQ
|
<9.0.0.24 | ||
|
IBM DB2 10.5
IBM / DB2
|
cpe:/a:ibm:db2:10.5
|
10.5 | |
|
IBM Security Guardium 10.6
IBM / Security Guardium
|
cpe:/a:ibm:security_guardium:10.6
|
10.6 | |
|
IBM App Connect Enterprise <=11.0.0.24
IBM / App Connect Enterprise
|
<=11.0.0.24 | ||
|
IBM App Connect Enterprise
IBM / App Connect Enterprise
|
cpe:/a:ibm:app_connect_enterprise:-
|
— | |
|
Ubuntu Linux
Ubuntu
|
cpe:/o:canonical:ubuntu_linux:-
|
— | |
|
Amazon Corretto <8.442.06.1
Amazon / Corretto
|
<8.442.06.1 | ||
|
Amazon Corretto <11.0.26.4.1
Amazon / Corretto
|
<11.0.26.4.1 | ||
|
IBM Security Access Manager for Enterprise Single Sign-On 8.2.2
IBM / Security Access Manager for Enterprise Single Sign-On
|
cpe:/a:ibm:security_access_manager_for_enterprise_single_sign_on:8.2.2
|
8.2.2 | |
|
Broadcom Brocade SANnav
Broadcom
|
cpe:/a:broadcom:brocade_sannav:-
|
— | |
|
IBM Business Automation Workflow <21.0.3-IF031
IBM / Business Automation Workflow
|
<21.0.3-IF031 | ||
|
Open Source CentOS
Open Source
|
cpe:/o:centos:centos:-
|
— |
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
IBM Security Access Manager for Enterprise Single Sign-On 8.2.1
IBM / Security Access Manager for Enterprise Single Sign-On
|
cpe:/a:ibm:security_access_manager_for_enterprise_single_sign_on:8.2.1
|
8.2.1 | |
|
Dell NetWorker Runtime Environment <8.0.20
Dell / NetWorker
|
Runtime Environment <8.0.20 | ||
|
Hitachi Command Suite
Hitachi
|
cpe:/a:hitachi:command_suite:-
|
— | |
|
IBM Storage Insights
IBM
|
cpe:/a:ibm:storage_insights:-
|
— | |
|
IBM MQ <9.2.0.25
IBM / MQ
|
<9.2.0.25 | ||
|
Amazon Corretto <8.402.06.1
Amazon / Corretto
|
<8.402.06.1 | ||
|
Oracle Linux
Oracle
|
cpe:/o:oracle:linux:-
|
— | |
|
IBM WebSphere Application Server 8.5
IBM / WebSphere Application Server
|
cpe:/a:ibm:websphere_application_server:8.5
|
8.5 | |
|
IBM Rational Business Developer 9.6
IBM / Rational Business Developer
|
cpe:/a:ibm:rational_business_developer:9.6
|
9.6 | |
|
IBM WebSphere Application Server 9.0
IBM / WebSphere Application Server
|
cpe:/a:ibm:websphere_application_server:9.0
|
9 | |
|
SolarWinds Security Event Manager <2024.2
SolarWinds / Security Event Manager
|
<2024.2 | ||
|
IBM MQ <9.3.0.17
IBM / MQ
|
<9.3.0.17 | ||
|
IBM AIX 7.3
IBM / AIX
|
cpe:/o:ibm:aix:7.3
|
7.3 | |
|
IBM SAN Volume Controller
IBM
|
cpe:/a:ibm:san_volume_controller:-
|
— | |
|
Amazon Corretto 11.0.22.7.1
Amazon / Corretto
|
cpe:/a:amazon:corretto:11.0.22.7.1
|
11.0.22.7.1 | |
|
Amazon Linux 2
Amazon
|
cpe:/o:amazon:linux_2:-
|
— | |
|
IBM Rational Business Developer 9.7
IBM / Rational Business Developer
|
cpe:/a:ibm:rational_business_developer:9.7
|
9.7 | |
|
Dell NetWorker Runtime Environment (NRE) 8.0.19
Dell / NetWorker
|
cpe:/a:dell:networker:runtime_environment_8.0.19
|
Runtime Environment (NRE) 8.0.19 | |
|
Oracle Java SE 22.3.4
Oracle / Java SE
|
cpe:/a:oracle:java_se:22.3.4
|
22.3.4 | |
|
Oracle Java SE 11.0.21
Oracle / Java SE
|
cpe:/a:oracle:java_se:11.0.21
|
11.0.21 | |
|
Oracle Java SE 21.3.8
Oracle / Java SE
|
cpe:/a:oracle:java_se:21.3.8
|
21.3.8 | |
|
IBM InfoSphere Information Server
IBM / InfoSphere Information Server
|
cpe:/a:ibm:infosphere_information_server:-
|
— | |
|
IBM AIX 7.2
IBM / AIX
|
cpe:/o:ibm:aix:7.2
|
7.2 | |
|
Oracle Java SE 17.0.9
Oracle / Java SE
|
cpe:/a:oracle:java_se:17.0.9
|
17.0.9 | |
|
IBM VIOS 3.1
IBM / VIOS
|
cpe:/a:ibm:vios:3.1
|
3.1 | |
|
IBM VIOS 4.1
IBM / VIOS
|
cpe:/a:ibm:vios:4.1
|
4.1 | |
|
IBM Storage Scale 5.1.0.0-5.1.9.2
IBM / Storage Scale
|
cpe:/a:ibm:spectrum_scale:5.1.0.0_-_5.1.9.2
|
5.1.0.0-5.1.9.2 | |
|
Gentoo Linux
Gentoo
|
cpe:/o:gentoo:linux:-
|
— | |
|
IBM Java <7.1.5.21
IBM / Java
|
<7.1.5.21 | ||
|
IBM Java <8.0.8.20
IBM / Java
|
<8.0.8.20 | ||
|
Hitachi Ops Center
Hitachi
|
cpe:/a:hitachi:ops_center:-
|
— | |
|
IBM QRadar SIEM 7.5
IBM / QRadar SIEM
|
cpe:/a:ibm:qradar_siem:7.5
|
7.5 | |
|
Kyocera Printer
Kyocera
|
cpe:/h:kyocera:printer:-
|
— | |
|
IBM Storwize
IBM
|
cpe:/a:ibm:storwize:-
|
— | |
|
EMC Avamar
EMC
|
cpe:/a:emc:avamar:-
|
— | |
|
Debian Linux
Debian
|
cpe:/o:debian:debian_linux:-
|
— | |
|
SUSE Linux
SUSE
|
cpe:/o:suse:suse_linux:-
|
— | |
|
IBM InfoSphere Information Server 11.7
IBM / InfoSphere Information Server
|
cpe:/a:ibm:infosphere_information_server:11.7
|
11.7 | |
|
SUSE openSUSE
SUSE
|
cpe:/o:suse:opensuse:-
|
— | |
|
IBM Tivoli Netcool/OMNIbus
IBM / Tivoli Netcool/OMNIbus
|
cpe:/a:ibm:tivoli_netcool%2fomnibus:-
|
— | |
|
IBM Tivoli Key Lifecycle Manager
IBM
|
cpe:/a:ibm:tivoli_key_lifecycle_manager:-
|
— | |
|
IBM WebSphere Service Registry and Repository 8.5
IBM / WebSphere Service Registry and Repository
|
cpe:/a:ibm:websphere_service_registry_and_repository:8.5
|
8.5 | |
|
IBM DB2 11.5
IBM / DB2
|
cpe:/a:ibm:db2:11.5
|
11.5 | |
|
IBM TXSeries for multiplatforms_8.1
IBM / TXSeries
|
cpe:/a:ibm:txseries:for_multiplatforms_8.1
|
for multiplatforms_8.1 | |
|
IBM DB2 11.1
IBM / DB2
|
cpe:/a:ibm:db2:11.1
|
11.1 | |
|
IBM DataPower Gateway <10.5.4
IBM / DataPower Gateway
|
<10.5.4 | ||
|
IBM TXSeries for multiplatforms_8.2
IBM / TXSeries
|
cpe:/a:ibm:txseries:for_multiplatforms_8.2
|
for multiplatforms_8.2 | |
|
Oracle Java SE 21.0.1
Oracle / Java SE
|
cpe:/a:oracle:java_se:21.0.1
|
21.0.1 | |
|
IBM TXSeries for multiplatforms_9.1
IBM / TXSeries
|
cpe:/a:ibm:txseries:for_multiplatforms_9.1
|
for multiplatforms_9.1 | |
|
Oracle GraalVM Enterprise Edition 21.3.8
Oracle / GraalVM
|
cpe:/a:oracle:graalvm:21.3.8::enterprise_edition
|
Enterprise Edition 21.3.8 | |
|
IBM Security Guardium 11.3
IBM / Security Guardium
|
cpe:/a:ibm:security_guardium:11.3
|
11.3 | |
|
IBM Business Automation Workflow <23.0.2-IF003
IBM / Business Automation Workflow
|
<23.0.2-IF003 | ||
|
Red Hat Enterprise Linux
Red Hat
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
IBM DataPower Gateway <10.5.0.10
IBM / DataPower Gateway
|
<10.5.0.10 | ||
|
IBM Rational Business Developer 9.1
IBM / Rational Business Developer
|
cpe:/a:ibm:rational_business_developer:9.1
|
9.1 | |
|
IBM InfoSphere Identity Insight 10.0.0.0
IBM / InfoSphere Identity Insight
|
cpe:/a:ibm:infosphere_identity_insight:10.0.0.0
|
10.0.0.0 | |
|
IBM DataPower Gateway <10.0.1.18
IBM / DataPower Gateway
|
<10.0.1.18 | ||
|
IBM Tivoli Netcool/OMNIbus 8.1.0
IBM / Tivoli Netcool/OMNIbus
|
cpe:/a:ibm:tivoli_netcool%2fomnibus:8.1.0
|
8.1.0 | |
|
Dell NetWorker virtual
Dell / NetWorker
|
cpe:/a:dell:networker:virtual
|
virtual | |
|
Dell ECS <3.8.1.1
Dell / ECS
|
<3.8.1.1 | ||
|
Oracle GraalVM for JDK 21.0.1
Oracle / GraalVM
|
cpe:/a:oracle:graalvm:21.0.1::for_jdk
|
for JDK 21.0.1 | |
|
IBM Integration Bus <=10.1.0.3
IBM / Integration Bus
|
<=10.1.0.3 | ||
|
Oracle Java SE 8u391
Oracle / Java SE
|
cpe:/a:oracle:java_se:8u391
|
8u391 | |
|
Oracle GraalVM for JDK 17.0.9
Oracle / GraalVM
|
cpe:/a:oracle:graalvm:17.0.9::for_jdk
|
for JDK 17.0.9 | |
|
Oracle GraalVM Enterprise Edition 20.3.12
Oracle / GraalVM
|
cpe:/a:oracle:graalvm:20.3.12::enterprise_edition
|
Enterprise Edition 20.3.12 | |
|
IBM App Connect Enterprise <12.0.11.2
IBM / App Connect Enterprise
|
<12.0.11.2 | ||
|
IBM Tivoli Monitoring for Virtual Environments Base <7.3.7
IBM / Tivoli Monitoring
|
for Virtual Environments Base <7.3.7 | ||
|
Hitachi Configuration Manager
Hitachi
|
cpe:/a:hitachi:configuration_manager:-
|
— | |
|
IBM FlashSystem
IBM
|
cpe:/a:ibm:flashsystem:-
|
— | |
|
HCL BigFix Compliance <2.0.11
HCL / BigFix
|
Compliance <2.0.11 | ||
|
IBM Tivoli Monitoring 6.3.0.7
IBM / Tivoli Monitoring
|
cpe:/a:ibm:tivoli_monitoring:6.3.0.7
|
6.3.0.7 | |
|
IBM MQ
IBM / MQ
|
cpe:/a:ibm:mq:-
|
— | |
|
IBM Power Hardware Management Console v10
IBM / Power Hardware Management Console
|
cpe:/a:ibm:hardware_management_console:v10
|
v10 | |
|
IBM MQ <9.3.5.1
IBM / MQ
|
<9.3.5.1 | ||
|
Amazon Corretto <8.402.08.1
Amazon / Corretto
|
<8.402.08.1 | ||
|
IBM Tivoli Network Manager <4.2.0.19
IBM / Tivoli Network Manager
|
<4.2.0.19 | ||
|
IBM Tivoli Netcool/OMNIbus <8.1.0.32
IBM / Tivoli Netcool/OMNIbus
|
<8.1.0.32 | ||
|
IBM MQ <9.1.0.21
IBM / MQ
|
<9.1.0.21 | ||
|
IBM MQ <9.0.0.24
IBM / MQ
|
<9.0.0.24 | ||
|
IBM DB2 10.5
IBM / DB2
|
cpe:/a:ibm:db2:10.5
|
10.5 | |
|
IBM Security Guardium 10.6
IBM / Security Guardium
|
cpe:/a:ibm:security_guardium:10.6
|
10.6 | |
|
IBM App Connect Enterprise <=11.0.0.24
IBM / App Connect Enterprise
|
<=11.0.0.24 | ||
|
IBM App Connect Enterprise
IBM / App Connect Enterprise
|
cpe:/a:ibm:app_connect_enterprise:-
|
— | |
|
Ubuntu Linux
Ubuntu
|
cpe:/o:canonical:ubuntu_linux:-
|
— | |
|
Amazon Corretto <8.442.06.1
Amazon / Corretto
|
<8.442.06.1 | ||
|
Amazon Corretto <11.0.26.4.1
Amazon / Corretto
|
<11.0.26.4.1 | ||
|
IBM Security Access Manager for Enterprise Single Sign-On 8.2.2
IBM / Security Access Manager for Enterprise Single Sign-On
|
cpe:/a:ibm:security_access_manager_for_enterprise_single_sign_on:8.2.2
|
8.2.2 | |
|
Broadcom Brocade SANnav
Broadcom
|
cpe:/a:broadcom:brocade_sannav:-
|
— | |
|
IBM Business Automation Workflow <21.0.3-IF031
IBM / Business Automation Workflow
|
<21.0.3-IF031 | ||
|
Open Source CentOS
Open Source
|
cpe:/o:centos:centos:-
|
— |
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
IBM Security Access Manager for Enterprise Single Sign-On 8.2.1
IBM / Security Access Manager for Enterprise Single Sign-On
|
cpe:/a:ibm:security_access_manager_for_enterprise_single_sign_on:8.2.1
|
8.2.1 | |
|
Dell NetWorker Runtime Environment <8.0.20
Dell / NetWorker
|
Runtime Environment <8.0.20 | ||
|
Hitachi Command Suite
Hitachi
|
cpe:/a:hitachi:command_suite:-
|
— | |
|
IBM Storage Insights
IBM
|
cpe:/a:ibm:storage_insights:-
|
— | |
|
IBM MQ <9.2.0.25
IBM / MQ
|
<9.2.0.25 | ||
|
Amazon Corretto <8.402.06.1
Amazon / Corretto
|
<8.402.06.1 | ||
|
Oracle Linux
Oracle
|
cpe:/o:oracle:linux:-
|
— | |
|
IBM WebSphere Application Server 8.5
IBM / WebSphere Application Server
|
cpe:/a:ibm:websphere_application_server:8.5
|
8.5 | |
|
IBM Rational Business Developer 9.6
IBM / Rational Business Developer
|
cpe:/a:ibm:rational_business_developer:9.6
|
9.6 | |
|
IBM WebSphere Application Server 9.0
IBM / WebSphere Application Server
|
cpe:/a:ibm:websphere_application_server:9.0
|
9 | |
|
SolarWinds Security Event Manager <2024.2
SolarWinds / Security Event Manager
|
<2024.2 | ||
|
IBM MQ <9.3.0.17
IBM / MQ
|
<9.3.0.17 | ||
|
IBM AIX 7.3
IBM / AIX
|
cpe:/o:ibm:aix:7.3
|
7.3 | |
|
IBM SAN Volume Controller
IBM
|
cpe:/a:ibm:san_volume_controller:-
|
— | |
|
Amazon Corretto 11.0.22.7.1
Amazon / Corretto
|
cpe:/a:amazon:corretto:11.0.22.7.1
|
11.0.22.7.1 | |
|
Amazon Linux 2
Amazon
|
cpe:/o:amazon:linux_2:-
|
— | |
|
IBM Rational Business Developer 9.7
IBM / Rational Business Developer
|
cpe:/a:ibm:rational_business_developer:9.7
|
9.7 | |
|
Dell NetWorker Runtime Environment (NRE) 8.0.19
Dell / NetWorker
|
cpe:/a:dell:networker:runtime_environment_8.0.19
|
Runtime Environment (NRE) 8.0.19 | |
|
Oracle Java SE 22.3.4
Oracle / Java SE
|
cpe:/a:oracle:java_se:22.3.4
|
22.3.4 | |
|
Oracle Java SE 11.0.21
Oracle / Java SE
|
cpe:/a:oracle:java_se:11.0.21
|
11.0.21 | |
|
Oracle Java SE 21.3.8
Oracle / Java SE
|
cpe:/a:oracle:java_se:21.3.8
|
21.3.8 | |
|
IBM InfoSphere Information Server
IBM / InfoSphere Information Server
|
cpe:/a:ibm:infosphere_information_server:-
|
— | |
|
IBM AIX 7.2
IBM / AIX
|
cpe:/o:ibm:aix:7.2
|
7.2 | |
|
Oracle Java SE 17.0.9
Oracle / Java SE
|
cpe:/a:oracle:java_se:17.0.9
|
17.0.9 | |
|
IBM VIOS 3.1
IBM / VIOS
|
cpe:/a:ibm:vios:3.1
|
3.1 | |
|
IBM VIOS 4.1
IBM / VIOS
|
cpe:/a:ibm:vios:4.1
|
4.1 | |
|
IBM Storage Scale 5.1.0.0-5.1.9.2
IBM / Storage Scale
|
cpe:/a:ibm:spectrum_scale:5.1.0.0_-_5.1.9.2
|
5.1.0.0-5.1.9.2 | |
|
Gentoo Linux
Gentoo
|
cpe:/o:gentoo:linux:-
|
— | |
|
IBM Java <7.1.5.21
IBM / Java
|
<7.1.5.21 | ||
|
IBM Java <8.0.8.20
IBM / Java
|
<8.0.8.20 | ||
|
Hitachi Ops Center
Hitachi
|
cpe:/a:hitachi:ops_center:-
|
— | |
|
IBM QRadar SIEM 7.5
IBM / QRadar SIEM
|
cpe:/a:ibm:qradar_siem:7.5
|
7.5 | |
|
Kyocera Printer
Kyocera
|
cpe:/h:kyocera:printer:-
|
— | |
|
IBM Storwize
IBM
|
cpe:/a:ibm:storwize:-
|
— | |
|
EMC Avamar
EMC
|
cpe:/a:emc:avamar:-
|
— | |
|
Debian Linux
Debian
|
cpe:/o:debian:debian_linux:-
|
— | |
|
SUSE Linux
SUSE
|
cpe:/o:suse:suse_linux:-
|
— | |
|
IBM InfoSphere Information Server 11.7
IBM / InfoSphere Information Server
|
cpe:/a:ibm:infosphere_information_server:11.7
|
11.7 | |
|
SUSE openSUSE
SUSE
|
cpe:/o:suse:opensuse:-
|
— | |
|
IBM Tivoli Netcool/OMNIbus
IBM / Tivoli Netcool/OMNIbus
|
cpe:/a:ibm:tivoli_netcool%2fomnibus:-
|
— | |
|
IBM Tivoli Key Lifecycle Manager
IBM
|
cpe:/a:ibm:tivoli_key_lifecycle_manager:-
|
— | |
|
IBM WebSphere Service Registry and Repository 8.5
IBM / WebSphere Service Registry and Repository
|
cpe:/a:ibm:websphere_service_registry_and_repository:8.5
|
8.5 | |
|
IBM DB2 11.5
IBM / DB2
|
cpe:/a:ibm:db2:11.5
|
11.5 | |
|
IBM TXSeries for multiplatforms_8.1
IBM / TXSeries
|
cpe:/a:ibm:txseries:for_multiplatforms_8.1
|
for multiplatforms_8.1 | |
|
IBM DB2 11.1
IBM / DB2
|
cpe:/a:ibm:db2:11.1
|
11.1 | |
|
IBM DataPower Gateway <10.5.4
IBM / DataPower Gateway
|
<10.5.4 | ||
|
IBM TXSeries for multiplatforms_8.2
IBM / TXSeries
|
cpe:/a:ibm:txseries:for_multiplatforms_8.2
|
for multiplatforms_8.2 | |
|
Oracle Java SE 21.0.1
Oracle / Java SE
|
cpe:/a:oracle:java_se:21.0.1
|
21.0.1 | |
|
IBM TXSeries for multiplatforms_9.1
IBM / TXSeries
|
cpe:/a:ibm:txseries:for_multiplatforms_9.1
|
for multiplatforms_9.1 | |
|
Oracle GraalVM Enterprise Edition 21.3.8
Oracle / GraalVM
|
cpe:/a:oracle:graalvm:21.3.8::enterprise_edition
|
Enterprise Edition 21.3.8 | |
|
IBM Security Guardium 11.3
IBM / Security Guardium
|
cpe:/a:ibm:security_guardium:11.3
|
11.3 | |
|
IBM Business Automation Workflow <23.0.2-IF003
IBM / Business Automation Workflow
|
<23.0.2-IF003 | ||
|
Red Hat Enterprise Linux
Red Hat
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
IBM DataPower Gateway <10.5.0.10
IBM / DataPower Gateway
|
<10.5.0.10 | ||
|
IBM Rational Business Developer 9.1
IBM / Rational Business Developer
|
cpe:/a:ibm:rational_business_developer:9.1
|
9.1 | |
|
IBM InfoSphere Identity Insight 10.0.0.0
IBM / InfoSphere Identity Insight
|
cpe:/a:ibm:infosphere_identity_insight:10.0.0.0
|
10.0.0.0 | |
|
IBM DataPower Gateway <10.0.1.18
IBM / DataPower Gateway
|
<10.0.1.18 | ||
|
IBM Tivoli Netcool/OMNIbus 8.1.0
IBM / Tivoli Netcool/OMNIbus
|
cpe:/a:ibm:tivoli_netcool%2fomnibus:8.1.0
|
8.1.0 | |
|
Dell NetWorker virtual
Dell / NetWorker
|
cpe:/a:dell:networker:virtual
|
virtual | |
|
Dell ECS <3.8.1.1
Dell / ECS
|
<3.8.1.1 | ||
|
Oracle GraalVM for JDK 21.0.1
Oracle / GraalVM
|
cpe:/a:oracle:graalvm:21.0.1::for_jdk
|
for JDK 21.0.1 | |
|
IBM Integration Bus <=10.1.0.3
IBM / Integration Bus
|
<=10.1.0.3 | ||
|
Oracle Java SE 8u391
Oracle / Java SE
|
cpe:/a:oracle:java_se:8u391
|
8u391 | |
|
Oracle GraalVM for JDK 17.0.9
Oracle / GraalVM
|
cpe:/a:oracle:graalvm:17.0.9::for_jdk
|
for JDK 17.0.9 | |
|
Oracle GraalVM Enterprise Edition 20.3.12
Oracle / GraalVM
|
cpe:/a:oracle:graalvm:20.3.12::enterprise_edition
|
Enterprise Edition 20.3.12 | |
|
IBM App Connect Enterprise <12.0.11.2
IBM / App Connect Enterprise
|
<12.0.11.2 | ||
|
IBM Tivoli Monitoring for Virtual Environments Base <7.3.7
IBM / Tivoli Monitoring
|
for Virtual Environments Base <7.3.7 | ||
|
Hitachi Configuration Manager
Hitachi
|
cpe:/a:hitachi:configuration_manager:-
|
— | |
|
IBM FlashSystem
IBM
|
cpe:/a:ibm:flashsystem:-
|
— | |
|
HCL BigFix Compliance <2.0.11
HCL / BigFix
|
Compliance <2.0.11 | ||
|
IBM Tivoli Monitoring 6.3.0.7
IBM / Tivoli Monitoring
|
cpe:/a:ibm:tivoli_monitoring:6.3.0.7
|
6.3.0.7 | |
|
IBM MQ
IBM / MQ
|
cpe:/a:ibm:mq:-
|
— | |
|
IBM Power Hardware Management Console v10
IBM / Power Hardware Management Console
|
cpe:/a:ibm:hardware_management_console:v10
|
v10 | |
|
IBM MQ <9.3.5.1
IBM / MQ
|
<9.3.5.1 | ||
|
Amazon Corretto <8.402.08.1
Amazon / Corretto
|
<8.402.08.1 | ||
|
IBM Tivoli Network Manager <4.2.0.19
IBM / Tivoli Network Manager
|
<4.2.0.19 | ||
|
IBM Tivoli Netcool/OMNIbus <8.1.0.32
IBM / Tivoli Netcool/OMNIbus
|
<8.1.0.32 | ||
|
IBM MQ <9.1.0.21
IBM / MQ
|
<9.1.0.21 | ||
|
IBM MQ <9.0.0.24
IBM / MQ
|
<9.0.0.24 | ||
|
IBM DB2 10.5
IBM / DB2
|
cpe:/a:ibm:db2:10.5
|
10.5 | |
|
IBM Security Guardium 10.6
IBM / Security Guardium
|
cpe:/a:ibm:security_guardium:10.6
|
10.6 | |
|
IBM App Connect Enterprise <=11.0.0.24
IBM / App Connect Enterprise
|
<=11.0.0.24 | ||
|
IBM App Connect Enterprise
IBM / App Connect Enterprise
|
cpe:/a:ibm:app_connect_enterprise:-
|
— | |
|
Ubuntu Linux
Ubuntu
|
cpe:/o:canonical:ubuntu_linux:-
|
— | |
|
Amazon Corretto <8.442.06.1
Amazon / Corretto
|
<8.442.06.1 | ||
|
Amazon Corretto <11.0.26.4.1
Amazon / Corretto
|
<11.0.26.4.1 | ||
|
IBM Security Access Manager for Enterprise Single Sign-On 8.2.2
IBM / Security Access Manager for Enterprise Single Sign-On
|
cpe:/a:ibm:security_access_manager_for_enterprise_single_sign_on:8.2.2
|
8.2.2 | |
|
Broadcom Brocade SANnav
Broadcom
|
cpe:/a:broadcom:brocade_sannav:-
|
— | |
|
IBM Business Automation Workflow <21.0.3-IF031
IBM / Business Automation Workflow
|
<21.0.3-IF031 | ||
|
Open Source CentOS
Open Source
|
cpe:/o:centos:centos:-
|
— |
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
IBM Security Access Manager for Enterprise Single Sign-On 8.2.1
IBM / Security Access Manager for Enterprise Single Sign-On
|
cpe:/a:ibm:security_access_manager_for_enterprise_single_sign_on:8.2.1
|
8.2.1 | |
|
Dell NetWorker Runtime Environment <8.0.20
Dell / NetWorker
|
Runtime Environment <8.0.20 | ||
|
Hitachi Command Suite
Hitachi
|
cpe:/a:hitachi:command_suite:-
|
— | |
|
IBM Storage Insights
IBM
|
cpe:/a:ibm:storage_insights:-
|
— | |
|
IBM MQ <9.2.0.25
IBM / MQ
|
<9.2.0.25 | ||
|
Amazon Corretto <8.402.06.1
Amazon / Corretto
|
<8.402.06.1 | ||
|
Oracle Linux
Oracle
|
cpe:/o:oracle:linux:-
|
— | |
|
IBM WebSphere Application Server 8.5
IBM / WebSphere Application Server
|
cpe:/a:ibm:websphere_application_server:8.5
|
8.5 | |
|
IBM Rational Business Developer 9.6
IBM / Rational Business Developer
|
cpe:/a:ibm:rational_business_developer:9.6
|
9.6 | |
|
IBM WebSphere Application Server 9.0
IBM / WebSphere Application Server
|
cpe:/a:ibm:websphere_application_server:9.0
|
9 | |
|
SolarWinds Security Event Manager <2024.2
SolarWinds / Security Event Manager
|
<2024.2 | ||
|
IBM MQ <9.3.0.17
IBM / MQ
|
<9.3.0.17 | ||
|
IBM AIX 7.3
IBM / AIX
|
cpe:/o:ibm:aix:7.3
|
7.3 | |
|
IBM SAN Volume Controller
IBM
|
cpe:/a:ibm:san_volume_controller:-
|
— | |
|
Amazon Corretto 11.0.22.7.1
Amazon / Corretto
|
cpe:/a:amazon:corretto:11.0.22.7.1
|
11.0.22.7.1 | |
|
Amazon Linux 2
Amazon
|
cpe:/o:amazon:linux_2:-
|
— | |
|
IBM Rational Business Developer 9.7
IBM / Rational Business Developer
|
cpe:/a:ibm:rational_business_developer:9.7
|
9.7 | |
|
Dell NetWorker Runtime Environment (NRE) 8.0.19
Dell / NetWorker
|
cpe:/a:dell:networker:runtime_environment_8.0.19
|
Runtime Environment (NRE) 8.0.19 | |
|
Oracle Java SE 22.3.4
Oracle / Java SE
|
cpe:/a:oracle:java_se:22.3.4
|
22.3.4 | |
|
Oracle Java SE 11.0.21
Oracle / Java SE
|
cpe:/a:oracle:java_se:11.0.21
|
11.0.21 | |
|
Oracle Java SE 21.3.8
Oracle / Java SE
|
cpe:/a:oracle:java_se:21.3.8
|
21.3.8 | |
|
IBM InfoSphere Information Server
IBM / InfoSphere Information Server
|
cpe:/a:ibm:infosphere_information_server:-
|
— | |
|
IBM AIX 7.2
IBM / AIX
|
cpe:/o:ibm:aix:7.2
|
7.2 | |
|
Oracle Java SE 17.0.9
Oracle / Java SE
|
cpe:/a:oracle:java_se:17.0.9
|
17.0.9 | |
|
IBM VIOS 3.1
IBM / VIOS
|
cpe:/a:ibm:vios:3.1
|
3.1 | |
|
IBM VIOS 4.1
IBM / VIOS
|
cpe:/a:ibm:vios:4.1
|
4.1 | |
|
IBM Storage Scale 5.1.0.0-5.1.9.2
IBM / Storage Scale
|
cpe:/a:ibm:spectrum_scale:5.1.0.0_-_5.1.9.2
|
5.1.0.0-5.1.9.2 | |
|
Gentoo Linux
Gentoo
|
cpe:/o:gentoo:linux:-
|
— | |
|
IBM Java <7.1.5.21
IBM / Java
|
<7.1.5.21 | ||
|
IBM Java <8.0.8.20
IBM / Java
|
<8.0.8.20 | ||
|
Hitachi Ops Center
Hitachi
|
cpe:/a:hitachi:ops_center:-
|
— | |
|
IBM QRadar SIEM 7.5
IBM / QRadar SIEM
|
cpe:/a:ibm:qradar_siem:7.5
|
7.5 | |
|
Kyocera Printer
Kyocera
|
cpe:/h:kyocera:printer:-
|
— | |
|
IBM Storwize
IBM
|
cpe:/a:ibm:storwize:-
|
— | |
|
EMC Avamar
EMC
|
cpe:/a:emc:avamar:-
|
— | |
|
Debian Linux
Debian
|
cpe:/o:debian:debian_linux:-
|
— | |
|
SUSE Linux
SUSE
|
cpe:/o:suse:suse_linux:-
|
— | |
|
IBM InfoSphere Information Server 11.7
IBM / InfoSphere Information Server
|
cpe:/a:ibm:infosphere_information_server:11.7
|
11.7 | |
|
SUSE openSUSE
SUSE
|
cpe:/o:suse:opensuse:-
|
— | |
|
IBM Tivoli Netcool/OMNIbus
IBM / Tivoli Netcool/OMNIbus
|
cpe:/a:ibm:tivoli_netcool%2fomnibus:-
|
— | |
|
IBM Tivoli Key Lifecycle Manager
IBM
|
cpe:/a:ibm:tivoli_key_lifecycle_manager:-
|
— | |
|
IBM WebSphere Service Registry and Repository 8.5
IBM / WebSphere Service Registry and Repository
|
cpe:/a:ibm:websphere_service_registry_and_repository:8.5
|
8.5 | |
|
IBM DB2 11.5
IBM / DB2
|
cpe:/a:ibm:db2:11.5
|
11.5 | |
|
IBM TXSeries for multiplatforms_8.1
IBM / TXSeries
|
cpe:/a:ibm:txseries:for_multiplatforms_8.1
|
for multiplatforms_8.1 | |
|
IBM DB2 11.1
IBM / DB2
|
cpe:/a:ibm:db2:11.1
|
11.1 | |
|
IBM DataPower Gateway <10.5.4
IBM / DataPower Gateway
|
<10.5.4 | ||
|
IBM TXSeries for multiplatforms_8.2
IBM / TXSeries
|
cpe:/a:ibm:txseries:for_multiplatforms_8.2
|
for multiplatforms_8.2 | |
|
Oracle Java SE 21.0.1
Oracle / Java SE
|
cpe:/a:oracle:java_se:21.0.1
|
21.0.1 | |
|
IBM TXSeries for multiplatforms_9.1
IBM / TXSeries
|
cpe:/a:ibm:txseries:for_multiplatforms_9.1
|
for multiplatforms_9.1 | |
|
Oracle GraalVM Enterprise Edition 21.3.8
Oracle / GraalVM
|
cpe:/a:oracle:graalvm:21.3.8::enterprise_edition
|
Enterprise Edition 21.3.8 | |
|
IBM Security Guardium 11.3
IBM / Security Guardium
|
cpe:/a:ibm:security_guardium:11.3
|
11.3 | |
|
IBM Business Automation Workflow <23.0.2-IF003
IBM / Business Automation Workflow
|
<23.0.2-IF003 | ||
|
Red Hat Enterprise Linux
Red Hat
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
IBM DataPower Gateway <10.5.0.10
IBM / DataPower Gateway
|
<10.5.0.10 | ||
|
IBM Rational Business Developer 9.1
IBM / Rational Business Developer
|
cpe:/a:ibm:rational_business_developer:9.1
|
9.1 | |
|
IBM InfoSphere Identity Insight 10.0.0.0
IBM / InfoSphere Identity Insight
|
cpe:/a:ibm:infosphere_identity_insight:10.0.0.0
|
10.0.0.0 | |
|
IBM DataPower Gateway <10.0.1.18
IBM / DataPower Gateway
|
<10.0.1.18 | ||
|
IBM Tivoli Netcool/OMNIbus 8.1.0
IBM / Tivoli Netcool/OMNIbus
|
cpe:/a:ibm:tivoli_netcool%2fomnibus:8.1.0
|
8.1.0 | |
|
Dell NetWorker virtual
Dell / NetWorker
|
cpe:/a:dell:networker:virtual
|
virtual | |
|
Dell ECS <3.8.1.1
Dell / ECS
|
<3.8.1.1 | ||
|
Oracle GraalVM for JDK 21.0.1
Oracle / GraalVM
|
cpe:/a:oracle:graalvm:21.0.1::for_jdk
|
for JDK 21.0.1 | |
|
IBM Integration Bus <=10.1.0.3
IBM / Integration Bus
|
<=10.1.0.3 | ||
|
Oracle Java SE 8u391
Oracle / Java SE
|
cpe:/a:oracle:java_se:8u391
|
8u391 | |
|
Oracle GraalVM for JDK 17.0.9
Oracle / GraalVM
|
cpe:/a:oracle:graalvm:17.0.9::for_jdk
|
for JDK 17.0.9 | |
|
Oracle GraalVM Enterprise Edition 20.3.12
Oracle / GraalVM
|
cpe:/a:oracle:graalvm:20.3.12::enterprise_edition
|
Enterprise Edition 20.3.12 | |
|
IBM App Connect Enterprise <12.0.11.2
IBM / App Connect Enterprise
|
<12.0.11.2 | ||
|
IBM Tivoli Monitoring for Virtual Environments Base <7.3.7
IBM / Tivoli Monitoring
|
for Virtual Environments Base <7.3.7 | ||
|
Hitachi Configuration Manager
Hitachi
|
cpe:/a:hitachi:configuration_manager:-
|
— | |
|
IBM FlashSystem
IBM
|
cpe:/a:ibm:flashsystem:-
|
— | |
|
HCL BigFix Compliance <2.0.11
HCL / BigFix
|
Compliance <2.0.11 | ||
|
IBM Tivoli Monitoring 6.3.0.7
IBM / Tivoli Monitoring
|
cpe:/a:ibm:tivoli_monitoring:6.3.0.7
|
6.3.0.7 | |
|
IBM MQ
IBM / MQ
|
cpe:/a:ibm:mq:-
|
— | |
|
IBM Power Hardware Management Console v10
IBM / Power Hardware Management Console
|
cpe:/a:ibm:hardware_management_console:v10
|
v10 | |
|
IBM MQ <9.3.5.1
IBM / MQ
|
<9.3.5.1 | ||
|
Amazon Corretto <8.402.08.1
Amazon / Corretto
|
<8.402.08.1 | ||
|
IBM Tivoli Network Manager <4.2.0.19
IBM / Tivoli Network Manager
|
<4.2.0.19 | ||
|
IBM Tivoli Netcool/OMNIbus <8.1.0.32
IBM / Tivoli Netcool/OMNIbus
|
<8.1.0.32 | ||
|
IBM MQ <9.1.0.21
IBM / MQ
|
<9.1.0.21 | ||
|
IBM MQ <9.0.0.24
IBM / MQ
|
<9.0.0.24 | ||
|
IBM DB2 10.5
IBM / DB2
|
cpe:/a:ibm:db2:10.5
|
10.5 | |
|
IBM Security Guardium 10.6
IBM / Security Guardium
|
cpe:/a:ibm:security_guardium:10.6
|
10.6 | |
|
IBM App Connect Enterprise <=11.0.0.24
IBM / App Connect Enterprise
|
<=11.0.0.24 | ||
|
IBM App Connect Enterprise
IBM / App Connect Enterprise
|
cpe:/a:ibm:app_connect_enterprise:-
|
— | |
|
Ubuntu Linux
Ubuntu
|
cpe:/o:canonical:ubuntu_linux:-
|
— | |
|
Amazon Corretto <8.442.06.1
Amazon / Corretto
|
<8.442.06.1 | ||
|
Amazon Corretto <11.0.26.4.1
Amazon / Corretto
|
<11.0.26.4.1 | ||
|
IBM Security Access Manager for Enterprise Single Sign-On 8.2.2
IBM / Security Access Manager for Enterprise Single Sign-On
|
cpe:/a:ibm:security_access_manager_for_enterprise_single_sign_on:8.2.2
|
8.2.2 | |
|
Broadcom Brocade SANnav
Broadcom
|
cpe:/a:broadcom:brocade_sannav:-
|
— | |
|
IBM Business Automation Workflow <21.0.3-IF031
IBM / Business Automation Workflow
|
<21.0.3-IF031 | ||
|
Open Source CentOS
Open Source
|
cpe:/o:centos:centos:-
|
— |
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
IBM Security Access Manager for Enterprise Single Sign-On 8.2.1
IBM / Security Access Manager for Enterprise Single Sign-On
|
cpe:/a:ibm:security_access_manager_for_enterprise_single_sign_on:8.2.1
|
8.2.1 | |
|
Dell NetWorker Runtime Environment <8.0.20
Dell / NetWorker
|
Runtime Environment <8.0.20 | ||
|
Hitachi Command Suite
Hitachi
|
cpe:/a:hitachi:command_suite:-
|
— | |
|
IBM Storage Insights
IBM
|
cpe:/a:ibm:storage_insights:-
|
— | |
|
IBM MQ <9.2.0.25
IBM / MQ
|
<9.2.0.25 | ||
|
Amazon Corretto <8.402.06.1
Amazon / Corretto
|
<8.402.06.1 | ||
|
Oracle Linux
Oracle
|
cpe:/o:oracle:linux:-
|
— | |
|
IBM WebSphere Application Server 8.5
IBM / WebSphere Application Server
|
cpe:/a:ibm:websphere_application_server:8.5
|
8.5 | |
|
IBM Rational Business Developer 9.6
IBM / Rational Business Developer
|
cpe:/a:ibm:rational_business_developer:9.6
|
9.6 | |
|
IBM WebSphere Application Server 9.0
IBM / WebSphere Application Server
|
cpe:/a:ibm:websphere_application_server:9.0
|
9 | |
|
SolarWinds Security Event Manager <2024.2
SolarWinds / Security Event Manager
|
<2024.2 | ||
|
IBM MQ <9.3.0.17
IBM / MQ
|
<9.3.0.17 | ||
|
IBM AIX 7.3
IBM / AIX
|
cpe:/o:ibm:aix:7.3
|
7.3 | |
|
IBM SAN Volume Controller
IBM
|
cpe:/a:ibm:san_volume_controller:-
|
— | |
|
Amazon Corretto 11.0.22.7.1
Amazon / Corretto
|
cpe:/a:amazon:corretto:11.0.22.7.1
|
11.0.22.7.1 | |
|
Amazon Linux 2
Amazon
|
cpe:/o:amazon:linux_2:-
|
— | |
|
IBM Rational Business Developer 9.7
IBM / Rational Business Developer
|
cpe:/a:ibm:rational_business_developer:9.7
|
9.7 | |
|
Dell NetWorker Runtime Environment (NRE) 8.0.19
Dell / NetWorker
|
cpe:/a:dell:networker:runtime_environment_8.0.19
|
Runtime Environment (NRE) 8.0.19 | |
|
Oracle Java SE 22.3.4
Oracle / Java SE
|
cpe:/a:oracle:java_se:22.3.4
|
22.3.4 | |
|
Oracle Java SE 11.0.21
Oracle / Java SE
|
cpe:/a:oracle:java_se:11.0.21
|
11.0.21 | |
|
Oracle Java SE 21.3.8
Oracle / Java SE
|
cpe:/a:oracle:java_se:21.3.8
|
21.3.8 | |
|
IBM InfoSphere Information Server
IBM / InfoSphere Information Server
|
cpe:/a:ibm:infosphere_information_server:-
|
— | |
|
IBM AIX 7.2
IBM / AIX
|
cpe:/o:ibm:aix:7.2
|
7.2 | |
|
Oracle Java SE 17.0.9
Oracle / Java SE
|
cpe:/a:oracle:java_se:17.0.9
|
17.0.9 | |
|
IBM VIOS 3.1
IBM / VIOS
|
cpe:/a:ibm:vios:3.1
|
3.1 | |
|
IBM VIOS 4.1
IBM / VIOS
|
cpe:/a:ibm:vios:4.1
|
4.1 | |
|
IBM Storage Scale 5.1.0.0-5.1.9.2
IBM / Storage Scale
|
cpe:/a:ibm:spectrum_scale:5.1.0.0_-_5.1.9.2
|
5.1.0.0-5.1.9.2 | |
|
Gentoo Linux
Gentoo
|
cpe:/o:gentoo:linux:-
|
— | |
|
IBM Java <7.1.5.21
IBM / Java
|
<7.1.5.21 | ||
|
IBM Java <8.0.8.20
IBM / Java
|
<8.0.8.20 | ||
|
Hitachi Ops Center
Hitachi
|
cpe:/a:hitachi:ops_center:-
|
— | |
|
IBM QRadar SIEM 7.5
IBM / QRadar SIEM
|
cpe:/a:ibm:qradar_siem:7.5
|
7.5 | |
|
Kyocera Printer
Kyocera
|
cpe:/h:kyocera:printer:-
|
— | |
|
IBM Storwize
IBM
|
cpe:/a:ibm:storwize:-
|
— | |
|
EMC Avamar
EMC
|
cpe:/a:emc:avamar:-
|
— | |
|
Debian Linux
Debian
|
cpe:/o:debian:debian_linux:-
|
— | |
|
SUSE Linux
SUSE
|
cpe:/o:suse:suse_linux:-
|
— | |
|
IBM InfoSphere Information Server 11.7
IBM / InfoSphere Information Server
|
cpe:/a:ibm:infosphere_information_server:11.7
|
11.7 | |
|
SUSE openSUSE
SUSE
|
cpe:/o:suse:opensuse:-
|
— | |
|
IBM Tivoli Netcool/OMNIbus
IBM / Tivoli Netcool/OMNIbus
|
cpe:/a:ibm:tivoli_netcool%2fomnibus:-
|
— | |
|
IBM Tivoli Key Lifecycle Manager
IBM
|
cpe:/a:ibm:tivoli_key_lifecycle_manager:-
|
— | |
|
IBM WebSphere Service Registry and Repository 8.5
IBM / WebSphere Service Registry and Repository
|
cpe:/a:ibm:websphere_service_registry_and_repository:8.5
|
8.5 | |
|
IBM DB2 11.5
IBM / DB2
|
cpe:/a:ibm:db2:11.5
|
11.5 | |
|
IBM TXSeries for multiplatforms_8.1
IBM / TXSeries
|
cpe:/a:ibm:txseries:for_multiplatforms_8.1
|
for multiplatforms_8.1 | |
|
IBM DB2 11.1
IBM / DB2
|
cpe:/a:ibm:db2:11.1
|
11.1 | |
|
IBM DataPower Gateway <10.5.4
IBM / DataPower Gateway
|
<10.5.4 | ||
|
IBM TXSeries for multiplatforms_8.2
IBM / TXSeries
|
cpe:/a:ibm:txseries:for_multiplatforms_8.2
|
for multiplatforms_8.2 | |
|
Oracle Java SE 21.0.1
Oracle / Java SE
|
cpe:/a:oracle:java_se:21.0.1
|
21.0.1 | |
|
IBM TXSeries for multiplatforms_9.1
IBM / TXSeries
|
cpe:/a:ibm:txseries:for_multiplatforms_9.1
|
for multiplatforms_9.1 | |
|
Oracle GraalVM Enterprise Edition 21.3.8
Oracle / GraalVM
|
cpe:/a:oracle:graalvm:21.3.8::enterprise_edition
|
Enterprise Edition 21.3.8 | |
|
IBM Security Guardium 11.3
IBM / Security Guardium
|
cpe:/a:ibm:security_guardium:11.3
|
11.3 | |
|
IBM Business Automation Workflow <23.0.2-IF003
IBM / Business Automation Workflow
|
<23.0.2-IF003 | ||
|
Red Hat Enterprise Linux
Red Hat
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
IBM DataPower Gateway <10.5.0.10
IBM / DataPower Gateway
|
<10.5.0.10 | ||
|
IBM Rational Business Developer 9.1
IBM / Rational Business Developer
|
cpe:/a:ibm:rational_business_developer:9.1
|
9.1 | |
|
IBM InfoSphere Identity Insight 10.0.0.0
IBM / InfoSphere Identity Insight
|
cpe:/a:ibm:infosphere_identity_insight:10.0.0.0
|
10.0.0.0 | |
|
IBM DataPower Gateway <10.0.1.18
IBM / DataPower Gateway
|
<10.0.1.18 | ||
|
IBM Tivoli Netcool/OMNIbus 8.1.0
IBM / Tivoli Netcool/OMNIbus
|
cpe:/a:ibm:tivoli_netcool%2fomnibus:8.1.0
|
8.1.0 | |
|
Dell NetWorker virtual
Dell / NetWorker
|
cpe:/a:dell:networker:virtual
|
virtual | |
|
Dell ECS <3.8.1.1
Dell / ECS
|
<3.8.1.1 | ||
|
Oracle GraalVM for JDK 21.0.1
Oracle / GraalVM
|
cpe:/a:oracle:graalvm:21.0.1::for_jdk
|
for JDK 21.0.1 | |
|
IBM Integration Bus <=10.1.0.3
IBM / Integration Bus
|
<=10.1.0.3 | ||
|
Oracle Java SE 8u391
Oracle / Java SE
|
cpe:/a:oracle:java_se:8u391
|
8u391 | |
|
Oracle GraalVM for JDK 17.0.9
Oracle / GraalVM
|
cpe:/a:oracle:graalvm:17.0.9::for_jdk
|
for JDK 17.0.9 | |
|
Oracle GraalVM Enterprise Edition 20.3.12
Oracle / GraalVM
|
cpe:/a:oracle:graalvm:20.3.12::enterprise_edition
|
Enterprise Edition 20.3.12 | |
|
IBM App Connect Enterprise <12.0.11.2
IBM / App Connect Enterprise
|
<12.0.11.2 | ||
|
IBM Tivoli Monitoring for Virtual Environments Base <7.3.7
IBM / Tivoli Monitoring
|
for Virtual Environments Base <7.3.7 | ||
|
Hitachi Configuration Manager
Hitachi
|
cpe:/a:hitachi:configuration_manager:-
|
— | |
|
IBM FlashSystem
IBM
|
cpe:/a:ibm:flashsystem:-
|
— | |
|
HCL BigFix Compliance <2.0.11
HCL / BigFix
|
Compliance <2.0.11 | ||
|
IBM Tivoli Monitoring 6.3.0.7
IBM / Tivoli Monitoring
|
cpe:/a:ibm:tivoli_monitoring:6.3.0.7
|
6.3.0.7 | |
|
IBM MQ
IBM / MQ
|
cpe:/a:ibm:mq:-
|
— | |
|
IBM Power Hardware Management Console v10
IBM / Power Hardware Management Console
|
cpe:/a:ibm:hardware_management_console:v10
|
v10 | |
|
IBM MQ <9.3.5.1
IBM / MQ
|
<9.3.5.1 | ||
|
Amazon Corretto <8.402.08.1
Amazon / Corretto
|
<8.402.08.1 | ||
|
IBM Tivoli Network Manager <4.2.0.19
IBM / Tivoli Network Manager
|
<4.2.0.19 | ||
|
IBM Tivoli Netcool/OMNIbus <8.1.0.32
IBM / Tivoli Netcool/OMNIbus
|
<8.1.0.32 | ||
|
IBM MQ <9.1.0.21
IBM / MQ
|
<9.1.0.21 | ||
|
IBM MQ <9.0.0.24
IBM / MQ
|
<9.0.0.24 | ||
|
IBM DB2 10.5
IBM / DB2
|
cpe:/a:ibm:db2:10.5
|
10.5 | |
|
IBM Security Guardium 10.6
IBM / Security Guardium
|
cpe:/a:ibm:security_guardium:10.6
|
10.6 | |
|
IBM App Connect Enterprise <=11.0.0.24
IBM / App Connect Enterprise
|
<=11.0.0.24 | ||
|
IBM App Connect Enterprise
IBM / App Connect Enterprise
|
cpe:/a:ibm:app_connect_enterprise:-
|
— | |
|
Ubuntu Linux
Ubuntu
|
cpe:/o:canonical:ubuntu_linux:-
|
— | |
|
Amazon Corretto <8.442.06.1
Amazon / Corretto
|
<8.442.06.1 | ||
|
Amazon Corretto <11.0.26.4.1
Amazon / Corretto
|
<11.0.26.4.1 | ||
|
IBM Security Access Manager for Enterprise Single Sign-On 8.2.2
IBM / Security Access Manager for Enterprise Single Sign-On
|
cpe:/a:ibm:security_access_manager_for_enterprise_single_sign_on:8.2.2
|
8.2.2 | |
|
Broadcom Brocade SANnav
Broadcom
|
cpe:/a:broadcom:brocade_sannav:-
|
— | |
|
IBM Business Automation Workflow <21.0.3-IF031
IBM / Business Automation Workflow
|
<21.0.3-IF031 | ||
|
Open Source CentOS
Open Source
|
cpe:/o:centos:centos:-
|
— |
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
IBM Security Access Manager for Enterprise Single Sign-On 8.2.1
IBM / Security Access Manager for Enterprise Single Sign-On
|
cpe:/a:ibm:security_access_manager_for_enterprise_single_sign_on:8.2.1
|
8.2.1 | |
|
Dell NetWorker Runtime Environment <8.0.20
Dell / NetWorker
|
Runtime Environment <8.0.20 | ||
|
Hitachi Command Suite
Hitachi
|
cpe:/a:hitachi:command_suite:-
|
— | |
|
IBM Storage Insights
IBM
|
cpe:/a:ibm:storage_insights:-
|
— | |
|
IBM MQ <9.2.0.25
IBM / MQ
|
<9.2.0.25 | ||
|
Amazon Corretto <8.402.06.1
Amazon / Corretto
|
<8.402.06.1 | ||
|
Oracle Linux
Oracle
|
cpe:/o:oracle:linux:-
|
— | |
|
IBM WebSphere Application Server 8.5
IBM / WebSphere Application Server
|
cpe:/a:ibm:websphere_application_server:8.5
|
8.5 | |
|
IBM Rational Business Developer 9.6
IBM / Rational Business Developer
|
cpe:/a:ibm:rational_business_developer:9.6
|
9.6 | |
|
IBM WebSphere Application Server 9.0
IBM / WebSphere Application Server
|
cpe:/a:ibm:websphere_application_server:9.0
|
9 | |
|
SolarWinds Security Event Manager <2024.2
SolarWinds / Security Event Manager
|
<2024.2 | ||
|
IBM MQ <9.3.0.17
IBM / MQ
|
<9.3.0.17 | ||
|
IBM AIX 7.3
IBM / AIX
|
cpe:/o:ibm:aix:7.3
|
7.3 | |
|
IBM SAN Volume Controller
IBM
|
cpe:/a:ibm:san_volume_controller:-
|
— | |
|
Amazon Corretto 11.0.22.7.1
Amazon / Corretto
|
cpe:/a:amazon:corretto:11.0.22.7.1
|
11.0.22.7.1 | |
|
Amazon Linux 2
Amazon
|
cpe:/o:amazon:linux_2:-
|
— | |
|
IBM Rational Business Developer 9.7
IBM / Rational Business Developer
|
cpe:/a:ibm:rational_business_developer:9.7
|
9.7 | |
|
Dell NetWorker Runtime Environment (NRE) 8.0.19
Dell / NetWorker
|
cpe:/a:dell:networker:runtime_environment_8.0.19
|
Runtime Environment (NRE) 8.0.19 | |
|
Oracle Java SE 22.3.4
Oracle / Java SE
|
cpe:/a:oracle:java_se:22.3.4
|
22.3.4 | |
|
Oracle Java SE 11.0.21
Oracle / Java SE
|
cpe:/a:oracle:java_se:11.0.21
|
11.0.21 | |
|
Oracle Java SE 21.3.8
Oracle / Java SE
|
cpe:/a:oracle:java_se:21.3.8
|
21.3.8 | |
|
IBM InfoSphere Information Server
IBM / InfoSphere Information Server
|
cpe:/a:ibm:infosphere_information_server:-
|
— | |
|
IBM AIX 7.2
IBM / AIX
|
cpe:/o:ibm:aix:7.2
|
7.2 | |
|
Oracle Java SE 17.0.9
Oracle / Java SE
|
cpe:/a:oracle:java_se:17.0.9
|
17.0.9 | |
|
IBM VIOS 3.1
IBM / VIOS
|
cpe:/a:ibm:vios:3.1
|
3.1 | |
|
IBM VIOS 4.1
IBM / VIOS
|
cpe:/a:ibm:vios:4.1
|
4.1 | |
|
IBM Storage Scale 5.1.0.0-5.1.9.2
IBM / Storage Scale
|
cpe:/a:ibm:spectrum_scale:5.1.0.0_-_5.1.9.2
|
5.1.0.0-5.1.9.2 | |
|
Gentoo Linux
Gentoo
|
cpe:/o:gentoo:linux:-
|
— | |
|
IBM Java <7.1.5.21
IBM / Java
|
<7.1.5.21 | ||
|
IBM Java <8.0.8.20
IBM / Java
|
<8.0.8.20 | ||
|
Hitachi Ops Center
Hitachi
|
cpe:/a:hitachi:ops_center:-
|
— | |
|
IBM QRadar SIEM 7.5
IBM / QRadar SIEM
|
cpe:/a:ibm:qradar_siem:7.5
|
7.5 | |
|
Kyocera Printer
Kyocera
|
cpe:/h:kyocera:printer:-
|
— | |
|
IBM Storwize
IBM
|
cpe:/a:ibm:storwize:-
|
— | |
|
EMC Avamar
EMC
|
cpe:/a:emc:avamar:-
|
— | |
|
Debian Linux
Debian
|
cpe:/o:debian:debian_linux:-
|
— | |
|
SUSE Linux
SUSE
|
cpe:/o:suse:suse_linux:-
|
— | |
|
IBM InfoSphere Information Server 11.7
IBM / InfoSphere Information Server
|
cpe:/a:ibm:infosphere_information_server:11.7
|
11.7 | |
|
SUSE openSUSE
SUSE
|
cpe:/o:suse:opensuse:-
|
— | |
|
IBM Tivoli Netcool/OMNIbus
IBM / Tivoli Netcool/OMNIbus
|
cpe:/a:ibm:tivoli_netcool%2fomnibus:-
|
— | |
|
IBM Tivoli Key Lifecycle Manager
IBM
|
cpe:/a:ibm:tivoli_key_lifecycle_manager:-
|
— | |
|
IBM WebSphere Service Registry and Repository 8.5
IBM / WebSphere Service Registry and Repository
|
cpe:/a:ibm:websphere_service_registry_and_repository:8.5
|
8.5 | |
|
IBM DB2 11.5
IBM / DB2
|
cpe:/a:ibm:db2:11.5
|
11.5 | |
|
IBM TXSeries for multiplatforms_8.1
IBM / TXSeries
|
cpe:/a:ibm:txseries:for_multiplatforms_8.1
|
for multiplatforms_8.1 | |
|
IBM DB2 11.1
IBM / DB2
|
cpe:/a:ibm:db2:11.1
|
11.1 | |
|
IBM DataPower Gateway <10.5.4
IBM / DataPower Gateway
|
<10.5.4 | ||
|
IBM TXSeries for multiplatforms_8.2
IBM / TXSeries
|
cpe:/a:ibm:txseries:for_multiplatforms_8.2
|
for multiplatforms_8.2 | |
|
Oracle Java SE 21.0.1
Oracle / Java SE
|
cpe:/a:oracle:java_se:21.0.1
|
21.0.1 | |
|
IBM TXSeries for multiplatforms_9.1
IBM / TXSeries
|
cpe:/a:ibm:txseries:for_multiplatforms_9.1
|
for multiplatforms_9.1 | |
|
Oracle GraalVM Enterprise Edition 21.3.8
Oracle / GraalVM
|
cpe:/a:oracle:graalvm:21.3.8::enterprise_edition
|
Enterprise Edition 21.3.8 | |
|
IBM Security Guardium 11.3
IBM / Security Guardium
|
cpe:/a:ibm:security_guardium:11.3
|
11.3 | |
|
IBM Business Automation Workflow <23.0.2-IF003
IBM / Business Automation Workflow
|
<23.0.2-IF003 | ||
|
Red Hat Enterprise Linux
Red Hat
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
IBM DataPower Gateway <10.5.0.10
IBM / DataPower Gateway
|
<10.5.0.10 | ||
|
IBM Rational Business Developer 9.1
IBM / Rational Business Developer
|
cpe:/a:ibm:rational_business_developer:9.1
|
9.1 | |
|
IBM InfoSphere Identity Insight 10.0.0.0
IBM / InfoSphere Identity Insight
|
cpe:/a:ibm:infosphere_identity_insight:10.0.0.0
|
10.0.0.0 | |
|
IBM DataPower Gateway <10.0.1.18
IBM / DataPower Gateway
|
<10.0.1.18 | ||
|
IBM Tivoli Netcool/OMNIbus 8.1.0
IBM / Tivoli Netcool/OMNIbus
|
cpe:/a:ibm:tivoli_netcool%2fomnibus:8.1.0
|
8.1.0 | |
|
Dell NetWorker virtual
Dell / NetWorker
|
cpe:/a:dell:networker:virtual
|
virtual | |
|
Dell ECS <3.8.1.1
Dell / ECS
|
<3.8.1.1 | ||
|
Oracle GraalVM for JDK 21.0.1
Oracle / GraalVM
|
cpe:/a:oracle:graalvm:21.0.1::for_jdk
|
for JDK 21.0.1 | |
|
IBM Integration Bus <=10.1.0.3
IBM / Integration Bus
|
<=10.1.0.3 | ||
|
Oracle Java SE 8u391
Oracle / Java SE
|
cpe:/a:oracle:java_se:8u391
|
8u391 | |
|
Oracle GraalVM for JDK 17.0.9
Oracle / GraalVM
|
cpe:/a:oracle:graalvm:17.0.9::for_jdk
|
for JDK 17.0.9 | |
|
Oracle GraalVM Enterprise Edition 20.3.12
Oracle / GraalVM
|
cpe:/a:oracle:graalvm:20.3.12::enterprise_edition
|
Enterprise Edition 20.3.12 | |
|
IBM App Connect Enterprise <12.0.11.2
IBM / App Connect Enterprise
|
<12.0.11.2 | ||
|
IBM Tivoli Monitoring for Virtual Environments Base <7.3.7
IBM / Tivoli Monitoring
|
for Virtual Environments Base <7.3.7 | ||
|
Hitachi Configuration Manager
Hitachi
|
cpe:/a:hitachi:configuration_manager:-
|
— | |
|
IBM FlashSystem
IBM
|
cpe:/a:ibm:flashsystem:-
|
— | |
|
HCL BigFix Compliance <2.0.11
HCL / BigFix
|
Compliance <2.0.11 | ||
|
IBM Tivoli Monitoring 6.3.0.7
IBM / Tivoli Monitoring
|
cpe:/a:ibm:tivoli_monitoring:6.3.0.7
|
6.3.0.7 | |
|
IBM MQ
IBM / MQ
|
cpe:/a:ibm:mq:-
|
— | |
|
IBM Power Hardware Management Console v10
IBM / Power Hardware Management Console
|
cpe:/a:ibm:hardware_management_console:v10
|
v10 | |
|
IBM MQ <9.3.5.1
IBM / MQ
|
<9.3.5.1 | ||
|
Amazon Corretto <8.402.08.1
Amazon / Corretto
|
<8.402.08.1 | ||
|
IBM Tivoli Network Manager <4.2.0.19
IBM / Tivoli Network Manager
|
<4.2.0.19 | ||
|
IBM Tivoli Netcool/OMNIbus <8.1.0.32
IBM / Tivoli Netcool/OMNIbus
|
<8.1.0.32 | ||
|
IBM MQ <9.1.0.21
IBM / MQ
|
<9.1.0.21 | ||
|
IBM MQ <9.0.0.24
IBM / MQ
|
<9.0.0.24 | ||
|
IBM DB2 10.5
IBM / DB2
|
cpe:/a:ibm:db2:10.5
|
10.5 | |
|
IBM Security Guardium 10.6
IBM / Security Guardium
|
cpe:/a:ibm:security_guardium:10.6
|
10.6 | |
|
IBM App Connect Enterprise <=11.0.0.24
IBM / App Connect Enterprise
|
<=11.0.0.24 | ||
|
IBM App Connect Enterprise
IBM / App Connect Enterprise
|
cpe:/a:ibm:app_connect_enterprise:-
|
— | |
|
Ubuntu Linux
Ubuntu
|
cpe:/o:canonical:ubuntu_linux:-
|
— | |
|
Amazon Corretto <8.442.06.1
Amazon / Corretto
|
<8.442.06.1 | ||
|
Amazon Corretto <11.0.26.4.1
Amazon / Corretto
|
<11.0.26.4.1 | ||
|
IBM Security Access Manager for Enterprise Single Sign-On 8.2.2
IBM / Security Access Manager for Enterprise Single Sign-On
|
cpe:/a:ibm:security_access_manager_for_enterprise_single_sign_on:8.2.2
|
8.2.2 | |
|
Broadcom Brocade SANnav
Broadcom
|
cpe:/a:broadcom:brocade_sannav:-
|
— | |
|
IBM Business Automation Workflow <21.0.3-IF031
IBM / Business Automation Workflow
|
<21.0.3-IF031 | ||
|
Open Source CentOS
Open Source
|
cpe:/o:centos:centos:-
|
— |
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
IBM Security Access Manager for Enterprise Single Sign-On 8.2.1
IBM / Security Access Manager for Enterprise Single Sign-On
|
cpe:/a:ibm:security_access_manager_for_enterprise_single_sign_on:8.2.1
|
8.2.1 | |
|
Dell NetWorker Runtime Environment <8.0.20
Dell / NetWorker
|
Runtime Environment <8.0.20 | ||
|
Hitachi Command Suite
Hitachi
|
cpe:/a:hitachi:command_suite:-
|
— | |
|
IBM Storage Insights
IBM
|
cpe:/a:ibm:storage_insights:-
|
— | |
|
IBM MQ <9.2.0.25
IBM / MQ
|
<9.2.0.25 | ||
|
Amazon Corretto <8.402.06.1
Amazon / Corretto
|
<8.402.06.1 | ||
|
Oracle Linux
Oracle
|
cpe:/o:oracle:linux:-
|
— | |
|
IBM WebSphere Application Server 8.5
IBM / WebSphere Application Server
|
cpe:/a:ibm:websphere_application_server:8.5
|
8.5 | |
|
IBM Rational Business Developer 9.6
IBM / Rational Business Developer
|
cpe:/a:ibm:rational_business_developer:9.6
|
9.6 | |
|
IBM WebSphere Application Server 9.0
IBM / WebSphere Application Server
|
cpe:/a:ibm:websphere_application_server:9.0
|
9 | |
|
SolarWinds Security Event Manager <2024.2
SolarWinds / Security Event Manager
|
<2024.2 | ||
|
IBM MQ <9.3.0.17
IBM / MQ
|
<9.3.0.17 | ||
|
IBM AIX 7.3
IBM / AIX
|
cpe:/o:ibm:aix:7.3
|
7.3 | |
|
IBM SAN Volume Controller
IBM
|
cpe:/a:ibm:san_volume_controller:-
|
— | |
|
Amazon Corretto 11.0.22.7.1
Amazon / Corretto
|
cpe:/a:amazon:corretto:11.0.22.7.1
|
11.0.22.7.1 | |
|
Amazon Linux 2
Amazon
|
cpe:/o:amazon:linux_2:-
|
— | |
|
IBM Rational Business Developer 9.7
IBM / Rational Business Developer
|
cpe:/a:ibm:rational_business_developer:9.7
|
9.7 | |
|
Dell NetWorker Runtime Environment (NRE) 8.0.19
Dell / NetWorker
|
cpe:/a:dell:networker:runtime_environment_8.0.19
|
Runtime Environment (NRE) 8.0.19 | |
|
Oracle Java SE 22.3.4
Oracle / Java SE
|
cpe:/a:oracle:java_se:22.3.4
|
22.3.4 | |
|
Oracle Java SE 11.0.21
Oracle / Java SE
|
cpe:/a:oracle:java_se:11.0.21
|
11.0.21 | |
|
Oracle Java SE 21.3.8
Oracle / Java SE
|
cpe:/a:oracle:java_se:21.3.8
|
21.3.8 | |
|
IBM InfoSphere Information Server
IBM / InfoSphere Information Server
|
cpe:/a:ibm:infosphere_information_server:-
|
— | |
|
IBM AIX 7.2
IBM / AIX
|
cpe:/o:ibm:aix:7.2
|
7.2 | |
|
Oracle Java SE 17.0.9
Oracle / Java SE
|
cpe:/a:oracle:java_se:17.0.9
|
17.0.9 | |
|
IBM VIOS 3.1
IBM / VIOS
|
cpe:/a:ibm:vios:3.1
|
3.1 | |
|
IBM VIOS 4.1
IBM / VIOS
|
cpe:/a:ibm:vios:4.1
|
4.1 | |
|
IBM Storage Scale 5.1.0.0-5.1.9.2
IBM / Storage Scale
|
cpe:/a:ibm:spectrum_scale:5.1.0.0_-_5.1.9.2
|
5.1.0.0-5.1.9.2 | |
|
Gentoo Linux
Gentoo
|
cpe:/o:gentoo:linux:-
|
— | |
|
IBM Java <7.1.5.21
IBM / Java
|
<7.1.5.21 | ||
|
IBM Java <8.0.8.20
IBM / Java
|
<8.0.8.20 | ||
|
Hitachi Ops Center
Hitachi
|
cpe:/a:hitachi:ops_center:-
|
— | |
|
IBM QRadar SIEM 7.5
IBM / QRadar SIEM
|
cpe:/a:ibm:qradar_siem:7.5
|
7.5 | |
|
Kyocera Printer
Kyocera
|
cpe:/h:kyocera:printer:-
|
— | |
|
IBM Storwize
IBM
|
cpe:/a:ibm:storwize:-
|
— | |
|
EMC Avamar
EMC
|
cpe:/a:emc:avamar:-
|
— | |
|
Debian Linux
Debian
|
cpe:/o:debian:debian_linux:-
|
— | |
|
SUSE Linux
SUSE
|
cpe:/o:suse:suse_linux:-
|
— | |
|
IBM InfoSphere Information Server 11.7
IBM / InfoSphere Information Server
|
cpe:/a:ibm:infosphere_information_server:11.7
|
11.7 | |
|
SUSE openSUSE
SUSE
|
cpe:/o:suse:opensuse:-
|
— | |
|
IBM Tivoli Netcool/OMNIbus
IBM / Tivoli Netcool/OMNIbus
|
cpe:/a:ibm:tivoli_netcool%2fomnibus:-
|
— | |
|
IBM Tivoli Key Lifecycle Manager
IBM
|
cpe:/a:ibm:tivoli_key_lifecycle_manager:-
|
— | |
|
IBM WebSphere Service Registry and Repository 8.5
IBM / WebSphere Service Registry and Repository
|
cpe:/a:ibm:websphere_service_registry_and_repository:8.5
|
8.5 | |
|
IBM DB2 11.5
IBM / DB2
|
cpe:/a:ibm:db2:11.5
|
11.5 | |
|
IBM TXSeries for multiplatforms_8.1
IBM / TXSeries
|
cpe:/a:ibm:txseries:for_multiplatforms_8.1
|
for multiplatforms_8.1 | |
|
IBM DB2 11.1
IBM / DB2
|
cpe:/a:ibm:db2:11.1
|
11.1 | |
|
IBM DataPower Gateway <10.5.4
IBM / DataPower Gateway
|
<10.5.4 | ||
|
IBM TXSeries for multiplatforms_8.2
IBM / TXSeries
|
cpe:/a:ibm:txseries:for_multiplatforms_8.2
|
for multiplatforms_8.2 | |
|
Oracle Java SE 21.0.1
Oracle / Java SE
|
cpe:/a:oracle:java_se:21.0.1
|
21.0.1 | |
|
IBM TXSeries for multiplatforms_9.1
IBM / TXSeries
|
cpe:/a:ibm:txseries:for_multiplatforms_9.1
|
for multiplatforms_9.1 | |
|
Oracle GraalVM Enterprise Edition 21.3.8
Oracle / GraalVM
|
cpe:/a:oracle:graalvm:21.3.8::enterprise_edition
|
Enterprise Edition 21.3.8 | |
|
IBM Security Guardium 11.3
IBM / Security Guardium
|
cpe:/a:ibm:security_guardium:11.3
|
11.3 | |
|
IBM Business Automation Workflow <23.0.2-IF003
IBM / Business Automation Workflow
|
<23.0.2-IF003 | ||
|
Red Hat Enterprise Linux
Red Hat
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
IBM DataPower Gateway <10.5.0.10
IBM / DataPower Gateway
|
<10.5.0.10 | ||
|
IBM Rational Business Developer 9.1
IBM / Rational Business Developer
|
cpe:/a:ibm:rational_business_developer:9.1
|
9.1 | |
|
IBM InfoSphere Identity Insight 10.0.0.0
IBM / InfoSphere Identity Insight
|
cpe:/a:ibm:infosphere_identity_insight:10.0.0.0
|
10.0.0.0 | |
|
IBM DataPower Gateway <10.0.1.18
IBM / DataPower Gateway
|
<10.0.1.18 | ||
|
IBM Tivoli Netcool/OMNIbus 8.1.0
IBM / Tivoli Netcool/OMNIbus
|
cpe:/a:ibm:tivoli_netcool%2fomnibus:8.1.0
|
8.1.0 | |
|
Dell NetWorker virtual
Dell / NetWorker
|
cpe:/a:dell:networker:virtual
|
virtual | |
|
Dell ECS <3.8.1.1
Dell / ECS
|
<3.8.1.1 | ||
|
Oracle GraalVM for JDK 21.0.1
Oracle / GraalVM
|
cpe:/a:oracle:graalvm:21.0.1::for_jdk
|
for JDK 21.0.1 | |
|
IBM Integration Bus <=10.1.0.3
IBM / Integration Bus
|
<=10.1.0.3 | ||
|
Oracle Java SE 8u391
Oracle / Java SE
|
cpe:/a:oracle:java_se:8u391
|
8u391 | |
|
Oracle GraalVM for JDK 17.0.9
Oracle / GraalVM
|
cpe:/a:oracle:graalvm:17.0.9::for_jdk
|
for JDK 17.0.9 | |
|
Oracle GraalVM Enterprise Edition 20.3.12
Oracle / GraalVM
|
cpe:/a:oracle:graalvm:20.3.12::enterprise_edition
|
Enterprise Edition 20.3.12 | |
|
IBM App Connect Enterprise <12.0.11.2
IBM / App Connect Enterprise
|
<12.0.11.2 | ||
|
IBM Tivoli Monitoring for Virtual Environments Base <7.3.7
IBM / Tivoli Monitoring
|
for Virtual Environments Base <7.3.7 | ||
|
Hitachi Configuration Manager
Hitachi
|
cpe:/a:hitachi:configuration_manager:-
|
— | |
|
IBM FlashSystem
IBM
|
cpe:/a:ibm:flashsystem:-
|
— | |
|
HCL BigFix Compliance <2.0.11
HCL / BigFix
|
Compliance <2.0.11 | ||
|
IBM Tivoli Monitoring 6.3.0.7
IBM / Tivoli Monitoring
|
cpe:/a:ibm:tivoli_monitoring:6.3.0.7
|
6.3.0.7 | |
|
IBM MQ
IBM / MQ
|
cpe:/a:ibm:mq:-
|
— | |
|
IBM Power Hardware Management Console v10
IBM / Power Hardware Management Console
|
cpe:/a:ibm:hardware_management_console:v10
|
v10 | |
|
IBM MQ <9.3.5.1
IBM / MQ
|
<9.3.5.1 | ||
|
Amazon Corretto <8.402.08.1
Amazon / Corretto
|
<8.402.08.1 | ||
|
IBM Tivoli Network Manager <4.2.0.19
IBM / Tivoli Network Manager
|
<4.2.0.19 | ||
|
IBM Tivoli Netcool/OMNIbus <8.1.0.32
IBM / Tivoli Netcool/OMNIbus
|
<8.1.0.32 | ||
|
IBM MQ <9.1.0.21
IBM / MQ
|
<9.1.0.21 | ||
|
IBM MQ <9.0.0.24
IBM / MQ
|
<9.0.0.24 | ||
|
IBM DB2 10.5
IBM / DB2
|
cpe:/a:ibm:db2:10.5
|
10.5 | |
|
IBM Security Guardium 10.6
IBM / Security Guardium
|
cpe:/a:ibm:security_guardium:10.6
|
10.6 | |
|
IBM App Connect Enterprise <=11.0.0.24
IBM / App Connect Enterprise
|
<=11.0.0.24 | ||
|
IBM App Connect Enterprise
IBM / App Connect Enterprise
|
cpe:/a:ibm:app_connect_enterprise:-
|
— | |
|
Ubuntu Linux
Ubuntu
|
cpe:/o:canonical:ubuntu_linux:-
|
— | |
|
Amazon Corretto <8.442.06.1
Amazon / Corretto
|
<8.442.06.1 | ||
|
Amazon Corretto <11.0.26.4.1
Amazon / Corretto
|
<11.0.26.4.1 | ||
|
IBM Security Access Manager for Enterprise Single Sign-On 8.2.2
IBM / Security Access Manager for Enterprise Single Sign-On
|
cpe:/a:ibm:security_access_manager_for_enterprise_single_sign_on:8.2.2
|
8.2.2 | |
|
Broadcom Brocade SANnav
Broadcom
|
cpe:/a:broadcom:brocade_sannav:-
|
— | |
|
IBM Business Automation Workflow <21.0.3-IF031
IBM / Business Automation Workflow
|
<21.0.3-IF031 | ||
|
Open Source CentOS
Open Source
|
cpe:/o:centos:centos:-
|
— |
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
IBM Security Access Manager for Enterprise Single Sign-On 8.2.1
IBM / Security Access Manager for Enterprise Single Sign-On
|
cpe:/a:ibm:security_access_manager_for_enterprise_single_sign_on:8.2.1
|
8.2.1 | |
|
Dell NetWorker Runtime Environment <8.0.20
Dell / NetWorker
|
Runtime Environment <8.0.20 | ||
|
Hitachi Command Suite
Hitachi
|
cpe:/a:hitachi:command_suite:-
|
— | |
|
IBM Storage Insights
IBM
|
cpe:/a:ibm:storage_insights:-
|
— | |
|
IBM MQ <9.2.0.25
IBM / MQ
|
<9.2.0.25 | ||
|
Amazon Corretto <8.402.06.1
Amazon / Corretto
|
<8.402.06.1 | ||
|
Oracle Linux
Oracle
|
cpe:/o:oracle:linux:-
|
— | |
|
IBM WebSphere Application Server 8.5
IBM / WebSphere Application Server
|
cpe:/a:ibm:websphere_application_server:8.5
|
8.5 | |
|
IBM Rational Business Developer 9.6
IBM / Rational Business Developer
|
cpe:/a:ibm:rational_business_developer:9.6
|
9.6 | |
|
IBM WebSphere Application Server 9.0
IBM / WebSphere Application Server
|
cpe:/a:ibm:websphere_application_server:9.0
|
9 | |
|
SolarWinds Security Event Manager <2024.2
SolarWinds / Security Event Manager
|
<2024.2 | ||
|
IBM MQ <9.3.0.17
IBM / MQ
|
<9.3.0.17 | ||
|
IBM AIX 7.3
IBM / AIX
|
cpe:/o:ibm:aix:7.3
|
7.3 | |
|
IBM SAN Volume Controller
IBM
|
cpe:/a:ibm:san_volume_controller:-
|
— | |
|
Amazon Corretto 11.0.22.7.1
Amazon / Corretto
|
cpe:/a:amazon:corretto:11.0.22.7.1
|
11.0.22.7.1 | |
|
Amazon Linux 2
Amazon
|
cpe:/o:amazon:linux_2:-
|
— | |
|
IBM Rational Business Developer 9.7
IBM / Rational Business Developer
|
cpe:/a:ibm:rational_business_developer:9.7
|
9.7 | |
|
Dell NetWorker Runtime Environment (NRE) 8.0.19
Dell / NetWorker
|
cpe:/a:dell:networker:runtime_environment_8.0.19
|
Runtime Environment (NRE) 8.0.19 | |
|
Oracle Java SE 22.3.4
Oracle / Java SE
|
cpe:/a:oracle:java_se:22.3.4
|
22.3.4 | |
|
Oracle Java SE 11.0.21
Oracle / Java SE
|
cpe:/a:oracle:java_se:11.0.21
|
11.0.21 | |
|
Oracle Java SE 21.3.8
Oracle / Java SE
|
cpe:/a:oracle:java_se:21.3.8
|
21.3.8 | |
|
IBM InfoSphere Information Server
IBM / InfoSphere Information Server
|
cpe:/a:ibm:infosphere_information_server:-
|
— | |
|
IBM AIX 7.2
IBM / AIX
|
cpe:/o:ibm:aix:7.2
|
7.2 | |
|
Oracle Java SE 17.0.9
Oracle / Java SE
|
cpe:/a:oracle:java_se:17.0.9
|
17.0.9 | |
|
IBM VIOS 3.1
IBM / VIOS
|
cpe:/a:ibm:vios:3.1
|
3.1 | |
|
IBM VIOS 4.1
IBM / VIOS
|
cpe:/a:ibm:vios:4.1
|
4.1 | |
|
IBM Storage Scale 5.1.0.0-5.1.9.2
IBM / Storage Scale
|
cpe:/a:ibm:spectrum_scale:5.1.0.0_-_5.1.9.2
|
5.1.0.0-5.1.9.2 | |
|
Gentoo Linux
Gentoo
|
cpe:/o:gentoo:linux:-
|
— | |
|
IBM Java <7.1.5.21
IBM / Java
|
<7.1.5.21 | ||
|
IBM Java <8.0.8.20
IBM / Java
|
<8.0.8.20 | ||
|
Hitachi Ops Center
Hitachi
|
cpe:/a:hitachi:ops_center:-
|
— | |
|
IBM QRadar SIEM 7.5
IBM / QRadar SIEM
|
cpe:/a:ibm:qradar_siem:7.5
|
7.5 | |
|
Kyocera Printer
Kyocera
|
cpe:/h:kyocera:printer:-
|
— | |
|
IBM Storwize
IBM
|
cpe:/a:ibm:storwize:-
|
— | |
|
EMC Avamar
EMC
|
cpe:/a:emc:avamar:-
|
— | |
|
Debian Linux
Debian
|
cpe:/o:debian:debian_linux:-
|
— | |
|
SUSE Linux
SUSE
|
cpe:/o:suse:suse_linux:-
|
— | |
|
IBM InfoSphere Information Server 11.7
IBM / InfoSphere Information Server
|
cpe:/a:ibm:infosphere_information_server:11.7
|
11.7 | |
|
SUSE openSUSE
SUSE
|
cpe:/o:suse:opensuse:-
|
— | |
|
IBM Tivoli Netcool/OMNIbus
IBM / Tivoli Netcool/OMNIbus
|
cpe:/a:ibm:tivoli_netcool%2fomnibus:-
|
— | |
|
IBM Tivoli Key Lifecycle Manager
IBM
|
cpe:/a:ibm:tivoli_key_lifecycle_manager:-
|
— | |
|
IBM WebSphere Service Registry and Repository 8.5
IBM / WebSphere Service Registry and Repository
|
cpe:/a:ibm:websphere_service_registry_and_repository:8.5
|
8.5 | |
|
IBM DB2 11.5
IBM / DB2
|
cpe:/a:ibm:db2:11.5
|
11.5 | |
|
IBM TXSeries for multiplatforms_8.1
IBM / TXSeries
|
cpe:/a:ibm:txseries:for_multiplatforms_8.1
|
for multiplatforms_8.1 | |
|
IBM DB2 11.1
IBM / DB2
|
cpe:/a:ibm:db2:11.1
|
11.1 | |
|
IBM DataPower Gateway <10.5.4
IBM / DataPower Gateway
|
<10.5.4 | ||
|
IBM TXSeries for multiplatforms_8.2
IBM / TXSeries
|
cpe:/a:ibm:txseries:for_multiplatforms_8.2
|
for multiplatforms_8.2 | |
|
Oracle Java SE 21.0.1
Oracle / Java SE
|
cpe:/a:oracle:java_se:21.0.1
|
21.0.1 | |
|
IBM TXSeries for multiplatforms_9.1
IBM / TXSeries
|
cpe:/a:ibm:txseries:for_multiplatforms_9.1
|
for multiplatforms_9.1 | |
|
Oracle GraalVM Enterprise Edition 21.3.8
Oracle / GraalVM
|
cpe:/a:oracle:graalvm:21.3.8::enterprise_edition
|
Enterprise Edition 21.3.8 | |
|
IBM Security Guardium 11.3
IBM / Security Guardium
|
cpe:/a:ibm:security_guardium:11.3
|
11.3 | |
|
IBM Business Automation Workflow <23.0.2-IF003
IBM / Business Automation Workflow
|
<23.0.2-IF003 | ||
|
Red Hat Enterprise Linux
Red Hat
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
IBM DataPower Gateway <10.5.0.10
IBM / DataPower Gateway
|
<10.5.0.10 | ||
|
IBM Rational Business Developer 9.1
IBM / Rational Business Developer
|
cpe:/a:ibm:rational_business_developer:9.1
|
9.1 | |
|
IBM InfoSphere Identity Insight 10.0.0.0
IBM / InfoSphere Identity Insight
|
cpe:/a:ibm:infosphere_identity_insight:10.0.0.0
|
10.0.0.0 | |
|
IBM DataPower Gateway <10.0.1.18
IBM / DataPower Gateway
|
<10.0.1.18 | ||
|
IBM Tivoli Netcool/OMNIbus 8.1.0
IBM / Tivoli Netcool/OMNIbus
|
cpe:/a:ibm:tivoli_netcool%2fomnibus:8.1.0
|
8.1.0 | |
|
Dell NetWorker virtual
Dell / NetWorker
|
cpe:/a:dell:networker:virtual
|
virtual | |
|
Dell ECS <3.8.1.1
Dell / ECS
|
<3.8.1.1 | ||
|
Oracle GraalVM for JDK 21.0.1
Oracle / GraalVM
|
cpe:/a:oracle:graalvm:21.0.1::for_jdk
|
for JDK 21.0.1 | |
|
IBM Integration Bus <=10.1.0.3
IBM / Integration Bus
|
<=10.1.0.3 | ||
|
Oracle Java SE 8u391
Oracle / Java SE
|
cpe:/a:oracle:java_se:8u391
|
8u391 | |
|
Oracle GraalVM for JDK 17.0.9
Oracle / GraalVM
|
cpe:/a:oracle:graalvm:17.0.9::for_jdk
|
for JDK 17.0.9 | |
|
Oracle GraalVM Enterprise Edition 20.3.12
Oracle / GraalVM
|
cpe:/a:oracle:graalvm:20.3.12::enterprise_edition
|
Enterprise Edition 20.3.12 | |
|
IBM App Connect Enterprise <12.0.11.2
IBM / App Connect Enterprise
|
<12.0.11.2 | ||
|
IBM Tivoli Monitoring for Virtual Environments Base <7.3.7
IBM / Tivoli Monitoring
|
for Virtual Environments Base <7.3.7 | ||
|
Hitachi Configuration Manager
Hitachi
|
cpe:/a:hitachi:configuration_manager:-
|
— | |
|
IBM FlashSystem
IBM
|
cpe:/a:ibm:flashsystem:-
|
— | |
|
HCL BigFix Compliance <2.0.11
HCL / BigFix
|
Compliance <2.0.11 | ||
|
IBM Tivoli Monitoring 6.3.0.7
IBM / Tivoli Monitoring
|
cpe:/a:ibm:tivoli_monitoring:6.3.0.7
|
6.3.0.7 | |
|
IBM MQ
IBM / MQ
|
cpe:/a:ibm:mq:-
|
— | |
|
IBM Power Hardware Management Console v10
IBM / Power Hardware Management Console
|
cpe:/a:ibm:hardware_management_console:v10
|
v10 | |
|
IBM MQ <9.3.5.1
IBM / MQ
|
<9.3.5.1 | ||
|
Amazon Corretto <8.402.08.1
Amazon / Corretto
|
<8.402.08.1 | ||
|
IBM Tivoli Network Manager <4.2.0.19
IBM / Tivoli Network Manager
|
<4.2.0.19 | ||
|
IBM Tivoli Netcool/OMNIbus <8.1.0.32
IBM / Tivoli Netcool/OMNIbus
|
<8.1.0.32 | ||
|
IBM MQ <9.1.0.21
IBM / MQ
|
<9.1.0.21 | ||
|
IBM MQ <9.0.0.24
IBM / MQ
|
<9.0.0.24 | ||
|
IBM DB2 10.5
IBM / DB2
|
cpe:/a:ibm:db2:10.5
|
10.5 | |
|
IBM Security Guardium 10.6
IBM / Security Guardium
|
cpe:/a:ibm:security_guardium:10.6
|
10.6 | |
|
IBM App Connect Enterprise <=11.0.0.24
IBM / App Connect Enterprise
|
<=11.0.0.24 | ||
|
IBM App Connect Enterprise
IBM / App Connect Enterprise
|
cpe:/a:ibm:app_connect_enterprise:-
|
— | |
|
Ubuntu Linux
Ubuntu
|
cpe:/o:canonical:ubuntu_linux:-
|
— | |
|
Amazon Corretto <8.442.06.1
Amazon / Corretto
|
<8.442.06.1 | ||
|
Amazon Corretto <11.0.26.4.1
Amazon / Corretto
|
<11.0.26.4.1 | ||
|
IBM Security Access Manager for Enterprise Single Sign-On 8.2.2
IBM / Security Access Manager for Enterprise Single Sign-On
|
cpe:/a:ibm:security_access_manager_for_enterprise_single_sign_on:8.2.2
|
8.2.2 | |
|
Broadcom Brocade SANnav
Broadcom
|
cpe:/a:broadcom:brocade_sannav:-
|
— | |
|
IBM Business Automation Workflow <21.0.3-IF031
IBM / Business Automation Workflow
|
<21.0.3-IF031 | ||
|
Open Source CentOS
Open Source
|
cpe:/o:centos:centos:-
|
— |
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
IBM Security Access Manager for Enterprise Single Sign-On 8.2.1
IBM / Security Access Manager for Enterprise Single Sign-On
|
cpe:/a:ibm:security_access_manager_for_enterprise_single_sign_on:8.2.1
|
8.2.1 | |
|
Dell NetWorker Runtime Environment <8.0.20
Dell / NetWorker
|
Runtime Environment <8.0.20 | ||
|
Hitachi Command Suite
Hitachi
|
cpe:/a:hitachi:command_suite:-
|
— | |
|
IBM Storage Insights
IBM
|
cpe:/a:ibm:storage_insights:-
|
— | |
|
IBM MQ <9.2.0.25
IBM / MQ
|
<9.2.0.25 | ||
|
Amazon Corretto <8.402.06.1
Amazon / Corretto
|
<8.402.06.1 | ||
|
Oracle Linux
Oracle
|
cpe:/o:oracle:linux:-
|
— | |
|
IBM WebSphere Application Server 8.5
IBM / WebSphere Application Server
|
cpe:/a:ibm:websphere_application_server:8.5
|
8.5 | |
|
IBM Rational Business Developer 9.6
IBM / Rational Business Developer
|
cpe:/a:ibm:rational_business_developer:9.6
|
9.6 | |
|
IBM WebSphere Application Server 9.0
IBM / WebSphere Application Server
|
cpe:/a:ibm:websphere_application_server:9.0
|
9 | |
|
SolarWinds Security Event Manager <2024.2
SolarWinds / Security Event Manager
|
<2024.2 | ||
|
IBM MQ <9.3.0.17
IBM / MQ
|
<9.3.0.17 | ||
|
IBM AIX 7.3
IBM / AIX
|
cpe:/o:ibm:aix:7.3
|
7.3 | |
|
IBM SAN Volume Controller
IBM
|
cpe:/a:ibm:san_volume_controller:-
|
— | |
|
Amazon Corretto 11.0.22.7.1
Amazon / Corretto
|
cpe:/a:amazon:corretto:11.0.22.7.1
|
11.0.22.7.1 | |
|
Amazon Linux 2
Amazon
|
cpe:/o:amazon:linux_2:-
|
— | |
|
IBM Rational Business Developer 9.7
IBM / Rational Business Developer
|
cpe:/a:ibm:rational_business_developer:9.7
|
9.7 | |
|
Dell NetWorker Runtime Environment (NRE) 8.0.19
Dell / NetWorker
|
cpe:/a:dell:networker:runtime_environment_8.0.19
|
Runtime Environment (NRE) 8.0.19 | |
|
Oracle Java SE 22.3.4
Oracle / Java SE
|
cpe:/a:oracle:java_se:22.3.4
|
22.3.4 | |
|
Oracle Java SE 11.0.21
Oracle / Java SE
|
cpe:/a:oracle:java_se:11.0.21
|
11.0.21 | |
|
Oracle Java SE 21.3.8
Oracle / Java SE
|
cpe:/a:oracle:java_se:21.3.8
|
21.3.8 | |
|
IBM InfoSphere Information Server
IBM / InfoSphere Information Server
|
cpe:/a:ibm:infosphere_information_server:-
|
— | |
|
IBM AIX 7.2
IBM / AIX
|
cpe:/o:ibm:aix:7.2
|
7.2 | |
|
Oracle Java SE 17.0.9
Oracle / Java SE
|
cpe:/a:oracle:java_se:17.0.9
|
17.0.9 | |
|
IBM VIOS 3.1
IBM / VIOS
|
cpe:/a:ibm:vios:3.1
|
3.1 | |
|
IBM VIOS 4.1
IBM / VIOS
|
cpe:/a:ibm:vios:4.1
|
4.1 | |
|
IBM Storage Scale 5.1.0.0-5.1.9.2
IBM / Storage Scale
|
cpe:/a:ibm:spectrum_scale:5.1.0.0_-_5.1.9.2
|
5.1.0.0-5.1.9.2 | |
|
Gentoo Linux
Gentoo
|
cpe:/o:gentoo:linux:-
|
— | |
|
IBM Java <7.1.5.21
IBM / Java
|
<7.1.5.21 | ||
|
IBM Java <8.0.8.20
IBM / Java
|
<8.0.8.20 | ||
|
Hitachi Ops Center
Hitachi
|
cpe:/a:hitachi:ops_center:-
|
— | |
|
IBM QRadar SIEM 7.5
IBM / QRadar SIEM
|
cpe:/a:ibm:qradar_siem:7.5
|
7.5 | |
|
Kyocera Printer
Kyocera
|
cpe:/h:kyocera:printer:-
|
— | |
|
IBM Storwize
IBM
|
cpe:/a:ibm:storwize:-
|
— | |
|
EMC Avamar
EMC
|
cpe:/a:emc:avamar:-
|
— | |
|
Debian Linux
Debian
|
cpe:/o:debian:debian_linux:-
|
— | |
|
SUSE Linux
SUSE
|
cpe:/o:suse:suse_linux:-
|
— | |
|
IBM InfoSphere Information Server 11.7
IBM / InfoSphere Information Server
|
cpe:/a:ibm:infosphere_information_server:11.7
|
11.7 | |
|
SUSE openSUSE
SUSE
|
cpe:/o:suse:opensuse:-
|
— | |
|
IBM Tivoli Netcool/OMNIbus
IBM / Tivoli Netcool/OMNIbus
|
cpe:/a:ibm:tivoli_netcool%2fomnibus:-
|
— | |
|
IBM Tivoli Key Lifecycle Manager
IBM
|
cpe:/a:ibm:tivoli_key_lifecycle_manager:-
|
— | |
|
IBM WebSphere Service Registry and Repository 8.5
IBM / WebSphere Service Registry and Repository
|
cpe:/a:ibm:websphere_service_registry_and_repository:8.5
|
8.5 | |
|
IBM DB2 11.5
IBM / DB2
|
cpe:/a:ibm:db2:11.5
|
11.5 | |
|
IBM TXSeries for multiplatforms_8.1
IBM / TXSeries
|
cpe:/a:ibm:txseries:for_multiplatforms_8.1
|
for multiplatforms_8.1 | |
|
IBM DB2 11.1
IBM / DB2
|
cpe:/a:ibm:db2:11.1
|
11.1 | |
|
IBM DataPower Gateway <10.5.4
IBM / DataPower Gateway
|
<10.5.4 | ||
|
IBM TXSeries for multiplatforms_8.2
IBM / TXSeries
|
cpe:/a:ibm:txseries:for_multiplatforms_8.2
|
for multiplatforms_8.2 | |
|
Oracle Java SE 21.0.1
Oracle / Java SE
|
cpe:/a:oracle:java_se:21.0.1
|
21.0.1 | |
|
IBM TXSeries for multiplatforms_9.1
IBM / TXSeries
|
cpe:/a:ibm:txseries:for_multiplatforms_9.1
|
for multiplatforms_9.1 | |
|
Oracle GraalVM Enterprise Edition 21.3.8
Oracle / GraalVM
|
cpe:/a:oracle:graalvm:21.3.8::enterprise_edition
|
Enterprise Edition 21.3.8 | |
|
IBM Security Guardium 11.3
IBM / Security Guardium
|
cpe:/a:ibm:security_guardium:11.3
|
11.3 | |
|
IBM Business Automation Workflow <23.0.2-IF003
IBM / Business Automation Workflow
|
<23.0.2-IF003 | ||
|
Red Hat Enterprise Linux
Red Hat
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
IBM DataPower Gateway <10.5.0.10
IBM / DataPower Gateway
|
<10.5.0.10 | ||
|
IBM Rational Business Developer 9.1
IBM / Rational Business Developer
|
cpe:/a:ibm:rational_business_developer:9.1
|
9.1 | |
|
IBM InfoSphere Identity Insight 10.0.0.0
IBM / InfoSphere Identity Insight
|
cpe:/a:ibm:infosphere_identity_insight:10.0.0.0
|
10.0.0.0 | |
|
IBM DataPower Gateway <10.0.1.18
IBM / DataPower Gateway
|
<10.0.1.18 | ||
|
IBM Tivoli Netcool/OMNIbus 8.1.0
IBM / Tivoli Netcool/OMNIbus
|
cpe:/a:ibm:tivoli_netcool%2fomnibus:8.1.0
|
8.1.0 | |
|
Dell NetWorker virtual
Dell / NetWorker
|
cpe:/a:dell:networker:virtual
|
virtual | |
|
Dell ECS <3.8.1.1
Dell / ECS
|
<3.8.1.1 | ||
|
Oracle GraalVM for JDK 21.0.1
Oracle / GraalVM
|
cpe:/a:oracle:graalvm:21.0.1::for_jdk
|
for JDK 21.0.1 | |
|
IBM Integration Bus <=10.1.0.3
IBM / Integration Bus
|
<=10.1.0.3 | ||
|
Oracle Java SE 8u391
Oracle / Java SE
|
cpe:/a:oracle:java_se:8u391
|
8u391 | |
|
Oracle GraalVM for JDK 17.0.9
Oracle / GraalVM
|
cpe:/a:oracle:graalvm:17.0.9::for_jdk
|
for JDK 17.0.9 | |
|
Oracle GraalVM Enterprise Edition 20.3.12
Oracle / GraalVM
|
cpe:/a:oracle:graalvm:20.3.12::enterprise_edition
|
Enterprise Edition 20.3.12 | |
|
IBM App Connect Enterprise <12.0.11.2
IBM / App Connect Enterprise
|
<12.0.11.2 | ||
|
IBM Tivoli Monitoring for Virtual Environments Base <7.3.7
IBM / Tivoli Monitoring
|
for Virtual Environments Base <7.3.7 | ||
|
Hitachi Configuration Manager
Hitachi
|
cpe:/a:hitachi:configuration_manager:-
|
— | |
|
IBM FlashSystem
IBM
|
cpe:/a:ibm:flashsystem:-
|
— | |
|
HCL BigFix Compliance <2.0.11
HCL / BigFix
|
Compliance <2.0.11 | ||
|
IBM Tivoli Monitoring 6.3.0.7
IBM / Tivoli Monitoring
|
cpe:/a:ibm:tivoli_monitoring:6.3.0.7
|
6.3.0.7 | |
|
IBM MQ
IBM / MQ
|
cpe:/a:ibm:mq:-
|
— | |
|
IBM Power Hardware Management Console v10
IBM / Power Hardware Management Console
|
cpe:/a:ibm:hardware_management_console:v10
|
v10 | |
|
IBM MQ <9.3.5.1
IBM / MQ
|
<9.3.5.1 | ||
|
Amazon Corretto <8.402.08.1
Amazon / Corretto
|
<8.402.08.1 | ||
|
IBM Tivoli Network Manager <4.2.0.19
IBM / Tivoli Network Manager
|
<4.2.0.19 | ||
|
IBM Tivoli Netcool/OMNIbus <8.1.0.32
IBM / Tivoli Netcool/OMNIbus
|
<8.1.0.32 | ||
|
IBM MQ <9.1.0.21
IBM / MQ
|
<9.1.0.21 | ||
|
IBM MQ <9.0.0.24
IBM / MQ
|
<9.0.0.24 | ||
|
IBM DB2 10.5
IBM / DB2
|
cpe:/a:ibm:db2:10.5
|
10.5 | |
|
IBM Security Guardium 10.6
IBM / Security Guardium
|
cpe:/a:ibm:security_guardium:10.6
|
10.6 | |
|
IBM App Connect Enterprise <=11.0.0.24
IBM / App Connect Enterprise
|
<=11.0.0.24 | ||
|
IBM App Connect Enterprise
IBM / App Connect Enterprise
|
cpe:/a:ibm:app_connect_enterprise:-
|
— | |
|
Ubuntu Linux
Ubuntu
|
cpe:/o:canonical:ubuntu_linux:-
|
— | |
|
Amazon Corretto <8.442.06.1
Amazon / Corretto
|
<8.442.06.1 | ||
|
Amazon Corretto <11.0.26.4.1
Amazon / Corretto
|
<11.0.26.4.1 | ||
|
IBM Security Access Manager for Enterprise Single Sign-On 8.2.2
IBM / Security Access Manager for Enterprise Single Sign-On
|
cpe:/a:ibm:security_access_manager_for_enterprise_single_sign_on:8.2.2
|
8.2.2 | |
|
Broadcom Brocade SANnav
Broadcom
|
cpe:/a:broadcom:brocade_sannav:-
|
— | |
|
IBM Business Automation Workflow <21.0.3-IF031
IBM / Business Automation Workflow
|
<21.0.3-IF031 | ||
|
Open Source CentOS
Open Source
|
cpe:/o:centos:centos:-
|
— |
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
IBM Security Access Manager for Enterprise Single Sign-On 8.2.1
IBM / Security Access Manager for Enterprise Single Sign-On
|
cpe:/a:ibm:security_access_manager_for_enterprise_single_sign_on:8.2.1
|
8.2.1 | |
|
Dell NetWorker Runtime Environment <8.0.20
Dell / NetWorker
|
Runtime Environment <8.0.20 | ||
|
Hitachi Command Suite
Hitachi
|
cpe:/a:hitachi:command_suite:-
|
— | |
|
IBM Storage Insights
IBM
|
cpe:/a:ibm:storage_insights:-
|
— | |
|
IBM MQ <9.2.0.25
IBM / MQ
|
<9.2.0.25 | ||
|
Amazon Corretto <8.402.06.1
Amazon / Corretto
|
<8.402.06.1 | ||
|
Oracle Linux
Oracle
|
cpe:/o:oracle:linux:-
|
— | |
|
IBM WebSphere Application Server 8.5
IBM / WebSphere Application Server
|
cpe:/a:ibm:websphere_application_server:8.5
|
8.5 | |
|
IBM Rational Business Developer 9.6
IBM / Rational Business Developer
|
cpe:/a:ibm:rational_business_developer:9.6
|
9.6 | |
|
IBM WebSphere Application Server 9.0
IBM / WebSphere Application Server
|
cpe:/a:ibm:websphere_application_server:9.0
|
9 | |
|
SolarWinds Security Event Manager <2024.2
SolarWinds / Security Event Manager
|
<2024.2 | ||
|
IBM MQ <9.3.0.17
IBM / MQ
|
<9.3.0.17 | ||
|
IBM AIX 7.3
IBM / AIX
|
cpe:/o:ibm:aix:7.3
|
7.3 | |
|
IBM SAN Volume Controller
IBM
|
cpe:/a:ibm:san_volume_controller:-
|
— | |
|
Amazon Corretto 11.0.22.7.1
Amazon / Corretto
|
cpe:/a:amazon:corretto:11.0.22.7.1
|
11.0.22.7.1 | |
|
Amazon Linux 2
Amazon
|
cpe:/o:amazon:linux_2:-
|
— | |
|
IBM Rational Business Developer 9.7
IBM / Rational Business Developer
|
cpe:/a:ibm:rational_business_developer:9.7
|
9.7 | |
|
Dell NetWorker Runtime Environment (NRE) 8.0.19
Dell / NetWorker
|
cpe:/a:dell:networker:runtime_environment_8.0.19
|
Runtime Environment (NRE) 8.0.19 | |
|
Oracle Java SE 22.3.4
Oracle / Java SE
|
cpe:/a:oracle:java_se:22.3.4
|
22.3.4 | |
|
Oracle Java SE 11.0.21
Oracle / Java SE
|
cpe:/a:oracle:java_se:11.0.21
|
11.0.21 | |
|
Oracle Java SE 21.3.8
Oracle / Java SE
|
cpe:/a:oracle:java_se:21.3.8
|
21.3.8 | |
|
IBM InfoSphere Information Server
IBM / InfoSphere Information Server
|
cpe:/a:ibm:infosphere_information_server:-
|
— | |
|
IBM AIX 7.2
IBM / AIX
|
cpe:/o:ibm:aix:7.2
|
7.2 | |
|
Oracle Java SE 17.0.9
Oracle / Java SE
|
cpe:/a:oracle:java_se:17.0.9
|
17.0.9 | |
|
IBM VIOS 3.1
IBM / VIOS
|
cpe:/a:ibm:vios:3.1
|
3.1 | |
|
IBM VIOS 4.1
IBM / VIOS
|
cpe:/a:ibm:vios:4.1
|
4.1 | |
|
IBM Storage Scale 5.1.0.0-5.1.9.2
IBM / Storage Scale
|
cpe:/a:ibm:spectrum_scale:5.1.0.0_-_5.1.9.2
|
5.1.0.0-5.1.9.2 | |
|
Gentoo Linux
Gentoo
|
cpe:/o:gentoo:linux:-
|
— | |
|
IBM Java <7.1.5.21
IBM / Java
|
<7.1.5.21 | ||
|
IBM Java <8.0.8.20
IBM / Java
|
<8.0.8.20 | ||
|
Hitachi Ops Center
Hitachi
|
cpe:/a:hitachi:ops_center:-
|
— | |
|
IBM QRadar SIEM 7.5
IBM / QRadar SIEM
|
cpe:/a:ibm:qradar_siem:7.5
|
7.5 | |
|
Kyocera Printer
Kyocera
|
cpe:/h:kyocera:printer:-
|
— | |
|
IBM Storwize
IBM
|
cpe:/a:ibm:storwize:-
|
— | |
|
EMC Avamar
EMC
|
cpe:/a:emc:avamar:-
|
— | |
|
Debian Linux
Debian
|
cpe:/o:debian:debian_linux:-
|
— | |
|
SUSE Linux
SUSE
|
cpe:/o:suse:suse_linux:-
|
— | |
|
IBM InfoSphere Information Server 11.7
IBM / InfoSphere Information Server
|
cpe:/a:ibm:infosphere_information_server:11.7
|
11.7 | |
|
SUSE openSUSE
SUSE
|
cpe:/o:suse:opensuse:-
|
— | |
|
IBM Tivoli Netcool/OMNIbus
IBM / Tivoli Netcool/OMNIbus
|
cpe:/a:ibm:tivoli_netcool%2fomnibus:-
|
— | |
|
IBM Tivoli Key Lifecycle Manager
IBM
|
cpe:/a:ibm:tivoli_key_lifecycle_manager:-
|
— | |
|
IBM WebSphere Service Registry and Repository 8.5
IBM / WebSphere Service Registry and Repository
|
cpe:/a:ibm:websphere_service_registry_and_repository:8.5
|
8.5 | |
|
IBM DB2 11.5
IBM / DB2
|
cpe:/a:ibm:db2:11.5
|
11.5 | |
|
IBM TXSeries for multiplatforms_8.1
IBM / TXSeries
|
cpe:/a:ibm:txseries:for_multiplatforms_8.1
|
for multiplatforms_8.1 | |
|
IBM DB2 11.1
IBM / DB2
|
cpe:/a:ibm:db2:11.1
|
11.1 | |
|
IBM DataPower Gateway <10.5.4
IBM / DataPower Gateway
|
<10.5.4 | ||
|
IBM TXSeries for multiplatforms_8.2
IBM / TXSeries
|
cpe:/a:ibm:txseries:for_multiplatforms_8.2
|
for multiplatforms_8.2 | |
|
Oracle Java SE 21.0.1
Oracle / Java SE
|
cpe:/a:oracle:java_se:21.0.1
|
21.0.1 | |
|
IBM TXSeries for multiplatforms_9.1
IBM / TXSeries
|
cpe:/a:ibm:txseries:for_multiplatforms_9.1
|
for multiplatforms_9.1 | |
|
Oracle GraalVM Enterprise Edition 21.3.8
Oracle / GraalVM
|
cpe:/a:oracle:graalvm:21.3.8::enterprise_edition
|
Enterprise Edition 21.3.8 | |
|
IBM Security Guardium 11.3
IBM / Security Guardium
|
cpe:/a:ibm:security_guardium:11.3
|
11.3 | |
|
IBM Business Automation Workflow <23.0.2-IF003
IBM / Business Automation Workflow
|
<23.0.2-IF003 | ||
|
Red Hat Enterprise Linux
Red Hat
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
IBM DataPower Gateway <10.5.0.10
IBM / DataPower Gateway
|
<10.5.0.10 | ||
|
IBM Rational Business Developer 9.1
IBM / Rational Business Developer
|
cpe:/a:ibm:rational_business_developer:9.1
|
9.1 | |
|
IBM InfoSphere Identity Insight 10.0.0.0
IBM / InfoSphere Identity Insight
|
cpe:/a:ibm:infosphere_identity_insight:10.0.0.0
|
10.0.0.0 | |
|
IBM DataPower Gateway <10.0.1.18
IBM / DataPower Gateway
|
<10.0.1.18 | ||
|
IBM Tivoli Netcool/OMNIbus 8.1.0
IBM / Tivoli Netcool/OMNIbus
|
cpe:/a:ibm:tivoli_netcool%2fomnibus:8.1.0
|
8.1.0 | |
|
Dell NetWorker virtual
Dell / NetWorker
|
cpe:/a:dell:networker:virtual
|
virtual | |
|
Dell ECS <3.8.1.1
Dell / ECS
|
<3.8.1.1 | ||
|
Oracle GraalVM for JDK 21.0.1
Oracle / GraalVM
|
cpe:/a:oracle:graalvm:21.0.1::for_jdk
|
for JDK 21.0.1 | |
|
IBM Integration Bus <=10.1.0.3
IBM / Integration Bus
|
<=10.1.0.3 | ||
|
Oracle Java SE 8u391
Oracle / Java SE
|
cpe:/a:oracle:java_se:8u391
|
8u391 | |
|
Oracle GraalVM for JDK 17.0.9
Oracle / GraalVM
|
cpe:/a:oracle:graalvm:17.0.9::for_jdk
|
for JDK 17.0.9 | |
|
Oracle GraalVM Enterprise Edition 20.3.12
Oracle / GraalVM
|
cpe:/a:oracle:graalvm:20.3.12::enterprise_edition
|
Enterprise Edition 20.3.12 | |
|
IBM App Connect Enterprise <12.0.11.2
IBM / App Connect Enterprise
|
<12.0.11.2 | ||
|
IBM Tivoli Monitoring for Virtual Environments Base <7.3.7
IBM / Tivoli Monitoring
|
for Virtual Environments Base <7.3.7 | ||
|
Hitachi Configuration Manager
Hitachi
|
cpe:/a:hitachi:configuration_manager:-
|
— | |
|
IBM FlashSystem
IBM
|
cpe:/a:ibm:flashsystem:-
|
— | |
|
HCL BigFix Compliance <2.0.11
HCL / BigFix
|
Compliance <2.0.11 | ||
|
IBM Tivoli Monitoring 6.3.0.7
IBM / Tivoli Monitoring
|
cpe:/a:ibm:tivoli_monitoring:6.3.0.7
|
6.3.0.7 | |
|
IBM MQ
IBM / MQ
|
cpe:/a:ibm:mq:-
|
— | |
|
IBM Power Hardware Management Console v10
IBM / Power Hardware Management Console
|
cpe:/a:ibm:hardware_management_console:v10
|
v10 | |
|
IBM MQ <9.3.5.1
IBM / MQ
|
<9.3.5.1 | ||
|
Amazon Corretto <8.402.08.1
Amazon / Corretto
|
<8.402.08.1 | ||
|
IBM Tivoli Network Manager <4.2.0.19
IBM / Tivoli Network Manager
|
<4.2.0.19 | ||
|
IBM Tivoli Netcool/OMNIbus <8.1.0.32
IBM / Tivoli Netcool/OMNIbus
|
<8.1.0.32 | ||
|
IBM MQ <9.1.0.21
IBM / MQ
|
<9.1.0.21 | ||
|
IBM MQ <9.0.0.24
IBM / MQ
|
<9.0.0.24 | ||
|
IBM DB2 10.5
IBM / DB2
|
cpe:/a:ibm:db2:10.5
|
10.5 | |
|
IBM Security Guardium 10.6
IBM / Security Guardium
|
cpe:/a:ibm:security_guardium:10.6
|
10.6 | |
|
IBM App Connect Enterprise <=11.0.0.24
IBM / App Connect Enterprise
|
<=11.0.0.24 | ||
|
IBM App Connect Enterprise
IBM / App Connect Enterprise
|
cpe:/a:ibm:app_connect_enterprise:-
|
— | |
|
Ubuntu Linux
Ubuntu
|
cpe:/o:canonical:ubuntu_linux:-
|
— | |
|
Amazon Corretto <8.442.06.1
Amazon / Corretto
|
<8.442.06.1 | ||
|
Amazon Corretto <11.0.26.4.1
Amazon / Corretto
|
<11.0.26.4.1 | ||
|
IBM Security Access Manager for Enterprise Single Sign-On 8.2.2
IBM / Security Access Manager for Enterprise Single Sign-On
|
cpe:/a:ibm:security_access_manager_for_enterprise_single_sign_on:8.2.2
|
8.2.2 | |
|
Broadcom Brocade SANnav
Broadcom
|
cpe:/a:broadcom:brocade_sannav:-
|
— | |
|
IBM Business Automation Workflow <21.0.3-IF031
IBM / Business Automation Workflow
|
<21.0.3-IF031 | ||
|
Open Source CentOS
Open Source
|
cpe:/o:centos:centos:-
|
— |
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
IBM Security Access Manager for Enterprise Single Sign-On 8.2.1
IBM / Security Access Manager for Enterprise Single Sign-On
|
cpe:/a:ibm:security_access_manager_for_enterprise_single_sign_on:8.2.1
|
8.2.1 | |
|
Dell NetWorker Runtime Environment <8.0.20
Dell / NetWorker
|
Runtime Environment <8.0.20 | ||
|
Hitachi Command Suite
Hitachi
|
cpe:/a:hitachi:command_suite:-
|
— | |
|
IBM Storage Insights
IBM
|
cpe:/a:ibm:storage_insights:-
|
— | |
|
IBM MQ <9.2.0.25
IBM / MQ
|
<9.2.0.25 | ||
|
Amazon Corretto <8.402.06.1
Amazon / Corretto
|
<8.402.06.1 | ||
|
Oracle Linux
Oracle
|
cpe:/o:oracle:linux:-
|
— | |
|
IBM WebSphere Application Server 8.5
IBM / WebSphere Application Server
|
cpe:/a:ibm:websphere_application_server:8.5
|
8.5 | |
|
IBM Rational Business Developer 9.6
IBM / Rational Business Developer
|
cpe:/a:ibm:rational_business_developer:9.6
|
9.6 | |
|
IBM WebSphere Application Server 9.0
IBM / WebSphere Application Server
|
cpe:/a:ibm:websphere_application_server:9.0
|
9 | |
|
SolarWinds Security Event Manager <2024.2
SolarWinds / Security Event Manager
|
<2024.2 | ||
|
IBM MQ <9.3.0.17
IBM / MQ
|
<9.3.0.17 | ||
|
IBM AIX 7.3
IBM / AIX
|
cpe:/o:ibm:aix:7.3
|
7.3 | |
|
IBM SAN Volume Controller
IBM
|
cpe:/a:ibm:san_volume_controller:-
|
— | |
|
Amazon Corretto 11.0.22.7.1
Amazon / Corretto
|
cpe:/a:amazon:corretto:11.0.22.7.1
|
11.0.22.7.1 | |
|
Amazon Linux 2
Amazon
|
cpe:/o:amazon:linux_2:-
|
— | |
|
IBM Rational Business Developer 9.7
IBM / Rational Business Developer
|
cpe:/a:ibm:rational_business_developer:9.7
|
9.7 | |
|
Dell NetWorker Runtime Environment (NRE) 8.0.19
Dell / NetWorker
|
cpe:/a:dell:networker:runtime_environment_8.0.19
|
Runtime Environment (NRE) 8.0.19 | |
|
Oracle Java SE 22.3.4
Oracle / Java SE
|
cpe:/a:oracle:java_se:22.3.4
|
22.3.4 | |
|
Oracle Java SE 11.0.21
Oracle / Java SE
|
cpe:/a:oracle:java_se:11.0.21
|
11.0.21 | |
|
Oracle Java SE 21.3.8
Oracle / Java SE
|
cpe:/a:oracle:java_se:21.3.8
|
21.3.8 | |
|
IBM InfoSphere Information Server
IBM / InfoSphere Information Server
|
cpe:/a:ibm:infosphere_information_server:-
|
— | |
|
IBM AIX 7.2
IBM / AIX
|
cpe:/o:ibm:aix:7.2
|
7.2 | |
|
Oracle Java SE 17.0.9
Oracle / Java SE
|
cpe:/a:oracle:java_se:17.0.9
|
17.0.9 | |
|
IBM VIOS 3.1
IBM / VIOS
|
cpe:/a:ibm:vios:3.1
|
3.1 | |
|
IBM VIOS 4.1
IBM / VIOS
|
cpe:/a:ibm:vios:4.1
|
4.1 | |
|
IBM Storage Scale 5.1.0.0-5.1.9.2
IBM / Storage Scale
|
cpe:/a:ibm:spectrum_scale:5.1.0.0_-_5.1.9.2
|
5.1.0.0-5.1.9.2 | |
|
Gentoo Linux
Gentoo
|
cpe:/o:gentoo:linux:-
|
— | |
|
IBM Java <7.1.5.21
IBM / Java
|
<7.1.5.21 | ||
|
IBM Java <8.0.8.20
IBM / Java
|
<8.0.8.20 | ||
|
Hitachi Ops Center
Hitachi
|
cpe:/a:hitachi:ops_center:-
|
— | |
|
IBM QRadar SIEM 7.5
IBM / QRadar SIEM
|
cpe:/a:ibm:qradar_siem:7.5
|
7.5 | |
|
Kyocera Printer
Kyocera
|
cpe:/h:kyocera:printer:-
|
— | |
|
IBM Storwize
IBM
|
cpe:/a:ibm:storwize:-
|
— | |
|
EMC Avamar
EMC
|
cpe:/a:emc:avamar:-
|
— | |
|
Debian Linux
Debian
|
cpe:/o:debian:debian_linux:-
|
— | |
|
SUSE Linux
SUSE
|
cpe:/o:suse:suse_linux:-
|
— | |
|
IBM InfoSphere Information Server 11.7
IBM / InfoSphere Information Server
|
cpe:/a:ibm:infosphere_information_server:11.7
|
11.7 | |
|
SUSE openSUSE
SUSE
|
cpe:/o:suse:opensuse:-
|
— | |
|
IBM Tivoli Netcool/OMNIbus
IBM / Tivoli Netcool/OMNIbus
|
cpe:/a:ibm:tivoli_netcool%2fomnibus:-
|
— | |
|
IBM Tivoli Key Lifecycle Manager
IBM
|
cpe:/a:ibm:tivoli_key_lifecycle_manager:-
|
— | |
|
IBM WebSphere Service Registry and Repository 8.5
IBM / WebSphere Service Registry and Repository
|
cpe:/a:ibm:websphere_service_registry_and_repository:8.5
|
8.5 | |
|
IBM DB2 11.5
IBM / DB2
|
cpe:/a:ibm:db2:11.5
|
11.5 | |
|
IBM TXSeries for multiplatforms_8.1
IBM / TXSeries
|
cpe:/a:ibm:txseries:for_multiplatforms_8.1
|
for multiplatforms_8.1 | |
|
IBM DB2 11.1
IBM / DB2
|
cpe:/a:ibm:db2:11.1
|
11.1 | |
|
IBM DataPower Gateway <10.5.4
IBM / DataPower Gateway
|
<10.5.4 | ||
|
IBM TXSeries for multiplatforms_8.2
IBM / TXSeries
|
cpe:/a:ibm:txseries:for_multiplatforms_8.2
|
for multiplatforms_8.2 | |
|
Oracle Java SE 21.0.1
Oracle / Java SE
|
cpe:/a:oracle:java_se:21.0.1
|
21.0.1 | |
|
IBM TXSeries for multiplatforms_9.1
IBM / TXSeries
|
cpe:/a:ibm:txseries:for_multiplatforms_9.1
|
for multiplatforms_9.1 | |
|
Oracle GraalVM Enterprise Edition 21.3.8
Oracle / GraalVM
|
cpe:/a:oracle:graalvm:21.3.8::enterprise_edition
|
Enterprise Edition 21.3.8 | |
|
IBM Security Guardium 11.3
IBM / Security Guardium
|
cpe:/a:ibm:security_guardium:11.3
|
11.3 | |
|
IBM Business Automation Workflow <23.0.2-IF003
IBM / Business Automation Workflow
|
<23.0.2-IF003 | ||
|
Red Hat Enterprise Linux
Red Hat
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
IBM DataPower Gateway <10.5.0.10
IBM / DataPower Gateway
|
<10.5.0.10 | ||
|
IBM Rational Business Developer 9.1
IBM / Rational Business Developer
|
cpe:/a:ibm:rational_business_developer:9.1
|
9.1 | |
|
IBM InfoSphere Identity Insight 10.0.0.0
IBM / InfoSphere Identity Insight
|
cpe:/a:ibm:infosphere_identity_insight:10.0.0.0
|
10.0.0.0 | |
|
IBM DataPower Gateway <10.0.1.18
IBM / DataPower Gateway
|
<10.0.1.18 | ||
|
IBM Tivoli Netcool/OMNIbus 8.1.0
IBM / Tivoli Netcool/OMNIbus
|
cpe:/a:ibm:tivoli_netcool%2fomnibus:8.1.0
|
8.1.0 | |
|
Dell NetWorker virtual
Dell / NetWorker
|
cpe:/a:dell:networker:virtual
|
virtual | |
|
Dell ECS <3.8.1.1
Dell / ECS
|
<3.8.1.1 | ||
|
Oracle GraalVM for JDK 21.0.1
Oracle / GraalVM
|
cpe:/a:oracle:graalvm:21.0.1::for_jdk
|
for JDK 21.0.1 | |
|
IBM Integration Bus <=10.1.0.3
IBM / Integration Bus
|
<=10.1.0.3 | ||
|
Oracle Java SE 8u391
Oracle / Java SE
|
cpe:/a:oracle:java_se:8u391
|
8u391 | |
|
Oracle GraalVM for JDK 17.0.9
Oracle / GraalVM
|
cpe:/a:oracle:graalvm:17.0.9::for_jdk
|
for JDK 17.0.9 | |
|
Oracle GraalVM Enterprise Edition 20.3.12
Oracle / GraalVM
|
cpe:/a:oracle:graalvm:20.3.12::enterprise_edition
|
Enterprise Edition 20.3.12 | |
|
IBM App Connect Enterprise <12.0.11.2
IBM / App Connect Enterprise
|
<12.0.11.2 | ||
|
IBM Tivoli Monitoring for Virtual Environments Base <7.3.7
IBM / Tivoli Monitoring
|
for Virtual Environments Base <7.3.7 | ||
|
Hitachi Configuration Manager
Hitachi
|
cpe:/a:hitachi:configuration_manager:-
|
— | |
|
IBM FlashSystem
IBM
|
cpe:/a:ibm:flashsystem:-
|
— | |
|
HCL BigFix Compliance <2.0.11
HCL / BigFix
|
Compliance <2.0.11 | ||
|
IBM Tivoli Monitoring 6.3.0.7
IBM / Tivoli Monitoring
|
cpe:/a:ibm:tivoli_monitoring:6.3.0.7
|
6.3.0.7 | |
|
IBM MQ
IBM / MQ
|
cpe:/a:ibm:mq:-
|
— | |
|
IBM Power Hardware Management Console v10
IBM / Power Hardware Management Console
|
cpe:/a:ibm:hardware_management_console:v10
|
v10 | |
|
IBM MQ <9.3.5.1
IBM / MQ
|
<9.3.5.1 | ||
|
Amazon Corretto <8.402.08.1
Amazon / Corretto
|
<8.402.08.1 | ||
|
IBM Tivoli Network Manager <4.2.0.19
IBM / Tivoli Network Manager
|
<4.2.0.19 | ||
|
IBM Tivoli Netcool/OMNIbus <8.1.0.32
IBM / Tivoli Netcool/OMNIbus
|
<8.1.0.32 | ||
|
IBM MQ <9.1.0.21
IBM / MQ
|
<9.1.0.21 | ||
|
IBM MQ <9.0.0.24
IBM / MQ
|
<9.0.0.24 | ||
|
IBM DB2 10.5
IBM / DB2
|
cpe:/a:ibm:db2:10.5
|
10.5 | |
|
IBM Security Guardium 10.6
IBM / Security Guardium
|
cpe:/a:ibm:security_guardium:10.6
|
10.6 | |
|
IBM App Connect Enterprise <=11.0.0.24
IBM / App Connect Enterprise
|
<=11.0.0.24 | ||
|
IBM App Connect Enterprise
IBM / App Connect Enterprise
|
cpe:/a:ibm:app_connect_enterprise:-
|
— | |
|
Ubuntu Linux
Ubuntu
|
cpe:/o:canonical:ubuntu_linux:-
|
— | |
|
Amazon Corretto <8.442.06.1
Amazon / Corretto
|
<8.442.06.1 | ||
|
Amazon Corretto <11.0.26.4.1
Amazon / Corretto
|
<11.0.26.4.1 | ||
|
IBM Security Access Manager for Enterprise Single Sign-On 8.2.2
IBM / Security Access Manager for Enterprise Single Sign-On
|
cpe:/a:ibm:security_access_manager_for_enterprise_single_sign_on:8.2.2
|
8.2.2 | |
|
Broadcom Brocade SANnav
Broadcom
|
cpe:/a:broadcom:brocade_sannav:-
|
— | |
|
IBM Business Automation Workflow <21.0.3-IF031
IBM / Business Automation Workflow
|
<21.0.3-IF031 | ||
|
Open Source CentOS
Open Source
|
cpe:/o:centos:centos:-
|
— |
{
"document": {
"aggregate_severity": {
"text": "mittel"
},
"category": "csaf_base",
"csaf_version": "2.0",
"distribution": {
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "de-DE",
"notes": [
{
"category": "legal_disclaimer",
"text": "Das BSI ist als Anbieter f\u00fcr die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch daf\u00fcr verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgf\u00e4ltig im Einzelfall zu pr\u00fcfen."
},
{
"category": "description",
"text": "Die Java Platform, Standard Edition (SE) ist eine Sammlung von Java-APIs (JDK) und der Java Laufzeit Umgebung (JRE).",
"title": "Produktbeschreibung"
},
{
"category": "summary",
"text": "Ein entfernter, anonymer oder lokaler Angreifer kann mehrere Schwachstellen in Oracle Java SE ausnutzen, um die Vertraulichkeit, Integrit\u00e4t und Verf\u00fcgbarkeit zu gef\u00e4hrden.",
"title": "Angriff"
},
{
"category": "general",
"text": "- Linux\n- MacOS X\n- Sonstiges\n- UNIX\n- Windows",
"title": "Betroffene Betriebssysteme"
}
],
"publisher": {
"category": "other",
"contact_details": "csaf-provider@cert-bund.de",
"name": "Bundesamt f\u00fcr Sicherheit in der Informationstechnik",
"namespace": "https://www.bsi.bund.de"
},
"references": [
{
"category": "self",
"summary": "WID-SEC-W-2024-0121 - CSAF Version",
"url": "https://wid.cert-bund.de/.well-known/csaf/white/2024/wid-sec-w-2024-0121.json"
},
{
"category": "self",
"summary": "WID-SEC-2024-0121 - Portal Version",
"url": "https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2024-0121"
},
{
"category": "external",
"summary": "Oracle Critical Patch Update Advisory - January 2024 - Appendix Oracle Java SE vom 2024-01-16",
"url": "https://www.oracle.com/security-alerts/cpujan2024.html#AppendixJAVA"
},
{
"category": "external",
"summary": "Change Log for Amazon Corretto 8",
"url": "https://github.com/corretto/corretto-8/blob/release-8.402.06.1/CHANGELOG.md"
},
{
"category": "external",
"summary": "Change Log for Amazon Corretto 11",
"url": "https://github.com/corretto/corretto-11/blob/release-11.0.22.7.1/CHANGELOG.md"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2024:0233 vom 2024-01-18",
"url": "https://access.redhat.com/errata/RHSA-2024:0233"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2024:0234 vom 2024-01-17",
"url": "https://access.redhat.com/errata/RHSA-2024:0234"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2024:0230 vom 2024-01-17",
"url": "https://access.redhat.com/errata/RHSA-2024:0230"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2024:0244 vom 2024-01-18",
"url": "https://access.redhat.com/errata/RHSA-2024:0244"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2024:0250 vom 2024-01-17",
"url": "https://access.redhat.com/errata/RHSA-2024:0250"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2024:0235 vom 2024-01-18",
"url": "https://access.redhat.com/errata/RHSA-2024:0235"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2024:0237 vom 2024-01-18",
"url": "https://access.redhat.com/errata/RHSA-2024:0237"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2024:0239 vom 2024-01-17",
"url": "https://access.redhat.com/errata/RHSA-2024:0239"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2024:0240 vom 2024-01-17",
"url": "https://access.redhat.com/errata/RHSA-2024:0240"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2024:0241 vom 2024-01-17",
"url": "https://access.redhat.com/errata/RHSA-2024:0241"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2024:0242 vom 2024-01-18",
"url": "https://access.redhat.com/errata/RHSA-2024:0242"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2024:0246 vom 2024-01-17",
"url": "https://access.redhat.com/errata/RHSA-2024:0246"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2024:0247 vom 2024-01-17",
"url": "https://access.redhat.com/errata/RHSA-2024:0247"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2024:0248 vom 2024-01-18",
"url": "https://access.redhat.com/errata/RHSA-2024:0248"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2024:0249 vom 2024-01-17",
"url": "https://access.redhat.com/errata/RHSA-2024:0249"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2024:0265 vom 2024-01-18",
"url": "https://access.redhat.com/errata/RHSA-2024:0265"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2024:0267 vom 2024-01-18",
"url": "https://access.redhat.com/errata/RHSA-2024:0267"
},
{
"category": "external",
"summary": "Amazon Linux Security Advisory ALASCORRETTO8-2024-009 vom 2024-01-18",
"url": "https://alas.aws.amazon.com/AL2/ALASCORRETTO8-2024-009.html"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2024:0224 vom 2024-01-18",
"url": "https://access.redhat.com/errata/RHSA-2024:0224"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2024:0222 vom 2024-01-17",
"url": "https://access.redhat.com/errata/RHSA-2024:0222"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2024:0223 vom 2024-01-18",
"url": "https://access.redhat.com/errata/RHSA-2024:0223"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2024:0225 vom 2024-01-17",
"url": "https://access.redhat.com/errata/RHSA-2024:0225"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2024:0226 vom 2024-01-18",
"url": "https://access.redhat.com/errata/RHSA-2024:0226"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2024:0228 vom 2024-01-18",
"url": "https://access.redhat.com/errata/RHSA-2024:0228"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2024:0231 vom 2024-01-17",
"url": "https://access.redhat.com/errata/RHSA-2024:0231"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2024:0232 vom 2024-01-18",
"url": "https://access.redhat.com/errata/RHSA-2024:0232"
},
{
"category": "external",
"summary": "Oracle Linux Security Advisory ELSA-2024-0232 vom 2024-01-18",
"url": "https://linux.oracle.com/errata/ELSA-2024-0232.html"
},
{
"category": "external",
"summary": "Oracle Linux Security Advisory ELSA-2024-0223 vom 2024-01-18",
"url": "https://linux.oracle.com/errata/ELSA-2024-0223.html"
},
{
"category": "external",
"summary": "Amazon Linux Security Advisory ALAS-2024-2415 vom 2024-01-19",
"url": "https://alas.aws.amazon.com/AL2/ALAS-2024-2415.html"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2024:0266 vom 2024-01-19",
"url": "https://access.redhat.com/errata/RHSA-2024:0266"
},
{
"category": "external",
"summary": "Amazon Linux Security Advisory ALAS-2024-2414 vom 2024-01-19",
"url": "https://alas.aws.amazon.com/AL2/ALAS-2024-2414.html"
},
{
"category": "external",
"summary": "Change Log for Amazon Corretto 8 vom 2024-01-19",
"url": "https://github.com/corretto/corretto-8/blob/release-8.402.08.1/CHANGELOG.md"
},
{
"category": "external",
"summary": "Oracle Linux Security Advisory ELSA-2024-0249 vom 2024-01-20",
"url": "https://linux.oracle.com/errata/ELSA-2024-0249.html"
},
{
"category": "external",
"summary": "Oracle Linux Security Advisory ELSA-2024-0248 vom 2024-01-20",
"url": "https://linux.oracle.com/errata/ELSA-2024-0248.html"
},
{
"category": "external",
"summary": "Oracle Linux Security Advisory ELSA-2024-0267 vom 2024-01-23",
"url": "https://linux.oracle.com/errata/ELSA-2024-0267.html"
},
{
"category": "external",
"summary": "Debian Security Advisory DSA-5604 vom 2024-01-23",
"url": "https://lists.debian.org/debian-security-announce/2024/msg00011.html"
},
{
"category": "external",
"summary": "Oracle Linux Security Advisory ELSA-2024-0266 vom 2024-01-23",
"url": "https://linux.oracle.com/errata/ELSA-2024-0266.html"
},
{
"category": "external",
"summary": "Amazon Linux Security Advisory ALASCORRETTO8-2024-010 vom 2024-01-24",
"url": "https://alas.aws.amazon.com/AL2/ALASCORRETTO8-2024-010.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2024:0203-1 vom 2024-01-24",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2024-January/017755.html"
},
{
"category": "external",
"summary": "Oracle Linux Security Advisory ELSA-2024-0265 vom 2024-01-25",
"url": "http://linux.oracle.com/errata/ELSA-2024-0265.html"
},
{
"category": "external",
"summary": "CentOS Security Advisory CESA-2024:0223 vom 2024-01-26",
"url": "https://lists.centos.org/pipermail/centos-announce/2024-January/099218.html"
},
{
"category": "external",
"summary": "CentOS Security Advisory CESA-2024:0232 vom 2024-01-26",
"url": "https://lists.centos.org/pipermail/centos-announce/2024-January/099219.html"
},
{
"category": "external",
"summary": "Debian Security Advisory DLA-3728 vom 2024-01-31",
"url": "https://lists.debian.org/debian-lts-announce/2024/01/msg00023.html"
},
{
"category": "external",
"summary": "Debian Security Advisory DSA-5613 vom 2024-02-02",
"url": "https://lists.debian.org/debian-security-announce/2024/msg00020.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2024:0321-1 vom 2024-02-02",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2024-February/017851.html"
},
{
"category": "external",
"summary": "Hitachi Vulnerability Information HITACHI-SEC-2024-110 vom 2024-02-06",
"url": "https://www.hitachi.com/products/it/software/security/info/vuls/hitachi-sec-2024-110/index.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2024:0325-1 vom 2024-02-05",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2024-February/017858.html"
},
{
"category": "external",
"summary": "Amazon Linux Security Advisory ALAS-2024-2438 vom 2024-02-06",
"url": "https://alas.aws.amazon.com/AL2/ALAS-2024-2438.html"
},
{
"category": "external",
"summary": "Amazon Linux Security Advisory ALASJAVA-OPENJDK11-2024-007 vom 2024-02-06",
"url": "https://alas.aws.amazon.com/AL2/ALASJAVA-OPENJDK11-2024-007.html"
},
{
"category": "external",
"summary": "IBM Security Bulletin 7116432 vom 2024-02-09",
"url": "https://www.ibm.com/support/pages/node/7116432"
},
{
"category": "external",
"summary": "IBM Security Bulletin 7117872 vom 2024-02-15",
"url": "https://www.ibm.com/support/pages/node/7117872"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2024:0479-1 vom 2024-02-15",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2024-February/017941.html"
},
{
"category": "external",
"summary": "Ubuntu Security Notice USN-6661-1 vom 2024-02-27",
"url": "https://ubuntu.com/security/notices/USN-6661-1"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2024:0619-1 vom 2024-02-26",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2024-February/018007.html"
},
{
"category": "external",
"summary": "IBM Security Bulletin 7123938 vom 2024-02-26",
"url": "https://www.ibm.com/support/pages/node/7123938"
},
{
"category": "external",
"summary": "Ubuntu Security Notice USN-6662-1 vom 2024-02-27",
"url": "https://ubuntu.com/security/notices/USN-6662-1"
},
{
"category": "external",
"summary": "Ubuntu Security Notice USN-6660-1 vom 2024-02-27",
"url": "https://ubuntu.com/security/notices/USN-6660-1"
},
{
"category": "external",
"summary": "IBM Security Bulletin 7124105 vom 2024-02-27",
"url": "https://www.ibm.com/support/pages/node/7124105"
},
{
"category": "external",
"summary": "IBM Security Bulletin 7129821 vom 2024-03-04",
"url": "https://www.ibm.com/support/pages/node/7129821"
},
{
"category": "external",
"summary": "IBM Security Bulletin 7130904 vom 2024-03-08",
"url": "https://www.ibm.com/support/pages/node/7130904"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2024:0804-1 vom 2024-03-07",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2024-March/018109.html"
},
{
"category": "external",
"summary": "IBM Security Bulletin 7130999 vom 2024-03-08",
"url": "https://www.ibm.com/support/pages/node/7130999"
},
{
"category": "external",
"summary": "IBM Security Bulletin 7134446 vom 2024-03-11",
"url": "https://www.ibm.com/support/pages/node/7134446"
},
{
"category": "external",
"summary": "IBM Security Bulletin 7131057 vom 2024-03-08",
"url": "https://www.ibm.com/support/pages/node/7131057"
},
{
"category": "external",
"summary": "Dell Security Advisory DSA-2024-126 vom 2024-03-12",
"url": "https://www.dell.com/support/kbdoc/000222962/dsa-2023-="
},
{
"category": "external",
"summary": "IBM Security Bulletin 7131804 vom 2024-03-11",
"url": "https://www.ibm.com/support/pages/node/7131804"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2024:0847-1 vom 2024-03-12",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2024-March/018149.html"
},
{
"category": "external",
"summary": "IBM Security Bulletin 7140420 vom 2024-03-13",
"url": "https://www.ibm.com/support/pages/node/7140420"
},
{
"category": "external",
"summary": "Dell Security Advisory DSA-2023-126 vom 2024-03-13",
"url": "https://www.dell.com/support/kbdoc/de-de/000222962/dsa-2023-126-security-update-for-dell-networker-runtime-environment-nre-oracle-java-se-vulnerabilities"
},
{
"category": "external",
"summary": "Ubuntu Security Notice USN-6696-1 vom 2024-03-18",
"url": "https://ubuntu.com/security/notices/USN-6696-1"
},
{
"category": "external",
"summary": "Oracle Linux Security Advisory ELSA-2024-12225 vom 2024-03-19",
"url": "https://linux.oracle.com/errata/ELSA-2024-12225.html"
},
{
"category": "external",
"summary": "IBM Security Bulletin 7144952 vom 2024-03-21",
"url": "https://www.ibm.com/support/pages/node/7144952"
},
{
"category": "external",
"summary": "IBM Security Bulletin",
"url": "https://www.ibm.com/support/pages/node/7145213"
},
{
"category": "external",
"summary": "IBM Security Bulletin 7145183 vom 2024-03-25",
"url": "https://www.ibm.com/support/pages/node/7145183"
},
{
"category": "external",
"summary": "IBM Security Bulletin",
"url": "https://www.ibm.com/support/pages/node/7145161"
},
{
"category": "external",
"summary": "IBM Security Bulletin 7145672 vom 2024-04-02",
"url": "https://www.ibm.com/support/pages/node/7145672"
},
{
"category": "external",
"summary": "IBM Security Bulletin 7146478 vom 2024-04-04",
"url": "https://www.ibm.com/support/pages/node/7146478"
},
{
"category": "external",
"summary": "IBM Security Bulletin 7148365 vom 2024-04-16",
"url": "https://www.ibm.com/support/pages/node/7148365"
},
{
"category": "external",
"summary": "SEM 2024.2 release notes vom 2024-04-17",
"url": "https://documentation.solarwinds.com/en/success_center/sem/content/release_notes/sem_2024-2_release_notes.htm"
},
{
"category": "external",
"summary": "IBM Security Bulletin 7149586 vom 2024-04-26",
"url": "https://www.ibm.com/support/pages/node/7149586"
},
{
"category": "external",
"summary": "IBM Security Bulletin 7149581 vom 2024-04-26",
"url": "https://www.ibm.com/support/pages/node/7149581"
},
{
"category": "external",
"summary": "IBM Security Bulletin 7149707 vom 2024-04-29",
"url": "https://www.ibm.com/support/pages/node/7149707"
},
{
"category": "external",
"summary": "IBM Security Bulletin 7149801 vom 2024-04-30",
"url": "https://www.ibm.com/support/pages/node/7149801"
},
{
"category": "external",
"summary": "IBM Security Bulletin 7149991 vom 2024-05-01",
"url": "https://www.ibm.com/support/pages/node/7149991"
},
{
"category": "external",
"summary": "IBM Security Bulletin 7150063 vom 2024-05-02",
"url": "https://www.ibm.com/support/pages/node/7150063"
},
{
"category": "external",
"summary": "Dell Security Advisory DSA-2024-198 vom 2024-05-08",
"url": "https://www.dell.com/support/kbdoc/000224827/dsa-2024-="
},
{
"category": "external",
"summary": "IBM Security Bulletin 7150594 vom 2024-05-09",
"url": "https://www.ibm.com/support/pages/node/7150594"
},
{
"category": "external",
"summary": "IBM Security Bulletin 7150660 vom 2024-05-09",
"url": "https://www.ibm.com/support/pages/node/7150660"
},
{
"category": "external",
"summary": "IBM Security Bulletin 7152890 vom 2024-05-16",
"url": "https://www.ibm.com/support/pages/node/7152890"
},
{
"category": "external",
"summary": "Brocade Security Advisory BSA-2024-2487 vom 2024-05-24",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/24356"
},
{
"category": "external",
"summary": "IBM Security Bulletin 7156536 vom 2024-06-19",
"url": "https://www.ibm.com/support/pages/node/7156536"
},
{
"category": "external",
"summary": "IBM Security Bulletin 7158490 vom 2024-06-23",
"url": "https://www.ibm.com/support/pages/node/7158490"
},
{
"category": "external",
"summary": "HCL Security Bulletin vom 2024-07-15",
"url": "https://support.hcltechsw.com/csm?id=kb_article\u0026sysparm_article=KB0114705"
},
{
"category": "external",
"summary": "HCL Security Bulletin vom 2024-07-16",
"url": "https://support.hcltechsw.com/csm?id=kb_article\u0026sysparm_article=KB0113893"
},
{
"category": "external",
"summary": "Dell Security Advisory DSA-2024-239 vom 2024-07-18",
"url": "https://www.dell.com/support/kbdoc/de-de/000227051/dsa-2024-239-security-update-dell-ecs-3-8-1-1-for-multiple-security-vulnerabilities"
},
{
"category": "external",
"summary": "Ubuntu Security Notice USN-7096-1 vom 2024-11-11",
"url": "https://ubuntu.com/security/notices/USN-7096-1"
},
{
"category": "external",
"summary": "Gentoo Linux Security Advisory GLSA-202412-07 vom 2024-12-07",
"url": "https://security.gentoo.org/glsa/202412-07"
},
{
"category": "external",
"summary": "IBM Security Bulletin 7180128 vom 2025-01-02",
"url": "https://www.ibm.com/support/pages/node/7180128"
},
{
"category": "external",
"summary": "Change Log for Amazon Corretto 8 vom 2025-01-21",
"url": "https://github.com/corretto/corretto-8/blob/14eb6b297ac476ca5734706b40903e5a69ecd74a/CHANGELOG.md"
},
{
"category": "external",
"summary": "Change Log for Amazon Corretto 11 vom 2025-01-21",
"url": "https://github.com/corretto/corretto-11/blob/ece67a968d57210c69d3b9153576613846c1cacf/CHANGELOG.md"
},
{
"category": "external",
"summary": "Ubuntu Security Notice USN-7096-2 vom 2025-02-05",
"url": "https://ubuntu.com/security/notices/USN-7096-2"
},
{
"category": "external",
"summary": "openSUSE Security Update OPENSUSE-SU-2025:0066-1 vom 2025-02-18",
"url": "https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/message/GS63GCBRVH7N4JEIZNQAPVFNNVB2OGSU/"
},
{
"category": "external",
"summary": "openSUSE Security Update OPENSUSE-SU-2025:0067-1 vom 2025-02-20",
"url": "https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/message/XA5CCGSPUXUTQHDG25O5DM4G37BLRUMN/"
},
{
"category": "external",
"summary": "Kyocera Downloads",
"url": "https://www.kyoceradocumentsolutions.us/en/support/downloads.name-L3VzL2VuL3NvZnR3YXJlL0tZT0NFUkFERVZJQ0VNQU5BR0VS.html#tab=application"
},
{
"category": "external",
"summary": "IBM Security Bulletin 7246099 vom 2025-09-29",
"url": "https://www.ibm.com/support/pages/node/7246099"
}
],
"source_lang": "en-US",
"title": "Oracle Java SE: Mehrere Schwachstellen",
"tracking": {
"current_release_date": "2025-09-29T22:00:00.000+00:00",
"generator": {
"date": "2025-09-30T09:21:25.238+00:00",
"engine": {
"name": "BSI-WID",
"version": "1.4.0"
}
},
"id": "WID-SEC-W-2024-0121",
"initial_release_date": "2024-01-16T23:00:00.000+00:00",
"revision_history": [
{
"date": "2024-01-16T23:00:00.000+00:00",
"number": "1",
"summary": "Initiale Fassung"
},
{
"date": "2024-01-17T23:00:00.000+00:00",
"number": "2",
"summary": "Neue Updates von Red Hat und Amazon aufgenommen"
},
{
"date": "2024-01-18T23:00:00.000+00:00",
"number": "3",
"summary": "Neue Updates von Amazon und Red Hat aufgenommen"
},
{
"date": "2024-01-21T23:00:00.000+00:00",
"number": "4",
"summary": "Neue Updates von Oracle Linux aufgenommen"
},
{
"date": "2024-01-22T23:00:00.000+00:00",
"number": "5",
"summary": "Neue Updates von Oracle Linux aufgenommen"
},
{
"date": "2024-01-23T23:00:00.000+00:00",
"number": "6",
"summary": "Neue Updates von Debian und Oracle Linux aufgenommen"
},
{
"date": "2024-01-24T23:00:00.000+00:00",
"number": "7",
"summary": "Neue Updates von Amazon, SUSE und Oracle Linux aufgenommen"
},
{
"date": "2024-01-28T23:00:00.000+00:00",
"number": "8",
"summary": "Neue Updates von CentOS aufgenommen"
},
{
"date": "2024-01-31T23:00:00.000+00:00",
"number": "9",
"summary": "Neue Updates von Debian aufgenommen"
},
{
"date": "2024-02-01T23:00:00.000+00:00",
"number": "10",
"summary": "Neue Updates von Debian aufgenommen"
},
{
"date": "2024-02-04T23:00:00.000+00:00",
"number": "11",
"summary": "Neue Updates von SUSE aufgenommen"
},
{
"date": "2024-02-05T23:00:00.000+00:00",
"number": "12",
"summary": "Neue Updates von HITACHI, SUSE und Amazon aufgenommen"
},
{
"date": "2024-02-11T23:00:00.000+00:00",
"number": "13",
"summary": "Neue Updates von IBM aufgenommen"
},
{
"date": "2024-02-14T23:00:00.000+00:00",
"number": "14",
"summary": "Neue Updates von IBM aufgenommen"
},
{
"date": "2024-02-15T23:00:00.000+00:00",
"number": "15",
"summary": "Neue Updates von SUSE aufgenommen"
},
{
"date": "2024-02-26T23:00:00.000+00:00",
"number": "16",
"summary": "Neue Updates von Ubuntu, SUSE und IBM aufgenommen"
},
{
"date": "2024-02-27T23:00:00.000+00:00",
"number": "17",
"summary": "Neue Updates von IBM aufgenommen"
},
{
"date": "2024-03-04T23:00:00.000+00:00",
"number": "18",
"summary": "Neue Updates von IBM aufgenommen"
},
{
"date": "2024-03-07T23:00:00.000+00:00",
"number": "19",
"summary": "Neue Updates von IBM und SUSE aufgenommen"
},
{
"date": "2024-03-10T23:00:00.000+00:00",
"number": "20",
"summary": "Neue Updates von IBM aufgenommen"
},
{
"date": "2024-03-11T23:00:00.000+00:00",
"number": "21",
"summary": "Neue Updates von Dell und IBM aufgenommen"
},
{
"date": "2024-03-12T23:00:00.000+00:00",
"number": "22",
"summary": "Neue Updates von SUSE aufgenommen"
},
{
"date": "2024-03-13T23:00:00.000+00:00",
"number": "23",
"summary": "Neue Updates von Dell aufgenommen"
},
{
"date": "2024-03-14T23:00:00.000+00:00",
"number": "24",
"summary": "CPE Dell korrigiert"
},
{
"date": "2024-03-17T23:00:00.000+00:00",
"number": "25",
"summary": "Neue Updates von Ubuntu aufgenommen"
},
{
"date": "2024-03-19T23:00:00.000+00:00",
"number": "26",
"summary": "Neue Updates von Oracle Linux aufgenommen"
},
{
"date": "2024-03-21T23:00:00.000+00:00",
"number": "27",
"summary": "Neue Updates von IBM aufgenommen"
},
{
"date": "2024-03-25T23:00:00.000+00:00",
"number": "28",
"summary": "Neue Updates von IBM aufgenommen"
},
{
"date": "2024-04-01T22:00:00.000+00:00",
"number": "29",
"summary": "Neue Updates von IBM aufgenommen"
},
{
"date": "2024-04-04T22:00:00.000+00:00",
"number": "30",
"summary": "Neue Updates von IBM aufgenommen"
},
{
"date": "2024-04-16T22:00:00.000+00:00",
"number": "31",
"summary": "Neue Updates von IBM aufgenommen"
},
{
"date": "2024-04-28T22:00:00.000+00:00",
"number": "32",
"summary": "Neue Updates von IBM aufgenommen"
},
{
"date": "2024-04-29T22:00:00.000+00:00",
"number": "33",
"summary": "Neue Updates von IBM aufgenommen"
},
{
"date": "2024-05-01T22:00:00.000+00:00",
"number": "34",
"summary": "Neue Updates von IBM aufgenommen"
},
{
"date": "2024-05-02T22:00:00.000+00:00",
"number": "35",
"summary": "Neue Updates von IBM aufgenommen"
},
{
"date": "2024-05-07T22:00:00.000+00:00",
"number": "36",
"summary": "Neue Updates von Dell aufgenommen"
},
{
"date": "2024-05-09T22:00:00.000+00:00",
"number": "37",
"summary": "Neue Updates von IBM aufgenommen"
},
{
"date": "2024-05-16T22:00:00.000+00:00",
"number": "38",
"summary": "Neue Updates von IBM aufgenommen"
},
{
"date": "2024-05-23T22:00:00.000+00:00",
"number": "39",
"summary": "Neue Updates von BROCADE aufgenommen"
},
{
"date": "2024-06-19T22:00:00.000+00:00",
"number": "40",
"summary": "Neue Updates von IBM aufgenommen"
},
{
"date": "2024-06-23T22:00:00.000+00:00",
"number": "41",
"summary": "Neue Updates von IBM aufgenommen"
},
{
"date": "2024-07-15T22:00:00.000+00:00",
"number": "42",
"summary": "Neue Updates von HCL aufgenommen"
},
{
"date": "2024-07-18T22:00:00.000+00:00",
"number": "43",
"summary": "Neue Updates von Dell aufgenommen"
},
{
"date": "2024-11-10T23:00:00.000+00:00",
"number": "44",
"summary": "Neue Updates von Ubuntu aufgenommen"
},
{
"date": "2024-12-08T23:00:00.000+00:00",
"number": "45",
"summary": "Neue Updates von Gentoo aufgenommen"
},
{
"date": "2025-01-02T23:00:00.000+00:00",
"number": "46",
"summary": "Neue Updates von IBM aufgenommen"
},
{
"date": "2025-01-21T23:00:00.000+00:00",
"number": "47",
"summary": "Neue Updates aufgenommen"
},
{
"date": "2025-02-04T23:00:00.000+00:00",
"number": "48",
"summary": "Neue Updates von Ubuntu aufgenommen"
},
{
"date": "2025-02-18T23:00:00.000+00:00",
"number": "49",
"summary": "Neue Updates von openSUSE aufgenommen"
},
{
"date": "2025-02-19T23:00:00.000+00:00",
"number": "50",
"summary": "Neue Updates von openSUSE aufgenommen"
},
{
"date": "2025-04-29T22:00:00.000+00:00",
"number": "51",
"summary": "Neue Updates aufgenommen"
},
{
"date": "2025-09-29T22:00:00.000+00:00",
"number": "52",
"summary": "Neue Updates von IBM aufgenommen"
}
],
"status": "final",
"version": "52"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "11.0.22.7.1",
"product": {
"name": "Amazon Corretto 11.0.22.7.1",
"product_id": "T032180",
"product_identification_helper": {
"cpe": "cpe:/a:amazon:corretto:11.0.22.7.1"
}
}
},
{
"category": "product_version_range",
"name": "\u003c8.402.06.1",
"product": {
"name": "Amazon Corretto \u003c8.402.06.1",
"product_id": "T032183"
}
},
{
"category": "product_version",
"name": "8.402.06.1",
"product": {
"name": "Amazon Corretto 8.402.06.1",
"product_id": "T032183-fixed",
"product_identification_helper": {
"cpe": "cpe:/a:amazon:corretto:8.402.06.1"
}
}
},
{
"category": "product_version_range",
"name": "\u003c8.402.08.1",
"product": {
"name": "Amazon Corretto \u003c8.402.08.1",
"product_id": "T032256"
}
},
{
"category": "product_version",
"name": "8.402.08.1",
"product": {
"name": "Amazon Corretto 8.402.08.1",
"product_id": "T032256-fixed",
"product_identification_helper": {
"cpe": "cpe:/a:amazon:corretto:8.402.08.1"
}
}
},
{
"category": "product_version_range",
"name": "\u003c11.0.26.4.1",
"product": {
"name": "Amazon Corretto \u003c11.0.26.4.1",
"product_id": "T040500"
}
},
{
"category": "product_version",
"name": "11.0.26.4.1",
"product": {
"name": "Amazon Corretto 11.0.26.4.1",
"product_id": "T040500-fixed",
"product_identification_helper": {
"cpe": "cpe:/a:amazon:corretto:11.0.26.4.1"
}
}
},
{
"category": "product_version_range",
"name": "\u003c8.442.06.1",
"product": {
"name": "Amazon Corretto \u003c8.442.06.1",
"product_id": "T040501"
}
},
{
"category": "product_version",
"name": "8.442.06.1",
"product": {
"name": "Amazon Corretto 8.442.06.1",
"product_id": "T040501-fixed",
"product_identification_helper": {
"cpe": "cpe:/a:amazon:corretto:8.442.06.1"
}
}
}
],
"category": "product_name",
"name": "Corretto"
},
{
"category": "product_name",
"name": "Amazon Linux 2",
"product": {
"name": "Amazon Linux 2",
"product_id": "398363",
"product_identification_helper": {
"cpe": "cpe:/o:amazon:linux_2:-"
}
}
}
],
"category": "vendor",
"name": "Amazon"
},
{
"branches": [
{
"category": "product_name",
"name": "Broadcom Brocade SANnav",
"product": {
"name": "Broadcom Brocade SANnav",
"product_id": "T022212",
"product_identification_helper": {
"cpe": "cpe:/a:broadcom:brocade_sannav:-"
}
}
}
],
"category": "vendor",
"name": "Broadcom"
},
{
"branches": [
{
"category": "product_name",
"name": "Debian Linux",
"product": {
"name": "Debian Linux",
"product_id": "2951",
"product_identification_helper": {
"cpe": "cpe:/o:debian:debian_linux:-"
}
}
}
],
"category": "vendor",
"name": "Debian"
},
{
"branches": [
{
"branches": [
{
"category": "product_version_range",
"name": "\u003c3.8.1.1",
"product": {
"name": "Dell ECS \u003c3.8.1.1",
"product_id": "T036366"
}
},
{
"category": "product_version",
"name": "3.8.1.1",
"product": {
"name": "Dell ECS 3.8.1.1",
"product_id": "T036366-fixed",
"product_identification_helper": {
"cpe": "cpe:/h:dell:ecs:3.8.1.1"
}
}
}
],
"category": "product_name",
"name": "ECS"
},
{
"branches": [
{
"category": "product_version_range",
"name": "Runtime Environment \u003c8.0.20",
"product": {
"name": "Dell NetWorker Runtime Environment \u003c8.0.20",
"product_id": "T033356"
}
},
{
"category": "product_version",
"name": "Runtime Environment 8.0.20",
"product": {
"name": "Dell NetWorker Runtime Environment 8.0.20",
"product_id": "T033356-fixed",
"product_identification_helper": {
"cpe": "cpe:/a:dell:networker:runtime_environment__8.0.20"
}
}
},
{
"category": "product_version",
"name": "Runtime Environment (NRE) 8.0.19",
"product": {
"name": "Dell NetWorker Runtime Environment (NRE) 8.0.19",
"product_id": "T033508",
"product_identification_helper": {
"cpe": "cpe:/a:dell:networker:runtime_environment_8.0.19"
}
}
},
{
"category": "product_version",
"name": "virtual",
"product": {
"name": "Dell NetWorker virtual",
"product_id": "T034583",
"product_identification_helper": {
"cpe": "cpe:/a:dell:networker:virtual"
}
}
}
],
"category": "product_name",
"name": "NetWorker"
}
],
"category": "vendor",
"name": "Dell"
},
{
"branches": [
{
"category": "product_name",
"name": "EMC Avamar",
"product": {
"name": "EMC Avamar",
"product_id": "T014381",
"product_identification_helper": {
"cpe": "cpe:/a:emc:avamar:-"
}
}
}
],
"category": "vendor",
"name": "EMC"
},
{
"branches": [
{
"category": "product_name",
"name": "Gentoo Linux",
"product": {
"name": "Gentoo Linux",
"product_id": "T012167",
"product_identification_helper": {
"cpe": "cpe:/o:gentoo:linux:-"
}
}
}
],
"category": "vendor",
"name": "Gentoo"
},
{
"branches": [
{
"branches": [
{
"category": "product_version_range",
"name": "Compliance \u003c2.0.11",
"product": {
"name": "HCL BigFix Compliance \u003c2.0.11",
"product_id": "T035828"
}
},
{
"category": "product_version",
"name": "Compliance 2.0.11",
"product": {
"name": "HCL BigFix Compliance 2.0.11",
"product_id": "T035828-fixed",
"product_identification_helper": {
"cpe": "cpe:/a:hcltech:bigfix:compliance__2.0.11"
}
}
}
],
"category": "product_name",
"name": "BigFix"
}
],
"category": "vendor",
"name": "HCL"
},
{
"branches": [
{
"category": "product_name",
"name": "Hitachi Command Suite",
"product": {
"name": "Hitachi Command Suite",
"product_id": "T010951",
"product_identification_helper": {
"cpe": "cpe:/a:hitachi:command_suite:-"
}
}
},
{
"category": "product_name",
"name": "Hitachi Configuration Manager",
"product": {
"name": "Hitachi Configuration Manager",
"product_id": "T020304",
"product_identification_helper": {
"cpe": "cpe:/a:hitachi:configuration_manager:-"
}
}
},
{
"category": "product_name",
"name": "Hitachi Ops Center",
"product": {
"name": "Hitachi Ops Center",
"product_id": "T017562",
"product_identification_helper": {
"cpe": "cpe:/a:hitachi:ops_center:-"
}
}
}
],
"category": "vendor",
"name": "Hitachi"
},
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "7.3",
"product": {
"name": "IBM AIX 7.3",
"product_id": "1139691",
"product_identification_helper": {
"cpe": "cpe:/o:ibm:aix:7.3"
}
}
},
{
"category": "product_version",
"name": "7.2",
"product": {
"name": "IBM AIX 7.2",
"product_id": "434967",
"product_identification_helper": {
"cpe": "cpe:/o:ibm:aix:7.2"
}
}
}
],
"category": "product_name",
"name": "AIX"
},
{
"branches": [
{
"category": "product_version_range",
"name": "\u003c=11.0.0.24",
"product": {
"name": "IBM App Connect Enterprise \u003c=11.0.0.24",
"product_id": "T032252"
}
},
{
"category": "product_version_range",
"name": "\u003c=11.0.0.24",
"product": {
"name": "IBM App Connect Enterprise \u003c=11.0.0.24",
"product_id": "T032252-fixed"
}
},
{
"category": "product_name",
"name": "IBM App Connect Enterprise",
"product": {
"name": "IBM App Connect Enterprise",
"product_id": "T032495",
"product_identification_helper": {
"cpe": "cpe:/a:ibm:app_connect_enterprise:-"
}
}
},
{
"category": "product_version_range",
"name": "\u003c12.0.11.2",
"product": {
"name": "IBM App Connect Enterprise \u003c12.0.11.2",
"product_id": "T033331"
}
},
{
"category": "product_version",
"name": "12.0.11.2",
"product": {
"name": "IBM App Connect Enterprise 12.0.11.2",
"product_id": "T033331-fixed",
"product_identification_helper": {
"cpe": "cpe:/a:ibm:app_connect_enterprise:12.0.11.2"
}
}
}
],
"category": "product_name",
"name": "App Connect Enterprise"
},
{
"branches": [
{
"category": "product_version_range",
"name": "\u003c23.0.2-IF003",
"product": {
"name": "IBM Business Automation Workflow \u003c23.0.2-IF003",
"product_id": "T033813"
}
},
{
"category": "product_version",
"name": "23.0.2-IF003",
"product": {
"name": "IBM Business Automation Workflow 23.0.2-IF003",
"product_id": "T033813-fixed",
"product_identification_helper": {
"cpe": "cpe:/a:ibm:business_automation_workflow:23.0.2:if003"
}
}
},
{
"category": "product_version_range",
"name": "\u003c21.0.3-IF031",
"product": {
"name": "IBM Business Automation Workflow \u003c21.0.3-IF031",
"product_id": "T033816"
}
},
{
"category": "product_version",
"name": "21.0.3-IF031",
"product": {
"name": "IBM Business Automation Workflow 21.0.3-IF031",
"product_id": "T033816-fixed",
"product_identification_helper": {
"cpe": "cpe:/a:ibm:business_automation_workflow:21.0.3:if031"
}
}
}
],
"category": "product_name",
"name": "Business Automation Workflow"
},
{
"branches": [
{
"category": "product_version",
"name": "11.5",
"product": {
"name": "IBM DB2 11.5",
"product_id": "T033138",
"product_identification_helper": {
"cpe": "cpe:/a:ibm:db2:11.5"
}
}
},
{
"category": "product_version",
"name": "11.1",
"product": {
"name": "IBM DB2 11.1",
"product_id": "T033139",
"product_identification_helper": {
"cpe": "cpe:/a:ibm:db2:11.1"
}
}
},
{
"category": "product_version",
"name": "10.5",
"product": {
"name": "IBM DB2 10.5",
"product_id": "T033140",
"product_identification_helper": {
"cpe": "cpe:/a:ibm:db2:10.5"
}
}
}
],
"category": "product_name",
"name": "DB2"
},
{
"branches": [
{
"category": "product_version_range",
"name": "\u003c10.5.4",
"product": {
"name": "IBM DataPower Gateway \u003c10.5.4",
"product_id": "T033810"
}
},
{
"category": "product_version",
"name": "10.5.4",
"product": {
"name": "IBM DataPower Gateway 10.5.4",
"product_id": "T033810-fixed",
"product_identification_helper": {
"cpe": "cpe:/a:ibm:datapower_gateway:10.5.4"
}
}
},
{
"category": "product_version_range",
"name": "\u003c10.5.0.10",
"product": {
"name": "IBM DataPower Gateway \u003c10.5.0.10",
"product_id": "T033811"
}
},
{
"category": "product_version",
"name": "10.5.0.10",
"product": {
"name": "IBM DataPower Gateway 10.5.0.10",
"product_id": "T033811-fixed",
"product_identification_helper": {
"cpe": "cpe:/a:ibm:datapower_gateway:10.5.0.10"
}
}
},
{
"category": "product_version_range",
"name": "\u003c10.0.1.18",
"product": {
"name": "IBM DataPower Gateway \u003c10.0.1.18",
"product_id": "T033812"
}
},
{
"category": "product_version",
"name": "10.0.1.18",
"product": {
"name": "IBM DataPower Gateway 10.0.1.18",
"product_id": "T033812-fixed",
"product_identification_helper": {
"cpe": "cpe:/a:ibm:datapower_gateway:10.0.1.18"
}
}
}
],
"category": "product_name",
"name": "DataPower Gateway"
},
{
"category": "product_name",
"name": "IBM FlashSystem",
"product": {
"name": "IBM FlashSystem",
"product_id": "T025159",
"product_identification_helper": {
"cpe": "cpe:/a:ibm:flashsystem:-"
}
}
},
{
"branches": [
{
"category": "product_version",
"name": "10.0.0.0",
"product": {
"name": "IBM InfoSphere Identity Insight 10.0.0.0",
"product_id": "T033658",
"product_identification_helper": {
"cpe": "cpe:/a:ibm:infosphere_identity_insight:10.0.0.0"
}
}
}
],
"category": "product_name",
"name": "InfoSphere Identity Insight"
},
{
"branches": [
{
"category": "product_version",
"name": "11.7",
"product": {
"name": "IBM InfoSphere Information Server 11.7",
"product_id": "444803",
"product_identification_helper": {
"cpe": "cpe:/a:ibm:infosphere_information_server:11.7"
}
}
},
{
"category": "product_name",
"name": "IBM InfoSphere Information Server",
"product": {
"name": "IBM InfoSphere Information Server",
"product_id": "T035705",
"product_identification_helper": {
"cpe": "cpe:/a:ibm:infosphere_information_server:-"
}
}
}
],
"category": "product_name",
"name": "InfoSphere Information Server"
},
{
"branches": [
{
"category": "product_version_range",
"name": "\u003c=10.1.0.3",
"product": {
"name": "IBM Integration Bus \u003c=10.1.0.3",
"product_id": "T033332"
}
},
{
"category": "product_version_range",
"name": "\u003c=10.1.0.3",
"product": {
"name": "IBM Integration Bus \u003c=10.1.0.3",
"product_id": "T033332-fixed"
}
}
],
"category": "product_name",
"name": "Integration Bus"
},
{
"branches": [
{
"category": "product_version_range",
"name": "\u003c7.1.5.21",
"product": {
"name": "IBM Java \u003c7.1.5.21",
"product_id": "T032672"
}
},
{
"category": "product_version",
"name": "7.1.5.21",
"product": {
"name": "IBM Java 7.1.5.21",
"product_id": "T032672-fixed",
"product_identification_helper": {
"cpe": "cpe:/a:ibm:jre:7.1.5.21"
}
}
},
{
"category": "product_version_range",
"name": "\u003c8.0.8.20",
"product": {
"name": "IBM Java \u003c8.0.8.20",
"product_id": "T032673"
}
},
{
"category": "product_version",
"name": "8.0.8.20",
"product": {
"name": "IBM Java 8.0.8.20",
"product_id": "T032673-fixed",
"product_identification_helper": {
"cpe": "cpe:/a:ibm:jre:8.0.8.20"
}
}
}
],
"category": "product_name",
"name": "Java"
},
{
"branches": [
{
"category": "product_name",
"name": "IBM MQ",
"product": {
"name": "IBM MQ",
"product_id": "T021398",
"product_identification_helper": {
"cpe": "cpe:/a:ibm:mq:-"
}
}
},
{
"category": "product_version_range",
"name": "\u003c9.3.5.1",
"product": {
"name": "IBM MQ \u003c9.3.5.1",
"product_id": "T034437"
}
},
{
"category": "product_version",
"name": "9.3.5.1",
"product": {
"name": "IBM MQ 9.3.5.1",
"product_id": "T034437-fixed",
"product_identification_helper": {
"cpe": "cpe:/a:ibm:mq:9.3.5.1"
}
}
},
{
"category": "product_version_range",
"name": "\u003c9.0.0.24",
"product": {
"name": "IBM MQ \u003c9.0.0.24",
"product_id": "T034438"
}
},
{
"category": "product_version",
"name": "9.0.0.24",
"product": {
"name": "IBM MQ 9.0.0.24",
"product_id": "T034438-fixed",
"product_identification_helper": {
"cpe": "cpe:/a:ibm:mq:9.0.0.24"
}
}
},
{
"category": "product_version_range",
"name": "\u003c9.1.0.21",
"product": {
"name": "IBM MQ \u003c9.1.0.21",
"product_id": "T034439"
}
},
{
"category": "product_version",
"name": "9.1.0.21",
"product": {
"name": "IBM MQ 9.1.0.21",
"product_id": "T034439-fixed",
"product_identification_helper": {
"cpe": "cpe:/a:ibm:mq:9.1.0.21"
}
}
},
{
"category": "product_version_range",
"name": "\u003c9.2.0.25",
"product": {
"name": "IBM MQ \u003c9.2.0.25",
"product_id": "T034440"
}
},
{
"category": "product_version",
"name": "9.2.0.25",
"product": {
"name": "IBM MQ 9.2.0.25",
"product_id": "T034440-fixed",
"product_identification_helper": {
"cpe": "cpe:/a:ibm:mq:9.2.0.25"
}
}
},
{
"category": "product_version_range",
"name": "\u003c9.3.0.17",
"product": {
"name": "IBM MQ \u003c9.3.0.17",
"product_id": "T034441"
}
},
{
"category": "product_version",
"name": "9.3.0.17",
"product": {
"name": "IBM MQ 9.3.0.17",
"product_id": "T034441-fixed",
"product_identification_helper": {
"cpe": "cpe:/a:ibm:mq:9.3.0.17"
}
}
}
],
"category": "product_name",
"name": "MQ"
},
{
"branches": [
{
"category": "product_version",
"name": "v10",
"product": {
"name": "IBM Power Hardware Management Console v10",
"product_id": "T023373",
"product_identification_helper": {
"cpe": "cpe:/a:ibm:hardware_management_console:v10"
}
}
}
],
"category": "product_name",
"name": "Power Hardware Management Console"
},
{
"branches": [
{
"category": "product_version",
"name": "7.5",
"product": {
"name": "IBM QRadar SIEM 7.5",
"product_id": "T022954",
"product_identification_helper": {
"cpe": "cpe:/a:ibm:qradar_siem:7.5"
}
}
}
],
"category": "product_name",
"name": "QRadar SIEM"
},
{
"branches": [
{
"category": "product_version",
"name": "9.1",
"product": {
"name": "IBM Rational Business Developer 9.1",
"product_id": "T006712",
"product_identification_helper": {
"cpe": "cpe:/a:ibm:rational_business_developer:9.1"
}
}
},
{
"category": "product_version",
"name": "9.6",
"product": {
"name": "IBM Rational Business Developer 9.6",
"product_id": "T023629",
"product_identification_helper": {
"cpe": "cpe:/a:ibm:rational_business_developer:9.6"
}
}
},
{
"category": "product_version",
"name": "9.7",
"product": {
"name": "IBM Rational Business Developer 9.7",
"product_id": "T023630",
"product_identification_helper": {
"cpe": "cpe:/a:ibm:rational_business_developer:9.7"
}
}
}
],
"category": "product_name",
"name": "Rational Business Developer"
},
{
"category": "product_name",
"name": "IBM SAN Volume Controller",
"product": {
"name": "IBM SAN Volume Controller",
"product_id": "T020642",
"product_identification_helper": {
"cpe": "cpe:/a:ibm:san_volume_controller:-"
}
}
},
{
"branches": [
{
"category": "product_version",
"name": "8.2.1",
"product": {
"name": "IBM Security Access Manager for Enterprise Single Sign-On 8.2.1",
"product_id": "T005246",
"product_identification_helper": {
"cpe": "cpe:/a:ibm:security_access_manager_for_enterprise_single_sign_on:8.2.1"
}
}
},
{
"category": "product_version",
"name": "8.2.2",
"product": {
"name": "IBM Security Access Manager for Enterprise Single Sign-On 8.2.2",
"product_id": "T007073",
"product_identification_helper": {
"cpe": "cpe:/a:ibm:security_access_manager_for_enterprise_single_sign_on:8.2.2"
}
}
}
],
"category": "product_name",
"name": "Security Access Manager for Enterprise Single Sign-On"
},
{
"branches": [
{
"category": "product_version",
"name": "11.3",
"product": {
"name": "IBM Security Guardium 11.3",
"product_id": "1048943",
"product_identification_helper": {
"cpe": "cpe:/a:ibm:security_guardium:11.3"
}
}
},
{
"category": "product_version",
"name": "10.6",
"product": {
"name": "IBM Security Guardium 10.6",
"product_id": "410913",
"product_identification_helper": {
"cpe": "cpe:/a:ibm:security_guardium:10.6"
}
}
}
],
"category": "product_name",
"name": "Security Guardium"
},
{
"category": "product_name",
"name": "IBM Storage Insights",
"product": {
"name": "IBM Storage Insights",
"product_id": "T035615",
"product_identification_helper": {
"cpe": "cpe:/a:ibm:storage_insights:-"
}
}
},
{
"branches": [
{
"category": "product_version",
"name": "5.1.0.0-5.1.9.2",
"product": {
"name": "IBM Storage Scale 5.1.0.0-5.1.9.2",
"product_id": "T034450",
"product_identification_helper": {
"cpe": "cpe:/a:ibm:spectrum_scale:5.1.0.0_-_5.1.9.2"
}
}
}
],
"category": "product_name",
"name": "Storage Scale"
},
{
"category": "product_name",
"name": "IBM Storwize",
"product": {
"name": "IBM Storwize",
"product_id": "T021621",
"product_identification_helper": {
"cpe": "cpe:/a:ibm:storwize:-"
}
}
},
{
"branches": [
{
"category": "product_version",
"name": "for multiplatforms_9.1",
"product": {
"name": "IBM TXSeries for multiplatforms_9.1",
"product_id": "T015903",
"product_identification_helper": {
"cpe": "cpe:/a:ibm:txseries:for_multiplatforms_9.1"
}
}
},
{
"category": "product_version",
"name": "for multiplatforms_8.2",
"product": {
"name": "IBM TXSeries for multiplatforms_8.2",
"product_id": "T015904",
"product_identification_helper": {
"cpe": "cpe:/a:ibm:txseries:for_multiplatforms_8.2"
}
}
},
{
"category": "product_version",
"name": "for multiplatforms_8.1",
"product": {
"name": "IBM TXSeries for multiplatforms_8.1",
"product_id": "T015905",
"product_identification_helper": {
"cpe": "cpe:/a:ibm:txseries:for_multiplatforms_8.1"
}
}
}
],
"category": "product_name",
"name": "TXSeries"
},
{
"category": "product_name",
"name": "IBM Tivoli Key Lifecycle Manager",
"product": {
"name": "IBM Tivoli Key Lifecycle Manager",
"product_id": "T026238",
"product_identification_helper": {
"cpe": "cpe:/a:ibm:tivoli_key_lifecycle_manager:-"
}
}
},
{
"branches": [
{
"category": "product_version",
"name": "6.3.0.7",
"product": {
"name": "IBM Tivoli Monitoring 6.3.0.7",
"product_id": "342008",
"product_identification_helper": {
"cpe": "cpe:/a:ibm:tivoli_monitoring:6.3.0.7"
}
}
},
{
"category": "product_version_range",
"name": "for Virtual Environments Base \u003c7.3.7",
"product": {
"name": "IBM Tivoli Monitoring for Virtual Environments Base \u003c7.3.7",
"product_id": "T039990"
}
},
{
"category": "product_version",
"name": "for Virtual Environments Base 7.3.7",
"product": {
"name": "IBM Tivoli Monitoring for Virtual Environments Base 7.3.7",
"product_id": "T039990-fixed",
"product_identification_helper": {
"cpe": "cpe:/a:ibm:tivoli_monitoring:7.3.7::for_virtual_environments_base"
}
}
}
],
"category": "product_name",
"name": "Tivoli Monitoring"
},
{
"branches": [
{
"category": "product_version",
"name": "8.1.0",
"product": {
"name": "IBM Tivoli Netcool/OMNIbus 8.1.0",
"product_id": "700367",
"product_identification_helper": {
"cpe": "cpe:/a:ibm:tivoli_netcool%2fomnibus:8.1.0"
}
}
},
{
"category": "product_name",
"name": "IBM Tivoli Netcool/OMNIbus",
"product": {
"name": "IBM Tivoli Netcool/OMNIbus",
"product_id": "T004181",
"product_identification_helper": {
"cpe": "cpe:/a:ibm:tivoli_netcool%2fomnibus:-"
}
}
},
{
"category": "product_version_range",
"name": "\u003c8.1.0.32",
"product": {
"name": "IBM Tivoli Netcool/OMNIbus \u003c8.1.0.32",
"product_id": "T034518"
}
},
{
"category": "product_version",
"name": "8.1.0.32",
"product": {
"name": "IBM Tivoli Netcool/OMNIbus 8.1.0.32",
"product_id": "T034518-fixed",
"product_identification_helper": {
"cpe": "cpe:/a:ibm:tivoli_netcool%2fomnibus:8.1.0.32"
}
}
}
],
"category": "product_name",
"name": "Tivoli Netcool/OMNIbus"
},
{
"branches": [
{
"category": "product_version_range",
"name": "\u003c4.2.0.19",
"product": {
"name": "IBM Tivoli Network Manager \u003c4.2.0.19",
"product_id": "T033620"
}
},
{
"category": "product_version",
"name": "4.2.0.19",
"product": {
"name": "IBM Tivoli Network Manager 4.2.0.19",
"product_id": "T033620-fixed",
"product_identification_helper": {
"cpe": "cpe:/a:ibm:tivoli_network_manager:4.2.0.19"
}
}
}
],
"category": "product_name",
"name": "Tivoli Network Manager"
},
{
"branches": [
{
"category": "product_version",
"name": "3.1",
"product": {
"name": "IBM VIOS 3.1",
"product_id": "1039165",
"product_identification_helper": {
"cpe": "cpe:/a:ibm:vios:3.1"
}
}
},
{
"category": "product_version",
"name": "4.1",
"product": {
"name": "IBM VIOS 4.1",
"product_id": "1522854",
"product_identification_helper": {
"cpe": "cpe:/a:ibm:vios:4.1"
}
}
}
],
"category": "product_name",
"name": "VIOS"
},
{
"branches": [
{
"category": "product_version",
"name": "8.5",
"product": {
"name": "IBM WebSphere Application Server 8.5",
"product_id": "703851",
"product_identification_helper": {
"cpe": "cpe:/a:ibm:websphere_application_server:8.5"
}
}
},
{
"category": "product_version",
"name": "9",
"product": {
"name": "IBM WebSphere Application Server 9.0",
"product_id": "703852",
"product_identification_helper": {
"cpe": "cpe:/a:ibm:websphere_application_server:9.0"
}
}
}
],
"category": "product_name",
"name": "WebSphere Application Server"
},
{
"branches": [
{
"category": "product_version",
"name": "8.5",
"product": {
"name": "IBM WebSphere Service Registry and Repository 8.5",
"product_id": "306235",
"product_identification_helper": {
"cpe": "cpe:/a:ibm:websphere_service_registry_and_repository:8.5"
}
}
}
],
"category": "product_name",
"name": "WebSphere Service Registry and Repository"
}
],
"category": "vendor",
"name": "IBM"
},
{
"branches": [
{
"category": "product_name",
"name": "Kyocera Printer",
"product": {
"name": "Kyocera Printer",
"product_id": "T015471",
"product_identification_helper": {
"cpe": "cpe:/h:kyocera:printer:-"
}
}
}
],
"category": "vendor",
"name": "Kyocera"
},
{
"branches": [
{
"category": "product_name",
"name": "Open Source CentOS",
"product": {
"name": "Open Source CentOS",
"product_id": "1727",
"product_identification_helper": {
"cpe": "cpe:/o:centos:centos:-"
}
}
}
],
"category": "vendor",
"name": "Open Source"
},
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "for JDK 21.0.1",
"product": {
"name": "Oracle GraalVM for JDK 21.0.1",
"product_id": "T032163",
"product_identification_helper": {
"cpe": "cpe:/a:oracle:graalvm:21.0.1::for_jdk"
}
}
},
{
"category": "product_version",
"name": "for JDK 17.0.9",
"product": {
"name": "Oracle GraalVM for JDK 17.0.9",
"product_id": "T032164",
"product_identification_helper": {
"cpe": "cpe:/a:oracle:graalvm:17.0.9::for_jdk"
}
}
},
{
"category": "product_version",
"name": "Enterprise Edition 20.3.12",
"product": {
"name": "Oracle GraalVM Enterprise Edition 20.3.12",
"product_id": "T032165",
"product_identification_helper": {
"cpe": "cpe:/a:oracle:graalvm:20.3.12::enterprise_edition"
}
}
},
{
"category": "product_version",
"name": "Enterprise Edition 21.3.8",
"product": {
"name": "Oracle GraalVM Enterprise Edition 21.3.8",
"product_id": "T032169",
"product_identification_helper": {
"cpe": "cpe:/a:oracle:graalvm:21.3.8::enterprise_edition"
}
}
}
],
"category": "product_name",
"name": "GraalVM"
},
{
"branches": [
{
"category": "product_version",
"name": "21.3.8",
"product": {
"name": "Oracle Java SE 21.3.8",
"product_id": "T032114",
"product_identification_helper": {
"cpe": "cpe:/a:oracle:java_se:21.3.8"
}
}
},
{
"category": "product_version",
"name": "22.3.4",
"product": {
"name": "Oracle Java SE 22.3.4",
"product_id": "T032115",
"product_identification_helper": {
"cpe": "cpe:/a:oracle:java_se:22.3.4"
}
}
},
{
"category": "product_version",
"name": "11.0.21",
"product": {
"name": "Oracle Java SE 11.0.21",
"product_id": "T032116",
"product_identification_helper": {
"cpe": "cpe:/a:oracle:java_se:11.0.21"
}
}
},
{
"category": "product_version",
"name": "17.0.9",
"product": {
"name": "Oracle Java SE 17.0.9",
"product_id": "T032117",
"product_identification_helper": {
"cpe": "cpe:/a:oracle:java_se:17.0.9"
}
}
},
{
"category": "product_version",
"name": "8u391",
"product": {
"name": "Oracle Java SE 8u391",
"product_id": "T032167",
"product_identification_helper": {
"cpe": "cpe:/a:oracle:java_se:8u391"
}
}
},
{
"category": "product_version",
"name": "21.0.1",
"product": {
"name": "Oracle Java SE 21.0.1",
"product_id": "T032168",
"product_identification_helper": {
"cpe": "cpe:/a:oracle:java_se:21.0.1"
}
}
}
],
"category": "product_name",
"name": "Java SE"
},
{
"category": "product_name",
"name": "Oracle Linux",
"product": {
"name": "Oracle Linux",
"product_id": "T004914",
"product_identification_helper": {
"cpe": "cpe:/o:oracle:linux:-"
}
}
}
],
"category": "vendor",
"name": "Oracle"
},
{
"branches": [
{
"category": "product_name",
"name": "Red Hat Enterprise Linux",
"product": {
"name": "Red Hat Enterprise Linux",
"product_id": "67646",
"product_identification_helper": {
"cpe": "cpe:/o:redhat:enterprise_linux:-"
}
}
}
],
"category": "vendor",
"name": "Red Hat"
},
{
"branches": [
{
"category": "product_name",
"name": "SUSE Linux",
"product": {
"name": "SUSE Linux",
"product_id": "T002207",
"product_identification_helper": {
"cpe": "cpe:/o:suse:suse_linux:-"
}
}
},
{
"category": "product_name",
"name": "SUSE openSUSE",
"product": {
"name": "SUSE openSUSE",
"product_id": "T027843",
"product_identification_helper": {
"cpe": "cpe:/o:suse:opensuse:-"
}
}
}
],
"category": "vendor",
"name": "SUSE"
},
{
"branches": [
{
"branches": [
{
"category": "product_version_range",
"name": "\u003c2024.2",
"product": {
"name": "SolarWinds Security Event Manager \u003c2024.2",
"product_id": "T034244"
}
},
{
"category": "product_version",
"name": "2024.2",
"product": {
"name": "SolarWinds Security Event Manager 2024.2",
"product_id": "T034244-fixed",
"product_identification_helper": {
"cpe": "cpe:/a:solarwinds:security_event_manager:2024.2"
}
}
}
],
"category": "product_name",
"name": "Security Event Manager"
}
],
"category": "vendor",
"name": "SolarWinds"
},
{
"branches": [
{
"category": "product_name",
"name": "Ubuntu Linux",
"product": {
"name": "Ubuntu Linux",
"product_id": "T000126",
"product_identification_helper": {
"cpe": "cpe:/o:canonical:ubuntu_linux:-"
}
}
}
],
"category": "vendor",
"name": "Ubuntu"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2023-44487",
"product_status": {
"known_affected": [
"T005246",
"T033356",
"T010951",
"T035615",
"T034440",
"T032183",
"T004914",
"703851",
"T023629",
"703852",
"T034244",
"T034441",
"1139691",
"T020642",
"T032180",
"398363",
"T023630",
"T033508",
"T032115",
"T032116",
"T032114",
"T035705",
"434967",
"T032117",
"1039165",
"1522854",
"T034450",
"T012167",
"T032672",
"T032673",
"T017562",
"T022954",
"T015471",
"T021621",
"T014381",
"2951",
"T002207",
"444803",
"T027843",
"T004181",
"T026238",
"306235",
"T033138",
"T015905",
"T033139",
"T033810",
"T015904",
"T032168",
"T015903",
"T032169",
"1048943",
"T033813",
"67646",
"T033811",
"T006712",
"T033658",
"T033812",
"700367",
"T034583",
"T036366",
"T032163",
"T033332",
"T032167",
"T032164",
"T032165",
"T033331",
"T039990",
"T020304",
"T025159",
"T035828",
"342008",
"T021398",
"T023373",
"T034437",
"T032256",
"T033620",
"T034518",
"T034439",
"T034438",
"T033140",
"410913",
"T032252",
"T032495",
"T000126",
"T040501",
"T040500",
"T007073",
"T022212",
"T033816",
"1727"
]
},
"release_date": "2024-01-16T23:00:00.000+00:00",
"title": "CVE-2023-44487"
},
{
"cve": "CVE-2023-5072",
"product_status": {
"known_affected": [
"T005246",
"T033356",
"T010951",
"T035615",
"T034440",
"T032183",
"T004914",
"703851",
"T023629",
"703852",
"T034244",
"T034441",
"1139691",
"T020642",
"T032180",
"398363",
"T023630",
"T033508",
"T032115",
"T032116",
"T032114",
"T035705",
"434967",
"T032117",
"1039165",
"1522854",
"T034450",
"T012167",
"T032672",
"T032673",
"T017562",
"T022954",
"T015471",
"T021621",
"T014381",
"2951",
"T002207",
"444803",
"T027843",
"T004181",
"T026238",
"306235",
"T033138",
"T015905",
"T033139",
"T033810",
"T015904",
"T032168",
"T015903",
"T032169",
"1048943",
"T033813",
"67646",
"T033811",
"T006712",
"T033658",
"T033812",
"700367",
"T034583",
"T036366",
"T032163",
"T033332",
"T032167",
"T032164",
"T032165",
"T033331",
"T039990",
"T020304",
"T025159",
"T035828",
"342008",
"T021398",
"T023373",
"T034437",
"T032256",
"T033620",
"T034518",
"T034439",
"T034438",
"T033140",
"410913",
"T032252",
"T032495",
"T000126",
"T040501",
"T040500",
"T007073",
"T022212",
"T033816",
"1727"
]
},
"release_date": "2024-01-16T23:00:00.000+00:00",
"title": "CVE-2023-5072"
},
{
"cve": "CVE-2024-20918",
"product_status": {
"known_affected": [
"T005246",
"T033356",
"T010951",
"T035615",
"T034440",
"T032183",
"T004914",
"703851",
"T023629",
"703852",
"T034244",
"T034441",
"1139691",
"T020642",
"T032180",
"398363",
"T023630",
"T033508",
"T032115",
"T032116",
"T032114",
"T035705",
"434967",
"T032117",
"1039165",
"1522854",
"T034450",
"T012167",
"T032672",
"T032673",
"T017562",
"T022954",
"T015471",
"T021621",
"T014381",
"2951",
"T002207",
"444803",
"T027843",
"T004181",
"T026238",
"306235",
"T033138",
"T015905",
"T033139",
"T033810",
"T015904",
"T032168",
"T015903",
"T032169",
"1048943",
"T033813",
"67646",
"T033811",
"T006712",
"T033658",
"T033812",
"700367",
"T034583",
"T036366",
"T032163",
"T033332",
"T032167",
"T032164",
"T032165",
"T033331",
"T039990",
"T020304",
"T025159",
"T035828",
"342008",
"T021398",
"T023373",
"T034437",
"T032256",
"T033620",
"T034518",
"T034439",
"T034438",
"T033140",
"410913",
"T032252",
"T032495",
"T000126",
"T040501",
"T040500",
"T007073",
"T022212",
"T033816",
"1727"
]
},
"release_date": "2024-01-16T23:00:00.000+00:00",
"title": "CVE-2024-20918"
},
{
"cve": "CVE-2024-20919",
"product_status": {
"known_affected": [
"T005246",
"T033356",
"T010951",
"T035615",
"T034440",
"T032183",
"T004914",
"703851",
"T023629",
"703852",
"T034244",
"T034441",
"1139691",
"T020642",
"T032180",
"398363",
"T023630",
"T033508",
"T032115",
"T032116",
"T032114",
"T035705",
"434967",
"T032117",
"1039165",
"1522854",
"T034450",
"T012167",
"T032672",
"T032673",
"T017562",
"T022954",
"T015471",
"T021621",
"T014381",
"2951",
"T002207",
"444803",
"T027843",
"T004181",
"T026238",
"306235",
"T033138",
"T015905",
"T033139",
"T033810",
"T015904",
"T032168",
"T015903",
"T032169",
"1048943",
"T033813",
"67646",
"T033811",
"T006712",
"T033658",
"T033812",
"700367",
"T034583",
"T036366",
"T032163",
"T033332",
"T032167",
"T032164",
"T032165",
"T033331",
"T039990",
"T020304",
"T025159",
"T035828",
"342008",
"T021398",
"T023373",
"T034437",
"T032256",
"T033620",
"T034518",
"T034439",
"T034438",
"T033140",
"410913",
"T032252",
"T032495",
"T000126",
"T040501",
"T040500",
"T007073",
"T022212",
"T033816",
"1727"
]
},
"release_date": "2024-01-16T23:00:00.000+00:00",
"title": "CVE-2024-20919"
},
{
"cve": "CVE-2024-20921",
"product_status": {
"known_affected": [
"T005246",
"T033356",
"T010951",
"T035615",
"T034440",
"T032183",
"T004914",
"703851",
"T023629",
"703852",
"T034244",
"T034441",
"1139691",
"T020642",
"T032180",
"398363",
"T023630",
"T033508",
"T032115",
"T032116",
"T032114",
"T035705",
"434967",
"T032117",
"1039165",
"1522854",
"T034450",
"T012167",
"T032672",
"T032673",
"T017562",
"T022954",
"T015471",
"T021621",
"T014381",
"2951",
"T002207",
"444803",
"T027843",
"T004181",
"T026238",
"306235",
"T033138",
"T015905",
"T033139",
"T033810",
"T015904",
"T032168",
"T015903",
"T032169",
"1048943",
"T033813",
"67646",
"T033811",
"T006712",
"T033658",
"T033812",
"700367",
"T034583",
"T036366",
"T032163",
"T033332",
"T032167",
"T032164",
"T032165",
"T033331",
"T039990",
"T020304",
"T025159",
"T035828",
"342008",
"T021398",
"T023373",
"T034437",
"T032256",
"T033620",
"T034518",
"T034439",
"T034438",
"T033140",
"410913",
"T032252",
"T032495",
"T000126",
"T040501",
"T040500",
"T007073",
"T022212",
"T033816",
"1727"
]
},
"release_date": "2024-01-16T23:00:00.000+00:00",
"title": "CVE-2024-20921"
},
{
"cve": "CVE-2024-20922",
"product_status": {
"known_affected": [
"T005246",
"T033356",
"T010951",
"T035615",
"T034440",
"T032183",
"T004914",
"703851",
"T023629",
"703852",
"T034244",
"T034441",
"1139691",
"T020642",
"T032180",
"398363",
"T023630",
"T033508",
"T032115",
"T032116",
"T032114",
"T035705",
"434967",
"T032117",
"1039165",
"1522854",
"T034450",
"T012167",
"T032672",
"T032673",
"T017562",
"T022954",
"T015471",
"T021621",
"T014381",
"2951",
"T002207",
"444803",
"T027843",
"T004181",
"T026238",
"306235",
"T033138",
"T015905",
"T033139",
"T033810",
"T015904",
"T032168",
"T015903",
"T032169",
"1048943",
"T033813",
"67646",
"T033811",
"T006712",
"T033658",
"T033812",
"700367",
"T034583",
"T036366",
"T032163",
"T033332",
"T032167",
"T032164",
"T032165",
"T033331",
"T039990",
"T020304",
"T025159",
"T035828",
"342008",
"T021398",
"T023373",
"T034437",
"T032256",
"T033620",
"T034518",
"T034439",
"T034438",
"T033140",
"410913",
"T032252",
"T032495",
"T000126",
"T040501",
"T040500",
"T007073",
"T022212",
"T033816",
"1727"
]
},
"release_date": "2024-01-16T23:00:00.000+00:00",
"title": "CVE-2024-20922"
},
{
"cve": "CVE-2024-20923",
"product_status": {
"known_affected": [
"T005246",
"T033356",
"T010951",
"T035615",
"T034440",
"T032183",
"T004914",
"703851",
"T023629",
"703852",
"T034244",
"T034441",
"1139691",
"T020642",
"T032180",
"398363",
"T023630",
"T033508",
"T032115",
"T032116",
"T032114",
"T035705",
"434967",
"T032117",
"1039165",
"1522854",
"T034450",
"T012167",
"T032672",
"T032673",
"T017562",
"T022954",
"T015471",
"T021621",
"T014381",
"2951",
"T002207",
"444803",
"T027843",
"T004181",
"T026238",
"306235",
"T033138",
"T015905",
"T033139",
"T033810",
"T015904",
"T032168",
"T015903",
"T032169",
"1048943",
"T033813",
"67646",
"T033811",
"T006712",
"T033658",
"T033812",
"700367",
"T034583",
"T036366",
"T032163",
"T033332",
"T032167",
"T032164",
"T032165",
"T033331",
"T039990",
"T020304",
"T025159",
"T035828",
"342008",
"T021398",
"T023373",
"T034437",
"T032256",
"T033620",
"T034518",
"T034439",
"T034438",
"T033140",
"410913",
"T032252",
"T032495",
"T000126",
"T040501",
"T040500",
"T007073",
"T022212",
"T033816",
"1727"
]
},
"release_date": "2024-01-16T23:00:00.000+00:00",
"title": "CVE-2024-20923"
},
{
"cve": "CVE-2024-20925",
"product_status": {
"known_affected": [
"T005246",
"T033356",
"T010951",
"T035615",
"T034440",
"T032183",
"T004914",
"703851",
"T023629",
"703852",
"T034244",
"T034441",
"1139691",
"T020642",
"T032180",
"398363",
"T023630",
"T033508",
"T032115",
"T032116",
"T032114",
"T035705",
"434967",
"T032117",
"1039165",
"1522854",
"T034450",
"T012167",
"T032672",
"T032673",
"T017562",
"T022954",
"T015471",
"T021621",
"T014381",
"2951",
"T002207",
"444803",
"T027843",
"T004181",
"T026238",
"306235",
"T033138",
"T015905",
"T033139",
"T033810",
"T015904",
"T032168",
"T015903",
"T032169",
"1048943",
"T033813",
"67646",
"T033811",
"T006712",
"T033658",
"T033812",
"700367",
"T034583",
"T036366",
"T032163",
"T033332",
"T032167",
"T032164",
"T032165",
"T033331",
"T039990",
"T020304",
"T025159",
"T035828",
"342008",
"T021398",
"T023373",
"T034437",
"T032256",
"T033620",
"T034518",
"T034439",
"T034438",
"T033140",
"410913",
"T032252",
"T032495",
"T000126",
"T040501",
"T040500",
"T007073",
"T022212",
"T033816",
"1727"
]
},
"release_date": "2024-01-16T23:00:00.000+00:00",
"title": "CVE-2024-20925"
},
{
"cve": "CVE-2024-20926",
"product_status": {
"known_affected": [
"T005246",
"T033356",
"T010951",
"T035615",
"T034440",
"T032183",
"T004914",
"703851",
"T023629",
"703852",
"T034244",
"T034441",
"1139691",
"T020642",
"T032180",
"398363",
"T023630",
"T033508",
"T032115",
"T032116",
"T032114",
"T035705",
"434967",
"T032117",
"1039165",
"1522854",
"T034450",
"T012167",
"T032672",
"T032673",
"T017562",
"T022954",
"T015471",
"T021621",
"T014381",
"2951",
"T002207",
"444803",
"T027843",
"T004181",
"T026238",
"306235",
"T033138",
"T015905",
"T033139",
"T033810",
"T015904",
"T032168",
"T015903",
"T032169",
"1048943",
"T033813",
"67646",
"T033811",
"T006712",
"T033658",
"T033812",
"700367",
"T034583",
"T036366",
"T032163",
"T033332",
"T032167",
"T032164",
"T032165",
"T033331",
"T039990",
"T020304",
"T025159",
"T035828",
"342008",
"T021398",
"T023373",
"T034437",
"T032256",
"T033620",
"T034518",
"T034439",
"T034438",
"T033140",
"410913",
"T032252",
"T032495",
"T000126",
"T040501",
"T040500",
"T007073",
"T022212",
"T033816",
"1727"
]
},
"release_date": "2024-01-16T23:00:00.000+00:00",
"title": "CVE-2024-20926"
},
{
"cve": "CVE-2024-20932",
"product_status": {
"known_affected": [
"T005246",
"T033356",
"T010951",
"T035615",
"T034440",
"T032183",
"T004914",
"703851",
"T023629",
"703852",
"T034244",
"T034441",
"1139691",
"T020642",
"T032180",
"398363",
"T023630",
"T033508",
"T032115",
"T032116",
"T032114",
"T035705",
"434967",
"T032117",
"1039165",
"1522854",
"T034450",
"T012167",
"T032672",
"T032673",
"T017562",
"T022954",
"T015471",
"T021621",
"T014381",
"2951",
"T002207",
"444803",
"T027843",
"T004181",
"T026238",
"306235",
"T033138",
"T015905",
"T033139",
"T033810",
"T015904",
"T032168",
"T015903",
"T032169",
"1048943",
"T033813",
"67646",
"T033811",
"T006712",
"T033658",
"T033812",
"700367",
"T034583",
"T036366",
"T032163",
"T033332",
"T032167",
"T032164",
"T032165",
"T033331",
"T039990",
"T020304",
"T025159",
"T035828",
"342008",
"T021398",
"T023373",
"T034437",
"T032256",
"T033620",
"T034518",
"T034439",
"T034438",
"T033140",
"410913",
"T032252",
"T032495",
"T000126",
"T040501",
"T040500",
"T007073",
"T022212",
"T033816",
"1727"
]
},
"release_date": "2024-01-16T23:00:00.000+00:00",
"title": "CVE-2024-20932"
},
{
"cve": "CVE-2024-20945",
"product_status": {
"known_affected": [
"T005246",
"T033356",
"T010951",
"T035615",
"T034440",
"T032183",
"T004914",
"703851",
"T023629",
"703852",
"T034244",
"T034441",
"1139691",
"T020642",
"T032180",
"398363",
"T023630",
"T033508",
"T032115",
"T032116",
"T032114",
"T035705",
"434967",
"T032117",
"1039165",
"1522854",
"T034450",
"T012167",
"T032672",
"T032673",
"T017562",
"T022954",
"T015471",
"T021621",
"T014381",
"2951",
"T002207",
"444803",
"T027843",
"T004181",
"T026238",
"306235",
"T033138",
"T015905",
"T033139",
"T033810",
"T015904",
"T032168",
"T015903",
"T032169",
"1048943",
"T033813",
"67646",
"T033811",
"T006712",
"T033658",
"T033812",
"700367",
"T034583",
"T036366",
"T032163",
"T033332",
"T032167",
"T032164",
"T032165",
"T033331",
"T039990",
"T020304",
"T025159",
"T035828",
"342008",
"T021398",
"T023373",
"T034437",
"T032256",
"T033620",
"T034518",
"T034439",
"T034438",
"T033140",
"410913",
"T032252",
"T032495",
"T000126",
"T040501",
"T040500",
"T007073",
"T022212",
"T033816",
"1727"
]
},
"release_date": "2024-01-16T23:00:00.000+00:00",
"title": "CVE-2024-20945"
},
{
"cve": "CVE-2024-20952",
"product_status": {
"known_affected": [
"T005246",
"T033356",
"T010951",
"T035615",
"T034440",
"T032183",
"T004914",
"703851",
"T023629",
"703852",
"T034244",
"T034441",
"1139691",
"T020642",
"T032180",
"398363",
"T023630",
"T033508",
"T032115",
"T032116",
"T032114",
"T035705",
"434967",
"T032117",
"1039165",
"1522854",
"T034450",
"T012167",
"T032672",
"T032673",
"T017562",
"T022954",
"T015471",
"T021621",
"T014381",
"2951",
"T002207",
"444803",
"T027843",
"T004181",
"T026238",
"306235",
"T033138",
"T015905",
"T033139",
"T033810",
"T015904",
"T032168",
"T015903",
"T032169",
"1048943",
"T033813",
"67646",
"T033811",
"T006712",
"T033658",
"T033812",
"700367",
"T034583",
"T036366",
"T032163",
"T033332",
"T032167",
"T032164",
"T032165",
"T033331",
"T039990",
"T020304",
"T025159",
"T035828",
"342008",
"T021398",
"T023373",
"T034437",
"T032256",
"T033620",
"T034518",
"T034439",
"T034438",
"T033140",
"410913",
"T032252",
"T032495",
"T000126",
"T040501",
"T040500",
"T007073",
"T022212",
"T033816",
"1727"
]
},
"release_date": "2024-01-16T23:00:00.000+00:00",
"title": "CVE-2024-20952"
},
{
"cve": "CVE-2024-20955",
"product_status": {
"known_affected": [
"T005246",
"T033356",
"T010951",
"T035615",
"T034440",
"T032183",
"T004914",
"703851",
"T023629",
"703852",
"T034244",
"T034441",
"1139691",
"T020642",
"T032180",
"398363",
"T023630",
"T033508",
"T032115",
"T032116",
"T032114",
"T035705",
"434967",
"T032117",
"1039165",
"1522854",
"T034450",
"T012167",
"T032672",
"T032673",
"T017562",
"T022954",
"T015471",
"T021621",
"T014381",
"2951",
"T002207",
"444803",
"T027843",
"T004181",
"T026238",
"306235",
"T033138",
"T015905",
"T033139",
"T033810",
"T015904",
"T032168",
"T015903",
"T032169",
"1048943",
"T033813",
"67646",
"T033811",
"T006712",
"T033658",
"T033812",
"700367",
"T034583",
"T036366",
"T032163",
"T033332",
"T032167",
"T032164",
"T032165",
"T033331",
"T039990",
"T020304",
"T025159",
"T035828",
"342008",
"T021398",
"T023373",
"T034437",
"T032256",
"T033620",
"T034518",
"T034439",
"T034438",
"T033140",
"410913",
"T032252",
"T032495",
"T000126",
"T040501",
"T040500",
"T007073",
"T022212",
"T033816",
"1727"
]
},
"release_date": "2024-01-16T23:00:00.000+00:00",
"title": "CVE-2024-20955"
}
]
}
WID-SEC-W-2024-0123
Vulnerability from csaf_certbund - Published: 2024-01-16 23:00 - Updated: 2026-05-07 22:00| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Ubuntu Linux
Ubuntu
|
cpe:/o:canonical:ubuntu_linux:-
|
— | |
|
Oracle Fusion Middleware 8.5.6
Oracle / Fusion Middleware
|
cpe:/a:oracle:fusion_middleware:8.5.6
|
8.5.6 | |
|
Oracle Fusion Middleware 12.2.1.4.0
Oracle / Fusion Middleware
|
cpe:/a:oracle:fusion_middleware:12.2.1.4.0
|
12.2.1.4.0 | |
|
Oracle Fusion Middleware 14.1.1.0.0
Oracle / Fusion Middleware
|
cpe:/a:oracle:fusion_middleware:14.1.1.0.0
|
14.1.1.0.0 |
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Ubuntu Linux
Ubuntu
|
cpe:/o:canonical:ubuntu_linux:-
|
— | |
|
Oracle Fusion Middleware 8.5.6
Oracle / Fusion Middleware
|
cpe:/a:oracle:fusion_middleware:8.5.6
|
8.5.6 | |
|
Oracle Fusion Middleware 12.2.1.4.0
Oracle / Fusion Middleware
|
cpe:/a:oracle:fusion_middleware:12.2.1.4.0
|
12.2.1.4.0 | |
|
Oracle Fusion Middleware 14.1.1.0.0
Oracle / Fusion Middleware
|
cpe:/a:oracle:fusion_middleware:14.1.1.0.0
|
14.1.1.0.0 |
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Ubuntu Linux
Ubuntu
|
cpe:/o:canonical:ubuntu_linux:-
|
— | |
|
Oracle Fusion Middleware 8.5.6
Oracle / Fusion Middleware
|
cpe:/a:oracle:fusion_middleware:8.5.6
|
8.5.6 | |
|
Oracle Fusion Middleware 12.2.1.4.0
Oracle / Fusion Middleware
|
cpe:/a:oracle:fusion_middleware:12.2.1.4.0
|
12.2.1.4.0 | |
|
Oracle Fusion Middleware 14.1.1.0.0
Oracle / Fusion Middleware
|
cpe:/a:oracle:fusion_middleware:14.1.1.0.0
|
14.1.1.0.0 |
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Ubuntu Linux
Ubuntu
|
cpe:/o:canonical:ubuntu_linux:-
|
— | |
|
Oracle Fusion Middleware 8.5.6
Oracle / Fusion Middleware
|
cpe:/a:oracle:fusion_middleware:8.5.6
|
8.5.6 | |
|
Oracle Fusion Middleware 12.2.1.4.0
Oracle / Fusion Middleware
|
cpe:/a:oracle:fusion_middleware:12.2.1.4.0
|
12.2.1.4.0 | |
|
Oracle Fusion Middleware 14.1.1.0.0
Oracle / Fusion Middleware
|
cpe:/a:oracle:fusion_middleware:14.1.1.0.0
|
14.1.1.0.0 |
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Ubuntu Linux
Ubuntu
|
cpe:/o:canonical:ubuntu_linux:-
|
— | |
|
Oracle Fusion Middleware 8.5.6
Oracle / Fusion Middleware
|
cpe:/a:oracle:fusion_middleware:8.5.6
|
8.5.6 | |
|
Oracle Fusion Middleware 12.2.1.4.0
Oracle / Fusion Middleware
|
cpe:/a:oracle:fusion_middleware:12.2.1.4.0
|
12.2.1.4.0 | |
|
Oracle Fusion Middleware 14.1.1.0.0
Oracle / Fusion Middleware
|
cpe:/a:oracle:fusion_middleware:14.1.1.0.0
|
14.1.1.0.0 |
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Ubuntu Linux
Ubuntu
|
cpe:/o:canonical:ubuntu_linux:-
|
— | |
|
Oracle Fusion Middleware 8.5.6
Oracle / Fusion Middleware
|
cpe:/a:oracle:fusion_middleware:8.5.6
|
8.5.6 | |
|
Oracle Fusion Middleware 12.2.1.4.0
Oracle / Fusion Middleware
|
cpe:/a:oracle:fusion_middleware:12.2.1.4.0
|
12.2.1.4.0 | |
|
Oracle Fusion Middleware 14.1.1.0.0
Oracle / Fusion Middleware
|
cpe:/a:oracle:fusion_middleware:14.1.1.0.0
|
14.1.1.0.0 |
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Ubuntu Linux
Ubuntu
|
cpe:/o:canonical:ubuntu_linux:-
|
— | |
|
Oracle Fusion Middleware 8.5.6
Oracle / Fusion Middleware
|
cpe:/a:oracle:fusion_middleware:8.5.6
|
8.5.6 | |
|
Oracle Fusion Middleware 12.2.1.4.0
Oracle / Fusion Middleware
|
cpe:/a:oracle:fusion_middleware:12.2.1.4.0
|
12.2.1.4.0 | |
|
Oracle Fusion Middleware 14.1.1.0.0
Oracle / Fusion Middleware
|
cpe:/a:oracle:fusion_middleware:14.1.1.0.0
|
14.1.1.0.0 |
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Ubuntu Linux
Ubuntu
|
cpe:/o:canonical:ubuntu_linux:-
|
— | |
|
Oracle Fusion Middleware 8.5.6
Oracle / Fusion Middleware
|
cpe:/a:oracle:fusion_middleware:8.5.6
|
8.5.6 | |
|
Oracle Fusion Middleware 12.2.1.4.0
Oracle / Fusion Middleware
|
cpe:/a:oracle:fusion_middleware:12.2.1.4.0
|
12.2.1.4.0 | |
|
Oracle Fusion Middleware 14.1.1.0.0
Oracle / Fusion Middleware
|
cpe:/a:oracle:fusion_middleware:14.1.1.0.0
|
14.1.1.0.0 |
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Ubuntu Linux
Ubuntu
|
cpe:/o:canonical:ubuntu_linux:-
|
— | |
|
Oracle Fusion Middleware 8.5.6
Oracle / Fusion Middleware
|
cpe:/a:oracle:fusion_middleware:8.5.6
|
8.5.6 | |
|
Oracle Fusion Middleware 12.2.1.4.0
Oracle / Fusion Middleware
|
cpe:/a:oracle:fusion_middleware:12.2.1.4.0
|
12.2.1.4.0 | |
|
Oracle Fusion Middleware 14.1.1.0.0
Oracle / Fusion Middleware
|
cpe:/a:oracle:fusion_middleware:14.1.1.0.0
|
14.1.1.0.0 |
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Ubuntu Linux
Ubuntu
|
cpe:/o:canonical:ubuntu_linux:-
|
— | |
|
Oracle Fusion Middleware 8.5.6
Oracle / Fusion Middleware
|
cpe:/a:oracle:fusion_middleware:8.5.6
|
8.5.6 | |
|
Oracle Fusion Middleware 12.2.1.4.0
Oracle / Fusion Middleware
|
cpe:/a:oracle:fusion_middleware:12.2.1.4.0
|
12.2.1.4.0 | |
|
Oracle Fusion Middleware 14.1.1.0.0
Oracle / Fusion Middleware
|
cpe:/a:oracle:fusion_middleware:14.1.1.0.0
|
14.1.1.0.0 |
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Ubuntu Linux
Ubuntu
|
cpe:/o:canonical:ubuntu_linux:-
|
— | |
|
Oracle Fusion Middleware 8.5.6
Oracle / Fusion Middleware
|
cpe:/a:oracle:fusion_middleware:8.5.6
|
8.5.6 | |
|
Oracle Fusion Middleware 12.2.1.4.0
Oracle / Fusion Middleware
|
cpe:/a:oracle:fusion_middleware:12.2.1.4.0
|
12.2.1.4.0 | |
|
Oracle Fusion Middleware 14.1.1.0.0
Oracle / Fusion Middleware
|
cpe:/a:oracle:fusion_middleware:14.1.1.0.0
|
14.1.1.0.0 |
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Ubuntu Linux
Ubuntu
|
cpe:/o:canonical:ubuntu_linux:-
|
— | |
|
Oracle Fusion Middleware 8.5.6
Oracle / Fusion Middleware
|
cpe:/a:oracle:fusion_middleware:8.5.6
|
8.5.6 | |
|
Oracle Fusion Middleware 12.2.1.4.0
Oracle / Fusion Middleware
|
cpe:/a:oracle:fusion_middleware:12.2.1.4.0
|
12.2.1.4.0 | |
|
Oracle Fusion Middleware 14.1.1.0.0
Oracle / Fusion Middleware
|
cpe:/a:oracle:fusion_middleware:14.1.1.0.0
|
14.1.1.0.0 |
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Ubuntu Linux
Ubuntu
|
cpe:/o:canonical:ubuntu_linux:-
|
— | |
|
Oracle Fusion Middleware 8.5.6
Oracle / Fusion Middleware
|
cpe:/a:oracle:fusion_middleware:8.5.6
|
8.5.6 | |
|
Oracle Fusion Middleware 12.2.1.4.0
Oracle / Fusion Middleware
|
cpe:/a:oracle:fusion_middleware:12.2.1.4.0
|
12.2.1.4.0 | |
|
Oracle Fusion Middleware 14.1.1.0.0
Oracle / Fusion Middleware
|
cpe:/a:oracle:fusion_middleware:14.1.1.0.0
|
14.1.1.0.0 |
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Ubuntu Linux
Ubuntu
|
cpe:/o:canonical:ubuntu_linux:-
|
— | |
|
Oracle Fusion Middleware 8.5.6
Oracle / Fusion Middleware
|
cpe:/a:oracle:fusion_middleware:8.5.6
|
8.5.6 | |
|
Oracle Fusion Middleware 12.2.1.4.0
Oracle / Fusion Middleware
|
cpe:/a:oracle:fusion_middleware:12.2.1.4.0
|
12.2.1.4.0 | |
|
Oracle Fusion Middleware 14.1.1.0.0
Oracle / Fusion Middleware
|
cpe:/a:oracle:fusion_middleware:14.1.1.0.0
|
14.1.1.0.0 |
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Ubuntu Linux
Ubuntu
|
cpe:/o:canonical:ubuntu_linux:-
|
— | |
|
Oracle Fusion Middleware 8.5.6
Oracle / Fusion Middleware
|
cpe:/a:oracle:fusion_middleware:8.5.6
|
8.5.6 | |
|
Oracle Fusion Middleware 12.2.1.4.0
Oracle / Fusion Middleware
|
cpe:/a:oracle:fusion_middleware:12.2.1.4.0
|
12.2.1.4.0 | |
|
Oracle Fusion Middleware 14.1.1.0.0
Oracle / Fusion Middleware
|
cpe:/a:oracle:fusion_middleware:14.1.1.0.0
|
14.1.1.0.0 |
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Ubuntu Linux
Ubuntu
|
cpe:/o:canonical:ubuntu_linux:-
|
— | |
|
Oracle Fusion Middleware 8.5.6
Oracle / Fusion Middleware
|
cpe:/a:oracle:fusion_middleware:8.5.6
|
8.5.6 | |
|
Oracle Fusion Middleware 12.2.1.4.0
Oracle / Fusion Middleware
|
cpe:/a:oracle:fusion_middleware:12.2.1.4.0
|
12.2.1.4.0 | |
|
Oracle Fusion Middleware 14.1.1.0.0
Oracle / Fusion Middleware
|
cpe:/a:oracle:fusion_middleware:14.1.1.0.0
|
14.1.1.0.0 |
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Ubuntu Linux
Ubuntu
|
cpe:/o:canonical:ubuntu_linux:-
|
— | |
|
Oracle Fusion Middleware 8.5.6
Oracle / Fusion Middleware
|
cpe:/a:oracle:fusion_middleware:8.5.6
|
8.5.6 | |
|
Oracle Fusion Middleware 12.2.1.4.0
Oracle / Fusion Middleware
|
cpe:/a:oracle:fusion_middleware:12.2.1.4.0
|
12.2.1.4.0 | |
|
Oracle Fusion Middleware 14.1.1.0.0
Oracle / Fusion Middleware
|
cpe:/a:oracle:fusion_middleware:14.1.1.0.0
|
14.1.1.0.0 |
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Ubuntu Linux
Ubuntu
|
cpe:/o:canonical:ubuntu_linux:-
|
— | |
|
Oracle Fusion Middleware 8.5.6
Oracle / Fusion Middleware
|
cpe:/a:oracle:fusion_middleware:8.5.6
|
8.5.6 | |
|
Oracle Fusion Middleware 12.2.1.4.0
Oracle / Fusion Middleware
|
cpe:/a:oracle:fusion_middleware:12.2.1.4.0
|
12.2.1.4.0 | |
|
Oracle Fusion Middleware 14.1.1.0.0
Oracle / Fusion Middleware
|
cpe:/a:oracle:fusion_middleware:14.1.1.0.0
|
14.1.1.0.0 |
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Ubuntu Linux
Ubuntu
|
cpe:/o:canonical:ubuntu_linux:-
|
— | |
|
Oracle Fusion Middleware 8.5.6
Oracle / Fusion Middleware
|
cpe:/a:oracle:fusion_middleware:8.5.6
|
8.5.6 | |
|
Oracle Fusion Middleware 12.2.1.4.0
Oracle / Fusion Middleware
|
cpe:/a:oracle:fusion_middleware:12.2.1.4.0
|
12.2.1.4.0 | |
|
Oracle Fusion Middleware 14.1.1.0.0
Oracle / Fusion Middleware
|
cpe:/a:oracle:fusion_middleware:14.1.1.0.0
|
14.1.1.0.0 |
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Ubuntu Linux
Ubuntu
|
cpe:/o:canonical:ubuntu_linux:-
|
— | |
|
Oracle Fusion Middleware 8.5.6
Oracle / Fusion Middleware
|
cpe:/a:oracle:fusion_middleware:8.5.6
|
8.5.6 | |
|
Oracle Fusion Middleware 12.2.1.4.0
Oracle / Fusion Middleware
|
cpe:/a:oracle:fusion_middleware:12.2.1.4.0
|
12.2.1.4.0 | |
|
Oracle Fusion Middleware 14.1.1.0.0
Oracle / Fusion Middleware
|
cpe:/a:oracle:fusion_middleware:14.1.1.0.0
|
14.1.1.0.0 |
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Ubuntu Linux
Ubuntu
|
cpe:/o:canonical:ubuntu_linux:-
|
— | |
|
Oracle Fusion Middleware 8.5.6
Oracle / Fusion Middleware
|
cpe:/a:oracle:fusion_middleware:8.5.6
|
8.5.6 | |
|
Oracle Fusion Middleware 12.2.1.4.0
Oracle / Fusion Middleware
|
cpe:/a:oracle:fusion_middleware:12.2.1.4.0
|
12.2.1.4.0 | |
|
Oracle Fusion Middleware 14.1.1.0.0
Oracle / Fusion Middleware
|
cpe:/a:oracle:fusion_middleware:14.1.1.0.0
|
14.1.1.0.0 |
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Ubuntu Linux
Ubuntu
|
cpe:/o:canonical:ubuntu_linux:-
|
— | |
|
Oracle Fusion Middleware 8.5.6
Oracle / Fusion Middleware
|
cpe:/a:oracle:fusion_middleware:8.5.6
|
8.5.6 | |
|
Oracle Fusion Middleware 12.2.1.4.0
Oracle / Fusion Middleware
|
cpe:/a:oracle:fusion_middleware:12.2.1.4.0
|
12.2.1.4.0 | |
|
Oracle Fusion Middleware 14.1.1.0.0
Oracle / Fusion Middleware
|
cpe:/a:oracle:fusion_middleware:14.1.1.0.0
|
14.1.1.0.0 |
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Ubuntu Linux
Ubuntu
|
cpe:/o:canonical:ubuntu_linux:-
|
— | |
|
Oracle Fusion Middleware 8.5.6
Oracle / Fusion Middleware
|
cpe:/a:oracle:fusion_middleware:8.5.6
|
8.5.6 | |
|
Oracle Fusion Middleware 12.2.1.4.0
Oracle / Fusion Middleware
|
cpe:/a:oracle:fusion_middleware:12.2.1.4.0
|
12.2.1.4.0 | |
|
Oracle Fusion Middleware 14.1.1.0.0
Oracle / Fusion Middleware
|
cpe:/a:oracle:fusion_middleware:14.1.1.0.0
|
14.1.1.0.0 |
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Ubuntu Linux
Ubuntu
|
cpe:/o:canonical:ubuntu_linux:-
|
— | |
|
Oracle Fusion Middleware 8.5.6
Oracle / Fusion Middleware
|
cpe:/a:oracle:fusion_middleware:8.5.6
|
8.5.6 | |
|
Oracle Fusion Middleware 12.2.1.4.0
Oracle / Fusion Middleware
|
cpe:/a:oracle:fusion_middleware:12.2.1.4.0
|
12.2.1.4.0 | |
|
Oracle Fusion Middleware 14.1.1.0.0
Oracle / Fusion Middleware
|
cpe:/a:oracle:fusion_middleware:14.1.1.0.0
|
14.1.1.0.0 |
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Ubuntu Linux
Ubuntu
|
cpe:/o:canonical:ubuntu_linux:-
|
— | |
|
Oracle Fusion Middleware 8.5.6
Oracle / Fusion Middleware
|
cpe:/a:oracle:fusion_middleware:8.5.6
|
8.5.6 | |
|
Oracle Fusion Middleware 12.2.1.4.0
Oracle / Fusion Middleware
|
cpe:/a:oracle:fusion_middleware:12.2.1.4.0
|
12.2.1.4.0 | |
|
Oracle Fusion Middleware 14.1.1.0.0
Oracle / Fusion Middleware
|
cpe:/a:oracle:fusion_middleware:14.1.1.0.0
|
14.1.1.0.0 |
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Ubuntu Linux
Ubuntu
|
cpe:/o:canonical:ubuntu_linux:-
|
— | |
|
Oracle Fusion Middleware 8.5.6
Oracle / Fusion Middleware
|
cpe:/a:oracle:fusion_middleware:8.5.6
|
8.5.6 | |
|
Oracle Fusion Middleware 12.2.1.4.0
Oracle / Fusion Middleware
|
cpe:/a:oracle:fusion_middleware:12.2.1.4.0
|
12.2.1.4.0 | |
|
Oracle Fusion Middleware 14.1.1.0.0
Oracle / Fusion Middleware
|
cpe:/a:oracle:fusion_middleware:14.1.1.0.0
|
14.1.1.0.0 |
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Ubuntu Linux
Ubuntu
|
cpe:/o:canonical:ubuntu_linux:-
|
— | |
|
Oracle Fusion Middleware 8.5.6
Oracle / Fusion Middleware
|
cpe:/a:oracle:fusion_middleware:8.5.6
|
8.5.6 | |
|
Oracle Fusion Middleware 12.2.1.4.0
Oracle / Fusion Middleware
|
cpe:/a:oracle:fusion_middleware:12.2.1.4.0
|
12.2.1.4.0 | |
|
Oracle Fusion Middleware 14.1.1.0.0
Oracle / Fusion Middleware
|
cpe:/a:oracle:fusion_middleware:14.1.1.0.0
|
14.1.1.0.0 |
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Ubuntu Linux
Ubuntu
|
cpe:/o:canonical:ubuntu_linux:-
|
— | |
|
Oracle Fusion Middleware 8.5.6
Oracle / Fusion Middleware
|
cpe:/a:oracle:fusion_middleware:8.5.6
|
8.5.6 | |
|
Oracle Fusion Middleware 12.2.1.4.0
Oracle / Fusion Middleware
|
cpe:/a:oracle:fusion_middleware:12.2.1.4.0
|
12.2.1.4.0 | |
|
Oracle Fusion Middleware 14.1.1.0.0
Oracle / Fusion Middleware
|
cpe:/a:oracle:fusion_middleware:14.1.1.0.0
|
14.1.1.0.0 |
{
"document": {
"aggregate_severity": {
"text": "hoch"
},
"category": "csaf_base",
"csaf_version": "2.0",
"distribution": {
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "de-DE",
"notes": [
{
"category": "legal_disclaimer",
"text": "Das BSI ist als Anbieter f\u00fcr die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch daf\u00fcr verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgf\u00e4ltig im Einzelfall zu pr\u00fcfen."
},
{
"category": "description",
"text": "Oracle Fusion Middleware b\u00fcndelt mehrere Produkte zur Erstellung, Betrieb und Management von intelligenten Business Anwendungen.",
"title": "Produktbeschreibung"
},
{
"category": "summary",
"text": "Ein entfernter, anonymer oder authentisierter Angreifer kann mehrere Schwachstellen in Oracle Fusion Middleware ausnutzen, um die Vertraulichkeit, Integrit\u00e4t und Verf\u00fcgbarkeit zu gef\u00e4hrden.",
"title": "Angriff"
},
{
"category": "general",
"text": "- Linux\n- UNIX\n- Windows",
"title": "Betroffene Betriebssysteme"
}
],
"publisher": {
"category": "other",
"contact_details": "csaf-provider@cert-bund.de",
"name": "Bundesamt f\u00fcr Sicherheit in der Informationstechnik",
"namespace": "https://www.bsi.bund.de"
},
"references": [
{
"category": "self",
"summary": "WID-SEC-W-2024-0123 - CSAF Version",
"url": "https://wid.cert-bund.de/.well-known/csaf/white/2024/wid-sec-w-2024-0123.json"
},
{
"category": "self",
"summary": "WID-SEC-2024-0123 - Portal Version",
"url": "https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2024-0123"
},
{
"category": "external",
"summary": "Oracle Critical Patch Update Advisory - January 2024 - Appendix Oracle Fusion Middleware vom 2024-01-16",
"url": "https://www.oracle.com/security-alerts/cpujan2024.html#AppendixFMW"
},
{
"category": "external",
"summary": "Exploit auf GitHub vom 2025-09-14",
"url": "https://github.com/nullcult/CVE_2024_209321"
},
{
"category": "external",
"summary": "Ubuntu Security Notice USN-8220-1 vom 2026-05-07",
"url": "https://ubuntu.com/security/notices/USN-8220-1"
}
],
"source_lang": "en-US",
"title": "Oracle Fusion Middleware: Mehrere Schwachstellen",
"tracking": {
"current_release_date": "2026-05-07T22:00:00.000+00:00",
"generator": {
"date": "2026-05-08T10:10:59.780+00:00",
"engine": {
"name": "BSI-WID",
"version": "1.5.0"
}
},
"id": "WID-SEC-W-2024-0123",
"initial_release_date": "2024-01-16T23:00:00.000+00:00",
"revision_history": [
{
"date": "2024-01-16T23:00:00.000+00:00",
"number": "1",
"summary": "Initiale Fassung"
},
{
"date": "2025-09-14T22:00:00.000+00:00",
"number": "2",
"summary": "PoC aufgenommen"
},
{
"date": "2026-05-07T22:00:00.000+00:00",
"number": "3",
"summary": "Neue Updates von Ubuntu aufgenommen"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "12.2.1.4.0",
"product": {
"name": "Oracle Fusion Middleware 12.2.1.4.0",
"product_id": "751674",
"product_identification_helper": {
"cpe": "cpe:/a:oracle:fusion_middleware:12.2.1.4.0"
}
}
},
{
"category": "product_version",
"name": "14.1.1.0.0",
"product": {
"name": "Oracle Fusion Middleware 14.1.1.0.0",
"product_id": "829576",
"product_identification_helper": {
"cpe": "cpe:/a:oracle:fusion_middleware:14.1.1.0.0"
}
}
},
{
"category": "product_version",
"name": "8.5.6",
"product": {
"name": "Oracle Fusion Middleware 8.5.6",
"product_id": "T024993",
"product_identification_helper": {
"cpe": "cpe:/a:oracle:fusion_middleware:8.5.6"
}
}
}
],
"category": "product_name",
"name": "Fusion Middleware"
}
],
"category": "vendor",
"name": "Oracle"
},
{
"branches": [
{
"category": "product_name",
"name": "Ubuntu Linux",
"product": {
"name": "Ubuntu Linux",
"product_id": "T000126",
"product_identification_helper": {
"cpe": "cpe:/o:canonical:ubuntu_linux:-"
}
}
}
],
"category": "vendor",
"name": "Ubuntu"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2020-5421",
"product_status": {
"known_affected": [
"T000126",
"T024993",
"751674",
"829576"
]
},
"release_date": "2024-01-16T23:00:00.000+00:00",
"title": "CVE-2020-5421"
},
{
"cve": "CVE-2021-0341",
"product_status": {
"known_affected": [
"T000126",
"T024993",
"751674",
"829576"
]
},
"release_date": "2024-01-16T23:00:00.000+00:00",
"title": "CVE-2021-0341"
},
{
"cve": "CVE-2021-33813",
"product_status": {
"known_affected": [
"T000126",
"T024993",
"751674",
"829576"
]
},
"release_date": "2024-01-16T23:00:00.000+00:00",
"title": "CVE-2021-33813"
},
{
"cve": "CVE-2021-36090",
"product_status": {
"known_affected": [
"T000126",
"T024993",
"751674",
"829576"
]
},
"release_date": "2024-01-16T23:00:00.000+00:00",
"title": "CVE-2021-36090"
},
{
"cve": "CVE-2021-37533",
"product_status": {
"known_affected": [
"T000126",
"T024993",
"751674",
"829576"
]
},
"release_date": "2024-01-16T23:00:00.000+00:00",
"title": "CVE-2021-37533"
},
{
"cve": "CVE-2022-23221",
"product_status": {
"known_affected": [
"T000126",
"T024993",
"751674",
"829576"
]
},
"release_date": "2024-01-16T23:00:00.000+00:00",
"title": "CVE-2022-23221"
},
{
"cve": "CVE-2022-44729",
"product_status": {
"known_affected": [
"T000126",
"T024993",
"751674",
"829576"
]
},
"release_date": "2024-01-16T23:00:00.000+00:00",
"title": "CVE-2022-44729"
},
{
"cve": "CVE-2023-21949",
"product_status": {
"known_affected": [
"T000126",
"T024993",
"751674",
"829576"
]
},
"release_date": "2024-01-16T23:00:00.000+00:00",
"title": "CVE-2023-21949"
},
{
"cve": "CVE-2023-2976",
"product_status": {
"known_affected": [
"T000126",
"T024993",
"751674",
"829576"
]
},
"release_date": "2024-01-16T23:00:00.000+00:00",
"title": "CVE-2023-2976"
},
{
"cve": "CVE-2023-32697",
"product_status": {
"known_affected": [
"T000126",
"T024993",
"751674",
"829576"
]
},
"release_date": "2024-01-16T23:00:00.000+00:00",
"title": "CVE-2023-32697"
},
{
"cve": "CVE-2023-33201",
"product_status": {
"known_affected": [
"T000126",
"T024993",
"751674",
"829576"
]
},
"release_date": "2024-01-16T23:00:00.000+00:00",
"title": "CVE-2023-33201"
},
{
"cve": "CVE-2023-3635",
"product_status": {
"known_affected": [
"T000126",
"T024993",
"751674",
"829576"
]
},
"release_date": "2024-01-16T23:00:00.000+00:00",
"title": "CVE-2023-3635"
},
{
"cve": "CVE-2023-3817",
"product_status": {
"known_affected": [
"T000126",
"T024993",
"751674",
"829576"
]
},
"release_date": "2024-01-16T23:00:00.000+00:00",
"title": "CVE-2023-3817"
},
{
"cve": "CVE-2023-38545",
"product_status": {
"known_affected": [
"T000126",
"T024993",
"751674",
"829576"
]
},
"release_date": "2024-01-16T23:00:00.000+00:00",
"title": "CVE-2023-38545"
},
{
"cve": "CVE-2023-39410",
"product_status": {
"known_affected": [
"T000126",
"T024993",
"751674",
"829576"
]
},
"release_date": "2024-01-16T23:00:00.000+00:00",
"title": "CVE-2023-39410"
},
{
"cve": "CVE-2023-42503",
"product_status": {
"known_affected": [
"T000126",
"T024993",
"751674",
"829576"
]
},
"release_date": "2024-01-16T23:00:00.000+00:00",
"title": "CVE-2023-42503"
},
{
"cve": "CVE-2023-43643",
"product_status": {
"known_affected": [
"T000126",
"T024993",
"751674",
"829576"
]
},
"release_date": "2024-01-16T23:00:00.000+00:00",
"title": "CVE-2023-43643"
},
{
"cve": "CVE-2023-44483",
"product_status": {
"known_affected": [
"T000126",
"T024993",
"751674",
"829576"
]
},
"release_date": "2024-01-16T23:00:00.000+00:00",
"title": "CVE-2023-44483"
},
{
"cve": "CVE-2023-44487",
"product_status": {
"known_affected": [
"T000126",
"T024993",
"751674",
"829576"
]
},
"release_date": "2024-01-16T23:00:00.000+00:00",
"title": "CVE-2023-44487"
},
{
"cve": "CVE-2023-46604",
"product_status": {
"known_affected": [
"T000126",
"T024993",
"751674",
"829576"
]
},
"release_date": "2024-01-16T23:00:00.000+00:00",
"title": "CVE-2023-46604"
},
{
"cve": "CVE-2023-49093",
"product_status": {
"known_affected": [
"T000126",
"T024993",
"751674",
"829576"
]
},
"release_date": "2024-01-16T23:00:00.000+00:00",
"title": "CVE-2023-49093"
},
{
"cve": "CVE-2023-5072",
"product_status": {
"known_affected": [
"T000126",
"T024993",
"751674",
"829576"
]
},
"release_date": "2024-01-16T23:00:00.000+00:00",
"title": "CVE-2023-5072"
},
{
"cve": "CVE-2024-20908",
"product_status": {
"known_affected": [
"T000126",
"T024993",
"751674",
"829576"
]
},
"release_date": "2024-01-16T23:00:00.000+00:00",
"title": "CVE-2024-20908"
},
{
"cve": "CVE-2024-20927",
"product_status": {
"known_affected": [
"T000126",
"T024993",
"751674",
"829576"
]
},
"release_date": "2024-01-16T23:00:00.000+00:00",
"title": "CVE-2024-20927"
},
{
"cve": "CVE-2024-20928",
"product_status": {
"known_affected": [
"T000126",
"T024993",
"751674",
"829576"
]
},
"release_date": "2024-01-16T23:00:00.000+00:00",
"title": "CVE-2024-20928"
},
{
"cve": "CVE-2024-20930",
"product_status": {
"known_affected": [
"T000126",
"T024993",
"751674",
"829576"
]
},
"release_date": "2024-01-16T23:00:00.000+00:00",
"title": "CVE-2024-20930"
},
{
"cve": "CVE-2024-20931",
"product_status": {
"known_affected": [
"T000126",
"T024993",
"751674",
"829576"
]
},
"release_date": "2024-01-16T23:00:00.000+00:00",
"title": "CVE-2024-20931"
},
{
"cve": "CVE-2024-20986",
"product_status": {
"known_affected": [
"T000126",
"T024993",
"751674",
"829576"
]
},
"release_date": "2024-01-16T23:00:00.000+00:00",
"title": "CVE-2024-20986"
}
]
}
WID-SEC-W-2024-0519
Vulnerability from csaf_certbund - Published: 2024-02-29 23:00 - Updated: 2024-02-29 23:00In IBM Maximo Asset Management existieren mehrere Schwachstellen. Diese bestehen in den Komponenten "Netty", "Logback" und "Java on z/OS". Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode auszuführen, Informationen offenzulegen, einen Denial of Service Zustand herbeizuführen oder einen Cross-Site-Scripting-Angriff durchzuführen.
In IBM Maximo Asset Management existieren mehrere Schwachstellen. Diese bestehen in den Komponenten "Netty", "Logback" und "Java on z/OS". Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode auszuführen, Informationen offenzulegen, einen Denial of Service Zustand herbeizuführen oder einen Cross-Site-Scripting-Angriff durchzuführen.
In IBM Maximo Asset Management existieren mehrere Schwachstellen. Diese bestehen in den Komponenten "Netty", "Logback" und "Java on z/OS". Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode auszuführen, Informationen offenzulegen, einen Denial of Service Zustand herbeizuführen oder einen Cross-Site-Scripting-Angriff durchzuführen.
In IBM Maximo Asset Management existieren mehrere Schwachstellen. Diese bestehen in den Komponenten "Netty", "Logback" und "Java on z/OS". Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode auszuführen, Informationen offenzulegen, einen Denial of Service Zustand herbeizuführen oder einen Cross-Site-Scripting-Angriff durchzuführen.
In IBM Maximo Asset Management existieren mehrere Schwachstellen. Diese bestehen in den Komponenten "Netty", "Logback" und "Java on z/OS". Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode auszuführen, Informationen offenzulegen, einen Denial of Service Zustand herbeizuführen oder einen Cross-Site-Scripting-Angriff durchzuführen.
In IBM Maximo Asset Management existieren mehrere Schwachstellen. Diese bestehen in den Komponenten "Netty", "Logback" und "Java on z/OS". Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode auszuführen, Informationen offenzulegen, einen Denial of Service Zustand herbeizuführen oder einen Cross-Site-Scripting-Angriff durchzuführen.
In IBM Maximo Asset Management existieren mehrere Schwachstellen. Diese bestehen in den Komponenten "Netty", "Logback" und "Java on z/OS". Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode auszuführen, Informationen offenzulegen, einen Denial of Service Zustand herbeizuführen oder einen Cross-Site-Scripting-Angriff durchzuführen.
{
"document": {
"aggregate_severity": {
"text": "mittel"
},
"category": "csaf_base",
"csaf_version": "2.0",
"distribution": {
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "de-DE",
"notes": [
{
"category": "legal_disclaimer",
"text": "Das BSI ist als Anbieter f\u00fcr die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch daf\u00fcr verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgf\u00e4ltig im Einzelfall zu pr\u00fcfen."
},
{
"category": "description",
"text": "Maximo Asset Management ist ein Enterprise-Asset-Management-System, das umfassenden Support f\u00fcr Assets, Maintenance, Ressourcen und Supply-Chain-Management-Anforderungen bietet.",
"title": "Produktbeschreibung"
},
{
"category": "summary",
"text": "Ein Angreifer kann mehrere Schwachstellen in IBM Maximo Asset Management ausnutzen, um beliebigen Programmcode auszuf\u00fchren, Informationen offenzulegen, einen Denial of Service Zustand herbeizuf\u00fchren oder einen Cross-Site-Scripting-Angriff durchzuf\u00fchren.",
"title": "Angriff"
},
{
"category": "general",
"text": "- UNIX\n- Linux\n- Windows\n- Sonstiges",
"title": "Betroffene Betriebssysteme"
}
],
"publisher": {
"category": "other",
"contact_details": "csaf-provider@cert-bund.de",
"name": "Bundesamt f\u00fcr Sicherheit in der Informationstechnik",
"namespace": "https://www.bsi.bund.de"
},
"references": [
{
"category": "self",
"summary": "WID-SEC-W-2024-0519 - CSAF Version",
"url": "https://wid.cert-bund.de/.well-known/csaf/white/2024/wid-sec-w-2024-0519.json"
},
{
"category": "self",
"summary": "WID-SEC-2024-0519 - Portal Version",
"url": "https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2024-0519"
},
{
"category": "external",
"summary": "IBM Security Bulletin 7127403 vom 2024-02-29",
"url": "https://www.ibm.com/support/pages/node/7127403"
},
{
"category": "external",
"summary": "IBM Security Bulletin 7127436 vom 2024-02-29",
"url": "https://www.ibm.com/support/pages/node/7127436"
}
],
"source_lang": "en-US",
"title": "IBM Maximo Asset Management: Mehrere Schwachstellen",
"tracking": {
"current_release_date": "2024-02-29T23:00:00.000+00:00",
"generator": {
"date": "2024-08-15T18:05:55.161+00:00",
"engine": {
"name": "BSI-WID",
"version": "1.3.5"
}
},
"id": "WID-SEC-W-2024-0519",
"initial_release_date": "2024-02-29T23:00:00.000+00:00",
"revision_history": [
{
"date": "2024-02-29T23:00:00.000+00:00",
"number": "1",
"summary": "Initiale Fassung"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version_range",
"name": "\u003c 7.6.1.3",
"product": {
"name": "IBM Maximo Asset Management \u003c 7.6.1.3",
"product_id": "T033195"
}
}
],
"category": "product_name",
"name": "Maximo Asset Management"
}
],
"category": "vendor",
"name": "IBM"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2023-6481",
"notes": [
{
"category": "description",
"text": "In IBM Maximo Asset Management existieren mehrere Schwachstellen. Diese bestehen in den Komponenten \"Netty\", \"Logback\" und \"Java on z/OS\". Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode auszuf\u00fchren, Informationen offenzulegen, einen Denial of Service Zustand herbeizuf\u00fchren oder einen Cross-Site-Scripting-Angriff durchzuf\u00fchren."
}
],
"release_date": "2024-02-29T23:00:00.000+00:00",
"title": "CVE-2023-6481"
},
{
"cve": "CVE-2023-6378",
"notes": [
{
"category": "description",
"text": "In IBM Maximo Asset Management existieren mehrere Schwachstellen. Diese bestehen in den Komponenten \"Netty\", \"Logback\" und \"Java on z/OS\". Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode auszuf\u00fchren, Informationen offenzulegen, einen Denial of Service Zustand herbeizuf\u00fchren oder einen Cross-Site-Scripting-Angriff durchzuf\u00fchren."
}
],
"release_date": "2024-02-29T23:00:00.000+00:00",
"title": "CVE-2023-6378"
},
{
"cve": "CVE-2023-44487",
"notes": [
{
"category": "description",
"text": "In IBM Maximo Asset Management existieren mehrere Schwachstellen. Diese bestehen in den Komponenten \"Netty\", \"Logback\" und \"Java on z/OS\". Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode auszuf\u00fchren, Informationen offenzulegen, einen Denial of Service Zustand herbeizuf\u00fchren oder einen Cross-Site-Scripting-Angriff durchzuf\u00fchren."
}
],
"release_date": "2024-02-29T23:00:00.000+00:00",
"title": "CVE-2023-44487"
},
{
"cve": "CVE-2023-34462",
"notes": [
{
"category": "description",
"text": "In IBM Maximo Asset Management existieren mehrere Schwachstellen. Diese bestehen in den Komponenten \"Netty\", \"Logback\" und \"Java on z/OS\". Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode auszuf\u00fchren, Informationen offenzulegen, einen Denial of Service Zustand herbeizuf\u00fchren oder einen Cross-Site-Scripting-Angriff durchzuf\u00fchren."
}
],
"release_date": "2024-02-29T23:00:00.000+00:00",
"title": "CVE-2023-34462"
},
{
"cve": "CVE-2022-41915",
"notes": [
{
"category": "description",
"text": "In IBM Maximo Asset Management existieren mehrere Schwachstellen. Diese bestehen in den Komponenten \"Netty\", \"Logback\" und \"Java on z/OS\". Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode auszuf\u00fchren, Informationen offenzulegen, einen Denial of Service Zustand herbeizuf\u00fchren oder einen Cross-Site-Scripting-Angriff durchzuf\u00fchren."
}
],
"release_date": "2024-02-29T23:00:00.000+00:00",
"title": "CVE-2022-41915"
},
{
"cve": "CVE-2022-41881",
"notes": [
{
"category": "description",
"text": "In IBM Maximo Asset Management existieren mehrere Schwachstellen. Diese bestehen in den Komponenten \"Netty\", \"Logback\" und \"Java on z/OS\". Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode auszuf\u00fchren, Informationen offenzulegen, einen Denial of Service Zustand herbeizuf\u00fchren oder einen Cross-Site-Scripting-Angriff durchzuf\u00fchren."
}
],
"release_date": "2024-02-29T23:00:00.000+00:00",
"title": "CVE-2022-41881"
},
{
"cve": "CVE-2021-42550",
"notes": [
{
"category": "description",
"text": "In IBM Maximo Asset Management existieren mehrere Schwachstellen. Diese bestehen in den Komponenten \"Netty\", \"Logback\" und \"Java on z/OS\". Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode auszuf\u00fchren, Informationen offenzulegen, einen Denial of Service Zustand herbeizuf\u00fchren oder einen Cross-Site-Scripting-Angriff durchzuf\u00fchren."
}
],
"release_date": "2024-02-29T23:00:00.000+00:00",
"title": "CVE-2021-42550"
}
]
}
WID-SEC-W-2024-0521
Vulnerability from csaf_certbund - Published: 2024-02-29 23:00 - Updated: 2024-12-15 23:00In IBM MQ existieren mehrere Schwachstellen. Diese bestehen in verschiedenen Komponenten, unter anderem "Eclipse", "libqb", "BasiliX", "Libxml2" oder "JavaSE". Ein entfernter, anonymer Angreifer kann diese Schwachstelle ausnutzen, um beliebigen Programmcode auszuführen, Informationen offenzulegen oder einen Denial of Service Zustand herbeizuführen.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
IBM DataPower Gateway <10.5.4
IBM / DataPower Gateway
|
<10.5.4 | ||
|
IBM DataPower Gateway <10.5.0.10
IBM / DataPower Gateway
|
<10.5.0.10 | ||
|
IBM MQ 9.1 LTS
IBM / MQ
|
cpe:/a:ibm:mq:9.1_lts
|
9.1 LTS | |
|
IBM App Connect Enterprise <=11.0.0.25
IBM / App Connect Enterprise
|
<=11.0.0.25 | ||
|
IBM DataPower Gateway <10.0.1.18
IBM / DataPower Gateway
|
<10.0.1.18 | ||
|
IBM MQ 9.2 LTS
IBM / MQ
|
cpe:/a:ibm:mq:9.2_lts
|
9.2 LTS | |
|
IBM Integration Bus <=10.1.0.3
IBM / Integration Bus
|
<=10.1.0.3 | ||
|
IBM MQ 9.3 LTS
IBM / MQ
|
cpe:/a:ibm:mq:9.3_lts
|
9.3 LTS | |
|
IBM FlashSystem
IBM
|
cpe:/a:ibm:flashsystem:-
|
— | |
|
IBM Power Hardware Management Console V10
IBM / Power Hardware Management Console
|
cpe:/a:ibm:hardware_management_console:v10
|
V10 | |
|
IBM MQ Operator v2.4.8
IBM / MQ
|
cpe:/a:ibm:mq:operator_v2.4.8
|
Operator v2.4.8 | |
|
IBM App Connect Enterprise <=12.0.11.3
IBM / App Connect Enterprise
|
<=12.0.11.3 | ||
|
IBM MQ 9.3 CD
IBM / MQ
|
cpe:/a:ibm:mq:9.3_cd
|
9.3 CD | |
|
IBM MQ Operator v3.1.0 CD
IBM / MQ
|
cpe:/a:ibm:mq:operator_v3.1.0__cd
|
Operator v3.1.0 CD | |
|
IBM SAN Volume Controller
IBM
|
cpe:/a:ibm:san_volume_controller:-
|
— | |
|
IBM MQ Operator v2.0.19 LTS
IBM / MQ
|
cpe:/a:ibm:mq:operator_v2.0.19_lts
|
Operator v2.0.19 LTS | |
|
IBM QRadar SIEM <7.5.0 UP8
IBM / QRadar SIEM
|
<7.5.0 UP8 | ||
|
IBM DataPower Gateway <10.5.0.15
IBM / DataPower Gateway
|
<10.5.0.15 | ||
|
IBM DataPower Gateway <10.6.0.3
IBM / DataPower Gateway
|
<10.6.0.3 | ||
|
IBM MQ 9.0 LTS
IBM / MQ
|
cpe:/a:ibm:mq:9.0_lts
|
9.0 LTS | |
|
IBM App Connect Enterprise
IBM / App Connect Enterprise
|
cpe:/a:ibm:app_connect_enterprise:-
|
— | |
|
IBM DataPower Gateway <10.6.2
IBM / DataPower Gateway
|
<10.6.2 | ||
|
IBM Storwize
IBM
|
cpe:/a:ibm:storwize:-
|
— | |
|
IBM Storage Scale
IBM
|
cpe:/a:ibm:spectrum_scale:-
|
— | |
|
IBM Business Automation Workflow
IBM
|
cpe:/a:ibm:business_automation_workflow:-
|
— | |
|
IBM DB2
IBM
|
cpe:/a:ibm:db2:-
|
— |
In IBM MQ existieren mehrere Schwachstellen. Diese bestehen in verschiedenen Komponenten, unter anderem "Eclipse", "libqb", "BasiliX", "Libxml2" oder "JavaSE". Ein entfernter, anonymer Angreifer kann diese Schwachstelle ausnutzen, um beliebigen Programmcode auszuführen, Informationen offenzulegen oder einen Denial of Service Zustand herbeizuführen.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
IBM DataPower Gateway <10.5.4
IBM / DataPower Gateway
|
<10.5.4 | ||
|
IBM DataPower Gateway <10.5.0.10
IBM / DataPower Gateway
|
<10.5.0.10 | ||
|
IBM MQ 9.1 LTS
IBM / MQ
|
cpe:/a:ibm:mq:9.1_lts
|
9.1 LTS | |
|
IBM App Connect Enterprise <=11.0.0.25
IBM / App Connect Enterprise
|
<=11.0.0.25 | ||
|
IBM DataPower Gateway <10.0.1.18
IBM / DataPower Gateway
|
<10.0.1.18 | ||
|
IBM MQ 9.2 LTS
IBM / MQ
|
cpe:/a:ibm:mq:9.2_lts
|
9.2 LTS | |
|
IBM Integration Bus <=10.1.0.3
IBM / Integration Bus
|
<=10.1.0.3 | ||
|
IBM MQ 9.3 LTS
IBM / MQ
|
cpe:/a:ibm:mq:9.3_lts
|
9.3 LTS | |
|
IBM FlashSystem
IBM
|
cpe:/a:ibm:flashsystem:-
|
— | |
|
IBM Power Hardware Management Console V10
IBM / Power Hardware Management Console
|
cpe:/a:ibm:hardware_management_console:v10
|
V10 | |
|
IBM MQ Operator v2.4.8
IBM / MQ
|
cpe:/a:ibm:mq:operator_v2.4.8
|
Operator v2.4.8 | |
|
IBM App Connect Enterprise <=12.0.11.3
IBM / App Connect Enterprise
|
<=12.0.11.3 | ||
|
IBM MQ 9.3 CD
IBM / MQ
|
cpe:/a:ibm:mq:9.3_cd
|
9.3 CD | |
|
IBM MQ Operator v3.1.0 CD
IBM / MQ
|
cpe:/a:ibm:mq:operator_v3.1.0__cd
|
Operator v3.1.0 CD | |
|
IBM SAN Volume Controller
IBM
|
cpe:/a:ibm:san_volume_controller:-
|
— | |
|
IBM MQ Operator v2.0.19 LTS
IBM / MQ
|
cpe:/a:ibm:mq:operator_v2.0.19_lts
|
Operator v2.0.19 LTS | |
|
IBM QRadar SIEM <7.5.0 UP8
IBM / QRadar SIEM
|
<7.5.0 UP8 | ||
|
IBM DataPower Gateway <10.5.0.15
IBM / DataPower Gateway
|
<10.5.0.15 | ||
|
IBM DataPower Gateway <10.6.0.3
IBM / DataPower Gateway
|
<10.6.0.3 | ||
|
IBM MQ 9.0 LTS
IBM / MQ
|
cpe:/a:ibm:mq:9.0_lts
|
9.0 LTS | |
|
IBM App Connect Enterprise
IBM / App Connect Enterprise
|
cpe:/a:ibm:app_connect_enterprise:-
|
— | |
|
IBM DataPower Gateway <10.6.2
IBM / DataPower Gateway
|
<10.6.2 | ||
|
IBM Storwize
IBM
|
cpe:/a:ibm:storwize:-
|
— | |
|
IBM Storage Scale
IBM
|
cpe:/a:ibm:spectrum_scale:-
|
— | |
|
IBM Business Automation Workflow
IBM
|
cpe:/a:ibm:business_automation_workflow:-
|
— | |
|
IBM DB2
IBM
|
cpe:/a:ibm:db2:-
|
— |
In IBM MQ existieren mehrere Schwachstellen. Diese bestehen in verschiedenen Komponenten, unter anderem "Eclipse", "libqb", "BasiliX", "Libxml2" oder "JavaSE". Ein entfernter, anonymer Angreifer kann diese Schwachstelle ausnutzen, um beliebigen Programmcode auszuführen, Informationen offenzulegen oder einen Denial of Service Zustand herbeizuführen.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
IBM DataPower Gateway <10.5.4
IBM / DataPower Gateway
|
<10.5.4 | ||
|
IBM DataPower Gateway <10.5.0.10
IBM / DataPower Gateway
|
<10.5.0.10 | ||
|
IBM MQ 9.1 LTS
IBM / MQ
|
cpe:/a:ibm:mq:9.1_lts
|
9.1 LTS | |
|
IBM App Connect Enterprise <=11.0.0.25
IBM / App Connect Enterprise
|
<=11.0.0.25 | ||
|
IBM DataPower Gateway <10.0.1.18
IBM / DataPower Gateway
|
<10.0.1.18 | ||
|
IBM MQ 9.2 LTS
IBM / MQ
|
cpe:/a:ibm:mq:9.2_lts
|
9.2 LTS | |
|
IBM Integration Bus <=10.1.0.3
IBM / Integration Bus
|
<=10.1.0.3 | ||
|
IBM MQ 9.3 LTS
IBM / MQ
|
cpe:/a:ibm:mq:9.3_lts
|
9.3 LTS | |
|
IBM FlashSystem
IBM
|
cpe:/a:ibm:flashsystem:-
|
— | |
|
IBM Power Hardware Management Console V10
IBM / Power Hardware Management Console
|
cpe:/a:ibm:hardware_management_console:v10
|
V10 | |
|
IBM MQ Operator v2.4.8
IBM / MQ
|
cpe:/a:ibm:mq:operator_v2.4.8
|
Operator v2.4.8 | |
|
IBM App Connect Enterprise <=12.0.11.3
IBM / App Connect Enterprise
|
<=12.0.11.3 | ||
|
IBM MQ 9.3 CD
IBM / MQ
|
cpe:/a:ibm:mq:9.3_cd
|
9.3 CD | |
|
IBM MQ Operator v3.1.0 CD
IBM / MQ
|
cpe:/a:ibm:mq:operator_v3.1.0__cd
|
Operator v3.1.0 CD | |
|
IBM SAN Volume Controller
IBM
|
cpe:/a:ibm:san_volume_controller:-
|
— | |
|
IBM MQ Operator v2.0.19 LTS
IBM / MQ
|
cpe:/a:ibm:mq:operator_v2.0.19_lts
|
Operator v2.0.19 LTS | |
|
IBM QRadar SIEM <7.5.0 UP8
IBM / QRadar SIEM
|
<7.5.0 UP8 | ||
|
IBM DataPower Gateway <10.5.0.15
IBM / DataPower Gateway
|
<10.5.0.15 | ||
|
IBM DataPower Gateway <10.6.0.3
IBM / DataPower Gateway
|
<10.6.0.3 | ||
|
IBM MQ 9.0 LTS
IBM / MQ
|
cpe:/a:ibm:mq:9.0_lts
|
9.0 LTS | |
|
IBM App Connect Enterprise
IBM / App Connect Enterprise
|
cpe:/a:ibm:app_connect_enterprise:-
|
— | |
|
IBM DataPower Gateway <10.6.2
IBM / DataPower Gateway
|
<10.6.2 | ||
|
IBM Storwize
IBM
|
cpe:/a:ibm:storwize:-
|
— | |
|
IBM Storage Scale
IBM
|
cpe:/a:ibm:spectrum_scale:-
|
— | |
|
IBM Business Automation Workflow
IBM
|
cpe:/a:ibm:business_automation_workflow:-
|
— | |
|
IBM DB2
IBM
|
cpe:/a:ibm:db2:-
|
— |
In IBM MQ existieren mehrere Schwachstellen. Diese bestehen in verschiedenen Komponenten, unter anderem "Eclipse", "libqb", "BasiliX", "Libxml2" oder "JavaSE". Ein entfernter, anonymer Angreifer kann diese Schwachstelle ausnutzen, um beliebigen Programmcode auszuführen, Informationen offenzulegen oder einen Denial of Service Zustand herbeizuführen.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
IBM DataPower Gateway <10.5.4
IBM / DataPower Gateway
|
<10.5.4 | ||
|
IBM DataPower Gateway <10.5.0.10
IBM / DataPower Gateway
|
<10.5.0.10 | ||
|
IBM MQ 9.1 LTS
IBM / MQ
|
cpe:/a:ibm:mq:9.1_lts
|
9.1 LTS | |
|
IBM App Connect Enterprise <=11.0.0.25
IBM / App Connect Enterprise
|
<=11.0.0.25 | ||
|
IBM DataPower Gateway <10.0.1.18
IBM / DataPower Gateway
|
<10.0.1.18 | ||
|
IBM MQ 9.2 LTS
IBM / MQ
|
cpe:/a:ibm:mq:9.2_lts
|
9.2 LTS | |
|
IBM Integration Bus <=10.1.0.3
IBM / Integration Bus
|
<=10.1.0.3 | ||
|
IBM MQ 9.3 LTS
IBM / MQ
|
cpe:/a:ibm:mq:9.3_lts
|
9.3 LTS | |
|
IBM FlashSystem
IBM
|
cpe:/a:ibm:flashsystem:-
|
— | |
|
IBM Power Hardware Management Console V10
IBM / Power Hardware Management Console
|
cpe:/a:ibm:hardware_management_console:v10
|
V10 | |
|
IBM MQ Operator v2.4.8
IBM / MQ
|
cpe:/a:ibm:mq:operator_v2.4.8
|
Operator v2.4.8 | |
|
IBM App Connect Enterprise <=12.0.11.3
IBM / App Connect Enterprise
|
<=12.0.11.3 | ||
|
IBM MQ 9.3 CD
IBM / MQ
|
cpe:/a:ibm:mq:9.3_cd
|
9.3 CD | |
|
IBM MQ Operator v3.1.0 CD
IBM / MQ
|
cpe:/a:ibm:mq:operator_v3.1.0__cd
|
Operator v3.1.0 CD | |
|
IBM SAN Volume Controller
IBM
|
cpe:/a:ibm:san_volume_controller:-
|
— | |
|
IBM MQ Operator v2.0.19 LTS
IBM / MQ
|
cpe:/a:ibm:mq:operator_v2.0.19_lts
|
Operator v2.0.19 LTS | |
|
IBM QRadar SIEM <7.5.0 UP8
IBM / QRadar SIEM
|
<7.5.0 UP8 | ||
|
IBM DataPower Gateway <10.5.0.15
IBM / DataPower Gateway
|
<10.5.0.15 | ||
|
IBM DataPower Gateway <10.6.0.3
IBM / DataPower Gateway
|
<10.6.0.3 | ||
|
IBM MQ 9.0 LTS
IBM / MQ
|
cpe:/a:ibm:mq:9.0_lts
|
9.0 LTS | |
|
IBM App Connect Enterprise
IBM / App Connect Enterprise
|
cpe:/a:ibm:app_connect_enterprise:-
|
— | |
|
IBM DataPower Gateway <10.6.2
IBM / DataPower Gateway
|
<10.6.2 | ||
|
IBM Storwize
IBM
|
cpe:/a:ibm:storwize:-
|
— | |
|
IBM Storage Scale
IBM
|
cpe:/a:ibm:spectrum_scale:-
|
— | |
|
IBM Business Automation Workflow
IBM
|
cpe:/a:ibm:business_automation_workflow:-
|
— | |
|
IBM DB2
IBM
|
cpe:/a:ibm:db2:-
|
— |
In IBM MQ existieren mehrere Schwachstellen. Diese bestehen in verschiedenen Komponenten, unter anderem "Eclipse", "libqb", "BasiliX", "Libxml2" oder "JavaSE". Ein entfernter, anonymer Angreifer kann diese Schwachstelle ausnutzen, um beliebigen Programmcode auszuführen, Informationen offenzulegen oder einen Denial of Service Zustand herbeizuführen.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
IBM DataPower Gateway <10.5.4
IBM / DataPower Gateway
|
<10.5.4 | ||
|
IBM DataPower Gateway <10.5.0.10
IBM / DataPower Gateway
|
<10.5.0.10 | ||
|
IBM MQ 9.1 LTS
IBM / MQ
|
cpe:/a:ibm:mq:9.1_lts
|
9.1 LTS | |
|
IBM App Connect Enterprise <=11.0.0.25
IBM / App Connect Enterprise
|
<=11.0.0.25 | ||
|
IBM DataPower Gateway <10.0.1.18
IBM / DataPower Gateway
|
<10.0.1.18 | ||
|
IBM MQ 9.2 LTS
IBM / MQ
|
cpe:/a:ibm:mq:9.2_lts
|
9.2 LTS | |
|
IBM Integration Bus <=10.1.0.3
IBM / Integration Bus
|
<=10.1.0.3 | ||
|
IBM MQ 9.3 LTS
IBM / MQ
|
cpe:/a:ibm:mq:9.3_lts
|
9.3 LTS | |
|
IBM FlashSystem
IBM
|
cpe:/a:ibm:flashsystem:-
|
— | |
|
IBM Power Hardware Management Console V10
IBM / Power Hardware Management Console
|
cpe:/a:ibm:hardware_management_console:v10
|
V10 | |
|
IBM MQ Operator v2.4.8
IBM / MQ
|
cpe:/a:ibm:mq:operator_v2.4.8
|
Operator v2.4.8 | |
|
IBM App Connect Enterprise <=12.0.11.3
IBM / App Connect Enterprise
|
<=12.0.11.3 | ||
|
IBM MQ 9.3 CD
IBM / MQ
|
cpe:/a:ibm:mq:9.3_cd
|
9.3 CD | |
|
IBM MQ Operator v3.1.0 CD
IBM / MQ
|
cpe:/a:ibm:mq:operator_v3.1.0__cd
|
Operator v3.1.0 CD | |
|
IBM SAN Volume Controller
IBM
|
cpe:/a:ibm:san_volume_controller:-
|
— | |
|
IBM MQ Operator v2.0.19 LTS
IBM / MQ
|
cpe:/a:ibm:mq:operator_v2.0.19_lts
|
Operator v2.0.19 LTS | |
|
IBM QRadar SIEM <7.5.0 UP8
IBM / QRadar SIEM
|
<7.5.0 UP8 | ||
|
IBM DataPower Gateway <10.5.0.15
IBM / DataPower Gateway
|
<10.5.0.15 | ||
|
IBM DataPower Gateway <10.6.0.3
IBM / DataPower Gateway
|
<10.6.0.3 | ||
|
IBM MQ 9.0 LTS
IBM / MQ
|
cpe:/a:ibm:mq:9.0_lts
|
9.0 LTS | |
|
IBM App Connect Enterprise
IBM / App Connect Enterprise
|
cpe:/a:ibm:app_connect_enterprise:-
|
— | |
|
IBM DataPower Gateway <10.6.2
IBM / DataPower Gateway
|
<10.6.2 | ||
|
IBM Storwize
IBM
|
cpe:/a:ibm:storwize:-
|
— | |
|
IBM Storage Scale
IBM
|
cpe:/a:ibm:spectrum_scale:-
|
— | |
|
IBM Business Automation Workflow
IBM
|
cpe:/a:ibm:business_automation_workflow:-
|
— | |
|
IBM DB2
IBM
|
cpe:/a:ibm:db2:-
|
— |
In IBM MQ existieren mehrere Schwachstellen. Diese bestehen in verschiedenen Komponenten, unter anderem "Eclipse", "libqb", "BasiliX", "Libxml2" oder "JavaSE". Ein entfernter, anonymer Angreifer kann diese Schwachstelle ausnutzen, um beliebigen Programmcode auszuführen, Informationen offenzulegen oder einen Denial of Service Zustand herbeizuführen.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
IBM DataPower Gateway <10.5.4
IBM / DataPower Gateway
|
<10.5.4 | ||
|
IBM DataPower Gateway <10.5.0.10
IBM / DataPower Gateway
|
<10.5.0.10 | ||
|
IBM MQ 9.1 LTS
IBM / MQ
|
cpe:/a:ibm:mq:9.1_lts
|
9.1 LTS | |
|
IBM App Connect Enterprise <=11.0.0.25
IBM / App Connect Enterprise
|
<=11.0.0.25 | ||
|
IBM DataPower Gateway <10.0.1.18
IBM / DataPower Gateway
|
<10.0.1.18 | ||
|
IBM MQ 9.2 LTS
IBM / MQ
|
cpe:/a:ibm:mq:9.2_lts
|
9.2 LTS | |
|
IBM Integration Bus <=10.1.0.3
IBM / Integration Bus
|
<=10.1.0.3 | ||
|
IBM MQ 9.3 LTS
IBM / MQ
|
cpe:/a:ibm:mq:9.3_lts
|
9.3 LTS | |
|
IBM FlashSystem
IBM
|
cpe:/a:ibm:flashsystem:-
|
— | |
|
IBM Power Hardware Management Console V10
IBM / Power Hardware Management Console
|
cpe:/a:ibm:hardware_management_console:v10
|
V10 | |
|
IBM MQ Operator v2.4.8
IBM / MQ
|
cpe:/a:ibm:mq:operator_v2.4.8
|
Operator v2.4.8 | |
|
IBM App Connect Enterprise <=12.0.11.3
IBM / App Connect Enterprise
|
<=12.0.11.3 | ||
|
IBM MQ 9.3 CD
IBM / MQ
|
cpe:/a:ibm:mq:9.3_cd
|
9.3 CD | |
|
IBM MQ Operator v3.1.0 CD
IBM / MQ
|
cpe:/a:ibm:mq:operator_v3.1.0__cd
|
Operator v3.1.0 CD | |
|
IBM SAN Volume Controller
IBM
|
cpe:/a:ibm:san_volume_controller:-
|
— | |
|
IBM MQ Operator v2.0.19 LTS
IBM / MQ
|
cpe:/a:ibm:mq:operator_v2.0.19_lts
|
Operator v2.0.19 LTS | |
|
IBM QRadar SIEM <7.5.0 UP8
IBM / QRadar SIEM
|
<7.5.0 UP8 | ||
|
IBM DataPower Gateway <10.5.0.15
IBM / DataPower Gateway
|
<10.5.0.15 | ||
|
IBM DataPower Gateway <10.6.0.3
IBM / DataPower Gateway
|
<10.6.0.3 | ||
|
IBM MQ 9.0 LTS
IBM / MQ
|
cpe:/a:ibm:mq:9.0_lts
|
9.0 LTS | |
|
IBM App Connect Enterprise
IBM / App Connect Enterprise
|
cpe:/a:ibm:app_connect_enterprise:-
|
— | |
|
IBM DataPower Gateway <10.6.2
IBM / DataPower Gateway
|
<10.6.2 | ||
|
IBM Storwize
IBM
|
cpe:/a:ibm:storwize:-
|
— | |
|
IBM Storage Scale
IBM
|
cpe:/a:ibm:spectrum_scale:-
|
— | |
|
IBM Business Automation Workflow
IBM
|
cpe:/a:ibm:business_automation_workflow:-
|
— | |
|
IBM DB2
IBM
|
cpe:/a:ibm:db2:-
|
— |
In IBM MQ existieren mehrere Schwachstellen. Diese bestehen in verschiedenen Komponenten, unter anderem "Eclipse", "libqb", "BasiliX", "Libxml2" oder "JavaSE". Ein entfernter, anonymer Angreifer kann diese Schwachstelle ausnutzen, um beliebigen Programmcode auszuführen, Informationen offenzulegen oder einen Denial of Service Zustand herbeizuführen.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
IBM DataPower Gateway <10.5.4
IBM / DataPower Gateway
|
<10.5.4 | ||
|
IBM DataPower Gateway <10.5.0.10
IBM / DataPower Gateway
|
<10.5.0.10 | ||
|
IBM MQ 9.1 LTS
IBM / MQ
|
cpe:/a:ibm:mq:9.1_lts
|
9.1 LTS | |
|
IBM App Connect Enterprise <=11.0.0.25
IBM / App Connect Enterprise
|
<=11.0.0.25 | ||
|
IBM DataPower Gateway <10.0.1.18
IBM / DataPower Gateway
|
<10.0.1.18 | ||
|
IBM MQ 9.2 LTS
IBM / MQ
|
cpe:/a:ibm:mq:9.2_lts
|
9.2 LTS | |
|
IBM Integration Bus <=10.1.0.3
IBM / Integration Bus
|
<=10.1.0.3 | ||
|
IBM MQ 9.3 LTS
IBM / MQ
|
cpe:/a:ibm:mq:9.3_lts
|
9.3 LTS | |
|
IBM FlashSystem
IBM
|
cpe:/a:ibm:flashsystem:-
|
— | |
|
IBM Power Hardware Management Console V10
IBM / Power Hardware Management Console
|
cpe:/a:ibm:hardware_management_console:v10
|
V10 | |
|
IBM MQ Operator v2.4.8
IBM / MQ
|
cpe:/a:ibm:mq:operator_v2.4.8
|
Operator v2.4.8 | |
|
IBM App Connect Enterprise <=12.0.11.3
IBM / App Connect Enterprise
|
<=12.0.11.3 | ||
|
IBM MQ 9.3 CD
IBM / MQ
|
cpe:/a:ibm:mq:9.3_cd
|
9.3 CD | |
|
IBM MQ Operator v3.1.0 CD
IBM / MQ
|
cpe:/a:ibm:mq:operator_v3.1.0__cd
|
Operator v3.1.0 CD | |
|
IBM SAN Volume Controller
IBM
|
cpe:/a:ibm:san_volume_controller:-
|
— | |
|
IBM MQ Operator v2.0.19 LTS
IBM / MQ
|
cpe:/a:ibm:mq:operator_v2.0.19_lts
|
Operator v2.0.19 LTS | |
|
IBM QRadar SIEM <7.5.0 UP8
IBM / QRadar SIEM
|
<7.5.0 UP8 | ||
|
IBM DataPower Gateway <10.5.0.15
IBM / DataPower Gateway
|
<10.5.0.15 | ||
|
IBM DataPower Gateway <10.6.0.3
IBM / DataPower Gateway
|
<10.6.0.3 | ||
|
IBM MQ 9.0 LTS
IBM / MQ
|
cpe:/a:ibm:mq:9.0_lts
|
9.0 LTS | |
|
IBM App Connect Enterprise
IBM / App Connect Enterprise
|
cpe:/a:ibm:app_connect_enterprise:-
|
— | |
|
IBM DataPower Gateway <10.6.2
IBM / DataPower Gateway
|
<10.6.2 | ||
|
IBM Storwize
IBM
|
cpe:/a:ibm:storwize:-
|
— | |
|
IBM Storage Scale
IBM
|
cpe:/a:ibm:spectrum_scale:-
|
— | |
|
IBM Business Automation Workflow
IBM
|
cpe:/a:ibm:business_automation_workflow:-
|
— | |
|
IBM DB2
IBM
|
cpe:/a:ibm:db2:-
|
— |
In IBM MQ existieren mehrere Schwachstellen. Diese bestehen in verschiedenen Komponenten, unter anderem "Eclipse", "libqb", "BasiliX", "Libxml2" oder "JavaSE". Ein entfernter, anonymer Angreifer kann diese Schwachstelle ausnutzen, um beliebigen Programmcode auszuführen, Informationen offenzulegen oder einen Denial of Service Zustand herbeizuführen.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
IBM DataPower Gateway <10.5.4
IBM / DataPower Gateway
|
<10.5.4 | ||
|
IBM DataPower Gateway <10.5.0.10
IBM / DataPower Gateway
|
<10.5.0.10 | ||
|
IBM MQ 9.1 LTS
IBM / MQ
|
cpe:/a:ibm:mq:9.1_lts
|
9.1 LTS | |
|
IBM App Connect Enterprise <=11.0.0.25
IBM / App Connect Enterprise
|
<=11.0.0.25 | ||
|
IBM DataPower Gateway <10.0.1.18
IBM / DataPower Gateway
|
<10.0.1.18 | ||
|
IBM MQ 9.2 LTS
IBM / MQ
|
cpe:/a:ibm:mq:9.2_lts
|
9.2 LTS | |
|
IBM Integration Bus <=10.1.0.3
IBM / Integration Bus
|
<=10.1.0.3 | ||
|
IBM MQ 9.3 LTS
IBM / MQ
|
cpe:/a:ibm:mq:9.3_lts
|
9.3 LTS | |
|
IBM FlashSystem
IBM
|
cpe:/a:ibm:flashsystem:-
|
— | |
|
IBM Power Hardware Management Console V10
IBM / Power Hardware Management Console
|
cpe:/a:ibm:hardware_management_console:v10
|
V10 | |
|
IBM MQ Operator v2.4.8
IBM / MQ
|
cpe:/a:ibm:mq:operator_v2.4.8
|
Operator v2.4.8 | |
|
IBM App Connect Enterprise <=12.0.11.3
IBM / App Connect Enterprise
|
<=12.0.11.3 | ||
|
IBM MQ 9.3 CD
IBM / MQ
|
cpe:/a:ibm:mq:9.3_cd
|
9.3 CD | |
|
IBM MQ Operator v3.1.0 CD
IBM / MQ
|
cpe:/a:ibm:mq:operator_v3.1.0__cd
|
Operator v3.1.0 CD | |
|
IBM SAN Volume Controller
IBM
|
cpe:/a:ibm:san_volume_controller:-
|
— | |
|
IBM MQ Operator v2.0.19 LTS
IBM / MQ
|
cpe:/a:ibm:mq:operator_v2.0.19_lts
|
Operator v2.0.19 LTS | |
|
IBM QRadar SIEM <7.5.0 UP8
IBM / QRadar SIEM
|
<7.5.0 UP8 | ||
|
IBM DataPower Gateway <10.5.0.15
IBM / DataPower Gateway
|
<10.5.0.15 | ||
|
IBM DataPower Gateway <10.6.0.3
IBM / DataPower Gateway
|
<10.6.0.3 | ||
|
IBM MQ 9.0 LTS
IBM / MQ
|
cpe:/a:ibm:mq:9.0_lts
|
9.0 LTS | |
|
IBM App Connect Enterprise
IBM / App Connect Enterprise
|
cpe:/a:ibm:app_connect_enterprise:-
|
— | |
|
IBM DataPower Gateway <10.6.2
IBM / DataPower Gateway
|
<10.6.2 | ||
|
IBM Storwize
IBM
|
cpe:/a:ibm:storwize:-
|
— | |
|
IBM Storage Scale
IBM
|
cpe:/a:ibm:spectrum_scale:-
|
— | |
|
IBM Business Automation Workflow
IBM
|
cpe:/a:ibm:business_automation_workflow:-
|
— | |
|
IBM DB2
IBM
|
cpe:/a:ibm:db2:-
|
— |
In IBM MQ existieren mehrere Schwachstellen. Diese bestehen in verschiedenen Komponenten, unter anderem "Eclipse", "libqb", "BasiliX", "Libxml2" oder "JavaSE". Ein entfernter, anonymer Angreifer kann diese Schwachstelle ausnutzen, um beliebigen Programmcode auszuführen, Informationen offenzulegen oder einen Denial of Service Zustand herbeizuführen.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
IBM DataPower Gateway <10.5.4
IBM / DataPower Gateway
|
<10.5.4 | ||
|
IBM DataPower Gateway <10.5.0.10
IBM / DataPower Gateway
|
<10.5.0.10 | ||
|
IBM MQ 9.1 LTS
IBM / MQ
|
cpe:/a:ibm:mq:9.1_lts
|
9.1 LTS | |
|
IBM App Connect Enterprise <=11.0.0.25
IBM / App Connect Enterprise
|
<=11.0.0.25 | ||
|
IBM DataPower Gateway <10.0.1.18
IBM / DataPower Gateway
|
<10.0.1.18 | ||
|
IBM MQ 9.2 LTS
IBM / MQ
|
cpe:/a:ibm:mq:9.2_lts
|
9.2 LTS | |
|
IBM Integration Bus <=10.1.0.3
IBM / Integration Bus
|
<=10.1.0.3 | ||
|
IBM MQ 9.3 LTS
IBM / MQ
|
cpe:/a:ibm:mq:9.3_lts
|
9.3 LTS | |
|
IBM FlashSystem
IBM
|
cpe:/a:ibm:flashsystem:-
|
— | |
|
IBM Power Hardware Management Console V10
IBM / Power Hardware Management Console
|
cpe:/a:ibm:hardware_management_console:v10
|
V10 | |
|
IBM MQ Operator v2.4.8
IBM / MQ
|
cpe:/a:ibm:mq:operator_v2.4.8
|
Operator v2.4.8 | |
|
IBM App Connect Enterprise <=12.0.11.3
IBM / App Connect Enterprise
|
<=12.0.11.3 | ||
|
IBM MQ 9.3 CD
IBM / MQ
|
cpe:/a:ibm:mq:9.3_cd
|
9.3 CD | |
|
IBM MQ Operator v3.1.0 CD
IBM / MQ
|
cpe:/a:ibm:mq:operator_v3.1.0__cd
|
Operator v3.1.0 CD | |
|
IBM SAN Volume Controller
IBM
|
cpe:/a:ibm:san_volume_controller:-
|
— | |
|
IBM MQ Operator v2.0.19 LTS
IBM / MQ
|
cpe:/a:ibm:mq:operator_v2.0.19_lts
|
Operator v2.0.19 LTS | |
|
IBM QRadar SIEM <7.5.0 UP8
IBM / QRadar SIEM
|
<7.5.0 UP8 | ||
|
IBM DataPower Gateway <10.5.0.15
IBM / DataPower Gateway
|
<10.5.0.15 | ||
|
IBM DataPower Gateway <10.6.0.3
IBM / DataPower Gateway
|
<10.6.0.3 | ||
|
IBM MQ 9.0 LTS
IBM / MQ
|
cpe:/a:ibm:mq:9.0_lts
|
9.0 LTS | |
|
IBM App Connect Enterprise
IBM / App Connect Enterprise
|
cpe:/a:ibm:app_connect_enterprise:-
|
— | |
|
IBM DataPower Gateway <10.6.2
IBM / DataPower Gateway
|
<10.6.2 | ||
|
IBM Storwize
IBM
|
cpe:/a:ibm:storwize:-
|
— | |
|
IBM Storage Scale
IBM
|
cpe:/a:ibm:spectrum_scale:-
|
— | |
|
IBM Business Automation Workflow
IBM
|
cpe:/a:ibm:business_automation_workflow:-
|
— | |
|
IBM DB2
IBM
|
cpe:/a:ibm:db2:-
|
— |
In IBM MQ existieren mehrere Schwachstellen. Diese bestehen in verschiedenen Komponenten, unter anderem "Eclipse", "libqb", "BasiliX", "Libxml2" oder "JavaSE". Ein entfernter, anonymer Angreifer kann diese Schwachstelle ausnutzen, um beliebigen Programmcode auszuführen, Informationen offenzulegen oder einen Denial of Service Zustand herbeizuführen.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
IBM DataPower Gateway <10.5.4
IBM / DataPower Gateway
|
<10.5.4 | ||
|
IBM DataPower Gateway <10.5.0.10
IBM / DataPower Gateway
|
<10.5.0.10 | ||
|
IBM MQ 9.1 LTS
IBM / MQ
|
cpe:/a:ibm:mq:9.1_lts
|
9.1 LTS | |
|
IBM App Connect Enterprise <=11.0.0.25
IBM / App Connect Enterprise
|
<=11.0.0.25 | ||
|
IBM DataPower Gateway <10.0.1.18
IBM / DataPower Gateway
|
<10.0.1.18 | ||
|
IBM MQ 9.2 LTS
IBM / MQ
|
cpe:/a:ibm:mq:9.2_lts
|
9.2 LTS | |
|
IBM Integration Bus <=10.1.0.3
IBM / Integration Bus
|
<=10.1.0.3 | ||
|
IBM MQ 9.3 LTS
IBM / MQ
|
cpe:/a:ibm:mq:9.3_lts
|
9.3 LTS | |
|
IBM FlashSystem
IBM
|
cpe:/a:ibm:flashsystem:-
|
— | |
|
IBM Power Hardware Management Console V10
IBM / Power Hardware Management Console
|
cpe:/a:ibm:hardware_management_console:v10
|
V10 | |
|
IBM MQ Operator v2.4.8
IBM / MQ
|
cpe:/a:ibm:mq:operator_v2.4.8
|
Operator v2.4.8 | |
|
IBM App Connect Enterprise <=12.0.11.3
IBM / App Connect Enterprise
|
<=12.0.11.3 | ||
|
IBM MQ 9.3 CD
IBM / MQ
|
cpe:/a:ibm:mq:9.3_cd
|
9.3 CD | |
|
IBM MQ Operator v3.1.0 CD
IBM / MQ
|
cpe:/a:ibm:mq:operator_v3.1.0__cd
|
Operator v3.1.0 CD | |
|
IBM SAN Volume Controller
IBM
|
cpe:/a:ibm:san_volume_controller:-
|
— | |
|
IBM MQ Operator v2.0.19 LTS
IBM / MQ
|
cpe:/a:ibm:mq:operator_v2.0.19_lts
|
Operator v2.0.19 LTS | |
|
IBM QRadar SIEM <7.5.0 UP8
IBM / QRadar SIEM
|
<7.5.0 UP8 | ||
|
IBM DataPower Gateway <10.5.0.15
IBM / DataPower Gateway
|
<10.5.0.15 | ||
|
IBM DataPower Gateway <10.6.0.3
IBM / DataPower Gateway
|
<10.6.0.3 | ||
|
IBM MQ 9.0 LTS
IBM / MQ
|
cpe:/a:ibm:mq:9.0_lts
|
9.0 LTS | |
|
IBM App Connect Enterprise
IBM / App Connect Enterprise
|
cpe:/a:ibm:app_connect_enterprise:-
|
— | |
|
IBM DataPower Gateway <10.6.2
IBM / DataPower Gateway
|
<10.6.2 | ||
|
IBM Storwize
IBM
|
cpe:/a:ibm:storwize:-
|
— | |
|
IBM Storage Scale
IBM
|
cpe:/a:ibm:spectrum_scale:-
|
— | |
|
IBM Business Automation Workflow
IBM
|
cpe:/a:ibm:business_automation_workflow:-
|
— | |
|
IBM DB2
IBM
|
cpe:/a:ibm:db2:-
|
— |
In IBM MQ existieren mehrere Schwachstellen. Diese bestehen in verschiedenen Komponenten, unter anderem "Eclipse", "libqb", "BasiliX", "Libxml2" oder "JavaSE". Ein entfernter, anonymer Angreifer kann diese Schwachstelle ausnutzen, um beliebigen Programmcode auszuführen, Informationen offenzulegen oder einen Denial of Service Zustand herbeizuführen.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
IBM DataPower Gateway <10.5.4
IBM / DataPower Gateway
|
<10.5.4 | ||
|
IBM DataPower Gateway <10.5.0.10
IBM / DataPower Gateway
|
<10.5.0.10 | ||
|
IBM MQ 9.1 LTS
IBM / MQ
|
cpe:/a:ibm:mq:9.1_lts
|
9.1 LTS | |
|
IBM App Connect Enterprise <=11.0.0.25
IBM / App Connect Enterprise
|
<=11.0.0.25 | ||
|
IBM DataPower Gateway <10.0.1.18
IBM / DataPower Gateway
|
<10.0.1.18 | ||
|
IBM MQ 9.2 LTS
IBM / MQ
|
cpe:/a:ibm:mq:9.2_lts
|
9.2 LTS | |
|
IBM Integration Bus <=10.1.0.3
IBM / Integration Bus
|
<=10.1.0.3 | ||
|
IBM MQ 9.3 LTS
IBM / MQ
|
cpe:/a:ibm:mq:9.3_lts
|
9.3 LTS | |
|
IBM FlashSystem
IBM
|
cpe:/a:ibm:flashsystem:-
|
— | |
|
IBM Power Hardware Management Console V10
IBM / Power Hardware Management Console
|
cpe:/a:ibm:hardware_management_console:v10
|
V10 | |
|
IBM MQ Operator v2.4.8
IBM / MQ
|
cpe:/a:ibm:mq:operator_v2.4.8
|
Operator v2.4.8 | |
|
IBM App Connect Enterprise <=12.0.11.3
IBM / App Connect Enterprise
|
<=12.0.11.3 | ||
|
IBM MQ 9.3 CD
IBM / MQ
|
cpe:/a:ibm:mq:9.3_cd
|
9.3 CD | |
|
IBM MQ Operator v3.1.0 CD
IBM / MQ
|
cpe:/a:ibm:mq:operator_v3.1.0__cd
|
Operator v3.1.0 CD | |
|
IBM SAN Volume Controller
IBM
|
cpe:/a:ibm:san_volume_controller:-
|
— | |
|
IBM MQ Operator v2.0.19 LTS
IBM / MQ
|
cpe:/a:ibm:mq:operator_v2.0.19_lts
|
Operator v2.0.19 LTS | |
|
IBM QRadar SIEM <7.5.0 UP8
IBM / QRadar SIEM
|
<7.5.0 UP8 | ||
|
IBM DataPower Gateway <10.5.0.15
IBM / DataPower Gateway
|
<10.5.0.15 | ||
|
IBM DataPower Gateway <10.6.0.3
IBM / DataPower Gateway
|
<10.6.0.3 | ||
|
IBM MQ 9.0 LTS
IBM / MQ
|
cpe:/a:ibm:mq:9.0_lts
|
9.0 LTS | |
|
IBM App Connect Enterprise
IBM / App Connect Enterprise
|
cpe:/a:ibm:app_connect_enterprise:-
|
— | |
|
IBM DataPower Gateway <10.6.2
IBM / DataPower Gateway
|
<10.6.2 | ||
|
IBM Storwize
IBM
|
cpe:/a:ibm:storwize:-
|
— | |
|
IBM Storage Scale
IBM
|
cpe:/a:ibm:spectrum_scale:-
|
— | |
|
IBM Business Automation Workflow
IBM
|
cpe:/a:ibm:business_automation_workflow:-
|
— | |
|
IBM DB2
IBM
|
cpe:/a:ibm:db2:-
|
— |
In IBM MQ existieren mehrere Schwachstellen. Diese bestehen in verschiedenen Komponenten, unter anderem "Eclipse", "libqb", "BasiliX", "Libxml2" oder "JavaSE". Ein entfernter, anonymer Angreifer kann diese Schwachstelle ausnutzen, um beliebigen Programmcode auszuführen, Informationen offenzulegen oder einen Denial of Service Zustand herbeizuführen.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
IBM DataPower Gateway <10.5.4
IBM / DataPower Gateway
|
<10.5.4 | ||
|
IBM DataPower Gateway <10.5.0.10
IBM / DataPower Gateway
|
<10.5.0.10 | ||
|
IBM MQ 9.1 LTS
IBM / MQ
|
cpe:/a:ibm:mq:9.1_lts
|
9.1 LTS | |
|
IBM App Connect Enterprise <=11.0.0.25
IBM / App Connect Enterprise
|
<=11.0.0.25 | ||
|
IBM DataPower Gateway <10.0.1.18
IBM / DataPower Gateway
|
<10.0.1.18 | ||
|
IBM MQ 9.2 LTS
IBM / MQ
|
cpe:/a:ibm:mq:9.2_lts
|
9.2 LTS | |
|
IBM Integration Bus <=10.1.0.3
IBM / Integration Bus
|
<=10.1.0.3 | ||
|
IBM MQ 9.3 LTS
IBM / MQ
|
cpe:/a:ibm:mq:9.3_lts
|
9.3 LTS | |
|
IBM FlashSystem
IBM
|
cpe:/a:ibm:flashsystem:-
|
— | |
|
IBM Power Hardware Management Console V10
IBM / Power Hardware Management Console
|
cpe:/a:ibm:hardware_management_console:v10
|
V10 | |
|
IBM MQ Operator v2.4.8
IBM / MQ
|
cpe:/a:ibm:mq:operator_v2.4.8
|
Operator v2.4.8 | |
|
IBM App Connect Enterprise <=12.0.11.3
IBM / App Connect Enterprise
|
<=12.0.11.3 | ||
|
IBM MQ 9.3 CD
IBM / MQ
|
cpe:/a:ibm:mq:9.3_cd
|
9.3 CD | |
|
IBM MQ Operator v3.1.0 CD
IBM / MQ
|
cpe:/a:ibm:mq:operator_v3.1.0__cd
|
Operator v3.1.0 CD | |
|
IBM SAN Volume Controller
IBM
|
cpe:/a:ibm:san_volume_controller:-
|
— | |
|
IBM MQ Operator v2.0.19 LTS
IBM / MQ
|
cpe:/a:ibm:mq:operator_v2.0.19_lts
|
Operator v2.0.19 LTS | |
|
IBM QRadar SIEM <7.5.0 UP8
IBM / QRadar SIEM
|
<7.5.0 UP8 | ||
|
IBM DataPower Gateway <10.5.0.15
IBM / DataPower Gateway
|
<10.5.0.15 | ||
|
IBM DataPower Gateway <10.6.0.3
IBM / DataPower Gateway
|
<10.6.0.3 | ||
|
IBM MQ 9.0 LTS
IBM / MQ
|
cpe:/a:ibm:mq:9.0_lts
|
9.0 LTS | |
|
IBM App Connect Enterprise
IBM / App Connect Enterprise
|
cpe:/a:ibm:app_connect_enterprise:-
|
— | |
|
IBM DataPower Gateway <10.6.2
IBM / DataPower Gateway
|
<10.6.2 | ||
|
IBM Storwize
IBM
|
cpe:/a:ibm:storwize:-
|
— | |
|
IBM Storage Scale
IBM
|
cpe:/a:ibm:spectrum_scale:-
|
— | |
|
IBM Business Automation Workflow
IBM
|
cpe:/a:ibm:business_automation_workflow:-
|
— | |
|
IBM DB2
IBM
|
cpe:/a:ibm:db2:-
|
— |
In IBM MQ existieren mehrere Schwachstellen. Diese bestehen in verschiedenen Komponenten, unter anderem "Eclipse", "libqb", "BasiliX", "Libxml2" oder "JavaSE". Ein entfernter, anonymer Angreifer kann diese Schwachstelle ausnutzen, um beliebigen Programmcode auszuführen, Informationen offenzulegen oder einen Denial of Service Zustand herbeizuführen.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
IBM DataPower Gateway <10.5.4
IBM / DataPower Gateway
|
<10.5.4 | ||
|
IBM DataPower Gateway <10.5.0.10
IBM / DataPower Gateway
|
<10.5.0.10 | ||
|
IBM MQ 9.1 LTS
IBM / MQ
|
cpe:/a:ibm:mq:9.1_lts
|
9.1 LTS | |
|
IBM App Connect Enterprise <=11.0.0.25
IBM / App Connect Enterprise
|
<=11.0.0.25 | ||
|
IBM DataPower Gateway <10.0.1.18
IBM / DataPower Gateway
|
<10.0.1.18 | ||
|
IBM MQ 9.2 LTS
IBM / MQ
|
cpe:/a:ibm:mq:9.2_lts
|
9.2 LTS | |
|
IBM Integration Bus <=10.1.0.3
IBM / Integration Bus
|
<=10.1.0.3 | ||
|
IBM MQ 9.3 LTS
IBM / MQ
|
cpe:/a:ibm:mq:9.3_lts
|
9.3 LTS | |
|
IBM FlashSystem
IBM
|
cpe:/a:ibm:flashsystem:-
|
— | |
|
IBM Power Hardware Management Console V10
IBM / Power Hardware Management Console
|
cpe:/a:ibm:hardware_management_console:v10
|
V10 | |
|
IBM MQ Operator v2.4.8
IBM / MQ
|
cpe:/a:ibm:mq:operator_v2.4.8
|
Operator v2.4.8 | |
|
IBM App Connect Enterprise <=12.0.11.3
IBM / App Connect Enterprise
|
<=12.0.11.3 | ||
|
IBM MQ 9.3 CD
IBM / MQ
|
cpe:/a:ibm:mq:9.3_cd
|
9.3 CD | |
|
IBM MQ Operator v3.1.0 CD
IBM / MQ
|
cpe:/a:ibm:mq:operator_v3.1.0__cd
|
Operator v3.1.0 CD | |
|
IBM SAN Volume Controller
IBM
|
cpe:/a:ibm:san_volume_controller:-
|
— | |
|
IBM MQ Operator v2.0.19 LTS
IBM / MQ
|
cpe:/a:ibm:mq:operator_v2.0.19_lts
|
Operator v2.0.19 LTS | |
|
IBM QRadar SIEM <7.5.0 UP8
IBM / QRadar SIEM
|
<7.5.0 UP8 | ||
|
IBM DataPower Gateway <10.5.0.15
IBM / DataPower Gateway
|
<10.5.0.15 | ||
|
IBM DataPower Gateway <10.6.0.3
IBM / DataPower Gateway
|
<10.6.0.3 | ||
|
IBM MQ 9.0 LTS
IBM / MQ
|
cpe:/a:ibm:mq:9.0_lts
|
9.0 LTS | |
|
IBM App Connect Enterprise
IBM / App Connect Enterprise
|
cpe:/a:ibm:app_connect_enterprise:-
|
— | |
|
IBM DataPower Gateway <10.6.2
IBM / DataPower Gateway
|
<10.6.2 | ||
|
IBM Storwize
IBM
|
cpe:/a:ibm:storwize:-
|
— | |
|
IBM Storage Scale
IBM
|
cpe:/a:ibm:spectrum_scale:-
|
— | |
|
IBM Business Automation Workflow
IBM
|
cpe:/a:ibm:business_automation_workflow:-
|
— | |
|
IBM DB2
IBM
|
cpe:/a:ibm:db2:-
|
— |
In IBM MQ existieren mehrere Schwachstellen. Diese bestehen in verschiedenen Komponenten, unter anderem "Eclipse", "libqb", "BasiliX", "Libxml2" oder "JavaSE". Ein entfernter, anonymer Angreifer kann diese Schwachstelle ausnutzen, um beliebigen Programmcode auszuführen, Informationen offenzulegen oder einen Denial of Service Zustand herbeizuführen.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
IBM DataPower Gateway <10.5.4
IBM / DataPower Gateway
|
<10.5.4 | ||
|
IBM DataPower Gateway <10.5.0.10
IBM / DataPower Gateway
|
<10.5.0.10 | ||
|
IBM MQ 9.1 LTS
IBM / MQ
|
cpe:/a:ibm:mq:9.1_lts
|
9.1 LTS | |
|
IBM App Connect Enterprise <=11.0.0.25
IBM / App Connect Enterprise
|
<=11.0.0.25 | ||
|
IBM DataPower Gateway <10.0.1.18
IBM / DataPower Gateway
|
<10.0.1.18 | ||
|
IBM MQ 9.2 LTS
IBM / MQ
|
cpe:/a:ibm:mq:9.2_lts
|
9.2 LTS | |
|
IBM Integration Bus <=10.1.0.3
IBM / Integration Bus
|
<=10.1.0.3 | ||
|
IBM MQ 9.3 LTS
IBM / MQ
|
cpe:/a:ibm:mq:9.3_lts
|
9.3 LTS | |
|
IBM FlashSystem
IBM
|
cpe:/a:ibm:flashsystem:-
|
— | |
|
IBM Power Hardware Management Console V10
IBM / Power Hardware Management Console
|
cpe:/a:ibm:hardware_management_console:v10
|
V10 | |
|
IBM MQ Operator v2.4.8
IBM / MQ
|
cpe:/a:ibm:mq:operator_v2.4.8
|
Operator v2.4.8 | |
|
IBM App Connect Enterprise <=12.0.11.3
IBM / App Connect Enterprise
|
<=12.0.11.3 | ||
|
IBM MQ 9.3 CD
IBM / MQ
|
cpe:/a:ibm:mq:9.3_cd
|
9.3 CD | |
|
IBM MQ Operator v3.1.0 CD
IBM / MQ
|
cpe:/a:ibm:mq:operator_v3.1.0__cd
|
Operator v3.1.0 CD | |
|
IBM SAN Volume Controller
IBM
|
cpe:/a:ibm:san_volume_controller:-
|
— | |
|
IBM MQ Operator v2.0.19 LTS
IBM / MQ
|
cpe:/a:ibm:mq:operator_v2.0.19_lts
|
Operator v2.0.19 LTS | |
|
IBM QRadar SIEM <7.5.0 UP8
IBM / QRadar SIEM
|
<7.5.0 UP8 | ||
|
IBM DataPower Gateway <10.5.0.15
IBM / DataPower Gateway
|
<10.5.0.15 | ||
|
IBM DataPower Gateway <10.6.0.3
IBM / DataPower Gateway
|
<10.6.0.3 | ||
|
IBM MQ 9.0 LTS
IBM / MQ
|
cpe:/a:ibm:mq:9.0_lts
|
9.0 LTS | |
|
IBM App Connect Enterprise
IBM / App Connect Enterprise
|
cpe:/a:ibm:app_connect_enterprise:-
|
— | |
|
IBM DataPower Gateway <10.6.2
IBM / DataPower Gateway
|
<10.6.2 | ||
|
IBM Storwize
IBM
|
cpe:/a:ibm:storwize:-
|
— | |
|
IBM Storage Scale
IBM
|
cpe:/a:ibm:spectrum_scale:-
|
— | |
|
IBM Business Automation Workflow
IBM
|
cpe:/a:ibm:business_automation_workflow:-
|
— | |
|
IBM DB2
IBM
|
cpe:/a:ibm:db2:-
|
— |
In IBM MQ existieren mehrere Schwachstellen. Diese bestehen in verschiedenen Komponenten, unter anderem "Eclipse", "libqb", "BasiliX", "Libxml2" oder "JavaSE". Ein entfernter, anonymer Angreifer kann diese Schwachstelle ausnutzen, um beliebigen Programmcode auszuführen, Informationen offenzulegen oder einen Denial of Service Zustand herbeizuführen.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
IBM DataPower Gateway <10.5.4
IBM / DataPower Gateway
|
<10.5.4 | ||
|
IBM DataPower Gateway <10.5.0.10
IBM / DataPower Gateway
|
<10.5.0.10 | ||
|
IBM MQ 9.1 LTS
IBM / MQ
|
cpe:/a:ibm:mq:9.1_lts
|
9.1 LTS | |
|
IBM App Connect Enterprise <=11.0.0.25
IBM / App Connect Enterprise
|
<=11.0.0.25 | ||
|
IBM DataPower Gateway <10.0.1.18
IBM / DataPower Gateway
|
<10.0.1.18 | ||
|
IBM MQ 9.2 LTS
IBM / MQ
|
cpe:/a:ibm:mq:9.2_lts
|
9.2 LTS | |
|
IBM Integration Bus <=10.1.0.3
IBM / Integration Bus
|
<=10.1.0.3 | ||
|
IBM MQ 9.3 LTS
IBM / MQ
|
cpe:/a:ibm:mq:9.3_lts
|
9.3 LTS | |
|
IBM FlashSystem
IBM
|
cpe:/a:ibm:flashsystem:-
|
— | |
|
IBM Power Hardware Management Console V10
IBM / Power Hardware Management Console
|
cpe:/a:ibm:hardware_management_console:v10
|
V10 | |
|
IBM MQ Operator v2.4.8
IBM / MQ
|
cpe:/a:ibm:mq:operator_v2.4.8
|
Operator v2.4.8 | |
|
IBM App Connect Enterprise <=12.0.11.3
IBM / App Connect Enterprise
|
<=12.0.11.3 | ||
|
IBM MQ 9.3 CD
IBM / MQ
|
cpe:/a:ibm:mq:9.3_cd
|
9.3 CD | |
|
IBM MQ Operator v3.1.0 CD
IBM / MQ
|
cpe:/a:ibm:mq:operator_v3.1.0__cd
|
Operator v3.1.0 CD | |
|
IBM SAN Volume Controller
IBM
|
cpe:/a:ibm:san_volume_controller:-
|
— | |
|
IBM MQ Operator v2.0.19 LTS
IBM / MQ
|
cpe:/a:ibm:mq:operator_v2.0.19_lts
|
Operator v2.0.19 LTS | |
|
IBM QRadar SIEM <7.5.0 UP8
IBM / QRadar SIEM
|
<7.5.0 UP8 | ||
|
IBM DataPower Gateway <10.5.0.15
IBM / DataPower Gateway
|
<10.5.0.15 | ||
|
IBM DataPower Gateway <10.6.0.3
IBM / DataPower Gateway
|
<10.6.0.3 | ||
|
IBM MQ 9.0 LTS
IBM / MQ
|
cpe:/a:ibm:mq:9.0_lts
|
9.0 LTS | |
|
IBM App Connect Enterprise
IBM / App Connect Enterprise
|
cpe:/a:ibm:app_connect_enterprise:-
|
— | |
|
IBM DataPower Gateway <10.6.2
IBM / DataPower Gateway
|
<10.6.2 | ||
|
IBM Storwize
IBM
|
cpe:/a:ibm:storwize:-
|
— | |
|
IBM Storage Scale
IBM
|
cpe:/a:ibm:spectrum_scale:-
|
— | |
|
IBM Business Automation Workflow
IBM
|
cpe:/a:ibm:business_automation_workflow:-
|
— | |
|
IBM DB2
IBM
|
cpe:/a:ibm:db2:-
|
— |
In IBM MQ existieren mehrere Schwachstellen. Diese bestehen in verschiedenen Komponenten, unter anderem "Eclipse", "libqb", "BasiliX", "Libxml2" oder "JavaSE". Ein entfernter, anonymer Angreifer kann diese Schwachstelle ausnutzen, um beliebigen Programmcode auszuführen, Informationen offenzulegen oder einen Denial of Service Zustand herbeizuführen.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
IBM DataPower Gateway <10.5.4
IBM / DataPower Gateway
|
<10.5.4 | ||
|
IBM DataPower Gateway <10.5.0.10
IBM / DataPower Gateway
|
<10.5.0.10 | ||
|
IBM MQ 9.1 LTS
IBM / MQ
|
cpe:/a:ibm:mq:9.1_lts
|
9.1 LTS | |
|
IBM App Connect Enterprise <=11.0.0.25
IBM / App Connect Enterprise
|
<=11.0.0.25 | ||
|
IBM DataPower Gateway <10.0.1.18
IBM / DataPower Gateway
|
<10.0.1.18 | ||
|
IBM MQ 9.2 LTS
IBM / MQ
|
cpe:/a:ibm:mq:9.2_lts
|
9.2 LTS | |
|
IBM Integration Bus <=10.1.0.3
IBM / Integration Bus
|
<=10.1.0.3 | ||
|
IBM MQ 9.3 LTS
IBM / MQ
|
cpe:/a:ibm:mq:9.3_lts
|
9.3 LTS | |
|
IBM FlashSystem
IBM
|
cpe:/a:ibm:flashsystem:-
|
— | |
|
IBM Power Hardware Management Console V10
IBM / Power Hardware Management Console
|
cpe:/a:ibm:hardware_management_console:v10
|
V10 | |
|
IBM MQ Operator v2.4.8
IBM / MQ
|
cpe:/a:ibm:mq:operator_v2.4.8
|
Operator v2.4.8 | |
|
IBM App Connect Enterprise <=12.0.11.3
IBM / App Connect Enterprise
|
<=12.0.11.3 | ||
|
IBM MQ 9.3 CD
IBM / MQ
|
cpe:/a:ibm:mq:9.3_cd
|
9.3 CD | |
|
IBM MQ Operator v3.1.0 CD
IBM / MQ
|
cpe:/a:ibm:mq:operator_v3.1.0__cd
|
Operator v3.1.0 CD | |
|
IBM SAN Volume Controller
IBM
|
cpe:/a:ibm:san_volume_controller:-
|
— | |
|
IBM MQ Operator v2.0.19 LTS
IBM / MQ
|
cpe:/a:ibm:mq:operator_v2.0.19_lts
|
Operator v2.0.19 LTS | |
|
IBM QRadar SIEM <7.5.0 UP8
IBM / QRadar SIEM
|
<7.5.0 UP8 | ||
|
IBM DataPower Gateway <10.5.0.15
IBM / DataPower Gateway
|
<10.5.0.15 | ||
|
IBM DataPower Gateway <10.6.0.3
IBM / DataPower Gateway
|
<10.6.0.3 | ||
|
IBM MQ 9.0 LTS
IBM / MQ
|
cpe:/a:ibm:mq:9.0_lts
|
9.0 LTS | |
|
IBM App Connect Enterprise
IBM / App Connect Enterprise
|
cpe:/a:ibm:app_connect_enterprise:-
|
— | |
|
IBM DataPower Gateway <10.6.2
IBM / DataPower Gateway
|
<10.6.2 | ||
|
IBM Storwize
IBM
|
cpe:/a:ibm:storwize:-
|
— | |
|
IBM Storage Scale
IBM
|
cpe:/a:ibm:spectrum_scale:-
|
— | |
|
IBM Business Automation Workflow
IBM
|
cpe:/a:ibm:business_automation_workflow:-
|
— | |
|
IBM DB2
IBM
|
cpe:/a:ibm:db2:-
|
— |
In IBM MQ existieren mehrere Schwachstellen. Diese bestehen in verschiedenen Komponenten, unter anderem "Eclipse", "libqb", "BasiliX", "Libxml2" oder "JavaSE". Ein entfernter, anonymer Angreifer kann diese Schwachstelle ausnutzen, um beliebigen Programmcode auszuführen, Informationen offenzulegen oder einen Denial of Service Zustand herbeizuführen.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
IBM DataPower Gateway <10.5.4
IBM / DataPower Gateway
|
<10.5.4 | ||
|
IBM DataPower Gateway <10.5.0.10
IBM / DataPower Gateway
|
<10.5.0.10 | ||
|
IBM MQ 9.1 LTS
IBM / MQ
|
cpe:/a:ibm:mq:9.1_lts
|
9.1 LTS | |
|
IBM App Connect Enterprise <=11.0.0.25
IBM / App Connect Enterprise
|
<=11.0.0.25 | ||
|
IBM DataPower Gateway <10.0.1.18
IBM / DataPower Gateway
|
<10.0.1.18 | ||
|
IBM MQ 9.2 LTS
IBM / MQ
|
cpe:/a:ibm:mq:9.2_lts
|
9.2 LTS | |
|
IBM Integration Bus <=10.1.0.3
IBM / Integration Bus
|
<=10.1.0.3 | ||
|
IBM MQ 9.3 LTS
IBM / MQ
|
cpe:/a:ibm:mq:9.3_lts
|
9.3 LTS | |
|
IBM FlashSystem
IBM
|
cpe:/a:ibm:flashsystem:-
|
— | |
|
IBM Power Hardware Management Console V10
IBM / Power Hardware Management Console
|
cpe:/a:ibm:hardware_management_console:v10
|
V10 | |
|
IBM MQ Operator v2.4.8
IBM / MQ
|
cpe:/a:ibm:mq:operator_v2.4.8
|
Operator v2.4.8 | |
|
IBM App Connect Enterprise <=12.0.11.3
IBM / App Connect Enterprise
|
<=12.0.11.3 | ||
|
IBM MQ 9.3 CD
IBM / MQ
|
cpe:/a:ibm:mq:9.3_cd
|
9.3 CD | |
|
IBM MQ Operator v3.1.0 CD
IBM / MQ
|
cpe:/a:ibm:mq:operator_v3.1.0__cd
|
Operator v3.1.0 CD | |
|
IBM SAN Volume Controller
IBM
|
cpe:/a:ibm:san_volume_controller:-
|
— | |
|
IBM MQ Operator v2.0.19 LTS
IBM / MQ
|
cpe:/a:ibm:mq:operator_v2.0.19_lts
|
Operator v2.0.19 LTS | |
|
IBM QRadar SIEM <7.5.0 UP8
IBM / QRadar SIEM
|
<7.5.0 UP8 | ||
|
IBM DataPower Gateway <10.5.0.15
IBM / DataPower Gateway
|
<10.5.0.15 | ||
|
IBM DataPower Gateway <10.6.0.3
IBM / DataPower Gateway
|
<10.6.0.3 | ||
|
IBM MQ 9.0 LTS
IBM / MQ
|
cpe:/a:ibm:mq:9.0_lts
|
9.0 LTS | |
|
IBM App Connect Enterprise
IBM / App Connect Enterprise
|
cpe:/a:ibm:app_connect_enterprise:-
|
— | |
|
IBM DataPower Gateway <10.6.2
IBM / DataPower Gateway
|
<10.6.2 | ||
|
IBM Storwize
IBM
|
cpe:/a:ibm:storwize:-
|
— | |
|
IBM Storage Scale
IBM
|
cpe:/a:ibm:spectrum_scale:-
|
— | |
|
IBM Business Automation Workflow
IBM
|
cpe:/a:ibm:business_automation_workflow:-
|
— | |
|
IBM DB2
IBM
|
cpe:/a:ibm:db2:-
|
— |
In IBM MQ existieren mehrere Schwachstellen. Diese bestehen in verschiedenen Komponenten, unter anderem "Eclipse", "libqb", "BasiliX", "Libxml2" oder "JavaSE". Ein entfernter, anonymer Angreifer kann diese Schwachstelle ausnutzen, um beliebigen Programmcode auszuführen, Informationen offenzulegen oder einen Denial of Service Zustand herbeizuführen.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
IBM DataPower Gateway <10.5.4
IBM / DataPower Gateway
|
<10.5.4 | ||
|
IBM DataPower Gateway <10.5.0.10
IBM / DataPower Gateway
|
<10.5.0.10 | ||
|
IBM MQ 9.1 LTS
IBM / MQ
|
cpe:/a:ibm:mq:9.1_lts
|
9.1 LTS | |
|
IBM App Connect Enterprise <=11.0.0.25
IBM / App Connect Enterprise
|
<=11.0.0.25 | ||
|
IBM DataPower Gateway <10.0.1.18
IBM / DataPower Gateway
|
<10.0.1.18 | ||
|
IBM MQ 9.2 LTS
IBM / MQ
|
cpe:/a:ibm:mq:9.2_lts
|
9.2 LTS | |
|
IBM Integration Bus <=10.1.0.3
IBM / Integration Bus
|
<=10.1.0.3 | ||
|
IBM MQ 9.3 LTS
IBM / MQ
|
cpe:/a:ibm:mq:9.3_lts
|
9.3 LTS | |
|
IBM FlashSystem
IBM
|
cpe:/a:ibm:flashsystem:-
|
— | |
|
IBM Power Hardware Management Console V10
IBM / Power Hardware Management Console
|
cpe:/a:ibm:hardware_management_console:v10
|
V10 | |
|
IBM MQ Operator v2.4.8
IBM / MQ
|
cpe:/a:ibm:mq:operator_v2.4.8
|
Operator v2.4.8 | |
|
IBM App Connect Enterprise <=12.0.11.3
IBM / App Connect Enterprise
|
<=12.0.11.3 | ||
|
IBM MQ 9.3 CD
IBM / MQ
|
cpe:/a:ibm:mq:9.3_cd
|
9.3 CD | |
|
IBM MQ Operator v3.1.0 CD
IBM / MQ
|
cpe:/a:ibm:mq:operator_v3.1.0__cd
|
Operator v3.1.0 CD | |
|
IBM SAN Volume Controller
IBM
|
cpe:/a:ibm:san_volume_controller:-
|
— | |
|
IBM MQ Operator v2.0.19 LTS
IBM / MQ
|
cpe:/a:ibm:mq:operator_v2.0.19_lts
|
Operator v2.0.19 LTS | |
|
IBM QRadar SIEM <7.5.0 UP8
IBM / QRadar SIEM
|
<7.5.0 UP8 | ||
|
IBM DataPower Gateway <10.5.0.15
IBM / DataPower Gateway
|
<10.5.0.15 | ||
|
IBM DataPower Gateway <10.6.0.3
IBM / DataPower Gateway
|
<10.6.0.3 | ||
|
IBM MQ 9.0 LTS
IBM / MQ
|
cpe:/a:ibm:mq:9.0_lts
|
9.0 LTS | |
|
IBM App Connect Enterprise
IBM / App Connect Enterprise
|
cpe:/a:ibm:app_connect_enterprise:-
|
— | |
|
IBM DataPower Gateway <10.6.2
IBM / DataPower Gateway
|
<10.6.2 | ||
|
IBM Storwize
IBM
|
cpe:/a:ibm:storwize:-
|
— | |
|
IBM Storage Scale
IBM
|
cpe:/a:ibm:spectrum_scale:-
|
— | |
|
IBM Business Automation Workflow
IBM
|
cpe:/a:ibm:business_automation_workflow:-
|
— | |
|
IBM DB2
IBM
|
cpe:/a:ibm:db2:-
|
— |
In IBM MQ existieren mehrere Schwachstellen. Diese bestehen in der Kernkomponente von MQ und sind auf Fehler im Bezug auf Buffer, Absicherung von Passwörtern und Open Redirects zurückzuführen. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um einen Denial of Service Zustand herbeizuführen oder Informationen offenzulegen.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
IBM App Connect Enterprise <=12.0.11.3
IBM / App Connect Enterprise
|
<=12.0.11.3 | ||
|
IBM DataPower Gateway <10.5.4
IBM / DataPower Gateway
|
<10.5.4 | ||
|
IBM MQ 9.3 CD
IBM / MQ
|
cpe:/a:ibm:mq:9.3_cd
|
9.3 CD | |
|
IBM SAN Volume Controller
IBM
|
cpe:/a:ibm:san_volume_controller:-
|
— | |
|
IBM DataPower Gateway <10.5.0.10
IBM / DataPower Gateway
|
<10.5.0.10 | ||
|
IBM MQ 9.1 LTS
IBM / MQ
|
cpe:/a:ibm:mq:9.1_lts
|
9.1 LTS | |
|
IBM App Connect Enterprise <=11.0.0.25
IBM / App Connect Enterprise
|
<=11.0.0.25 | ||
|
IBM DataPower Gateway <10.0.1.18
IBM / DataPower Gateway
|
<10.0.1.18 | ||
|
IBM QRadar SIEM <7.5.0 UP8
IBM / QRadar SIEM
|
<7.5.0 UP8 | ||
|
IBM DataPower Gateway <10.5.0.15
IBM / DataPower Gateway
|
<10.5.0.15 | ||
|
IBM MQ 9.2 LTS
IBM / MQ
|
cpe:/a:ibm:mq:9.2_lts
|
9.2 LTS | |
|
IBM Integration Bus <=10.1.0.3
IBM / Integration Bus
|
<=10.1.0.3 | ||
|
IBM DataPower Gateway <10.6.0.3
IBM / DataPower Gateway
|
<10.6.0.3 | ||
|
IBM MQ 9.0 LTS
IBM / MQ
|
cpe:/a:ibm:mq:9.0_lts
|
9.0 LTS | |
|
IBM App Connect Enterprise
IBM / App Connect Enterprise
|
cpe:/a:ibm:app_connect_enterprise:-
|
— | |
|
IBM DataPower Gateway <10.6.2
IBM / DataPower Gateway
|
<10.6.2 | ||
|
IBM Storwize
IBM
|
cpe:/a:ibm:storwize:-
|
— | |
|
IBM Storage Scale
IBM
|
cpe:/a:ibm:spectrum_scale:-
|
— | |
|
IBM MQ 9.3 LTS
IBM / MQ
|
cpe:/a:ibm:mq:9.3_lts
|
9.3 LTS | |
|
IBM Business Automation Workflow
IBM
|
cpe:/a:ibm:business_automation_workflow:-
|
— | |
|
IBM DB2
IBM
|
cpe:/a:ibm:db2:-
|
— | |
|
IBM FlashSystem
IBM
|
cpe:/a:ibm:flashsystem:-
|
— | |
|
IBM Power Hardware Management Console V10
IBM / Power Hardware Management Console
|
cpe:/a:ibm:hardware_management_console:v10
|
V10 |
In IBM MQ existieren mehrere Schwachstellen. Diese bestehen in der Kernkomponente von MQ und sind auf Fehler im Bezug auf Buffer, Absicherung von Passwörtern und Open Redirects zurückzuführen. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um einen Denial of Service Zustand herbeizuführen oder Informationen offenzulegen.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
IBM App Connect Enterprise <=12.0.11.3
IBM / App Connect Enterprise
|
<=12.0.11.3 | ||
|
IBM DataPower Gateway <10.5.4
IBM / DataPower Gateway
|
<10.5.4 | ||
|
IBM MQ 9.3 CD
IBM / MQ
|
cpe:/a:ibm:mq:9.3_cd
|
9.3 CD | |
|
IBM SAN Volume Controller
IBM
|
cpe:/a:ibm:san_volume_controller:-
|
— | |
|
IBM DataPower Gateway <10.5.0.10
IBM / DataPower Gateway
|
<10.5.0.10 | ||
|
IBM MQ 9.1 LTS
IBM / MQ
|
cpe:/a:ibm:mq:9.1_lts
|
9.1 LTS | |
|
IBM App Connect Enterprise <=11.0.0.25
IBM / App Connect Enterprise
|
<=11.0.0.25 | ||
|
IBM DataPower Gateway <10.0.1.18
IBM / DataPower Gateway
|
<10.0.1.18 | ||
|
IBM QRadar SIEM <7.5.0 UP8
IBM / QRadar SIEM
|
<7.5.0 UP8 | ||
|
IBM DataPower Gateway <10.5.0.15
IBM / DataPower Gateway
|
<10.5.0.15 | ||
|
IBM MQ 9.2 LTS
IBM / MQ
|
cpe:/a:ibm:mq:9.2_lts
|
9.2 LTS | |
|
IBM Integration Bus <=10.1.0.3
IBM / Integration Bus
|
<=10.1.0.3 | ||
|
IBM DataPower Gateway <10.6.0.3
IBM / DataPower Gateway
|
<10.6.0.3 | ||
|
IBM MQ 9.0 LTS
IBM / MQ
|
cpe:/a:ibm:mq:9.0_lts
|
9.0 LTS | |
|
IBM App Connect Enterprise
IBM / App Connect Enterprise
|
cpe:/a:ibm:app_connect_enterprise:-
|
— | |
|
IBM DataPower Gateway <10.6.2
IBM / DataPower Gateway
|
<10.6.2 | ||
|
IBM Storwize
IBM
|
cpe:/a:ibm:storwize:-
|
— | |
|
IBM Storage Scale
IBM
|
cpe:/a:ibm:spectrum_scale:-
|
— | |
|
IBM MQ 9.3 LTS
IBM / MQ
|
cpe:/a:ibm:mq:9.3_lts
|
9.3 LTS | |
|
IBM Business Automation Workflow
IBM
|
cpe:/a:ibm:business_automation_workflow:-
|
— | |
|
IBM DB2
IBM
|
cpe:/a:ibm:db2:-
|
— | |
|
IBM FlashSystem
IBM
|
cpe:/a:ibm:flashsystem:-
|
— | |
|
IBM Power Hardware Management Console V10
IBM / Power Hardware Management Console
|
cpe:/a:ibm:hardware_management_console:v10
|
V10 |
In IBM MQ existieren mehrere Schwachstellen. Diese bestehen in der Kernkomponente von MQ und sind auf Fehler im Bezug auf Buffer, Absicherung von Passwörtern und Open Redirects zurückzuführen. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um einen Denial of Service Zustand herbeizuführen oder Informationen offenzulegen.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
IBM App Connect Enterprise <=12.0.11.3
IBM / App Connect Enterprise
|
<=12.0.11.3 | ||
|
IBM DataPower Gateway <10.5.4
IBM / DataPower Gateway
|
<10.5.4 | ||
|
IBM MQ 9.3 CD
IBM / MQ
|
cpe:/a:ibm:mq:9.3_cd
|
9.3 CD | |
|
IBM SAN Volume Controller
IBM
|
cpe:/a:ibm:san_volume_controller:-
|
— | |
|
IBM DataPower Gateway <10.5.0.10
IBM / DataPower Gateway
|
<10.5.0.10 | ||
|
IBM MQ 9.1 LTS
IBM / MQ
|
cpe:/a:ibm:mq:9.1_lts
|
9.1 LTS | |
|
IBM App Connect Enterprise <=11.0.0.25
IBM / App Connect Enterprise
|
<=11.0.0.25 | ||
|
IBM DataPower Gateway <10.0.1.18
IBM / DataPower Gateway
|
<10.0.1.18 | ||
|
IBM QRadar SIEM <7.5.0 UP8
IBM / QRadar SIEM
|
<7.5.0 UP8 | ||
|
IBM DataPower Gateway <10.5.0.15
IBM / DataPower Gateway
|
<10.5.0.15 | ||
|
IBM MQ 9.2 LTS
IBM / MQ
|
cpe:/a:ibm:mq:9.2_lts
|
9.2 LTS | |
|
IBM Integration Bus <=10.1.0.3
IBM / Integration Bus
|
<=10.1.0.3 | ||
|
IBM DataPower Gateway <10.6.0.3
IBM / DataPower Gateway
|
<10.6.0.3 | ||
|
IBM MQ 9.0 LTS
IBM / MQ
|
cpe:/a:ibm:mq:9.0_lts
|
9.0 LTS | |
|
IBM App Connect Enterprise
IBM / App Connect Enterprise
|
cpe:/a:ibm:app_connect_enterprise:-
|
— | |
|
IBM DataPower Gateway <10.6.2
IBM / DataPower Gateway
|
<10.6.2 | ||
|
IBM Storwize
IBM
|
cpe:/a:ibm:storwize:-
|
— | |
|
IBM Storage Scale
IBM
|
cpe:/a:ibm:spectrum_scale:-
|
— | |
|
IBM MQ 9.3 LTS
IBM / MQ
|
cpe:/a:ibm:mq:9.3_lts
|
9.3 LTS | |
|
IBM Business Automation Workflow
IBM
|
cpe:/a:ibm:business_automation_workflow:-
|
— | |
|
IBM DB2
IBM
|
cpe:/a:ibm:db2:-
|
— | |
|
IBM FlashSystem
IBM
|
cpe:/a:ibm:flashsystem:-
|
— | |
|
IBM Power Hardware Management Console V10
IBM / Power Hardware Management Console
|
cpe:/a:ibm:hardware_management_console:v10
|
V10 |
{
"document": {
"aggregate_severity": {
"text": "hoch"
},
"category": "csaf_base",
"csaf_version": "2.0",
"distribution": {
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "de-DE",
"notes": [
{
"category": "legal_disclaimer",
"text": "Das BSI ist als Anbieter f\u00fcr die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch daf\u00fcr verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgf\u00e4ltig im Einzelfall zu pr\u00fcfen."
},
{
"category": "description",
"text": "IBM MQ ist eine Message Oriented Middleware von IBM.",
"title": "Produktbeschreibung"
},
{
"category": "summary",
"text": "Ein entfernter, anonymer Angreifer kann mehrere Schwachstellen in IBM MQ ausnutzen, um beliebigen Programmcode auszuf\u00fchren, Informationen offenzulegen oder einen Denial of Service Zustand herbeizuf\u00fchren.",
"title": "Angriff"
},
{
"category": "general",
"text": "- Sonstiges",
"title": "Betroffene Betriebssysteme"
}
],
"publisher": {
"category": "other",
"contact_details": "csaf-provider@cert-bund.de",
"name": "Bundesamt f\u00fcr Sicherheit in der Informationstechnik",
"namespace": "https://www.bsi.bund.de"
},
"references": [
{
"category": "self",
"summary": "WID-SEC-W-2024-0521 - CSAF Version",
"url": "https://wid.cert-bund.de/.well-known/csaf/white/2024/wid-sec-w-2024-0521.json"
},
{
"category": "self",
"summary": "WID-SEC-2024-0521 - Portal Version",
"url": "https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2024-0521"
},
{
"category": "external",
"summary": "IBM Security Bulletin 7123135 vom 2024-02-29",
"url": "https://www.ibm.com/support/pages/node/7123135"
},
{
"category": "external",
"summary": "IBM Security Bulletin 7123136 vom 2024-02-29",
"url": "https://www.ibm.com/support/pages/node/7123136"
},
{
"category": "external",
"summary": "IBM Security Bulletin 7123137 vom 2024-02-29",
"url": "https://www.ibm.com/support/pages/node/7123137"
},
{
"category": "external",
"summary": "IBM Security Bulletin 7123138 vom 2024-02-29",
"url": "https://www.ibm.com/support/pages/node/7123138"
},
{
"category": "external",
"summary": "IBM Security Bulletin 7123139 vom 2024-02-29",
"url": "https://www.ibm.com/support/pages/node/7123139"
},
{
"category": "external",
"summary": "IBM Security Bulletin 7126571 vom 2024-02-29",
"url": "https://www.ibm.com/support/pages/node/7126571"
},
{
"category": "external",
"summary": "IBM Security Bulletin 7129251 vom 2024-03-01",
"url": "https://www.ibm.com/support/pages/node/7129251"
},
{
"category": "external",
"summary": "IBM Security Bulletin 7137570 vom 2024-03-12",
"url": "https://www.ibm.com/support/pages/node/7137570"
},
{
"category": "external",
"summary": "IBM Security Bulletin 7138007 vom 2024-03-12",
"url": "https://www.ibm.com/support/pages/node/7138007"
},
{
"category": "external",
"summary": "IBM Security Bulletin 7145367 vom 2024-03-27",
"url": "https://www.ibm.com/support/pages/node/7145367"
},
{
"category": "external",
"summary": "IBM Security Bulletin 7145780 vom 2024-04-03",
"url": "https://www.ibm.com/support/pages/node/7145780"
},
{
"category": "external",
"summary": "IBM Security Bulletin 7146478 vom 2024-04-04",
"url": "https://www.ibm.com/support/pages/node/7146478"
},
{
"category": "external",
"summary": "IBM Security Bulletin 7114770 vom 2024-05-01",
"url": "https://www.ibm.com/support/pages/node/7114770"
},
{
"category": "external",
"summary": "IBM Security Bulletin 7150144 vom 2024-05-03",
"url": "https://www.ibm.com/support/pages/node/7150144"
},
{
"category": "external",
"summary": "IBM Security Bulletin 7150158 vom 2024-05-03",
"url": "https://www.ibm.com/support/pages/node/7150158"
},
{
"category": "external",
"summary": "IBM Security Bulletin 7162189 vom 2024-08-01",
"url": "https://www.ibm.com/support/pages/node/7162189"
},
{
"category": "external",
"summary": "IBM Security Bulletin 7178670 vom 2024-12-13",
"url": "https://www.ibm.com/support/pages/node/7178670"
}
],
"source_lang": "en-US",
"title": "IBM MQ: Mehrere Schwachstellen",
"tracking": {
"current_release_date": "2024-12-15T23:00:00.000+00:00",
"generator": {
"date": "2024-12-16T09:17:31.864+00:00",
"engine": {
"name": "BSI-WID",
"version": "1.3.10"
}
},
"id": "WID-SEC-W-2024-0521",
"initial_release_date": "2024-02-29T23:00:00.000+00:00",
"revision_history": [
{
"date": "2024-02-29T23:00:00.000+00:00",
"number": "1",
"summary": "Initiale Fassung"
},
{
"date": "2024-03-03T23:00:00.000+00:00",
"number": "2",
"summary": "Neue Updates von IBM aufgenommen"
},
{
"date": "2024-03-04T23:00:00.000+00:00",
"number": "3",
"summary": "CVE-Zuordnung korrigiert"
},
{
"date": "2024-03-11T23:00:00.000+00:00",
"number": "4",
"summary": "Neue Updates von IBM aufgenommen"
},
{
"date": "2024-03-12T23:00:00.000+00:00",
"number": "5",
"summary": "Neue Updates von IBM aufgenommen"
},
{
"date": "2024-03-27T23:00:00.000+00:00",
"number": "6",
"summary": "Neue Updates von IBM aufgenommen"
},
{
"date": "2024-04-02T22:00:00.000+00:00",
"number": "7",
"summary": "Neue Updates von IBM und IBM-APAR aufgenommen"
},
{
"date": "2024-04-04T22:00:00.000+00:00",
"number": "8",
"summary": "Neue Updates von IBM aufgenommen"
},
{
"date": "2024-05-01T22:00:00.000+00:00",
"number": "9",
"summary": "Neue Updates von IBM aufgenommen"
},
{
"date": "2024-05-02T22:00:00.000+00:00",
"number": "10",
"summary": "Neue Updates von IBM aufgenommen"
},
{
"date": "2024-05-05T22:00:00.000+00:00",
"number": "11",
"summary": "Neue Updates von IBM aufgenommen"
},
{
"date": "2024-08-01T22:00:00.000+00:00",
"number": "12",
"summary": "Neue Updates von IBM aufgenommen"
},
{
"date": "2024-12-15T23:00:00.000+00:00",
"number": "13",
"summary": "Neue Updates von IBM aufgenommen"
}
],
"status": "final",
"version": "13"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "IBM App Connect Enterprise",
"product": {
"name": "IBM App Connect Enterprise",
"product_id": "T032495",
"product_identification_helper": {
"cpe": "cpe:/a:ibm:app_connect_enterprise:-"
}
}
},
{
"category": "product_version_range",
"name": "\u003c=11.0.0.25",
"product": {
"name": "IBM App Connect Enterprise \u003c=11.0.0.25",
"product_id": "T033537"
}
},
{
"category": "product_version_range",
"name": "\u003c=11.0.0.25",
"product": {
"name": "IBM App Connect Enterprise \u003c=11.0.0.25",
"product_id": "T033537-fixed"
}
},
{
"category": "product_version_range",
"name": "\u003c=12.0.11.3",
"product": {
"name": "IBM App Connect Enterprise \u003c=12.0.11.3",
"product_id": "T033842"
}
},
{
"category": "product_version_range",
"name": "\u003c=12.0.11.3",
"product": {
"name": "IBM App Connect Enterprise \u003c=12.0.11.3",
"product_id": "T033842-fixed"
}
}
],
"category": "product_name",
"name": "App Connect Enterprise"
},
{
"category": "product_name",
"name": "IBM Business Automation Workflow",
"product": {
"name": "IBM Business Automation Workflow",
"product_id": "T019704",
"product_identification_helper": {
"cpe": "cpe:/a:ibm:business_automation_workflow:-"
}
}
},
{
"category": "product_name",
"name": "IBM DB2",
"product": {
"name": "IBM DB2",
"product_id": "5104",
"product_identification_helper": {
"cpe": "cpe:/a:ibm:db2:-"
}
}
},
{
"branches": [
{
"category": "product_version_range",
"name": "\u003c10.5.4",
"product": {
"name": "IBM DataPower Gateway \u003c10.5.4",
"product_id": "T033810"
}
},
{
"category": "product_version",
"name": "10.5.4",
"product": {
"name": "IBM DataPower Gateway 10.5.4",
"product_id": "T033810-fixed",
"product_identification_helper": {
"cpe": "cpe:/a:ibm:datapower_gateway:10.5.4"
}
}
},
{
"category": "product_version_range",
"name": "\u003c10.5.0.10",
"product": {
"name": "IBM DataPower Gateway \u003c10.5.0.10",
"product_id": "T033811"
}
},
{
"category": "product_version",
"name": "10.5.0.10",
"product": {
"name": "IBM DataPower Gateway 10.5.0.10",
"product_id": "T033811-fixed",
"product_identification_helper": {
"cpe": "cpe:/a:ibm:datapower_gateway:10.5.0.10"
}
}
},
{
"category": "product_version_range",
"name": "\u003c10.0.1.18",
"product": {
"name": "IBM DataPower Gateway \u003c10.0.1.18",
"product_id": "T033812"
}
},
{
"category": "product_version",
"name": "10.0.1.18",
"product": {
"name": "IBM DataPower Gateway 10.0.1.18",
"product_id": "T033812-fixed",
"product_identification_helper": {
"cpe": "cpe:/a:ibm:datapower_gateway:10.0.1.18"
}
}
},
{
"category": "product_version_range",
"name": "\u003c10.6.2",
"product": {
"name": "IBM DataPower Gateway \u003c10.6.2",
"product_id": "T039840"
}
},
{
"category": "product_version",
"name": "10.6.2",
"product": {
"name": "IBM DataPower Gateway 10.6.2",
"product_id": "T039840-fixed",
"product_identification_helper": {
"cpe": "cpe:/a:ibm:datapower_gateway:10.6.2"
}
}
},
{
"category": "product_version_range",
"name": "\u003c10.6.0.3",
"product": {
"name": "IBM DataPower Gateway \u003c10.6.0.3",
"product_id": "T039841"
}
},
{
"category": "product_version",
"name": "10.6.0.3",
"product": {
"name": "IBM DataPower Gateway 10.6.0.3",
"product_id": "T039841-fixed",
"product_identification_helper": {
"cpe": "cpe:/a:ibm:datapower_gateway:10.6.0.3"
}
}
},
{
"category": "product_version_range",
"name": "\u003c10.5.0.15",
"product": {
"name": "IBM DataPower Gateway \u003c10.5.0.15",
"product_id": "T039842"
}
},
{
"category": "product_version",
"name": "10.5.0.15",
"product": {
"name": "IBM DataPower Gateway 10.5.0.15",
"product_id": "T039842-fixed",
"product_identification_helper": {
"cpe": "cpe:/a:ibm:datapower_gateway:10.5.0.15"
}
}
}
],
"category": "product_name",
"name": "DataPower Gateway"
},
{
"category": "product_name",
"name": "IBM FlashSystem",
"product": {
"name": "IBM FlashSystem",
"product_id": "T025159",
"product_identification_helper": {
"cpe": "cpe:/a:ibm:flashsystem:-"
}
}
},
{
"branches": [
{
"category": "product_version_range",
"name": "\u003c=10.1.0.3",
"product": {
"name": "IBM Integration Bus \u003c=10.1.0.3",
"product_id": "T033332"
}
},
{
"category": "product_version_range",
"name": "\u003c=10.1.0.3",
"product": {
"name": "IBM Integration Bus \u003c=10.1.0.3",
"product_id": "T033332-fixed"
}
}
],
"category": "product_name",
"name": "Integration Bus"
},
{
"branches": [
{
"category": "product_version",
"name": "9.1 LTS",
"product": {
"name": "IBM MQ 9.1 LTS",
"product_id": "T015789",
"product_identification_helper": {
"cpe": "cpe:/a:ibm:mq:9.1_lts"
}
}
},
{
"category": "product_version",
"name": "9.0 LTS",
"product": {
"name": "IBM MQ 9.0 LTS",
"product_id": "T015792",
"product_identification_helper": {
"cpe": "cpe:/a:ibm:mq:9.0_lts"
}
}
},
{
"category": "product_version",
"name": "9.2 LTS",
"product": {
"name": "IBM MQ 9.2 LTS",
"product_id": "T018186",
"product_identification_helper": {
"cpe": "cpe:/a:ibm:mq:9.2_lts"
}
}
},
{
"category": "product_version",
"name": "9.3 LTS",
"product": {
"name": "IBM MQ 9.3 LTS",
"product_id": "T024689",
"product_identification_helper": {
"cpe": "cpe:/a:ibm:mq:9.3_lts"
}
}
},
{
"category": "product_version",
"name": "9.3 CD",
"product": {
"name": "IBM MQ 9.3 CD",
"product_id": "T024690",
"product_identification_helper": {
"cpe": "cpe:/a:ibm:mq:9.3_cd"
}
}
},
{
"category": "product_version",
"name": "Operator v3.1.0 CD",
"product": {
"name": "IBM MQ Operator v3.1.0 CD",
"product_id": "T033202",
"product_identification_helper": {
"cpe": "cpe:/a:ibm:mq:operator_v3.1.0__cd"
}
}
},
{
"category": "product_version",
"name": "Operator v2.0.19 LTS",
"product": {
"name": "IBM MQ Operator v2.0.19 LTS",
"product_id": "T033203",
"product_identification_helper": {
"cpe": "cpe:/a:ibm:mq:operator_v2.0.19_lts"
}
}
},
{
"category": "product_version",
"name": "Operator v2.4.8",
"product": {
"name": "IBM MQ Operator v2.4.8",
"product_id": "T033204",
"product_identification_helper": {
"cpe": "cpe:/a:ibm:mq:operator_v2.4.8"
}
}
}
],
"category": "product_name",
"name": "MQ"
},
{
"branches": [
{
"category": "product_version",
"name": "V10",
"product": {
"name": "IBM Power Hardware Management Console V10",
"product_id": "T023373",
"product_identification_helper": {
"cpe": "cpe:/a:ibm:hardware_management_console:v10"
}
}
}
],
"category": "product_name",
"name": "Power Hardware Management Console"
},
{
"branches": [
{
"category": "product_version_range",
"name": "\u003c7.5.0 UP8",
"product": {
"name": "IBM QRadar SIEM \u003c7.5.0 UP8",
"product_id": "T033681"
}
},
{
"category": "product_version",
"name": "7.5.0 UP8",
"product": {
"name": "IBM QRadar SIEM 7.5.0 UP8",
"product_id": "T033681-fixed",
"product_identification_helper": {
"cpe": "cpe:/a:ibm:qradar_siem:7.5.0_up8"
}
}
}
],
"category": "product_name",
"name": "QRadar SIEM"
},
{
"category": "product_name",
"name": "IBM SAN Volume Controller",
"product": {
"name": "IBM SAN Volume Controller",
"product_id": "T002782",
"product_identification_helper": {
"cpe": "cpe:/a:ibm:san_volume_controller:-"
}
}
},
{
"category": "product_name",
"name": "IBM Storage Scale",
"product": {
"name": "IBM Storage Scale",
"product_id": "T019402",
"product_identification_helper": {
"cpe": "cpe:/a:ibm:spectrum_scale:-"
}
}
},
{
"category": "product_name",
"name": "IBM Storwize",
"product": {
"name": "IBM Storwize",
"product_id": "T021621",
"product_identification_helper": {
"cpe": "cpe:/a:ibm:storwize:-"
}
}
}
],
"category": "vendor",
"name": "IBM"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2001-1550",
"notes": [
{
"category": "description",
"text": "In IBM MQ existieren mehrere Schwachstellen. Diese bestehen in verschiedenen Komponenten, unter anderem \"Eclipse\", \"libqb\", \"BasiliX\", \"Libxml2\" oder \"JavaSE\". Ein entfernter, anonymer Angreifer kann diese Schwachstelle ausnutzen, um beliebigen Programmcode auszuf\u00fchren, Informationen offenzulegen oder einen Denial of Service Zustand herbeizuf\u00fchren."
}
],
"product_status": {
"known_affected": [
"T033810",
"T033811",
"T015789",
"T033537",
"T033812",
"T018186",
"T033332",
"T024689",
"T025159",
"T023373",
"T033204",
"T033842",
"T024690",
"T033202",
"T002782",
"T033203",
"T033681",
"T039842",
"T039841",
"T015792",
"T032495",
"T039840",
"T021621",
"T019402",
"T019704",
"5104"
]
},
"release_date": "2024-02-29T23:00:00.000+00:00",
"title": "CVE-2001-1550"
},
{
"cve": "CVE-2002-1711",
"notes": [
{
"category": "description",
"text": "In IBM MQ existieren mehrere Schwachstellen. Diese bestehen in verschiedenen Komponenten, unter anderem \"Eclipse\", \"libqb\", \"BasiliX\", \"Libxml2\" oder \"JavaSE\". Ein entfernter, anonymer Angreifer kann diese Schwachstelle ausnutzen, um beliebigen Programmcode auszuf\u00fchren, Informationen offenzulegen oder einen Denial of Service Zustand herbeizuf\u00fchren."
}
],
"product_status": {
"known_affected": [
"T033810",
"T033811",
"T015789",
"T033537",
"T033812",
"T018186",
"T033332",
"T024689",
"T025159",
"T023373",
"T033204",
"T033842",
"T024690",
"T033202",
"T002782",
"T033203",
"T033681",
"T039842",
"T039841",
"T015792",
"T032495",
"T039840",
"T021621",
"T019402",
"T019704",
"5104"
]
},
"release_date": "2024-02-29T23:00:00.000+00:00",
"title": "CVE-2002-1711"
},
{
"cve": "CVE-2002-1713",
"notes": [
{
"category": "description",
"text": "In IBM MQ existieren mehrere Schwachstellen. Diese bestehen in verschiedenen Komponenten, unter anderem \"Eclipse\", \"libqb\", \"BasiliX\", \"Libxml2\" oder \"JavaSE\". Ein entfernter, anonymer Angreifer kann diese Schwachstelle ausnutzen, um beliebigen Programmcode auszuf\u00fchren, Informationen offenzulegen oder einen Denial of Service Zustand herbeizuf\u00fchren."
}
],
"product_status": {
"known_affected": [
"T033810",
"T033811",
"T015789",
"T033537",
"T033812",
"T018186",
"T033332",
"T024689",
"T025159",
"T023373",
"T033204",
"T033842",
"T024690",
"T033202",
"T002782",
"T033203",
"T033681",
"T039842",
"T039841",
"T015792",
"T032495",
"T039840",
"T021621",
"T019402",
"T019704",
"5104"
]
},
"release_date": "2024-02-29T23:00:00.000+00:00",
"title": "CVE-2002-1713"
},
{
"cve": "CVE-2005-1941",
"notes": [
{
"category": "description",
"text": "In IBM MQ existieren mehrere Schwachstellen. Diese bestehen in verschiedenen Komponenten, unter anderem \"Eclipse\", \"libqb\", \"BasiliX\", \"Libxml2\" oder \"JavaSE\". Ein entfernter, anonymer Angreifer kann diese Schwachstelle ausnutzen, um beliebigen Programmcode auszuf\u00fchren, Informationen offenzulegen oder einen Denial of Service Zustand herbeizuf\u00fchren."
}
],
"product_status": {
"known_affected": [
"T033810",
"T033811",
"T015789",
"T033537",
"T033812",
"T018186",
"T033332",
"T024689",
"T025159",
"T023373",
"T033204",
"T033842",
"T024690",
"T033202",
"T002782",
"T033203",
"T033681",
"T039842",
"T039841",
"T015792",
"T032495",
"T039840",
"T021621",
"T019402",
"T019704",
"5104"
]
},
"release_date": "2024-02-29T23:00:00.000+00:00",
"title": "CVE-2005-1941"
},
{
"cve": "CVE-2020-28241",
"notes": [
{
"category": "description",
"text": "In IBM MQ existieren mehrere Schwachstellen. Diese bestehen in verschiedenen Komponenten, unter anderem \"Eclipse\", \"libqb\", \"BasiliX\", \"Libxml2\" oder \"JavaSE\". Ein entfernter, anonymer Angreifer kann diese Schwachstelle ausnutzen, um beliebigen Programmcode auszuf\u00fchren, Informationen offenzulegen oder einen Denial of Service Zustand herbeizuf\u00fchren."
}
],
"product_status": {
"known_affected": [
"T033810",
"T033811",
"T015789",
"T033537",
"T033812",
"T018186",
"T033332",
"T024689",
"T025159",
"T023373",
"T033204",
"T033842",
"T024690",
"T033202",
"T002782",
"T033203",
"T033681",
"T039842",
"T039841",
"T015792",
"T032495",
"T039840",
"T021621",
"T019402",
"T019704",
"5104"
]
},
"release_date": "2024-02-29T23:00:00.000+00:00",
"title": "CVE-2020-28241"
},
{
"cve": "CVE-2022-48468",
"notes": [
{
"category": "description",
"text": "In IBM MQ existieren mehrere Schwachstellen. Diese bestehen in verschiedenen Komponenten, unter anderem \"Eclipse\", \"libqb\", \"BasiliX\", \"Libxml2\" oder \"JavaSE\". Ein entfernter, anonymer Angreifer kann diese Schwachstelle ausnutzen, um beliebigen Programmcode auszuf\u00fchren, Informationen offenzulegen oder einen Denial of Service Zustand herbeizuf\u00fchren."
}
],
"product_status": {
"known_affected": [
"T033810",
"T033811",
"T015789",
"T033537",
"T033812",
"T018186",
"T033332",
"T024689",
"T025159",
"T023373",
"T033204",
"T033842",
"T024690",
"T033202",
"T002782",
"T033203",
"T033681",
"T039842",
"T039841",
"T015792",
"T032495",
"T039840",
"T021621",
"T019402",
"T019704",
"5104"
]
},
"release_date": "2024-02-29T23:00:00.000+00:00",
"title": "CVE-2022-48468"
},
{
"cve": "CVE-2023-22081",
"notes": [
{
"category": "description",
"text": "In IBM MQ existieren mehrere Schwachstellen. Diese bestehen in verschiedenen Komponenten, unter anderem \"Eclipse\", \"libqb\", \"BasiliX\", \"Libxml2\" oder \"JavaSE\". Ein entfernter, anonymer Angreifer kann diese Schwachstelle ausnutzen, um beliebigen Programmcode auszuf\u00fchren, Informationen offenzulegen oder einen Denial of Service Zustand herbeizuf\u00fchren."
}
],
"product_status": {
"known_affected": [
"T033810",
"T033811",
"T015789",
"T033537",
"T033812",
"T018186",
"T033332",
"T024689",
"T025159",
"T023373",
"T033204",
"T033842",
"T024690",
"T033202",
"T002782",
"T033203",
"T033681",
"T039842",
"T039841",
"T015792",
"T032495",
"T039840",
"T021621",
"T019402",
"T019704",
"5104"
]
},
"release_date": "2024-02-29T23:00:00.000+00:00",
"title": "CVE-2023-22081"
},
{
"cve": "CVE-2023-39615",
"notes": [
{
"category": "description",
"text": "In IBM MQ existieren mehrere Schwachstellen. Diese bestehen in verschiedenen Komponenten, unter anderem \"Eclipse\", \"libqb\", \"BasiliX\", \"Libxml2\" oder \"JavaSE\". Ein entfernter, anonymer Angreifer kann diese Schwachstelle ausnutzen, um beliebigen Programmcode auszuf\u00fchren, Informationen offenzulegen oder einen Denial of Service Zustand herbeizuf\u00fchren."
}
],
"product_status": {
"known_affected": [
"T033810",
"T033811",
"T015789",
"T033537",
"T033812",
"T018186",
"T033332",
"T024689",
"T025159",
"T023373",
"T033204",
"T033842",
"T024690",
"T033202",
"T002782",
"T033203",
"T033681",
"T039842",
"T039841",
"T015792",
"T032495",
"T039840",
"T021621",
"T019402",
"T019704",
"5104"
]
},
"release_date": "2024-02-29T23:00:00.000+00:00",
"title": "CVE-2023-39615"
},
{
"cve": "CVE-2023-39976",
"notes": [
{
"category": "description",
"text": "In IBM MQ existieren mehrere Schwachstellen. Diese bestehen in verschiedenen Komponenten, unter anderem \"Eclipse\", \"libqb\", \"BasiliX\", \"Libxml2\" oder \"JavaSE\". Ein entfernter, anonymer Angreifer kann diese Schwachstelle ausnutzen, um beliebigen Programmcode auszuf\u00fchren, Informationen offenzulegen oder einen Denial of Service Zustand herbeizuf\u00fchren."
}
],
"product_status": {
"known_affected": [
"T033810",
"T033811",
"T015789",
"T033537",
"T033812",
"T018186",
"T033332",
"T024689",
"T025159",
"T023373",
"T033204",
"T033842",
"T024690",
"T033202",
"T002782",
"T033203",
"T033681",
"T039842",
"T039841",
"T015792",
"T032495",
"T039840",
"T021621",
"T019402",
"T019704",
"5104"
]
},
"release_date": "2024-02-29T23:00:00.000+00:00",
"title": "CVE-2023-39976"
},
{
"cve": "CVE-2023-4218",
"notes": [
{
"category": "description",
"text": "In IBM MQ existieren mehrere Schwachstellen. Diese bestehen in verschiedenen Komponenten, unter anderem \"Eclipse\", \"libqb\", \"BasiliX\", \"Libxml2\" oder \"JavaSE\". Ein entfernter, anonymer Angreifer kann diese Schwachstelle ausnutzen, um beliebigen Programmcode auszuf\u00fchren, Informationen offenzulegen oder einen Denial of Service Zustand herbeizuf\u00fchren."
}
],
"product_status": {
"known_affected": [
"T033810",
"T033811",
"T015789",
"T033537",
"T033812",
"T018186",
"T033332",
"T024689",
"T025159",
"T023373",
"T033204",
"T033842",
"T024690",
"T033202",
"T002782",
"T033203",
"T033681",
"T039842",
"T039841",
"T015792",
"T032495",
"T039840",
"T021621",
"T019402",
"T019704",
"5104"
]
},
"release_date": "2024-02-29T23:00:00.000+00:00",
"title": "CVE-2023-4218"
},
{
"cve": "CVE-2023-44487",
"notes": [
{
"category": "description",
"text": "In IBM MQ existieren mehrere Schwachstellen. Diese bestehen in verschiedenen Komponenten, unter anderem \"Eclipse\", \"libqb\", \"BasiliX\", \"Libxml2\" oder \"JavaSE\". Ein entfernter, anonymer Angreifer kann diese Schwachstelle ausnutzen, um beliebigen Programmcode auszuf\u00fchren, Informationen offenzulegen oder einen Denial of Service Zustand herbeizuf\u00fchren."
}
],
"product_status": {
"known_affected": [
"T033810",
"T033811",
"T015789",
"T033537",
"T033812",
"T018186",
"T033332",
"T024689",
"T025159",
"T023373",
"T033204",
"T033842",
"T024690",
"T033202",
"T002782",
"T033203",
"T033681",
"T039842",
"T039841",
"T015792",
"T032495",
"T039840",
"T021621",
"T019402",
"T019704",
"5104"
]
},
"release_date": "2024-02-29T23:00:00.000+00:00",
"title": "CVE-2023-44487"
},
{
"cve": "CVE-2023-45287",
"notes": [
{
"category": "description",
"text": "In IBM MQ existieren mehrere Schwachstellen. Diese bestehen in verschiedenen Komponenten, unter anderem \"Eclipse\", \"libqb\", \"BasiliX\", \"Libxml2\" oder \"JavaSE\". Ein entfernter, anonymer Angreifer kann diese Schwachstelle ausnutzen, um beliebigen Programmcode auszuf\u00fchren, Informationen offenzulegen oder einen Denial of Service Zustand herbeizuf\u00fchren."
}
],
"product_status": {
"known_affected": [
"T033810",
"T033811",
"T015789",
"T033537",
"T033812",
"T018186",
"T033332",
"T024689",
"T025159",
"T023373",
"T033204",
"T033842",
"T024690",
"T033202",
"T002782",
"T033203",
"T033681",
"T039842",
"T039841",
"T015792",
"T032495",
"T039840",
"T021621",
"T019402",
"T019704",
"5104"
]
},
"release_date": "2024-02-29T23:00:00.000+00:00",
"title": "CVE-2023-45287"
},
{
"cve": "CVE-2023-49568",
"notes": [
{
"category": "description",
"text": "In IBM MQ existieren mehrere Schwachstellen. Diese bestehen in verschiedenen Komponenten, unter anderem \"Eclipse\", \"libqb\", \"BasiliX\", \"Libxml2\" oder \"JavaSE\". Ein entfernter, anonymer Angreifer kann diese Schwachstelle ausnutzen, um beliebigen Programmcode auszuf\u00fchren, Informationen offenzulegen oder einen Denial of Service Zustand herbeizuf\u00fchren."
}
],
"product_status": {
"known_affected": [
"T033810",
"T033811",
"T015789",
"T033537",
"T033812",
"T018186",
"T033332",
"T024689",
"T025159",
"T023373",
"T033204",
"T033842",
"T024690",
"T033202",
"T002782",
"T033203",
"T033681",
"T039842",
"T039841",
"T015792",
"T032495",
"T039840",
"T021621",
"T019402",
"T019704",
"5104"
]
},
"release_date": "2024-02-29T23:00:00.000+00:00",
"title": "CVE-2023-49568"
},
{
"cve": "CVE-2023-5072",
"notes": [
{
"category": "description",
"text": "In IBM MQ existieren mehrere Schwachstellen. Diese bestehen in verschiedenen Komponenten, unter anderem \"Eclipse\", \"libqb\", \"BasiliX\", \"Libxml2\" oder \"JavaSE\". Ein entfernter, anonymer Angreifer kann diese Schwachstelle ausnutzen, um beliebigen Programmcode auszuf\u00fchren, Informationen offenzulegen oder einen Denial of Service Zustand herbeizuf\u00fchren."
}
],
"product_status": {
"known_affected": [
"T033810",
"T033811",
"T015789",
"T033537",
"T033812",
"T018186",
"T033332",
"T024689",
"T025159",
"T023373",
"T033204",
"T033842",
"T024690",
"T033202",
"T002782",
"T033203",
"T033681",
"T039842",
"T039841",
"T015792",
"T032495",
"T039840",
"T021621",
"T019402",
"T019704",
"5104"
]
},
"release_date": "2024-02-29T23:00:00.000+00:00",
"title": "CVE-2023-5072"
},
{
"cve": "CVE-2023-5676",
"notes": [
{
"category": "description",
"text": "In IBM MQ existieren mehrere Schwachstellen. Diese bestehen in verschiedenen Komponenten, unter anderem \"Eclipse\", \"libqb\", \"BasiliX\", \"Libxml2\" oder \"JavaSE\". Ein entfernter, anonymer Angreifer kann diese Schwachstelle ausnutzen, um beliebigen Programmcode auszuf\u00fchren, Informationen offenzulegen oder einen Denial of Service Zustand herbeizuf\u00fchren."
}
],
"product_status": {
"known_affected": [
"T033810",
"T033811",
"T015789",
"T033537",
"T033812",
"T018186",
"T033332",
"T024689",
"T025159",
"T023373",
"T033204",
"T033842",
"T024690",
"T033202",
"T002782",
"T033203",
"T033681",
"T039842",
"T039841",
"T015792",
"T032495",
"T039840",
"T021621",
"T019402",
"T019704",
"5104"
]
},
"release_date": "2024-02-29T23:00:00.000+00:00",
"title": "CVE-2023-5676"
},
{
"cve": "CVE-2023-7104",
"notes": [
{
"category": "description",
"text": "In IBM MQ existieren mehrere Schwachstellen. Diese bestehen in verschiedenen Komponenten, unter anderem \"Eclipse\", \"libqb\", \"BasiliX\", \"Libxml2\" oder \"JavaSE\". Ein entfernter, anonymer Angreifer kann diese Schwachstelle ausnutzen, um beliebigen Programmcode auszuf\u00fchren, Informationen offenzulegen oder einen Denial of Service Zustand herbeizuf\u00fchren."
}
],
"product_status": {
"known_affected": [
"T033810",
"T033811",
"T015789",
"T033537",
"T033812",
"T018186",
"T033332",
"T024689",
"T025159",
"T023373",
"T033204",
"T033842",
"T024690",
"T033202",
"T002782",
"T033203",
"T033681",
"T039842",
"T039841",
"T015792",
"T032495",
"T039840",
"T021621",
"T019402",
"T019704",
"5104"
]
},
"release_date": "2024-02-29T23:00:00.000+00:00",
"title": "CVE-2023-7104"
},
{
"cve": "CVE-2024-0553",
"notes": [
{
"category": "description",
"text": "In IBM MQ existieren mehrere Schwachstellen. Diese bestehen in verschiedenen Komponenten, unter anderem \"Eclipse\", \"libqb\", \"BasiliX\", \"Libxml2\" oder \"JavaSE\". Ein entfernter, anonymer Angreifer kann diese Schwachstelle ausnutzen, um beliebigen Programmcode auszuf\u00fchren, Informationen offenzulegen oder einen Denial of Service Zustand herbeizuf\u00fchren."
}
],
"product_status": {
"known_affected": [
"T033810",
"T033811",
"T015789",
"T033537",
"T033812",
"T018186",
"T033332",
"T024689",
"T025159",
"T023373",
"T033204",
"T033842",
"T024690",
"T033202",
"T002782",
"T033203",
"T033681",
"T039842",
"T039841",
"T015792",
"T032495",
"T039840",
"T021621",
"T019402",
"T019704",
"5104"
]
},
"release_date": "2024-02-29T23:00:00.000+00:00",
"title": "CVE-2024-0553"
},
{
"cve": "CVE-2024-27255",
"notes": [
{
"category": "description",
"text": "In IBM MQ existieren mehrere Schwachstellen. Diese bestehen in verschiedenen Komponenten, unter anderem \"Eclipse\", \"libqb\", \"BasiliX\", \"Libxml2\" oder \"JavaSE\". Ein entfernter, anonymer Angreifer kann diese Schwachstelle ausnutzen, um beliebigen Programmcode auszuf\u00fchren, Informationen offenzulegen oder einen Denial of Service Zustand herbeizuf\u00fchren."
}
],
"product_status": {
"known_affected": [
"T033810",
"T033811",
"T015789",
"T033537",
"T033812",
"T018186",
"T033332",
"T024689",
"T025159",
"T023373",
"T033204",
"T033842",
"T024690",
"T033202",
"T002782",
"T033203",
"T033681",
"T039842",
"T039841",
"T015792",
"T032495",
"T039840",
"T021621",
"T019402",
"T019704",
"5104"
]
},
"release_date": "2024-02-29T23:00:00.000+00:00",
"title": "CVE-2024-27255"
},
{
"cve": "CVE-2023-26159",
"notes": [
{
"category": "description",
"text": "In IBM MQ existieren mehrere Schwachstellen. Diese bestehen in der Kernkomponente von MQ und sind auf Fehler im Bezug auf Buffer, Absicherung von Passw\u00f6rtern und Open Redirects zur\u00fcckzuf\u00fchren. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um einen Denial of Service Zustand herbeizuf\u00fchren oder Informationen offenzulegen."
}
],
"product_status": {
"known_affected": [
"T033842",
"T033810",
"T024690",
"T002782",
"T033811",
"T015789",
"T033537",
"T033812",
"T033681",
"T039842",
"T018186",
"T033332",
"T039841",
"T015792",
"T032495",
"T039840",
"T021621",
"T019402",
"T024689",
"T019704",
"5104",
"T025159",
"T023373"
]
},
"release_date": "2024-02-29T23:00:00.000+00:00",
"title": "CVE-2023-26159"
},
{
"cve": "CVE-2023-47745",
"notes": [
{
"category": "description",
"text": "In IBM MQ existieren mehrere Schwachstellen. Diese bestehen in der Kernkomponente von MQ und sind auf Fehler im Bezug auf Buffer, Absicherung von Passw\u00f6rtern und Open Redirects zur\u00fcckzuf\u00fchren. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um einen Denial of Service Zustand herbeizuf\u00fchren oder Informationen offenzulegen."
}
],
"product_status": {
"known_affected": [
"T033842",
"T033810",
"T024690",
"T002782",
"T033811",
"T015789",
"T033537",
"T033812",
"T033681",
"T039842",
"T018186",
"T033332",
"T039841",
"T015792",
"T032495",
"T039840",
"T021621",
"T019402",
"T024689",
"T019704",
"5104",
"T025159",
"T023373"
]
},
"release_date": "2024-02-29T23:00:00.000+00:00",
"title": "CVE-2023-47745"
},
{
"cve": "CVE-2024-25016",
"notes": [
{
"category": "description",
"text": "In IBM MQ existieren mehrere Schwachstellen. Diese bestehen in der Kernkomponente von MQ und sind auf Fehler im Bezug auf Buffer, Absicherung von Passw\u00f6rtern und Open Redirects zur\u00fcckzuf\u00fchren. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um einen Denial of Service Zustand herbeizuf\u00fchren oder Informationen offenzulegen."
}
],
"product_status": {
"known_affected": [
"T033842",
"T033810",
"T024690",
"T002782",
"T033811",
"T015789",
"T033537",
"T033812",
"T033681",
"T039842",
"T018186",
"T033332",
"T039841",
"T015792",
"T032495",
"T039840",
"T021621",
"T019402",
"T024689",
"T019704",
"5104",
"T025159",
"T023373"
]
},
"release_date": "2024-02-29T23:00:00.000+00:00",
"title": "CVE-2024-25016"
}
]
}
WID-SEC-W-2024-0597
Vulnerability from csaf_certbund - Published: 2024-03-11 23:00 - Updated: 2024-03-11 23:00Es bestehen mehrere Schwachstellen in SAP-Software. Diese Fehler bestehen in den Plugins und Komponenten, SAP Business Client, SAP Build Apps, SAP NetWeaver, SAP Commerce Cloud, SAP HANA XS Classic und HANA XS Advanced, SAP BusinessObjects Business Intelligence Platform, SAP Fiori Front End Server und SAP ABAP Platform, unter anderem aufgrund mehrerer sicherheitsrelevanter Probleme wie einer unzulässigen Authentifizierung, einer unzulässigen Zugriffskontrolle oder einer fehlenden Berechtigungsprüfung. Ein entfernter Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuführen, Sicherheitsmaßnahmen zu umgehen, einen Denial-of-Service-Zustand herbeizuführen, vertrauliche Informationen offenzulegen oder einen Cross-Site-Scripting (XSS)-Angriff durchzuführen. Einige dieser Schwachstellen erfordern eine Anmeldung oder Benutzerinteraktion, um erfolgreich ausgenutzt zu werden.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
SAP Software
SAP
|
cpe:/a:sap:sap:-
|
— |
Es bestehen mehrere Schwachstellen in SAP-Software. Diese Fehler bestehen in den Plugins und Komponenten, SAP Business Client, SAP Build Apps, SAP NetWeaver, SAP Commerce Cloud, SAP HANA XS Classic und HANA XS Advanced, SAP BusinessObjects Business Intelligence Platform, SAP Fiori Front End Server und SAP ABAP Platform, unter anderem aufgrund mehrerer sicherheitsrelevanter Probleme wie einer unzulässigen Authentifizierung, einer unzulässigen Zugriffskontrolle oder einer fehlenden Berechtigungsprüfung. Ein entfernter Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuführen, Sicherheitsmaßnahmen zu umgehen, einen Denial-of-Service-Zustand herbeizuführen, vertrauliche Informationen offenzulegen oder einen Cross-Site-Scripting (XSS)-Angriff durchzuführen. Einige dieser Schwachstellen erfordern eine Anmeldung oder Benutzerinteraktion, um erfolgreich ausgenutzt zu werden.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
SAP Software
SAP
|
cpe:/a:sap:sap:-
|
— |
Es bestehen mehrere Schwachstellen in SAP-Software. Diese Fehler bestehen in den Plugins und Komponenten, SAP Business Client, SAP Build Apps, SAP NetWeaver, SAP Commerce Cloud, SAP HANA XS Classic und HANA XS Advanced, SAP BusinessObjects Business Intelligence Platform, SAP Fiori Front End Server und SAP ABAP Platform, unter anderem aufgrund mehrerer sicherheitsrelevanter Probleme wie einer unzulässigen Authentifizierung, einer unzulässigen Zugriffskontrolle oder einer fehlenden Berechtigungsprüfung. Ein entfernter Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuführen, Sicherheitsmaßnahmen zu umgehen, einen Denial-of-Service-Zustand herbeizuführen, vertrauliche Informationen offenzulegen oder einen Cross-Site-Scripting (XSS)-Angriff durchzuführen. Einige dieser Schwachstellen erfordern eine Anmeldung oder Benutzerinteraktion, um erfolgreich ausgenutzt zu werden.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
SAP Software
SAP
|
cpe:/a:sap:sap:-
|
— |
Es bestehen mehrere Schwachstellen in SAP-Software. Diese Fehler bestehen in den Plugins und Komponenten, SAP Business Client, SAP Build Apps, SAP NetWeaver, SAP Commerce Cloud, SAP HANA XS Classic und HANA XS Advanced, SAP BusinessObjects Business Intelligence Platform, SAP Fiori Front End Server und SAP ABAP Platform, unter anderem aufgrund mehrerer sicherheitsrelevanter Probleme wie einer unzulässigen Authentifizierung, einer unzulässigen Zugriffskontrolle oder einer fehlenden Berechtigungsprüfung. Ein entfernter Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuführen, Sicherheitsmaßnahmen zu umgehen, einen Denial-of-Service-Zustand herbeizuführen, vertrauliche Informationen offenzulegen oder einen Cross-Site-Scripting (XSS)-Angriff durchzuführen. Einige dieser Schwachstellen erfordern eine Anmeldung oder Benutzerinteraktion, um erfolgreich ausgenutzt zu werden.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
SAP Software
SAP
|
cpe:/a:sap:sap:-
|
— |
Es bestehen mehrere Schwachstellen in SAP-Software. Diese Fehler bestehen in den Plugins und Komponenten, SAP Business Client, SAP Build Apps, SAP NetWeaver, SAP Commerce Cloud, SAP HANA XS Classic und HANA XS Advanced, SAP BusinessObjects Business Intelligence Platform, SAP Fiori Front End Server und SAP ABAP Platform, unter anderem aufgrund mehrerer sicherheitsrelevanter Probleme wie einer unzulässigen Authentifizierung, einer unzulässigen Zugriffskontrolle oder einer fehlenden Berechtigungsprüfung. Ein entfernter Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuführen, Sicherheitsmaßnahmen zu umgehen, einen Denial-of-Service-Zustand herbeizuführen, vertrauliche Informationen offenzulegen oder einen Cross-Site-Scripting (XSS)-Angriff durchzuführen. Einige dieser Schwachstellen erfordern eine Anmeldung oder Benutzerinteraktion, um erfolgreich ausgenutzt zu werden.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
SAP Software
SAP
|
cpe:/a:sap:sap:-
|
— |
Es bestehen mehrere Schwachstellen in SAP-Software. Diese Fehler bestehen in den Plugins und Komponenten, SAP Business Client, SAP Build Apps, SAP NetWeaver, SAP Commerce Cloud, SAP HANA XS Classic und HANA XS Advanced, SAP BusinessObjects Business Intelligence Platform, SAP Fiori Front End Server und SAP ABAP Platform, unter anderem aufgrund mehrerer sicherheitsrelevanter Probleme wie einer unzulässigen Authentifizierung, einer unzulässigen Zugriffskontrolle oder einer fehlenden Berechtigungsprüfung. Ein entfernter Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuführen, Sicherheitsmaßnahmen zu umgehen, einen Denial-of-Service-Zustand herbeizuführen, vertrauliche Informationen offenzulegen oder einen Cross-Site-Scripting (XSS)-Angriff durchzuführen. Einige dieser Schwachstellen erfordern eine Anmeldung oder Benutzerinteraktion, um erfolgreich ausgenutzt zu werden.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
SAP Software
SAP
|
cpe:/a:sap:sap:-
|
— |
Es bestehen mehrere Schwachstellen in SAP-Software. Diese Fehler bestehen in den Plugins und Komponenten, SAP Business Client, SAP Build Apps, SAP NetWeaver, SAP Commerce Cloud, SAP HANA XS Classic und HANA XS Advanced, SAP BusinessObjects Business Intelligence Platform, SAP Fiori Front End Server und SAP ABAP Platform, unter anderem aufgrund mehrerer sicherheitsrelevanter Probleme wie einer unzulässigen Authentifizierung, einer unzulässigen Zugriffskontrolle oder einer fehlenden Berechtigungsprüfung. Ein entfernter Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuführen, Sicherheitsmaßnahmen zu umgehen, einen Denial-of-Service-Zustand herbeizuführen, vertrauliche Informationen offenzulegen oder einen Cross-Site-Scripting (XSS)-Angriff durchzuführen. Einige dieser Schwachstellen erfordern eine Anmeldung oder Benutzerinteraktion, um erfolgreich ausgenutzt zu werden.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
SAP Software
SAP
|
cpe:/a:sap:sap:-
|
— |
Es bestehen mehrere Schwachstellen in SAP-Software. Diese Fehler bestehen in den Plugins und Komponenten, SAP Business Client, SAP Build Apps, SAP NetWeaver, SAP Commerce Cloud, SAP HANA XS Classic und HANA XS Advanced, SAP BusinessObjects Business Intelligence Platform, SAP Fiori Front End Server und SAP ABAP Platform, unter anderem aufgrund mehrerer sicherheitsrelevanter Probleme wie einer unzulässigen Authentifizierung, einer unzulässigen Zugriffskontrolle oder einer fehlenden Berechtigungsprüfung. Ein entfernter Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuführen, Sicherheitsmaßnahmen zu umgehen, einen Denial-of-Service-Zustand herbeizuführen, vertrauliche Informationen offenzulegen oder einen Cross-Site-Scripting (XSS)-Angriff durchzuführen. Einige dieser Schwachstellen erfordern eine Anmeldung oder Benutzerinteraktion, um erfolgreich ausgenutzt zu werden.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
SAP Software
SAP
|
cpe:/a:sap:sap:-
|
— |
Es bestehen mehrere Schwachstellen in SAP-Software. Diese Fehler bestehen in den Plugins und Komponenten, SAP Business Client, SAP Build Apps, SAP NetWeaver, SAP Commerce Cloud, SAP HANA XS Classic und HANA XS Advanced, SAP BusinessObjects Business Intelligence Platform, SAP Fiori Front End Server und SAP ABAP Platform, unter anderem aufgrund mehrerer sicherheitsrelevanter Probleme wie einer unzulässigen Authentifizierung, einer unzulässigen Zugriffskontrolle oder einer fehlenden Berechtigungsprüfung. Ein entfernter Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuführen, Sicherheitsmaßnahmen zu umgehen, einen Denial-of-Service-Zustand herbeizuführen, vertrauliche Informationen offenzulegen oder einen Cross-Site-Scripting (XSS)-Angriff durchzuführen. Einige dieser Schwachstellen erfordern eine Anmeldung oder Benutzerinteraktion, um erfolgreich ausgenutzt zu werden.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
SAP Software
SAP
|
cpe:/a:sap:sap:-
|
— |
Es bestehen mehrere Schwachstellen in SAP-Software. Diese Fehler bestehen in den Plugins und Komponenten, SAP Business Client, SAP Build Apps, SAP NetWeaver, SAP Commerce Cloud, SAP HANA XS Classic und HANA XS Advanced, SAP BusinessObjects Business Intelligence Platform, SAP Fiori Front End Server und SAP ABAP Platform, unter anderem aufgrund mehrerer sicherheitsrelevanter Probleme wie einer unzulässigen Authentifizierung, einer unzulässigen Zugriffskontrolle oder einer fehlenden Berechtigungsprüfung. Ein entfernter Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuführen, Sicherheitsmaßnahmen zu umgehen, einen Denial-of-Service-Zustand herbeizuführen, vertrauliche Informationen offenzulegen oder einen Cross-Site-Scripting (XSS)-Angriff durchzuführen. Einige dieser Schwachstellen erfordern eine Anmeldung oder Benutzerinteraktion, um erfolgreich ausgenutzt zu werden.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
SAP Software
SAP
|
cpe:/a:sap:sap:-
|
— |
Es bestehen mehrere Schwachstellen in SAP-Software. Diese Fehler bestehen in den Plugins und Komponenten, SAP Business Client, SAP Build Apps, SAP NetWeaver, SAP Commerce Cloud, SAP HANA XS Classic und HANA XS Advanced, SAP BusinessObjects Business Intelligence Platform, SAP Fiori Front End Server und SAP ABAP Platform, unter anderem aufgrund mehrerer sicherheitsrelevanter Probleme wie einer unzulässigen Authentifizierung, einer unzulässigen Zugriffskontrolle oder einer fehlenden Berechtigungsprüfung. Ein entfernter Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuführen, Sicherheitsmaßnahmen zu umgehen, einen Denial-of-Service-Zustand herbeizuführen, vertrauliche Informationen offenzulegen oder einen Cross-Site-Scripting (XSS)-Angriff durchzuführen. Einige dieser Schwachstellen erfordern eine Anmeldung oder Benutzerinteraktion, um erfolgreich ausgenutzt zu werden.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
SAP Software
SAP
|
cpe:/a:sap:sap:-
|
— |
{
"document": {
"aggregate_severity": {
"text": "hoch"
},
"category": "csaf_base",
"csaf_version": "2.0",
"distribution": {
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "de-DE",
"notes": [
{
"category": "legal_disclaimer",
"text": "Das BSI ist als Anbieter f\u00fcr die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch daf\u00fcr verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgf\u00e4ltig im Einzelfall zu pr\u00fcfen."
},
{
"category": "description",
"text": "SAP stellt unternehmensweite L\u00f6sungen f\u00fcr Gesch\u00e4ftsprozesse wie Buchf\u00fchrung, Vertrieb, Einkauf und Lagerhaltung zur Verf\u00fcgung.",
"title": "Produktbeschreibung"
},
{
"category": "summary",
"text": "Ein Angreifer kann mehrere Schwachstellen in der SAP-Software ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, einen Denial-of-Service-Zustand herbeizuf\u00fchren, vertrauliche Informationen offenzulegen oder Cross-Site-Scripting (XSS)-Angriffe durchzuf\u00fchren.",
"title": "Angriff"
},
{
"category": "general",
"text": "- Linux\n- Windows\n- Sonstiges",
"title": "Betroffene Betriebssysteme"
}
],
"publisher": {
"category": "other",
"contact_details": "csaf-provider@cert-bund.de",
"name": "Bundesamt f\u00fcr Sicherheit in der Informationstechnik",
"namespace": "https://www.bsi.bund.de"
},
"references": [
{
"category": "self",
"summary": "WID-SEC-W-2024-0597 - CSAF Version",
"url": "https://wid.cert-bund.de/.well-known/csaf/white/2024/wid-sec-w-2024-0597.json"
},
{
"category": "self",
"summary": "WID-SEC-2024-0597 - Portal Version",
"url": "https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2024-0597"
},
{
"category": "external",
"summary": "SAP Security Patch Day vom 2024-03-11",
"url": "https://support.sap.com/en/my-support/knowledge-base/security-notes-news/march-2024.html"
}
],
"source_lang": "en-US",
"title": "SAP Security Patch Day \u2013 M\u00e4rz 2024",
"tracking": {
"current_release_date": "2024-03-11T23:00:00.000+00:00",
"generator": {
"date": "2024-08-15T18:06:19.294+00:00",
"engine": {
"name": "BSI-WID",
"version": "1.3.5"
}
},
"id": "WID-SEC-W-2024-0597",
"initial_release_date": "2024-03-11T23:00:00.000+00:00",
"revision_history": [
{
"date": "2024-03-11T23:00:00.000+00:00",
"number": "1",
"summary": "Initiale Fassung"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "SAP Software",
"product": {
"name": "SAP Software",
"product_id": "T033370",
"product_identification_helper": {
"cpe": "cpe:/a:sap:sap:-"
}
}
}
],
"category": "vendor",
"name": "SAP"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2024-28163",
"notes": [
{
"category": "description",
"text": "Es bestehen mehrere Schwachstellen in SAP-Software. Diese Fehler bestehen in den Plugins und Komponenten, SAP Business Client, SAP Build Apps, SAP NetWeaver, SAP Commerce Cloud, SAP HANA XS Classic und HANA XS Advanced, SAP BusinessObjects Business Intelligence Platform, SAP Fiori Front End Server und SAP ABAP Platform, unter anderem aufgrund mehrerer sicherheitsrelevanter Probleme wie einer unzul\u00e4ssigen Authentifizierung, einer unzul\u00e4ssigen Zugriffskontrolle oder einer fehlenden Berechtigungspr\u00fcfung. Ein entfernter Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, einen Denial-of-Service-Zustand herbeizuf\u00fchren, vertrauliche Informationen offenzulegen oder einen Cross-Site-Scripting (XSS)-Angriff durchzuf\u00fchren. Einige dieser Schwachstellen erfordern eine Anmeldung oder Benutzerinteraktion, um erfolgreich ausgenutzt zu werden."
}
],
"product_status": {
"known_affected": [
"T033370"
]
},
"release_date": "2024-03-11T23:00:00.000+00:00",
"title": "CVE-2024-28163"
},
{
"cve": "CVE-2024-27902",
"notes": [
{
"category": "description",
"text": "Es bestehen mehrere Schwachstellen in SAP-Software. Diese Fehler bestehen in den Plugins und Komponenten, SAP Business Client, SAP Build Apps, SAP NetWeaver, SAP Commerce Cloud, SAP HANA XS Classic und HANA XS Advanced, SAP BusinessObjects Business Intelligence Platform, SAP Fiori Front End Server und SAP ABAP Platform, unter anderem aufgrund mehrerer sicherheitsrelevanter Probleme wie einer unzul\u00e4ssigen Authentifizierung, einer unzul\u00e4ssigen Zugriffskontrolle oder einer fehlenden Berechtigungspr\u00fcfung. Ein entfernter Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, einen Denial-of-Service-Zustand herbeizuf\u00fchren, vertrauliche Informationen offenzulegen oder einen Cross-Site-Scripting (XSS)-Angriff durchzuf\u00fchren. Einige dieser Schwachstellen erfordern eine Anmeldung oder Benutzerinteraktion, um erfolgreich ausgenutzt zu werden."
}
],
"product_status": {
"known_affected": [
"T033370"
]
},
"release_date": "2024-03-11T23:00:00.000+00:00",
"title": "CVE-2024-27902"
},
{
"cve": "CVE-2024-27900",
"notes": [
{
"category": "description",
"text": "Es bestehen mehrere Schwachstellen in SAP-Software. Diese Fehler bestehen in den Plugins und Komponenten, SAP Business Client, SAP Build Apps, SAP NetWeaver, SAP Commerce Cloud, SAP HANA XS Classic und HANA XS Advanced, SAP BusinessObjects Business Intelligence Platform, SAP Fiori Front End Server und SAP ABAP Platform, unter anderem aufgrund mehrerer sicherheitsrelevanter Probleme wie einer unzul\u00e4ssigen Authentifizierung, einer unzul\u00e4ssigen Zugriffskontrolle oder einer fehlenden Berechtigungspr\u00fcfung. Ein entfernter Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, einen Denial-of-Service-Zustand herbeizuf\u00fchren, vertrauliche Informationen offenzulegen oder einen Cross-Site-Scripting (XSS)-Angriff durchzuf\u00fchren. Einige dieser Schwachstellen erfordern eine Anmeldung oder Benutzerinteraktion, um erfolgreich ausgenutzt zu werden."
}
],
"product_status": {
"known_affected": [
"T033370"
]
},
"release_date": "2024-03-11T23:00:00.000+00:00",
"title": "CVE-2024-27900"
},
{
"cve": "CVE-2024-25645",
"notes": [
{
"category": "description",
"text": "Es bestehen mehrere Schwachstellen in SAP-Software. Diese Fehler bestehen in den Plugins und Komponenten, SAP Business Client, SAP Build Apps, SAP NetWeaver, SAP Commerce Cloud, SAP HANA XS Classic und HANA XS Advanced, SAP BusinessObjects Business Intelligence Platform, SAP Fiori Front End Server und SAP ABAP Platform, unter anderem aufgrund mehrerer sicherheitsrelevanter Probleme wie einer unzul\u00e4ssigen Authentifizierung, einer unzul\u00e4ssigen Zugriffskontrolle oder einer fehlenden Berechtigungspr\u00fcfung. Ein entfernter Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, einen Denial-of-Service-Zustand herbeizuf\u00fchren, vertrauliche Informationen offenzulegen oder einen Cross-Site-Scripting (XSS)-Angriff durchzuf\u00fchren. Einige dieser Schwachstellen erfordern eine Anmeldung oder Benutzerinteraktion, um erfolgreich ausgenutzt zu werden."
}
],
"product_status": {
"known_affected": [
"T033370"
]
},
"release_date": "2024-03-11T23:00:00.000+00:00",
"title": "CVE-2024-25645"
},
{
"cve": "CVE-2024-25644",
"notes": [
{
"category": "description",
"text": "Es bestehen mehrere Schwachstellen in SAP-Software. Diese Fehler bestehen in den Plugins und Komponenten, SAP Business Client, SAP Build Apps, SAP NetWeaver, SAP Commerce Cloud, SAP HANA XS Classic und HANA XS Advanced, SAP BusinessObjects Business Intelligence Platform, SAP Fiori Front End Server und SAP ABAP Platform, unter anderem aufgrund mehrerer sicherheitsrelevanter Probleme wie einer unzul\u00e4ssigen Authentifizierung, einer unzul\u00e4ssigen Zugriffskontrolle oder einer fehlenden Berechtigungspr\u00fcfung. Ein entfernter Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, einen Denial-of-Service-Zustand herbeizuf\u00fchren, vertrauliche Informationen offenzulegen oder einen Cross-Site-Scripting (XSS)-Angriff durchzuf\u00fchren. Einige dieser Schwachstellen erfordern eine Anmeldung oder Benutzerinteraktion, um erfolgreich ausgenutzt zu werden."
}
],
"product_status": {
"known_affected": [
"T033370"
]
},
"release_date": "2024-03-11T23:00:00.000+00:00",
"title": "CVE-2024-25644"
},
{
"cve": "CVE-2024-22133",
"notes": [
{
"category": "description",
"text": "Es bestehen mehrere Schwachstellen in SAP-Software. Diese Fehler bestehen in den Plugins und Komponenten, SAP Business Client, SAP Build Apps, SAP NetWeaver, SAP Commerce Cloud, SAP HANA XS Classic und HANA XS Advanced, SAP BusinessObjects Business Intelligence Platform, SAP Fiori Front End Server und SAP ABAP Platform, unter anderem aufgrund mehrerer sicherheitsrelevanter Probleme wie einer unzul\u00e4ssigen Authentifizierung, einer unzul\u00e4ssigen Zugriffskontrolle oder einer fehlenden Berechtigungspr\u00fcfung. Ein entfernter Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, einen Denial-of-Service-Zustand herbeizuf\u00fchren, vertrauliche Informationen offenzulegen oder einen Cross-Site-Scripting (XSS)-Angriff durchzuf\u00fchren. Einige dieser Schwachstellen erfordern eine Anmeldung oder Benutzerinteraktion, um erfolgreich ausgenutzt zu werden."
}
],
"product_status": {
"known_affected": [
"T033370"
]
},
"release_date": "2024-03-11T23:00:00.000+00:00",
"title": "CVE-2024-22133"
},
{
"cve": "CVE-2024-22127",
"notes": [
{
"category": "description",
"text": "Es bestehen mehrere Schwachstellen in SAP-Software. Diese Fehler bestehen in den Plugins und Komponenten, SAP Business Client, SAP Build Apps, SAP NetWeaver, SAP Commerce Cloud, SAP HANA XS Classic und HANA XS Advanced, SAP BusinessObjects Business Intelligence Platform, SAP Fiori Front End Server und SAP ABAP Platform, unter anderem aufgrund mehrerer sicherheitsrelevanter Probleme wie einer unzul\u00e4ssigen Authentifizierung, einer unzul\u00e4ssigen Zugriffskontrolle oder einer fehlenden Berechtigungspr\u00fcfung. Ein entfernter Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, einen Denial-of-Service-Zustand herbeizuf\u00fchren, vertrauliche Informationen offenzulegen oder einen Cross-Site-Scripting (XSS)-Angriff durchzuf\u00fchren. Einige dieser Schwachstellen erfordern eine Anmeldung oder Benutzerinteraktion, um erfolgreich ausgenutzt zu werden."
}
],
"product_status": {
"known_affected": [
"T033370"
]
},
"release_date": "2024-03-11T23:00:00.000+00:00",
"title": "CVE-2024-22127"
},
{
"cve": "CVE-2023-50164",
"notes": [
{
"category": "description",
"text": "Es bestehen mehrere Schwachstellen in SAP-Software. Diese Fehler bestehen in den Plugins und Komponenten, SAP Business Client, SAP Build Apps, SAP NetWeaver, SAP Commerce Cloud, SAP HANA XS Classic und HANA XS Advanced, SAP BusinessObjects Business Intelligence Platform, SAP Fiori Front End Server und SAP ABAP Platform, unter anderem aufgrund mehrerer sicherheitsrelevanter Probleme wie einer unzul\u00e4ssigen Authentifizierung, einer unzul\u00e4ssigen Zugriffskontrolle oder einer fehlenden Berechtigungspr\u00fcfung. Ein entfernter Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, einen Denial-of-Service-Zustand herbeizuf\u00fchren, vertrauliche Informationen offenzulegen oder einen Cross-Site-Scripting (XSS)-Angriff durchzuf\u00fchren. Einige dieser Schwachstellen erfordern eine Anmeldung oder Benutzerinteraktion, um erfolgreich ausgenutzt zu werden."
}
],
"product_status": {
"known_affected": [
"T033370"
]
},
"release_date": "2024-03-11T23:00:00.000+00:00",
"title": "CVE-2023-50164"
},
{
"cve": "CVE-2023-44487",
"notes": [
{
"category": "description",
"text": "Es bestehen mehrere Schwachstellen in SAP-Software. Diese Fehler bestehen in den Plugins und Komponenten, SAP Business Client, SAP Build Apps, SAP NetWeaver, SAP Commerce Cloud, SAP HANA XS Classic und HANA XS Advanced, SAP BusinessObjects Business Intelligence Platform, SAP Fiori Front End Server und SAP ABAP Platform, unter anderem aufgrund mehrerer sicherheitsrelevanter Probleme wie einer unzul\u00e4ssigen Authentifizierung, einer unzul\u00e4ssigen Zugriffskontrolle oder einer fehlenden Berechtigungspr\u00fcfung. Ein entfernter Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, einen Denial-of-Service-Zustand herbeizuf\u00fchren, vertrauliche Informationen offenzulegen oder einen Cross-Site-Scripting (XSS)-Angriff durchzuf\u00fchren. Einige dieser Schwachstellen erfordern eine Anmeldung oder Benutzerinteraktion, um erfolgreich ausgenutzt zu werden."
}
],
"product_status": {
"known_affected": [
"T033370"
]
},
"release_date": "2024-03-11T23:00:00.000+00:00",
"title": "CVE-2023-44487"
},
{
"cve": "CVE-2023-39439",
"notes": [
{
"category": "description",
"text": "Es bestehen mehrere Schwachstellen in SAP-Software. Diese Fehler bestehen in den Plugins und Komponenten, SAP Business Client, SAP Build Apps, SAP NetWeaver, SAP Commerce Cloud, SAP HANA XS Classic und HANA XS Advanced, SAP BusinessObjects Business Intelligence Platform, SAP Fiori Front End Server und SAP ABAP Platform, unter anderem aufgrund mehrerer sicherheitsrelevanter Probleme wie einer unzul\u00e4ssigen Authentifizierung, einer unzul\u00e4ssigen Zugriffskontrolle oder einer fehlenden Berechtigungspr\u00fcfung. Ein entfernter Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, einen Denial-of-Service-Zustand herbeizuf\u00fchren, vertrauliche Informationen offenzulegen oder einen Cross-Site-Scripting (XSS)-Angriff durchzuf\u00fchren. Einige dieser Schwachstellen erfordern eine Anmeldung oder Benutzerinteraktion, um erfolgreich ausgenutzt zu werden."
}
],
"product_status": {
"known_affected": [
"T033370"
]
},
"release_date": "2024-03-11T23:00:00.000+00:00",
"title": "CVE-2023-39439"
},
{
"cve": "CVE-2019-10744",
"notes": [
{
"category": "description",
"text": "Es bestehen mehrere Schwachstellen in SAP-Software. Diese Fehler bestehen in den Plugins und Komponenten, SAP Business Client, SAP Build Apps, SAP NetWeaver, SAP Commerce Cloud, SAP HANA XS Classic und HANA XS Advanced, SAP BusinessObjects Business Intelligence Platform, SAP Fiori Front End Server und SAP ABAP Platform, unter anderem aufgrund mehrerer sicherheitsrelevanter Probleme wie einer unzul\u00e4ssigen Authentifizierung, einer unzul\u00e4ssigen Zugriffskontrolle oder einer fehlenden Berechtigungspr\u00fcfung. Ein entfernter Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, einen Denial-of-Service-Zustand herbeizuf\u00fchren, vertrauliche Informationen offenzulegen oder einen Cross-Site-Scripting (XSS)-Angriff durchzuf\u00fchren. Einige dieser Schwachstellen erfordern eine Anmeldung oder Benutzerinteraktion, um erfolgreich ausgenutzt zu werden."
}
],
"product_status": {
"known_affected": [
"T033370"
]
},
"release_date": "2024-03-11T23:00:00.000+00:00",
"title": "CVE-2019-10744"
}
]
}
Sightings
| Author | Source | Type | Date | Other |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.