Action not permitted
Modal body text goes here.
Modal Title
Modal Body
CVE-2023-48795 (GCVE-0-2023-48795)
Vulnerability from cvelistv5 – Published: 2023-12-18 00:00 – Updated: 2026-05-12 11:02
VLAI
EPSS
Summary
The SSH transport protocol with certain OpenSSH extensions, found in OpenSSH before 9.6 and other products, allows remote attackers to bypass integrity checks such that some packets are omitted (from the extension negotiation message), and a client and server may consequently end up with a connection for which some security features have been downgraded or disabled, aka a Terrapin attack. This occurs because the SSH Binary Packet Protocol (BPP), implemented by these extensions, mishandles the handshake phase and mishandles use of sequence numbers. For example, there is an effective attack against SSH's use of ChaCha20-Poly1305 (and CBC with Encrypt-then-MAC). The bypass occurs in chacha20-poly1305@openssh.com and (if CBC is used) the -etm@openssh.com MAC algorithms. This also affects Maverick Synergy Java SSH API before 3.1.0-SNAPSHOT, Dropbear through 2022.83, Ssh before 5.1.1 in Erlang/OTP, PuTTY before 0.80, AsyncSSH before 2.14.2, golang.org/x/crypto before 0.17.0, libssh before 0.10.6, libssh2 through 1.11.0, Thorn Tech SFTP Gateway before 3.4.6, Tera Term before 5.1, Paramiko before 3.4.0, jsch before 0.2.15, SFTPGo before 2.5.6, Netgate pfSense Plus through 23.09.1, Netgate pfSense CE through 2.7.2, HPN-SSH through 18.2.0, ProFTPD before 1.3.8b (and before 1.3.9rc2), ORYX CycloneSSH before 2.3.4, NetSarang XShell 7 before Build 0144, CrushFTP before 10.6.0, ConnectBot SSH library before 2.2.22, Apache MINA sshd through 2.11.0, sshj through 0.37.0, TinySSH through 20230101, trilead-ssh2 6401, LANCOM LCOS and LANconfig, FileZilla before 3.66.4, Nova before 11.8, PKIX-SSH before 14.4, SecureCRT before 9.4.3, Transmit5 before 5.10.4, Win32-OpenSSH before 9.5.0.0p1-Beta, WinSCP before 6.2.2, Bitvise SSH Server before 9.32, Bitvise SSH Client before 9.33, KiTTY through 0.76.1.13, the net-ssh gem 7.2.0 for Ruby, the mscdex ssh2 module before 1.15.0 for Node.js, the thrussh library before 0.35.1 for Rust, and the Russh crate before 0.40.2 for Rust.
Severity
5.9 (Medium)
SSVC
Exploitation: poc
Automatable: no
Technical Impact: partial
CISA Coordinator (v2.0.3)
CWE
- n/a
- CWE-354 - Improper Validation of Integrity Check Value
Assigner
References
139 references
Impacted products
4 products
| Vendor | Product | Version | |
|---|---|---|---|
| Siemens | RUGGEDCOM APE1808 |
Affected:
0 , < *
(custom)
|
|
| Siemens | SIMATIC S7-1500 CPU 1518-4 PN/DP MFP |
Affected:
V3.1.5 , < *
(custom)
|
|
| Siemens | SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP |
Affected:
V3.1.5 , < *
(custom)
|
|
| Siemens | SIPLUS S7-1500 CPU 1518-4 PN/DP MFP |
Affected:
V3.1.5 , < *
(custom)
|
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2025-11-04T22:05:21.417Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"url": "https://www.vicarius.io/vsociety/posts/cve-2023-48795-detect-openssh-vulnerabilit"
},
{
"url": "https://www.vicarius.io/vsociety/posts/cve-2023-48795-mitigate-openssh-vulnerability"
},
{
"tags": [
"x_transferred"
],
"url": "https://www.chiark.greenend.org.uk/~sgtatham/putty/changes.html"
},
{
"tags": [
"x_transferred"
],
"url": "https://matt.ucc.asn.au/dropbear/CHANGES"
},
{
"tags": [
"x_transferred"
],
"url": "https://github.com/proftpd/proftpd/blob/master/RELEASE_NOTES"
},
{
"tags": [
"x_transferred"
],
"url": "https://www.netsarang.com/en/xshell-update-history/"
},
{
"tags": [
"x_transferred"
],
"url": "https://www.paramiko.org/changelog.html"
},
{
"tags": [
"x_transferred"
],
"url": "https://www.openssh.com/openbsd.html"
},
{
"tags": [
"x_transferred"
],
"url": "https://github.com/openssh/openssh-portable/commits/master"
},
{
"tags": [
"x_transferred"
],
"url": "https://groups.google.com/g/golang-announce/c/-n5WqVC18LQ"
},
{
"tags": [
"x_transferred"
],
"url": "https://www.bitvise.com/ssh-server-version-history"
},
{
"tags": [
"x_transferred"
],
"url": "https://github.com/ronf/asyncssh/tags"
},
{
"tags": [
"x_transferred"
],
"url": "https://gitlab.com/libssh/libssh-mirror/-/tags"
},
{
"tags": [
"x_transferred"
],
"url": "https://www.reddit.com/r/sysadmin/comments/18idv52/cve202348795_why_is_this_cve_still_undisclosed/"
},
{
"tags": [
"x_transferred"
],
"url": "https://github.com/erlang/otp/blob/d1b43dc0f1361d2ad67601169e90a7fc50bb0369/lib/ssh/doc/src/notes.xml#L39-L42"
},
{
"tags": [
"x_transferred"
],
"url": "https://www.openssh.com/txt/release-9.6"
},
{
"tags": [
"x_transferred"
],
"url": "https://jadaptive.com/important-java-ssh-security-update-new-ssh-vulnerability-discovered-cve-2023-48795/"
},
{
"tags": [
"x_transferred"
],
"url": "https://www.terrapin-attack.com"
},
{
"tags": [
"x_transferred"
],
"url": "https://github.com/mkj/dropbear/blob/17657c36cce6df7716d5ff151ec09a665382d5dd/CHANGES#L25"
},
{
"tags": [
"x_transferred"
],
"url": "https://github.com/ronf/asyncssh/blob/develop/docs/changes.rst"
},
{
"tags": [
"x_transferred"
],
"url": "https://thorntech.com/cve-2023-48795-and-sftp-gateway/"
},
{
"tags": [
"x_transferred"
],
"url": "https://github.com/warp-tech/russh/releases/tag/v0.40.2"
},
{
"tags": [
"x_transferred"
],
"url": "https://github.com/TeraTermProject/teraterm/commit/7279fbd6ef4d0c8bdd6a90af4ada2899d786eec0"
},
{
"tags": [
"x_transferred"
],
"url": "https://www.openwall.com/lists/oss-security/2023/12/18/2"
},
{
"tags": [
"x_transferred"
],
"url": "https://twitter.com/TrueSkrillor/status/1736774389725565005"
},
{
"tags": [
"x_transferred"
],
"url": "https://github.com/golang/crypto/commit/9d2ee975ef9fe627bf0a6f01c1f69e8ef1d4f05d"
},
{
"tags": [
"x_transferred"
],
"url": "https://github.com/paramiko/paramiko/issues/2337"
},
{
"tags": [
"x_transferred"
],
"url": "https://groups.google.com/g/golang-announce/c/qA3XtxvMUyg"
},
{
"tags": [
"x_transferred"
],
"url": "https://news.ycombinator.com/item?id=38684904"
},
{
"tags": [
"x_transferred"
],
"url": "https://news.ycombinator.com/item?id=38685286"
},
{
"name": "[oss-security] 20231218 CVE-2023-48795: Prefix Truncation Attacks in SSH Specification (Terrapin Attack)",
"tags": [
"mailing-list",
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2023/12/18/3"
},
{
"tags": [
"x_transferred"
],
"url": "https://github.com/mwiede/jsch/issues/457"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.libssh.org/projects/libssh.git/commit/?h=stable-0.10\u0026id=10e09e273f69e149389b3e0e5d44b8c221c2e7f6"
},
{
"tags": [
"x_transferred"
],
"url": "https://github.com/erlang/otp/releases/tag/OTP-26.2.1"
},
{
"tags": [
"x_transferred"
],
"url": "https://github.com/advisories/GHSA-45x7-px36-x8w8"
},
{
"tags": [
"x_transferred"
],
"url": "https://security-tracker.debian.org/tracker/source-package/libssh2"
},
{
"tags": [
"x_transferred"
],
"url": "https://security-tracker.debian.org/tracker/source-package/proftpd-dfsg"
},
{
"tags": [
"x_transferred"
],
"url": "https://security-tracker.debian.org/tracker/CVE-2023-48795"
},
{
"tags": [
"x_transferred"
],
"url": "https://bugzilla.suse.com/show_bug.cgi?id=1217950"
},
{
"tags": [
"x_transferred"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2254210"
},
{
"tags": [
"x_transferred"
],
"url": "https://bugs.gentoo.org/920280"
},
{
"tags": [
"x_transferred"
],
"url": "https://ubuntu.com/security/CVE-2023-48795"
},
{
"tags": [
"x_transferred"
],
"url": "https://www.suse.com/c/suse-addresses-the-ssh-v2-protocol-terrapin-attack-aka-cve-2023-48795/"
},
{
"tags": [
"x_transferred"
],
"url": "https://access.redhat.com/security/cve/cve-2023-48795"
},
{
"tags": [
"x_transferred"
],
"url": "https://github.com/mwiede/jsch/pull/461"
},
{
"tags": [
"x_transferred"
],
"url": "https://github.com/drakkan/sftpgo/releases/tag/v2.5.6"
},
{
"tags": [
"x_transferred"
],
"url": "https://github.com/libssh2/libssh2/pull/1291"
},
{
"tags": [
"x_transferred"
],
"url": "https://forum.netgate.com/topic/184941/terrapin-ssh-attack"
},
{
"tags": [
"x_transferred"
],
"url": "https://github.com/jtesta/ssh-audit/commit/8e972c5e94b460379fe0c7d20209c16df81538a5"
},
{
"tags": [
"x_transferred"
],
"url": "https://github.com/rapier1/hpn-ssh/releases"
},
{
"tags": [
"x_transferred"
],
"url": "https://github.com/proftpd/proftpd/issues/456"
},
{
"tags": [
"x_transferred"
],
"url": "https://github.com/TeraTermProject/teraterm/releases/tag/v5.1"
},
{
"tags": [
"x_transferred"
],
"url": "https://github.com/mwiede/jsch/compare/jsch-0.2.14...jsch-0.2.15"
},
{
"tags": [
"x_transferred"
],
"url": "https://oryx-embedded.com/download/#changelog"
},
{
"tags": [
"x_transferred"
],
"url": "https://www.crushftp.com/crush10wiki/Wiki.jsp?page=Update"
},
{
"tags": [
"x_transferred"
],
"url": "https://github.com/connectbot/sshlib/compare/2.2.21...2.2.22"
},
{
"tags": [
"x_transferred"
],
"url": "https://github.com/connectbot/sshlib/commit/5c8b534f6e97db7ac0e0e579331213aa25c173ab"
},
{
"tags": [
"x_transferred"
],
"url": "https://github.com/mscdex/ssh2/commit/97b223f8891b96d6fc054df5ab1d5a1a545da2a3"
},
{
"tags": [
"x_transferred"
],
"url": "https://nest.pijul.com/pijul/thrussh/changes/D6H7OWTTMHHX6BTB3B6MNBOBX2L66CBL4LGSEUSAI2MCRCJDQFRQC"
},
{
"tags": [
"x_transferred"
],
"url": "https://crates.io/crates/thrussh/versions"
},
{
"tags": [
"x_transferred"
],
"url": "https://github.com/NixOS/nixpkgs/pull/275249"
},
{
"name": "[oss-security] 20231219 Re: CVE-2023-48795: Prefix Truncation Attacks in SSH Specification (Terrapin Attack)",
"tags": [
"mailing-list",
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2023/12/19/5"
},
{
"tags": [
"x_transferred"
],
"url": "https://www.freebsd.org/security/advisories/FreeBSD-SA-23:19.openssh.asc"
},
{
"tags": [
"x_transferred"
],
"url": "https://arstechnica.com/security/2023/12/hackers-can-break-ssh-channel-integrity-using-novel-data-corruption-attack/"
},
{
"name": "[oss-security] 20231220 Re: CVE-2023-48795: Prefix Truncation Attacks in SSH Specification (Terrapin Attack)",
"tags": [
"mailing-list",
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2023/12/20/3"
},
{
"tags": [
"x_transferred"
],
"url": "http://packetstormsecurity.com/files/176280/Terrapin-SSH-Connection-Weakening.html"
},
{
"tags": [
"x_transferred"
],
"url": "https://github.com/proftpd/proftpd/blob/d21e7a2e47e9b38f709bec58e3fa711f759ad0e1/RELEASE_NOTES"
},
{
"tags": [
"x_transferred"
],
"url": "https://github.com/proftpd/proftpd/blob/0a7ea9b0ba9fcdf368374a226370d08f10397d99/RELEASE_NOTES"
},
{
"tags": [
"x_transferred"
],
"url": "https://github.com/apache/mina-sshd/issues/445"
},
{
"tags": [
"x_transferred"
],
"url": "https://github.com/hierynomus/sshj/issues/916"
},
{
"tags": [
"x_transferred"
],
"url": "https://github.com/janmojzis/tinyssh/issues/81"
},
{
"tags": [
"x_transferred"
],
"url": "https://www.openwall.com/lists/oss-security/2023/12/20/3"
},
{
"tags": [
"x_transferred"
],
"url": "https://security-tracker.debian.org/tracker/source-package/trilead-ssh2"
},
{
"tags": [
"x_transferred"
],
"url": "https://github.com/net-ssh/net-ssh/blob/2e65064a52d73396bfc3806c9196fc8108f33cd8/CHANGES.txt#L14-L16"
},
{
"name": "FEDORA-2023-0733306be9",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/MKQRBF3DWMWPH36LBCOBUTSIZRTPEZXB/"
},
{
"name": "DSA-5586",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://www.debian.org/security/2023/dsa-5586"
},
{
"tags": [
"x_transferred"
],
"url": "https://www.lancom-systems.de/service-support/allgemeine-sicherheitshinweise#c243508"
},
{
"tags": [
"x_transferred"
],
"url": "https://www.theregister.com/2023/12/20/terrapin_attack_ssh"
},
{
"tags": [
"x_transferred"
],
"url": "https://filezilla-project.org/versions.php"
},
{
"tags": [
"x_transferred"
],
"url": "https://nova.app/releases/#v11.8"
},
{
"tags": [
"x_transferred"
],
"url": "https://roumenpetrov.info/secsh/#news20231220"
},
{
"tags": [
"x_transferred"
],
"url": "https://www.vandyke.com/products/securecrt/history.txt"
},
{
"tags": [
"x_transferred"
],
"url": "https://help.panic.com/releasenotes/transmit5/"
},
{
"tags": [
"x_transferred"
],
"url": "https://github.com/PowerShell/Win32-OpenSSH/releases/tag/v9.5.0.0p1-Beta"
},
{
"tags": [
"x_transferred"
],
"url": "https://github.com/PowerShell/Win32-OpenSSH/issues/2189"
},
{
"tags": [
"x_transferred"
],
"url": "https://winscp.net/eng/docs/history#6.2.2"
},
{
"tags": [
"x_transferred"
],
"url": "https://www.bitvise.com/ssh-client-version-history#933"
},
{
"tags": [
"x_transferred"
],
"url": "https://github.com/cyd01/KiTTY/issues/520"
},
{
"name": "DSA-5588",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://www.debian.org/security/2023/dsa-5588"
},
{
"tags": [
"x_transferred"
],
"url": "https://github.com/ssh-mitm/ssh-mitm/issues/165"
},
{
"tags": [
"x_transferred"
],
"url": "https://news.ycombinator.com/item?id=38732005"
},
{
"name": "[debian-lts-announce] 20231226 [SECURITY] [DLA 3694-1] openssh security update",
"tags": [
"mailing-list",
"x_transferred"
],
"url": "https://lists.debian.org/debian-lts-announce/2023/12/msg00017.html"
},
{
"name": "GLSA-202312-16",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://security.gentoo.org/glsa/202312-16"
},
{
"name": "GLSA-202312-17",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://security.gentoo.org/glsa/202312-17"
},
{
"name": "FEDORA-2023-20feb865d8",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/3YQLUQWLIHDB5QCXQEX7HXHAWMOKPP5O/"
},
{
"name": "FEDORA-2023-cb8c606fbb",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/F7EYCFQCTSGJXWO3ZZ44MGKFC5HA7G3Y/"
},
{
"name": "FEDORA-2023-e77300e4b5",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/APYIXIQOVDCRWLHTGB4VYMAUIAQLKYJ3/"
},
{
"name": "FEDORA-2023-b87ec6cf47",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/QI3EHAHABFQK7OABNCSF5GMYP6TONTI7/"
},
{
"name": "FEDORA-2023-153404713b",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/KMZCVGUGJZZVDPCVDA7TEB22VUCNEXDD/"
},
{
"tags": [
"x_transferred"
],
"url": "https://security.netapp.com/advisory/ntap-20240105-0004/"
},
{
"name": "FEDORA-2024-3bb23c77f3",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/3CAYYW35MUTNO65RVAELICTNZZFMT2XS/"
},
{
"name": "FEDORA-2023-55800423a8",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/LZQVUHWVWRH73YBXUQJOD6CKHDQBU3DM/"
},
{
"name": "FEDORA-2024-d946b9ad25",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/C3AFMZ6MH2UHHOPIWT5YLSFV3D2VB3AC/"
},
{
"name": "FEDORA-2024-71c2c6526c",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/BL5KTLOSLH2KHRN4HCXJPK3JUVLDGEL6/"
},
{
"name": "FEDORA-2024-39a8c72ea9",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/33XHJUB6ROFUOH2OQNENFROTVH6MHSHA/"
},
{
"tags": [
"x_transferred"
],
"url": "https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2024-0002"
},
{
"name": "FEDORA-2024-ae653fb07b",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/CHHITS4PUOZAKFIUBQAQZC7JWXMOYE4B/"
},
{
"name": "FEDORA-2024-2705241461",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/I724O3LSRCPO4WNVIXTZCT4VVRMXMMSG/"
},
{
"name": "FEDORA-2024-fb32950d11",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/KEOTKBUPZXHE3F352JBYNTSNRXYLWD6P/"
},
{
"name": "FEDORA-2024-7b08207cdb",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/HYEDEXIKFKTUJIN43RG4B7T5ZS6MHUSP/"
},
{
"name": "FEDORA-2024-06ebb70bdd",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/6Y74KVCPEPT4MVU3LHDWCNNOXOE5ZLUR/"
},
{
"name": "[debian-lts-announce] 20240125 [SECURITY] [DLA 3718-1] php-phpseclib security update",
"tags": [
"mailing-list",
"x_transferred"
],
"url": "https://lists.debian.org/debian-lts-announce/2024/01/msg00013.html"
},
{
"name": "[debian-lts-announce] 20240125 [SECURITY] [DLA 3719-1] phpseclib security update",
"tags": [
"mailing-list",
"x_transferred"
],
"url": "https://lists.debian.org/debian-lts-announce/2024/01/msg00014.html"
},
{
"name": "FEDORA-2024-a53b24023d",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/L5Y6MNNVAPIJSXJERQ6PKZVCIUXSNJK7/"
},
{
"name": "FEDORA-2024-3fd1bc9276",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/3JIMLVBDWOP4FUPXPTB4PGHHIOMGFLQE/"
},
{
"tags": [
"x_transferred"
],
"url": "https://support.apple.com/kb/HT214084"
},
{
"name": "20240313 APPLE-SA-03-07-2024-2 macOS Sonoma 14.4",
"tags": [
"mailing-list",
"x_transferred"
],
"url": "http://seclists.org/fulldisclosure/2024/Mar/21"
},
{
"name": "[debian-lts-announce] 20240425 [SECURITY] [DLA 3794-1] putty security update",
"tags": [
"mailing-list",
"x_transferred"
],
"url": "https://lists.debian.org/debian-lts-announce/2024/04/msg00016.html"
},
{
"name": "[oss-security] 20240417 Terrapin vulnerability in Jenkins CLI client",
"tags": [
"mailing-list",
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2024/04/17/8"
},
{
"name": "[oss-security] 20240306 Multiple vulnerabilities in Jenkins plugins",
"tags": [
"mailing-list",
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2024/03/06/3"
},
{
"url": "https://lists.debian.org/debian-lts-announce/2025/04/msg00028.html"
},
{
"url": "https://lists.debian.org/debian-lts-announce/2024/11/msg00032.html"
},
{
"url": "https://lists.debian.org/debian-lts-announce/2024/09/msg00042.html"
},
{
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/L5Y6MNNVAPIJSXJERQ6PKZVCIUXSNJK7/"
},
{
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3JIMLVBDWOP4FUPXPTB4PGHHIOMGFLQE/"
},
{
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6Y74KVCPEPT4MVU3LHDWCNNOXOE5ZLUR/"
},
{
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/I724O3LSRCPO4WNVIXTZCT4VVRMXMMSG/"
},
{
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/C3AFMZ6MH2UHHOPIWT5YLSFV3D2VB3AC/"
},
{
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/LZQVUHWVWRH73YBXUQJOD6CKHDQBU3DM/"
},
{
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/APYIXIQOVDCRWLHTGB4VYMAUIAQLKYJ3/"
},
{
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3YQLUQWLIHDB5QCXQEX7HXHAWMOKPP5O/"
},
{
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/MKQRBF3DWMWPH36LBCOBUTSIZRTPEZXB/"
},
{
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/33XHJUB6ROFUOH2OQNENFROTVH6MHSHA/"
},
{
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/HYEDEXIKFKTUJIN43RG4B7T5ZS6MHUSP/"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N",
"version": "3.1"
}
},
{
"other": {
"content": {
"id": "CVE-2023-48795",
"options": [
{
"Exploitation": "poc"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2023-12-22T05:01:05.519910Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-354",
"description": "CWE-354 Improper Validation of Integrity Check Value",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-08-27T20:45:57.733Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"affected": [
{
"defaultStatus": "unknown",
"product": "RUGGEDCOM APE1808",
"vendor": "Siemens",
"versions": [
{
"lessThan": "*",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIMATIC S7-1500 CPU 1518-4 PN/DP MFP",
"vendor": "Siemens",
"versions": [
{
"lessThan": "*",
"status": "affected",
"version": "V3.1.5",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIMATIC S7-1500 CPU 1518-4 PN/DP MFP",
"vendor": "Siemens",
"versions": [
{
"lessThan": "*",
"status": "affected",
"version": "V3.1.5",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP",
"vendor": "Siemens",
"versions": [
{
"lessThan": "*",
"status": "affected",
"version": "V3.1.5",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP",
"vendor": "Siemens",
"versions": [
{
"lessThan": "*",
"status": "affected",
"version": "V3.1.5",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIPLUS S7-1500 CPU 1518-4 PN/DP MFP",
"vendor": "Siemens",
"versions": [
{
"lessThan": "*",
"status": "affected",
"version": "V3.1.5",
"versionType": "custom"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-05-12T11:02:25.905Z",
"orgId": "0b142b55-0307-4c5a-b3c9-f314f3fb7c5e",
"shortName": "siemens-SADP"
},
"references": [
{
"url": "https://cert-portal.siemens.com/productcert/html/ssa-794697.html"
},
{
"url": "https://cert-portal.siemens.com/productcert/html/ssa-364175.html"
},
{
"url": "https://cert-portal.siemens.com/productcert/html/ssa-915275.html"
},
{
"url": "https://cert-portal.siemens.com/productcert/html/ssa-769027.html"
},
{
"url": "https://cert-portal.siemens.com/productcert/html/ssa-082556.html"
}
],
"x_adpType": "supplier"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "The SSH transport protocol with certain OpenSSH extensions, found in OpenSSH before 9.6 and other products, allows remote attackers to bypass integrity checks such that some packets are omitted (from the extension negotiation message), and a client and server may consequently end up with a connection for which some security features have been downgraded or disabled, aka a Terrapin attack. This occurs because the SSH Binary Packet Protocol (BPP), implemented by these extensions, mishandles the handshake phase and mishandles use of sequence numbers. For example, there is an effective attack against SSH\u0027s use of ChaCha20-Poly1305 (and CBC with Encrypt-then-MAC). The bypass occurs in chacha20-poly1305@openssh.com and (if CBC is used) the -etm@openssh.com MAC algorithms. This also affects Maverick Synergy Java SSH API before 3.1.0-SNAPSHOT, Dropbear through 2022.83, Ssh before 5.1.1 in Erlang/OTP, PuTTY before 0.80, AsyncSSH before 2.14.2, golang.org/x/crypto before 0.17.0, libssh before 0.10.6, libssh2 through 1.11.0, Thorn Tech SFTP Gateway before 3.4.6, Tera Term before 5.1, Paramiko before 3.4.0, jsch before 0.2.15, SFTPGo before 2.5.6, Netgate pfSense Plus through 23.09.1, Netgate pfSense CE through 2.7.2, HPN-SSH through 18.2.0, ProFTPD before 1.3.8b (and before 1.3.9rc2), ORYX CycloneSSH before 2.3.4, NetSarang XShell 7 before Build 0144, CrushFTP before 10.6.0, ConnectBot SSH library before 2.2.22, Apache MINA sshd through 2.11.0, sshj through 0.37.0, TinySSH through 20230101, trilead-ssh2 6401, LANCOM LCOS and LANconfig, FileZilla before 3.66.4, Nova before 11.8, PKIX-SSH before 14.4, SecureCRT before 9.4.3, Transmit5 before 5.10.4, Win32-OpenSSH before 9.5.0.0p1-Beta, WinSCP before 6.2.2, Bitvise SSH Server before 9.32, Bitvise SSH Client before 9.33, KiTTY through 0.76.1.13, the net-ssh gem 7.2.0 for Ruby, the mscdex ssh2 module before 1.15.0 for Node.js, the thrussh library before 0.35.1 for Rust, and the Russh crate before 0.40.2 for Rust."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-05-01T18:06:23.972Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"url": "https://www.chiark.greenend.org.uk/~sgtatham/putty/changes.html"
},
{
"url": "https://matt.ucc.asn.au/dropbear/CHANGES"
},
{
"url": "https://github.com/proftpd/proftpd/blob/master/RELEASE_NOTES"
},
{
"url": "https://www.netsarang.com/en/xshell-update-history/"
},
{
"url": "https://www.paramiko.org/changelog.html"
},
{
"url": "https://www.openssh.com/openbsd.html"
},
{
"url": "https://github.com/openssh/openssh-portable/commits/master"
},
{
"url": "https://groups.google.com/g/golang-announce/c/-n5WqVC18LQ"
},
{
"url": "https://www.bitvise.com/ssh-server-version-history"
},
{
"url": "https://github.com/ronf/asyncssh/tags"
},
{
"url": "https://gitlab.com/libssh/libssh-mirror/-/tags"
},
{
"url": "https://www.reddit.com/r/sysadmin/comments/18idv52/cve202348795_why_is_this_cve_still_undisclosed/"
},
{
"url": "https://github.com/erlang/otp/blob/d1b43dc0f1361d2ad67601169e90a7fc50bb0369/lib/ssh/doc/src/notes.xml#L39-L42"
},
{
"url": "https://www.openssh.com/txt/release-9.6"
},
{
"url": "https://jadaptive.com/important-java-ssh-security-update-new-ssh-vulnerability-discovered-cve-2023-48795/"
},
{
"url": "https://www.terrapin-attack.com"
},
{
"url": "https://github.com/mkj/dropbear/blob/17657c36cce6df7716d5ff151ec09a665382d5dd/CHANGES#L25"
},
{
"url": "https://github.com/ronf/asyncssh/blob/develop/docs/changes.rst"
},
{
"url": "https://thorntech.com/cve-2023-48795-and-sftp-gateway/"
},
{
"url": "https://github.com/warp-tech/russh/releases/tag/v0.40.2"
},
{
"url": "https://github.com/TeraTermProject/teraterm/commit/7279fbd6ef4d0c8bdd6a90af4ada2899d786eec0"
},
{
"url": "https://www.openwall.com/lists/oss-security/2023/12/18/2"
},
{
"url": "https://twitter.com/TrueSkrillor/status/1736774389725565005"
},
{
"url": "https://github.com/golang/crypto/commit/9d2ee975ef9fe627bf0a6f01c1f69e8ef1d4f05d"
},
{
"url": "https://github.com/paramiko/paramiko/issues/2337"
},
{
"url": "https://groups.google.com/g/golang-announce/c/qA3XtxvMUyg"
},
{
"url": "https://news.ycombinator.com/item?id=38684904"
},
{
"url": "https://news.ycombinator.com/item?id=38685286"
},
{
"name": "[oss-security] 20231218 CVE-2023-48795: Prefix Truncation Attacks in SSH Specification (Terrapin Attack)",
"tags": [
"mailing-list"
],
"url": "http://www.openwall.com/lists/oss-security/2023/12/18/3"
},
{
"url": "https://github.com/mwiede/jsch/issues/457"
},
{
"url": "https://git.libssh.org/projects/libssh.git/commit/?h=stable-0.10\u0026id=10e09e273f69e149389b3e0e5d44b8c221c2e7f6"
},
{
"url": "https://github.com/erlang/otp/releases/tag/OTP-26.2.1"
},
{
"url": "https://github.com/advisories/GHSA-45x7-px36-x8w8"
},
{
"url": "https://security-tracker.debian.org/tracker/source-package/libssh2"
},
{
"url": "https://security-tracker.debian.org/tracker/source-package/proftpd-dfsg"
},
{
"url": "https://security-tracker.debian.org/tracker/CVE-2023-48795"
},
{
"url": "https://bugzilla.suse.com/show_bug.cgi?id=1217950"
},
{
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2254210"
},
{
"url": "https://bugs.gentoo.org/920280"
},
{
"url": "https://ubuntu.com/security/CVE-2023-48795"
},
{
"url": "https://www.suse.com/c/suse-addresses-the-ssh-v2-protocol-terrapin-attack-aka-cve-2023-48795/"
},
{
"url": "https://access.redhat.com/security/cve/cve-2023-48795"
},
{
"url": "https://github.com/mwiede/jsch/pull/461"
},
{
"url": "https://github.com/drakkan/sftpgo/releases/tag/v2.5.6"
},
{
"url": "https://github.com/libssh2/libssh2/pull/1291"
},
{
"url": "https://forum.netgate.com/topic/184941/terrapin-ssh-attack"
},
{
"url": "https://github.com/jtesta/ssh-audit/commit/8e972c5e94b460379fe0c7d20209c16df81538a5"
},
{
"url": "https://github.com/rapier1/hpn-ssh/releases"
},
{
"url": "https://github.com/proftpd/proftpd/issues/456"
},
{
"url": "https://github.com/TeraTermProject/teraterm/releases/tag/v5.1"
},
{
"url": "https://github.com/mwiede/jsch/compare/jsch-0.2.14...jsch-0.2.15"
},
{
"url": "https://oryx-embedded.com/download/#changelog"
},
{
"url": "https://www.crushftp.com/crush10wiki/Wiki.jsp?page=Update"
},
{
"url": "https://github.com/connectbot/sshlib/compare/2.2.21...2.2.22"
},
{
"url": "https://github.com/connectbot/sshlib/commit/5c8b534f6e97db7ac0e0e579331213aa25c173ab"
},
{
"url": "https://github.com/mscdex/ssh2/commit/97b223f8891b96d6fc054df5ab1d5a1a545da2a3"
},
{
"url": "https://nest.pijul.com/pijul/thrussh/changes/D6H7OWTTMHHX6BTB3B6MNBOBX2L66CBL4LGSEUSAI2MCRCJDQFRQC"
},
{
"url": "https://crates.io/crates/thrussh/versions"
},
{
"url": "https://github.com/NixOS/nixpkgs/pull/275249"
},
{
"name": "[oss-security] 20231219 Re: CVE-2023-48795: Prefix Truncation Attacks in SSH Specification (Terrapin Attack)",
"tags": [
"mailing-list"
],
"url": "http://www.openwall.com/lists/oss-security/2023/12/19/5"
},
{
"url": "https://www.freebsd.org/security/advisories/FreeBSD-SA-23:19.openssh.asc"
},
{
"url": "https://arstechnica.com/security/2023/12/hackers-can-break-ssh-channel-integrity-using-novel-data-corruption-attack/"
},
{
"name": "[oss-security] 20231220 Re: CVE-2023-48795: Prefix Truncation Attacks in SSH Specification (Terrapin Attack)",
"tags": [
"mailing-list"
],
"url": "http://www.openwall.com/lists/oss-security/2023/12/20/3"
},
{
"url": "http://packetstormsecurity.com/files/176280/Terrapin-SSH-Connection-Weakening.html"
},
{
"url": "https://github.com/proftpd/proftpd/blob/d21e7a2e47e9b38f709bec58e3fa711f759ad0e1/RELEASE_NOTES"
},
{
"url": "https://github.com/proftpd/proftpd/blob/0a7ea9b0ba9fcdf368374a226370d08f10397d99/RELEASE_NOTES"
},
{
"url": "https://github.com/apache/mina-sshd/issues/445"
},
{
"url": "https://github.com/hierynomus/sshj/issues/916"
},
{
"url": "https://github.com/janmojzis/tinyssh/issues/81"
},
{
"url": "https://www.openwall.com/lists/oss-security/2023/12/20/3"
},
{
"url": "https://security-tracker.debian.org/tracker/source-package/trilead-ssh2"
},
{
"url": "https://github.com/net-ssh/net-ssh/blob/2e65064a52d73396bfc3806c9196fc8108f33cd8/CHANGES.txt#L14-L16"
},
{
"name": "FEDORA-2023-0733306be9",
"tags": [
"vendor-advisory"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/MKQRBF3DWMWPH36LBCOBUTSIZRTPEZXB/"
},
{
"name": "DSA-5586",
"tags": [
"vendor-advisory"
],
"url": "https://www.debian.org/security/2023/dsa-5586"
},
{
"url": "https://www.lancom-systems.de/service-support/allgemeine-sicherheitshinweise#c243508"
},
{
"url": "https://www.theregister.com/2023/12/20/terrapin_attack_ssh"
},
{
"url": "https://filezilla-project.org/versions.php"
},
{
"url": "https://nova.app/releases/#v11.8"
},
{
"url": "https://roumenpetrov.info/secsh/#news20231220"
},
{
"url": "https://www.vandyke.com/products/securecrt/history.txt"
},
{
"url": "https://help.panic.com/releasenotes/transmit5/"
},
{
"url": "https://github.com/PowerShell/Win32-OpenSSH/releases/tag/v9.5.0.0p1-Beta"
},
{
"url": "https://github.com/PowerShell/Win32-OpenSSH/issues/2189"
},
{
"url": "https://winscp.net/eng/docs/history#6.2.2"
},
{
"url": "https://www.bitvise.com/ssh-client-version-history#933"
},
{
"url": "https://github.com/cyd01/KiTTY/issues/520"
},
{
"name": "DSA-5588",
"tags": [
"vendor-advisory"
],
"url": "https://www.debian.org/security/2023/dsa-5588"
},
{
"url": "https://github.com/ssh-mitm/ssh-mitm/issues/165"
},
{
"url": "https://news.ycombinator.com/item?id=38732005"
},
{
"name": "[debian-lts-announce] 20231226 [SECURITY] [DLA 3694-1] openssh security update",
"tags": [
"mailing-list"
],
"url": "https://lists.debian.org/debian-lts-announce/2023/12/msg00017.html"
},
{
"name": "GLSA-202312-16",
"tags": [
"vendor-advisory"
],
"url": "https://security.gentoo.org/glsa/202312-16"
},
{
"name": "GLSA-202312-17",
"tags": [
"vendor-advisory"
],
"url": "https://security.gentoo.org/glsa/202312-17"
},
{
"name": "FEDORA-2023-20feb865d8",
"tags": [
"vendor-advisory"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/3YQLUQWLIHDB5QCXQEX7HXHAWMOKPP5O/"
},
{
"name": "FEDORA-2023-cb8c606fbb",
"tags": [
"vendor-advisory"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/F7EYCFQCTSGJXWO3ZZ44MGKFC5HA7G3Y/"
},
{
"name": "FEDORA-2023-e77300e4b5",
"tags": [
"vendor-advisory"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/APYIXIQOVDCRWLHTGB4VYMAUIAQLKYJ3/"
},
{
"name": "FEDORA-2023-b87ec6cf47",
"tags": [
"vendor-advisory"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/QI3EHAHABFQK7OABNCSF5GMYP6TONTI7/"
},
{
"name": "FEDORA-2023-153404713b",
"tags": [
"vendor-advisory"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/KMZCVGUGJZZVDPCVDA7TEB22VUCNEXDD/"
},
{
"url": "https://security.netapp.com/advisory/ntap-20240105-0004/"
},
{
"name": "FEDORA-2024-3bb23c77f3",
"tags": [
"vendor-advisory"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/3CAYYW35MUTNO65RVAELICTNZZFMT2XS/"
},
{
"name": "FEDORA-2023-55800423a8",
"tags": [
"vendor-advisory"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/LZQVUHWVWRH73YBXUQJOD6CKHDQBU3DM/"
},
{
"name": "FEDORA-2024-d946b9ad25",
"tags": [
"vendor-advisory"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/C3AFMZ6MH2UHHOPIWT5YLSFV3D2VB3AC/"
},
{
"name": "FEDORA-2024-71c2c6526c",
"tags": [
"vendor-advisory"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/BL5KTLOSLH2KHRN4HCXJPK3JUVLDGEL6/"
},
{
"name": "FEDORA-2024-39a8c72ea9",
"tags": [
"vendor-advisory"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/33XHJUB6ROFUOH2OQNENFROTVH6MHSHA/"
},
{
"url": "https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2024-0002"
},
{
"name": "FEDORA-2024-ae653fb07b",
"tags": [
"vendor-advisory"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/CHHITS4PUOZAKFIUBQAQZC7JWXMOYE4B/"
},
{
"name": "FEDORA-2024-2705241461",
"tags": [
"vendor-advisory"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/I724O3LSRCPO4WNVIXTZCT4VVRMXMMSG/"
},
{
"name": "FEDORA-2024-fb32950d11",
"tags": [
"vendor-advisory"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/KEOTKBUPZXHE3F352JBYNTSNRXYLWD6P/"
},
{
"name": "FEDORA-2024-7b08207cdb",
"tags": [
"vendor-advisory"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/HYEDEXIKFKTUJIN43RG4B7T5ZS6MHUSP/"
},
{
"name": "FEDORA-2024-06ebb70bdd",
"tags": [
"vendor-advisory"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/6Y74KVCPEPT4MVU3LHDWCNNOXOE5ZLUR/"
},
{
"name": "[debian-lts-announce] 20240125 [SECURITY] [DLA 3718-1] php-phpseclib security update",
"tags": [
"mailing-list"
],
"url": "https://lists.debian.org/debian-lts-announce/2024/01/msg00013.html"
},
{
"name": "[debian-lts-announce] 20240125 [SECURITY] [DLA 3719-1] phpseclib security update",
"tags": [
"mailing-list"
],
"url": "https://lists.debian.org/debian-lts-announce/2024/01/msg00014.html"
},
{
"name": "FEDORA-2024-a53b24023d",
"tags": [
"vendor-advisory"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/L5Y6MNNVAPIJSXJERQ6PKZVCIUXSNJK7/"
},
{
"name": "FEDORA-2024-3fd1bc9276",
"tags": [
"vendor-advisory"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/3JIMLVBDWOP4FUPXPTB4PGHHIOMGFLQE/"
},
{
"url": "https://support.apple.com/kb/HT214084"
},
{
"name": "20240313 APPLE-SA-03-07-2024-2 macOS Sonoma 14.4",
"tags": [
"mailing-list"
],
"url": "http://seclists.org/fulldisclosure/2024/Mar/21"
},
{
"name": "[debian-lts-announce] 20240425 [SECURITY] [DLA 3794-1] putty security update",
"tags": [
"mailing-list"
],
"url": "https://lists.debian.org/debian-lts-announce/2024/04/msg00016.html"
},
{
"name": "[oss-security] 20240417 Terrapin vulnerability in Jenkins CLI client",
"tags": [
"mailing-list"
],
"url": "http://www.openwall.com/lists/oss-security/2024/04/17/8"
},
{
"name": "[oss-security] 20240306 Multiple vulnerabilities in Jenkins plugins",
"tags": [
"mailing-list"
],
"url": "http://www.openwall.com/lists/oss-security/2024/03/06/3"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2023-48795",
"datePublished": "2023-12-18T00:00:00.000Z",
"dateReserved": "2023-11-20T00:00:00.000Z",
"dateUpdated": "2026-05-12T11:02:25.905Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2",
"vulnerability-lookup:meta": {
"epss": {
"cve": "CVE-2023-48795",
"date": "2026-06-05",
"epss": "0.54214",
"percentile": "0.98065"
},
"nvd": "{\"cve\":{\"id\":\"CVE-2023-48795\",\"sourceIdentifier\":\"cve@mitre.org\",\"published\":\"2023-12-18T16:15:10.897\",\"lastModified\":\"2026-05-12T11:16:15.010\",\"vulnStatus\":\"Modified\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"The SSH transport protocol with certain OpenSSH extensions, found in OpenSSH before 9.6 and other products, allows remote attackers to bypass integrity checks such that some packets are omitted (from the extension negotiation message), and a client and server may consequently end up with a connection for which some security features have been downgraded or disabled, aka a Terrapin attack. This occurs because the SSH Binary Packet Protocol (BPP), implemented by these extensions, mishandles the handshake phase and mishandles use of sequence numbers. For example, there is an effective attack against SSH\u0027s use of ChaCha20-Poly1305 (and CBC with Encrypt-then-MAC). The bypass occurs in chacha20-poly1305@openssh.com and (if CBC is used) the -etm@openssh.com MAC algorithms. This also affects Maverick Synergy Java SSH API before 3.1.0-SNAPSHOT, Dropbear through 2022.83, Ssh before 5.1.1 in Erlang/OTP, PuTTY before 0.80, AsyncSSH before 2.14.2, golang.org/x/crypto before 0.17.0, libssh before 0.10.6, libssh2 through 1.11.0, Thorn Tech SFTP Gateway before 3.4.6, Tera Term before 5.1, Paramiko before 3.4.0, jsch before 0.2.15, SFTPGo before 2.5.6, Netgate pfSense Plus through 23.09.1, Netgate pfSense CE through 2.7.2, HPN-SSH through 18.2.0, ProFTPD before 1.3.8b (and before 1.3.9rc2), ORYX CycloneSSH before 2.3.4, NetSarang XShell 7 before Build 0144, CrushFTP before 10.6.0, ConnectBot SSH library before 2.2.22, Apache MINA sshd through 2.11.0, sshj through 0.37.0, TinySSH through 20230101, trilead-ssh2 6401, LANCOM LCOS and LANconfig, FileZilla before 3.66.4, Nova before 11.8, PKIX-SSH before 14.4, SecureCRT before 9.4.3, Transmit5 before 5.10.4, Win32-OpenSSH before 9.5.0.0p1-Beta, WinSCP before 6.2.2, Bitvise SSH Server before 9.32, Bitvise SSH Client before 9.33, KiTTY through 0.76.1.13, the net-ssh gem 7.2.0 for Ruby, the mscdex ssh2 module before 1.15.0 for Node.js, the thrussh library before 0.35.1 for Rust, and the Russh crate before 0.40.2 for Rust.\"},{\"lang\":\"es\",\"value\":\"El protocolo de transporte SSH con ciertas extensiones OpenSSH, que se encuentra en OpenSSH anterior a 9.6 y otros productos, permite a atacantes remotos eludir las comprobaciones de integridad de modo que algunos paquetes se omiten (del mensaje de negociaci\u00f3n de extensi\u00f3n) y, en consecuencia, un cliente y un servidor pueden terminar con una conexi\u00f3n para la cual algunas caracter\u00edsticas de seguridad han sido degradadas o deshabilitadas, tambi\u00e9n conocido como un ataque Terrapin. Esto ocurre porque SSH Binary Packet Protocol (BPP), implementado por estas extensiones, maneja mal la fase de protocolo de enlace y el uso de n\u00fameros de secuencia. Por ejemplo, existe un ataque eficaz contra ChaCha20-Poly1305 (y CBC con Encrypt-then-MAC). La omisi\u00f3n se produce en chacha20-poly1305@openssh.com y (si se utiliza CBC) en los algoritmos MAC -etm@openssh.com. Esto tambi\u00e9n afecta a Maverick Synergy Java SSH API anterior a 3.1.0-SNAPSHOT, Dropbear hasta 2022.83, Ssh anterior a 5.1.1 en Erlang/OTP, PuTTY anterior a 0.80 y AsyncSSH anterior a 2.14.2; y podr\u00eda haber efectos en Bitvise SSH hasta la versi\u00f3n 9.31, libssh hasta la 0.10.5 y golang.org/x/crypto hasta el 17 de diciembre de 2023.\"}],\"metrics\":{\"cvssMetricV31\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N\",\"baseScore\":5.9,\"baseSeverity\":\"MEDIUM\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"HIGH\",\"privilegesRequired\":\"NONE\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"NONE\",\"integrityImpact\":\"HIGH\",\"availabilityImpact\":\"NONE\"},\"exploitabilityScore\":2.2,\"impactScore\":3.6},{\"source\":\"134c704f-9b21-4f2e-91b3-4a467353bcc0\",\"type\":\"Secondary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N\",\"baseScore\":5.9,\"baseSeverity\":\"MEDIUM\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"HIGH\",\"privilegesRequired\":\"NONE\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"NONE\",\"integrityImpact\":\"HIGH\",\"availabilityImpact\":\"NONE\"},\"exploitabilityScore\":2.2,\"impactScore\":3.6}]},\"weaknesses\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-354\"}]},{\"source\":\"134c704f-9b21-4f2e-91b3-4a467353bcc0\",\"type\":\"Secondary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-354\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:openbsd:openssh:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"9.6\",\"matchCriteriaId\":\"5308FBBB-F738-41C5-97A4-E40118E957CD\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:putty:putty:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"0.80\",\"matchCriteriaId\":\"A9D807DB-9E20-4792-8A9F-4BFFC841BAB7\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:filezilla-project:filezilla_client:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"3.66.4\",\"matchCriteriaId\":\"42915485-A4DA-48DD-9C15-415D2D39DC52\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:o:apple:macos:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"387021A0-AF36-463C-A605-32EA7DAC172E\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:panic:transmit_5:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"5.10.4\",\"matchCriteriaId\":\"31FFE0AA-FC25-40DE-8EE9-7F4C80ABDE4F\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:o:apple:macos:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"387021A0-AF36-463C-A605-32EA7DAC172E\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:panic:nova:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"11.8\",\"matchCriteriaId\":\"F2FCF7EF-97D7-44CF-AC74-72D856901755\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:roumenpetrov:pkixssh:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"14.4\",\"matchCriteriaId\":\"53CAD263-1C60-43BD-86A2-C8DB15FFB4C6\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:winscp:winscp:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"6.2.2\",\"matchCriteriaId\":\"8FA57F20-C9C1-40A7-B2CD-F3440CCF1D66\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:bitvise:ssh_client:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"9.33\",\"matchCriteriaId\":\"6209E375-10C7-4E65-A2E7-455A686717AC\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:bitvise:ssh_server:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"9.32\",\"matchCriteriaId\":\"1A05CC3C-19C5-4BAA-ABA2-EE1795E0BE81\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:lancom-systems:lcos:*:*:*:*:*:*:*:*\",\"versionEndIncluding\":\"3.66.4\",\"matchCriteriaId\":\"3A71B523-0778-46C6-A38B-64452E0BB6E7\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:lancom-systems:lcos_fx:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"F1C91308-15E5-40AF-B4D5-3CAD7BC65DDF\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:lancom-systems:lcos_lx:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"418940E3-6DD1-4AA6-846A-03E059D0C681\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:lancom-systems:lcos_sx:4.20:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"411BA58A-33B6-44CA-B9D6-7F9042D46961\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:lancom-systems:lcos_sx:5.20:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"FA17A153-30E4-4731-8706-8F74FCA50993\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:lancom-systems:lanconfig:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"FB736F57-9BE3-4457-A10E-FA88D0932154\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:vandyke:securecrt:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"9.4.3\",\"matchCriteriaId\":\"6EB8D02D-87F3-414D-A3EA-43F594DAAC1B\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:libssh:libssh:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"0.10.6\",\"matchCriteriaId\":\"AAB481DA-FBFE-4CC2-9AE7-22025FA07494\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:net-ssh:net-ssh:7.2.0:*:*:*:*:ruby:*:*\",\"matchCriteriaId\":\"3D6FD459-F8E8-4126-8097-D30B4639404A\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:ssh2_project:ssh2:*:*:*:*:*:node.js:*:*\",\"versionEndIncluding\":\"1.11.0\",\"matchCriteriaId\":\"69510F52-C699-4E7D-87EF-7000682888F0\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:proftpd:proftpd:*:*:*:*:*:*:*:*\",\"versionEndIncluding\":\"1.3.8b\",\"matchCriteriaId\":\"9461430B-3709-45B6-8858-2101F5AE4481\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:freebsd:freebsd:*:*:*:*:*:*:*:*\",\"versionEndIncluding\":\"12.4\",\"matchCriteriaId\":\"B9A01DF3-E20E-4F29-B5CF-DDF717D01E74\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:crates:thrussh:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"0.35.1\",\"matchCriteriaId\":\"D25EB73D-6145-4B7D-8F14-80FD0B458E99\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:tera_term_project:tera_term:*:*:*:*:*:*:*:*\",\"versionEndIncluding\":\"5.1\",\"matchCriteriaId\":\"77594DEC-B5F7-4911-A13D-FFE91C74BAFA\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oryx-embedded:cyclone_ssh:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"2.3.4\",\"matchCriteriaId\":\"F8FF7E74-2351-4CD9-B717-FA28893293A1\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:crushftp:crushftp:*:*:*:*:*:*:*:*\",\"versionEndIncluding\":\"10.6.0\",\"matchCriteriaId\":\"82A93C12-FEB6-4E82-B283-0ED7820D807E\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:netsarang:xshell_7:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"build__0144\",\"matchCriteriaId\":\"B480AE79-2FA1-4281-9F0D-0DE812B9354D\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:paramiko:paramiko:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"3.4.0\",\"matchCriteriaId\":\"826B6323-06F8-4B96-8771-3FA15A727B08\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:redhat:openshift_container_platform:4.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"932D137F-528B-4526-9A89-CD59FA1AB0FE\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:redhat:openstack_platform:16.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"DCC81071-B46D-4F5D-AC25-B4A4CCC20C73\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:redhat:openstack_platform:16.2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"4B3000D2-35DF-4A93-9FC0-1AD3AB8349B8\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:redhat:openstack_platform:17.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"E315FC5C-FF19-43C9-A58A-CF2A5FF13824\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:redhat:ceph_storage:6.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"FA7EAD12-E398-44AF-9859-F3CA6C63BA6B\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:redhat:enterprise_linux:8.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"F4CFF558-3C47-480D-A2F0-BABF26042943\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:redhat:enterprise_linux:9.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"7F6FB57C-2BC7-487C-96DD-132683AEB35D\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:redhat:openshift_serverless:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"77675CB7-67D7-44E9-B7FF-D224B3341AA5\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:redhat:openshift_gitops:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"C0AAA300-691A-4957-8B69-F6888CC971B1\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:redhat:openshift_pipelines:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"45937289-2D64-47CB-A750-5B4F0D4664A0\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:redhat:openshift_developer_tools_and_services:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"97321212-0E07-4CC2-A917-7B5F61AB9A5A\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:redhat:openshift_data_foundation:4.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"0E2C021C-A9F0-4EB4-ADED-81D8B57B4563\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:redhat:openshift_api_for_data_protection:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"7BF8EFFB-5686-4F28-A68F-1A8854E098CE\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:redhat:openshift_virtualization:4:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"9C877879-B84B-471C-80CF-0656521CA8AB\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:redhat:storage:3.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"379A5883-F6DF-41F5-9403-8D17F6605737\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:redhat:discovery:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"B5B1D946-5978-4818-BF21-A43D9C1365E1\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:redhat:openshift_dev_spaces:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"99B8A88B-0B31-4CFF-AFD7-C9D3DDD5790D\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:redhat:cert-manager_operator_for_red_hat_openshift:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"6D5A7736-A403-4617-8790-18E46CB74DA6\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:redhat:keycloak:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"6E0DE4E1-5D8D-40F3-8AC8-C7F736966158\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:redhat:jboss_enterprise_application_platform:7.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"88BF3B2C-B121-483A-AEF2-8082F6DA5310\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:redhat:single_sign-on:7.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"9EFEC7CA-8DDA-48A6-A7B6-1F1D14792890\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:redhat:advanced_cluster_security:3.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"F0FD736A-8730-446A-BA3A-7B608DB62B0E\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:redhat:advanced_cluster_security:4.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"F4C504B6-3902-46E2-82B7-48AEC9CDD48D\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:golang:crypto:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"0.17.0\",\"matchCriteriaId\":\"F92E56DF-98DF-4328-B37E-4D5744E4103D\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:russh_project:russh:*:*:*:*:*:rust:*:*\",\"versionEndExcluding\":\"0.40.2\",\"matchCriteriaId\":\"AC12508E-3C31-44EA-B4F3-29316BE9B189\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:sftpgo_project:sftpgo:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"2.5.6\",\"matchCriteriaId\":\"1750028C-698D-4E84-B727-8A155A46ADEB\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:erlang:erlang\\\\/otp:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"22.3.4.27\",\"matchCriteriaId\":\"B38C0997-A8CC-473C-98CF-641FD21EB411\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:erlang:erlang\\\\/otp:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"23.0\",\"versionEndExcluding\":\"23.3.4.20\",\"matchCriteriaId\":\"5887F3E2-9214-4FAE-8768-441D770E27C0\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:erlang:erlang\\\\/otp:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"24.0\",\"versionEndExcluding\":\"24.3.4.15\",\"matchCriteriaId\":\"8D7CB988-94C4-45BE-AD9D-9C16899A71DF\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:erlang:erlang\\\\/otp:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"25.0\",\"versionEndExcluding\":\"25.3.2.8\",\"matchCriteriaId\":\"EB749F4B-99FC-4AE8-BDB3-85B081B52F82\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:erlang:erlang\\\\/otp:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"26.0\",\"versionEndExcluding\":\"26.2.1\",\"matchCriteriaId\":\"2380909A-BA9B-4A76-82F2-D2D0EF242E57\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:matez:jsch:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"0.2.15\",\"matchCriteriaId\":\"61119DB3-4336-4D3B-863A-0CCF4146E5C1\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:libssh2:libssh2:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"1.11.1\",\"matchCriteriaId\":\"7BFDD272-3DF0-4E3F-B69A-E7ABF4B18B24\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:asyncssh_project:asyncssh:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"2.14.2\",\"matchCriteriaId\":\"FAE46983-0ABC-49F7-AC18-A78FAC7E73AA\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:dropbear_ssh_project:dropbear_ssh:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"2022.83\",\"matchCriteriaId\":\"06BF3368-F232-4E6B-883E-A591EED5C827\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:jadaptive:maverick_synergy_java_ssh_api:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"3.1.0-snapshot\",\"matchCriteriaId\":\"36531FB6-5682-4BF1-9785-E9D6D1C4207B\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:ssh:ssh:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"4.9.1.5\",\"matchCriteriaId\":\"A86A51EA-B501-42F8-91E6-4EA97DED767C\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:ssh:ssh:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"4.10\",\"versionEndExcluding\":\"4.11.1.7\",\"matchCriteriaId\":\"70989970-E224-4D1C-941E-BBFB2AE7285C\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:ssh:ssh:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"4.12\",\"versionEndExcluding\":\"4.13.2.4\",\"matchCriteriaId\":\"E7819CE3-2849-4D15-874B-F6A68EF6D65F\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:ssh:ssh:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"4.14\",\"versionEndExcluding\":\"4.15.3.1\",\"matchCriteriaId\":\"F6A4DD8B-06AD-4F13-8F7E-1E2AAF81C119\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:ssh:ssh:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"5.0\",\"versionEndExcluding\":\"5.1.1\",\"matchCriteriaId\":\"D91ED5E1-1D75-4B63-B0A2-B2EB6D4AC685\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:thorntech:sftp_gateway_firmware:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"3.4.6\",\"matchCriteriaId\":\"83B1AF39-C0B9-4031-B19A-BDDD4F337273\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:netgate:pfsense_plus:*:*:*:*:*:*:*:*\",\"versionEndIncluding\":\"23.09.1\",\"matchCriteriaId\":\"2B71B0EF-888E-45E2-A055-F59CDCC1AFC7\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:netgate:pfsense_ce:*:*:*:*:*:*:*:*\",\"versionEndIncluding\":\"2.7.2\",\"matchCriteriaId\":\"8F23CDF7-2881-4B4E-B84F-4E04F4ED8CCF\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:crushftp:crushftp:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"10.6.0\",\"matchCriteriaId\":\"C1795F7A-203F-400E-B09C-0FAF16D01CFC\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:connectbot:sshlib:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"2.2.22\",\"matchCriteriaId\":\"0D79DDDD-02F0-4C12-BE7F-1B9DF1722C7A\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:sshd:*:*:*:*:*:*:*:*\",\"versionEndIncluding\":\"2.11.0\",\"matchCriteriaId\":\"E2D7B0CA-C01F-4296-9425-48299E3889C5\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:sshj:*:*:*:*:*:*:*:*\",\"versionEndIncluding\":\"0.37.0\",\"matchCriteriaId\":\"1C3EB0B8-9E76-4146-AB02-02E20B91D55C\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:tinyssh:tinyssh:*:*:*:*:*:*:*:*\",\"versionEndIncluding\":\"20230101\",\"matchCriteriaId\":\"0582468A-149B-429F-978A-2AEDF4BE2606\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:trilead:ssh2:6401:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"7E4BAF06-5A79-46D7-8C4F-E670BD6B7C2D\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:9bis:kitty:*:*:*:*:*:*:*:*\",\"versionEndIncluding\":\"0.76.1.13\",\"matchCriteriaId\":\"98321BF9-5E8F-4836-842C-47713B1C2775\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:gentoo:security:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"76BDAFDE-4515-42E6-820F-38AF4A786CF2\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:o:debian:debian_linux:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"5920923E-0D52-44E5-801D-10B82846ED58\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:fedoraproject:fedora:38:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"CC559B26-5DFC-4B7A-A27C-B77DE755DFF9\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:fedoraproject:fedora:39:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"B8EDB836-4E6A-4B71-B9B2-AA3E03E0F646\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"07B237A9-69A3-4A9C-9DA0-4E06BD37AE73\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:apple:macos:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"14.0\",\"versionEndExcluding\":\"14.4\",\"matchCriteriaId\":\"73160D1F-755B-46D2-969F-DF8E43BB1099\"}]}]}],\"references\":[{\"url\":\"http://packetstormsecurity.com/files/176280/Terrapin-SSH-Connection-Weakening.html\",\"source\":\"cve@mitre.org\",\"tags\":[\"Third Party Advisory\",\"VDB Entry\"]},{\"url\":\"http://seclists.org/fulldisclosure/2024/Mar/21\",\"source\":\"cve@mitre.org\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"http://www.openwall.com/lists/oss-security/2023/12/18/3\",\"source\":\"cve@mitre.org\",\"tags\":[\"Mailing List\"]},{\"url\":\"http://www.openwall.com/lists/oss-security/2023/12/19/5\",\"source\":\"cve@mitre.org\",\"tags\":[\"Mailing List\"]},{\"url\":\"http://www.openwall.com/lists/oss-security/2023/12/20/3\",\"source\":\"cve@mitre.org\",\"tags\":[\"Mailing List\",\"Mitigation\"]},{\"url\":\"http://www.openwall.com/lists/oss-security/2024/03/06/3\",\"source\":\"cve@mitre.org\",\"tags\":[\"Mailing List\"]},{\"url\":\"http://www.openwall.com/lists/oss-security/2024/04/17/8\",\"source\":\"cve@mitre.org\",\"tags\":[\"Mailing List\"]},{\"url\":\"https://access.redhat.com/security/cve/cve-2023-48795\",\"source\":\"cve@mitre.org\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://arstechnica.com/security/2023/12/hackers-can-break-ssh-channel-integrity-using-novel-data-corruption-attack/\",\"source\":\"cve@mitre.org\",\"tags\":[\"Press/Media Coverage\"]},{\"url\":\"https://bugs.gentoo.org/920280\",\"source\":\"cve@mitre.org\",\"tags\":[\"Issue Tracking\"]},{\"url\":\"https://bugzilla.redhat.com/show_bug.cgi?id=2254210\",\"source\":\"cve@mitre.org\",\"tags\":[\"Issue Tracking\"]},{\"url\":\"https://bugzilla.suse.com/show_bug.cgi?id=1217950\",\"source\":\"cve@mitre.org\",\"tags\":[\"Issue Tracking\"]},{\"url\":\"https://crates.io/crates/thrussh/versions\",\"source\":\"cve@mitre.org\",\"tags\":[\"Release Notes\"]},{\"url\":\"https://filezilla-project.org/versions.php\",\"source\":\"cve@mitre.org\",\"tags\":[\"Release Notes\"]},{\"url\":\"https://forum.netgate.com/topic/184941/terrapin-ssh-attack\",\"source\":\"cve@mitre.org\",\"tags\":[\"Issue Tracking\"]},{\"url\":\"https://git.libssh.org/projects/libssh.git/commit/?h=stable-0.10\u0026id=10e09e273f69e149389b3e0e5d44b8c221c2e7f6\",\"source\":\"cve@mitre.org\",\"tags\":[\"Patch\"]},{\"url\":\"https://github.com/NixOS/nixpkgs/pull/275249\",\"source\":\"cve@mitre.org\",\"tags\":[\"Release Notes\"]},{\"url\":\"https://github.com/PowerShell/Win32-OpenSSH/issues/2189\",\"source\":\"cve@mitre.org\",\"tags\":[\"Issue Tracking\"]},{\"url\":\"https://github.com/PowerShell/Win32-OpenSSH/releases/tag/v9.5.0.0p1-Beta\",\"source\":\"cve@mitre.org\",\"tags\":[\"Release Notes\"]},{\"url\":\"https://github.com/TeraTermProject/teraterm/commit/7279fbd6ef4d0c8bdd6a90af4ada2899d786eec0\",\"source\":\"cve@mitre.org\",\"tags\":[\"Patch\"]},{\"url\":\"https://github.com/TeraTermProject/teraterm/releases/tag/v5.1\",\"source\":\"cve@mitre.org\",\"tags\":[\"Release Notes\"]},{\"url\":\"https://github.com/advisories/GHSA-45x7-px36-x8w8\",\"source\":\"cve@mitre.org\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://github.com/apache/mina-sshd/issues/445\",\"source\":\"cve@mitre.org\",\"tags\":[\"Issue Tracking\"]},{\"url\":\"https://github.com/connectbot/sshlib/commit/5c8b534f6e97db7ac0e0e579331213aa25c173ab\",\"source\":\"cve@mitre.org\",\"tags\":[\"Patch\"]},{\"url\":\"https://github.com/connectbot/sshlib/compare/2.2.21...2.2.22\",\"source\":\"cve@mitre.org\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://github.com/cyd01/KiTTY/issues/520\",\"source\":\"cve@mitre.org\",\"tags\":[\"Issue Tracking\"]},{\"url\":\"https://github.com/drakkan/sftpgo/releases/tag/v2.5.6\",\"source\":\"cve@mitre.org\",\"tags\":[\"Release Notes\"]},{\"url\":\"https://github.com/erlang/otp/blob/d1b43dc0f1361d2ad67601169e90a7fc50bb0369/lib/ssh/doc/src/notes.xml#L39-L42\",\"source\":\"cve@mitre.org\",\"tags\":[\"Patch\"]},{\"url\":\"https://github.com/erlang/otp/releases/tag/OTP-26.2.1\",\"source\":\"cve@mitre.org\",\"tags\":[\"Release Notes\"]},{\"url\":\"https://github.com/golang/crypto/commit/9d2ee975ef9fe627bf0a6f01c1f69e8ef1d4f05d\",\"source\":\"cve@mitre.org\",\"tags\":[\"Patch\"]},{\"url\":\"https://github.com/hierynomus/sshj/issues/916\",\"source\":\"cve@mitre.org\",\"tags\":[\"Issue Tracking\"]},{\"url\":\"https://github.com/janmojzis/tinyssh/issues/81\",\"source\":\"cve@mitre.org\",\"tags\":[\"Issue Tracking\"]},{\"url\":\"https://github.com/jtesta/ssh-audit/commit/8e972c5e94b460379fe0c7d20209c16df81538a5\",\"source\":\"cve@mitre.org\",\"tags\":[\"Patch\"]},{\"url\":\"https://github.com/libssh2/libssh2/pull/1291\",\"source\":\"cve@mitre.org\",\"tags\":[\"Mitigation\"]},{\"url\":\"https://github.com/mkj/dropbear/blob/17657c36cce6df7716d5ff151ec09a665382d5dd/CHANGES#L25\",\"source\":\"cve@mitre.org\",\"tags\":[\"Patch\"]},{\"url\":\"https://github.com/mscdex/ssh2/commit/97b223f8891b96d6fc054df5ab1d5a1a545da2a3\",\"source\":\"cve@mitre.org\",\"tags\":[\"Patch\"]},{\"url\":\"https://github.com/mwiede/jsch/compare/jsch-0.2.14...jsch-0.2.15\",\"source\":\"cve@mitre.org\",\"tags\":[\"Product\"]},{\"url\":\"https://github.com/mwiede/jsch/issues/457\",\"source\":\"cve@mitre.org\",\"tags\":[\"Issue Tracking\"]},{\"url\":\"https://github.com/mwiede/jsch/pull/461\",\"source\":\"cve@mitre.org\",\"tags\":[\"Release Notes\"]},{\"url\":\"https://github.com/net-ssh/net-ssh/blob/2e65064a52d73396bfc3806c9196fc8108f33cd8/CHANGES.txt#L14-L16\",\"source\":\"cve@mitre.org\",\"tags\":[\"Patch\"]},{\"url\":\"https://github.com/openssh/openssh-portable/commits/master\",\"source\":\"cve@mitre.org\",\"tags\":[\"Patch\"]},{\"url\":\"https://github.com/paramiko/paramiko/issues/2337\",\"source\":\"cve@mitre.org\",\"tags\":[\"Issue Tracking\"]},{\"url\":\"https://github.com/proftpd/proftpd/blob/0a7ea9b0ba9fcdf368374a226370d08f10397d99/RELEASE_NOTES\",\"source\":\"cve@mitre.org\",\"tags\":[\"Release Notes\"]},{\"url\":\"https://github.com/proftpd/proftpd/blob/d21e7a2e47e9b38f709bec58e3fa711f759ad0e1/RELEASE_NOTES\",\"source\":\"cve@mitre.org\",\"tags\":[\"Release Notes\"]},{\"url\":\"https://github.com/proftpd/proftpd/blob/master/RELEASE_NOTES\",\"source\":\"cve@mitre.org\",\"tags\":[\"Release Notes\"]},{\"url\":\"https://github.com/proftpd/proftpd/issues/456\",\"source\":\"cve@mitre.org\",\"tags\":[\"Issue Tracking\"]},{\"url\":\"https://github.com/rapier1/hpn-ssh/releases\",\"source\":\"cve@mitre.org\",\"tags\":[\"Release Notes\"]},{\"url\":\"https://github.com/ronf/asyncssh/blob/develop/docs/changes.rst\",\"source\":\"cve@mitre.org\",\"tags\":[\"Release Notes\"]},{\"url\":\"https://github.com/ronf/asyncssh/tags\",\"source\":\"cve@mitre.org\",\"tags\":[\"Release Notes\"]},{\"url\":\"https://github.com/ssh-mitm/ssh-mitm/issues/165\",\"source\":\"cve@mitre.org\",\"tags\":[\"Issue Tracking\"]},{\"url\":\"https://github.com/warp-tech/russh/releases/tag/v0.40.2\",\"source\":\"cve@mitre.org\",\"tags\":[\"Release Notes\"]},{\"url\":\"https://gitlab.com/libssh/libssh-mirror/-/tags\",\"source\":\"cve@mitre.org\",\"tags\":[\"Release Notes\"]},{\"url\":\"https://groups.google.com/g/golang-announce/c/-n5WqVC18LQ\",\"source\":\"cve@mitre.org\",\"tags\":[\"Mailing List\"]},{\"url\":\"https://groups.google.com/g/golang-announce/c/qA3XtxvMUyg\",\"source\":\"cve@mitre.org\",\"tags\":[\"Mailing List\"]},{\"url\":\"https://help.panic.com/releasenotes/transmit5/\",\"source\":\"cve@mitre.org\",\"tags\":[\"Release Notes\"]},{\"url\":\"https://jadaptive.com/important-java-ssh-security-update-new-ssh-vulnerability-discovered-cve-2023-48795/\",\"source\":\"cve@mitre.org\",\"tags\":[\"Press/Media Coverage\"]},{\"url\":\"https://lists.debian.org/debian-lts-announce/2023/12/msg00017.html\",\"source\":\"cve@mitre.org\",\"tags\":[\"Mailing List\"]},{\"url\":\"https://lists.debian.org/debian-lts-announce/2024/01/msg00013.html\",\"source\":\"cve@mitre.org\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"https://lists.debian.org/debian-lts-announce/2024/01/msg00014.html\",\"source\":\"cve@mitre.org\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"https://lists.debian.org/debian-lts-announce/2024/04/msg00016.html\",\"source\":\"cve@mitre.org\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/33XHJUB6ROFUOH2OQNENFROTVH6MHSHA/\",\"source\":\"cve@mitre.org\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/3CAYYW35MUTNO65RVAELICTNZZFMT2XS/\",\"source\":\"cve@mitre.org\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/3JIMLVBDWOP4FUPXPTB4PGHHIOMGFLQE/\",\"source\":\"cve@mitre.org\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/3YQLUQWLIHDB5QCXQEX7HXHAWMOKPP5O/\",\"source\":\"cve@mitre.org\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/6Y74KVCPEPT4MVU3LHDWCNNOXOE5ZLUR/\",\"source\":\"cve@mitre.org\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/APYIXIQOVDCRWLHTGB4VYMAUIAQLKYJ3/\",\"source\":\"cve@mitre.org\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/BL5KTLOSLH2KHRN4HCXJPK3JUVLDGEL6/\",\"source\":\"cve@mitre.org\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/C3AFMZ6MH2UHHOPIWT5YLSFV3D2VB3AC/\",\"source\":\"cve@mitre.org\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/CHHITS4PUOZAKFIUBQAQZC7JWXMOYE4B/\",\"source\":\"cve@mitre.org\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/F7EYCFQCTSGJXWO3ZZ44MGKFC5HA7G3Y/\",\"source\":\"cve@mitre.org\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/HYEDEXIKFKTUJIN43RG4B7T5ZS6MHUSP/\",\"source\":\"cve@mitre.org\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/I724O3LSRCPO4WNVIXTZCT4VVRMXMMSG/\",\"source\":\"cve@mitre.org\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/KEOTKBUPZXHE3F352JBYNTSNRXYLWD6P/\",\"source\":\"cve@mitre.org\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/KMZCVGUGJZZVDPCVDA7TEB22VUCNEXDD/\",\"source\":\"cve@mitre.org\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/L5Y6MNNVAPIJSXJERQ6PKZVCIUXSNJK7/\",\"source\":\"cve@mitre.org\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/LZQVUHWVWRH73YBXUQJOD6CKHDQBU3DM/\",\"source\":\"cve@mitre.org\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/MKQRBF3DWMWPH36LBCOBUTSIZRTPEZXB/\",\"source\":\"cve@mitre.org\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/QI3EHAHABFQK7OABNCSF5GMYP6TONTI7/\",\"source\":\"cve@mitre.org\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"https://matt.ucc.asn.au/dropbear/CHANGES\",\"source\":\"cve@mitre.org\",\"tags\":[\"Release Notes\"]},{\"url\":\"https://nest.pijul.com/pijul/thrussh/changes/D6H7OWTTMHHX6BTB3B6MNBOBX2L66CBL4LGSEUSAI2MCRCJDQFRQC\",\"source\":\"cve@mitre.org\",\"tags\":[\"Patch\"]},{\"url\":\"https://news.ycombinator.com/item?id=38684904\",\"source\":\"cve@mitre.org\",\"tags\":[\"Issue Tracking\"]},{\"url\":\"https://news.ycombinator.com/item?id=38685286\",\"source\":\"cve@mitre.org\",\"tags\":[\"Issue Tracking\"]},{\"url\":\"https://news.ycombinator.com/item?id=38732005\",\"source\":\"cve@mitre.org\",\"tags\":[\"Issue Tracking\"]},{\"url\":\"https://nova.app/releases/#v11.8\",\"source\":\"cve@mitre.org\",\"tags\":[\"Release Notes\"]},{\"url\":\"https://oryx-embedded.com/download/#changelog\",\"source\":\"cve@mitre.org\",\"tags\":[\"Release Notes\"]},{\"url\":\"https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2024-0002\",\"source\":\"cve@mitre.org\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://roumenpetrov.info/secsh/#news20231220\",\"source\":\"cve@mitre.org\",\"tags\":[\"Release Notes\"]},{\"url\":\"https://security-tracker.debian.org/tracker/CVE-2023-48795\",\"source\":\"cve@mitre.org\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"https://security-tracker.debian.org/tracker/source-package/libssh2\",\"source\":\"cve@mitre.org\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"https://security-tracker.debian.org/tracker/source-package/proftpd-dfsg\",\"source\":\"cve@mitre.org\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"https://security-tracker.debian.org/tracker/source-package/trilead-ssh2\",\"source\":\"cve@mitre.org\",\"tags\":[\"Issue Tracking\"]},{\"url\":\"https://security.gentoo.org/glsa/202312-16\",\"source\":\"cve@mitre.org\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://security.gentoo.org/glsa/202312-17\",\"source\":\"cve@mitre.org\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://security.netapp.com/advisory/ntap-20240105-0004/\",\"source\":\"cve@mitre.org\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://support.apple.com/kb/HT214084\",\"source\":\"cve@mitre.org\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://thorntech.com/cve-2023-48795-and-sftp-gateway/\",\"source\":\"cve@mitre.org\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://twitter.com/TrueSkrillor/status/1736774389725565005\",\"source\":\"cve@mitre.org\",\"tags\":[\"Press/Media Coverage\"]},{\"url\":\"https://ubuntu.com/security/CVE-2023-48795\",\"source\":\"cve@mitre.org\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"https://winscp.net/eng/docs/history#6.2.2\",\"source\":\"cve@mitre.org\",\"tags\":[\"Release Notes\"]},{\"url\":\"https://www.bitvise.com/ssh-client-version-history#933\",\"source\":\"cve@mitre.org\",\"tags\":[\"Release Notes\"]},{\"url\":\"https://www.bitvise.com/ssh-server-version-history\",\"source\":\"cve@mitre.org\",\"tags\":[\"Release Notes\"]},{\"url\":\"https://www.chiark.greenend.org.uk/~sgtatham/putty/changes.html\",\"source\":\"cve@mitre.org\",\"tags\":[\"Release Notes\"]},{\"url\":\"https://www.crushftp.com/crush10wiki/Wiki.jsp?page=Update\",\"source\":\"cve@mitre.org\",\"tags\":[\"Release Notes\"]},{\"url\":\"https://www.debian.org/security/2023/dsa-5586\",\"source\":\"cve@mitre.org\",\"tags\":[\"Issue Tracking\"]},{\"url\":\"https://www.debian.org/security/2023/dsa-5588\",\"source\":\"cve@mitre.org\",\"tags\":[\"Issue Tracking\"]},{\"url\":\"https://www.freebsd.org/security/advisories/FreeBSD-SA-23:19.openssh.asc\",\"source\":\"cve@mitre.org\",\"tags\":[\"Release Notes\"]},{\"url\":\"https://www.lancom-systems.de/service-support/allgemeine-sicherheitshinweise#c243508\",\"source\":\"cve@mitre.org\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"https://www.netsarang.com/en/xshell-update-history/\",\"source\":\"cve@mitre.org\",\"tags\":[\"Release Notes\"]},{\"url\":\"https://www.openssh.com/openbsd.html\",\"source\":\"cve@mitre.org\",\"tags\":[\"Release Notes\"]},{\"url\":\"https://www.openssh.com/txt/release-9.6\",\"source\":\"cve@mitre.org\",\"tags\":[\"Release Notes\"]},{\"url\":\"https://www.openwall.com/lists/oss-security/2023/12/18/2\",\"source\":\"cve@mitre.org\",\"tags\":[\"Mailing List\"]},{\"url\":\"https://www.openwall.com/lists/oss-security/2023/12/20/3\",\"source\":\"cve@mitre.org\",\"tags\":[\"Mailing List\",\"Mitigation\"]},{\"url\":\"https://www.paramiko.org/changelog.html\",\"source\":\"cve@mitre.org\",\"tags\":[\"Release Notes\"]},{\"url\":\"https://www.reddit.com/r/sysadmin/comments/18idv52/cve202348795_why_is_this_cve_still_undisclosed/\",\"source\":\"cve@mitre.org\",\"tags\":[\"Issue Tracking\"]},{\"url\":\"https://www.suse.com/c/suse-addresses-the-ssh-v2-protocol-terrapin-attack-aka-cve-2023-48795/\",\"source\":\"cve@mitre.org\",\"tags\":[\"Press/Media Coverage\"]},{\"url\":\"https://www.terrapin-attack.com\",\"source\":\"cve@mitre.org\",\"tags\":[\"Exploit\"]},{\"url\":\"https://www.theregister.com/2023/12/20/terrapin_attack_ssh\",\"source\":\"cve@mitre.org\",\"tags\":[\"Press/Media Coverage\"]},{\"url\":\"https://www.vandyke.com/products/securecrt/history.txt\",\"source\":\"cve@mitre.org\",\"tags\":[\"Release Notes\"]},{\"url\":\"http://packetstormsecurity.com/files/176280/Terrapin-SSH-Connection-Weakening.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\",\"VDB Entry\"]},{\"url\":\"http://seclists.org/fulldisclosure/2024/Mar/21\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"http://www.openwall.com/lists/oss-security/2023/12/18/3\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mailing List\"]},{\"url\":\"http://www.openwall.com/lists/oss-security/2023/12/19/5\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mailing List\"]},{\"url\":\"http://www.openwall.com/lists/oss-security/2023/12/20/3\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mailing List\",\"Mitigation\"]},{\"url\":\"http://www.openwall.com/lists/oss-security/2024/03/06/3\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mailing List\"]},{\"url\":\"http://www.openwall.com/lists/oss-security/2024/04/17/8\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mailing List\"]},{\"url\":\"https://access.redhat.com/security/cve/cve-2023-48795\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://arstechnica.com/security/2023/12/hackers-can-break-ssh-channel-integrity-using-novel-data-corruption-attack/\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Press/Media Coverage\"]},{\"url\":\"https://bugs.gentoo.org/920280\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Issue Tracking\"]},{\"url\":\"https://bugzilla.redhat.com/show_bug.cgi?id=2254210\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Issue Tracking\"]},{\"url\":\"https://bugzilla.suse.com/show_bug.cgi?id=1217950\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Issue Tracking\"]},{\"url\":\"https://crates.io/crates/thrussh/versions\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Release Notes\"]},{\"url\":\"https://filezilla-project.org/versions.php\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Release Notes\"]},{\"url\":\"https://forum.netgate.com/topic/184941/terrapin-ssh-attack\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Issue Tracking\"]},{\"url\":\"https://git.libssh.org/projects/libssh.git/commit/?h=stable-0.10\u0026id=10e09e273f69e149389b3e0e5d44b8c221c2e7f6\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Patch\"]},{\"url\":\"https://github.com/NixOS/nixpkgs/pull/275249\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Release Notes\"]},{\"url\":\"https://github.com/PowerShell/Win32-OpenSSH/issues/2189\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Issue Tracking\"]},{\"url\":\"https://github.com/PowerShell/Win32-OpenSSH/releases/tag/v9.5.0.0p1-Beta\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Release Notes\"]},{\"url\":\"https://github.com/TeraTermProject/teraterm/commit/7279fbd6ef4d0c8bdd6a90af4ada2899d786eec0\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Patch\"]},{\"url\":\"https://github.com/TeraTermProject/teraterm/releases/tag/v5.1\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Release Notes\"]},{\"url\":\"https://github.com/advisories/GHSA-45x7-px36-x8w8\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://github.com/apache/mina-sshd/issues/445\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Issue Tracking\"]},{\"url\":\"https://github.com/connectbot/sshlib/commit/5c8b534f6e97db7ac0e0e579331213aa25c173ab\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Patch\"]},{\"url\":\"https://github.com/connectbot/sshlib/compare/2.2.21...2.2.22\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://github.com/cyd01/KiTTY/issues/520\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Issue Tracking\"]},{\"url\":\"https://github.com/drakkan/sftpgo/releases/tag/v2.5.6\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Release Notes\"]},{\"url\":\"https://github.com/erlang/otp/blob/d1b43dc0f1361d2ad67601169e90a7fc50bb0369/lib/ssh/doc/src/notes.xml#L39-L42\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Patch\"]},{\"url\":\"https://github.com/erlang/otp/releases/tag/OTP-26.2.1\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Release Notes\"]},{\"url\":\"https://github.com/golang/crypto/commit/9d2ee975ef9fe627bf0a6f01c1f69e8ef1d4f05d\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Patch\"]},{\"url\":\"https://github.com/hierynomus/sshj/issues/916\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Issue Tracking\"]},{\"url\":\"https://github.com/janmojzis/tinyssh/issues/81\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Issue Tracking\"]},{\"url\":\"https://github.com/jtesta/ssh-audit/commit/8e972c5e94b460379fe0c7d20209c16df81538a5\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Patch\"]},{\"url\":\"https://github.com/libssh2/libssh2/pull/1291\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mitigation\"]},{\"url\":\"https://github.com/mkj/dropbear/blob/17657c36cce6df7716d5ff151ec09a665382d5dd/CHANGES#L25\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Patch\"]},{\"url\":\"https://github.com/mscdex/ssh2/commit/97b223f8891b96d6fc054df5ab1d5a1a545da2a3\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Patch\"]},{\"url\":\"https://github.com/mwiede/jsch/compare/jsch-0.2.14...jsch-0.2.15\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Product\"]},{\"url\":\"https://github.com/mwiede/jsch/issues/457\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Issue Tracking\"]},{\"url\":\"https://github.com/mwiede/jsch/pull/461\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Release Notes\"]},{\"url\":\"https://github.com/net-ssh/net-ssh/blob/2e65064a52d73396bfc3806c9196fc8108f33cd8/CHANGES.txt#L14-L16\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Patch\"]},{\"url\":\"https://github.com/openssh/openssh-portable/commits/master\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Patch\"]},{\"url\":\"https://github.com/paramiko/paramiko/issues/2337\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Issue Tracking\"]},{\"url\":\"https://github.com/proftpd/proftpd/blob/0a7ea9b0ba9fcdf368374a226370d08f10397d99/RELEASE_NOTES\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Release Notes\"]},{\"url\":\"https://github.com/proftpd/proftpd/blob/d21e7a2e47e9b38f709bec58e3fa711f759ad0e1/RELEASE_NOTES\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Release Notes\"]},{\"url\":\"https://github.com/proftpd/proftpd/blob/master/RELEASE_NOTES\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Release Notes\"]},{\"url\":\"https://github.com/proftpd/proftpd/issues/456\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Issue Tracking\"]},{\"url\":\"https://github.com/rapier1/hpn-ssh/releases\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Release Notes\"]},{\"url\":\"https://github.com/ronf/asyncssh/blob/develop/docs/changes.rst\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Release Notes\"]},{\"url\":\"https://github.com/ronf/asyncssh/tags\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Release Notes\"]},{\"url\":\"https://github.com/ssh-mitm/ssh-mitm/issues/165\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Issue Tracking\"]},{\"url\":\"https://github.com/warp-tech/russh/releases/tag/v0.40.2\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Release Notes\"]},{\"url\":\"https://gitlab.com/libssh/libssh-mirror/-/tags\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Release Notes\"]},{\"url\":\"https://groups.google.com/g/golang-announce/c/-n5WqVC18LQ\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mailing List\"]},{\"url\":\"https://groups.google.com/g/golang-announce/c/qA3XtxvMUyg\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mailing List\"]},{\"url\":\"https://help.panic.com/releasenotes/transmit5/\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Release Notes\"]},{\"url\":\"https://jadaptive.com/important-java-ssh-security-update-new-ssh-vulnerability-discovered-cve-2023-48795/\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Press/Media Coverage\"]},{\"url\":\"https://lists.debian.org/debian-lts-announce/2023/12/msg00017.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mailing List\"]},{\"url\":\"https://lists.debian.org/debian-lts-announce/2024/01/msg00013.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"https://lists.debian.org/debian-lts-announce/2024/01/msg00014.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"https://lists.debian.org/debian-lts-announce/2024/04/msg00016.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"https://lists.debian.org/debian-lts-announce/2024/09/msg00042.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://lists.debian.org/debian-lts-announce/2024/11/msg00032.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://lists.debian.org/debian-lts-announce/2025/04/msg00028.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/33XHJUB6ROFUOH2OQNENFROTVH6MHSHA/\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/3CAYYW35MUTNO65RVAELICTNZZFMT2XS/\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/3JIMLVBDWOP4FUPXPTB4PGHHIOMGFLQE/\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/3YQLUQWLIHDB5QCXQEX7HXHAWMOKPP5O/\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/6Y74KVCPEPT4MVU3LHDWCNNOXOE5ZLUR/\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/APYIXIQOVDCRWLHTGB4VYMAUIAQLKYJ3/\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/BL5KTLOSLH2KHRN4HCXJPK3JUVLDGEL6/\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/C3AFMZ6MH2UHHOPIWT5YLSFV3D2VB3AC/\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/CHHITS4PUOZAKFIUBQAQZC7JWXMOYE4B/\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/F7EYCFQCTSGJXWO3ZZ44MGKFC5HA7G3Y/\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/HYEDEXIKFKTUJIN43RG4B7T5ZS6MHUSP/\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/I724O3LSRCPO4WNVIXTZCT4VVRMXMMSG/\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/KEOTKBUPZXHE3F352JBYNTSNRXYLWD6P/\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/KMZCVGUGJZZVDPCVDA7TEB22VUCNEXDD/\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/L5Y6MNNVAPIJSXJERQ6PKZVCIUXSNJK7/\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/LZQVUHWVWRH73YBXUQJOD6CKHDQBU3DM/\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/MKQRBF3DWMWPH36LBCOBUTSIZRTPEZXB/\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/QI3EHAHABFQK7OABNCSF5GMYP6TONTI7/\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/33XHJUB6ROFUOH2OQNENFROTVH6MHSHA/\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3JIMLVBDWOP4FUPXPTB4PGHHIOMGFLQE/\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3YQLUQWLIHDB5QCXQEX7HXHAWMOKPP5O/\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6Y74KVCPEPT4MVU3LHDWCNNOXOE5ZLUR/\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/APYIXIQOVDCRWLHTGB4VYMAUIAQLKYJ3/\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/C3AFMZ6MH2UHHOPIWT5YLSFV3D2VB3AC/\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/HYEDEXIKFKTUJIN43RG4B7T5ZS6MHUSP/\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/I724O3LSRCPO4WNVIXTZCT4VVRMXMMSG/\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/L5Y6MNNVAPIJSXJERQ6PKZVCIUXSNJK7/\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/LZQVUHWVWRH73YBXUQJOD6CKHDQBU3DM/\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/MKQRBF3DWMWPH36LBCOBUTSIZRTPEZXB/\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://matt.ucc.asn.au/dropbear/CHANGES\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Release Notes\"]},{\"url\":\"https://nest.pijul.com/pijul/thrussh/changes/D6H7OWTTMHHX6BTB3B6MNBOBX2L66CBL4LGSEUSAI2MCRCJDQFRQC\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Patch\"]},{\"url\":\"https://news.ycombinator.com/item?id=38684904\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Issue Tracking\"]},{\"url\":\"https://news.ycombinator.com/item?id=38685286\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Issue Tracking\"]},{\"url\":\"https://news.ycombinator.com/item?id=38732005\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Issue Tracking\"]},{\"url\":\"https://nova.app/releases/#v11.8\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Release Notes\"]},{\"url\":\"https://oryx-embedded.com/download/#changelog\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Release Notes\"]},{\"url\":\"https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2024-0002\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://roumenpetrov.info/secsh/#news20231220\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Release Notes\"]},{\"url\":\"https://security-tracker.debian.org/tracker/CVE-2023-48795\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"https://security-tracker.debian.org/tracker/source-package/libssh2\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"https://security-tracker.debian.org/tracker/source-package/proftpd-dfsg\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"https://security-tracker.debian.org/tracker/source-package/trilead-ssh2\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Issue Tracking\"]},{\"url\":\"https://security.gentoo.org/glsa/202312-16\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://security.gentoo.org/glsa/202312-17\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://security.netapp.com/advisory/ntap-20240105-0004/\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://support.apple.com/kb/HT214084\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://thorntech.com/cve-2023-48795-and-sftp-gateway/\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://twitter.com/TrueSkrillor/status/1736774389725565005\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Press/Media Coverage\"]},{\"url\":\"https://ubuntu.com/security/CVE-2023-48795\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"https://winscp.net/eng/docs/history#6.2.2\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Release Notes\"]},{\"url\":\"https://www.bitvise.com/ssh-client-version-history#933\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Release Notes\"]},{\"url\":\"https://www.bitvise.com/ssh-server-version-history\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Release Notes\"]},{\"url\":\"https://www.chiark.greenend.org.uk/~sgtatham/putty/changes.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Release Notes\"]},{\"url\":\"https://www.crushftp.com/crush10wiki/Wiki.jsp?page=Update\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Release Notes\"]},{\"url\":\"https://www.debian.org/security/2023/dsa-5586\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Issue Tracking\"]},{\"url\":\"https://www.debian.org/security/2023/dsa-5588\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Issue Tracking\"]},{\"url\":\"https://www.freebsd.org/security/advisories/FreeBSD-SA-23:19.openssh.asc\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Release Notes\"]},{\"url\":\"https://www.lancom-systems.de/service-support/allgemeine-sicherheitshinweise#c243508\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"https://www.netsarang.com/en/xshell-update-history/\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Release Notes\"]},{\"url\":\"https://www.openssh.com/openbsd.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Release Notes\"]},{\"url\":\"https://www.openssh.com/txt/release-9.6\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Release Notes\"]},{\"url\":\"https://www.openwall.com/lists/oss-security/2023/12/18/2\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mailing List\"]},{\"url\":\"https://www.openwall.com/lists/oss-security/2023/12/20/3\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mailing List\",\"Mitigation\"]},{\"url\":\"https://www.paramiko.org/changelog.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Release Notes\"]},{\"url\":\"https://www.reddit.com/r/sysadmin/comments/18idv52/cve202348795_why_is_this_cve_still_undisclosed/\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Issue Tracking\"]},{\"url\":\"https://www.suse.com/c/suse-addresses-the-ssh-v2-protocol-terrapin-attack-aka-cve-2023-48795/\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Press/Media Coverage\"]},{\"url\":\"https://www.terrapin-attack.com\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Exploit\"]},{\"url\":\"https://www.theregister.com/2023/12/20/terrapin_attack_ssh\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Press/Media Coverage\"]},{\"url\":\"https://www.vandyke.com/products/securecrt/history.txt\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Release Notes\"]},{\"url\":\"https://www.vicarius.io/vsociety/posts/cve-2023-48795-detect-openssh-vulnerabilit\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Exploit\",\"Third Party Advisory\"]},{\"url\":\"https://www.vicarius.io/vsociety/posts/cve-2023-48795-mitigate-openssh-vulnerability\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Exploit\",\"Third Party Advisory\"]},{\"url\":\"https://cert-portal.siemens.com/productcert/html/ssa-082556.html\",\"source\":\"0b142b55-0307-4c5a-b3c9-f314f3fb7c5e\"},{\"url\":\"https://cert-portal.siemens.com/productcert/html/ssa-364175.html\",\"source\":\"0b142b55-0307-4c5a-b3c9-f314f3fb7c5e\"},{\"url\":\"https://cert-portal.siemens.com/productcert/html/ssa-769027.html\",\"source\":\"0b142b55-0307-4c5a-b3c9-f314f3fb7c5e\"},{\"url\":\"https://cert-portal.siemens.com/productcert/html/ssa-794697.html\",\"source\":\"0b142b55-0307-4c5a-b3c9-f314f3fb7c5e\"},{\"url\":\"https://cert-portal.siemens.com/productcert/html/ssa-915275.html\",\"source\":\"0b142b55-0307-4c5a-b3c9-f314f3fb7c5e\"}]}}",
"vulnrichment": {
"containers": "{\"adp\": [{\"title\": \"CVE Program Container\", \"references\": [{\"url\": \"https://www.vicarius.io/vsociety/posts/cve-2023-48795-detect-openssh-vulnerabilit\"}, {\"url\": \"https://www.vicarius.io/vsociety/posts/cve-2023-48795-mitigate-openssh-vulnerability\"}, {\"url\": \"https://www.chiark.greenend.org.uk/~sgtatham/putty/changes.html\", \"tags\": [\"x_transferred\"]}, {\"url\": \"https://matt.ucc.asn.au/dropbear/CHANGES\", \"tags\": [\"x_transferred\"]}, {\"url\": \"https://github.com/proftpd/proftpd/blob/master/RELEASE_NOTES\", \"tags\": [\"x_transferred\"]}, {\"url\": \"https://www.netsarang.com/en/xshell-update-history/\", \"tags\": [\"x_transferred\"]}, {\"url\": \"https://www.paramiko.org/changelog.html\", \"tags\": [\"x_transferred\"]}, {\"url\": \"https://www.openssh.com/openbsd.html\", \"tags\": [\"x_transferred\"]}, {\"url\": \"https://github.com/openssh/openssh-portable/commits/master\", \"tags\": [\"x_transferred\"]}, {\"url\": \"https://groups.google.com/g/golang-announce/c/-n5WqVC18LQ\", \"tags\": [\"x_transferred\"]}, {\"url\": \"https://www.bitvise.com/ssh-server-version-history\", \"tags\": [\"x_transferred\"]}, {\"url\": \"https://github.com/ronf/asyncssh/tags\", \"tags\": [\"x_transferred\"]}, {\"url\": \"https://gitlab.com/libssh/libssh-mirror/-/tags\", \"tags\": [\"x_transferred\"]}, {\"url\": \"https://www.reddit.com/r/sysadmin/comments/18idv52/cve202348795_why_is_this_cve_still_undisclosed/\", \"tags\": [\"x_transferred\"]}, {\"url\": \"https://github.com/erlang/otp/blob/d1b43dc0f1361d2ad67601169e90a7fc50bb0369/lib/ssh/doc/src/notes.xml#L39-L42\", \"tags\": [\"x_transferred\"]}, {\"url\": \"https://www.openssh.com/txt/release-9.6\", \"tags\": [\"x_transferred\"]}, {\"url\": \"https://jadaptive.com/important-java-ssh-security-update-new-ssh-vulnerability-discovered-cve-2023-48795/\", \"tags\": [\"x_transferred\"]}, {\"url\": \"https://www.terrapin-attack.com\", \"tags\": [\"x_transferred\"]}, {\"url\": \"https://github.com/mkj/dropbear/blob/17657c36cce6df7716d5ff151ec09a665382d5dd/CHANGES#L25\", \"tags\": [\"x_transferred\"]}, {\"url\": \"https://github.com/ronf/asyncssh/blob/develop/docs/changes.rst\", \"tags\": [\"x_transferred\"]}, {\"url\": \"https://thorntech.com/cve-2023-48795-and-sftp-gateway/\", \"tags\": [\"x_transferred\"]}, {\"url\": \"https://github.com/warp-tech/russh/releases/tag/v0.40.2\", \"tags\": [\"x_transferred\"]}, {\"url\": \"https://github.com/TeraTermProject/teraterm/commit/7279fbd6ef4d0c8bdd6a90af4ada2899d786eec0\", \"tags\": [\"x_transferred\"]}, {\"url\": \"https://www.openwall.com/lists/oss-security/2023/12/18/2\", \"tags\": [\"x_transferred\"]}, {\"url\": \"https://twitter.com/TrueSkrillor/status/1736774389725565005\", \"tags\": [\"x_transferred\"]}, {\"url\": \"https://github.com/golang/crypto/commit/9d2ee975ef9fe627bf0a6f01c1f69e8ef1d4f05d\", \"tags\": [\"x_transferred\"]}, {\"url\": \"https://github.com/paramiko/paramiko/issues/2337\", \"tags\": [\"x_transferred\"]}, {\"url\": \"https://groups.google.com/g/golang-announce/c/qA3XtxvMUyg\", \"tags\": [\"x_transferred\"]}, {\"url\": \"https://news.ycombinator.com/item?id=38684904\", \"tags\": [\"x_transferred\"]}, {\"url\": \"https://news.ycombinator.com/item?id=38685286\", \"tags\": [\"x_transferred\"]}, {\"url\": \"http://www.openwall.com/lists/oss-security/2023/12/18/3\", \"name\": \"[oss-security] 20231218 CVE-2023-48795: Prefix Truncation Attacks in SSH Specification (Terrapin Attack)\", \"tags\": [\"mailing-list\", \"x_transferred\"]}, {\"url\": \"https://github.com/mwiede/jsch/issues/457\", \"tags\": [\"x_transferred\"]}, {\"url\": \"https://git.libssh.org/projects/libssh.git/commit/?h=stable-0.10\u0026id=10e09e273f69e149389b3e0e5d44b8c221c2e7f6\", \"tags\": [\"x_transferred\"]}, {\"url\": \"https://github.com/erlang/otp/releases/tag/OTP-26.2.1\", \"tags\": [\"x_transferred\"]}, {\"url\": \"https://github.com/advisories/GHSA-45x7-px36-x8w8\", \"tags\": [\"x_transferred\"]}, {\"url\": \"https://security-tracker.debian.org/tracker/source-package/libssh2\", \"tags\": [\"x_transferred\"]}, {\"url\": \"https://security-tracker.debian.org/tracker/source-package/proftpd-dfsg\", \"tags\": [\"x_transferred\"]}, {\"url\": \"https://security-tracker.debian.org/tracker/CVE-2023-48795\", \"tags\": [\"x_transferred\"]}, {\"url\": \"https://bugzilla.suse.com/show_bug.cgi?id=1217950\", \"tags\": [\"x_transferred\"]}, {\"url\": \"https://bugzilla.redhat.com/show_bug.cgi?id=2254210\", \"tags\": [\"x_transferred\"]}, {\"url\": \"https://bugs.gentoo.org/920280\", \"tags\": [\"x_transferred\"]}, {\"url\": \"https://ubuntu.com/security/CVE-2023-48795\", \"tags\": [\"x_transferred\"]}, {\"url\": \"https://www.suse.com/c/suse-addresses-the-ssh-v2-protocol-terrapin-attack-aka-cve-2023-48795/\", \"tags\": [\"x_transferred\"]}, {\"url\": \"https://access.redhat.com/security/cve/cve-2023-48795\", \"tags\": [\"x_transferred\"]}, {\"url\": \"https://github.com/mwiede/jsch/pull/461\", \"tags\": [\"x_transferred\"]}, {\"url\": \"https://github.com/drakkan/sftpgo/releases/tag/v2.5.6\", \"tags\": [\"x_transferred\"]}, {\"url\": \"https://github.com/libssh2/libssh2/pull/1291\", \"tags\": [\"x_transferred\"]}, {\"url\": \"https://forum.netgate.com/topic/184941/terrapin-ssh-attack\", \"tags\": [\"x_transferred\"]}, {\"url\": \"https://github.com/jtesta/ssh-audit/commit/8e972c5e94b460379fe0c7d20209c16df81538a5\", \"tags\": [\"x_transferred\"]}, {\"url\": \"https://github.com/rapier1/hpn-ssh/releases\", \"tags\": [\"x_transferred\"]}, {\"url\": \"https://github.com/proftpd/proftpd/issues/456\", \"tags\": [\"x_transferred\"]}, {\"url\": \"https://github.com/TeraTermProject/teraterm/releases/tag/v5.1\", \"tags\": [\"x_transferred\"]}, {\"url\": \"https://github.com/mwiede/jsch/compare/jsch-0.2.14...jsch-0.2.15\", \"tags\": [\"x_transferred\"]}, {\"url\": \"https://oryx-embedded.com/download/#changelog\", \"tags\": [\"x_transferred\"]}, {\"url\": \"https://www.crushftp.com/crush10wiki/Wiki.jsp?page=Update\", \"tags\": [\"x_transferred\"]}, {\"url\": \"https://github.com/connectbot/sshlib/compare/2.2.21...2.2.22\", \"tags\": [\"x_transferred\"]}, {\"url\": \"https://github.com/connectbot/sshlib/commit/5c8b534f6e97db7ac0e0e579331213aa25c173ab\", \"tags\": [\"x_transferred\"]}, {\"url\": \"https://github.com/mscdex/ssh2/commit/97b223f8891b96d6fc054df5ab1d5a1a545da2a3\", \"tags\": [\"x_transferred\"]}, {\"url\": \"https://nest.pijul.com/pijul/thrussh/changes/D6H7OWTTMHHX6BTB3B6MNBOBX2L66CBL4LGSEUSAI2MCRCJDQFRQC\", \"tags\": [\"x_transferred\"]}, {\"url\": \"https://crates.io/crates/thrussh/versions\", \"tags\": [\"x_transferred\"]}, {\"url\": \"https://github.com/NixOS/nixpkgs/pull/275249\", \"tags\": [\"x_transferred\"]}, {\"url\": \"http://www.openwall.com/lists/oss-security/2023/12/19/5\", \"name\": \"[oss-security] 20231219 Re: CVE-2023-48795: Prefix Truncation Attacks in SSH Specification (Terrapin Attack)\", \"tags\": [\"mailing-list\", \"x_transferred\"]}, {\"url\": \"https://www.freebsd.org/security/advisories/FreeBSD-SA-23:19.openssh.asc\", \"tags\": [\"x_transferred\"]}, {\"url\": \"https://arstechnica.com/security/2023/12/hackers-can-break-ssh-channel-integrity-using-novel-data-corruption-attack/\", \"tags\": [\"x_transferred\"]}, {\"url\": \"http://www.openwall.com/lists/oss-security/2023/12/20/3\", \"name\": \"[oss-security] 20231220 Re: CVE-2023-48795: Prefix Truncation Attacks in SSH Specification (Terrapin Attack)\", \"tags\": [\"mailing-list\", \"x_transferred\"]}, {\"url\": \"http://packetstormsecurity.com/files/176280/Terrapin-SSH-Connection-Weakening.html\", \"tags\": [\"x_transferred\"]}, {\"url\": \"https://github.com/proftpd/proftpd/blob/d21e7a2e47e9b38f709bec58e3fa711f759ad0e1/RELEASE_NOTES\", \"tags\": [\"x_transferred\"]}, {\"url\": \"https://github.com/proftpd/proftpd/blob/0a7ea9b0ba9fcdf368374a226370d08f10397d99/RELEASE_NOTES\", \"tags\": [\"x_transferred\"]}, {\"url\": \"https://github.com/apache/mina-sshd/issues/445\", \"tags\": [\"x_transferred\"]}, {\"url\": \"https://github.com/hierynomus/sshj/issues/916\", \"tags\": [\"x_transferred\"]}, {\"url\": \"https://github.com/janmojzis/tinyssh/issues/81\", \"tags\": [\"x_transferred\"]}, {\"url\": \"https://www.openwall.com/lists/oss-security/2023/12/20/3\", \"tags\": [\"x_transferred\"]}, {\"url\": \"https://security-tracker.debian.org/tracker/source-package/trilead-ssh2\", \"tags\": [\"x_transferred\"]}, {\"url\": \"https://github.com/net-ssh/net-ssh/blob/2e65064a52d73396bfc3806c9196fc8108f33cd8/CHANGES.txt#L14-L16\", \"tags\": [\"x_transferred\"]}, {\"url\": \"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/MKQRBF3DWMWPH36LBCOBUTSIZRTPEZXB/\", \"name\": \"FEDORA-2023-0733306be9\", \"tags\": [\"vendor-advisory\", \"x_transferred\"]}, {\"url\": \"https://www.debian.org/security/2023/dsa-5586\", \"name\": \"DSA-5586\", \"tags\": [\"vendor-advisory\", \"x_transferred\"]}, {\"url\": \"https://www.lancom-systems.de/service-support/allgemeine-sicherheitshinweise#c243508\", \"tags\": [\"x_transferred\"]}, {\"url\": \"https://www.theregister.com/2023/12/20/terrapin_attack_ssh\", \"tags\": [\"x_transferred\"]}, {\"url\": \"https://filezilla-project.org/versions.php\", \"tags\": [\"x_transferred\"]}, {\"url\": \"https://nova.app/releases/#v11.8\", \"tags\": [\"x_transferred\"]}, {\"url\": \"https://roumenpetrov.info/secsh/#news20231220\", \"tags\": [\"x_transferred\"]}, {\"url\": \"https://www.vandyke.com/products/securecrt/history.txt\", \"tags\": [\"x_transferred\"]}, {\"url\": \"https://help.panic.com/releasenotes/transmit5/\", \"tags\": [\"x_transferred\"]}, {\"url\": \"https://github.com/PowerShell/Win32-OpenSSH/releases/tag/v9.5.0.0p1-Beta\", \"tags\": [\"x_transferred\"]}, {\"url\": \"https://github.com/PowerShell/Win32-OpenSSH/issues/2189\", \"tags\": [\"x_transferred\"]}, {\"url\": \"https://winscp.net/eng/docs/history#6.2.2\", \"tags\": [\"x_transferred\"]}, {\"url\": \"https://www.bitvise.com/ssh-client-version-history#933\", \"tags\": [\"x_transferred\"]}, {\"url\": \"https://github.com/cyd01/KiTTY/issues/520\", \"tags\": [\"x_transferred\"]}, {\"url\": \"https://www.debian.org/security/2023/dsa-5588\", \"name\": \"DSA-5588\", \"tags\": [\"vendor-advisory\", \"x_transferred\"]}, {\"url\": \"https://github.com/ssh-mitm/ssh-mitm/issues/165\", \"tags\": [\"x_transferred\"]}, {\"url\": \"https://news.ycombinator.com/item?id=38732005\", \"tags\": [\"x_transferred\"]}, {\"url\": \"https://lists.debian.org/debian-lts-announce/2023/12/msg00017.html\", \"name\": \"[debian-lts-announce] 20231226 [SECURITY] [DLA 3694-1] openssh security update\", \"tags\": [\"mailing-list\", \"x_transferred\"]}, {\"url\": \"https://security.gentoo.org/glsa/202312-16\", \"name\": \"GLSA-202312-16\", \"tags\": [\"vendor-advisory\", \"x_transferred\"]}, {\"url\": \"https://security.gentoo.org/glsa/202312-17\", \"name\": \"GLSA-202312-17\", \"tags\": [\"vendor-advisory\", \"x_transferred\"]}, {\"url\": \"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/3YQLUQWLIHDB5QCXQEX7HXHAWMOKPP5O/\", \"name\": \"FEDORA-2023-20feb865d8\", \"tags\": [\"vendor-advisory\", \"x_transferred\"]}, {\"url\": \"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/F7EYCFQCTSGJXWO3ZZ44MGKFC5HA7G3Y/\", \"name\": \"FEDORA-2023-cb8c606fbb\", \"tags\": [\"vendor-advisory\", \"x_transferred\"]}, {\"url\": \"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/APYIXIQOVDCRWLHTGB4VYMAUIAQLKYJ3/\", \"name\": \"FEDORA-2023-e77300e4b5\", \"tags\": [\"vendor-advisory\", \"x_transferred\"]}, {\"url\": \"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/QI3EHAHABFQK7OABNCSF5GMYP6TONTI7/\", \"name\": \"FEDORA-2023-b87ec6cf47\", \"tags\": [\"vendor-advisory\", \"x_transferred\"]}, {\"url\": \"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/KMZCVGUGJZZVDPCVDA7TEB22VUCNEXDD/\", \"name\": \"FEDORA-2023-153404713b\", \"tags\": [\"vendor-advisory\", \"x_transferred\"]}, {\"url\": \"https://security.netapp.com/advisory/ntap-20240105-0004/\", \"tags\": [\"x_transferred\"]}, {\"url\": \"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/3CAYYW35MUTNO65RVAELICTNZZFMT2XS/\", \"name\": \"FEDORA-2024-3bb23c77f3\", \"tags\": [\"vendor-advisory\", \"x_transferred\"]}, {\"url\": \"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/LZQVUHWVWRH73YBXUQJOD6CKHDQBU3DM/\", \"name\": \"FEDORA-2023-55800423a8\", \"tags\": [\"vendor-advisory\", \"x_transferred\"]}, {\"url\": \"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/C3AFMZ6MH2UHHOPIWT5YLSFV3D2VB3AC/\", \"name\": \"FEDORA-2024-d946b9ad25\", \"tags\": [\"vendor-advisory\", \"x_transferred\"]}, {\"url\": \"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/BL5KTLOSLH2KHRN4HCXJPK3JUVLDGEL6/\", \"name\": \"FEDORA-2024-71c2c6526c\", \"tags\": [\"vendor-advisory\", \"x_transferred\"]}, {\"url\": \"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/33XHJUB6ROFUOH2OQNENFROTVH6MHSHA/\", \"name\": \"FEDORA-2024-39a8c72ea9\", \"tags\": [\"vendor-advisory\", \"x_transferred\"]}, {\"url\": \"https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2024-0002\", \"tags\": [\"x_transferred\"]}, {\"url\": \"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/CHHITS4PUOZAKFIUBQAQZC7JWXMOYE4B/\", \"name\": \"FEDORA-2024-ae653fb07b\", \"tags\": [\"vendor-advisory\", \"x_transferred\"]}, {\"url\": \"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/I724O3LSRCPO4WNVIXTZCT4VVRMXMMSG/\", \"name\": \"FEDORA-2024-2705241461\", \"tags\": [\"vendor-advisory\", \"x_transferred\"]}, {\"url\": \"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/KEOTKBUPZXHE3F352JBYNTSNRXYLWD6P/\", \"name\": \"FEDORA-2024-fb32950d11\", \"tags\": [\"vendor-advisory\", \"x_transferred\"]}, {\"url\": \"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/HYEDEXIKFKTUJIN43RG4B7T5ZS6MHUSP/\", \"name\": \"FEDORA-2024-7b08207cdb\", \"tags\": [\"vendor-advisory\", \"x_transferred\"]}, {\"url\": \"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/6Y74KVCPEPT4MVU3LHDWCNNOXOE5ZLUR/\", \"name\": \"FEDORA-2024-06ebb70bdd\", \"tags\": [\"vendor-advisory\", \"x_transferred\"]}, {\"url\": \"https://lists.debian.org/debian-lts-announce/2024/01/msg00013.html\", \"name\": \"[debian-lts-announce] 20240125 [SECURITY] [DLA 3718-1] php-phpseclib security update\", \"tags\": [\"mailing-list\", \"x_transferred\"]}, {\"url\": \"https://lists.debian.org/debian-lts-announce/2024/01/msg00014.html\", \"name\": \"[debian-lts-announce] 20240125 [SECURITY] [DLA 3719-1] phpseclib security update\", \"tags\": [\"mailing-list\", \"x_transferred\"]}, {\"url\": \"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/L5Y6MNNVAPIJSXJERQ6PKZVCIUXSNJK7/\", \"name\": \"FEDORA-2024-a53b24023d\", \"tags\": [\"vendor-advisory\", \"x_transferred\"]}, {\"url\": \"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/3JIMLVBDWOP4FUPXPTB4PGHHIOMGFLQE/\", \"name\": \"FEDORA-2024-3fd1bc9276\", \"tags\": [\"vendor-advisory\", \"x_transferred\"]}, {\"url\": \"https://support.apple.com/kb/HT214084\", \"tags\": [\"x_transferred\"]}, {\"url\": \"http://seclists.org/fulldisclosure/2024/Mar/21\", \"name\": \"20240313 APPLE-SA-03-07-2024-2 macOS Sonoma 14.4\", \"tags\": [\"mailing-list\", \"x_transferred\"]}, {\"url\": \"https://lists.debian.org/debian-lts-announce/2024/04/msg00016.html\", \"name\": \"[debian-lts-announce] 20240425 [SECURITY] [DLA 3794-1] putty security update\", \"tags\": [\"mailing-list\", \"x_transferred\"]}, {\"url\": \"http://www.openwall.com/lists/oss-security/2024/04/17/8\", \"name\": \"[oss-security] 20240417 Terrapin vulnerability in Jenkins CLI client\", \"tags\": [\"mailing-list\", \"x_transferred\"]}, {\"url\": \"http://www.openwall.com/lists/oss-security/2024/03/06/3\", \"name\": \"[oss-security] 20240306 Multiple vulnerabilities in Jenkins plugins\", \"tags\": [\"mailing-list\", \"x_transferred\"]}, {\"url\": \"https://lists.debian.org/debian-lts-announce/2025/04/msg00028.html\"}, {\"url\": \"https://lists.debian.org/debian-lts-announce/2024/11/msg00032.html\"}, {\"url\": \"https://lists.debian.org/debian-lts-announce/2024/09/msg00042.html\"}, {\"url\": \"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/L5Y6MNNVAPIJSXJERQ6PKZVCIUXSNJK7/\"}, {\"url\": \"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3JIMLVBDWOP4FUPXPTB4PGHHIOMGFLQE/\"}, {\"url\": \"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6Y74KVCPEPT4MVU3LHDWCNNOXOE5ZLUR/\"}, {\"url\": \"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/I724O3LSRCPO4WNVIXTZCT4VVRMXMMSG/\"}, {\"url\": \"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/C3AFMZ6MH2UHHOPIWT5YLSFV3D2VB3AC/\"}, {\"url\": \"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/LZQVUHWVWRH73YBXUQJOD6CKHDQBU3DM/\"}, {\"url\": \"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/APYIXIQOVDCRWLHTGB4VYMAUIAQLKYJ3/\"}, {\"url\": \"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3YQLUQWLIHDB5QCXQEX7HXHAWMOKPP5O/\"}, {\"url\": \"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/MKQRBF3DWMWPH36LBCOBUTSIZRTPEZXB/\"}, {\"url\": \"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/33XHJUB6ROFUOH2OQNENFROTVH6MHSHA/\"}, {\"url\": \"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/HYEDEXIKFKTUJIN43RG4B7T5ZS6MHUSP/\"}], \"providerMetadata\": {\"orgId\": \"af854a3a-2127-422b-91ae-364da2661108\", \"shortName\": \"CVE\", \"dateUpdated\": \"2025-11-04T22:05:21.417Z\"}}, {\"affected\": [{\"vendor\": \"Siemens\", \"product\": \"RUGGEDCOM APE1808\", \"versions\": [{\"status\": \"affected\", \"version\": \"0\", \"lessThan\": \"*\", \"versionType\": \"custom\"}], \"defaultStatus\": \"unknown\"}, {\"vendor\": \"Siemens\", \"product\": \"SIMATIC S7-1500 CPU 1518-4 PN/DP MFP\", \"versions\": [{\"status\": \"affected\", \"version\": \"V3.1.5\", \"lessThan\": \"*\", \"versionType\": \"custom\"}], \"defaultStatus\": \"unknown\"}, {\"vendor\": \"Siemens\", \"product\": \"SIMATIC S7-1500 CPU 1518-4 PN/DP MFP\", \"versions\": [{\"status\": \"affected\", \"version\": \"V3.1.5\", \"lessThan\": \"*\", \"versionType\": \"custom\"}], \"defaultStatus\": \"unknown\"}, {\"vendor\": \"Siemens\", \"product\": \"SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP\", \"versions\": [{\"status\": \"affected\", \"version\": \"V3.1.5\", \"lessThan\": \"*\", \"versionType\": \"custom\"}], \"defaultStatus\": \"unknown\"}, {\"vendor\": \"Siemens\", \"product\": \"SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP\", \"versions\": [{\"status\": \"affected\", \"version\": \"V3.1.5\", \"lessThan\": \"*\", \"versionType\": \"custom\"}], \"defaultStatus\": \"unknown\"}, {\"vendor\": \"Siemens\", \"product\": \"SIPLUS S7-1500 CPU 1518-4 PN/DP MFP\", \"versions\": [{\"status\": \"affected\", \"version\": \"V3.1.5\", \"lessThan\": \"*\", \"versionType\": \"custom\"}], \"defaultStatus\": \"unknown\"}], \"x_adpType\": \"supplier\", \"references\": [{\"url\": \"https://cert-portal.siemens.com/productcert/html/ssa-794697.html\"}, {\"url\": \"https://cert-portal.siemens.com/productcert/html/ssa-364175.html\"}, {\"url\": \"https://cert-portal.siemens.com/productcert/html/ssa-915275.html\"}, {\"url\": \"https://cert-portal.siemens.com/productcert/html/ssa-769027.html\"}, {\"url\": \"https://cert-portal.siemens.com/productcert/html/ssa-082556.html\"}], \"providerMetadata\": {\"orgId\": \"0b142b55-0307-4c5a-b3c9-f314f3fb7c5e\", \"shortName\": \"siemens-SADP\", \"dateUpdated\": \"2026-05-12T11:02:25.905Z\"}}, {\"title\": \"CISA ADP Vulnrichment\", \"metrics\": [{\"cvssV3_1\": {\"scope\": \"UNCHANGED\", \"version\": \"3.1\", \"baseScore\": 5.9, \"attackVector\": \"NETWORK\", \"baseSeverity\": \"MEDIUM\", \"vectorString\": \"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N\", \"integrityImpact\": \"HIGH\", \"userInteraction\": \"NONE\", \"attackComplexity\": \"HIGH\", \"availabilityImpact\": \"NONE\", \"privilegesRequired\": \"NONE\", \"confidentialityImpact\": \"NONE\"}}, {\"other\": {\"type\": \"ssvc\", \"content\": {\"id\": \"CVE-2023-48795\", \"role\": \"CISA Coordinator\", \"options\": [{\"Exploitation\": \"poc\"}, {\"Automatable\": \"no\"}, {\"Technical Impact\": \"partial\"}], \"version\": \"2.0.3\", \"timestamp\": \"2023-12-22T05:01:05.519910Z\"}}}], \"problemTypes\": [{\"descriptions\": [{\"lang\": \"en\", \"type\": \"CWE\", \"cweId\": \"CWE-354\", \"description\": \"CWE-354 Improper Validation of Integrity Check Value\"}]}], \"providerMetadata\": {\"orgId\": \"134c704f-9b21-4f2e-91b3-4a467353bcc0\", \"shortName\": \"CISA-ADP\", \"dateUpdated\": \"2025-08-27T20:45:13.765Z\"}}], \"cna\": {\"affected\": [{\"vendor\": \"n/a\", \"product\": \"n/a\", \"versions\": [{\"status\": \"affected\", \"version\": \"n/a\"}]}], \"references\": [{\"url\": \"https://www.chiark.greenend.org.uk/~sgtatham/putty/changes.html\"}, {\"url\": \"https://matt.ucc.asn.au/dropbear/CHANGES\"}, {\"url\": \"https://github.com/proftpd/proftpd/blob/master/RELEASE_NOTES\"}, {\"url\": \"https://www.netsarang.com/en/xshell-update-history/\"}, {\"url\": \"https://www.paramiko.org/changelog.html\"}, {\"url\": \"https://www.openssh.com/openbsd.html\"}, {\"url\": \"https://github.com/openssh/openssh-portable/commits/master\"}, {\"url\": \"https://groups.google.com/g/golang-announce/c/-n5WqVC18LQ\"}, {\"url\": \"https://www.bitvise.com/ssh-server-version-history\"}, {\"url\": \"https://github.com/ronf/asyncssh/tags\"}, {\"url\": \"https://gitlab.com/libssh/libssh-mirror/-/tags\"}, {\"url\": \"https://www.reddit.com/r/sysadmin/comments/18idv52/cve202348795_why_is_this_cve_still_undisclosed/\"}, {\"url\": \"https://github.com/erlang/otp/blob/d1b43dc0f1361d2ad67601169e90a7fc50bb0369/lib/ssh/doc/src/notes.xml#L39-L42\"}, {\"url\": \"https://www.openssh.com/txt/release-9.6\"}, {\"url\": \"https://jadaptive.com/important-java-ssh-security-update-new-ssh-vulnerability-discovered-cve-2023-48795/\"}, {\"url\": \"https://www.terrapin-attack.com\"}, {\"url\": \"https://github.com/mkj/dropbear/blob/17657c36cce6df7716d5ff151ec09a665382d5dd/CHANGES#L25\"}, {\"url\": \"https://github.com/ronf/asyncssh/blob/develop/docs/changes.rst\"}, {\"url\": \"https://thorntech.com/cve-2023-48795-and-sftp-gateway/\"}, {\"url\": \"https://github.com/warp-tech/russh/releases/tag/v0.40.2\"}, {\"url\": \"https://github.com/TeraTermProject/teraterm/commit/7279fbd6ef4d0c8bdd6a90af4ada2899d786eec0\"}, {\"url\": \"https://www.openwall.com/lists/oss-security/2023/12/18/2\"}, {\"url\": \"https://twitter.com/TrueSkrillor/status/1736774389725565005\"}, {\"url\": \"https://github.com/golang/crypto/commit/9d2ee975ef9fe627bf0a6f01c1f69e8ef1d4f05d\"}, {\"url\": \"https://github.com/paramiko/paramiko/issues/2337\"}, {\"url\": \"https://groups.google.com/g/golang-announce/c/qA3XtxvMUyg\"}, {\"url\": \"https://news.ycombinator.com/item?id=38684904\"}, {\"url\": \"https://news.ycombinator.com/item?id=38685286\"}, {\"url\": \"http://www.openwall.com/lists/oss-security/2023/12/18/3\", \"name\": \"[oss-security] 20231218 CVE-2023-48795: Prefix Truncation Attacks in SSH Specification (Terrapin Attack)\", \"tags\": [\"mailing-list\"]}, {\"url\": \"https://github.com/mwiede/jsch/issues/457\"}, {\"url\": \"https://git.libssh.org/projects/libssh.git/commit/?h=stable-0.10\u0026id=10e09e273f69e149389b3e0e5d44b8c221c2e7f6\"}, {\"url\": \"https://github.com/erlang/otp/releases/tag/OTP-26.2.1\"}, {\"url\": \"https://github.com/advisories/GHSA-45x7-px36-x8w8\"}, {\"url\": \"https://security-tracker.debian.org/tracker/source-package/libssh2\"}, {\"url\": \"https://security-tracker.debian.org/tracker/source-package/proftpd-dfsg\"}, {\"url\": \"https://security-tracker.debian.org/tracker/CVE-2023-48795\"}, {\"url\": \"https://bugzilla.suse.com/show_bug.cgi?id=1217950\"}, {\"url\": \"https://bugzilla.redhat.com/show_bug.cgi?id=2254210\"}, {\"url\": \"https://bugs.gentoo.org/920280\"}, {\"url\": \"https://ubuntu.com/security/CVE-2023-48795\"}, {\"url\": \"https://www.suse.com/c/suse-addresses-the-ssh-v2-protocol-terrapin-attack-aka-cve-2023-48795/\"}, {\"url\": \"https://access.redhat.com/security/cve/cve-2023-48795\"}, {\"url\": \"https://github.com/mwiede/jsch/pull/461\"}, {\"url\": \"https://github.com/drakkan/sftpgo/releases/tag/v2.5.6\"}, {\"url\": \"https://github.com/libssh2/libssh2/pull/1291\"}, {\"url\": \"https://forum.netgate.com/topic/184941/terrapin-ssh-attack\"}, {\"url\": \"https://github.com/jtesta/ssh-audit/commit/8e972c5e94b460379fe0c7d20209c16df81538a5\"}, {\"url\": \"https://github.com/rapier1/hpn-ssh/releases\"}, {\"url\": \"https://github.com/proftpd/proftpd/issues/456\"}, {\"url\": \"https://github.com/TeraTermProject/teraterm/releases/tag/v5.1\"}, {\"url\": \"https://github.com/mwiede/jsch/compare/jsch-0.2.14...jsch-0.2.15\"}, {\"url\": \"https://oryx-embedded.com/download/#changelog\"}, {\"url\": \"https://www.crushftp.com/crush10wiki/Wiki.jsp?page=Update\"}, {\"url\": \"https://github.com/connectbot/sshlib/compare/2.2.21...2.2.22\"}, {\"url\": \"https://github.com/connectbot/sshlib/commit/5c8b534f6e97db7ac0e0e579331213aa25c173ab\"}, {\"url\": \"https://github.com/mscdex/ssh2/commit/97b223f8891b96d6fc054df5ab1d5a1a545da2a3\"}, {\"url\": \"https://nest.pijul.com/pijul/thrussh/changes/D6H7OWTTMHHX6BTB3B6MNBOBX2L66CBL4LGSEUSAI2MCRCJDQFRQC\"}, {\"url\": \"https://crates.io/crates/thrussh/versions\"}, {\"url\": \"https://github.com/NixOS/nixpkgs/pull/275249\"}, {\"url\": \"http://www.openwall.com/lists/oss-security/2023/12/19/5\", \"name\": \"[oss-security] 20231219 Re: CVE-2023-48795: Prefix Truncation Attacks in SSH Specification (Terrapin Attack)\", \"tags\": [\"mailing-list\"]}, {\"url\": \"https://www.freebsd.org/security/advisories/FreeBSD-SA-23:19.openssh.asc\"}, {\"url\": \"https://arstechnica.com/security/2023/12/hackers-can-break-ssh-channel-integrity-using-novel-data-corruption-attack/\"}, {\"url\": \"http://www.openwall.com/lists/oss-security/2023/12/20/3\", \"name\": \"[oss-security] 20231220 Re: CVE-2023-48795: Prefix Truncation Attacks in SSH Specification (Terrapin Attack)\", \"tags\": [\"mailing-list\"]}, {\"url\": \"http://packetstormsecurity.com/files/176280/Terrapin-SSH-Connection-Weakening.html\"}, {\"url\": \"https://github.com/proftpd/proftpd/blob/d21e7a2e47e9b38f709bec58e3fa711f759ad0e1/RELEASE_NOTES\"}, {\"url\": \"https://github.com/proftpd/proftpd/blob/0a7ea9b0ba9fcdf368374a226370d08f10397d99/RELEASE_NOTES\"}, {\"url\": \"https://github.com/apache/mina-sshd/issues/445\"}, {\"url\": \"https://github.com/hierynomus/sshj/issues/916\"}, {\"url\": \"https://github.com/janmojzis/tinyssh/issues/81\"}, {\"url\": \"https://www.openwall.com/lists/oss-security/2023/12/20/3\"}, {\"url\": \"https://security-tracker.debian.org/tracker/source-package/trilead-ssh2\"}, {\"url\": \"https://github.com/net-ssh/net-ssh/blob/2e65064a52d73396bfc3806c9196fc8108f33cd8/CHANGES.txt#L14-L16\"}, {\"url\": \"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/MKQRBF3DWMWPH36LBCOBUTSIZRTPEZXB/\", \"name\": \"FEDORA-2023-0733306be9\", \"tags\": [\"vendor-advisory\"]}, {\"url\": \"https://www.debian.org/security/2023/dsa-5586\", \"name\": \"DSA-5586\", \"tags\": [\"vendor-advisory\"]}, {\"url\": \"https://www.lancom-systems.de/service-support/allgemeine-sicherheitshinweise#c243508\"}, {\"url\": \"https://www.theregister.com/2023/12/20/terrapin_attack_ssh\"}, {\"url\": \"https://filezilla-project.org/versions.php\"}, {\"url\": \"https://nova.app/releases/#v11.8\"}, {\"url\": \"https://roumenpetrov.info/secsh/#news20231220\"}, {\"url\": \"https://www.vandyke.com/products/securecrt/history.txt\"}, {\"url\": \"https://help.panic.com/releasenotes/transmit5/\"}, {\"url\": \"https://github.com/PowerShell/Win32-OpenSSH/releases/tag/v9.5.0.0p1-Beta\"}, {\"url\": \"https://github.com/PowerShell/Win32-OpenSSH/issues/2189\"}, {\"url\": \"https://winscp.net/eng/docs/history#6.2.2\"}, {\"url\": \"https://www.bitvise.com/ssh-client-version-history#933\"}, {\"url\": \"https://github.com/cyd01/KiTTY/issues/520\"}, {\"url\": \"https://www.debian.org/security/2023/dsa-5588\", \"name\": \"DSA-5588\", \"tags\": [\"vendor-advisory\"]}, {\"url\": \"https://github.com/ssh-mitm/ssh-mitm/issues/165\"}, {\"url\": \"https://news.ycombinator.com/item?id=38732005\"}, {\"url\": \"https://lists.debian.org/debian-lts-announce/2023/12/msg00017.html\", \"name\": \"[debian-lts-announce] 20231226 [SECURITY] [DLA 3694-1] openssh security update\", \"tags\": [\"mailing-list\"]}, {\"url\": \"https://security.gentoo.org/glsa/202312-16\", \"name\": \"GLSA-202312-16\", \"tags\": [\"vendor-advisory\"]}, {\"url\": \"https://security.gentoo.org/glsa/202312-17\", \"name\": \"GLSA-202312-17\", \"tags\": [\"vendor-advisory\"]}, {\"url\": \"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/3YQLUQWLIHDB5QCXQEX7HXHAWMOKPP5O/\", \"name\": \"FEDORA-2023-20feb865d8\", \"tags\": [\"vendor-advisory\"]}, {\"url\": \"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/F7EYCFQCTSGJXWO3ZZ44MGKFC5HA7G3Y/\", \"name\": \"FEDORA-2023-cb8c606fbb\", \"tags\": [\"vendor-advisory\"]}, {\"url\": \"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/APYIXIQOVDCRWLHTGB4VYMAUIAQLKYJ3/\", \"name\": \"FEDORA-2023-e77300e4b5\", \"tags\": [\"vendor-advisory\"]}, {\"url\": \"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/QI3EHAHABFQK7OABNCSF5GMYP6TONTI7/\", \"name\": \"FEDORA-2023-b87ec6cf47\", \"tags\": [\"vendor-advisory\"]}, {\"url\": \"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/KMZCVGUGJZZVDPCVDA7TEB22VUCNEXDD/\", \"name\": \"FEDORA-2023-153404713b\", \"tags\": [\"vendor-advisory\"]}, {\"url\": \"https://security.netapp.com/advisory/ntap-20240105-0004/\"}, {\"url\": \"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/3CAYYW35MUTNO65RVAELICTNZZFMT2XS/\", \"name\": \"FEDORA-2024-3bb23c77f3\", \"tags\": [\"vendor-advisory\"]}, {\"url\": \"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/LZQVUHWVWRH73YBXUQJOD6CKHDQBU3DM/\", \"name\": \"FEDORA-2023-55800423a8\", \"tags\": [\"vendor-advisory\"]}, {\"url\": \"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/C3AFMZ6MH2UHHOPIWT5YLSFV3D2VB3AC/\", \"name\": \"FEDORA-2024-d946b9ad25\", \"tags\": [\"vendor-advisory\"]}, {\"url\": \"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/BL5KTLOSLH2KHRN4HCXJPK3JUVLDGEL6/\", \"name\": \"FEDORA-2024-71c2c6526c\", \"tags\": [\"vendor-advisory\"]}, {\"url\": \"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/33XHJUB6ROFUOH2OQNENFROTVH6MHSHA/\", \"name\": \"FEDORA-2024-39a8c72ea9\", \"tags\": [\"vendor-advisory\"]}, {\"url\": \"https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2024-0002\"}, {\"url\": \"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/CHHITS4PUOZAKFIUBQAQZC7JWXMOYE4B/\", \"name\": \"FEDORA-2024-ae653fb07b\", \"tags\": [\"vendor-advisory\"]}, {\"url\": \"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/I724O3LSRCPO4WNVIXTZCT4VVRMXMMSG/\", \"name\": \"FEDORA-2024-2705241461\", \"tags\": [\"vendor-advisory\"]}, {\"url\": \"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/KEOTKBUPZXHE3F352JBYNTSNRXYLWD6P/\", \"name\": \"FEDORA-2024-fb32950d11\", \"tags\": [\"vendor-advisory\"]}, {\"url\": \"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/HYEDEXIKFKTUJIN43RG4B7T5ZS6MHUSP/\", \"name\": \"FEDORA-2024-7b08207cdb\", \"tags\": [\"vendor-advisory\"]}, {\"url\": \"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/6Y74KVCPEPT4MVU3LHDWCNNOXOE5ZLUR/\", \"name\": \"FEDORA-2024-06ebb70bdd\", \"tags\": [\"vendor-advisory\"]}, {\"url\": \"https://lists.debian.org/debian-lts-announce/2024/01/msg00013.html\", \"name\": \"[debian-lts-announce] 20240125 [SECURITY] [DLA 3718-1] php-phpseclib security update\", \"tags\": [\"mailing-list\"]}, {\"url\": \"https://lists.debian.org/debian-lts-announce/2024/01/msg00014.html\", \"name\": \"[debian-lts-announce] 20240125 [SECURITY] [DLA 3719-1] phpseclib security update\", \"tags\": [\"mailing-list\"]}, {\"url\": \"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/L5Y6MNNVAPIJSXJERQ6PKZVCIUXSNJK7/\", \"name\": \"FEDORA-2024-a53b24023d\", \"tags\": [\"vendor-advisory\"]}, {\"url\": \"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/3JIMLVBDWOP4FUPXPTB4PGHHIOMGFLQE/\", \"name\": \"FEDORA-2024-3fd1bc9276\", \"tags\": [\"vendor-advisory\"]}, {\"url\": \"https://support.apple.com/kb/HT214084\"}, {\"url\": \"http://seclists.org/fulldisclosure/2024/Mar/21\", \"name\": \"20240313 APPLE-SA-03-07-2024-2 macOS Sonoma 14.4\", \"tags\": [\"mailing-list\"]}, {\"url\": \"https://lists.debian.org/debian-lts-announce/2024/04/msg00016.html\", \"name\": \"[debian-lts-announce] 20240425 [SECURITY] [DLA 3794-1] putty security update\", \"tags\": [\"mailing-list\"]}, {\"url\": \"http://www.openwall.com/lists/oss-security/2024/04/17/8\", \"name\": \"[oss-security] 20240417 Terrapin vulnerability in Jenkins CLI client\", \"tags\": [\"mailing-list\"]}, {\"url\": \"http://www.openwall.com/lists/oss-security/2024/03/06/3\", \"name\": \"[oss-security] 20240306 Multiple vulnerabilities in Jenkins plugins\", \"tags\": [\"mailing-list\"]}], \"descriptions\": [{\"lang\": \"en\", \"value\": \"The SSH transport protocol with certain OpenSSH extensions, found in OpenSSH before 9.6 and other products, allows remote attackers to bypass integrity checks such that some packets are omitted (from the extension negotiation message), and a client and server may consequently end up with a connection for which some security features have been downgraded or disabled, aka a Terrapin attack. This occurs because the SSH Binary Packet Protocol (BPP), implemented by these extensions, mishandles the handshake phase and mishandles use of sequence numbers. For example, there is an effective attack against SSH\u0027s use of ChaCha20-Poly1305 (and CBC with Encrypt-then-MAC). The bypass occurs in chacha20-poly1305@openssh.com and (if CBC is used) the -etm@openssh.com MAC algorithms. This also affects Maverick Synergy Java SSH API before 3.1.0-SNAPSHOT, Dropbear through 2022.83, Ssh before 5.1.1 in Erlang/OTP, PuTTY before 0.80, AsyncSSH before 2.14.2, golang.org/x/crypto before 0.17.0, libssh before 0.10.6, libssh2 through 1.11.0, Thorn Tech SFTP Gateway before 3.4.6, Tera Term before 5.1, Paramiko before 3.4.0, jsch before 0.2.15, SFTPGo before 2.5.6, Netgate pfSense Plus through 23.09.1, Netgate pfSense CE through 2.7.2, HPN-SSH through 18.2.0, ProFTPD before 1.3.8b (and before 1.3.9rc2), ORYX CycloneSSH before 2.3.4, NetSarang XShell 7 before Build 0144, CrushFTP before 10.6.0, ConnectBot SSH library before 2.2.22, Apache MINA sshd through 2.11.0, sshj through 0.37.0, TinySSH through 20230101, trilead-ssh2 6401, LANCOM LCOS and LANconfig, FileZilla before 3.66.4, Nova before 11.8, PKIX-SSH before 14.4, SecureCRT before 9.4.3, Transmit5 before 5.10.4, Win32-OpenSSH before 9.5.0.0p1-Beta, WinSCP before 6.2.2, Bitvise SSH Server before 9.32, Bitvise SSH Client before 9.33, KiTTY through 0.76.1.13, the net-ssh gem 7.2.0 for Ruby, the mscdex ssh2 module before 1.15.0 for Node.js, the thrussh library before 0.35.1 for Rust, and the Russh crate before 0.40.2 for Rust.\"}], \"problemTypes\": [{\"descriptions\": [{\"lang\": \"en\", \"type\": \"text\", \"description\": \"n/a\"}]}], \"providerMetadata\": {\"orgId\": \"8254265b-2729-46b6-b9e3-3dfca2d5bfca\", \"shortName\": \"mitre\", \"dateUpdated\": \"2024-05-01T18:06:23.972Z\"}}}",
"cveMetadata": "{\"cveId\": \"CVE-2023-48795\", \"state\": \"PUBLISHED\", \"dateUpdated\": \"2026-05-12T11:02:25.905Z\", \"dateReserved\": \"2023-11-20T00:00:00.000Z\", \"assignerOrgId\": \"8254265b-2729-46b6-b9e3-3dfca2d5bfca\", \"datePublished\": \"2023-12-18T00:00:00.000Z\", \"assignerShortName\": \"mitre\"}",
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
}
}
WID-SEC-W-2024-3377
Vulnerability from csaf_certbund - Published: 2024-11-07 23:00 - Updated: 2025-10-12 22:00Summary
Dell PowerProtect Data Domain: Mehrere Schwachstellen
Severity
Mittel
Notes
Das BSI ist als Anbieter für die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch dafür verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgfältig im Einzelfall zu prüfen.
Produktbeschreibung: Dell PowerProtect Data Domain Appliances sind speziell für Backup und Daten-Deduplizierung ausgelegte Systeme.
Angriff: Ein lokaler Angreifer kann mehrere Schwachstellen in Dell PowerProtect Data Domain ausnutzen, um seine Privilegien zu erhöhen, Informationen offenzulegen und um nicht näher beschriebene Auswirkungen zu erzielen.
Betroffene Betriebssysteme: - Sonstiges
Affected products
Known affected
8 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Dell PowerProtect Data Domain Management Center
Dell
|
cpe:/a:dell:powerprotect_data_domain_management_center:-
|
— | |
|
Dell PowerProtect Data Domain
Dell / PowerProtect Data Domain
|
cpe:/a:dell:powerprotect_data_domain:-
|
— | |
|
Dell PowerProtect Data Domain OS
Dell
|
cpe:/o:dell:powerprotect_data_domain_os:-
|
— | |
|
SUSE Linux
SUSE
|
cpe:/o:suse:suse_linux:-
|
— | |
|
Dell PowerProtect Data Domain <7.7.5.50
Dell / PowerProtect Data Domain
|
<7.7.5.50 | ||
|
Dell PowerProtect Data Domain <7.10.1.40
Dell / PowerProtect Data Domain
|
<7.10.1.40 | ||
|
Dell PowerProtect Data Domain <7.13.1.10
Dell / PowerProtect Data Domain
|
<7.13.1.10 | ||
|
Dell PowerProtect Data Domain <8.1.0.0
Dell / PowerProtect Data Domain
|
<8.1.0.0 |
Affected products
Known affected
8 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Dell PowerProtect Data Domain Management Center
Dell
|
cpe:/a:dell:powerprotect_data_domain_management_center:-
|
— | |
|
Dell PowerProtect Data Domain
Dell / PowerProtect Data Domain
|
cpe:/a:dell:powerprotect_data_domain:-
|
— | |
|
Dell PowerProtect Data Domain OS
Dell
|
cpe:/o:dell:powerprotect_data_domain_os:-
|
— | |
|
SUSE Linux
SUSE
|
cpe:/o:suse:suse_linux:-
|
— | |
|
Dell PowerProtect Data Domain <7.7.5.50
Dell / PowerProtect Data Domain
|
<7.7.5.50 | ||
|
Dell PowerProtect Data Domain <7.10.1.40
Dell / PowerProtect Data Domain
|
<7.10.1.40 | ||
|
Dell PowerProtect Data Domain <7.13.1.10
Dell / PowerProtect Data Domain
|
<7.13.1.10 | ||
|
Dell PowerProtect Data Domain <8.1.0.0
Dell / PowerProtect Data Domain
|
<8.1.0.0 |
Affected products
Known affected
8 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Dell PowerProtect Data Domain Management Center
Dell
|
cpe:/a:dell:powerprotect_data_domain_management_center:-
|
— | |
|
Dell PowerProtect Data Domain
Dell / PowerProtect Data Domain
|
cpe:/a:dell:powerprotect_data_domain:-
|
— | |
|
Dell PowerProtect Data Domain OS
Dell
|
cpe:/o:dell:powerprotect_data_domain_os:-
|
— | |
|
SUSE Linux
SUSE
|
cpe:/o:suse:suse_linux:-
|
— | |
|
Dell PowerProtect Data Domain <7.7.5.50
Dell / PowerProtect Data Domain
|
<7.7.5.50 | ||
|
Dell PowerProtect Data Domain <7.10.1.40
Dell / PowerProtect Data Domain
|
<7.10.1.40 | ||
|
Dell PowerProtect Data Domain <7.13.1.10
Dell / PowerProtect Data Domain
|
<7.13.1.10 | ||
|
Dell PowerProtect Data Domain <8.1.0.0
Dell / PowerProtect Data Domain
|
<8.1.0.0 |
Affected products
Known affected
8 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Dell PowerProtect Data Domain Management Center
Dell
|
cpe:/a:dell:powerprotect_data_domain_management_center:-
|
— | |
|
Dell PowerProtect Data Domain
Dell / PowerProtect Data Domain
|
cpe:/a:dell:powerprotect_data_domain:-
|
— | |
|
Dell PowerProtect Data Domain OS
Dell
|
cpe:/o:dell:powerprotect_data_domain_os:-
|
— | |
|
SUSE Linux
SUSE
|
cpe:/o:suse:suse_linux:-
|
— | |
|
Dell PowerProtect Data Domain <7.7.5.50
Dell / PowerProtect Data Domain
|
<7.7.5.50 | ||
|
Dell PowerProtect Data Domain <7.10.1.40
Dell / PowerProtect Data Domain
|
<7.10.1.40 | ||
|
Dell PowerProtect Data Domain <7.13.1.10
Dell / PowerProtect Data Domain
|
<7.13.1.10 | ||
|
Dell PowerProtect Data Domain <8.1.0.0
Dell / PowerProtect Data Domain
|
<8.1.0.0 |
Affected products
Known affected
8 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Dell PowerProtect Data Domain Management Center
Dell
|
cpe:/a:dell:powerprotect_data_domain_management_center:-
|
— | |
|
Dell PowerProtect Data Domain
Dell / PowerProtect Data Domain
|
cpe:/a:dell:powerprotect_data_domain:-
|
— | |
|
Dell PowerProtect Data Domain OS
Dell
|
cpe:/o:dell:powerprotect_data_domain_os:-
|
— | |
|
SUSE Linux
SUSE
|
cpe:/o:suse:suse_linux:-
|
— | |
|
Dell PowerProtect Data Domain <7.7.5.50
Dell / PowerProtect Data Domain
|
<7.7.5.50 | ||
|
Dell PowerProtect Data Domain <7.10.1.40
Dell / PowerProtect Data Domain
|
<7.10.1.40 | ||
|
Dell PowerProtect Data Domain <7.13.1.10
Dell / PowerProtect Data Domain
|
<7.13.1.10 | ||
|
Dell PowerProtect Data Domain <8.1.0.0
Dell / PowerProtect Data Domain
|
<8.1.0.0 |
Affected products
Known affected
8 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Dell PowerProtect Data Domain Management Center
Dell
|
cpe:/a:dell:powerprotect_data_domain_management_center:-
|
— | |
|
Dell PowerProtect Data Domain
Dell / PowerProtect Data Domain
|
cpe:/a:dell:powerprotect_data_domain:-
|
— | |
|
Dell PowerProtect Data Domain OS
Dell
|
cpe:/o:dell:powerprotect_data_domain_os:-
|
— | |
|
SUSE Linux
SUSE
|
cpe:/o:suse:suse_linux:-
|
— | |
|
Dell PowerProtect Data Domain <7.7.5.50
Dell / PowerProtect Data Domain
|
<7.7.5.50 | ||
|
Dell PowerProtect Data Domain <7.10.1.40
Dell / PowerProtect Data Domain
|
<7.10.1.40 | ||
|
Dell PowerProtect Data Domain <7.13.1.10
Dell / PowerProtect Data Domain
|
<7.13.1.10 | ||
|
Dell PowerProtect Data Domain <8.1.0.0
Dell / PowerProtect Data Domain
|
<8.1.0.0 |
Affected products
Known affected
8 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Dell PowerProtect Data Domain Management Center
Dell
|
cpe:/a:dell:powerprotect_data_domain_management_center:-
|
— | |
|
Dell PowerProtect Data Domain
Dell / PowerProtect Data Domain
|
cpe:/a:dell:powerprotect_data_domain:-
|
— | |
|
Dell PowerProtect Data Domain OS
Dell
|
cpe:/o:dell:powerprotect_data_domain_os:-
|
— | |
|
SUSE Linux
SUSE
|
cpe:/o:suse:suse_linux:-
|
— | |
|
Dell PowerProtect Data Domain <7.7.5.50
Dell / PowerProtect Data Domain
|
<7.7.5.50 | ||
|
Dell PowerProtect Data Domain <7.10.1.40
Dell / PowerProtect Data Domain
|
<7.10.1.40 | ||
|
Dell PowerProtect Data Domain <7.13.1.10
Dell / PowerProtect Data Domain
|
<7.13.1.10 | ||
|
Dell PowerProtect Data Domain <8.1.0.0
Dell / PowerProtect Data Domain
|
<8.1.0.0 |
Affected products
Known affected
8 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Dell PowerProtect Data Domain Management Center
Dell
|
cpe:/a:dell:powerprotect_data_domain_management_center:-
|
— | |
|
Dell PowerProtect Data Domain
Dell / PowerProtect Data Domain
|
cpe:/a:dell:powerprotect_data_domain:-
|
— | |
|
Dell PowerProtect Data Domain OS
Dell
|
cpe:/o:dell:powerprotect_data_domain_os:-
|
— | |
|
SUSE Linux
SUSE
|
cpe:/o:suse:suse_linux:-
|
— | |
|
Dell PowerProtect Data Domain <7.7.5.50
Dell / PowerProtect Data Domain
|
<7.7.5.50 | ||
|
Dell PowerProtect Data Domain <7.10.1.40
Dell / PowerProtect Data Domain
|
<7.10.1.40 | ||
|
Dell PowerProtect Data Domain <7.13.1.10
Dell / PowerProtect Data Domain
|
<7.13.1.10 | ||
|
Dell PowerProtect Data Domain <8.1.0.0
Dell / PowerProtect Data Domain
|
<8.1.0.0 |
Affected products
Known affected
8 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Dell PowerProtect Data Domain Management Center
Dell
|
cpe:/a:dell:powerprotect_data_domain_management_center:-
|
— | |
|
Dell PowerProtect Data Domain
Dell / PowerProtect Data Domain
|
cpe:/a:dell:powerprotect_data_domain:-
|
— | |
|
Dell PowerProtect Data Domain OS
Dell
|
cpe:/o:dell:powerprotect_data_domain_os:-
|
— | |
|
SUSE Linux
SUSE
|
cpe:/o:suse:suse_linux:-
|
— | |
|
Dell PowerProtect Data Domain <7.7.5.50
Dell / PowerProtect Data Domain
|
<7.7.5.50 | ||
|
Dell PowerProtect Data Domain <7.10.1.40
Dell / PowerProtect Data Domain
|
<7.10.1.40 | ||
|
Dell PowerProtect Data Domain <7.13.1.10
Dell / PowerProtect Data Domain
|
<7.13.1.10 | ||
|
Dell PowerProtect Data Domain <8.1.0.0
Dell / PowerProtect Data Domain
|
<8.1.0.0 |
Affected products
Known affected
8 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Dell PowerProtect Data Domain Management Center
Dell
|
cpe:/a:dell:powerprotect_data_domain_management_center:-
|
— | |
|
Dell PowerProtect Data Domain
Dell / PowerProtect Data Domain
|
cpe:/a:dell:powerprotect_data_domain:-
|
— | |
|
Dell PowerProtect Data Domain OS
Dell
|
cpe:/o:dell:powerprotect_data_domain_os:-
|
— | |
|
SUSE Linux
SUSE
|
cpe:/o:suse:suse_linux:-
|
— | |
|
Dell PowerProtect Data Domain <7.7.5.50
Dell / PowerProtect Data Domain
|
<7.7.5.50 | ||
|
Dell PowerProtect Data Domain <7.10.1.40
Dell / PowerProtect Data Domain
|
<7.10.1.40 | ||
|
Dell PowerProtect Data Domain <7.13.1.10
Dell / PowerProtect Data Domain
|
<7.13.1.10 | ||
|
Dell PowerProtect Data Domain <8.1.0.0
Dell / PowerProtect Data Domain
|
<8.1.0.0 |
Affected products
Known affected
8 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Dell PowerProtect Data Domain Management Center
Dell
|
cpe:/a:dell:powerprotect_data_domain_management_center:-
|
— | |
|
Dell PowerProtect Data Domain
Dell / PowerProtect Data Domain
|
cpe:/a:dell:powerprotect_data_domain:-
|
— | |
|
Dell PowerProtect Data Domain OS
Dell
|
cpe:/o:dell:powerprotect_data_domain_os:-
|
— | |
|
SUSE Linux
SUSE
|
cpe:/o:suse:suse_linux:-
|
— | |
|
Dell PowerProtect Data Domain <7.7.5.50
Dell / PowerProtect Data Domain
|
<7.7.5.50 | ||
|
Dell PowerProtect Data Domain <7.10.1.40
Dell / PowerProtect Data Domain
|
<7.10.1.40 | ||
|
Dell PowerProtect Data Domain <7.13.1.10
Dell / PowerProtect Data Domain
|
<7.13.1.10 | ||
|
Dell PowerProtect Data Domain <8.1.0.0
Dell / PowerProtect Data Domain
|
<8.1.0.0 |
Affected products
Known affected
8 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Dell PowerProtect Data Domain Management Center
Dell
|
cpe:/a:dell:powerprotect_data_domain_management_center:-
|
— | |
|
Dell PowerProtect Data Domain
Dell / PowerProtect Data Domain
|
cpe:/a:dell:powerprotect_data_domain:-
|
— | |
|
Dell PowerProtect Data Domain OS
Dell
|
cpe:/o:dell:powerprotect_data_domain_os:-
|
— | |
|
SUSE Linux
SUSE
|
cpe:/o:suse:suse_linux:-
|
— | |
|
Dell PowerProtect Data Domain <7.7.5.50
Dell / PowerProtect Data Domain
|
<7.7.5.50 | ||
|
Dell PowerProtect Data Domain <7.10.1.40
Dell / PowerProtect Data Domain
|
<7.10.1.40 | ||
|
Dell PowerProtect Data Domain <7.13.1.10
Dell / PowerProtect Data Domain
|
<7.13.1.10 | ||
|
Dell PowerProtect Data Domain <8.1.0.0
Dell / PowerProtect Data Domain
|
<8.1.0.0 |
Affected products
Known affected
8 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Dell PowerProtect Data Domain Management Center
Dell
|
cpe:/a:dell:powerprotect_data_domain_management_center:-
|
— | |
|
Dell PowerProtect Data Domain
Dell / PowerProtect Data Domain
|
cpe:/a:dell:powerprotect_data_domain:-
|
— | |
|
Dell PowerProtect Data Domain OS
Dell
|
cpe:/o:dell:powerprotect_data_domain_os:-
|
— | |
|
SUSE Linux
SUSE
|
cpe:/o:suse:suse_linux:-
|
— | |
|
Dell PowerProtect Data Domain <7.7.5.50
Dell / PowerProtect Data Domain
|
<7.7.5.50 | ||
|
Dell PowerProtect Data Domain <7.10.1.40
Dell / PowerProtect Data Domain
|
<7.10.1.40 | ||
|
Dell PowerProtect Data Domain <7.13.1.10
Dell / PowerProtect Data Domain
|
<7.13.1.10 | ||
|
Dell PowerProtect Data Domain <8.1.0.0
Dell / PowerProtect Data Domain
|
<8.1.0.0 |
Affected products
Known affected
8 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Dell PowerProtect Data Domain Management Center
Dell
|
cpe:/a:dell:powerprotect_data_domain_management_center:-
|
— | |
|
Dell PowerProtect Data Domain
Dell / PowerProtect Data Domain
|
cpe:/a:dell:powerprotect_data_domain:-
|
— | |
|
Dell PowerProtect Data Domain OS
Dell
|
cpe:/o:dell:powerprotect_data_domain_os:-
|
— | |
|
SUSE Linux
SUSE
|
cpe:/o:suse:suse_linux:-
|
— | |
|
Dell PowerProtect Data Domain <7.7.5.50
Dell / PowerProtect Data Domain
|
<7.7.5.50 | ||
|
Dell PowerProtect Data Domain <7.10.1.40
Dell / PowerProtect Data Domain
|
<7.10.1.40 | ||
|
Dell PowerProtect Data Domain <7.13.1.10
Dell / PowerProtect Data Domain
|
<7.13.1.10 | ||
|
Dell PowerProtect Data Domain <8.1.0.0
Dell / PowerProtect Data Domain
|
<8.1.0.0 |
Affected products
Known affected
8 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Dell PowerProtect Data Domain Management Center
Dell
|
cpe:/a:dell:powerprotect_data_domain_management_center:-
|
— | |
|
Dell PowerProtect Data Domain
Dell / PowerProtect Data Domain
|
cpe:/a:dell:powerprotect_data_domain:-
|
— | |
|
Dell PowerProtect Data Domain OS
Dell
|
cpe:/o:dell:powerprotect_data_domain_os:-
|
— | |
|
SUSE Linux
SUSE
|
cpe:/o:suse:suse_linux:-
|
— | |
|
Dell PowerProtect Data Domain <7.7.5.50
Dell / PowerProtect Data Domain
|
<7.7.5.50 | ||
|
Dell PowerProtect Data Domain <7.10.1.40
Dell / PowerProtect Data Domain
|
<7.10.1.40 | ||
|
Dell PowerProtect Data Domain <7.13.1.10
Dell / PowerProtect Data Domain
|
<7.13.1.10 | ||
|
Dell PowerProtect Data Domain <8.1.0.0
Dell / PowerProtect Data Domain
|
<8.1.0.0 |
Affected products
Known affected
8 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Dell PowerProtect Data Domain Management Center
Dell
|
cpe:/a:dell:powerprotect_data_domain_management_center:-
|
— | |
|
Dell PowerProtect Data Domain
Dell / PowerProtect Data Domain
|
cpe:/a:dell:powerprotect_data_domain:-
|
— | |
|
Dell PowerProtect Data Domain OS
Dell
|
cpe:/o:dell:powerprotect_data_domain_os:-
|
— | |
|
SUSE Linux
SUSE
|
cpe:/o:suse:suse_linux:-
|
— | |
|
Dell PowerProtect Data Domain <7.7.5.50
Dell / PowerProtect Data Domain
|
<7.7.5.50 | ||
|
Dell PowerProtect Data Domain <7.10.1.40
Dell / PowerProtect Data Domain
|
<7.10.1.40 | ||
|
Dell PowerProtect Data Domain <7.13.1.10
Dell / PowerProtect Data Domain
|
<7.13.1.10 | ||
|
Dell PowerProtect Data Domain <8.1.0.0
Dell / PowerProtect Data Domain
|
<8.1.0.0 |
Affected products
Known affected
8 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Dell PowerProtect Data Domain Management Center
Dell
|
cpe:/a:dell:powerprotect_data_domain_management_center:-
|
— | |
|
Dell PowerProtect Data Domain
Dell / PowerProtect Data Domain
|
cpe:/a:dell:powerprotect_data_domain:-
|
— | |
|
Dell PowerProtect Data Domain OS
Dell
|
cpe:/o:dell:powerprotect_data_domain_os:-
|
— | |
|
SUSE Linux
SUSE
|
cpe:/o:suse:suse_linux:-
|
— | |
|
Dell PowerProtect Data Domain <7.7.5.50
Dell / PowerProtect Data Domain
|
<7.7.5.50 | ||
|
Dell PowerProtect Data Domain <7.10.1.40
Dell / PowerProtect Data Domain
|
<7.10.1.40 | ||
|
Dell PowerProtect Data Domain <7.13.1.10
Dell / PowerProtect Data Domain
|
<7.13.1.10 | ||
|
Dell PowerProtect Data Domain <8.1.0.0
Dell / PowerProtect Data Domain
|
<8.1.0.0 |
Affected products
Known affected
8 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Dell PowerProtect Data Domain Management Center
Dell
|
cpe:/a:dell:powerprotect_data_domain_management_center:-
|
— | |
|
Dell PowerProtect Data Domain
Dell / PowerProtect Data Domain
|
cpe:/a:dell:powerprotect_data_domain:-
|
— | |
|
Dell PowerProtect Data Domain OS
Dell
|
cpe:/o:dell:powerprotect_data_domain_os:-
|
— | |
|
SUSE Linux
SUSE
|
cpe:/o:suse:suse_linux:-
|
— | |
|
Dell PowerProtect Data Domain <7.7.5.50
Dell / PowerProtect Data Domain
|
<7.7.5.50 | ||
|
Dell PowerProtect Data Domain <7.10.1.40
Dell / PowerProtect Data Domain
|
<7.10.1.40 | ||
|
Dell PowerProtect Data Domain <7.13.1.10
Dell / PowerProtect Data Domain
|
<7.13.1.10 | ||
|
Dell PowerProtect Data Domain <8.1.0.0
Dell / PowerProtect Data Domain
|
<8.1.0.0 |
Affected products
Known affected
8 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Dell PowerProtect Data Domain Management Center
Dell
|
cpe:/a:dell:powerprotect_data_domain_management_center:-
|
— | |
|
Dell PowerProtect Data Domain
Dell / PowerProtect Data Domain
|
cpe:/a:dell:powerprotect_data_domain:-
|
— | |
|
Dell PowerProtect Data Domain OS
Dell
|
cpe:/o:dell:powerprotect_data_domain_os:-
|
— | |
|
SUSE Linux
SUSE
|
cpe:/o:suse:suse_linux:-
|
— | |
|
Dell PowerProtect Data Domain <7.7.5.50
Dell / PowerProtect Data Domain
|
<7.7.5.50 | ||
|
Dell PowerProtect Data Domain <7.10.1.40
Dell / PowerProtect Data Domain
|
<7.10.1.40 | ||
|
Dell PowerProtect Data Domain <7.13.1.10
Dell / PowerProtect Data Domain
|
<7.13.1.10 | ||
|
Dell PowerProtect Data Domain <8.1.0.0
Dell / PowerProtect Data Domain
|
<8.1.0.0 |
Affected products
Known affected
8 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Dell PowerProtect Data Domain Management Center
Dell
|
cpe:/a:dell:powerprotect_data_domain_management_center:-
|
— | |
|
Dell PowerProtect Data Domain
Dell / PowerProtect Data Domain
|
cpe:/a:dell:powerprotect_data_domain:-
|
— | |
|
Dell PowerProtect Data Domain OS
Dell
|
cpe:/o:dell:powerprotect_data_domain_os:-
|
— | |
|
SUSE Linux
SUSE
|
cpe:/o:suse:suse_linux:-
|
— | |
|
Dell PowerProtect Data Domain <7.7.5.50
Dell / PowerProtect Data Domain
|
<7.7.5.50 | ||
|
Dell PowerProtect Data Domain <7.10.1.40
Dell / PowerProtect Data Domain
|
<7.10.1.40 | ||
|
Dell PowerProtect Data Domain <7.13.1.10
Dell / PowerProtect Data Domain
|
<7.13.1.10 | ||
|
Dell PowerProtect Data Domain <8.1.0.0
Dell / PowerProtect Data Domain
|
<8.1.0.0 |
Affected products
Known affected
8 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Dell PowerProtect Data Domain Management Center
Dell
|
cpe:/a:dell:powerprotect_data_domain_management_center:-
|
— | |
|
Dell PowerProtect Data Domain
Dell / PowerProtect Data Domain
|
cpe:/a:dell:powerprotect_data_domain:-
|
— | |
|
Dell PowerProtect Data Domain OS
Dell
|
cpe:/o:dell:powerprotect_data_domain_os:-
|
— | |
|
SUSE Linux
SUSE
|
cpe:/o:suse:suse_linux:-
|
— | |
|
Dell PowerProtect Data Domain <7.7.5.50
Dell / PowerProtect Data Domain
|
<7.7.5.50 | ||
|
Dell PowerProtect Data Domain <7.10.1.40
Dell / PowerProtect Data Domain
|
<7.10.1.40 | ||
|
Dell PowerProtect Data Domain <7.13.1.10
Dell / PowerProtect Data Domain
|
<7.13.1.10 | ||
|
Dell PowerProtect Data Domain <8.1.0.0
Dell / PowerProtect Data Domain
|
<8.1.0.0 |
Affected products
Known affected
8 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Dell PowerProtect Data Domain Management Center
Dell
|
cpe:/a:dell:powerprotect_data_domain_management_center:-
|
— | |
|
Dell PowerProtect Data Domain
Dell / PowerProtect Data Domain
|
cpe:/a:dell:powerprotect_data_domain:-
|
— | |
|
Dell PowerProtect Data Domain OS
Dell
|
cpe:/o:dell:powerprotect_data_domain_os:-
|
— | |
|
SUSE Linux
SUSE
|
cpe:/o:suse:suse_linux:-
|
— | |
|
Dell PowerProtect Data Domain <7.7.5.50
Dell / PowerProtect Data Domain
|
<7.7.5.50 | ||
|
Dell PowerProtect Data Domain <7.10.1.40
Dell / PowerProtect Data Domain
|
<7.10.1.40 | ||
|
Dell PowerProtect Data Domain <7.13.1.10
Dell / PowerProtect Data Domain
|
<7.13.1.10 | ||
|
Dell PowerProtect Data Domain <8.1.0.0
Dell / PowerProtect Data Domain
|
<8.1.0.0 |
Affected products
Known affected
8 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Dell PowerProtect Data Domain Management Center
Dell
|
cpe:/a:dell:powerprotect_data_domain_management_center:-
|
— | |
|
Dell PowerProtect Data Domain
Dell / PowerProtect Data Domain
|
cpe:/a:dell:powerprotect_data_domain:-
|
— | |
|
Dell PowerProtect Data Domain OS
Dell
|
cpe:/o:dell:powerprotect_data_domain_os:-
|
— | |
|
SUSE Linux
SUSE
|
cpe:/o:suse:suse_linux:-
|
— | |
|
Dell PowerProtect Data Domain <7.7.5.50
Dell / PowerProtect Data Domain
|
<7.7.5.50 | ||
|
Dell PowerProtect Data Domain <7.10.1.40
Dell / PowerProtect Data Domain
|
<7.10.1.40 | ||
|
Dell PowerProtect Data Domain <7.13.1.10
Dell / PowerProtect Data Domain
|
<7.13.1.10 | ||
|
Dell PowerProtect Data Domain <8.1.0.0
Dell / PowerProtect Data Domain
|
<8.1.0.0 |
Affected products
Known affected
8 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Dell PowerProtect Data Domain Management Center
Dell
|
cpe:/a:dell:powerprotect_data_domain_management_center:-
|
— | |
|
Dell PowerProtect Data Domain
Dell / PowerProtect Data Domain
|
cpe:/a:dell:powerprotect_data_domain:-
|
— | |
|
Dell PowerProtect Data Domain OS
Dell
|
cpe:/o:dell:powerprotect_data_domain_os:-
|
— | |
|
SUSE Linux
SUSE
|
cpe:/o:suse:suse_linux:-
|
— | |
|
Dell PowerProtect Data Domain <7.7.5.50
Dell / PowerProtect Data Domain
|
<7.7.5.50 | ||
|
Dell PowerProtect Data Domain <7.10.1.40
Dell / PowerProtect Data Domain
|
<7.10.1.40 | ||
|
Dell PowerProtect Data Domain <7.13.1.10
Dell / PowerProtect Data Domain
|
<7.13.1.10 | ||
|
Dell PowerProtect Data Domain <8.1.0.0
Dell / PowerProtect Data Domain
|
<8.1.0.0 |
Affected products
Known affected
8 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Dell PowerProtect Data Domain Management Center
Dell
|
cpe:/a:dell:powerprotect_data_domain_management_center:-
|
— | |
|
Dell PowerProtect Data Domain
Dell / PowerProtect Data Domain
|
cpe:/a:dell:powerprotect_data_domain:-
|
— | |
|
Dell PowerProtect Data Domain OS
Dell
|
cpe:/o:dell:powerprotect_data_domain_os:-
|
— | |
|
SUSE Linux
SUSE
|
cpe:/o:suse:suse_linux:-
|
— | |
|
Dell PowerProtect Data Domain <7.7.5.50
Dell / PowerProtect Data Domain
|
<7.7.5.50 | ||
|
Dell PowerProtect Data Domain <7.10.1.40
Dell / PowerProtect Data Domain
|
<7.10.1.40 | ||
|
Dell PowerProtect Data Domain <7.13.1.10
Dell / PowerProtect Data Domain
|
<7.13.1.10 | ||
|
Dell PowerProtect Data Domain <8.1.0.0
Dell / PowerProtect Data Domain
|
<8.1.0.0 |
Affected products
Known affected
8 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Dell PowerProtect Data Domain Management Center
Dell
|
cpe:/a:dell:powerprotect_data_domain_management_center:-
|
— | |
|
Dell PowerProtect Data Domain
Dell / PowerProtect Data Domain
|
cpe:/a:dell:powerprotect_data_domain:-
|
— | |
|
Dell PowerProtect Data Domain OS
Dell
|
cpe:/o:dell:powerprotect_data_domain_os:-
|
— | |
|
SUSE Linux
SUSE
|
cpe:/o:suse:suse_linux:-
|
— | |
|
Dell PowerProtect Data Domain <7.7.5.50
Dell / PowerProtect Data Domain
|
<7.7.5.50 | ||
|
Dell PowerProtect Data Domain <7.10.1.40
Dell / PowerProtect Data Domain
|
<7.10.1.40 | ||
|
Dell PowerProtect Data Domain <7.13.1.10
Dell / PowerProtect Data Domain
|
<7.13.1.10 | ||
|
Dell PowerProtect Data Domain <8.1.0.0
Dell / PowerProtect Data Domain
|
<8.1.0.0 |
Affected products
Known affected
8 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Dell PowerProtect Data Domain Management Center
Dell
|
cpe:/a:dell:powerprotect_data_domain_management_center:-
|
— | |
|
Dell PowerProtect Data Domain
Dell / PowerProtect Data Domain
|
cpe:/a:dell:powerprotect_data_domain:-
|
— | |
|
Dell PowerProtect Data Domain OS
Dell
|
cpe:/o:dell:powerprotect_data_domain_os:-
|
— | |
|
SUSE Linux
SUSE
|
cpe:/o:suse:suse_linux:-
|
— | |
|
Dell PowerProtect Data Domain <7.7.5.50
Dell / PowerProtect Data Domain
|
<7.7.5.50 | ||
|
Dell PowerProtect Data Domain <7.10.1.40
Dell / PowerProtect Data Domain
|
<7.10.1.40 | ||
|
Dell PowerProtect Data Domain <7.13.1.10
Dell / PowerProtect Data Domain
|
<7.13.1.10 | ||
|
Dell PowerProtect Data Domain <8.1.0.0
Dell / PowerProtect Data Domain
|
<8.1.0.0 |
Affected products
Known affected
8 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Dell PowerProtect Data Domain Management Center
Dell
|
cpe:/a:dell:powerprotect_data_domain_management_center:-
|
— | |
|
Dell PowerProtect Data Domain
Dell / PowerProtect Data Domain
|
cpe:/a:dell:powerprotect_data_domain:-
|
— | |
|
Dell PowerProtect Data Domain OS
Dell
|
cpe:/o:dell:powerprotect_data_domain_os:-
|
— | |
|
SUSE Linux
SUSE
|
cpe:/o:suse:suse_linux:-
|
— | |
|
Dell PowerProtect Data Domain <7.7.5.50
Dell / PowerProtect Data Domain
|
<7.7.5.50 | ||
|
Dell PowerProtect Data Domain <7.10.1.40
Dell / PowerProtect Data Domain
|
<7.10.1.40 | ||
|
Dell PowerProtect Data Domain <7.13.1.10
Dell / PowerProtect Data Domain
|
<7.13.1.10 | ||
|
Dell PowerProtect Data Domain <8.1.0.0
Dell / PowerProtect Data Domain
|
<8.1.0.0 |
Affected products
Known affected
8 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Dell PowerProtect Data Domain Management Center
Dell
|
cpe:/a:dell:powerprotect_data_domain_management_center:-
|
— | |
|
Dell PowerProtect Data Domain
Dell / PowerProtect Data Domain
|
cpe:/a:dell:powerprotect_data_domain:-
|
— | |
|
Dell PowerProtect Data Domain OS
Dell
|
cpe:/o:dell:powerprotect_data_domain_os:-
|
— | |
|
SUSE Linux
SUSE
|
cpe:/o:suse:suse_linux:-
|
— | |
|
Dell PowerProtect Data Domain <7.7.5.50
Dell / PowerProtect Data Domain
|
<7.7.5.50 | ||
|
Dell PowerProtect Data Domain <7.10.1.40
Dell / PowerProtect Data Domain
|
<7.10.1.40 | ||
|
Dell PowerProtect Data Domain <7.13.1.10
Dell / PowerProtect Data Domain
|
<7.13.1.10 | ||
|
Dell PowerProtect Data Domain <8.1.0.0
Dell / PowerProtect Data Domain
|
<8.1.0.0 |
Affected products
Known affected
8 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Dell PowerProtect Data Domain Management Center
Dell
|
cpe:/a:dell:powerprotect_data_domain_management_center:-
|
— | |
|
Dell PowerProtect Data Domain
Dell / PowerProtect Data Domain
|
cpe:/a:dell:powerprotect_data_domain:-
|
— | |
|
Dell PowerProtect Data Domain OS
Dell
|
cpe:/o:dell:powerprotect_data_domain_os:-
|
— | |
|
SUSE Linux
SUSE
|
cpe:/o:suse:suse_linux:-
|
— | |
|
Dell PowerProtect Data Domain <7.7.5.50
Dell / PowerProtect Data Domain
|
<7.7.5.50 | ||
|
Dell PowerProtect Data Domain <7.10.1.40
Dell / PowerProtect Data Domain
|
<7.10.1.40 | ||
|
Dell PowerProtect Data Domain <7.13.1.10
Dell / PowerProtect Data Domain
|
<7.13.1.10 | ||
|
Dell PowerProtect Data Domain <8.1.0.0
Dell / PowerProtect Data Domain
|
<8.1.0.0 |
Affected products
Known affected
8 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Dell PowerProtect Data Domain Management Center
Dell
|
cpe:/a:dell:powerprotect_data_domain_management_center:-
|
— | |
|
Dell PowerProtect Data Domain
Dell / PowerProtect Data Domain
|
cpe:/a:dell:powerprotect_data_domain:-
|
— | |
|
Dell PowerProtect Data Domain OS
Dell
|
cpe:/o:dell:powerprotect_data_domain_os:-
|
— | |
|
SUSE Linux
SUSE
|
cpe:/o:suse:suse_linux:-
|
— | |
|
Dell PowerProtect Data Domain <7.7.5.50
Dell / PowerProtect Data Domain
|
<7.7.5.50 | ||
|
Dell PowerProtect Data Domain <7.10.1.40
Dell / PowerProtect Data Domain
|
<7.10.1.40 | ||
|
Dell PowerProtect Data Domain <7.13.1.10
Dell / PowerProtect Data Domain
|
<7.13.1.10 | ||
|
Dell PowerProtect Data Domain <8.1.0.0
Dell / PowerProtect Data Domain
|
<8.1.0.0 |
Affected products
Known affected
8 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Dell PowerProtect Data Domain Management Center
Dell
|
cpe:/a:dell:powerprotect_data_domain_management_center:-
|
— | |
|
Dell PowerProtect Data Domain
Dell / PowerProtect Data Domain
|
cpe:/a:dell:powerprotect_data_domain:-
|
— | |
|
Dell PowerProtect Data Domain OS
Dell
|
cpe:/o:dell:powerprotect_data_domain_os:-
|
— | |
|
SUSE Linux
SUSE
|
cpe:/o:suse:suse_linux:-
|
— | |
|
Dell PowerProtect Data Domain <7.7.5.50
Dell / PowerProtect Data Domain
|
<7.7.5.50 | ||
|
Dell PowerProtect Data Domain <7.10.1.40
Dell / PowerProtect Data Domain
|
<7.10.1.40 | ||
|
Dell PowerProtect Data Domain <7.13.1.10
Dell / PowerProtect Data Domain
|
<7.13.1.10 | ||
|
Dell PowerProtect Data Domain <8.1.0.0
Dell / PowerProtect Data Domain
|
<8.1.0.0 |
Affected products
Known affected
8 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Dell PowerProtect Data Domain Management Center
Dell
|
cpe:/a:dell:powerprotect_data_domain_management_center:-
|
— | |
|
Dell PowerProtect Data Domain
Dell / PowerProtect Data Domain
|
cpe:/a:dell:powerprotect_data_domain:-
|
— | |
|
Dell PowerProtect Data Domain OS
Dell
|
cpe:/o:dell:powerprotect_data_domain_os:-
|
— | |
|
SUSE Linux
SUSE
|
cpe:/o:suse:suse_linux:-
|
— | |
|
Dell PowerProtect Data Domain <7.7.5.50
Dell / PowerProtect Data Domain
|
<7.7.5.50 | ||
|
Dell PowerProtect Data Domain <7.10.1.40
Dell / PowerProtect Data Domain
|
<7.10.1.40 | ||
|
Dell PowerProtect Data Domain <7.13.1.10
Dell / PowerProtect Data Domain
|
<7.13.1.10 | ||
|
Dell PowerProtect Data Domain <8.1.0.0
Dell / PowerProtect Data Domain
|
<8.1.0.0 |
Affected products
Known affected
8 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Dell PowerProtect Data Domain Management Center
Dell
|
cpe:/a:dell:powerprotect_data_domain_management_center:-
|
— | |
|
Dell PowerProtect Data Domain
Dell / PowerProtect Data Domain
|
cpe:/a:dell:powerprotect_data_domain:-
|
— | |
|
Dell PowerProtect Data Domain OS
Dell
|
cpe:/o:dell:powerprotect_data_domain_os:-
|
— | |
|
SUSE Linux
SUSE
|
cpe:/o:suse:suse_linux:-
|
— | |
|
Dell PowerProtect Data Domain <7.7.5.50
Dell / PowerProtect Data Domain
|
<7.7.5.50 | ||
|
Dell PowerProtect Data Domain <7.10.1.40
Dell / PowerProtect Data Domain
|
<7.10.1.40 | ||
|
Dell PowerProtect Data Domain <7.13.1.10
Dell / PowerProtect Data Domain
|
<7.13.1.10 | ||
|
Dell PowerProtect Data Domain <8.1.0.0
Dell / PowerProtect Data Domain
|
<8.1.0.0 |
Affected products
Known affected
8 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Dell PowerProtect Data Domain Management Center
Dell
|
cpe:/a:dell:powerprotect_data_domain_management_center:-
|
— | |
|
Dell PowerProtect Data Domain
Dell / PowerProtect Data Domain
|
cpe:/a:dell:powerprotect_data_domain:-
|
— | |
|
Dell PowerProtect Data Domain OS
Dell
|
cpe:/o:dell:powerprotect_data_domain_os:-
|
— | |
|
SUSE Linux
SUSE
|
cpe:/o:suse:suse_linux:-
|
— | |
|
Dell PowerProtect Data Domain <7.7.5.50
Dell / PowerProtect Data Domain
|
<7.7.5.50 | ||
|
Dell PowerProtect Data Domain <7.10.1.40
Dell / PowerProtect Data Domain
|
<7.10.1.40 | ||
|
Dell PowerProtect Data Domain <7.13.1.10
Dell / PowerProtect Data Domain
|
<7.13.1.10 | ||
|
Dell PowerProtect Data Domain <8.1.0.0
Dell / PowerProtect Data Domain
|
<8.1.0.0 |
Affected products
Known affected
8 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Dell PowerProtect Data Domain Management Center
Dell
|
cpe:/a:dell:powerprotect_data_domain_management_center:-
|
— | |
|
Dell PowerProtect Data Domain
Dell / PowerProtect Data Domain
|
cpe:/a:dell:powerprotect_data_domain:-
|
— | |
|
Dell PowerProtect Data Domain OS
Dell
|
cpe:/o:dell:powerprotect_data_domain_os:-
|
— | |
|
SUSE Linux
SUSE
|
cpe:/o:suse:suse_linux:-
|
— | |
|
Dell PowerProtect Data Domain <7.7.5.50
Dell / PowerProtect Data Domain
|
<7.7.5.50 | ||
|
Dell PowerProtect Data Domain <7.10.1.40
Dell / PowerProtect Data Domain
|
<7.10.1.40 | ||
|
Dell PowerProtect Data Domain <7.13.1.10
Dell / PowerProtect Data Domain
|
<7.13.1.10 | ||
|
Dell PowerProtect Data Domain <8.1.0.0
Dell / PowerProtect Data Domain
|
<8.1.0.0 |
Affected products
Known affected
8 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Dell PowerProtect Data Domain Management Center
Dell
|
cpe:/a:dell:powerprotect_data_domain_management_center:-
|
— | |
|
Dell PowerProtect Data Domain
Dell / PowerProtect Data Domain
|
cpe:/a:dell:powerprotect_data_domain:-
|
— | |
|
Dell PowerProtect Data Domain OS
Dell
|
cpe:/o:dell:powerprotect_data_domain_os:-
|
— | |
|
SUSE Linux
SUSE
|
cpe:/o:suse:suse_linux:-
|
— | |
|
Dell PowerProtect Data Domain <7.7.5.50
Dell / PowerProtect Data Domain
|
<7.7.5.50 | ||
|
Dell PowerProtect Data Domain <7.10.1.40
Dell / PowerProtect Data Domain
|
<7.10.1.40 | ||
|
Dell PowerProtect Data Domain <7.13.1.10
Dell / PowerProtect Data Domain
|
<7.13.1.10 | ||
|
Dell PowerProtect Data Domain <8.1.0.0
Dell / PowerProtect Data Domain
|
<8.1.0.0 |
Affected products
Known affected
8 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Dell PowerProtect Data Domain Management Center
Dell
|
cpe:/a:dell:powerprotect_data_domain_management_center:-
|
— | |
|
Dell PowerProtect Data Domain
Dell / PowerProtect Data Domain
|
cpe:/a:dell:powerprotect_data_domain:-
|
— | |
|
Dell PowerProtect Data Domain OS
Dell
|
cpe:/o:dell:powerprotect_data_domain_os:-
|
— | |
|
SUSE Linux
SUSE
|
cpe:/o:suse:suse_linux:-
|
— | |
|
Dell PowerProtect Data Domain <7.7.5.50
Dell / PowerProtect Data Domain
|
<7.7.5.50 | ||
|
Dell PowerProtect Data Domain <7.10.1.40
Dell / PowerProtect Data Domain
|
<7.10.1.40 | ||
|
Dell PowerProtect Data Domain <7.13.1.10
Dell / PowerProtect Data Domain
|
<7.13.1.10 | ||
|
Dell PowerProtect Data Domain <8.1.0.0
Dell / PowerProtect Data Domain
|
<8.1.0.0 |
Affected products
Known affected
8 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Dell PowerProtect Data Domain Management Center
Dell
|
cpe:/a:dell:powerprotect_data_domain_management_center:-
|
— | |
|
Dell PowerProtect Data Domain
Dell / PowerProtect Data Domain
|
cpe:/a:dell:powerprotect_data_domain:-
|
— | |
|
Dell PowerProtect Data Domain OS
Dell
|
cpe:/o:dell:powerprotect_data_domain_os:-
|
— | |
|
SUSE Linux
SUSE
|
cpe:/o:suse:suse_linux:-
|
— | |
|
Dell PowerProtect Data Domain <7.7.5.50
Dell / PowerProtect Data Domain
|
<7.7.5.50 | ||
|
Dell PowerProtect Data Domain <7.10.1.40
Dell / PowerProtect Data Domain
|
<7.10.1.40 | ||
|
Dell PowerProtect Data Domain <7.13.1.10
Dell / PowerProtect Data Domain
|
<7.13.1.10 | ||
|
Dell PowerProtect Data Domain <8.1.0.0
Dell / PowerProtect Data Domain
|
<8.1.0.0 |
Affected products
Known affected
8 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Dell PowerProtect Data Domain Management Center
Dell
|
cpe:/a:dell:powerprotect_data_domain_management_center:-
|
— | |
|
Dell PowerProtect Data Domain
Dell / PowerProtect Data Domain
|
cpe:/a:dell:powerprotect_data_domain:-
|
— | |
|
Dell PowerProtect Data Domain OS
Dell
|
cpe:/o:dell:powerprotect_data_domain_os:-
|
— | |
|
SUSE Linux
SUSE
|
cpe:/o:suse:suse_linux:-
|
— | |
|
Dell PowerProtect Data Domain <7.7.5.50
Dell / PowerProtect Data Domain
|
<7.7.5.50 | ||
|
Dell PowerProtect Data Domain <7.10.1.40
Dell / PowerProtect Data Domain
|
<7.10.1.40 | ||
|
Dell PowerProtect Data Domain <7.13.1.10
Dell / PowerProtect Data Domain
|
<7.13.1.10 | ||
|
Dell PowerProtect Data Domain <8.1.0.0
Dell / PowerProtect Data Domain
|
<8.1.0.0 |
Affected products
Known affected
8 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Dell PowerProtect Data Domain Management Center
Dell
|
cpe:/a:dell:powerprotect_data_domain_management_center:-
|
— | |
|
Dell PowerProtect Data Domain
Dell / PowerProtect Data Domain
|
cpe:/a:dell:powerprotect_data_domain:-
|
— | |
|
Dell PowerProtect Data Domain OS
Dell
|
cpe:/o:dell:powerprotect_data_domain_os:-
|
— | |
|
SUSE Linux
SUSE
|
cpe:/o:suse:suse_linux:-
|
— | |
|
Dell PowerProtect Data Domain <7.7.5.50
Dell / PowerProtect Data Domain
|
<7.7.5.50 | ||
|
Dell PowerProtect Data Domain <7.10.1.40
Dell / PowerProtect Data Domain
|
<7.10.1.40 | ||
|
Dell PowerProtect Data Domain <7.13.1.10
Dell / PowerProtect Data Domain
|
<7.13.1.10 | ||
|
Dell PowerProtect Data Domain <8.1.0.0
Dell / PowerProtect Data Domain
|
<8.1.0.0 |
Affected products
Known affected
8 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Dell PowerProtect Data Domain Management Center
Dell
|
cpe:/a:dell:powerprotect_data_domain_management_center:-
|
— | |
|
Dell PowerProtect Data Domain
Dell / PowerProtect Data Domain
|
cpe:/a:dell:powerprotect_data_domain:-
|
— | |
|
Dell PowerProtect Data Domain OS
Dell
|
cpe:/o:dell:powerprotect_data_domain_os:-
|
— | |
|
SUSE Linux
SUSE
|
cpe:/o:suse:suse_linux:-
|
— | |
|
Dell PowerProtect Data Domain <7.7.5.50
Dell / PowerProtect Data Domain
|
<7.7.5.50 | ||
|
Dell PowerProtect Data Domain <7.10.1.40
Dell / PowerProtect Data Domain
|
<7.10.1.40 | ||
|
Dell PowerProtect Data Domain <7.13.1.10
Dell / PowerProtect Data Domain
|
<7.13.1.10 | ||
|
Dell PowerProtect Data Domain <8.1.0.0
Dell / PowerProtect Data Domain
|
<8.1.0.0 |
Affected products
Known affected
8 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Dell PowerProtect Data Domain Management Center
Dell
|
cpe:/a:dell:powerprotect_data_domain_management_center:-
|
— | |
|
Dell PowerProtect Data Domain
Dell / PowerProtect Data Domain
|
cpe:/a:dell:powerprotect_data_domain:-
|
— | |
|
Dell PowerProtect Data Domain OS
Dell
|
cpe:/o:dell:powerprotect_data_domain_os:-
|
— | |
|
SUSE Linux
SUSE
|
cpe:/o:suse:suse_linux:-
|
— | |
|
Dell PowerProtect Data Domain <7.7.5.50
Dell / PowerProtect Data Domain
|
<7.7.5.50 | ||
|
Dell PowerProtect Data Domain <7.10.1.40
Dell / PowerProtect Data Domain
|
<7.10.1.40 | ||
|
Dell PowerProtect Data Domain <7.13.1.10
Dell / PowerProtect Data Domain
|
<7.13.1.10 | ||
|
Dell PowerProtect Data Domain <8.1.0.0
Dell / PowerProtect Data Domain
|
<8.1.0.0 |
Affected products
Known affected
8 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Dell PowerProtect Data Domain Management Center
Dell
|
cpe:/a:dell:powerprotect_data_domain_management_center:-
|
— | |
|
Dell PowerProtect Data Domain
Dell / PowerProtect Data Domain
|
cpe:/a:dell:powerprotect_data_domain:-
|
— | |
|
Dell PowerProtect Data Domain OS
Dell
|
cpe:/o:dell:powerprotect_data_domain_os:-
|
— | |
|
SUSE Linux
SUSE
|
cpe:/o:suse:suse_linux:-
|
— | |
|
Dell PowerProtect Data Domain <7.7.5.50
Dell / PowerProtect Data Domain
|
<7.7.5.50 | ||
|
Dell PowerProtect Data Domain <7.10.1.40
Dell / PowerProtect Data Domain
|
<7.10.1.40 | ||
|
Dell PowerProtect Data Domain <7.13.1.10
Dell / PowerProtect Data Domain
|
<7.13.1.10 | ||
|
Dell PowerProtect Data Domain <8.1.0.0
Dell / PowerProtect Data Domain
|
<8.1.0.0 |
Affected products
Known affected
8 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Dell PowerProtect Data Domain Management Center
Dell
|
cpe:/a:dell:powerprotect_data_domain_management_center:-
|
— | |
|
Dell PowerProtect Data Domain
Dell / PowerProtect Data Domain
|
cpe:/a:dell:powerprotect_data_domain:-
|
— | |
|
Dell PowerProtect Data Domain OS
Dell
|
cpe:/o:dell:powerprotect_data_domain_os:-
|
— | |
|
SUSE Linux
SUSE
|
cpe:/o:suse:suse_linux:-
|
— | |
|
Dell PowerProtect Data Domain <7.7.5.50
Dell / PowerProtect Data Domain
|
<7.7.5.50 | ||
|
Dell PowerProtect Data Domain <7.10.1.40
Dell / PowerProtect Data Domain
|
<7.10.1.40 | ||
|
Dell PowerProtect Data Domain <7.13.1.10
Dell / PowerProtect Data Domain
|
<7.13.1.10 | ||
|
Dell PowerProtect Data Domain <8.1.0.0
Dell / PowerProtect Data Domain
|
<8.1.0.0 |
Affected products
Known affected
8 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Dell PowerProtect Data Domain Management Center
Dell
|
cpe:/a:dell:powerprotect_data_domain_management_center:-
|
— | |
|
Dell PowerProtect Data Domain
Dell / PowerProtect Data Domain
|
cpe:/a:dell:powerprotect_data_domain:-
|
— | |
|
Dell PowerProtect Data Domain OS
Dell
|
cpe:/o:dell:powerprotect_data_domain_os:-
|
— | |
|
SUSE Linux
SUSE
|
cpe:/o:suse:suse_linux:-
|
— | |
|
Dell PowerProtect Data Domain <7.7.5.50
Dell / PowerProtect Data Domain
|
<7.7.5.50 | ||
|
Dell PowerProtect Data Domain <7.10.1.40
Dell / PowerProtect Data Domain
|
<7.10.1.40 | ||
|
Dell PowerProtect Data Domain <7.13.1.10
Dell / PowerProtect Data Domain
|
<7.13.1.10 | ||
|
Dell PowerProtect Data Domain <8.1.0.0
Dell / PowerProtect Data Domain
|
<8.1.0.0 |
Affected products
Known affected
8 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Dell PowerProtect Data Domain Management Center
Dell
|
cpe:/a:dell:powerprotect_data_domain_management_center:-
|
— | |
|
Dell PowerProtect Data Domain
Dell / PowerProtect Data Domain
|
cpe:/a:dell:powerprotect_data_domain:-
|
— | |
|
Dell PowerProtect Data Domain OS
Dell
|
cpe:/o:dell:powerprotect_data_domain_os:-
|
— | |
|
SUSE Linux
SUSE
|
cpe:/o:suse:suse_linux:-
|
— | |
|
Dell PowerProtect Data Domain <7.7.5.50
Dell / PowerProtect Data Domain
|
<7.7.5.50 | ||
|
Dell PowerProtect Data Domain <7.10.1.40
Dell / PowerProtect Data Domain
|
<7.10.1.40 | ||
|
Dell PowerProtect Data Domain <7.13.1.10
Dell / PowerProtect Data Domain
|
<7.13.1.10 | ||
|
Dell PowerProtect Data Domain <8.1.0.0
Dell / PowerProtect Data Domain
|
<8.1.0.0 |
Affected products
Known affected
8 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Dell PowerProtect Data Domain Management Center
Dell
|
cpe:/a:dell:powerprotect_data_domain_management_center:-
|
— | |
|
Dell PowerProtect Data Domain
Dell / PowerProtect Data Domain
|
cpe:/a:dell:powerprotect_data_domain:-
|
— | |
|
Dell PowerProtect Data Domain OS
Dell
|
cpe:/o:dell:powerprotect_data_domain_os:-
|
— | |
|
SUSE Linux
SUSE
|
cpe:/o:suse:suse_linux:-
|
— | |
|
Dell PowerProtect Data Domain <7.7.5.50
Dell / PowerProtect Data Domain
|
<7.7.5.50 | ||
|
Dell PowerProtect Data Domain <7.10.1.40
Dell / PowerProtect Data Domain
|
<7.10.1.40 | ||
|
Dell PowerProtect Data Domain <7.13.1.10
Dell / PowerProtect Data Domain
|
<7.13.1.10 | ||
|
Dell PowerProtect Data Domain <8.1.0.0
Dell / PowerProtect Data Domain
|
<8.1.0.0 |
Affected products
Known affected
8 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Dell PowerProtect Data Domain Management Center
Dell
|
cpe:/a:dell:powerprotect_data_domain_management_center:-
|
— | |
|
Dell PowerProtect Data Domain
Dell / PowerProtect Data Domain
|
cpe:/a:dell:powerprotect_data_domain:-
|
— | |
|
Dell PowerProtect Data Domain OS
Dell
|
cpe:/o:dell:powerprotect_data_domain_os:-
|
— | |
|
SUSE Linux
SUSE
|
cpe:/o:suse:suse_linux:-
|
— | |
|
Dell PowerProtect Data Domain <7.7.5.50
Dell / PowerProtect Data Domain
|
<7.7.5.50 | ||
|
Dell PowerProtect Data Domain <7.10.1.40
Dell / PowerProtect Data Domain
|
<7.10.1.40 | ||
|
Dell PowerProtect Data Domain <7.13.1.10
Dell / PowerProtect Data Domain
|
<7.13.1.10 | ||
|
Dell PowerProtect Data Domain <8.1.0.0
Dell / PowerProtect Data Domain
|
<8.1.0.0 |
Affected products
Known affected
8 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Dell PowerProtect Data Domain Management Center
Dell
|
cpe:/a:dell:powerprotect_data_domain_management_center:-
|
— | |
|
Dell PowerProtect Data Domain
Dell / PowerProtect Data Domain
|
cpe:/a:dell:powerprotect_data_domain:-
|
— | |
|
Dell PowerProtect Data Domain OS
Dell
|
cpe:/o:dell:powerprotect_data_domain_os:-
|
— | |
|
SUSE Linux
SUSE
|
cpe:/o:suse:suse_linux:-
|
— | |
|
Dell PowerProtect Data Domain <7.7.5.50
Dell / PowerProtect Data Domain
|
<7.7.5.50 | ||
|
Dell PowerProtect Data Domain <7.10.1.40
Dell / PowerProtect Data Domain
|
<7.10.1.40 | ||
|
Dell PowerProtect Data Domain <7.13.1.10
Dell / PowerProtect Data Domain
|
<7.13.1.10 | ||
|
Dell PowerProtect Data Domain <8.1.0.0
Dell / PowerProtect Data Domain
|
<8.1.0.0 |
Affected products
Known affected
8 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Dell PowerProtect Data Domain Management Center
Dell
|
cpe:/a:dell:powerprotect_data_domain_management_center:-
|
— | |
|
Dell PowerProtect Data Domain
Dell / PowerProtect Data Domain
|
cpe:/a:dell:powerprotect_data_domain:-
|
— | |
|
Dell PowerProtect Data Domain OS
Dell
|
cpe:/o:dell:powerprotect_data_domain_os:-
|
— | |
|
SUSE Linux
SUSE
|
cpe:/o:suse:suse_linux:-
|
— | |
|
Dell PowerProtect Data Domain <7.7.5.50
Dell / PowerProtect Data Domain
|
<7.7.5.50 | ||
|
Dell PowerProtect Data Domain <7.10.1.40
Dell / PowerProtect Data Domain
|
<7.10.1.40 | ||
|
Dell PowerProtect Data Domain <7.13.1.10
Dell / PowerProtect Data Domain
|
<7.13.1.10 | ||
|
Dell PowerProtect Data Domain <8.1.0.0
Dell / PowerProtect Data Domain
|
<8.1.0.0 |
Affected products
Known affected
8 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Dell PowerProtect Data Domain Management Center
Dell
|
cpe:/a:dell:powerprotect_data_domain_management_center:-
|
— | |
|
Dell PowerProtect Data Domain
Dell / PowerProtect Data Domain
|
cpe:/a:dell:powerprotect_data_domain:-
|
— | |
|
Dell PowerProtect Data Domain OS
Dell
|
cpe:/o:dell:powerprotect_data_domain_os:-
|
— | |
|
SUSE Linux
SUSE
|
cpe:/o:suse:suse_linux:-
|
— | |
|
Dell PowerProtect Data Domain <7.7.5.50
Dell / PowerProtect Data Domain
|
<7.7.5.50 | ||
|
Dell PowerProtect Data Domain <7.10.1.40
Dell / PowerProtect Data Domain
|
<7.10.1.40 | ||
|
Dell PowerProtect Data Domain <7.13.1.10
Dell / PowerProtect Data Domain
|
<7.13.1.10 | ||
|
Dell PowerProtect Data Domain <8.1.0.0
Dell / PowerProtect Data Domain
|
<8.1.0.0 |
Affected products
Known affected
8 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Dell PowerProtect Data Domain Management Center
Dell
|
cpe:/a:dell:powerprotect_data_domain_management_center:-
|
— | |
|
Dell PowerProtect Data Domain
Dell / PowerProtect Data Domain
|
cpe:/a:dell:powerprotect_data_domain:-
|
— | |
|
Dell PowerProtect Data Domain OS
Dell
|
cpe:/o:dell:powerprotect_data_domain_os:-
|
— | |
|
SUSE Linux
SUSE
|
cpe:/o:suse:suse_linux:-
|
— | |
|
Dell PowerProtect Data Domain <7.7.5.50
Dell / PowerProtect Data Domain
|
<7.7.5.50 | ||
|
Dell PowerProtect Data Domain <7.10.1.40
Dell / PowerProtect Data Domain
|
<7.10.1.40 | ||
|
Dell PowerProtect Data Domain <7.13.1.10
Dell / PowerProtect Data Domain
|
<7.13.1.10 | ||
|
Dell PowerProtect Data Domain <8.1.0.0
Dell / PowerProtect Data Domain
|
<8.1.0.0 |
Affected products
Known affected
8 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Dell PowerProtect Data Domain Management Center
Dell
|
cpe:/a:dell:powerprotect_data_domain_management_center:-
|
— | |
|
Dell PowerProtect Data Domain
Dell / PowerProtect Data Domain
|
cpe:/a:dell:powerprotect_data_domain:-
|
— | |
|
Dell PowerProtect Data Domain OS
Dell
|
cpe:/o:dell:powerprotect_data_domain_os:-
|
— | |
|
SUSE Linux
SUSE
|
cpe:/o:suse:suse_linux:-
|
— | |
|
Dell PowerProtect Data Domain <7.7.5.50
Dell / PowerProtect Data Domain
|
<7.7.5.50 | ||
|
Dell PowerProtect Data Domain <7.10.1.40
Dell / PowerProtect Data Domain
|
<7.10.1.40 | ||
|
Dell PowerProtect Data Domain <7.13.1.10
Dell / PowerProtect Data Domain
|
<7.13.1.10 | ||
|
Dell PowerProtect Data Domain <8.1.0.0
Dell / PowerProtect Data Domain
|
<8.1.0.0 |
Affected products
Known affected
8 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Dell PowerProtect Data Domain Management Center
Dell
|
cpe:/a:dell:powerprotect_data_domain_management_center:-
|
— | |
|
Dell PowerProtect Data Domain
Dell / PowerProtect Data Domain
|
cpe:/a:dell:powerprotect_data_domain:-
|
— | |
|
Dell PowerProtect Data Domain OS
Dell
|
cpe:/o:dell:powerprotect_data_domain_os:-
|
— | |
|
SUSE Linux
SUSE
|
cpe:/o:suse:suse_linux:-
|
— | |
|
Dell PowerProtect Data Domain <7.7.5.50
Dell / PowerProtect Data Domain
|
<7.7.5.50 | ||
|
Dell PowerProtect Data Domain <7.10.1.40
Dell / PowerProtect Data Domain
|
<7.10.1.40 | ||
|
Dell PowerProtect Data Domain <7.13.1.10
Dell / PowerProtect Data Domain
|
<7.13.1.10 | ||
|
Dell PowerProtect Data Domain <8.1.0.0
Dell / PowerProtect Data Domain
|
<8.1.0.0 |
Affected products
Known affected
8 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Dell PowerProtect Data Domain Management Center
Dell
|
cpe:/a:dell:powerprotect_data_domain_management_center:-
|
— | |
|
Dell PowerProtect Data Domain
Dell / PowerProtect Data Domain
|
cpe:/a:dell:powerprotect_data_domain:-
|
— | |
|
Dell PowerProtect Data Domain OS
Dell
|
cpe:/o:dell:powerprotect_data_domain_os:-
|
— | |
|
SUSE Linux
SUSE
|
cpe:/o:suse:suse_linux:-
|
— | |
|
Dell PowerProtect Data Domain <7.7.5.50
Dell / PowerProtect Data Domain
|
<7.7.5.50 | ||
|
Dell PowerProtect Data Domain <7.10.1.40
Dell / PowerProtect Data Domain
|
<7.10.1.40 | ||
|
Dell PowerProtect Data Domain <7.13.1.10
Dell / PowerProtect Data Domain
|
<7.13.1.10 | ||
|
Dell PowerProtect Data Domain <8.1.0.0
Dell / PowerProtect Data Domain
|
<8.1.0.0 |
Affected products
Known affected
8 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Dell PowerProtect Data Domain Management Center
Dell
|
cpe:/a:dell:powerprotect_data_domain_management_center:-
|
— | |
|
Dell PowerProtect Data Domain
Dell / PowerProtect Data Domain
|
cpe:/a:dell:powerprotect_data_domain:-
|
— | |
|
Dell PowerProtect Data Domain OS
Dell
|
cpe:/o:dell:powerprotect_data_domain_os:-
|
— | |
|
SUSE Linux
SUSE
|
cpe:/o:suse:suse_linux:-
|
— | |
|
Dell PowerProtect Data Domain <7.7.5.50
Dell / PowerProtect Data Domain
|
<7.7.5.50 | ||
|
Dell PowerProtect Data Domain <7.10.1.40
Dell / PowerProtect Data Domain
|
<7.10.1.40 | ||
|
Dell PowerProtect Data Domain <7.13.1.10
Dell / PowerProtect Data Domain
|
<7.13.1.10 | ||
|
Dell PowerProtect Data Domain <8.1.0.0
Dell / PowerProtect Data Domain
|
<8.1.0.0 |
Affected products
Known affected
8 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Dell PowerProtect Data Domain Management Center
Dell
|
cpe:/a:dell:powerprotect_data_domain_management_center:-
|
— | |
|
Dell PowerProtect Data Domain
Dell / PowerProtect Data Domain
|
cpe:/a:dell:powerprotect_data_domain:-
|
— | |
|
Dell PowerProtect Data Domain OS
Dell
|
cpe:/o:dell:powerprotect_data_domain_os:-
|
— | |
|
SUSE Linux
SUSE
|
cpe:/o:suse:suse_linux:-
|
— | |
|
Dell PowerProtect Data Domain <7.7.5.50
Dell / PowerProtect Data Domain
|
<7.7.5.50 | ||
|
Dell PowerProtect Data Domain <7.10.1.40
Dell / PowerProtect Data Domain
|
<7.10.1.40 | ||
|
Dell PowerProtect Data Domain <7.13.1.10
Dell / PowerProtect Data Domain
|
<7.13.1.10 | ||
|
Dell PowerProtect Data Domain <8.1.0.0
Dell / PowerProtect Data Domain
|
<8.1.0.0 |
Affected products
Known affected
8 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Dell PowerProtect Data Domain Management Center
Dell
|
cpe:/a:dell:powerprotect_data_domain_management_center:-
|
— | |
|
Dell PowerProtect Data Domain
Dell / PowerProtect Data Domain
|
cpe:/a:dell:powerprotect_data_domain:-
|
— | |
|
Dell PowerProtect Data Domain OS
Dell
|
cpe:/o:dell:powerprotect_data_domain_os:-
|
— | |
|
SUSE Linux
SUSE
|
cpe:/o:suse:suse_linux:-
|
— | |
|
Dell PowerProtect Data Domain <7.7.5.50
Dell / PowerProtect Data Domain
|
<7.7.5.50 | ||
|
Dell PowerProtect Data Domain <7.10.1.40
Dell / PowerProtect Data Domain
|
<7.10.1.40 | ||
|
Dell PowerProtect Data Domain <7.13.1.10
Dell / PowerProtect Data Domain
|
<7.13.1.10 | ||
|
Dell PowerProtect Data Domain <8.1.0.0
Dell / PowerProtect Data Domain
|
<8.1.0.0 |
Affected products
Known affected
8 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Dell PowerProtect Data Domain Management Center
Dell
|
cpe:/a:dell:powerprotect_data_domain_management_center:-
|
— | |
|
Dell PowerProtect Data Domain
Dell / PowerProtect Data Domain
|
cpe:/a:dell:powerprotect_data_domain:-
|
— | |
|
Dell PowerProtect Data Domain OS
Dell
|
cpe:/o:dell:powerprotect_data_domain_os:-
|
— | |
|
SUSE Linux
SUSE
|
cpe:/o:suse:suse_linux:-
|
— | |
|
Dell PowerProtect Data Domain <7.7.5.50
Dell / PowerProtect Data Domain
|
<7.7.5.50 | ||
|
Dell PowerProtect Data Domain <7.10.1.40
Dell / PowerProtect Data Domain
|
<7.10.1.40 | ||
|
Dell PowerProtect Data Domain <7.13.1.10
Dell / PowerProtect Data Domain
|
<7.13.1.10 | ||
|
Dell PowerProtect Data Domain <8.1.0.0
Dell / PowerProtect Data Domain
|
<8.1.0.0 |
Affected products
Known affected
8 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Dell PowerProtect Data Domain Management Center
Dell
|
cpe:/a:dell:powerprotect_data_domain_management_center:-
|
— | |
|
Dell PowerProtect Data Domain
Dell / PowerProtect Data Domain
|
cpe:/a:dell:powerprotect_data_domain:-
|
— | |
|
Dell PowerProtect Data Domain OS
Dell
|
cpe:/o:dell:powerprotect_data_domain_os:-
|
— | |
|
SUSE Linux
SUSE
|
cpe:/o:suse:suse_linux:-
|
— | |
|
Dell PowerProtect Data Domain <7.7.5.50
Dell / PowerProtect Data Domain
|
<7.7.5.50 | ||
|
Dell PowerProtect Data Domain <7.10.1.40
Dell / PowerProtect Data Domain
|
<7.10.1.40 | ||
|
Dell PowerProtect Data Domain <7.13.1.10
Dell / PowerProtect Data Domain
|
<7.13.1.10 | ||
|
Dell PowerProtect Data Domain <8.1.0.0
Dell / PowerProtect Data Domain
|
<8.1.0.0 |
Affected products
Known affected
8 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Dell PowerProtect Data Domain Management Center
Dell
|
cpe:/a:dell:powerprotect_data_domain_management_center:-
|
— | |
|
Dell PowerProtect Data Domain
Dell / PowerProtect Data Domain
|
cpe:/a:dell:powerprotect_data_domain:-
|
— | |
|
Dell PowerProtect Data Domain OS
Dell
|
cpe:/o:dell:powerprotect_data_domain_os:-
|
— | |
|
SUSE Linux
SUSE
|
cpe:/o:suse:suse_linux:-
|
— | |
|
Dell PowerProtect Data Domain <7.7.5.50
Dell / PowerProtect Data Domain
|
<7.7.5.50 | ||
|
Dell PowerProtect Data Domain <7.10.1.40
Dell / PowerProtect Data Domain
|
<7.10.1.40 | ||
|
Dell PowerProtect Data Domain <7.13.1.10
Dell / PowerProtect Data Domain
|
<7.13.1.10 | ||
|
Dell PowerProtect Data Domain <8.1.0.0
Dell / PowerProtect Data Domain
|
<8.1.0.0 |
Affected products
Known affected
8 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Dell PowerProtect Data Domain Management Center
Dell
|
cpe:/a:dell:powerprotect_data_domain_management_center:-
|
— | |
|
Dell PowerProtect Data Domain
Dell / PowerProtect Data Domain
|
cpe:/a:dell:powerprotect_data_domain:-
|
— | |
|
Dell PowerProtect Data Domain OS
Dell
|
cpe:/o:dell:powerprotect_data_domain_os:-
|
— | |
|
SUSE Linux
SUSE
|
cpe:/o:suse:suse_linux:-
|
— | |
|
Dell PowerProtect Data Domain <7.7.5.50
Dell / PowerProtect Data Domain
|
<7.7.5.50 | ||
|
Dell PowerProtect Data Domain <7.10.1.40
Dell / PowerProtect Data Domain
|
<7.10.1.40 | ||
|
Dell PowerProtect Data Domain <7.13.1.10
Dell / PowerProtect Data Domain
|
<7.13.1.10 | ||
|
Dell PowerProtect Data Domain <8.1.0.0
Dell / PowerProtect Data Domain
|
<8.1.0.0 |
Affected products
Known affected
8 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Dell PowerProtect Data Domain Management Center
Dell
|
cpe:/a:dell:powerprotect_data_domain_management_center:-
|
— | |
|
Dell PowerProtect Data Domain
Dell / PowerProtect Data Domain
|
cpe:/a:dell:powerprotect_data_domain:-
|
— | |
|
Dell PowerProtect Data Domain OS
Dell
|
cpe:/o:dell:powerprotect_data_domain_os:-
|
— | |
|
SUSE Linux
SUSE
|
cpe:/o:suse:suse_linux:-
|
— | |
|
Dell PowerProtect Data Domain <7.7.5.50
Dell / PowerProtect Data Domain
|
<7.7.5.50 | ||
|
Dell PowerProtect Data Domain <7.10.1.40
Dell / PowerProtect Data Domain
|
<7.10.1.40 | ||
|
Dell PowerProtect Data Domain <7.13.1.10
Dell / PowerProtect Data Domain
|
<7.13.1.10 | ||
|
Dell PowerProtect Data Domain <8.1.0.0
Dell / PowerProtect Data Domain
|
<8.1.0.0 |
Affected products
Known affected
8 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Dell PowerProtect Data Domain Management Center
Dell
|
cpe:/a:dell:powerprotect_data_domain_management_center:-
|
— | |
|
Dell PowerProtect Data Domain
Dell / PowerProtect Data Domain
|
cpe:/a:dell:powerprotect_data_domain:-
|
— | |
|
Dell PowerProtect Data Domain OS
Dell
|
cpe:/o:dell:powerprotect_data_domain_os:-
|
— | |
|
SUSE Linux
SUSE
|
cpe:/o:suse:suse_linux:-
|
— | |
|
Dell PowerProtect Data Domain <7.7.5.50
Dell / PowerProtect Data Domain
|
<7.7.5.50 | ||
|
Dell PowerProtect Data Domain <7.10.1.40
Dell / PowerProtect Data Domain
|
<7.10.1.40 | ||
|
Dell PowerProtect Data Domain <7.13.1.10
Dell / PowerProtect Data Domain
|
<7.13.1.10 | ||
|
Dell PowerProtect Data Domain <8.1.0.0
Dell / PowerProtect Data Domain
|
<8.1.0.0 |
Affected products
Known affected
8 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Dell PowerProtect Data Domain Management Center
Dell
|
cpe:/a:dell:powerprotect_data_domain_management_center:-
|
— | |
|
Dell PowerProtect Data Domain
Dell / PowerProtect Data Domain
|
cpe:/a:dell:powerprotect_data_domain:-
|
— | |
|
Dell PowerProtect Data Domain OS
Dell
|
cpe:/o:dell:powerprotect_data_domain_os:-
|
— | |
|
SUSE Linux
SUSE
|
cpe:/o:suse:suse_linux:-
|
— | |
|
Dell PowerProtect Data Domain <7.7.5.50
Dell / PowerProtect Data Domain
|
<7.7.5.50 | ||
|
Dell PowerProtect Data Domain <7.10.1.40
Dell / PowerProtect Data Domain
|
<7.10.1.40 | ||
|
Dell PowerProtect Data Domain <7.13.1.10
Dell / PowerProtect Data Domain
|
<7.13.1.10 | ||
|
Dell PowerProtect Data Domain <8.1.0.0
Dell / PowerProtect Data Domain
|
<8.1.0.0 |
Affected products
Known affected
8 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Dell PowerProtect Data Domain Management Center
Dell
|
cpe:/a:dell:powerprotect_data_domain_management_center:-
|
— | |
|
Dell PowerProtect Data Domain
Dell / PowerProtect Data Domain
|
cpe:/a:dell:powerprotect_data_domain:-
|
— | |
|
Dell PowerProtect Data Domain OS
Dell
|
cpe:/o:dell:powerprotect_data_domain_os:-
|
— | |
|
SUSE Linux
SUSE
|
cpe:/o:suse:suse_linux:-
|
— | |
|
Dell PowerProtect Data Domain <7.7.5.50
Dell / PowerProtect Data Domain
|
<7.7.5.50 | ||
|
Dell PowerProtect Data Domain <7.10.1.40
Dell / PowerProtect Data Domain
|
<7.10.1.40 | ||
|
Dell PowerProtect Data Domain <7.13.1.10
Dell / PowerProtect Data Domain
|
<7.13.1.10 | ||
|
Dell PowerProtect Data Domain <8.1.0.0
Dell / PowerProtect Data Domain
|
<8.1.0.0 |
Affected products
Known affected
8 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Dell PowerProtect Data Domain Management Center
Dell
|
cpe:/a:dell:powerprotect_data_domain_management_center:-
|
— | |
|
Dell PowerProtect Data Domain
Dell / PowerProtect Data Domain
|
cpe:/a:dell:powerprotect_data_domain:-
|
— | |
|
Dell PowerProtect Data Domain OS
Dell
|
cpe:/o:dell:powerprotect_data_domain_os:-
|
— | |
|
SUSE Linux
SUSE
|
cpe:/o:suse:suse_linux:-
|
— | |
|
Dell PowerProtect Data Domain <7.7.5.50
Dell / PowerProtect Data Domain
|
<7.7.5.50 | ||
|
Dell PowerProtect Data Domain <7.10.1.40
Dell / PowerProtect Data Domain
|
<7.10.1.40 | ||
|
Dell PowerProtect Data Domain <7.13.1.10
Dell / PowerProtect Data Domain
|
<7.13.1.10 | ||
|
Dell PowerProtect Data Domain <8.1.0.0
Dell / PowerProtect Data Domain
|
<8.1.0.0 |
Affected products
Known affected
8 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Dell PowerProtect Data Domain Management Center
Dell
|
cpe:/a:dell:powerprotect_data_domain_management_center:-
|
— | |
|
Dell PowerProtect Data Domain
Dell / PowerProtect Data Domain
|
cpe:/a:dell:powerprotect_data_domain:-
|
— | |
|
Dell PowerProtect Data Domain OS
Dell
|
cpe:/o:dell:powerprotect_data_domain_os:-
|
— | |
|
SUSE Linux
SUSE
|
cpe:/o:suse:suse_linux:-
|
— | |
|
Dell PowerProtect Data Domain <7.7.5.50
Dell / PowerProtect Data Domain
|
<7.7.5.50 | ||
|
Dell PowerProtect Data Domain <7.10.1.40
Dell / PowerProtect Data Domain
|
<7.10.1.40 | ||
|
Dell PowerProtect Data Domain <7.13.1.10
Dell / PowerProtect Data Domain
|
<7.13.1.10 | ||
|
Dell PowerProtect Data Domain <8.1.0.0
Dell / PowerProtect Data Domain
|
<8.1.0.0 |
Affected products
Known affected
8 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Dell PowerProtect Data Domain Management Center
Dell
|
cpe:/a:dell:powerprotect_data_domain_management_center:-
|
— | |
|
Dell PowerProtect Data Domain
Dell / PowerProtect Data Domain
|
cpe:/a:dell:powerprotect_data_domain:-
|
— | |
|
Dell PowerProtect Data Domain OS
Dell
|
cpe:/o:dell:powerprotect_data_domain_os:-
|
— | |
|
SUSE Linux
SUSE
|
cpe:/o:suse:suse_linux:-
|
— | |
|
Dell PowerProtect Data Domain <7.7.5.50
Dell / PowerProtect Data Domain
|
<7.7.5.50 | ||
|
Dell PowerProtect Data Domain <7.10.1.40
Dell / PowerProtect Data Domain
|
<7.10.1.40 | ||
|
Dell PowerProtect Data Domain <7.13.1.10
Dell / PowerProtect Data Domain
|
<7.13.1.10 | ||
|
Dell PowerProtect Data Domain <8.1.0.0
Dell / PowerProtect Data Domain
|
<8.1.0.0 |
Affected products
Known affected
8 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Dell PowerProtect Data Domain Management Center
Dell
|
cpe:/a:dell:powerprotect_data_domain_management_center:-
|
— | |
|
Dell PowerProtect Data Domain
Dell / PowerProtect Data Domain
|
cpe:/a:dell:powerprotect_data_domain:-
|
— | |
|
Dell PowerProtect Data Domain OS
Dell
|
cpe:/o:dell:powerprotect_data_domain_os:-
|
— | |
|
SUSE Linux
SUSE
|
cpe:/o:suse:suse_linux:-
|
— | |
|
Dell PowerProtect Data Domain <7.7.5.50
Dell / PowerProtect Data Domain
|
<7.7.5.50 | ||
|
Dell PowerProtect Data Domain <7.10.1.40
Dell / PowerProtect Data Domain
|
<7.10.1.40 | ||
|
Dell PowerProtect Data Domain <7.13.1.10
Dell / PowerProtect Data Domain
|
<7.13.1.10 | ||
|
Dell PowerProtect Data Domain <8.1.0.0
Dell / PowerProtect Data Domain
|
<8.1.0.0 |
Affected products
Known affected
8 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Dell PowerProtect Data Domain Management Center
Dell
|
cpe:/a:dell:powerprotect_data_domain_management_center:-
|
— | |
|
Dell PowerProtect Data Domain
Dell / PowerProtect Data Domain
|
cpe:/a:dell:powerprotect_data_domain:-
|
— | |
|
Dell PowerProtect Data Domain OS
Dell
|
cpe:/o:dell:powerprotect_data_domain_os:-
|
— | |
|
SUSE Linux
SUSE
|
cpe:/o:suse:suse_linux:-
|
— | |
|
Dell PowerProtect Data Domain <7.7.5.50
Dell / PowerProtect Data Domain
|
<7.7.5.50 | ||
|
Dell PowerProtect Data Domain <7.10.1.40
Dell / PowerProtect Data Domain
|
<7.10.1.40 | ||
|
Dell PowerProtect Data Domain <7.13.1.10
Dell / PowerProtect Data Domain
|
<7.13.1.10 | ||
|
Dell PowerProtect Data Domain <8.1.0.0
Dell / PowerProtect Data Domain
|
<8.1.0.0 |
Affected products
Known affected
8 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Dell PowerProtect Data Domain Management Center
Dell
|
cpe:/a:dell:powerprotect_data_domain_management_center:-
|
— | |
|
Dell PowerProtect Data Domain
Dell / PowerProtect Data Domain
|
cpe:/a:dell:powerprotect_data_domain:-
|
— | |
|
Dell PowerProtect Data Domain OS
Dell
|
cpe:/o:dell:powerprotect_data_domain_os:-
|
— | |
|
SUSE Linux
SUSE
|
cpe:/o:suse:suse_linux:-
|
— | |
|
Dell PowerProtect Data Domain <7.7.5.50
Dell / PowerProtect Data Domain
|
<7.7.5.50 | ||
|
Dell PowerProtect Data Domain <7.10.1.40
Dell / PowerProtect Data Domain
|
<7.10.1.40 | ||
|
Dell PowerProtect Data Domain <7.13.1.10
Dell / PowerProtect Data Domain
|
<7.13.1.10 | ||
|
Dell PowerProtect Data Domain <8.1.0.0
Dell / PowerProtect Data Domain
|
<8.1.0.0 |
Affected products
Known affected
8 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Dell PowerProtect Data Domain Management Center
Dell
|
cpe:/a:dell:powerprotect_data_domain_management_center:-
|
— | |
|
Dell PowerProtect Data Domain
Dell / PowerProtect Data Domain
|
cpe:/a:dell:powerprotect_data_domain:-
|
— | |
|
Dell PowerProtect Data Domain OS
Dell
|
cpe:/o:dell:powerprotect_data_domain_os:-
|
— | |
|
SUSE Linux
SUSE
|
cpe:/o:suse:suse_linux:-
|
— | |
|
Dell PowerProtect Data Domain <7.7.5.50
Dell / PowerProtect Data Domain
|
<7.7.5.50 | ||
|
Dell PowerProtect Data Domain <7.10.1.40
Dell / PowerProtect Data Domain
|
<7.10.1.40 | ||
|
Dell PowerProtect Data Domain <7.13.1.10
Dell / PowerProtect Data Domain
|
<7.13.1.10 | ||
|
Dell PowerProtect Data Domain <8.1.0.0
Dell / PowerProtect Data Domain
|
<8.1.0.0 |
Affected products
Known affected
8 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Dell PowerProtect Data Domain Management Center
Dell
|
cpe:/a:dell:powerprotect_data_domain_management_center:-
|
— | |
|
Dell PowerProtect Data Domain
Dell / PowerProtect Data Domain
|
cpe:/a:dell:powerprotect_data_domain:-
|
— | |
|
Dell PowerProtect Data Domain OS
Dell
|
cpe:/o:dell:powerprotect_data_domain_os:-
|
— | |
|
SUSE Linux
SUSE
|
cpe:/o:suse:suse_linux:-
|
— | |
|
Dell PowerProtect Data Domain <7.7.5.50
Dell / PowerProtect Data Domain
|
<7.7.5.50 | ||
|
Dell PowerProtect Data Domain <7.10.1.40
Dell / PowerProtect Data Domain
|
<7.10.1.40 | ||
|
Dell PowerProtect Data Domain <7.13.1.10
Dell / PowerProtect Data Domain
|
<7.13.1.10 | ||
|
Dell PowerProtect Data Domain <8.1.0.0
Dell / PowerProtect Data Domain
|
<8.1.0.0 |
Affected products
Known affected
8 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Dell PowerProtect Data Domain Management Center
Dell
|
cpe:/a:dell:powerprotect_data_domain_management_center:-
|
— | |
|
Dell PowerProtect Data Domain
Dell / PowerProtect Data Domain
|
cpe:/a:dell:powerprotect_data_domain:-
|
— | |
|
Dell PowerProtect Data Domain OS
Dell
|
cpe:/o:dell:powerprotect_data_domain_os:-
|
— | |
|
SUSE Linux
SUSE
|
cpe:/o:suse:suse_linux:-
|
— | |
|
Dell PowerProtect Data Domain <7.7.5.50
Dell / PowerProtect Data Domain
|
<7.7.5.50 | ||
|
Dell PowerProtect Data Domain <7.10.1.40
Dell / PowerProtect Data Domain
|
<7.10.1.40 | ||
|
Dell PowerProtect Data Domain <7.13.1.10
Dell / PowerProtect Data Domain
|
<7.13.1.10 | ||
|
Dell PowerProtect Data Domain <8.1.0.0
Dell / PowerProtect Data Domain
|
<8.1.0.0 |
Affected products
Known affected
8 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Dell PowerProtect Data Domain Management Center
Dell
|
cpe:/a:dell:powerprotect_data_domain_management_center:-
|
— | |
|
Dell PowerProtect Data Domain
Dell / PowerProtect Data Domain
|
cpe:/a:dell:powerprotect_data_domain:-
|
— | |
|
Dell PowerProtect Data Domain OS
Dell
|
cpe:/o:dell:powerprotect_data_domain_os:-
|
— | |
|
SUSE Linux
SUSE
|
cpe:/o:suse:suse_linux:-
|
— | |
|
Dell PowerProtect Data Domain <7.7.5.50
Dell / PowerProtect Data Domain
|
<7.7.5.50 | ||
|
Dell PowerProtect Data Domain <7.10.1.40
Dell / PowerProtect Data Domain
|
<7.10.1.40 | ||
|
Dell PowerProtect Data Domain <7.13.1.10
Dell / PowerProtect Data Domain
|
<7.13.1.10 | ||
|
Dell PowerProtect Data Domain <8.1.0.0
Dell / PowerProtect Data Domain
|
<8.1.0.0 |
Affected products
Known affected
8 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Dell PowerProtect Data Domain Management Center
Dell
|
cpe:/a:dell:powerprotect_data_domain_management_center:-
|
— | |
|
Dell PowerProtect Data Domain
Dell / PowerProtect Data Domain
|
cpe:/a:dell:powerprotect_data_domain:-
|
— | |
|
Dell PowerProtect Data Domain OS
Dell
|
cpe:/o:dell:powerprotect_data_domain_os:-
|
— | |
|
SUSE Linux
SUSE
|
cpe:/o:suse:suse_linux:-
|
— | |
|
Dell PowerProtect Data Domain <7.7.5.50
Dell / PowerProtect Data Domain
|
<7.7.5.50 | ||
|
Dell PowerProtect Data Domain <7.10.1.40
Dell / PowerProtect Data Domain
|
<7.10.1.40 | ||
|
Dell PowerProtect Data Domain <7.13.1.10
Dell / PowerProtect Data Domain
|
<7.13.1.10 | ||
|
Dell PowerProtect Data Domain <8.1.0.0
Dell / PowerProtect Data Domain
|
<8.1.0.0 |
Affected products
Known affected
8 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Dell PowerProtect Data Domain Management Center
Dell
|
cpe:/a:dell:powerprotect_data_domain_management_center:-
|
— | |
|
Dell PowerProtect Data Domain
Dell / PowerProtect Data Domain
|
cpe:/a:dell:powerprotect_data_domain:-
|
— | |
|
Dell PowerProtect Data Domain OS
Dell
|
cpe:/o:dell:powerprotect_data_domain_os:-
|
— | |
|
SUSE Linux
SUSE
|
cpe:/o:suse:suse_linux:-
|
— | |
|
Dell PowerProtect Data Domain <7.7.5.50
Dell / PowerProtect Data Domain
|
<7.7.5.50 | ||
|
Dell PowerProtect Data Domain <7.10.1.40
Dell / PowerProtect Data Domain
|
<7.10.1.40 | ||
|
Dell PowerProtect Data Domain <7.13.1.10
Dell / PowerProtect Data Domain
|
<7.13.1.10 | ||
|
Dell PowerProtect Data Domain <8.1.0.0
Dell / PowerProtect Data Domain
|
<8.1.0.0 |
Affected products
Known affected
8 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Dell PowerProtect Data Domain Management Center
Dell
|
cpe:/a:dell:powerprotect_data_domain_management_center:-
|
— | |
|
Dell PowerProtect Data Domain
Dell / PowerProtect Data Domain
|
cpe:/a:dell:powerprotect_data_domain:-
|
— | |
|
Dell PowerProtect Data Domain OS
Dell
|
cpe:/o:dell:powerprotect_data_domain_os:-
|
— | |
|
SUSE Linux
SUSE
|
cpe:/o:suse:suse_linux:-
|
— | |
|
Dell PowerProtect Data Domain <7.7.5.50
Dell / PowerProtect Data Domain
|
<7.7.5.50 | ||
|
Dell PowerProtect Data Domain <7.10.1.40
Dell / PowerProtect Data Domain
|
<7.10.1.40 | ||
|
Dell PowerProtect Data Domain <7.13.1.10
Dell / PowerProtect Data Domain
|
<7.13.1.10 | ||
|
Dell PowerProtect Data Domain <8.1.0.0
Dell / PowerProtect Data Domain
|
<8.1.0.0 |
Affected products
Known affected
8 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Dell PowerProtect Data Domain Management Center
Dell
|
cpe:/a:dell:powerprotect_data_domain_management_center:-
|
— | |
|
Dell PowerProtect Data Domain
Dell / PowerProtect Data Domain
|
cpe:/a:dell:powerprotect_data_domain:-
|
— | |
|
Dell PowerProtect Data Domain OS
Dell
|
cpe:/o:dell:powerprotect_data_domain_os:-
|
— | |
|
SUSE Linux
SUSE
|
cpe:/o:suse:suse_linux:-
|
— | |
|
Dell PowerProtect Data Domain <7.7.5.50
Dell / PowerProtect Data Domain
|
<7.7.5.50 | ||
|
Dell PowerProtect Data Domain <7.10.1.40
Dell / PowerProtect Data Domain
|
<7.10.1.40 | ||
|
Dell PowerProtect Data Domain <7.13.1.10
Dell / PowerProtect Data Domain
|
<7.13.1.10 | ||
|
Dell PowerProtect Data Domain <8.1.0.0
Dell / PowerProtect Data Domain
|
<8.1.0.0 |
Affected products
Known affected
8 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Dell PowerProtect Data Domain Management Center
Dell
|
cpe:/a:dell:powerprotect_data_domain_management_center:-
|
— | |
|
Dell PowerProtect Data Domain
Dell / PowerProtect Data Domain
|
cpe:/a:dell:powerprotect_data_domain:-
|
— | |
|
Dell PowerProtect Data Domain OS
Dell
|
cpe:/o:dell:powerprotect_data_domain_os:-
|
— | |
|
SUSE Linux
SUSE
|
cpe:/o:suse:suse_linux:-
|
— | |
|
Dell PowerProtect Data Domain <7.7.5.50
Dell / PowerProtect Data Domain
|
<7.7.5.50 | ||
|
Dell PowerProtect Data Domain <7.10.1.40
Dell / PowerProtect Data Domain
|
<7.10.1.40 | ||
|
Dell PowerProtect Data Domain <7.13.1.10
Dell / PowerProtect Data Domain
|
<7.13.1.10 | ||
|
Dell PowerProtect Data Domain <8.1.0.0
Dell / PowerProtect Data Domain
|
<8.1.0.0 |
Affected products
Known affected
8 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Dell PowerProtect Data Domain Management Center
Dell
|
cpe:/a:dell:powerprotect_data_domain_management_center:-
|
— | |
|
Dell PowerProtect Data Domain
Dell / PowerProtect Data Domain
|
cpe:/a:dell:powerprotect_data_domain:-
|
— | |
|
Dell PowerProtect Data Domain OS
Dell
|
cpe:/o:dell:powerprotect_data_domain_os:-
|
— | |
|
SUSE Linux
SUSE
|
cpe:/o:suse:suse_linux:-
|
— | |
|
Dell PowerProtect Data Domain <7.7.5.50
Dell / PowerProtect Data Domain
|
<7.7.5.50 | ||
|
Dell PowerProtect Data Domain <7.10.1.40
Dell / PowerProtect Data Domain
|
<7.10.1.40 | ||
|
Dell PowerProtect Data Domain <7.13.1.10
Dell / PowerProtect Data Domain
|
<7.13.1.10 | ||
|
Dell PowerProtect Data Domain <8.1.0.0
Dell / PowerProtect Data Domain
|
<8.1.0.0 |
Affected products
Known affected
8 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Dell PowerProtect Data Domain Management Center
Dell
|
cpe:/a:dell:powerprotect_data_domain_management_center:-
|
— | |
|
Dell PowerProtect Data Domain
Dell / PowerProtect Data Domain
|
cpe:/a:dell:powerprotect_data_domain:-
|
— | |
|
Dell PowerProtect Data Domain OS
Dell
|
cpe:/o:dell:powerprotect_data_domain_os:-
|
— | |
|
SUSE Linux
SUSE
|
cpe:/o:suse:suse_linux:-
|
— | |
|
Dell PowerProtect Data Domain <7.7.5.50
Dell / PowerProtect Data Domain
|
<7.7.5.50 | ||
|
Dell PowerProtect Data Domain <7.10.1.40
Dell / PowerProtect Data Domain
|
<7.10.1.40 | ||
|
Dell PowerProtect Data Domain <7.13.1.10
Dell / PowerProtect Data Domain
|
<7.13.1.10 | ||
|
Dell PowerProtect Data Domain <8.1.0.0
Dell / PowerProtect Data Domain
|
<8.1.0.0 |
Affected products
Known affected
8 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Dell PowerProtect Data Domain Management Center
Dell
|
cpe:/a:dell:powerprotect_data_domain_management_center:-
|
— | |
|
Dell PowerProtect Data Domain
Dell / PowerProtect Data Domain
|
cpe:/a:dell:powerprotect_data_domain:-
|
— | |
|
Dell PowerProtect Data Domain OS
Dell
|
cpe:/o:dell:powerprotect_data_domain_os:-
|
— | |
|
SUSE Linux
SUSE
|
cpe:/o:suse:suse_linux:-
|
— | |
|
Dell PowerProtect Data Domain <7.7.5.50
Dell / PowerProtect Data Domain
|
<7.7.5.50 | ||
|
Dell PowerProtect Data Domain <7.10.1.40
Dell / PowerProtect Data Domain
|
<7.10.1.40 | ||
|
Dell PowerProtect Data Domain <7.13.1.10
Dell / PowerProtect Data Domain
|
<7.13.1.10 | ||
|
Dell PowerProtect Data Domain <8.1.0.0
Dell / PowerProtect Data Domain
|
<8.1.0.0 |
Affected products
Known affected
8 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Dell PowerProtect Data Domain Management Center
Dell
|
cpe:/a:dell:powerprotect_data_domain_management_center:-
|
— | |
|
Dell PowerProtect Data Domain
Dell / PowerProtect Data Domain
|
cpe:/a:dell:powerprotect_data_domain:-
|
— | |
|
Dell PowerProtect Data Domain OS
Dell
|
cpe:/o:dell:powerprotect_data_domain_os:-
|
— | |
|
SUSE Linux
SUSE
|
cpe:/o:suse:suse_linux:-
|
— | |
|
Dell PowerProtect Data Domain <7.7.5.50
Dell / PowerProtect Data Domain
|
<7.7.5.50 | ||
|
Dell PowerProtect Data Domain <7.10.1.40
Dell / PowerProtect Data Domain
|
<7.10.1.40 | ||
|
Dell PowerProtect Data Domain <7.13.1.10
Dell / PowerProtect Data Domain
|
<7.13.1.10 | ||
|
Dell PowerProtect Data Domain <8.1.0.0
Dell / PowerProtect Data Domain
|
<8.1.0.0 |
Affected products
Known affected
8 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Dell PowerProtect Data Domain Management Center
Dell
|
cpe:/a:dell:powerprotect_data_domain_management_center:-
|
— | |
|
Dell PowerProtect Data Domain
Dell / PowerProtect Data Domain
|
cpe:/a:dell:powerprotect_data_domain:-
|
— | |
|
Dell PowerProtect Data Domain OS
Dell
|
cpe:/o:dell:powerprotect_data_domain_os:-
|
— | |
|
SUSE Linux
SUSE
|
cpe:/o:suse:suse_linux:-
|
— | |
|
Dell PowerProtect Data Domain <7.7.5.50
Dell / PowerProtect Data Domain
|
<7.7.5.50 | ||
|
Dell PowerProtect Data Domain <7.10.1.40
Dell / PowerProtect Data Domain
|
<7.10.1.40 | ||
|
Dell PowerProtect Data Domain <7.13.1.10
Dell / PowerProtect Data Domain
|
<7.13.1.10 | ||
|
Dell PowerProtect Data Domain <8.1.0.0
Dell / PowerProtect Data Domain
|
<8.1.0.0 |
Affected products
Known affected
8 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Dell PowerProtect Data Domain Management Center
Dell
|
cpe:/a:dell:powerprotect_data_domain_management_center:-
|
— | |
|
Dell PowerProtect Data Domain
Dell / PowerProtect Data Domain
|
cpe:/a:dell:powerprotect_data_domain:-
|
— | |
|
Dell PowerProtect Data Domain OS
Dell
|
cpe:/o:dell:powerprotect_data_domain_os:-
|
— | |
|
SUSE Linux
SUSE
|
cpe:/o:suse:suse_linux:-
|
— | |
|
Dell PowerProtect Data Domain <7.7.5.50
Dell / PowerProtect Data Domain
|
<7.7.5.50 | ||
|
Dell PowerProtect Data Domain <7.10.1.40
Dell / PowerProtect Data Domain
|
<7.10.1.40 | ||
|
Dell PowerProtect Data Domain <7.13.1.10
Dell / PowerProtect Data Domain
|
<7.13.1.10 | ||
|
Dell PowerProtect Data Domain <8.1.0.0
Dell / PowerProtect Data Domain
|
<8.1.0.0 |
Affected products
Known affected
8 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Dell PowerProtect Data Domain Management Center
Dell
|
cpe:/a:dell:powerprotect_data_domain_management_center:-
|
— | |
|
Dell PowerProtect Data Domain
Dell / PowerProtect Data Domain
|
cpe:/a:dell:powerprotect_data_domain:-
|
— | |
|
Dell PowerProtect Data Domain OS
Dell
|
cpe:/o:dell:powerprotect_data_domain_os:-
|
— | |
|
SUSE Linux
SUSE
|
cpe:/o:suse:suse_linux:-
|
— | |
|
Dell PowerProtect Data Domain <7.7.5.50
Dell / PowerProtect Data Domain
|
<7.7.5.50 | ||
|
Dell PowerProtect Data Domain <7.10.1.40
Dell / PowerProtect Data Domain
|
<7.10.1.40 | ||
|
Dell PowerProtect Data Domain <7.13.1.10
Dell / PowerProtect Data Domain
|
<7.13.1.10 | ||
|
Dell PowerProtect Data Domain <8.1.0.0
Dell / PowerProtect Data Domain
|
<8.1.0.0 |
Affected products
Known affected
8 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Dell PowerProtect Data Domain Management Center
Dell
|
cpe:/a:dell:powerprotect_data_domain_management_center:-
|
— | |
|
Dell PowerProtect Data Domain
Dell / PowerProtect Data Domain
|
cpe:/a:dell:powerprotect_data_domain:-
|
— | |
|
Dell PowerProtect Data Domain OS
Dell
|
cpe:/o:dell:powerprotect_data_domain_os:-
|
— | |
|
SUSE Linux
SUSE
|
cpe:/o:suse:suse_linux:-
|
— | |
|
Dell PowerProtect Data Domain <7.7.5.50
Dell / PowerProtect Data Domain
|
<7.7.5.50 | ||
|
Dell PowerProtect Data Domain <7.10.1.40
Dell / PowerProtect Data Domain
|
<7.10.1.40 | ||
|
Dell PowerProtect Data Domain <7.13.1.10
Dell / PowerProtect Data Domain
|
<7.13.1.10 | ||
|
Dell PowerProtect Data Domain <8.1.0.0
Dell / PowerProtect Data Domain
|
<8.1.0.0 |
Affected products
Known affected
8 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Dell PowerProtect Data Domain Management Center
Dell
|
cpe:/a:dell:powerprotect_data_domain_management_center:-
|
— | |
|
Dell PowerProtect Data Domain
Dell / PowerProtect Data Domain
|
cpe:/a:dell:powerprotect_data_domain:-
|
— | |
|
Dell PowerProtect Data Domain OS
Dell
|
cpe:/o:dell:powerprotect_data_domain_os:-
|
— | |
|
SUSE Linux
SUSE
|
cpe:/o:suse:suse_linux:-
|
— | |
|
Dell PowerProtect Data Domain <7.7.5.50
Dell / PowerProtect Data Domain
|
<7.7.5.50 | ||
|
Dell PowerProtect Data Domain <7.10.1.40
Dell / PowerProtect Data Domain
|
<7.10.1.40 | ||
|
Dell PowerProtect Data Domain <7.13.1.10
Dell / PowerProtect Data Domain
|
<7.13.1.10 | ||
|
Dell PowerProtect Data Domain <8.1.0.0
Dell / PowerProtect Data Domain
|
<8.1.0.0 |
Affected products
Known affected
8 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Dell PowerProtect Data Domain Management Center
Dell
|
cpe:/a:dell:powerprotect_data_domain_management_center:-
|
— | |
|
Dell PowerProtect Data Domain
Dell / PowerProtect Data Domain
|
cpe:/a:dell:powerprotect_data_domain:-
|
— | |
|
Dell PowerProtect Data Domain OS
Dell
|
cpe:/o:dell:powerprotect_data_domain_os:-
|
— | |
|
SUSE Linux
SUSE
|
cpe:/o:suse:suse_linux:-
|
— | |
|
Dell PowerProtect Data Domain <7.7.5.50
Dell / PowerProtect Data Domain
|
<7.7.5.50 | ||
|
Dell PowerProtect Data Domain <7.10.1.40
Dell / PowerProtect Data Domain
|
<7.10.1.40 | ||
|
Dell PowerProtect Data Domain <7.13.1.10
Dell / PowerProtect Data Domain
|
<7.13.1.10 | ||
|
Dell PowerProtect Data Domain <8.1.0.0
Dell / PowerProtect Data Domain
|
<8.1.0.0 |
Affected products
Known affected
8 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Dell PowerProtect Data Domain Management Center
Dell
|
cpe:/a:dell:powerprotect_data_domain_management_center:-
|
— | |
|
Dell PowerProtect Data Domain
Dell / PowerProtect Data Domain
|
cpe:/a:dell:powerprotect_data_domain:-
|
— | |
|
Dell PowerProtect Data Domain OS
Dell
|
cpe:/o:dell:powerprotect_data_domain_os:-
|
— | |
|
SUSE Linux
SUSE
|
cpe:/o:suse:suse_linux:-
|
— | |
|
Dell PowerProtect Data Domain <7.7.5.50
Dell / PowerProtect Data Domain
|
<7.7.5.50 | ||
|
Dell PowerProtect Data Domain <7.10.1.40
Dell / PowerProtect Data Domain
|
<7.10.1.40 | ||
|
Dell PowerProtect Data Domain <7.13.1.10
Dell / PowerProtect Data Domain
|
<7.13.1.10 | ||
|
Dell PowerProtect Data Domain <8.1.0.0
Dell / PowerProtect Data Domain
|
<8.1.0.0 |
Affected products
Known affected
8 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Dell PowerProtect Data Domain Management Center
Dell
|
cpe:/a:dell:powerprotect_data_domain_management_center:-
|
— | |
|
Dell PowerProtect Data Domain
Dell / PowerProtect Data Domain
|
cpe:/a:dell:powerprotect_data_domain:-
|
— | |
|
Dell PowerProtect Data Domain OS
Dell
|
cpe:/o:dell:powerprotect_data_domain_os:-
|
— | |
|
SUSE Linux
SUSE
|
cpe:/o:suse:suse_linux:-
|
— | |
|
Dell PowerProtect Data Domain <7.7.5.50
Dell / PowerProtect Data Domain
|
<7.7.5.50 | ||
|
Dell PowerProtect Data Domain <7.10.1.40
Dell / PowerProtect Data Domain
|
<7.10.1.40 | ||
|
Dell PowerProtect Data Domain <7.13.1.10
Dell / PowerProtect Data Domain
|
<7.13.1.10 | ||
|
Dell PowerProtect Data Domain <8.1.0.0
Dell / PowerProtect Data Domain
|
<8.1.0.0 |
Affected products
Known affected
8 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Dell PowerProtect Data Domain Management Center
Dell
|
cpe:/a:dell:powerprotect_data_domain_management_center:-
|
— | |
|
Dell PowerProtect Data Domain
Dell / PowerProtect Data Domain
|
cpe:/a:dell:powerprotect_data_domain:-
|
— | |
|
Dell PowerProtect Data Domain OS
Dell
|
cpe:/o:dell:powerprotect_data_domain_os:-
|
— | |
|
SUSE Linux
SUSE
|
cpe:/o:suse:suse_linux:-
|
— | |
|
Dell PowerProtect Data Domain <7.7.5.50
Dell / PowerProtect Data Domain
|
<7.7.5.50 | ||
|
Dell PowerProtect Data Domain <7.10.1.40
Dell / PowerProtect Data Domain
|
<7.10.1.40 | ||
|
Dell PowerProtect Data Domain <7.13.1.10
Dell / PowerProtect Data Domain
|
<7.13.1.10 | ||
|
Dell PowerProtect Data Domain <8.1.0.0
Dell / PowerProtect Data Domain
|
<8.1.0.0 |
Affected products
Known affected
8 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Dell PowerProtect Data Domain Management Center
Dell
|
cpe:/a:dell:powerprotect_data_domain_management_center:-
|
— | |
|
Dell PowerProtect Data Domain
Dell / PowerProtect Data Domain
|
cpe:/a:dell:powerprotect_data_domain:-
|
— | |
|
Dell PowerProtect Data Domain OS
Dell
|
cpe:/o:dell:powerprotect_data_domain_os:-
|
— | |
|
SUSE Linux
SUSE
|
cpe:/o:suse:suse_linux:-
|
— | |
|
Dell PowerProtect Data Domain <7.7.5.50
Dell / PowerProtect Data Domain
|
<7.7.5.50 | ||
|
Dell PowerProtect Data Domain <7.10.1.40
Dell / PowerProtect Data Domain
|
<7.10.1.40 | ||
|
Dell PowerProtect Data Domain <7.13.1.10
Dell / PowerProtect Data Domain
|
<7.13.1.10 | ||
|
Dell PowerProtect Data Domain <8.1.0.0
Dell / PowerProtect Data Domain
|
<8.1.0.0 |
Affected products
Known affected
8 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Dell PowerProtect Data Domain Management Center
Dell
|
cpe:/a:dell:powerprotect_data_domain_management_center:-
|
— | |
|
Dell PowerProtect Data Domain
Dell / PowerProtect Data Domain
|
cpe:/a:dell:powerprotect_data_domain:-
|
— | |
|
Dell PowerProtect Data Domain OS
Dell
|
cpe:/o:dell:powerprotect_data_domain_os:-
|
— | |
|
SUSE Linux
SUSE
|
cpe:/o:suse:suse_linux:-
|
— | |
|
Dell PowerProtect Data Domain <7.7.5.50
Dell / PowerProtect Data Domain
|
<7.7.5.50 | ||
|
Dell PowerProtect Data Domain <7.10.1.40
Dell / PowerProtect Data Domain
|
<7.10.1.40 | ||
|
Dell PowerProtect Data Domain <7.13.1.10
Dell / PowerProtect Data Domain
|
<7.13.1.10 | ||
|
Dell PowerProtect Data Domain <8.1.0.0
Dell / PowerProtect Data Domain
|
<8.1.0.0 |
Affected products
Known affected
8 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Dell PowerProtect Data Domain Management Center
Dell
|
cpe:/a:dell:powerprotect_data_domain_management_center:-
|
— | |
|
Dell PowerProtect Data Domain
Dell / PowerProtect Data Domain
|
cpe:/a:dell:powerprotect_data_domain:-
|
— | |
|
Dell PowerProtect Data Domain OS
Dell
|
cpe:/o:dell:powerprotect_data_domain_os:-
|
— | |
|
SUSE Linux
SUSE
|
cpe:/o:suse:suse_linux:-
|
— | |
|
Dell PowerProtect Data Domain <7.7.5.50
Dell / PowerProtect Data Domain
|
<7.7.5.50 | ||
|
Dell PowerProtect Data Domain <7.10.1.40
Dell / PowerProtect Data Domain
|
<7.10.1.40 | ||
|
Dell PowerProtect Data Domain <7.13.1.10
Dell / PowerProtect Data Domain
|
<7.13.1.10 | ||
|
Dell PowerProtect Data Domain <8.1.0.0
Dell / PowerProtect Data Domain
|
<8.1.0.0 |
Affected products
Known affected
8 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Dell PowerProtect Data Domain Management Center
Dell
|
cpe:/a:dell:powerprotect_data_domain_management_center:-
|
— | |
|
Dell PowerProtect Data Domain
Dell / PowerProtect Data Domain
|
cpe:/a:dell:powerprotect_data_domain:-
|
— | |
|
Dell PowerProtect Data Domain OS
Dell
|
cpe:/o:dell:powerprotect_data_domain_os:-
|
— | |
|
SUSE Linux
SUSE
|
cpe:/o:suse:suse_linux:-
|
— | |
|
Dell PowerProtect Data Domain <7.7.5.50
Dell / PowerProtect Data Domain
|
<7.7.5.50 | ||
|
Dell PowerProtect Data Domain <7.10.1.40
Dell / PowerProtect Data Domain
|
<7.10.1.40 | ||
|
Dell PowerProtect Data Domain <7.13.1.10
Dell / PowerProtect Data Domain
|
<7.13.1.10 | ||
|
Dell PowerProtect Data Domain <8.1.0.0
Dell / PowerProtect Data Domain
|
<8.1.0.0 |
Affected products
Known affected
8 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Dell PowerProtect Data Domain Management Center
Dell
|
cpe:/a:dell:powerprotect_data_domain_management_center:-
|
— | |
|
Dell PowerProtect Data Domain
Dell / PowerProtect Data Domain
|
cpe:/a:dell:powerprotect_data_domain:-
|
— | |
|
Dell PowerProtect Data Domain OS
Dell
|
cpe:/o:dell:powerprotect_data_domain_os:-
|
— | |
|
SUSE Linux
SUSE
|
cpe:/o:suse:suse_linux:-
|
— | |
|
Dell PowerProtect Data Domain <7.7.5.50
Dell / PowerProtect Data Domain
|
<7.7.5.50 | ||
|
Dell PowerProtect Data Domain <7.10.1.40
Dell / PowerProtect Data Domain
|
<7.10.1.40 | ||
|
Dell PowerProtect Data Domain <7.13.1.10
Dell / PowerProtect Data Domain
|
<7.13.1.10 | ||
|
Dell PowerProtect Data Domain <8.1.0.0
Dell / PowerProtect Data Domain
|
<8.1.0.0 |
Affected products
Known affected
8 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Dell PowerProtect Data Domain Management Center
Dell
|
cpe:/a:dell:powerprotect_data_domain_management_center:-
|
— | |
|
Dell PowerProtect Data Domain
Dell / PowerProtect Data Domain
|
cpe:/a:dell:powerprotect_data_domain:-
|
— | |
|
Dell PowerProtect Data Domain OS
Dell
|
cpe:/o:dell:powerprotect_data_domain_os:-
|
— | |
|
SUSE Linux
SUSE
|
cpe:/o:suse:suse_linux:-
|
— | |
|
Dell PowerProtect Data Domain <7.7.5.50
Dell / PowerProtect Data Domain
|
<7.7.5.50 | ||
|
Dell PowerProtect Data Domain <7.10.1.40
Dell / PowerProtect Data Domain
|
<7.10.1.40 | ||
|
Dell PowerProtect Data Domain <7.13.1.10
Dell / PowerProtect Data Domain
|
<7.13.1.10 | ||
|
Dell PowerProtect Data Domain <8.1.0.0
Dell / PowerProtect Data Domain
|
<8.1.0.0 |
Affected products
Known affected
8 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Dell PowerProtect Data Domain Management Center
Dell
|
cpe:/a:dell:powerprotect_data_domain_management_center:-
|
— | |
|
Dell PowerProtect Data Domain
Dell / PowerProtect Data Domain
|
cpe:/a:dell:powerprotect_data_domain:-
|
— | |
|
Dell PowerProtect Data Domain OS
Dell
|
cpe:/o:dell:powerprotect_data_domain_os:-
|
— | |
|
SUSE Linux
SUSE
|
cpe:/o:suse:suse_linux:-
|
— | |
|
Dell PowerProtect Data Domain <7.7.5.50
Dell / PowerProtect Data Domain
|
<7.7.5.50 | ||
|
Dell PowerProtect Data Domain <7.10.1.40
Dell / PowerProtect Data Domain
|
<7.10.1.40 | ||
|
Dell PowerProtect Data Domain <7.13.1.10
Dell / PowerProtect Data Domain
|
<7.13.1.10 | ||
|
Dell PowerProtect Data Domain <8.1.0.0
Dell / PowerProtect Data Domain
|
<8.1.0.0 |
Affected products
Known affected
8 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Dell PowerProtect Data Domain Management Center
Dell
|
cpe:/a:dell:powerprotect_data_domain_management_center:-
|
— | |
|
Dell PowerProtect Data Domain
Dell / PowerProtect Data Domain
|
cpe:/a:dell:powerprotect_data_domain:-
|
— | |
|
Dell PowerProtect Data Domain OS
Dell
|
cpe:/o:dell:powerprotect_data_domain_os:-
|
— | |
|
SUSE Linux
SUSE
|
cpe:/o:suse:suse_linux:-
|
— | |
|
Dell PowerProtect Data Domain <7.7.5.50
Dell / PowerProtect Data Domain
|
<7.7.5.50 | ||
|
Dell PowerProtect Data Domain <7.10.1.40
Dell / PowerProtect Data Domain
|
<7.10.1.40 | ||
|
Dell PowerProtect Data Domain <7.13.1.10
Dell / PowerProtect Data Domain
|
<7.13.1.10 | ||
|
Dell PowerProtect Data Domain <8.1.0.0
Dell / PowerProtect Data Domain
|
<8.1.0.0 |
Affected products
Known affected
8 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Dell PowerProtect Data Domain Management Center
Dell
|
cpe:/a:dell:powerprotect_data_domain_management_center:-
|
— | |
|
Dell PowerProtect Data Domain
Dell / PowerProtect Data Domain
|
cpe:/a:dell:powerprotect_data_domain:-
|
— | |
|
Dell PowerProtect Data Domain OS
Dell
|
cpe:/o:dell:powerprotect_data_domain_os:-
|
— | |
|
SUSE Linux
SUSE
|
cpe:/o:suse:suse_linux:-
|
— | |
|
Dell PowerProtect Data Domain <7.7.5.50
Dell / PowerProtect Data Domain
|
<7.7.5.50 | ||
|
Dell PowerProtect Data Domain <7.10.1.40
Dell / PowerProtect Data Domain
|
<7.10.1.40 | ||
|
Dell PowerProtect Data Domain <7.13.1.10
Dell / PowerProtect Data Domain
|
<7.13.1.10 | ||
|
Dell PowerProtect Data Domain <8.1.0.0
Dell / PowerProtect Data Domain
|
<8.1.0.0 |
Affected products
Known affected
8 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Dell PowerProtect Data Domain Management Center
Dell
|
cpe:/a:dell:powerprotect_data_domain_management_center:-
|
— | |
|
Dell PowerProtect Data Domain
Dell / PowerProtect Data Domain
|
cpe:/a:dell:powerprotect_data_domain:-
|
— | |
|
Dell PowerProtect Data Domain OS
Dell
|
cpe:/o:dell:powerprotect_data_domain_os:-
|
— | |
|
SUSE Linux
SUSE
|
cpe:/o:suse:suse_linux:-
|
— | |
|
Dell PowerProtect Data Domain <7.7.5.50
Dell / PowerProtect Data Domain
|
<7.7.5.50 | ||
|
Dell PowerProtect Data Domain <7.10.1.40
Dell / PowerProtect Data Domain
|
<7.10.1.40 | ||
|
Dell PowerProtect Data Domain <7.13.1.10
Dell / PowerProtect Data Domain
|
<7.13.1.10 | ||
|
Dell PowerProtect Data Domain <8.1.0.0
Dell / PowerProtect Data Domain
|
<8.1.0.0 |
Affected products
Known affected
8 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Dell PowerProtect Data Domain Management Center
Dell
|
cpe:/a:dell:powerprotect_data_domain_management_center:-
|
— | |
|
Dell PowerProtect Data Domain
Dell / PowerProtect Data Domain
|
cpe:/a:dell:powerprotect_data_domain:-
|
— | |
|
Dell PowerProtect Data Domain OS
Dell
|
cpe:/o:dell:powerprotect_data_domain_os:-
|
— | |
|
SUSE Linux
SUSE
|
cpe:/o:suse:suse_linux:-
|
— | |
|
Dell PowerProtect Data Domain <7.7.5.50
Dell / PowerProtect Data Domain
|
<7.7.5.50 | ||
|
Dell PowerProtect Data Domain <7.10.1.40
Dell / PowerProtect Data Domain
|
<7.10.1.40 | ||
|
Dell PowerProtect Data Domain <7.13.1.10
Dell / PowerProtect Data Domain
|
<7.13.1.10 | ||
|
Dell PowerProtect Data Domain <8.1.0.0
Dell / PowerProtect Data Domain
|
<8.1.0.0 |
Affected products
Known affected
8 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Dell PowerProtect Data Domain Management Center
Dell
|
cpe:/a:dell:powerprotect_data_domain_management_center:-
|
— | |
|
Dell PowerProtect Data Domain
Dell / PowerProtect Data Domain
|
cpe:/a:dell:powerprotect_data_domain:-
|
— | |
|
Dell PowerProtect Data Domain OS
Dell
|
cpe:/o:dell:powerprotect_data_domain_os:-
|
— | |
|
SUSE Linux
SUSE
|
cpe:/o:suse:suse_linux:-
|
— | |
|
Dell PowerProtect Data Domain <7.7.5.50
Dell / PowerProtect Data Domain
|
<7.7.5.50 | ||
|
Dell PowerProtect Data Domain <7.10.1.40
Dell / PowerProtect Data Domain
|
<7.10.1.40 | ||
|
Dell PowerProtect Data Domain <7.13.1.10
Dell / PowerProtect Data Domain
|
<7.13.1.10 | ||
|
Dell PowerProtect Data Domain <8.1.0.0
Dell / PowerProtect Data Domain
|
<8.1.0.0 |
Affected products
Known affected
8 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Dell PowerProtect Data Domain Management Center
Dell
|
cpe:/a:dell:powerprotect_data_domain_management_center:-
|
— | |
|
Dell PowerProtect Data Domain
Dell / PowerProtect Data Domain
|
cpe:/a:dell:powerprotect_data_domain:-
|
— | |
|
Dell PowerProtect Data Domain OS
Dell
|
cpe:/o:dell:powerprotect_data_domain_os:-
|
— | |
|
SUSE Linux
SUSE
|
cpe:/o:suse:suse_linux:-
|
— | |
|
Dell PowerProtect Data Domain <7.7.5.50
Dell / PowerProtect Data Domain
|
<7.7.5.50 | ||
|
Dell PowerProtect Data Domain <7.10.1.40
Dell / PowerProtect Data Domain
|
<7.10.1.40 | ||
|
Dell PowerProtect Data Domain <7.13.1.10
Dell / PowerProtect Data Domain
|
<7.13.1.10 | ||
|
Dell PowerProtect Data Domain <8.1.0.0
Dell / PowerProtect Data Domain
|
<8.1.0.0 |
Affected products
Known affected
8 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Dell PowerProtect Data Domain Management Center
Dell
|
cpe:/a:dell:powerprotect_data_domain_management_center:-
|
— | |
|
Dell PowerProtect Data Domain
Dell / PowerProtect Data Domain
|
cpe:/a:dell:powerprotect_data_domain:-
|
— | |
|
Dell PowerProtect Data Domain OS
Dell
|
cpe:/o:dell:powerprotect_data_domain_os:-
|
— | |
|
SUSE Linux
SUSE
|
cpe:/o:suse:suse_linux:-
|
— | |
|
Dell PowerProtect Data Domain <7.7.5.50
Dell / PowerProtect Data Domain
|
<7.7.5.50 | ||
|
Dell PowerProtect Data Domain <7.10.1.40
Dell / PowerProtect Data Domain
|
<7.10.1.40 | ||
|
Dell PowerProtect Data Domain <7.13.1.10
Dell / PowerProtect Data Domain
|
<7.13.1.10 | ||
|
Dell PowerProtect Data Domain <8.1.0.0
Dell / PowerProtect Data Domain
|
<8.1.0.0 |
Affected products
Known affected
8 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Dell PowerProtect Data Domain Management Center
Dell
|
cpe:/a:dell:powerprotect_data_domain_management_center:-
|
— | |
|
Dell PowerProtect Data Domain
Dell / PowerProtect Data Domain
|
cpe:/a:dell:powerprotect_data_domain:-
|
— | |
|
Dell PowerProtect Data Domain OS
Dell
|
cpe:/o:dell:powerprotect_data_domain_os:-
|
— | |
|
SUSE Linux
SUSE
|
cpe:/o:suse:suse_linux:-
|
— | |
|
Dell PowerProtect Data Domain <7.7.5.50
Dell / PowerProtect Data Domain
|
<7.7.5.50 | ||
|
Dell PowerProtect Data Domain <7.10.1.40
Dell / PowerProtect Data Domain
|
<7.10.1.40 | ||
|
Dell PowerProtect Data Domain <7.13.1.10
Dell / PowerProtect Data Domain
|
<7.13.1.10 | ||
|
Dell PowerProtect Data Domain <8.1.0.0
Dell / PowerProtect Data Domain
|
<8.1.0.0 |
Affected products
Known affected
8 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Dell PowerProtect Data Domain Management Center
Dell
|
cpe:/a:dell:powerprotect_data_domain_management_center:-
|
— | |
|
Dell PowerProtect Data Domain
Dell / PowerProtect Data Domain
|
cpe:/a:dell:powerprotect_data_domain:-
|
— | |
|
Dell PowerProtect Data Domain OS
Dell
|
cpe:/o:dell:powerprotect_data_domain_os:-
|
— | |
|
SUSE Linux
SUSE
|
cpe:/o:suse:suse_linux:-
|
— | |
|
Dell PowerProtect Data Domain <7.7.5.50
Dell / PowerProtect Data Domain
|
<7.7.5.50 | ||
|
Dell PowerProtect Data Domain <7.10.1.40
Dell / PowerProtect Data Domain
|
<7.10.1.40 | ||
|
Dell PowerProtect Data Domain <7.13.1.10
Dell / PowerProtect Data Domain
|
<7.13.1.10 | ||
|
Dell PowerProtect Data Domain <8.1.0.0
Dell / PowerProtect Data Domain
|
<8.1.0.0 |
Affected products
Known affected
8 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Dell PowerProtect Data Domain Management Center
Dell
|
cpe:/a:dell:powerprotect_data_domain_management_center:-
|
— | |
|
Dell PowerProtect Data Domain
Dell / PowerProtect Data Domain
|
cpe:/a:dell:powerprotect_data_domain:-
|
— | |
|
Dell PowerProtect Data Domain OS
Dell
|
cpe:/o:dell:powerprotect_data_domain_os:-
|
— | |
|
SUSE Linux
SUSE
|
cpe:/o:suse:suse_linux:-
|
— | |
|
Dell PowerProtect Data Domain <7.7.5.50
Dell / PowerProtect Data Domain
|
<7.7.5.50 | ||
|
Dell PowerProtect Data Domain <7.10.1.40
Dell / PowerProtect Data Domain
|
<7.10.1.40 | ||
|
Dell PowerProtect Data Domain <7.13.1.10
Dell / PowerProtect Data Domain
|
<7.13.1.10 | ||
|
Dell PowerProtect Data Domain <8.1.0.0
Dell / PowerProtect Data Domain
|
<8.1.0.0 |
Affected products
Known affected
8 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Dell PowerProtect Data Domain Management Center
Dell
|
cpe:/a:dell:powerprotect_data_domain_management_center:-
|
— | |
|
Dell PowerProtect Data Domain
Dell / PowerProtect Data Domain
|
cpe:/a:dell:powerprotect_data_domain:-
|
— | |
|
Dell PowerProtect Data Domain OS
Dell
|
cpe:/o:dell:powerprotect_data_domain_os:-
|
— | |
|
SUSE Linux
SUSE
|
cpe:/o:suse:suse_linux:-
|
— | |
|
Dell PowerProtect Data Domain <7.7.5.50
Dell / PowerProtect Data Domain
|
<7.7.5.50 | ||
|
Dell PowerProtect Data Domain <7.10.1.40
Dell / PowerProtect Data Domain
|
<7.10.1.40 | ||
|
Dell PowerProtect Data Domain <7.13.1.10
Dell / PowerProtect Data Domain
|
<7.13.1.10 | ||
|
Dell PowerProtect Data Domain <8.1.0.0
Dell / PowerProtect Data Domain
|
<8.1.0.0 |
Affected products
Known affected
8 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Dell PowerProtect Data Domain Management Center
Dell
|
cpe:/a:dell:powerprotect_data_domain_management_center:-
|
— | |
|
Dell PowerProtect Data Domain
Dell / PowerProtect Data Domain
|
cpe:/a:dell:powerprotect_data_domain:-
|
— | |
|
Dell PowerProtect Data Domain OS
Dell
|
cpe:/o:dell:powerprotect_data_domain_os:-
|
— | |
|
SUSE Linux
SUSE
|
cpe:/o:suse:suse_linux:-
|
— | |
|
Dell PowerProtect Data Domain <7.7.5.50
Dell / PowerProtect Data Domain
|
<7.7.5.50 | ||
|
Dell PowerProtect Data Domain <7.10.1.40
Dell / PowerProtect Data Domain
|
<7.10.1.40 | ||
|
Dell PowerProtect Data Domain <7.13.1.10
Dell / PowerProtect Data Domain
|
<7.13.1.10 | ||
|
Dell PowerProtect Data Domain <8.1.0.0
Dell / PowerProtect Data Domain
|
<8.1.0.0 |
Affected products
Known affected
8 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Dell PowerProtect Data Domain Management Center
Dell
|
cpe:/a:dell:powerprotect_data_domain_management_center:-
|
— | |
|
Dell PowerProtect Data Domain
Dell / PowerProtect Data Domain
|
cpe:/a:dell:powerprotect_data_domain:-
|
— | |
|
Dell PowerProtect Data Domain OS
Dell
|
cpe:/o:dell:powerprotect_data_domain_os:-
|
— | |
|
SUSE Linux
SUSE
|
cpe:/o:suse:suse_linux:-
|
— | |
|
Dell PowerProtect Data Domain <7.7.5.50
Dell / PowerProtect Data Domain
|
<7.7.5.50 | ||
|
Dell PowerProtect Data Domain <7.10.1.40
Dell / PowerProtect Data Domain
|
<7.10.1.40 | ||
|
Dell PowerProtect Data Domain <7.13.1.10
Dell / PowerProtect Data Domain
|
<7.13.1.10 | ||
|
Dell PowerProtect Data Domain <8.1.0.0
Dell / PowerProtect Data Domain
|
<8.1.0.0 |
Affected products
Known affected
8 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Dell PowerProtect Data Domain Management Center
Dell
|
cpe:/a:dell:powerprotect_data_domain_management_center:-
|
— | |
|
Dell PowerProtect Data Domain
Dell / PowerProtect Data Domain
|
cpe:/a:dell:powerprotect_data_domain:-
|
— | |
|
Dell PowerProtect Data Domain OS
Dell
|
cpe:/o:dell:powerprotect_data_domain_os:-
|
— | |
|
SUSE Linux
SUSE
|
cpe:/o:suse:suse_linux:-
|
— | |
|
Dell PowerProtect Data Domain <7.7.5.50
Dell / PowerProtect Data Domain
|
<7.7.5.50 | ||
|
Dell PowerProtect Data Domain <7.10.1.40
Dell / PowerProtect Data Domain
|
<7.10.1.40 | ||
|
Dell PowerProtect Data Domain <7.13.1.10
Dell / PowerProtect Data Domain
|
<7.13.1.10 | ||
|
Dell PowerProtect Data Domain <8.1.0.0
Dell / PowerProtect Data Domain
|
<8.1.0.0 |
Affected products
Known affected
8 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Dell PowerProtect Data Domain Management Center
Dell
|
cpe:/a:dell:powerprotect_data_domain_management_center:-
|
— | |
|
Dell PowerProtect Data Domain
Dell / PowerProtect Data Domain
|
cpe:/a:dell:powerprotect_data_domain:-
|
— | |
|
Dell PowerProtect Data Domain OS
Dell
|
cpe:/o:dell:powerprotect_data_domain_os:-
|
— | |
|
SUSE Linux
SUSE
|
cpe:/o:suse:suse_linux:-
|
— | |
|
Dell PowerProtect Data Domain <7.7.5.50
Dell / PowerProtect Data Domain
|
<7.7.5.50 | ||
|
Dell PowerProtect Data Domain <7.10.1.40
Dell / PowerProtect Data Domain
|
<7.10.1.40 | ||
|
Dell PowerProtect Data Domain <7.13.1.10
Dell / PowerProtect Data Domain
|
<7.13.1.10 | ||
|
Dell PowerProtect Data Domain <8.1.0.0
Dell / PowerProtect Data Domain
|
<8.1.0.0 |
Affected products
Known affected
8 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Dell PowerProtect Data Domain Management Center
Dell
|
cpe:/a:dell:powerprotect_data_domain_management_center:-
|
— | |
|
Dell PowerProtect Data Domain
Dell / PowerProtect Data Domain
|
cpe:/a:dell:powerprotect_data_domain:-
|
— | |
|
Dell PowerProtect Data Domain OS
Dell
|
cpe:/o:dell:powerprotect_data_domain_os:-
|
— | |
|
SUSE Linux
SUSE
|
cpe:/o:suse:suse_linux:-
|
— | |
|
Dell PowerProtect Data Domain <7.7.5.50
Dell / PowerProtect Data Domain
|
<7.7.5.50 | ||
|
Dell PowerProtect Data Domain <7.10.1.40
Dell / PowerProtect Data Domain
|
<7.10.1.40 | ||
|
Dell PowerProtect Data Domain <7.13.1.10
Dell / PowerProtect Data Domain
|
<7.13.1.10 | ||
|
Dell PowerProtect Data Domain <8.1.0.0
Dell / PowerProtect Data Domain
|
<8.1.0.0 |
Affected products
Known affected
8 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Dell PowerProtect Data Domain Management Center
Dell
|
cpe:/a:dell:powerprotect_data_domain_management_center:-
|
— | |
|
Dell PowerProtect Data Domain
Dell / PowerProtect Data Domain
|
cpe:/a:dell:powerprotect_data_domain:-
|
— | |
|
Dell PowerProtect Data Domain OS
Dell
|
cpe:/o:dell:powerprotect_data_domain_os:-
|
— | |
|
SUSE Linux
SUSE
|
cpe:/o:suse:suse_linux:-
|
— | |
|
Dell PowerProtect Data Domain <7.7.5.50
Dell / PowerProtect Data Domain
|
<7.7.5.50 | ||
|
Dell PowerProtect Data Domain <7.10.1.40
Dell / PowerProtect Data Domain
|
<7.10.1.40 | ||
|
Dell PowerProtect Data Domain <7.13.1.10
Dell / PowerProtect Data Domain
|
<7.13.1.10 | ||
|
Dell PowerProtect Data Domain <8.1.0.0
Dell / PowerProtect Data Domain
|
<8.1.0.0 |
Affected products
Known affected
8 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Dell PowerProtect Data Domain Management Center
Dell
|
cpe:/a:dell:powerprotect_data_domain_management_center:-
|
— | |
|
Dell PowerProtect Data Domain
Dell / PowerProtect Data Domain
|
cpe:/a:dell:powerprotect_data_domain:-
|
— | |
|
Dell PowerProtect Data Domain OS
Dell
|
cpe:/o:dell:powerprotect_data_domain_os:-
|
— | |
|
SUSE Linux
SUSE
|
cpe:/o:suse:suse_linux:-
|
— | |
|
Dell PowerProtect Data Domain <7.7.5.50
Dell / PowerProtect Data Domain
|
<7.7.5.50 | ||
|
Dell PowerProtect Data Domain <7.10.1.40
Dell / PowerProtect Data Domain
|
<7.10.1.40 | ||
|
Dell PowerProtect Data Domain <7.13.1.10
Dell / PowerProtect Data Domain
|
<7.13.1.10 | ||
|
Dell PowerProtect Data Domain <8.1.0.0
Dell / PowerProtect Data Domain
|
<8.1.0.0 |
Affected products
Known affected
8 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Dell PowerProtect Data Domain Management Center
Dell
|
cpe:/a:dell:powerprotect_data_domain_management_center:-
|
— | |
|
Dell PowerProtect Data Domain
Dell / PowerProtect Data Domain
|
cpe:/a:dell:powerprotect_data_domain:-
|
— | |
|
Dell PowerProtect Data Domain OS
Dell
|
cpe:/o:dell:powerprotect_data_domain_os:-
|
— | |
|
SUSE Linux
SUSE
|
cpe:/o:suse:suse_linux:-
|
— | |
|
Dell PowerProtect Data Domain <7.7.5.50
Dell / PowerProtect Data Domain
|
<7.7.5.50 | ||
|
Dell PowerProtect Data Domain <7.10.1.40
Dell / PowerProtect Data Domain
|
<7.10.1.40 | ||
|
Dell PowerProtect Data Domain <7.13.1.10
Dell / PowerProtect Data Domain
|
<7.13.1.10 | ||
|
Dell PowerProtect Data Domain <8.1.0.0
Dell / PowerProtect Data Domain
|
<8.1.0.0 |
Affected products
Known affected
8 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Dell PowerProtect Data Domain Management Center
Dell
|
cpe:/a:dell:powerprotect_data_domain_management_center:-
|
— | |
|
Dell PowerProtect Data Domain
Dell / PowerProtect Data Domain
|
cpe:/a:dell:powerprotect_data_domain:-
|
— | |
|
Dell PowerProtect Data Domain OS
Dell
|
cpe:/o:dell:powerprotect_data_domain_os:-
|
— | |
|
SUSE Linux
SUSE
|
cpe:/o:suse:suse_linux:-
|
— | |
|
Dell PowerProtect Data Domain <7.7.5.50
Dell / PowerProtect Data Domain
|
<7.7.5.50 | ||
|
Dell PowerProtect Data Domain <7.10.1.40
Dell / PowerProtect Data Domain
|
<7.10.1.40 | ||
|
Dell PowerProtect Data Domain <7.13.1.10
Dell / PowerProtect Data Domain
|
<7.13.1.10 | ||
|
Dell PowerProtect Data Domain <8.1.0.0
Dell / PowerProtect Data Domain
|
<8.1.0.0 |
Affected products
Known affected
8 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Dell PowerProtect Data Domain Management Center
Dell
|
cpe:/a:dell:powerprotect_data_domain_management_center:-
|
— | |
|
Dell PowerProtect Data Domain
Dell / PowerProtect Data Domain
|
cpe:/a:dell:powerprotect_data_domain:-
|
— | |
|
Dell PowerProtect Data Domain OS
Dell
|
cpe:/o:dell:powerprotect_data_domain_os:-
|
— | |
|
SUSE Linux
SUSE
|
cpe:/o:suse:suse_linux:-
|
— | |
|
Dell PowerProtect Data Domain <7.7.5.50
Dell / PowerProtect Data Domain
|
<7.7.5.50 | ||
|
Dell PowerProtect Data Domain <7.10.1.40
Dell / PowerProtect Data Domain
|
<7.10.1.40 | ||
|
Dell PowerProtect Data Domain <7.13.1.10
Dell / PowerProtect Data Domain
|
<7.13.1.10 | ||
|
Dell PowerProtect Data Domain <8.1.0.0
Dell / PowerProtect Data Domain
|
<8.1.0.0 |
Affected products
Known affected
8 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Dell PowerProtect Data Domain Management Center
Dell
|
cpe:/a:dell:powerprotect_data_domain_management_center:-
|
— | |
|
Dell PowerProtect Data Domain
Dell / PowerProtect Data Domain
|
cpe:/a:dell:powerprotect_data_domain:-
|
— | |
|
Dell PowerProtect Data Domain OS
Dell
|
cpe:/o:dell:powerprotect_data_domain_os:-
|
— | |
|
SUSE Linux
SUSE
|
cpe:/o:suse:suse_linux:-
|
— | |
|
Dell PowerProtect Data Domain <7.7.5.50
Dell / PowerProtect Data Domain
|
<7.7.5.50 | ||
|
Dell PowerProtect Data Domain <7.10.1.40
Dell / PowerProtect Data Domain
|
<7.10.1.40 | ||
|
Dell PowerProtect Data Domain <7.13.1.10
Dell / PowerProtect Data Domain
|
<7.13.1.10 | ||
|
Dell PowerProtect Data Domain <8.1.0.0
Dell / PowerProtect Data Domain
|
<8.1.0.0 |
References
5 references
{
"document": {
"aggregate_severity": {
"text": "mittel"
},
"category": "csaf_base",
"csaf_version": "2.0",
"distribution": {
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "de-DE",
"notes": [
{
"category": "legal_disclaimer",
"text": "Das BSI ist als Anbieter f\u00fcr die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch daf\u00fcr verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgf\u00e4ltig im Einzelfall zu pr\u00fcfen."
},
{
"category": "description",
"text": "Dell PowerProtect Data Domain Appliances sind speziell f\u00fcr Backup und Daten-Deduplizierung ausgelegte Systeme.",
"title": "Produktbeschreibung"
},
{
"category": "summary",
"text": "Ein lokaler Angreifer kann mehrere Schwachstellen in Dell PowerProtect Data Domain ausnutzen, um seine Privilegien zu erh\u00f6hen, Informationen offenzulegen und um nicht n\u00e4her beschriebene Auswirkungen zu erzielen.",
"title": "Angriff"
},
{
"category": "general",
"text": "- Sonstiges",
"title": "Betroffene Betriebssysteme"
}
],
"publisher": {
"category": "other",
"contact_details": "csaf-provider@cert-bund.de",
"name": "Bundesamt f\u00fcr Sicherheit in der Informationstechnik",
"namespace": "https://www.bsi.bund.de"
},
"references": [
{
"category": "self",
"summary": "WID-SEC-W-2024-3377 - CSAF Version",
"url": "https://wid.cert-bund.de/.well-known/csaf/white/2024/wid-sec-w-2024-3377.json"
},
{
"category": "self",
"summary": "WID-SEC-2024-3377 - Portal Version",
"url": "https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2024-3377"
},
{
"category": "external",
"summary": "Dell Security Update",
"url": "https://www.dell.com/support/kbdoc/de-de/000245360/dsa-2024-424-security-update-for-dell-pdsa-2024-424-security-update-for-dell-powerprotect-dd-vulnerabilityowerprotect-dd-vulnerability"
},
{
"category": "external",
"summary": "Security Update for Dell PowerProtect Data Domain",
"url": "https://www.dell.com/support/kbdoc/en-us/000348708/dsa-2025-159-security-update-for-dell-powerprotect-data-domain-multiple-vulnerabilities"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2025:03545-1 vom 2025-10-13",
"url": "https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/UB7MGNRMXC5LO5Y66FLOE354VVU5ULQK/"
}
],
"source_lang": "en-US",
"title": "Dell PowerProtect Data Domain: Mehrere Schwachstellen",
"tracking": {
"current_release_date": "2025-10-12T22:00:00.000+00:00",
"generator": {
"date": "2025-10-13T09:30:21.853+00:00",
"engine": {
"name": "BSI-WID",
"version": "1.4.0"
}
},
"id": "WID-SEC-W-2024-3377",
"initial_release_date": "2024-11-07T23:00:00.000+00:00",
"revision_history": [
{
"date": "2024-11-07T23:00:00.000+00:00",
"number": "1",
"summary": "Initiale Fassung"
},
{
"date": "2025-08-04T22:00:00.000+00:00",
"number": "2",
"summary": "Neue Updates von Dell aufgenommen"
},
{
"date": "2025-10-12T22:00:00.000+00:00",
"number": "3",
"summary": "Neue Updates von SUSE aufgenommen"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version_range",
"name": "\u003c8.1.0.0",
"product": {
"name": "Dell PowerProtect Data Domain \u003c8.1.0.0",
"product_id": "T038861"
}
},
{
"category": "product_version",
"name": "8.1.0.0",
"product": {
"name": "Dell PowerProtect Data Domain 8.1.0.0",
"product_id": "T038861-fixed",
"product_identification_helper": {
"cpe": "cpe:/a:dell:powerprotect_data_domain:8.1.0.0"
}
}
},
{
"category": "product_version_range",
"name": "\u003c7.13.1.10",
"product": {
"name": "Dell PowerProtect Data Domain \u003c7.13.1.10",
"product_id": "T038862"
}
},
{
"category": "product_version",
"name": "7.13.1.10",
"product": {
"name": "Dell PowerProtect Data Domain 7.13.1.10",
"product_id": "T038862-fixed",
"product_identification_helper": {
"cpe": "cpe:/a:dell:powerprotect_data_domain:7.13.1.10"
}
}
},
{
"category": "product_version_range",
"name": "\u003c7.10.1.40",
"product": {
"name": "Dell PowerProtect Data Domain \u003c7.10.1.40",
"product_id": "T038863"
}
},
{
"category": "product_version",
"name": "7.10.1.40",
"product": {
"name": "Dell PowerProtect Data Domain 7.10.1.40",
"product_id": "T038863-fixed",
"product_identification_helper": {
"cpe": "cpe:/a:dell:powerprotect_data_domain:7.10.1.40"
}
}
},
{
"category": "product_version_range",
"name": "\u003c7.7.5.50",
"product": {
"name": "Dell PowerProtect Data Domain \u003c7.7.5.50",
"product_id": "T038864"
}
},
{
"category": "product_version",
"name": "7.7.5.50",
"product": {
"name": "Dell PowerProtect Data Domain 7.7.5.50",
"product_id": "T038864-fixed",
"product_identification_helper": {
"cpe": "cpe:/a:dell:powerprotect_data_domain:7.7.5.50"
}
}
},
{
"category": "product_name",
"name": "Dell PowerProtect Data Domain",
"product": {
"name": "Dell PowerProtect Data Domain",
"product_id": "T045852",
"product_identification_helper": {
"cpe": "cpe:/a:dell:powerprotect_data_domain:-"
}
}
}
],
"category": "product_name",
"name": "PowerProtect Data Domain"
},
{
"category": "product_name",
"name": "Dell PowerProtect Data Domain Management Center",
"product": {
"name": "Dell PowerProtect Data Domain Management Center",
"product_id": "T045853",
"product_identification_helper": {
"cpe": "cpe:/a:dell:powerprotect_data_domain_management_center:-"
}
}
},
{
"category": "product_name",
"name": "Dell PowerProtect Data Domain OS",
"product": {
"name": "Dell PowerProtect Data Domain OS",
"product_id": "T045854",
"product_identification_helper": {
"cpe": "cpe:/o:dell:powerprotect_data_domain_os:-"
}
}
}
],
"category": "vendor",
"name": "Dell"
},
{
"branches": [
{
"category": "product_name",
"name": "SUSE Linux",
"product": {
"name": "SUSE Linux",
"product_id": "T002207",
"product_identification_helper": {
"cpe": "cpe:/o:suse:suse_linux:-"
}
}
}
],
"category": "vendor",
"name": "SUSE"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2024-45759",
"product_status": {
"known_affected": [
"T045853",
"T045852",
"T045854",
"T002207",
"T038864",
"T038863",
"T038862",
"T038861"
]
},
"release_date": "2024-11-07T23:00:00.000+00:00",
"title": "CVE-2024-45759"
},
{
"cve": "CVE-2024-48010",
"product_status": {
"known_affected": [
"T045853",
"T045852",
"T045854",
"T002207",
"T038864",
"T038863",
"T038862",
"T038861"
]
},
"release_date": "2024-11-07T23:00:00.000+00:00",
"title": "CVE-2024-48010"
},
{
"cve": "CVE-2024-48011",
"product_status": {
"known_affected": [
"T045853",
"T045852",
"T045854",
"T002207",
"T038864",
"T038863",
"T038862",
"T038861"
]
},
"release_date": "2024-11-07T23:00:00.000+00:00",
"title": "CVE-2024-48011"
},
{
"cve": "CVE-2017-16829",
"product_status": {
"known_affected": [
"T045853",
"T045852",
"T045854",
"T002207",
"T038864",
"T038863",
"T038862",
"T038861"
]
},
"release_date": "2024-11-07T23:00:00.000+00:00",
"title": "CVE-2017-16829"
},
{
"cve": "CVE-2017-5849",
"product_status": {
"known_affected": [
"T045853",
"T045852",
"T045854",
"T002207",
"T038864",
"T038863",
"T038862",
"T038861"
]
},
"release_date": "2024-11-07T23:00:00.000+00:00",
"title": "CVE-2017-5849"
},
{
"cve": "CVE-2018-7208",
"product_status": {
"known_affected": [
"T045853",
"T045852",
"T045854",
"T002207",
"T038864",
"T038863",
"T038862",
"T038861"
]
},
"release_date": "2024-11-07T23:00:00.000+00:00",
"title": "CVE-2018-7208"
},
{
"cve": "CVE-2019-14889",
"product_status": {
"known_affected": [
"T045853",
"T045852",
"T045854",
"T002207",
"T038864",
"T038863",
"T038862",
"T038861"
]
},
"release_date": "2024-11-07T23:00:00.000+00:00",
"title": "CVE-2019-14889"
},
{
"cve": "CVE-2020-12912",
"product_status": {
"known_affected": [
"T045853",
"T045852",
"T045854",
"T002207",
"T038864",
"T038863",
"T038862",
"T038861"
]
},
"release_date": "2024-11-07T23:00:00.000+00:00",
"title": "CVE-2020-12912"
},
{
"cve": "CVE-2020-16135",
"product_status": {
"known_affected": [
"T045853",
"T045852",
"T045854",
"T002207",
"T038864",
"T038863",
"T038862",
"T038861"
]
},
"release_date": "2024-11-07T23:00:00.000+00:00",
"title": "CVE-2020-16135"
},
{
"cve": "CVE-2020-1730",
"product_status": {
"known_affected": [
"T045853",
"T045852",
"T045854",
"T002207",
"T038864",
"T038863",
"T038862",
"T038861"
]
},
"release_date": "2024-11-07T23:00:00.000+00:00",
"title": "CVE-2020-1730"
},
{
"cve": "CVE-2020-24455",
"product_status": {
"known_affected": [
"T045853",
"T045852",
"T045854",
"T002207",
"T038864",
"T038863",
"T038862",
"T038861"
]
},
"release_date": "2024-11-07T23:00:00.000+00:00",
"title": "CVE-2020-24455"
},
{
"cve": "CVE-2020-8694",
"product_status": {
"known_affected": [
"T045853",
"T045852",
"T045854",
"T002207",
"T038864",
"T038863",
"T038862",
"T038861"
]
},
"release_date": "2024-11-07T23:00:00.000+00:00",
"title": "CVE-2020-8694"
},
{
"cve": "CVE-2020-8695",
"product_status": {
"known_affected": [
"T045853",
"T045852",
"T045854",
"T002207",
"T038864",
"T038863",
"T038862",
"T038861"
]
},
"release_date": "2024-11-07T23:00:00.000+00:00",
"title": "CVE-2020-8695"
},
{
"cve": "CVE-2021-27219",
"product_status": {
"known_affected": [
"T045853",
"T045852",
"T045854",
"T002207",
"T038864",
"T038863",
"T038862",
"T038861"
]
},
"release_date": "2024-11-07T23:00:00.000+00:00",
"title": "CVE-2021-27219"
},
{
"cve": "CVE-2021-3565",
"product_status": {
"known_affected": [
"T045853",
"T045852",
"T045854",
"T002207",
"T038864",
"T038863",
"T038862",
"T038861"
]
},
"release_date": "2024-11-07T23:00:00.000+00:00",
"title": "CVE-2021-3565"
},
{
"cve": "CVE-2021-3634",
"product_status": {
"known_affected": [
"T045853",
"T045852",
"T045854",
"T002207",
"T038864",
"T038863",
"T038862",
"T038861"
]
},
"release_date": "2024-11-07T23:00:00.000+00:00",
"title": "CVE-2021-3634"
},
{
"cve": "CVE-2022-1210",
"product_status": {
"known_affected": [
"T045853",
"T045852",
"T045854",
"T002207",
"T038864",
"T038863",
"T038862",
"T038861"
]
},
"release_date": "2024-11-07T23:00:00.000+00:00",
"title": "CVE-2022-1210"
},
{
"cve": "CVE-2022-1622",
"product_status": {
"known_affected": [
"T045853",
"T045852",
"T045854",
"T002207",
"T038864",
"T038863",
"T038862",
"T038861"
]
},
"release_date": "2024-11-07T23:00:00.000+00:00",
"title": "CVE-2022-1622"
},
{
"cve": "CVE-2022-1996",
"product_status": {
"known_affected": [
"T045853",
"T045852",
"T045854",
"T002207",
"T038864",
"T038863",
"T038862",
"T038861"
]
},
"release_date": "2024-11-07T23:00:00.000+00:00",
"title": "CVE-2022-1996"
},
{
"cve": "CVE-2022-22576",
"product_status": {
"known_affected": [
"T045853",
"T045852",
"T045854",
"T002207",
"T038864",
"T038863",
"T038862",
"T038861"
]
},
"release_date": "2024-11-07T23:00:00.000+00:00",
"title": "CVE-2022-22576"
},
{
"cve": "CVE-2022-25313",
"product_status": {
"known_affected": [
"T045853",
"T045852",
"T045854",
"T002207",
"T038864",
"T038863",
"T038862",
"T038861"
]
},
"release_date": "2024-11-07T23:00:00.000+00:00",
"title": "CVE-2022-25313"
},
{
"cve": "CVE-2022-27774",
"product_status": {
"known_affected": [
"T045853",
"T045852",
"T045854",
"T002207",
"T038864",
"T038863",
"T038862",
"T038861"
]
},
"release_date": "2024-11-07T23:00:00.000+00:00",
"title": "CVE-2022-27774"
},
{
"cve": "CVE-2022-27775",
"product_status": {
"known_affected": [
"T045853",
"T045852",
"T045854",
"T002207",
"T038864",
"T038863",
"T038862",
"T038861"
]
},
"release_date": "2024-11-07T23:00:00.000+00:00",
"title": "CVE-2022-27775"
},
{
"cve": "CVE-2022-27776",
"product_status": {
"known_affected": [
"T045853",
"T045852",
"T045854",
"T002207",
"T038864",
"T038863",
"T038862",
"T038861"
]
},
"release_date": "2024-11-07T23:00:00.000+00:00",
"title": "CVE-2022-27776"
},
{
"cve": "CVE-2022-27781",
"product_status": {
"known_affected": [
"T045853",
"T045852",
"T045854",
"T002207",
"T038864",
"T038863",
"T038862",
"T038861"
]
},
"release_date": "2024-11-07T23:00:00.000+00:00",
"title": "CVE-2022-27781"
},
{
"cve": "CVE-2022-27782",
"product_status": {
"known_affected": [
"T045853",
"T045852",
"T045854",
"T002207",
"T038864",
"T038863",
"T038862",
"T038861"
]
},
"release_date": "2024-11-07T23:00:00.000+00:00",
"title": "CVE-2022-27782"
},
{
"cve": "CVE-2022-29361",
"product_status": {
"known_affected": [
"T045853",
"T045852",
"T045854",
"T002207",
"T038864",
"T038863",
"T038862",
"T038861"
]
},
"release_date": "2024-11-07T23:00:00.000+00:00",
"title": "CVE-2022-29361"
},
{
"cve": "CVE-2022-32205",
"product_status": {
"known_affected": [
"T045853",
"T045852",
"T045854",
"T002207",
"T038864",
"T038863",
"T038862",
"T038861"
]
},
"release_date": "2024-11-07T23:00:00.000+00:00",
"title": "CVE-2022-32205"
},
{
"cve": "CVE-2022-32206",
"product_status": {
"known_affected": [
"T045853",
"T045852",
"T045854",
"T002207",
"T038864",
"T038863",
"T038862",
"T038861"
]
},
"release_date": "2024-11-07T23:00:00.000+00:00",
"title": "CVE-2022-32206"
},
{
"cve": "CVE-2022-32207",
"product_status": {
"known_affected": [
"T045853",
"T045852",
"T045854",
"T002207",
"T038864",
"T038863",
"T038862",
"T038861"
]
},
"release_date": "2024-11-07T23:00:00.000+00:00",
"title": "CVE-2022-32207"
},
{
"cve": "CVE-2022-32208",
"product_status": {
"known_affected": [
"T045853",
"T045852",
"T045854",
"T002207",
"T038864",
"T038863",
"T038862",
"T038861"
]
},
"release_date": "2024-11-07T23:00:00.000+00:00",
"title": "CVE-2022-32208"
},
{
"cve": "CVE-2022-32221",
"product_status": {
"known_affected": [
"T045853",
"T045852",
"T045854",
"T002207",
"T038864",
"T038863",
"T038862",
"T038861"
]
},
"release_date": "2024-11-07T23:00:00.000+00:00",
"title": "CVE-2022-32221"
},
{
"cve": "CVE-2022-35252",
"product_status": {
"known_affected": [
"T045853",
"T045852",
"T045854",
"T002207",
"T038864",
"T038863",
"T038862",
"T038861"
]
},
"release_date": "2024-11-07T23:00:00.000+00:00",
"title": "CVE-2022-35252"
},
{
"cve": "CVE-2022-40023",
"product_status": {
"known_affected": [
"T045853",
"T045852",
"T045854",
"T002207",
"T038864",
"T038863",
"T038862",
"T038861"
]
},
"release_date": "2024-11-07T23:00:00.000+00:00",
"title": "CVE-2022-40023"
},
{
"cve": "CVE-2022-40090",
"product_status": {
"known_affected": [
"T045853",
"T045852",
"T045854",
"T002207",
"T038864",
"T038863",
"T038862",
"T038861"
]
},
"release_date": "2024-11-07T23:00:00.000+00:00",
"title": "CVE-2022-40090"
},
{
"cve": "CVE-2022-42915",
"product_status": {
"known_affected": [
"T045853",
"T045852",
"T045854",
"T002207",
"T038864",
"T038863",
"T038862",
"T038861"
]
},
"release_date": "2024-11-07T23:00:00.000+00:00",
"title": "CVE-2022-42915"
},
{
"cve": "CVE-2022-42916",
"product_status": {
"known_affected": [
"T045853",
"T045852",
"T045854",
"T002207",
"T038864",
"T038863",
"T038862",
"T038861"
]
},
"release_date": "2024-11-07T23:00:00.000+00:00",
"title": "CVE-2022-42916"
},
{
"cve": "CVE-2022-43551",
"product_status": {
"known_affected": [
"T045853",
"T045852",
"T045854",
"T002207",
"T038864",
"T038863",
"T038862",
"T038861"
]
},
"release_date": "2024-11-07T23:00:00.000+00:00",
"title": "CVE-2022-43551"
},
{
"cve": "CVE-2022-43552",
"product_status": {
"known_affected": [
"T045853",
"T045852",
"T045854",
"T002207",
"T038864",
"T038863",
"T038862",
"T038861"
]
},
"release_date": "2024-11-07T23:00:00.000+00:00",
"title": "CVE-2022-43552"
},
{
"cve": "CVE-2022-4603",
"product_status": {
"known_affected": [
"T045853",
"T045852",
"T045854",
"T002207",
"T038864",
"T038863",
"T038862",
"T038861"
]
},
"release_date": "2024-11-07T23:00:00.000+00:00",
"title": "CVE-2022-4603"
},
{
"cve": "CVE-2022-48064",
"product_status": {
"known_affected": [
"T045853",
"T045852",
"T045854",
"T002207",
"T038864",
"T038863",
"T038862",
"T038861"
]
},
"release_date": "2024-11-07T23:00:00.000+00:00",
"title": "CVE-2022-48064"
},
{
"cve": "CVE-2022-48624",
"product_status": {
"known_affected": [
"T045853",
"T045852",
"T045854",
"T002207",
"T038864",
"T038863",
"T038862",
"T038861"
]
},
"release_date": "2024-11-07T23:00:00.000+00:00",
"title": "CVE-2022-48624"
},
{
"cve": "CVE-2023-0461",
"product_status": {
"known_affected": [
"T045853",
"T045852",
"T045854",
"T002207",
"T038864",
"T038863",
"T038862",
"T038861"
]
},
"release_date": "2024-11-07T23:00:00.000+00:00",
"title": "CVE-2023-0461"
},
{
"cve": "CVE-2023-1667",
"product_status": {
"known_affected": [
"T045853",
"T045852",
"T045854",
"T002207",
"T038864",
"T038863",
"T038862",
"T038861"
]
},
"release_date": "2024-11-07T23:00:00.000+00:00",
"title": "CVE-2023-1667"
},
{
"cve": "CVE-2023-1916",
"product_status": {
"known_affected": [
"T045853",
"T045852",
"T045854",
"T002207",
"T038864",
"T038863",
"T038862",
"T038861"
]
},
"release_date": "2024-11-07T23:00:00.000+00:00",
"title": "CVE-2023-1916"
},
{
"cve": "CVE-2023-20592",
"product_status": {
"known_affected": [
"T045853",
"T045852",
"T045854",
"T002207",
"T038864",
"T038863",
"T038862",
"T038861"
]
},
"release_date": "2024-11-07T23:00:00.000+00:00",
"title": "CVE-2023-20592"
},
{
"cve": "CVE-2023-2137",
"product_status": {
"known_affected": [
"T045853",
"T045852",
"T045854",
"T002207",
"T038864",
"T038863",
"T038862",
"T038861"
]
},
"release_date": "2024-11-07T23:00:00.000+00:00",
"title": "CVE-2023-2137"
},
{
"cve": "CVE-2023-22745",
"product_status": {
"known_affected": [
"T045853",
"T045852",
"T045854",
"T002207",
"T038864",
"T038863",
"T038862",
"T038861"
]
},
"release_date": "2024-11-07T23:00:00.000+00:00",
"title": "CVE-2023-22745"
},
{
"cve": "CVE-2023-2283",
"product_status": {
"known_affected": [
"T045853",
"T045852",
"T045854",
"T002207",
"T038864",
"T038863",
"T038862",
"T038861"
]
},
"release_date": "2024-11-07T23:00:00.000+00:00",
"title": "CVE-2023-2283"
},
{
"cve": "CVE-2023-23914",
"product_status": {
"known_affected": [
"T045853",
"T045852",
"T045854",
"T002207",
"T038864",
"T038863",
"T038862",
"T038861"
]
},
"release_date": "2024-11-07T23:00:00.000+00:00",
"title": "CVE-2023-23914"
},
{
"cve": "CVE-2023-23915",
"product_status": {
"known_affected": [
"T045853",
"T045852",
"T045854",
"T002207",
"T038864",
"T038863",
"T038862",
"T038861"
]
},
"release_date": "2024-11-07T23:00:00.000+00:00",
"title": "CVE-2023-23915"
},
{
"cve": "CVE-2023-23916",
"product_status": {
"known_affected": [
"T045853",
"T045852",
"T045854",
"T002207",
"T038864",
"T038863",
"T038862",
"T038861"
]
},
"release_date": "2024-11-07T23:00:00.000+00:00",
"title": "CVE-2023-23916"
},
{
"cve": "CVE-2023-23934",
"product_status": {
"known_affected": [
"T045853",
"T045852",
"T045854",
"T002207",
"T038864",
"T038863",
"T038862",
"T038861"
]
},
"release_date": "2024-11-07T23:00:00.000+00:00",
"title": "CVE-2023-23934"
},
{
"cve": "CVE-2023-25577",
"product_status": {
"known_affected": [
"T045853",
"T045852",
"T045854",
"T002207",
"T038864",
"T038863",
"T038862",
"T038861"
]
},
"release_date": "2024-11-07T23:00:00.000+00:00",
"title": "CVE-2023-25577"
},
{
"cve": "CVE-2023-26965",
"product_status": {
"known_affected": [
"T045853",
"T045852",
"T045854",
"T002207",
"T038864",
"T038863",
"T038862",
"T038861"
]
},
"release_date": "2024-11-07T23:00:00.000+00:00",
"title": "CVE-2023-26965"
},
{
"cve": "CVE-2023-27043",
"product_status": {
"known_affected": [
"T045853",
"T045852",
"T045854",
"T002207",
"T038864",
"T038863",
"T038862",
"T038861"
]
},
"release_date": "2024-11-07T23:00:00.000+00:00",
"title": "CVE-2023-27043"
},
{
"cve": "CVE-2023-2731",
"product_status": {
"known_affected": [
"T045853",
"T045852",
"T045854",
"T002207",
"T038864",
"T038863",
"T038862",
"T038861"
]
},
"release_date": "2024-11-07T23:00:00.000+00:00",
"title": "CVE-2023-2731"
},
{
"cve": "CVE-2023-27533",
"product_status": {
"known_affected": [
"T045853",
"T045852",
"T045854",
"T002207",
"T038864",
"T038863",
"T038862",
"T038861"
]
},
"release_date": "2024-11-07T23:00:00.000+00:00",
"title": "CVE-2023-27533"
},
{
"cve": "CVE-2023-27534",
"product_status": {
"known_affected": [
"T045853",
"T045852",
"T045854",
"T002207",
"T038864",
"T038863",
"T038862",
"T038861"
]
},
"release_date": "2024-11-07T23:00:00.000+00:00",
"title": "CVE-2023-27534"
},
{
"cve": "CVE-2023-27535",
"product_status": {
"known_affected": [
"T045853",
"T045852",
"T045854",
"T002207",
"T038864",
"T038863",
"T038862",
"T038861"
]
},
"release_date": "2024-11-07T23:00:00.000+00:00",
"title": "CVE-2023-27535"
},
{
"cve": "CVE-2023-27536",
"product_status": {
"known_affected": [
"T045853",
"T045852",
"T045854",
"T002207",
"T038864",
"T038863",
"T038862",
"T038861"
]
},
"release_date": "2024-11-07T23:00:00.000+00:00",
"title": "CVE-2023-27536"
},
{
"cve": "CVE-2023-27538",
"product_status": {
"known_affected": [
"T045853",
"T045852",
"T045854",
"T002207",
"T038864",
"T038863",
"T038862",
"T038861"
]
},
"release_date": "2024-11-07T23:00:00.000+00:00",
"title": "CVE-2023-27538"
},
{
"cve": "CVE-2023-28319",
"product_status": {
"known_affected": [
"T045853",
"T045852",
"T045854",
"T002207",
"T038864",
"T038863",
"T038862",
"T038861"
]
},
"release_date": "2024-11-07T23:00:00.000+00:00",
"title": "CVE-2023-28319"
},
{
"cve": "CVE-2023-28320",
"product_status": {
"known_affected": [
"T045853",
"T045852",
"T045854",
"T002207",
"T038864",
"T038863",
"T038862",
"T038861"
]
},
"release_date": "2024-11-07T23:00:00.000+00:00",
"title": "CVE-2023-28320"
},
{
"cve": "CVE-2023-28321",
"product_status": {
"known_affected": [
"T045853",
"T045852",
"T045854",
"T002207",
"T038864",
"T038863",
"T038862",
"T038861"
]
},
"release_date": "2024-11-07T23:00:00.000+00:00",
"title": "CVE-2023-28321"
},
{
"cve": "CVE-2023-28322",
"product_status": {
"known_affected": [
"T045853",
"T045852",
"T045854",
"T002207",
"T038864",
"T038863",
"T038862",
"T038861"
]
},
"release_date": "2024-11-07T23:00:00.000+00:00",
"title": "CVE-2023-28322"
},
{
"cve": "CVE-2023-31083",
"product_status": {
"known_affected": [
"T045853",
"T045852",
"T045854",
"T002207",
"T038864",
"T038863",
"T038862",
"T038861"
]
},
"release_date": "2024-11-07T23:00:00.000+00:00",
"title": "CVE-2023-31083"
},
{
"cve": "CVE-2023-34055",
"product_status": {
"known_affected": [
"T045853",
"T045852",
"T045854",
"T002207",
"T038864",
"T038863",
"T038862",
"T038861"
]
},
"release_date": "2024-11-07T23:00:00.000+00:00",
"title": "CVE-2023-34055"
},
{
"cve": "CVE-2023-35116",
"product_status": {
"known_affected": [
"T045853",
"T045852",
"T045854",
"T002207",
"T038864",
"T038863",
"T038862",
"T038861"
]
},
"release_date": "2024-11-07T23:00:00.000+00:00",
"title": "CVE-2023-35116"
},
{
"cve": "CVE-2023-38286",
"product_status": {
"known_affected": [
"T045853",
"T045852",
"T045854",
"T002207",
"T038864",
"T038863",
"T038862",
"T038861"
]
},
"release_date": "2024-11-07T23:00:00.000+00:00",
"title": "CVE-2023-38286"
},
{
"cve": "CVE-2023-38469",
"product_status": {
"known_affected": [
"T045853",
"T045852",
"T045854",
"T002207",
"T038864",
"T038863",
"T038862",
"T038861"
]
},
"release_date": "2024-11-07T23:00:00.000+00:00",
"title": "CVE-2023-38469"
},
{
"cve": "CVE-2023-38471",
"product_status": {
"known_affected": [
"T045853",
"T045852",
"T045854",
"T002207",
"T038864",
"T038863",
"T038862",
"T038861"
]
},
"release_date": "2024-11-07T23:00:00.000+00:00",
"title": "CVE-2023-38471"
},
{
"cve": "CVE-2023-38472",
"product_status": {
"known_affected": [
"T045853",
"T045852",
"T045854",
"T002207",
"T038864",
"T038863",
"T038862",
"T038861"
]
},
"release_date": "2024-11-07T23:00:00.000+00:00",
"title": "CVE-2023-38472"
},
{
"cve": "CVE-2023-38545",
"product_status": {
"known_affected": [
"T045853",
"T045852",
"T045854",
"T002207",
"T038864",
"T038863",
"T038862",
"T038861"
]
},
"release_date": "2024-11-07T23:00:00.000+00:00",
"title": "CVE-2023-38545"
},
{
"cve": "CVE-2023-38546",
"product_status": {
"known_affected": [
"T045853",
"T045852",
"T045854",
"T002207",
"T038864",
"T038863",
"T038862",
"T038861"
]
},
"release_date": "2024-11-07T23:00:00.000+00:00",
"title": "CVE-2023-38546"
},
{
"cve": "CVE-2023-39197",
"product_status": {
"known_affected": [
"T045853",
"T045852",
"T045854",
"T002207",
"T038864",
"T038863",
"T038862",
"T038861"
]
},
"release_date": "2024-11-07T23:00:00.000+00:00",
"title": "CVE-2023-39197"
},
{
"cve": "CVE-2023-39198",
"product_status": {
"known_affected": [
"T045853",
"T045852",
"T045854",
"T002207",
"T038864",
"T038863",
"T038862",
"T038861"
]
},
"release_date": "2024-11-07T23:00:00.000+00:00",
"title": "CVE-2023-39198"
},
{
"cve": "CVE-2023-39804",
"product_status": {
"known_affected": [
"T045853",
"T045852",
"T045854",
"T002207",
"T038864",
"T038863",
"T038862",
"T038861"
]
},
"release_date": "2024-11-07T23:00:00.000+00:00",
"title": "CVE-2023-39804"
},
{
"cve": "CVE-2023-40217",
"product_status": {
"known_affected": [
"T045853",
"T045852",
"T045854",
"T002207",
"T038864",
"T038863",
"T038862",
"T038861"
]
},
"release_date": "2024-11-07T23:00:00.000+00:00",
"title": "CVE-2023-40217"
},
{
"cve": "CVE-2023-42465",
"product_status": {
"known_affected": [
"T045853",
"T045852",
"T045854",
"T002207",
"T038864",
"T038863",
"T038862",
"T038861"
]
},
"release_date": "2024-11-07T23:00:00.000+00:00",
"title": "CVE-2023-42465"
},
{
"cve": "CVE-2023-4255",
"product_status": {
"known_affected": [
"T045853",
"T045852",
"T045854",
"T002207",
"T038864",
"T038863",
"T038862",
"T038861"
]
},
"release_date": "2024-11-07T23:00:00.000+00:00",
"title": "CVE-2023-4255"
},
{
"cve": "CVE-2023-45139",
"product_status": {
"known_affected": [
"T045853",
"T045852",
"T045854",
"T002207",
"T038864",
"T038863",
"T038862",
"T038861"
]
},
"release_date": "2024-11-07T23:00:00.000+00:00",
"title": "CVE-2023-45139"
},
{
"cve": "CVE-2023-45322",
"product_status": {
"known_affected": [
"T045853",
"T045852",
"T045854",
"T002207",
"T038864",
"T038863",
"T038862",
"T038861"
]
},
"release_date": "2024-11-07T23:00:00.000+00:00",
"title": "CVE-2023-45322"
},
{
"cve": "CVE-2023-45863",
"product_status": {
"known_affected": [
"T045853",
"T045852",
"T045854",
"T002207",
"T038864",
"T038863",
"T038862",
"T038861"
]
},
"release_date": "2024-11-07T23:00:00.000+00:00",
"title": "CVE-2023-45863"
},
{
"cve": "CVE-2023-45871",
"product_status": {
"known_affected": [
"T045853",
"T045852",
"T045854",
"T002207",
"T038864",
"T038863",
"T038862",
"T038861"
]
},
"release_date": "2024-11-07T23:00:00.000+00:00",
"title": "CVE-2023-45871"
},
{
"cve": "CVE-2023-46136",
"product_status": {
"known_affected": [
"T045853",
"T045852",
"T045854",
"T002207",
"T038864",
"T038863",
"T038862",
"T038861"
]
},
"release_date": "2024-11-07T23:00:00.000+00:00",
"title": "CVE-2023-46136"
},
{
"cve": "CVE-2023-46218",
"product_status": {
"known_affected": [
"T045853",
"T045852",
"T045854",
"T002207",
"T038864",
"T038863",
"T038862",
"T038861"
]
},
"release_date": "2024-11-07T23:00:00.000+00:00",
"title": "CVE-2023-46218"
},
{
"cve": "CVE-2023-46219",
"product_status": {
"known_affected": [
"T045853",
"T045852",
"T045854",
"T002207",
"T038864",
"T038863",
"T038862",
"T038861"
]
},
"release_date": "2024-11-07T23:00:00.000+00:00",
"title": "CVE-2023-46219"
},
{
"cve": "CVE-2023-46751",
"product_status": {
"known_affected": [
"T045853",
"T045852",
"T045854",
"T002207",
"T038864",
"T038863",
"T038862",
"T038861"
]
},
"release_date": "2024-11-07T23:00:00.000+00:00",
"title": "CVE-2023-46751"
},
{
"cve": "CVE-2023-48795",
"product_status": {
"known_affected": [
"T045853",
"T045852",
"T045854",
"T002207",
"T038864",
"T038863",
"T038862",
"T038861"
]
},
"release_date": "2024-11-07T23:00:00.000+00:00",
"title": "CVE-2023-48795"
},
{
"cve": "CVE-2023-49083",
"product_status": {
"known_affected": [
"T045853",
"T045852",
"T045854",
"T002207",
"T038864",
"T038863",
"T038862",
"T038861"
]
},
"release_date": "2024-11-07T23:00:00.000+00:00",
"title": "CVE-2023-49083"
},
{
"cve": "CVE-2023-50447",
"product_status": {
"known_affected": [
"T045853",
"T045852",
"T045854",
"T002207",
"T038864",
"T038863",
"T038862",
"T038861"
]
},
"release_date": "2024-11-07T23:00:00.000+00:00",
"title": "CVE-2023-50447"
},
{
"cve": "CVE-2023-5049",
"product_status": {
"known_affected": [
"T045853",
"T045852",
"T045854",
"T002207",
"T038864",
"T038863",
"T038862",
"T038861"
]
},
"release_date": "2024-11-07T23:00:00.000+00:00",
"title": "CVE-2023-5049"
},
{
"cve": "CVE-2023-50495",
"product_status": {
"known_affected": [
"T045853",
"T045852",
"T045854",
"T002207",
"T038864",
"T038863",
"T038862",
"T038861"
]
},
"release_date": "2024-11-07T23:00:00.000+00:00",
"title": "CVE-2023-50495"
},
{
"cve": "CVE-2023-50782",
"product_status": {
"known_affected": [
"T045853",
"T045852",
"T045854",
"T002207",
"T038864",
"T038863",
"T038862",
"T038861"
]
},
"release_date": "2024-11-07T23:00:00.000+00:00",
"title": "CVE-2023-50782"
},
{
"cve": "CVE-2023-51257",
"product_status": {
"known_affected": [
"T045853",
"T045852",
"T045854",
"T002207",
"T038864",
"T038863",
"T038862",
"T038861"
]
},
"release_date": "2024-11-07T23:00:00.000+00:00",
"title": "CVE-2023-51257"
},
{
"cve": "CVE-2023-52425",
"product_status": {
"known_affected": [
"T045853",
"T045852",
"T045854",
"T002207",
"T038864",
"T038863",
"T038862",
"T038861"
]
},
"release_date": "2024-11-07T23:00:00.000+00:00",
"title": "CVE-2023-52425"
},
{
"cve": "CVE-2023-52426",
"product_status": {
"known_affected": [
"T045853",
"T045852",
"T045854",
"T002207",
"T038864",
"T038863",
"T038862",
"T038861"
]
},
"release_date": "2024-11-07T23:00:00.000+00:00",
"title": "CVE-2023-52426"
},
{
"cve": "CVE-2023-5678",
"product_status": {
"known_affected": [
"T045853",
"T045852",
"T045854",
"T002207",
"T038864",
"T038863",
"T038862",
"T038861"
]
},
"release_date": "2024-11-07T23:00:00.000+00:00",
"title": "CVE-2023-5678"
},
{
"cve": "CVE-2023-5717",
"product_status": {
"known_affected": [
"T045853",
"T045852",
"T045854",
"T002207",
"T038864",
"T038863",
"T038862",
"T038861"
]
},
"release_date": "2024-11-07T23:00:00.000+00:00",
"title": "CVE-2023-5717"
},
{
"cve": "CVE-2023-5752",
"product_status": {
"known_affected": [
"T045853",
"T045852",
"T045854",
"T002207",
"T038864",
"T038863",
"T038862",
"T038861"
]
},
"release_date": "2024-11-07T23:00:00.000+00:00",
"title": "CVE-2023-5752"
},
{
"cve": "CVE-2023-6004",
"product_status": {
"known_affected": [
"T045853",
"T045852",
"T045854",
"T002207",
"T038864",
"T038863",
"T038862",
"T038861"
]
},
"release_date": "2024-11-07T23:00:00.000+00:00",
"title": "CVE-2023-6004"
},
{
"cve": "CVE-2023-6597",
"product_status": {
"known_affected": [
"T045853",
"T045852",
"T045854",
"T002207",
"T038864",
"T038863",
"T038862",
"T038861"
]
},
"release_date": "2024-11-07T23:00:00.000+00:00",
"title": "CVE-2023-6597"
},
{
"cve": "CVE-2023-6918",
"product_status": {
"known_affected": [
"T045853",
"T045852",
"T045854",
"T002207",
"T038864",
"T038863",
"T038862",
"T038861"
]
},
"release_date": "2024-11-07T23:00:00.000+00:00",
"title": "CVE-2023-6918"
},
{
"cve": "CVE-2023-7207",
"product_status": {
"known_affected": [
"T045853",
"T045852",
"T045854",
"T002207",
"T038864",
"T038863",
"T038862",
"T038861"
]
},
"release_date": "2024-11-07T23:00:00.000+00:00",
"title": "CVE-2023-7207"
},
{
"cve": "CVE-2024-0450",
"product_status": {
"known_affected": [
"T045853",
"T045852",
"T045854",
"T002207",
"T038864",
"T038863",
"T038862",
"T038861"
]
},
"release_date": "2024-11-07T23:00:00.000+00:00",
"title": "CVE-2024-0450"
},
{
"cve": "CVE-2024-0727",
"product_status": {
"known_affected": [
"T045853",
"T045852",
"T045854",
"T002207",
"T038864",
"T038863",
"T038862",
"T038861"
]
},
"release_date": "2024-11-07T23:00:00.000+00:00",
"title": "CVE-2024-0727"
},
{
"cve": "CVE-2024-0985",
"product_status": {
"known_affected": [
"T045853",
"T045852",
"T045854",
"T002207",
"T038864",
"T038863",
"T038862",
"T038861"
]
},
"release_date": "2024-11-07T23:00:00.000+00:00",
"title": "CVE-2024-0985"
},
{
"cve": "CVE-2024-21626",
"product_status": {
"known_affected": [
"T045853",
"T045852",
"T045854",
"T002207",
"T038864",
"T038863",
"T038862",
"T038861"
]
},
"release_date": "2024-11-07T23:00:00.000+00:00",
"title": "CVE-2024-21626"
},
{
"cve": "CVE-2024-22195",
"product_status": {
"known_affected": [
"T045853",
"T045852",
"T045854",
"T002207",
"T038864",
"T038863",
"T038862",
"T038861"
]
},
"release_date": "2024-11-07T23:00:00.000+00:00",
"title": "CVE-2024-22195"
},
{
"cve": "CVE-2024-22365",
"product_status": {
"known_affected": [
"T045853",
"T045852",
"T045854",
"T002207",
"T038864",
"T038863",
"T038862",
"T038861"
]
},
"release_date": "2024-11-07T23:00:00.000+00:00",
"title": "CVE-2024-22365"
},
{
"cve": "CVE-2024-23651",
"product_status": {
"known_affected": [
"T045853",
"T045852",
"T045854",
"T002207",
"T038864",
"T038863",
"T038862",
"T038861"
]
},
"release_date": "2024-11-07T23:00:00.000+00:00",
"title": "CVE-2024-23651"
},
{
"cve": "CVE-2024-23652",
"product_status": {
"known_affected": [
"T045853",
"T045852",
"T045854",
"T002207",
"T038864",
"T038863",
"T038862",
"T038861"
]
},
"release_date": "2024-11-07T23:00:00.000+00:00",
"title": "CVE-2024-23652"
},
{
"cve": "CVE-2024-23653",
"product_status": {
"known_affected": [
"T045853",
"T045852",
"T045854",
"T002207",
"T038864",
"T038863",
"T038862",
"T038861"
]
},
"release_date": "2024-11-07T23:00:00.000+00:00",
"title": "CVE-2024-23653"
},
{
"cve": "CVE-2024-23672",
"product_status": {
"known_affected": [
"T045853",
"T045852",
"T045854",
"T002207",
"T038864",
"T038863",
"T038862",
"T038861"
]
},
"release_date": "2024-11-07T23:00:00.000+00:00",
"title": "CVE-2024-23672"
},
{
"cve": "CVE-2024-24549",
"product_status": {
"known_affected": [
"T045853",
"T045852",
"T045854",
"T002207",
"T038864",
"T038863",
"T038862",
"T038861"
]
},
"release_date": "2024-11-07T23:00:00.000+00:00",
"title": "CVE-2024-24549"
},
{
"cve": "CVE-2024-25062",
"product_status": {
"known_affected": [
"T045853",
"T045852",
"T045854",
"T002207",
"T038864",
"T038863",
"T038862",
"T038861"
]
},
"release_date": "2024-11-07T23:00:00.000+00:00",
"title": "CVE-2024-25062"
},
{
"cve": "CVE-2024-26130",
"product_status": {
"known_affected": [
"T045853",
"T045852",
"T045854",
"T002207",
"T038864",
"T038863",
"T038862",
"T038861"
]
},
"release_date": "2024-11-07T23:00:00.000+00:00",
"title": "CVE-2024-26130"
},
{
"cve": "CVE-2024-26458",
"product_status": {
"known_affected": [
"T045853",
"T045852",
"T045854",
"T002207",
"T038864",
"T038863",
"T038862",
"T038861"
]
},
"release_date": "2024-11-07T23:00:00.000+00:00",
"title": "CVE-2024-26458"
},
{
"cve": "CVE-2024-26461",
"product_status": {
"known_affected": [
"T045853",
"T045852",
"T045854",
"T002207",
"T038864",
"T038863",
"T038862",
"T038861"
]
},
"release_date": "2024-11-07T23:00:00.000+00:00",
"title": "CVE-2024-26461"
},
{
"cve": "CVE-2024-28085",
"product_status": {
"known_affected": [
"T045853",
"T045852",
"T045854",
"T002207",
"T038864",
"T038863",
"T038862",
"T038861"
]
},
"release_date": "2024-11-07T23:00:00.000+00:00",
"title": "CVE-2024-28085"
},
{
"cve": "CVE-2024-28182",
"product_status": {
"known_affected": [
"T045853",
"T045852",
"T045854",
"T002207",
"T038864",
"T038863",
"T038862",
"T038861"
]
},
"release_date": "2024-11-07T23:00:00.000+00:00",
"title": "CVE-2024-28182"
},
{
"cve": "CVE-2024-28219",
"product_status": {
"known_affected": [
"T045853",
"T045852",
"T045854",
"T002207",
"T038864",
"T038863",
"T038862",
"T038861"
]
},
"release_date": "2024-11-07T23:00:00.000+00:00",
"title": "CVE-2024-28219"
},
{
"cve": "CVE-2024-28757",
"product_status": {
"known_affected": [
"T045853",
"T045852",
"T045854",
"T002207",
"T038864",
"T038863",
"T038862",
"T038861"
]
},
"release_date": "2024-11-07T23:00:00.000+00:00",
"title": "CVE-2024-28757"
}
]
}
WID-SEC-W-2025-0139
Vulnerability from csaf_certbund - Published: 2025-01-21 23:00 - Updated: 2025-01-21 23:00Summary
Oracle Database Server: Mehrere Schwachstellen
Severity
Mittel
Notes
Das BSI ist als Anbieter für die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch dafür verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgfältig im Einzelfall zu prüfen.
Produktbeschreibung: Die Oracle Datenbank ist ein weit verbreitetes relationales Datenbanksystem.
Angriff: Ein entfernter, anonymer oder authentisierter Angreifer kann mehrere Schwachstellen in Oracle Database Server ausnutzen, um die Vertraulichkeit, Integrität und Verfügbarkeit zu gefährden.
Betroffene Betriebssysteme: - Linux
- UNIX
- Windows
In Oracle Database Server existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein entfernter, anonymer oder authentisierter Angreifer die Vertraulichkeit, Integrität und Verfügbarkeit gefährden. Für die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion notwendig. Oracle veröffentlicht keine weiteren Details zu diesen Schwachstellen (außer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadenshöhe ausschließlich auf Basis der CVSS Impact Matrix. Der Maximalwert für diese Produkte ist "HIGH" für "Confidentiality", "Integrity" und "Availability" über alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert "HOCH" für die Schadenshöhe.
Affected products
Known affected
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Oracle Database Server 19.1
Oracle / Database Server
|
cpe:/a:oracle:database_server:19.1
|
19.1 |
Last affected
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Oracle Database Server <=21.16
Oracle / Database Server
|
<=21.16 | ||
|
Oracle Database Server <=19.25
Oracle / Database Server
|
<=19.25 | ||
|
Oracle Database Server <=23.6
Oracle / Database Server
|
<=23.6 |
In Oracle Database Server existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein entfernter, anonymer oder authentisierter Angreifer die Vertraulichkeit, Integrität und Verfügbarkeit gefährden. Für die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion notwendig. Oracle veröffentlicht keine weiteren Details zu diesen Schwachstellen (außer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadenshöhe ausschließlich auf Basis der CVSS Impact Matrix. Der Maximalwert für diese Produkte ist "HIGH" für "Confidentiality", "Integrity" und "Availability" über alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert "HOCH" für die Schadenshöhe.
Affected products
Known affected
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Oracle Database Server 19.1
Oracle / Database Server
|
cpe:/a:oracle:database_server:19.1
|
19.1 |
Last affected
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Oracle Database Server <=21.16
Oracle / Database Server
|
<=21.16 | ||
|
Oracle Database Server <=19.25
Oracle / Database Server
|
<=19.25 | ||
|
Oracle Database Server <=23.6
Oracle / Database Server
|
<=23.6 |
In Oracle Database Server existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein entfernter, anonymer oder authentisierter Angreifer die Vertraulichkeit, Integrität und Verfügbarkeit gefährden. Für die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion notwendig. Oracle veröffentlicht keine weiteren Details zu diesen Schwachstellen (außer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadenshöhe ausschließlich auf Basis der CVSS Impact Matrix. Der Maximalwert für diese Produkte ist "HIGH" für "Confidentiality", "Integrity" und "Availability" über alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert "HOCH" für die Schadenshöhe.
Affected products
Known affected
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Oracle Database Server 19.1
Oracle / Database Server
|
cpe:/a:oracle:database_server:19.1
|
19.1 |
Last affected
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Oracle Database Server <=21.16
Oracle / Database Server
|
<=21.16 | ||
|
Oracle Database Server <=19.25
Oracle / Database Server
|
<=19.25 | ||
|
Oracle Database Server <=23.6
Oracle / Database Server
|
<=23.6 |
In Oracle Database Server existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein entfernter, anonymer oder authentisierter Angreifer die Vertraulichkeit, Integrität und Verfügbarkeit gefährden. Für die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion notwendig. Oracle veröffentlicht keine weiteren Details zu diesen Schwachstellen (außer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadenshöhe ausschließlich auf Basis der CVSS Impact Matrix. Der Maximalwert für diese Produkte ist "HIGH" für "Confidentiality", "Integrity" und "Availability" über alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert "HOCH" für die Schadenshöhe.
Affected products
Known affected
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Oracle Database Server 19.1
Oracle / Database Server
|
cpe:/a:oracle:database_server:19.1
|
19.1 |
Last affected
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Oracle Database Server <=21.16
Oracle / Database Server
|
<=21.16 | ||
|
Oracle Database Server <=19.25
Oracle / Database Server
|
<=19.25 | ||
|
Oracle Database Server <=23.6
Oracle / Database Server
|
<=23.6 |
In Oracle Database Server existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein entfernter, anonymer oder authentisierter Angreifer die Vertraulichkeit, Integrität und Verfügbarkeit gefährden. Für die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion notwendig. Oracle veröffentlicht keine weiteren Details zu diesen Schwachstellen (außer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadenshöhe ausschließlich auf Basis der CVSS Impact Matrix. Der Maximalwert für diese Produkte ist "HIGH" für "Confidentiality", "Integrity" und "Availability" über alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert "HOCH" für die Schadenshöhe.
Affected products
Known affected
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Oracle Database Server 19.1
Oracle / Database Server
|
cpe:/a:oracle:database_server:19.1
|
19.1 |
Last affected
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Oracle Database Server <=21.16
Oracle / Database Server
|
<=21.16 | ||
|
Oracle Database Server <=19.25
Oracle / Database Server
|
<=19.25 | ||
|
Oracle Database Server <=23.6
Oracle / Database Server
|
<=23.6 |
References
3 references
{
"document": {
"aggregate_severity": {
"text": "mittel"
},
"category": "csaf_base",
"csaf_version": "2.0",
"distribution": {
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "de-DE",
"notes": [
{
"category": "legal_disclaimer",
"text": "Das BSI ist als Anbieter f\u00fcr die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch daf\u00fcr verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgf\u00e4ltig im Einzelfall zu pr\u00fcfen."
},
{
"category": "description",
"text": "Die Oracle Datenbank ist ein weit verbreitetes relationales Datenbanksystem.",
"title": "Produktbeschreibung"
},
{
"category": "summary",
"text": "Ein entfernter, anonymer oder authentisierter Angreifer kann mehrere Schwachstellen in Oracle Database Server ausnutzen, um die Vertraulichkeit, Integrit\u00e4t und Verf\u00fcgbarkeit zu gef\u00e4hrden.",
"title": "Angriff"
},
{
"category": "general",
"text": "- Linux\n- UNIX\n- Windows",
"title": "Betroffene Betriebssysteme"
}
],
"publisher": {
"category": "other",
"contact_details": "csaf-provider@cert-bund.de",
"name": "Bundesamt f\u00fcr Sicherheit in der Informationstechnik",
"namespace": "https://www.bsi.bund.de"
},
"references": [
{
"category": "self",
"summary": "WID-SEC-W-2025-0139 - CSAF Version",
"url": "https://wid.cert-bund.de/.well-known/csaf/white/2025/wid-sec-w-2025-0139.json"
},
{
"category": "self",
"summary": "WID-SEC-2025-0139 - Portal Version",
"url": "https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2025-0139"
},
{
"category": "external",
"summary": "Oracle Critical Patch Update Advisory - January 2025 - Appendix Oracle Database Server vom 2025-01-21",
"url": "https://www.oracle.com/security-alerts/cpujan2025.html#AppendixDB"
}
],
"source_lang": "en-US",
"title": "Oracle Database Server: Mehrere Schwachstellen",
"tracking": {
"current_release_date": "2025-01-21T23:00:00.000+00:00",
"generator": {
"date": "2025-01-22T09:03:48.441+00:00",
"engine": {
"name": "BSI-WID",
"version": "1.3.10"
}
},
"id": "WID-SEC-W-2025-0139",
"initial_release_date": "2025-01-21T23:00:00.000+00:00",
"revision_history": [
{
"date": "2025-01-21T23:00:00.000+00:00",
"number": "1",
"summary": "Initiale Fassung"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "19.1",
"product": {
"name": "Oracle Database Server 19.1",
"product_id": "1137730",
"product_identification_helper": {
"cpe": "cpe:/a:oracle:database_server:19.1"
}
}
},
{
"category": "product_version_range",
"name": "\u003c=23.6",
"product": {
"name": "Oracle Database Server \u003c=23.6",
"product_id": "T040427"
}
},
{
"category": "product_version_range",
"name": "\u003c=23.6",
"product": {
"name": "Oracle Database Server \u003c=23.6",
"product_id": "T040427-fixed"
}
},
{
"category": "product_version_range",
"name": "\u003c=19.25",
"product": {
"name": "Oracle Database Server \u003c=19.25",
"product_id": "T040428"
}
},
{
"category": "product_version_range",
"name": "\u003c=19.25",
"product": {
"name": "Oracle Database Server \u003c=19.25",
"product_id": "T040428-fixed"
}
},
{
"category": "product_version_range",
"name": "\u003c=21.16",
"product": {
"name": "Oracle Database Server \u003c=21.16",
"product_id": "T040429"
}
},
{
"category": "product_version_range",
"name": "\u003c=21.16",
"product": {
"name": "Oracle Database Server \u003c=21.16",
"product_id": "T040429-fixed"
}
}
],
"category": "product_name",
"name": "Database Server"
}
],
"category": "vendor",
"name": "Oracle"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2022-26345",
"notes": [
{
"category": "description",
"text": "In Oracle Database Server existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein entfernter, anonymer oder authentisierter Angreifer die Vertraulichkeit, Integrit\u00e4t und Verf\u00fcgbarkeit gef\u00e4hrden. F\u00fcr die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion notwendig. Oracle ver\u00f6ffentlicht keine weiteren Details zu diesen Schwachstellen (au\u00dfer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadensh\u00f6he ausschlie\u00dflich auf Basis der CVSS Impact Matrix. Der Maximalwert f\u00fcr diese Produkte ist \"HIGH\" f\u00fcr \"Confidentiality\", \"Integrity\" und \"Availability\" \u00fcber alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert \"HOCH\" f\u00fcr die Schadensh\u00f6he."
}
],
"product_status": {
"known_affected": [
"1137730"
],
"last_affected": [
"T040429",
"T040428",
"T040427"
]
},
"release_date": "2025-01-21T23:00:00.000+00:00",
"title": "CVE-2022-26345"
},
{
"cve": "CVE-2023-48795",
"notes": [
{
"category": "description",
"text": "In Oracle Database Server existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein entfernter, anonymer oder authentisierter Angreifer die Vertraulichkeit, Integrit\u00e4t und Verf\u00fcgbarkeit gef\u00e4hrden. F\u00fcr die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion notwendig. Oracle ver\u00f6ffentlicht keine weiteren Details zu diesen Schwachstellen (au\u00dfer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadensh\u00f6he ausschlie\u00dflich auf Basis der CVSS Impact Matrix. Der Maximalwert f\u00fcr diese Produkte ist \"HIGH\" f\u00fcr \"Confidentiality\", \"Integrity\" und \"Availability\" \u00fcber alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert \"HOCH\" f\u00fcr die Schadensh\u00f6he."
}
],
"product_status": {
"known_affected": [
"1137730"
],
"last_affected": [
"T040429",
"T040428",
"T040427"
]
},
"release_date": "2025-01-21T23:00:00.000+00:00",
"title": "CVE-2023-48795"
},
{
"cve": "CVE-2023-52428",
"notes": [
{
"category": "description",
"text": "In Oracle Database Server existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein entfernter, anonymer oder authentisierter Angreifer die Vertraulichkeit, Integrit\u00e4t und Verf\u00fcgbarkeit gef\u00e4hrden. F\u00fcr die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion notwendig. Oracle ver\u00f6ffentlicht keine weiteren Details zu diesen Schwachstellen (au\u00dfer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadensh\u00f6he ausschlie\u00dflich auf Basis der CVSS Impact Matrix. Der Maximalwert f\u00fcr diese Produkte ist \"HIGH\" f\u00fcr \"Confidentiality\", \"Integrity\" und \"Availability\" \u00fcber alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert \"HOCH\" f\u00fcr die Schadensh\u00f6he."
}
],
"product_status": {
"known_affected": [
"1137730"
],
"last_affected": [
"T040429",
"T040428",
"T040427"
]
},
"release_date": "2025-01-21T23:00:00.000+00:00",
"title": "CVE-2023-52428"
},
{
"cve": "CVE-2024-21211",
"notes": [
{
"category": "description",
"text": "In Oracle Database Server existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein entfernter, anonymer oder authentisierter Angreifer die Vertraulichkeit, Integrit\u00e4t und Verf\u00fcgbarkeit gef\u00e4hrden. F\u00fcr die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion notwendig. Oracle ver\u00f6ffentlicht keine weiteren Details zu diesen Schwachstellen (au\u00dfer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadensh\u00f6he ausschlie\u00dflich auf Basis der CVSS Impact Matrix. Der Maximalwert f\u00fcr diese Produkte ist \"HIGH\" f\u00fcr \"Confidentiality\", \"Integrity\" und \"Availability\" \u00fcber alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert \"HOCH\" f\u00fcr die Schadensh\u00f6he."
}
],
"product_status": {
"known_affected": [
"1137730"
],
"last_affected": [
"T040429",
"T040428",
"T040427"
]
},
"release_date": "2025-01-21T23:00:00.000+00:00",
"title": "CVE-2024-21211"
},
{
"cve": "CVE-2025-21553",
"notes": [
{
"category": "description",
"text": "In Oracle Database Server existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein entfernter, anonymer oder authentisierter Angreifer die Vertraulichkeit, Integrit\u00e4t und Verf\u00fcgbarkeit gef\u00e4hrden. F\u00fcr die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion notwendig. Oracle ver\u00f6ffentlicht keine weiteren Details zu diesen Schwachstellen (au\u00dfer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadensh\u00f6he ausschlie\u00dflich auf Basis der CVSS Impact Matrix. Der Maximalwert f\u00fcr diese Produkte ist \"HIGH\" f\u00fcr \"Confidentiality\", \"Integrity\" und \"Availability\" \u00fcber alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert \"HOCH\" f\u00fcr die Schadensh\u00f6he."
}
],
"product_status": {
"known_affected": [
"1137730"
],
"last_affected": [
"T040429",
"T040428",
"T040427"
]
},
"release_date": "2025-01-21T23:00:00.000+00:00",
"title": "CVE-2025-21553"
}
]
}
WID-SEC-W-2025-0144
Vulnerability from csaf_certbund - Published: 2025-01-21 23:00 - Updated: 2025-01-21 23:00Summary
Oracle Financial Services Applications: Mehrere Schwachstellen
Severity
Hoch
Notes
Das BSI ist als Anbieter für die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch dafür verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgfältig im Einzelfall zu prüfen.
Produktbeschreibung: Oracle Financial Services ist eine Zusammenstellung von Anwendungen für den Finanzsektor und eine Technologiebasis zur Erfüllung von IT- und Geschäftsanforderungen.
Angriff: Ein entfernter, anonymer oder authentisierter Angreifer kann mehrere Schwachstellen in Oracle Financial Services Applications ausnutzen, um die Vertraulichkeit, Integrität und Verfügbarkeit zu gefährden.
Betroffene Betriebssysteme: - Linux
- UNIX
- Windows
In Oracle Financial Services Applications existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein entfernter, anonymer oder authentisierter Angreifer die Vertraulichkeit, Integrität und Verfügbarkeit gefährden. Für die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion notwendig. Oracle veröffentlicht keine weiteren Details zu diesen Schwachstellen (außer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadenshöhe ausschließlich auf Basis der CVSS Impact Matrix. Der Maximalwert für diese Produkte ist "HIGH" für "Confidentiality", "Integrity" und "Availability" über alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert "HOCH" für die Schadenshöhe.
Affected products
Known affected
12 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Oracle Financial Services Applications 8.0.8
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.0.8
|
8.0.8 | |
|
Oracle Financial Services Applications 8.0.8.1
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.0.8.1
|
8.0.8.1 | |
|
Oracle Financial Services Applications 8.1.2.6
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.1.2.6
|
8.1.2.6 | |
|
Oracle Financial Services Applications 14.7.5.0.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:14.7.5.0.0
|
14.7.5.0.0 | |
|
Oracle Financial Services Applications 14.4.0.0.0-14.7.0.0.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:14.4.0.0.0_-_14.7.0.0.0
|
14.4.0.0.0-14.7.0.0.0 | |
|
Oracle Financial Services Applications 8.1.2.5
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.1.2.5
|
8.1.2.5 | |
|
Oracle Financial Services Applications 8.1.2.7
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.1.2.7
|
8.1.2.7 | |
|
Oracle Financial Services Applications 2.9.0.0.0-7.0.0.0.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:2.9.0.0.0_-_7.0.0.0.0
|
2.9.0.0.0-7.0.0.0.0 | |
|
Oracle Financial Services Applications 8.1.2.8
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.1.2.8
|
8.1.2.8 | |
|
Oracle Financial Services Applications 8.1.3.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.1.3.0
|
8.1.3.0 | |
|
Oracle Financial Services Applications 8.0.8.6
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.0.8.6
|
8.0.8.6 | |
|
Oracle Financial Services Applications 8.0.7.8
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.0.7.8
|
8.0.7.8 |
In Oracle Financial Services Applications existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein entfernter, anonymer oder authentisierter Angreifer die Vertraulichkeit, Integrität und Verfügbarkeit gefährden. Für die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion notwendig. Oracle veröffentlicht keine weiteren Details zu diesen Schwachstellen (außer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadenshöhe ausschließlich auf Basis der CVSS Impact Matrix. Der Maximalwert für diese Produkte ist "HIGH" für "Confidentiality", "Integrity" und "Availability" über alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert "HOCH" für die Schadenshöhe.
Affected products
Known affected
12 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Oracle Financial Services Applications 8.0.8
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.0.8
|
8.0.8 | |
|
Oracle Financial Services Applications 8.0.8.1
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.0.8.1
|
8.0.8.1 | |
|
Oracle Financial Services Applications 8.1.2.6
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.1.2.6
|
8.1.2.6 | |
|
Oracle Financial Services Applications 14.7.5.0.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:14.7.5.0.0
|
14.7.5.0.0 | |
|
Oracle Financial Services Applications 14.4.0.0.0-14.7.0.0.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:14.4.0.0.0_-_14.7.0.0.0
|
14.4.0.0.0-14.7.0.0.0 | |
|
Oracle Financial Services Applications 8.1.2.5
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.1.2.5
|
8.1.2.5 | |
|
Oracle Financial Services Applications 8.1.2.7
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.1.2.7
|
8.1.2.7 | |
|
Oracle Financial Services Applications 2.9.0.0.0-7.0.0.0.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:2.9.0.0.0_-_7.0.0.0.0
|
2.9.0.0.0-7.0.0.0.0 | |
|
Oracle Financial Services Applications 8.1.2.8
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.1.2.8
|
8.1.2.8 | |
|
Oracle Financial Services Applications 8.1.3.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.1.3.0
|
8.1.3.0 | |
|
Oracle Financial Services Applications 8.0.8.6
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.0.8.6
|
8.0.8.6 | |
|
Oracle Financial Services Applications 8.0.7.8
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.0.7.8
|
8.0.7.8 |
In Oracle Financial Services Applications existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein entfernter, anonymer oder authentisierter Angreifer die Vertraulichkeit, Integrität und Verfügbarkeit gefährden. Für die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion notwendig. Oracle veröffentlicht keine weiteren Details zu diesen Schwachstellen (außer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadenshöhe ausschließlich auf Basis der CVSS Impact Matrix. Der Maximalwert für diese Produkte ist "HIGH" für "Confidentiality", "Integrity" und "Availability" über alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert "HOCH" für die Schadenshöhe.
Affected products
Known affected
12 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Oracle Financial Services Applications 8.0.8
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.0.8
|
8.0.8 | |
|
Oracle Financial Services Applications 8.0.8.1
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.0.8.1
|
8.0.8.1 | |
|
Oracle Financial Services Applications 8.1.2.6
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.1.2.6
|
8.1.2.6 | |
|
Oracle Financial Services Applications 14.7.5.0.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:14.7.5.0.0
|
14.7.5.0.0 | |
|
Oracle Financial Services Applications 14.4.0.0.0-14.7.0.0.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:14.4.0.0.0_-_14.7.0.0.0
|
14.4.0.0.0-14.7.0.0.0 | |
|
Oracle Financial Services Applications 8.1.2.5
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.1.2.5
|
8.1.2.5 | |
|
Oracle Financial Services Applications 8.1.2.7
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.1.2.7
|
8.1.2.7 | |
|
Oracle Financial Services Applications 2.9.0.0.0-7.0.0.0.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:2.9.0.0.0_-_7.0.0.0.0
|
2.9.0.0.0-7.0.0.0.0 | |
|
Oracle Financial Services Applications 8.1.2.8
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.1.2.8
|
8.1.2.8 | |
|
Oracle Financial Services Applications 8.1.3.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.1.3.0
|
8.1.3.0 | |
|
Oracle Financial Services Applications 8.0.8.6
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.0.8.6
|
8.0.8.6 | |
|
Oracle Financial Services Applications 8.0.7.8
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.0.7.8
|
8.0.7.8 |
In Oracle Financial Services Applications existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein entfernter, anonymer oder authentisierter Angreifer die Vertraulichkeit, Integrität und Verfügbarkeit gefährden. Für die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion notwendig. Oracle veröffentlicht keine weiteren Details zu diesen Schwachstellen (außer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadenshöhe ausschließlich auf Basis der CVSS Impact Matrix. Der Maximalwert für diese Produkte ist "HIGH" für "Confidentiality", "Integrity" und "Availability" über alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert "HOCH" für die Schadenshöhe.
Affected products
Known affected
12 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Oracle Financial Services Applications 8.0.8
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.0.8
|
8.0.8 | |
|
Oracle Financial Services Applications 8.0.8.1
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.0.8.1
|
8.0.8.1 | |
|
Oracle Financial Services Applications 8.1.2.6
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.1.2.6
|
8.1.2.6 | |
|
Oracle Financial Services Applications 14.7.5.0.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:14.7.5.0.0
|
14.7.5.0.0 | |
|
Oracle Financial Services Applications 14.4.0.0.0-14.7.0.0.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:14.4.0.0.0_-_14.7.0.0.0
|
14.4.0.0.0-14.7.0.0.0 | |
|
Oracle Financial Services Applications 8.1.2.5
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.1.2.5
|
8.1.2.5 | |
|
Oracle Financial Services Applications 8.1.2.7
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.1.2.7
|
8.1.2.7 | |
|
Oracle Financial Services Applications 2.9.0.0.0-7.0.0.0.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:2.9.0.0.0_-_7.0.0.0.0
|
2.9.0.0.0-7.0.0.0.0 | |
|
Oracle Financial Services Applications 8.1.2.8
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.1.2.8
|
8.1.2.8 | |
|
Oracle Financial Services Applications 8.1.3.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.1.3.0
|
8.1.3.0 | |
|
Oracle Financial Services Applications 8.0.8.6
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.0.8.6
|
8.0.8.6 | |
|
Oracle Financial Services Applications 8.0.7.8
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.0.7.8
|
8.0.7.8 |
In Oracle Financial Services Applications existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein entfernter, anonymer oder authentisierter Angreifer die Vertraulichkeit, Integrität und Verfügbarkeit gefährden. Für die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion notwendig. Oracle veröffentlicht keine weiteren Details zu diesen Schwachstellen (außer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadenshöhe ausschließlich auf Basis der CVSS Impact Matrix. Der Maximalwert für diese Produkte ist "HIGH" für "Confidentiality", "Integrity" und "Availability" über alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert "HOCH" für die Schadenshöhe.
Affected products
Known affected
12 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Oracle Financial Services Applications 8.0.8
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.0.8
|
8.0.8 | |
|
Oracle Financial Services Applications 8.0.8.1
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.0.8.1
|
8.0.8.1 | |
|
Oracle Financial Services Applications 8.1.2.6
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.1.2.6
|
8.1.2.6 | |
|
Oracle Financial Services Applications 14.7.5.0.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:14.7.5.0.0
|
14.7.5.0.0 | |
|
Oracle Financial Services Applications 14.4.0.0.0-14.7.0.0.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:14.4.0.0.0_-_14.7.0.0.0
|
14.4.0.0.0-14.7.0.0.0 | |
|
Oracle Financial Services Applications 8.1.2.5
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.1.2.5
|
8.1.2.5 | |
|
Oracle Financial Services Applications 8.1.2.7
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.1.2.7
|
8.1.2.7 | |
|
Oracle Financial Services Applications 2.9.0.0.0-7.0.0.0.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:2.9.0.0.0_-_7.0.0.0.0
|
2.9.0.0.0-7.0.0.0.0 | |
|
Oracle Financial Services Applications 8.1.2.8
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.1.2.8
|
8.1.2.8 | |
|
Oracle Financial Services Applications 8.1.3.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.1.3.0
|
8.1.3.0 | |
|
Oracle Financial Services Applications 8.0.8.6
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.0.8.6
|
8.0.8.6 | |
|
Oracle Financial Services Applications 8.0.7.8
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.0.7.8
|
8.0.7.8 |
In Oracle Financial Services Applications existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein entfernter, anonymer oder authentisierter Angreifer die Vertraulichkeit, Integrität und Verfügbarkeit gefährden. Für die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion notwendig. Oracle veröffentlicht keine weiteren Details zu diesen Schwachstellen (außer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadenshöhe ausschließlich auf Basis der CVSS Impact Matrix. Der Maximalwert für diese Produkte ist "HIGH" für "Confidentiality", "Integrity" und "Availability" über alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert "HOCH" für die Schadenshöhe.
Affected products
Known affected
12 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Oracle Financial Services Applications 8.0.8
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.0.8
|
8.0.8 | |
|
Oracle Financial Services Applications 8.0.8.1
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.0.8.1
|
8.0.8.1 | |
|
Oracle Financial Services Applications 8.1.2.6
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.1.2.6
|
8.1.2.6 | |
|
Oracle Financial Services Applications 14.7.5.0.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:14.7.5.0.0
|
14.7.5.0.0 | |
|
Oracle Financial Services Applications 14.4.0.0.0-14.7.0.0.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:14.4.0.0.0_-_14.7.0.0.0
|
14.4.0.0.0-14.7.0.0.0 | |
|
Oracle Financial Services Applications 8.1.2.5
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.1.2.5
|
8.1.2.5 | |
|
Oracle Financial Services Applications 8.1.2.7
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.1.2.7
|
8.1.2.7 | |
|
Oracle Financial Services Applications 2.9.0.0.0-7.0.0.0.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:2.9.0.0.0_-_7.0.0.0.0
|
2.9.0.0.0-7.0.0.0.0 | |
|
Oracle Financial Services Applications 8.1.2.8
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.1.2.8
|
8.1.2.8 | |
|
Oracle Financial Services Applications 8.1.3.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.1.3.0
|
8.1.3.0 | |
|
Oracle Financial Services Applications 8.0.8.6
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.0.8.6
|
8.0.8.6 | |
|
Oracle Financial Services Applications 8.0.7.8
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.0.7.8
|
8.0.7.8 |
In Oracle Financial Services Applications existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein entfernter, anonymer oder authentisierter Angreifer die Vertraulichkeit, Integrität und Verfügbarkeit gefährden. Für die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion notwendig. Oracle veröffentlicht keine weiteren Details zu diesen Schwachstellen (außer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadenshöhe ausschließlich auf Basis der CVSS Impact Matrix. Der Maximalwert für diese Produkte ist "HIGH" für "Confidentiality", "Integrity" und "Availability" über alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert "HOCH" für die Schadenshöhe.
Affected products
Known affected
12 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Oracle Financial Services Applications 8.0.8
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.0.8
|
8.0.8 | |
|
Oracle Financial Services Applications 8.0.8.1
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.0.8.1
|
8.0.8.1 | |
|
Oracle Financial Services Applications 8.1.2.6
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.1.2.6
|
8.1.2.6 | |
|
Oracle Financial Services Applications 14.7.5.0.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:14.7.5.0.0
|
14.7.5.0.0 | |
|
Oracle Financial Services Applications 14.4.0.0.0-14.7.0.0.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:14.4.0.0.0_-_14.7.0.0.0
|
14.4.0.0.0-14.7.0.0.0 | |
|
Oracle Financial Services Applications 8.1.2.5
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.1.2.5
|
8.1.2.5 | |
|
Oracle Financial Services Applications 8.1.2.7
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.1.2.7
|
8.1.2.7 | |
|
Oracle Financial Services Applications 2.9.0.0.0-7.0.0.0.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:2.9.0.0.0_-_7.0.0.0.0
|
2.9.0.0.0-7.0.0.0.0 | |
|
Oracle Financial Services Applications 8.1.2.8
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.1.2.8
|
8.1.2.8 | |
|
Oracle Financial Services Applications 8.1.3.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.1.3.0
|
8.1.3.0 | |
|
Oracle Financial Services Applications 8.0.8.6
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.0.8.6
|
8.0.8.6 | |
|
Oracle Financial Services Applications 8.0.7.8
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.0.7.8
|
8.0.7.8 |
In Oracle Financial Services Applications existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein entfernter, anonymer oder authentisierter Angreifer die Vertraulichkeit, Integrität und Verfügbarkeit gefährden. Für die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion notwendig. Oracle veröffentlicht keine weiteren Details zu diesen Schwachstellen (außer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadenshöhe ausschließlich auf Basis der CVSS Impact Matrix. Der Maximalwert für diese Produkte ist "HIGH" für "Confidentiality", "Integrity" und "Availability" über alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert "HOCH" für die Schadenshöhe.
Affected products
Known affected
12 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Oracle Financial Services Applications 8.0.8
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.0.8
|
8.0.8 | |
|
Oracle Financial Services Applications 8.0.8.1
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.0.8.1
|
8.0.8.1 | |
|
Oracle Financial Services Applications 8.1.2.6
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.1.2.6
|
8.1.2.6 | |
|
Oracle Financial Services Applications 14.7.5.0.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:14.7.5.0.0
|
14.7.5.0.0 | |
|
Oracle Financial Services Applications 14.4.0.0.0-14.7.0.0.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:14.4.0.0.0_-_14.7.0.0.0
|
14.4.0.0.0-14.7.0.0.0 | |
|
Oracle Financial Services Applications 8.1.2.5
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.1.2.5
|
8.1.2.5 | |
|
Oracle Financial Services Applications 8.1.2.7
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.1.2.7
|
8.1.2.7 | |
|
Oracle Financial Services Applications 2.9.0.0.0-7.0.0.0.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:2.9.0.0.0_-_7.0.0.0.0
|
2.9.0.0.0-7.0.0.0.0 | |
|
Oracle Financial Services Applications 8.1.2.8
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.1.2.8
|
8.1.2.8 | |
|
Oracle Financial Services Applications 8.1.3.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.1.3.0
|
8.1.3.0 | |
|
Oracle Financial Services Applications 8.0.8.6
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.0.8.6
|
8.0.8.6 | |
|
Oracle Financial Services Applications 8.0.7.8
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.0.7.8
|
8.0.7.8 |
In Oracle Financial Services Applications existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein entfernter, anonymer oder authentisierter Angreifer die Vertraulichkeit, Integrität und Verfügbarkeit gefährden. Für die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion notwendig. Oracle veröffentlicht keine weiteren Details zu diesen Schwachstellen (außer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadenshöhe ausschließlich auf Basis der CVSS Impact Matrix. Der Maximalwert für diese Produkte ist "HIGH" für "Confidentiality", "Integrity" und "Availability" über alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert "HOCH" für die Schadenshöhe.
Affected products
Known affected
12 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Oracle Financial Services Applications 8.0.8
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.0.8
|
8.0.8 | |
|
Oracle Financial Services Applications 8.0.8.1
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.0.8.1
|
8.0.8.1 | |
|
Oracle Financial Services Applications 8.1.2.6
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.1.2.6
|
8.1.2.6 | |
|
Oracle Financial Services Applications 14.7.5.0.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:14.7.5.0.0
|
14.7.5.0.0 | |
|
Oracle Financial Services Applications 14.4.0.0.0-14.7.0.0.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:14.4.0.0.0_-_14.7.0.0.0
|
14.4.0.0.0-14.7.0.0.0 | |
|
Oracle Financial Services Applications 8.1.2.5
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.1.2.5
|
8.1.2.5 | |
|
Oracle Financial Services Applications 8.1.2.7
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.1.2.7
|
8.1.2.7 | |
|
Oracle Financial Services Applications 2.9.0.0.0-7.0.0.0.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:2.9.0.0.0_-_7.0.0.0.0
|
2.9.0.0.0-7.0.0.0.0 | |
|
Oracle Financial Services Applications 8.1.2.8
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.1.2.8
|
8.1.2.8 | |
|
Oracle Financial Services Applications 8.1.3.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.1.3.0
|
8.1.3.0 | |
|
Oracle Financial Services Applications 8.0.8.6
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.0.8.6
|
8.0.8.6 | |
|
Oracle Financial Services Applications 8.0.7.8
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.0.7.8
|
8.0.7.8 |
In Oracle Financial Services Applications existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein entfernter, anonymer oder authentisierter Angreifer die Vertraulichkeit, Integrität und Verfügbarkeit gefährden. Für die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion notwendig. Oracle veröffentlicht keine weiteren Details zu diesen Schwachstellen (außer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadenshöhe ausschließlich auf Basis der CVSS Impact Matrix. Der Maximalwert für diese Produkte ist "HIGH" für "Confidentiality", "Integrity" und "Availability" über alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert "HOCH" für die Schadenshöhe.
Affected products
Known affected
12 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Oracle Financial Services Applications 8.0.8
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.0.8
|
8.0.8 | |
|
Oracle Financial Services Applications 8.0.8.1
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.0.8.1
|
8.0.8.1 | |
|
Oracle Financial Services Applications 8.1.2.6
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.1.2.6
|
8.1.2.6 | |
|
Oracle Financial Services Applications 14.7.5.0.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:14.7.5.0.0
|
14.7.5.0.0 | |
|
Oracle Financial Services Applications 14.4.0.0.0-14.7.0.0.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:14.4.0.0.0_-_14.7.0.0.0
|
14.4.0.0.0-14.7.0.0.0 | |
|
Oracle Financial Services Applications 8.1.2.5
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.1.2.5
|
8.1.2.5 | |
|
Oracle Financial Services Applications 8.1.2.7
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.1.2.7
|
8.1.2.7 | |
|
Oracle Financial Services Applications 2.9.0.0.0-7.0.0.0.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:2.9.0.0.0_-_7.0.0.0.0
|
2.9.0.0.0-7.0.0.0.0 | |
|
Oracle Financial Services Applications 8.1.2.8
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.1.2.8
|
8.1.2.8 | |
|
Oracle Financial Services Applications 8.1.3.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.1.3.0
|
8.1.3.0 | |
|
Oracle Financial Services Applications 8.0.8.6
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.0.8.6
|
8.0.8.6 | |
|
Oracle Financial Services Applications 8.0.7.8
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.0.7.8
|
8.0.7.8 |
In Oracle Financial Services Applications existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein entfernter, anonymer oder authentisierter Angreifer die Vertraulichkeit, Integrität und Verfügbarkeit gefährden. Für die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion notwendig. Oracle veröffentlicht keine weiteren Details zu diesen Schwachstellen (außer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadenshöhe ausschließlich auf Basis der CVSS Impact Matrix. Der Maximalwert für diese Produkte ist "HIGH" für "Confidentiality", "Integrity" und "Availability" über alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert "HOCH" für die Schadenshöhe.
Affected products
Known affected
12 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Oracle Financial Services Applications 8.0.8
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.0.8
|
8.0.8 | |
|
Oracle Financial Services Applications 8.0.8.1
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.0.8.1
|
8.0.8.1 | |
|
Oracle Financial Services Applications 8.1.2.6
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.1.2.6
|
8.1.2.6 | |
|
Oracle Financial Services Applications 14.7.5.0.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:14.7.5.0.0
|
14.7.5.0.0 | |
|
Oracle Financial Services Applications 14.4.0.0.0-14.7.0.0.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:14.4.0.0.0_-_14.7.0.0.0
|
14.4.0.0.0-14.7.0.0.0 | |
|
Oracle Financial Services Applications 8.1.2.5
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.1.2.5
|
8.1.2.5 | |
|
Oracle Financial Services Applications 8.1.2.7
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.1.2.7
|
8.1.2.7 | |
|
Oracle Financial Services Applications 2.9.0.0.0-7.0.0.0.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:2.9.0.0.0_-_7.0.0.0.0
|
2.9.0.0.0-7.0.0.0.0 | |
|
Oracle Financial Services Applications 8.1.2.8
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.1.2.8
|
8.1.2.8 | |
|
Oracle Financial Services Applications 8.1.3.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.1.3.0
|
8.1.3.0 | |
|
Oracle Financial Services Applications 8.0.8.6
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.0.8.6
|
8.0.8.6 | |
|
Oracle Financial Services Applications 8.0.7.8
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.0.7.8
|
8.0.7.8 |
In Oracle Financial Services Applications existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein entfernter, anonymer oder authentisierter Angreifer die Vertraulichkeit, Integrität und Verfügbarkeit gefährden. Für die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion notwendig. Oracle veröffentlicht keine weiteren Details zu diesen Schwachstellen (außer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadenshöhe ausschließlich auf Basis der CVSS Impact Matrix. Der Maximalwert für diese Produkte ist "HIGH" für "Confidentiality", "Integrity" und "Availability" über alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert "HOCH" für die Schadenshöhe.
Affected products
Known affected
12 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Oracle Financial Services Applications 8.0.8
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.0.8
|
8.0.8 | |
|
Oracle Financial Services Applications 8.0.8.1
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.0.8.1
|
8.0.8.1 | |
|
Oracle Financial Services Applications 8.1.2.6
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.1.2.6
|
8.1.2.6 | |
|
Oracle Financial Services Applications 14.7.5.0.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:14.7.5.0.0
|
14.7.5.0.0 | |
|
Oracle Financial Services Applications 14.4.0.0.0-14.7.0.0.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:14.4.0.0.0_-_14.7.0.0.0
|
14.4.0.0.0-14.7.0.0.0 | |
|
Oracle Financial Services Applications 8.1.2.5
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.1.2.5
|
8.1.2.5 | |
|
Oracle Financial Services Applications 8.1.2.7
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.1.2.7
|
8.1.2.7 | |
|
Oracle Financial Services Applications 2.9.0.0.0-7.0.0.0.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:2.9.0.0.0_-_7.0.0.0.0
|
2.9.0.0.0-7.0.0.0.0 | |
|
Oracle Financial Services Applications 8.1.2.8
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.1.2.8
|
8.1.2.8 | |
|
Oracle Financial Services Applications 8.1.3.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.1.3.0
|
8.1.3.0 | |
|
Oracle Financial Services Applications 8.0.8.6
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.0.8.6
|
8.0.8.6 | |
|
Oracle Financial Services Applications 8.0.7.8
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.0.7.8
|
8.0.7.8 |
In Oracle Financial Services Applications existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein entfernter, anonymer oder authentisierter Angreifer die Vertraulichkeit, Integrität und Verfügbarkeit gefährden. Für die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion notwendig. Oracle veröffentlicht keine weiteren Details zu diesen Schwachstellen (außer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadenshöhe ausschließlich auf Basis der CVSS Impact Matrix. Der Maximalwert für diese Produkte ist "HIGH" für "Confidentiality", "Integrity" und "Availability" über alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert "HOCH" für die Schadenshöhe.
Affected products
Known affected
12 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Oracle Financial Services Applications 8.0.8
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.0.8
|
8.0.8 | |
|
Oracle Financial Services Applications 8.0.8.1
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.0.8.1
|
8.0.8.1 | |
|
Oracle Financial Services Applications 8.1.2.6
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.1.2.6
|
8.1.2.6 | |
|
Oracle Financial Services Applications 14.7.5.0.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:14.7.5.0.0
|
14.7.5.0.0 | |
|
Oracle Financial Services Applications 14.4.0.0.0-14.7.0.0.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:14.4.0.0.0_-_14.7.0.0.0
|
14.4.0.0.0-14.7.0.0.0 | |
|
Oracle Financial Services Applications 8.1.2.5
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.1.2.5
|
8.1.2.5 | |
|
Oracle Financial Services Applications 8.1.2.7
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.1.2.7
|
8.1.2.7 | |
|
Oracle Financial Services Applications 2.9.0.0.0-7.0.0.0.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:2.9.0.0.0_-_7.0.0.0.0
|
2.9.0.0.0-7.0.0.0.0 | |
|
Oracle Financial Services Applications 8.1.2.8
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.1.2.8
|
8.1.2.8 | |
|
Oracle Financial Services Applications 8.1.3.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.1.3.0
|
8.1.3.0 | |
|
Oracle Financial Services Applications 8.0.8.6
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.0.8.6
|
8.0.8.6 | |
|
Oracle Financial Services Applications 8.0.7.8
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.0.7.8
|
8.0.7.8 |
In Oracle Financial Services Applications existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein entfernter, anonymer oder authentisierter Angreifer die Vertraulichkeit, Integrität und Verfügbarkeit gefährden. Für die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion notwendig. Oracle veröffentlicht keine weiteren Details zu diesen Schwachstellen (außer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadenshöhe ausschließlich auf Basis der CVSS Impact Matrix. Der Maximalwert für diese Produkte ist "HIGH" für "Confidentiality", "Integrity" und "Availability" über alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert "HOCH" für die Schadenshöhe.
Affected products
Known affected
12 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Oracle Financial Services Applications 8.0.8
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.0.8
|
8.0.8 | |
|
Oracle Financial Services Applications 8.0.8.1
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.0.8.1
|
8.0.8.1 | |
|
Oracle Financial Services Applications 8.1.2.6
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.1.2.6
|
8.1.2.6 | |
|
Oracle Financial Services Applications 14.7.5.0.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:14.7.5.0.0
|
14.7.5.0.0 | |
|
Oracle Financial Services Applications 14.4.0.0.0-14.7.0.0.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:14.4.0.0.0_-_14.7.0.0.0
|
14.4.0.0.0-14.7.0.0.0 | |
|
Oracle Financial Services Applications 8.1.2.5
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.1.2.5
|
8.1.2.5 | |
|
Oracle Financial Services Applications 8.1.2.7
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.1.2.7
|
8.1.2.7 | |
|
Oracle Financial Services Applications 2.9.0.0.0-7.0.0.0.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:2.9.0.0.0_-_7.0.0.0.0
|
2.9.0.0.0-7.0.0.0.0 | |
|
Oracle Financial Services Applications 8.1.2.8
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.1.2.8
|
8.1.2.8 | |
|
Oracle Financial Services Applications 8.1.3.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.1.3.0
|
8.1.3.0 | |
|
Oracle Financial Services Applications 8.0.8.6
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.0.8.6
|
8.0.8.6 | |
|
Oracle Financial Services Applications 8.0.7.8
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.0.7.8
|
8.0.7.8 |
In Oracle Financial Services Applications existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein entfernter, anonymer oder authentisierter Angreifer die Vertraulichkeit, Integrität und Verfügbarkeit gefährden. Für die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion notwendig. Oracle veröffentlicht keine weiteren Details zu diesen Schwachstellen (außer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadenshöhe ausschließlich auf Basis der CVSS Impact Matrix. Der Maximalwert für diese Produkte ist "HIGH" für "Confidentiality", "Integrity" und "Availability" über alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert "HOCH" für die Schadenshöhe.
Affected products
Known affected
12 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Oracle Financial Services Applications 8.0.8
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.0.8
|
8.0.8 | |
|
Oracle Financial Services Applications 8.0.8.1
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.0.8.1
|
8.0.8.1 | |
|
Oracle Financial Services Applications 8.1.2.6
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.1.2.6
|
8.1.2.6 | |
|
Oracle Financial Services Applications 14.7.5.0.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:14.7.5.0.0
|
14.7.5.0.0 | |
|
Oracle Financial Services Applications 14.4.0.0.0-14.7.0.0.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:14.4.0.0.0_-_14.7.0.0.0
|
14.4.0.0.0-14.7.0.0.0 | |
|
Oracle Financial Services Applications 8.1.2.5
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.1.2.5
|
8.1.2.5 | |
|
Oracle Financial Services Applications 8.1.2.7
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.1.2.7
|
8.1.2.7 | |
|
Oracle Financial Services Applications 2.9.0.0.0-7.0.0.0.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:2.9.0.0.0_-_7.0.0.0.0
|
2.9.0.0.0-7.0.0.0.0 | |
|
Oracle Financial Services Applications 8.1.2.8
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.1.2.8
|
8.1.2.8 | |
|
Oracle Financial Services Applications 8.1.3.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.1.3.0
|
8.1.3.0 | |
|
Oracle Financial Services Applications 8.0.8.6
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.0.8.6
|
8.0.8.6 | |
|
Oracle Financial Services Applications 8.0.7.8
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.0.7.8
|
8.0.7.8 |
In Oracle Financial Services Applications existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein entfernter, anonymer oder authentisierter Angreifer die Vertraulichkeit, Integrität und Verfügbarkeit gefährden. Für die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion notwendig. Oracle veröffentlicht keine weiteren Details zu diesen Schwachstellen (außer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadenshöhe ausschließlich auf Basis der CVSS Impact Matrix. Der Maximalwert für diese Produkte ist "HIGH" für "Confidentiality", "Integrity" und "Availability" über alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert "HOCH" für die Schadenshöhe.
Affected products
Known affected
12 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Oracle Financial Services Applications 8.0.8
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.0.8
|
8.0.8 | |
|
Oracle Financial Services Applications 8.0.8.1
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.0.8.1
|
8.0.8.1 | |
|
Oracle Financial Services Applications 8.1.2.6
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.1.2.6
|
8.1.2.6 | |
|
Oracle Financial Services Applications 14.7.5.0.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:14.7.5.0.0
|
14.7.5.0.0 | |
|
Oracle Financial Services Applications 14.4.0.0.0-14.7.0.0.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:14.4.0.0.0_-_14.7.0.0.0
|
14.4.0.0.0-14.7.0.0.0 | |
|
Oracle Financial Services Applications 8.1.2.5
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.1.2.5
|
8.1.2.5 | |
|
Oracle Financial Services Applications 8.1.2.7
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.1.2.7
|
8.1.2.7 | |
|
Oracle Financial Services Applications 2.9.0.0.0-7.0.0.0.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:2.9.0.0.0_-_7.0.0.0.0
|
2.9.0.0.0-7.0.0.0.0 | |
|
Oracle Financial Services Applications 8.1.2.8
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.1.2.8
|
8.1.2.8 | |
|
Oracle Financial Services Applications 8.1.3.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.1.3.0
|
8.1.3.0 | |
|
Oracle Financial Services Applications 8.0.8.6
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.0.8.6
|
8.0.8.6 | |
|
Oracle Financial Services Applications 8.0.7.8
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.0.7.8
|
8.0.7.8 |
References
3 references
{
"document": {
"aggregate_severity": {
"text": "hoch"
},
"category": "csaf_base",
"csaf_version": "2.0",
"distribution": {
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "de-DE",
"notes": [
{
"category": "legal_disclaimer",
"text": "Das BSI ist als Anbieter f\u00fcr die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch daf\u00fcr verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgf\u00e4ltig im Einzelfall zu pr\u00fcfen."
},
{
"category": "description",
"text": "Oracle Financial Services ist eine Zusammenstellung von Anwendungen f\u00fcr den Finanzsektor und eine Technologiebasis zur Erf\u00fcllung von IT- und Gesch\u00e4ftsanforderungen.",
"title": "Produktbeschreibung"
},
{
"category": "summary",
"text": "Ein entfernter, anonymer oder authentisierter Angreifer kann mehrere Schwachstellen in Oracle Financial Services Applications ausnutzen, um die Vertraulichkeit, Integrit\u00e4t und Verf\u00fcgbarkeit zu gef\u00e4hrden.",
"title": "Angriff"
},
{
"category": "general",
"text": "- Linux\n- UNIX\n- Windows",
"title": "Betroffene Betriebssysteme"
}
],
"publisher": {
"category": "other",
"contact_details": "csaf-provider@cert-bund.de",
"name": "Bundesamt f\u00fcr Sicherheit in der Informationstechnik",
"namespace": "https://www.bsi.bund.de"
},
"references": [
{
"category": "self",
"summary": "WID-SEC-W-2025-0144 - CSAF Version",
"url": "https://wid.cert-bund.de/.well-known/csaf/white/2025/wid-sec-w-2025-0144.json"
},
{
"category": "self",
"summary": "WID-SEC-2025-0144 - Portal Version",
"url": "https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2025-0144"
},
{
"category": "external",
"summary": "Oracle Critical Patch Update Advisory - January 2025 - Appendix Oracle Financial Services Applications vom 2025-01-21",
"url": "https://www.oracle.com/security-alerts/cpujan2025.html#AppendixIFLX"
}
],
"source_lang": "en-US",
"title": "Oracle Financial Services Applications: Mehrere Schwachstellen",
"tracking": {
"current_release_date": "2025-01-21T23:00:00.000+00:00",
"generator": {
"date": "2025-01-22T09:43:52.607+00:00",
"engine": {
"name": "BSI-WID",
"version": "1.3.10"
}
},
"id": "WID-SEC-W-2025-0144",
"initial_release_date": "2025-01-21T23:00:00.000+00:00",
"revision_history": [
{
"date": "2025-01-21T23:00:00.000+00:00",
"number": "1",
"summary": "Initiale Fassung"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "8.0.8",
"product": {
"name": "Oracle Financial Services Applications 8.0.8",
"product_id": "T021677",
"product_identification_helper": {
"cpe": "cpe:/a:oracle:financial_services_applications:8.0.8"
}
}
},
{
"category": "product_version",
"name": "8.0.8.1",
"product": {
"name": "Oracle Financial Services Applications 8.0.8.1",
"product_id": "T022844",
"product_identification_helper": {
"cpe": "cpe:/a:oracle:financial_services_applications:8.0.8.1"
}
}
},
{
"category": "product_version",
"name": "8.1.2.5",
"product": {
"name": "Oracle Financial Services Applications 8.1.2.5",
"product_id": "T028706",
"product_identification_helper": {
"cpe": "cpe:/a:oracle:financial_services_applications:8.1.2.5"
}
}
},
{
"category": "product_version",
"name": "8.1.2.6",
"product": {
"name": "Oracle Financial Services Applications 8.1.2.6",
"product_id": "T032104",
"product_identification_helper": {
"cpe": "cpe:/a:oracle:financial_services_applications:8.1.2.6"
}
}
},
{
"category": "product_version",
"name": "8.1.2.7",
"product": {
"name": "Oracle Financial Services Applications 8.1.2.7",
"product_id": "T036217",
"product_identification_helper": {
"cpe": "cpe:/a:oracle:financial_services_applications:8.1.2.7"
}
}
},
{
"category": "product_version",
"name": "8.1.2.8",
"product": {
"name": "Oracle Financial Services Applications 8.1.2.8",
"product_id": "T038392",
"product_identification_helper": {
"cpe": "cpe:/a:oracle:financial_services_applications:8.1.2.8"
}
}
},
{
"category": "product_version",
"name": "14.7.5.0.0",
"product": {
"name": "Oracle Financial Services Applications 14.7.5.0.0",
"product_id": "T038393",
"product_identification_helper": {
"cpe": "cpe:/a:oracle:financial_services_applications:14.7.5.0.0"
}
}
},
{
"category": "product_version",
"name": "8.0.7.8",
"product": {
"name": "Oracle Financial Services Applications 8.0.7.8",
"product_id": "T040464",
"product_identification_helper": {
"cpe": "cpe:/a:oracle:financial_services_applications:8.0.7.8"
}
}
},
{
"category": "product_version",
"name": "8.0.8.6",
"product": {
"name": "Oracle Financial Services Applications 8.0.8.6",
"product_id": "T040465",
"product_identification_helper": {
"cpe": "cpe:/a:oracle:financial_services_applications:8.0.8.6"
}
}
},
{
"category": "product_version",
"name": "8.1.3.0",
"product": {
"name": "Oracle Financial Services Applications 8.1.3.0",
"product_id": "T040466",
"product_identification_helper": {
"cpe": "cpe:/a:oracle:financial_services_applications:8.1.3.0"
}
}
},
{
"category": "product_version",
"name": "2.9.0.0.0-7.0.0.0.0",
"product": {
"name": "Oracle Financial Services Applications 2.9.0.0.0-7.0.0.0.0",
"product_id": "T040516",
"product_identification_helper": {
"cpe": "cpe:/a:oracle:financial_services_applications:2.9.0.0.0_-_7.0.0.0.0"
}
}
},
{
"category": "product_version",
"name": "14.4.0.0.0-14.7.0.0.0",
"product": {
"name": "Oracle Financial Services Applications 14.4.0.0.0-14.7.0.0.0",
"product_id": "T040517",
"product_identification_helper": {
"cpe": "cpe:/a:oracle:financial_services_applications:14.4.0.0.0_-_14.7.0.0.0"
}
}
}
],
"category": "product_name",
"name": "Financial Services Applications"
}
],
"category": "vendor",
"name": "Oracle"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2022-34169",
"notes": [
{
"category": "description",
"text": "In Oracle Financial Services Applications existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein entfernter, anonymer oder authentisierter Angreifer die Vertraulichkeit, Integrit\u00e4t und Verf\u00fcgbarkeit gef\u00e4hrden. F\u00fcr die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion notwendig. Oracle ver\u00f6ffentlicht keine weiteren Details zu diesen Schwachstellen (au\u00dfer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadensh\u00f6he ausschlie\u00dflich auf Basis der CVSS Impact Matrix. Der Maximalwert f\u00fcr diese Produkte ist \"HIGH\" f\u00fcr \"Confidentiality\", \"Integrity\" und \"Availability\" \u00fcber alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert \"HOCH\" f\u00fcr die Schadensh\u00f6he."
}
],
"product_status": {
"known_affected": [
"T021677",
"T022844",
"T032104",
"T038393",
"T040517",
"T028706",
"T036217",
"T040516",
"T038392",
"T040466",
"T040465",
"T040464"
]
},
"release_date": "2025-01-21T23:00:00.000+00:00",
"title": "CVE-2022-34169"
},
{
"cve": "CVE-2023-26031",
"notes": [
{
"category": "description",
"text": "In Oracle Financial Services Applications existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein entfernter, anonymer oder authentisierter Angreifer die Vertraulichkeit, Integrit\u00e4t und Verf\u00fcgbarkeit gef\u00e4hrden. F\u00fcr die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion notwendig. Oracle ver\u00f6ffentlicht keine weiteren Details zu diesen Schwachstellen (au\u00dfer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadensh\u00f6he ausschlie\u00dflich auf Basis der CVSS Impact Matrix. Der Maximalwert f\u00fcr diese Produkte ist \"HIGH\" f\u00fcr \"Confidentiality\", \"Integrity\" und \"Availability\" \u00fcber alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert \"HOCH\" f\u00fcr die Schadensh\u00f6he."
}
],
"product_status": {
"known_affected": [
"T021677",
"T022844",
"T032104",
"T038393",
"T040517",
"T028706",
"T036217",
"T040516",
"T038392",
"T040466",
"T040465",
"T040464"
]
},
"release_date": "2025-01-21T23:00:00.000+00:00",
"title": "CVE-2023-26031"
},
{
"cve": "CVE-2023-33201",
"notes": [
{
"category": "description",
"text": "In Oracle Financial Services Applications existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein entfernter, anonymer oder authentisierter Angreifer die Vertraulichkeit, Integrit\u00e4t und Verf\u00fcgbarkeit gef\u00e4hrden. F\u00fcr die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion notwendig. Oracle ver\u00f6ffentlicht keine weiteren Details zu diesen Schwachstellen (au\u00dfer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadensh\u00f6he ausschlie\u00dflich auf Basis der CVSS Impact Matrix. Der Maximalwert f\u00fcr diese Produkte ist \"HIGH\" f\u00fcr \"Confidentiality\", \"Integrity\" und \"Availability\" \u00fcber alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert \"HOCH\" f\u00fcr die Schadensh\u00f6he."
}
],
"product_status": {
"known_affected": [
"T021677",
"T022844",
"T032104",
"T038393",
"T040517",
"T028706",
"T036217",
"T040516",
"T038392",
"T040466",
"T040465",
"T040464"
]
},
"release_date": "2025-01-21T23:00:00.000+00:00",
"title": "CVE-2023-33201"
},
{
"cve": "CVE-2023-39410",
"notes": [
{
"category": "description",
"text": "In Oracle Financial Services Applications existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein entfernter, anonymer oder authentisierter Angreifer die Vertraulichkeit, Integrit\u00e4t und Verf\u00fcgbarkeit gef\u00e4hrden. F\u00fcr die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion notwendig. Oracle ver\u00f6ffentlicht keine weiteren Details zu diesen Schwachstellen (au\u00dfer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadensh\u00f6he ausschlie\u00dflich auf Basis der CVSS Impact Matrix. Der Maximalwert f\u00fcr diese Produkte ist \"HIGH\" f\u00fcr \"Confidentiality\", \"Integrity\" und \"Availability\" \u00fcber alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert \"HOCH\" f\u00fcr die Schadensh\u00f6he."
}
],
"product_status": {
"known_affected": [
"T021677",
"T022844",
"T032104",
"T038393",
"T040517",
"T028706",
"T036217",
"T040516",
"T038392",
"T040466",
"T040465",
"T040464"
]
},
"release_date": "2025-01-21T23:00:00.000+00:00",
"title": "CVE-2023-39410"
},
{
"cve": "CVE-2023-44483",
"notes": [
{
"category": "description",
"text": "In Oracle Financial Services Applications existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein entfernter, anonymer oder authentisierter Angreifer die Vertraulichkeit, Integrit\u00e4t und Verf\u00fcgbarkeit gef\u00e4hrden. F\u00fcr die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion notwendig. Oracle ver\u00f6ffentlicht keine weiteren Details zu diesen Schwachstellen (au\u00dfer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadensh\u00f6he ausschlie\u00dflich auf Basis der CVSS Impact Matrix. Der Maximalwert f\u00fcr diese Produkte ist \"HIGH\" f\u00fcr \"Confidentiality\", \"Integrity\" und \"Availability\" \u00fcber alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert \"HOCH\" f\u00fcr die Schadensh\u00f6he."
}
],
"product_status": {
"known_affected": [
"T021677",
"T022844",
"T032104",
"T038393",
"T040517",
"T028706",
"T036217",
"T040516",
"T038392",
"T040466",
"T040465",
"T040464"
]
},
"release_date": "2025-01-21T23:00:00.000+00:00",
"title": "CVE-2023-44483"
},
{
"cve": "CVE-2023-48795",
"notes": [
{
"category": "description",
"text": "In Oracle Financial Services Applications existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein entfernter, anonymer oder authentisierter Angreifer die Vertraulichkeit, Integrit\u00e4t und Verf\u00fcgbarkeit gef\u00e4hrden. F\u00fcr die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion notwendig. Oracle ver\u00f6ffentlicht keine weiteren Details zu diesen Schwachstellen (au\u00dfer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadensh\u00f6he ausschlie\u00dflich auf Basis der CVSS Impact Matrix. Der Maximalwert f\u00fcr diese Produkte ist \"HIGH\" f\u00fcr \"Confidentiality\", \"Integrity\" und \"Availability\" \u00fcber alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert \"HOCH\" f\u00fcr die Schadensh\u00f6he."
}
],
"product_status": {
"known_affected": [
"T021677",
"T022844",
"T032104",
"T038393",
"T040517",
"T028706",
"T036217",
"T040516",
"T038392",
"T040466",
"T040465",
"T040464"
]
},
"release_date": "2025-01-21T23:00:00.000+00:00",
"title": "CVE-2023-48795"
},
{
"cve": "CVE-2023-51074",
"notes": [
{
"category": "description",
"text": "In Oracle Financial Services Applications existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein entfernter, anonymer oder authentisierter Angreifer die Vertraulichkeit, Integrit\u00e4t und Verf\u00fcgbarkeit gef\u00e4hrden. F\u00fcr die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion notwendig. Oracle ver\u00f6ffentlicht keine weiteren Details zu diesen Schwachstellen (au\u00dfer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadensh\u00f6he ausschlie\u00dflich auf Basis der CVSS Impact Matrix. Der Maximalwert f\u00fcr diese Produkte ist \"HIGH\" f\u00fcr \"Confidentiality\", \"Integrity\" und \"Availability\" \u00fcber alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert \"HOCH\" f\u00fcr die Schadensh\u00f6he."
}
],
"product_status": {
"known_affected": [
"T021677",
"T022844",
"T032104",
"T038393",
"T040517",
"T028706",
"T036217",
"T040516",
"T038392",
"T040466",
"T040465",
"T040464"
]
},
"release_date": "2025-01-21T23:00:00.000+00:00",
"title": "CVE-2023-51074"
},
{
"cve": "CVE-2023-52070",
"notes": [
{
"category": "description",
"text": "In Oracle Financial Services Applications existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein entfernter, anonymer oder authentisierter Angreifer die Vertraulichkeit, Integrit\u00e4t und Verf\u00fcgbarkeit gef\u00e4hrden. F\u00fcr die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion notwendig. Oracle ver\u00f6ffentlicht keine weiteren Details zu diesen Schwachstellen (au\u00dfer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadensh\u00f6he ausschlie\u00dflich auf Basis der CVSS Impact Matrix. Der Maximalwert f\u00fcr diese Produkte ist \"HIGH\" f\u00fcr \"Confidentiality\", \"Integrity\" und \"Availability\" \u00fcber alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert \"HOCH\" f\u00fcr die Schadensh\u00f6he."
}
],
"product_status": {
"known_affected": [
"T021677",
"T022844",
"T032104",
"T038393",
"T040517",
"T028706",
"T036217",
"T040516",
"T038392",
"T040466",
"T040465",
"T040464"
]
},
"release_date": "2025-01-21T23:00:00.000+00:00",
"title": "CVE-2023-52070"
},
{
"cve": "CVE-2024-28219",
"notes": [
{
"category": "description",
"text": "In Oracle Financial Services Applications existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein entfernter, anonymer oder authentisierter Angreifer die Vertraulichkeit, Integrit\u00e4t und Verf\u00fcgbarkeit gef\u00e4hrden. F\u00fcr die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion notwendig. Oracle ver\u00f6ffentlicht keine weiteren Details zu diesen Schwachstellen (au\u00dfer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadensh\u00f6he ausschlie\u00dflich auf Basis der CVSS Impact Matrix. Der Maximalwert f\u00fcr diese Produkte ist \"HIGH\" f\u00fcr \"Confidentiality\", \"Integrity\" und \"Availability\" \u00fcber alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert \"HOCH\" f\u00fcr die Schadensh\u00f6he."
}
],
"product_status": {
"known_affected": [
"T021677",
"T022844",
"T032104",
"T038393",
"T040517",
"T028706",
"T036217",
"T040516",
"T038392",
"T040466",
"T040465",
"T040464"
]
},
"release_date": "2025-01-21T23:00:00.000+00:00",
"title": "CVE-2024-28219"
},
{
"cve": "CVE-2024-34064",
"notes": [
{
"category": "description",
"text": "In Oracle Financial Services Applications existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein entfernter, anonymer oder authentisierter Angreifer die Vertraulichkeit, Integrit\u00e4t und Verf\u00fcgbarkeit gef\u00e4hrden. F\u00fcr die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion notwendig. Oracle ver\u00f6ffentlicht keine weiteren Details zu diesen Schwachstellen (au\u00dfer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadensh\u00f6he ausschlie\u00dflich auf Basis der CVSS Impact Matrix. Der Maximalwert f\u00fcr diese Produkte ist \"HIGH\" f\u00fcr \"Confidentiality\", \"Integrity\" und \"Availability\" \u00fcber alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert \"HOCH\" f\u00fcr die Schadensh\u00f6he."
}
],
"product_status": {
"known_affected": [
"T021677",
"T022844",
"T032104",
"T038393",
"T040517",
"T028706",
"T036217",
"T040516",
"T038392",
"T040466",
"T040465",
"T040464"
]
},
"release_date": "2025-01-21T23:00:00.000+00:00",
"title": "CVE-2024-34064"
},
{
"cve": "CVE-2024-34750",
"notes": [
{
"category": "description",
"text": "In Oracle Financial Services Applications existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein entfernter, anonymer oder authentisierter Angreifer die Vertraulichkeit, Integrit\u00e4t und Verf\u00fcgbarkeit gef\u00e4hrden. F\u00fcr die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion notwendig. Oracle ver\u00f6ffentlicht keine weiteren Details zu diesen Schwachstellen (au\u00dfer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadensh\u00f6he ausschlie\u00dflich auf Basis der CVSS Impact Matrix. Der Maximalwert f\u00fcr diese Produkte ist \"HIGH\" f\u00fcr \"Confidentiality\", \"Integrity\" und \"Availability\" \u00fcber alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert \"HOCH\" f\u00fcr die Schadensh\u00f6he."
}
],
"product_status": {
"known_affected": [
"T021677",
"T022844",
"T032104",
"T038393",
"T040517",
"T028706",
"T036217",
"T040516",
"T038392",
"T040466",
"T040465",
"T040464"
]
},
"release_date": "2025-01-21T23:00:00.000+00:00",
"title": "CVE-2024-34750"
},
{
"cve": "CVE-2024-35195",
"notes": [
{
"category": "description",
"text": "In Oracle Financial Services Applications existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein entfernter, anonymer oder authentisierter Angreifer die Vertraulichkeit, Integrit\u00e4t und Verf\u00fcgbarkeit gef\u00e4hrden. F\u00fcr die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion notwendig. Oracle ver\u00f6ffentlicht keine weiteren Details zu diesen Schwachstellen (au\u00dfer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadensh\u00f6he ausschlie\u00dflich auf Basis der CVSS Impact Matrix. Der Maximalwert f\u00fcr diese Produkte ist \"HIGH\" f\u00fcr \"Confidentiality\", \"Integrity\" und \"Availability\" \u00fcber alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert \"HOCH\" f\u00fcr die Schadensh\u00f6he."
}
],
"product_status": {
"known_affected": [
"T021677",
"T022844",
"T032104",
"T038393",
"T040517",
"T028706",
"T036217",
"T040516",
"T038392",
"T040466",
"T040465",
"T040464"
]
},
"release_date": "2025-01-21T23:00:00.000+00:00",
"title": "CVE-2024-35195"
},
{
"cve": "CVE-2024-38819",
"notes": [
{
"category": "description",
"text": "In Oracle Financial Services Applications existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein entfernter, anonymer oder authentisierter Angreifer die Vertraulichkeit, Integrit\u00e4t und Verf\u00fcgbarkeit gef\u00e4hrden. F\u00fcr die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion notwendig. Oracle ver\u00f6ffentlicht keine weiteren Details zu diesen Schwachstellen (au\u00dfer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadensh\u00f6he ausschlie\u00dflich auf Basis der CVSS Impact Matrix. Der Maximalwert f\u00fcr diese Produkte ist \"HIGH\" f\u00fcr \"Confidentiality\", \"Integrity\" und \"Availability\" \u00fcber alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert \"HOCH\" f\u00fcr die Schadensh\u00f6he."
}
],
"product_status": {
"known_affected": [
"T021677",
"T022844",
"T032104",
"T038393",
"T040517",
"T028706",
"T036217",
"T040516",
"T038392",
"T040466",
"T040465",
"T040464"
]
},
"release_date": "2025-01-21T23:00:00.000+00:00",
"title": "CVE-2024-38819"
},
{
"cve": "CVE-2024-38827",
"notes": [
{
"category": "description",
"text": "In Oracle Financial Services Applications existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein entfernter, anonymer oder authentisierter Angreifer die Vertraulichkeit, Integrit\u00e4t und Verf\u00fcgbarkeit gef\u00e4hrden. F\u00fcr die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion notwendig. Oracle ver\u00f6ffentlicht keine weiteren Details zu diesen Schwachstellen (au\u00dfer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadensh\u00f6he ausschlie\u00dflich auf Basis der CVSS Impact Matrix. Der Maximalwert f\u00fcr diese Produkte ist \"HIGH\" f\u00fcr \"Confidentiality\", \"Integrity\" und \"Availability\" \u00fcber alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert \"HOCH\" f\u00fcr die Schadensh\u00f6he."
}
],
"product_status": {
"known_affected": [
"T021677",
"T022844",
"T032104",
"T038393",
"T040517",
"T028706",
"T036217",
"T040516",
"T038392",
"T040466",
"T040465",
"T040464"
]
},
"release_date": "2025-01-21T23:00:00.000+00:00",
"title": "CVE-2024-38827"
},
{
"cve": "CVE-2024-45492",
"notes": [
{
"category": "description",
"text": "In Oracle Financial Services Applications existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein entfernter, anonymer oder authentisierter Angreifer die Vertraulichkeit, Integrit\u00e4t und Verf\u00fcgbarkeit gef\u00e4hrden. F\u00fcr die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion notwendig. Oracle ver\u00f6ffentlicht keine weiteren Details zu diesen Schwachstellen (au\u00dfer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadensh\u00f6he ausschlie\u00dflich auf Basis der CVSS Impact Matrix. Der Maximalwert f\u00fcr diese Produkte ist \"HIGH\" f\u00fcr \"Confidentiality\", \"Integrity\" und \"Availability\" \u00fcber alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert \"HOCH\" f\u00fcr die Schadensh\u00f6he."
}
],
"product_status": {
"known_affected": [
"T021677",
"T022844",
"T032104",
"T038393",
"T040517",
"T028706",
"T036217",
"T040516",
"T038392",
"T040466",
"T040465",
"T040464"
]
},
"release_date": "2025-01-21T23:00:00.000+00:00",
"title": "CVE-2024-45492"
},
{
"cve": "CVE-2025-21550",
"notes": [
{
"category": "description",
"text": "In Oracle Financial Services Applications existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein entfernter, anonymer oder authentisierter Angreifer die Vertraulichkeit, Integrit\u00e4t und Verf\u00fcgbarkeit gef\u00e4hrden. F\u00fcr die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion notwendig. Oracle ver\u00f6ffentlicht keine weiteren Details zu diesen Schwachstellen (au\u00dfer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadensh\u00f6he ausschlie\u00dflich auf Basis der CVSS Impact Matrix. Der Maximalwert f\u00fcr diese Produkte ist \"HIGH\" f\u00fcr \"Confidentiality\", \"Integrity\" und \"Availability\" \u00fcber alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert \"HOCH\" f\u00fcr die Schadensh\u00f6he."
}
],
"product_status": {
"known_affected": [
"T021677",
"T022844",
"T032104",
"T038393",
"T040517",
"T028706",
"T036217",
"T040516",
"T038392",
"T040466",
"T040465",
"T040464"
]
},
"release_date": "2025-01-21T23:00:00.000+00:00",
"title": "CVE-2025-21550"
}
]
}
WID-SEC-W-2025-0168
Vulnerability from csaf_certbund - Published: 2025-01-21 23:00 - Updated: 2025-01-21 23:00Summary
Oracle JD Edwards: Mehrere Schwachstellen
Severity
Hoch
Notes
Das BSI ist als Anbieter für die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch dafür verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgfältig im Einzelfall zu prüfen.
Produktbeschreibung: Die Komponenten der Oracle JDEdwards sind vollständig integrierte und komplette Lösungen geschäftlicher Anwendungen (ERP) für Unternehmen.
Angriff: Ein entfernter, anonymer oder authentisierter Angreifer kann mehrere Schwachstellen in Oracle JD Edwards ausnutzen, um die Vertraulichkeit, Integrität und Verfügbarkeit zu gefährden.
Betroffene Betriebssysteme: - Linux
- Sonstiges
- UNIX
- Windows
In Oracle JD Edwards existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein entfernter, anonymer oder authentisierter Angreifer die Vertraulichkeit, Integrität und Verfügbarkeit gefährden. Für die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion notwendig. Oracle veröffentlicht keine weiteren Details zu diesen Schwachstellen (außer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadenshöhe ausschließlich auf Basis der CVSS Impact Matrix. Der Maximalwert für diese Produkte ist "HIGH" für "Confidentiality", "Integrity" und "Availability" über alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert "HOCH" für die Schadenshöhe.
Affected products
Known affected
2 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Oracle JD Edwards <9.2.9.2
Oracle / JD Edwards
|
<9.2.9.2 | ||
|
Oracle JD Edwards <9.2.9.0
Oracle / JD Edwards
|
<9.2.9.0 |
In Oracle JD Edwards existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein entfernter, anonymer oder authentisierter Angreifer die Vertraulichkeit, Integrität und Verfügbarkeit gefährden. Für die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion notwendig. Oracle veröffentlicht keine weiteren Details zu diesen Schwachstellen (außer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadenshöhe ausschließlich auf Basis der CVSS Impact Matrix. Der Maximalwert für diese Produkte ist "HIGH" für "Confidentiality", "Integrity" und "Availability" über alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert "HOCH" für die Schadenshöhe.
Affected products
Known affected
2 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Oracle JD Edwards <9.2.9.2
Oracle / JD Edwards
|
<9.2.9.2 | ||
|
Oracle JD Edwards <9.2.9.0
Oracle / JD Edwards
|
<9.2.9.0 |
In Oracle JD Edwards existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein entfernter, anonymer oder authentisierter Angreifer die Vertraulichkeit, Integrität und Verfügbarkeit gefährden. Für die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion notwendig. Oracle veröffentlicht keine weiteren Details zu diesen Schwachstellen (außer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadenshöhe ausschließlich auf Basis der CVSS Impact Matrix. Der Maximalwert für diese Produkte ist "HIGH" für "Confidentiality", "Integrity" und "Availability" über alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert "HOCH" für die Schadenshöhe.
Affected products
Known affected
2 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Oracle JD Edwards <9.2.9.2
Oracle / JD Edwards
|
<9.2.9.2 | ||
|
Oracle JD Edwards <9.2.9.0
Oracle / JD Edwards
|
<9.2.9.0 |
In Oracle JD Edwards existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein entfernter, anonymer oder authentisierter Angreifer die Vertraulichkeit, Integrität und Verfügbarkeit gefährden. Für die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion notwendig. Oracle veröffentlicht keine weiteren Details zu diesen Schwachstellen (außer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadenshöhe ausschließlich auf Basis der CVSS Impact Matrix. Der Maximalwert für diese Produkte ist "HIGH" für "Confidentiality", "Integrity" und "Availability" über alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert "HOCH" für die Schadenshöhe.
Affected products
Known affected
2 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Oracle JD Edwards <9.2.9.2
Oracle / JD Edwards
|
<9.2.9.2 | ||
|
Oracle JD Edwards <9.2.9.0
Oracle / JD Edwards
|
<9.2.9.0 |
In Oracle JD Edwards existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein entfernter, anonymer oder authentisierter Angreifer die Vertraulichkeit, Integrität und Verfügbarkeit gefährden. Für die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion notwendig. Oracle veröffentlicht keine weiteren Details zu diesen Schwachstellen (außer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadenshöhe ausschließlich auf Basis der CVSS Impact Matrix. Der Maximalwert für diese Produkte ist "HIGH" für "Confidentiality", "Integrity" und "Availability" über alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert "HOCH" für die Schadenshöhe.
Affected products
Known affected
2 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Oracle JD Edwards <9.2.9.2
Oracle / JD Edwards
|
<9.2.9.2 | ||
|
Oracle JD Edwards <9.2.9.0
Oracle / JD Edwards
|
<9.2.9.0 |
In Oracle JD Edwards existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein entfernter, anonymer oder authentisierter Angreifer die Vertraulichkeit, Integrität und Verfügbarkeit gefährden. Für die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion notwendig. Oracle veröffentlicht keine weiteren Details zu diesen Schwachstellen (außer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadenshöhe ausschließlich auf Basis der CVSS Impact Matrix. Der Maximalwert für diese Produkte ist "HIGH" für "Confidentiality", "Integrity" und "Availability" über alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert "HOCH" für die Schadenshöhe.
Affected products
Known affected
2 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Oracle JD Edwards <9.2.9.2
Oracle / JD Edwards
|
<9.2.9.2 | ||
|
Oracle JD Edwards <9.2.9.0
Oracle / JD Edwards
|
<9.2.9.0 |
In Oracle JD Edwards existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein entfernter, anonymer oder authentisierter Angreifer die Vertraulichkeit, Integrität und Verfügbarkeit gefährden. Für die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion notwendig. Oracle veröffentlicht keine weiteren Details zu diesen Schwachstellen (außer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadenshöhe ausschließlich auf Basis der CVSS Impact Matrix. Der Maximalwert für diese Produkte ist "HIGH" für "Confidentiality", "Integrity" und "Availability" über alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert "HOCH" für die Schadenshöhe.
Affected products
Known affected
2 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Oracle JD Edwards <9.2.9.2
Oracle / JD Edwards
|
<9.2.9.2 | ||
|
Oracle JD Edwards <9.2.9.0
Oracle / JD Edwards
|
<9.2.9.0 |
In Oracle JD Edwards existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein entfernter, anonymer oder authentisierter Angreifer die Vertraulichkeit, Integrität und Verfügbarkeit gefährden. Für die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion notwendig. Oracle veröffentlicht keine weiteren Details zu diesen Schwachstellen (außer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadenshöhe ausschließlich auf Basis der CVSS Impact Matrix. Der Maximalwert für diese Produkte ist "HIGH" für "Confidentiality", "Integrity" und "Availability" über alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert "HOCH" für die Schadenshöhe.
Affected products
Known affected
2 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Oracle JD Edwards <9.2.9.2
Oracle / JD Edwards
|
<9.2.9.2 | ||
|
Oracle JD Edwards <9.2.9.0
Oracle / JD Edwards
|
<9.2.9.0 |
In Oracle JD Edwards existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein entfernter, anonymer oder authentisierter Angreifer die Vertraulichkeit, Integrität und Verfügbarkeit gefährden. Für die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion notwendig. Oracle veröffentlicht keine weiteren Details zu diesen Schwachstellen (außer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadenshöhe ausschließlich auf Basis der CVSS Impact Matrix. Der Maximalwert für diese Produkte ist "HIGH" für "Confidentiality", "Integrity" und "Availability" über alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert "HOCH" für die Schadenshöhe.
Affected products
Known affected
2 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Oracle JD Edwards <9.2.9.2
Oracle / JD Edwards
|
<9.2.9.2 | ||
|
Oracle JD Edwards <9.2.9.0
Oracle / JD Edwards
|
<9.2.9.0 |
In Oracle JD Edwards existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein entfernter, anonymer oder authentisierter Angreifer die Vertraulichkeit, Integrität und Verfügbarkeit gefährden. Für die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion notwendig. Oracle veröffentlicht keine weiteren Details zu diesen Schwachstellen (außer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadenshöhe ausschließlich auf Basis der CVSS Impact Matrix. Der Maximalwert für diese Produkte ist "HIGH" für "Confidentiality", "Integrity" und "Availability" über alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert "HOCH" für die Schadenshöhe.
Affected products
Known affected
2 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Oracle JD Edwards <9.2.9.2
Oracle / JD Edwards
|
<9.2.9.2 | ||
|
Oracle JD Edwards <9.2.9.0
Oracle / JD Edwards
|
<9.2.9.0 |
In Oracle JD Edwards existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein entfernter, anonymer oder authentisierter Angreifer die Vertraulichkeit, Integrität und Verfügbarkeit gefährden. Für die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion notwendig. Oracle veröffentlicht keine weiteren Details zu diesen Schwachstellen (außer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadenshöhe ausschließlich auf Basis der CVSS Impact Matrix. Der Maximalwert für diese Produkte ist "HIGH" für "Confidentiality", "Integrity" und "Availability" über alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert "HOCH" für die Schadenshöhe.
Affected products
Known affected
2 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Oracle JD Edwards <9.2.9.2
Oracle / JD Edwards
|
<9.2.9.2 | ||
|
Oracle JD Edwards <9.2.9.0
Oracle / JD Edwards
|
<9.2.9.0 |
In Oracle JD Edwards existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein entfernter, anonymer oder authentisierter Angreifer die Vertraulichkeit, Integrität und Verfügbarkeit gefährden. Für die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion notwendig. Oracle veröffentlicht keine weiteren Details zu diesen Schwachstellen (außer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadenshöhe ausschließlich auf Basis der CVSS Impact Matrix. Der Maximalwert für diese Produkte ist "HIGH" für "Confidentiality", "Integrity" und "Availability" über alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert "HOCH" für die Schadenshöhe.
Affected products
Known affected
2 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Oracle JD Edwards <9.2.9.2
Oracle / JD Edwards
|
<9.2.9.2 | ||
|
Oracle JD Edwards <9.2.9.0
Oracle / JD Edwards
|
<9.2.9.0 |
In Oracle JD Edwards existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein entfernter, anonymer oder authentisierter Angreifer die Vertraulichkeit, Integrität und Verfügbarkeit gefährden. Für die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion notwendig. Oracle veröffentlicht keine weiteren Details zu diesen Schwachstellen (außer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadenshöhe ausschließlich auf Basis der CVSS Impact Matrix. Der Maximalwert für diese Produkte ist "HIGH" für "Confidentiality", "Integrity" und "Availability" über alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert "HOCH" für die Schadenshöhe.
Affected products
Known affected
2 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Oracle JD Edwards <9.2.9.2
Oracle / JD Edwards
|
<9.2.9.2 | ||
|
Oracle JD Edwards <9.2.9.0
Oracle / JD Edwards
|
<9.2.9.0 |
In Oracle JD Edwards existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein entfernter, anonymer oder authentisierter Angreifer die Vertraulichkeit, Integrität und Verfügbarkeit gefährden. Für die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion notwendig. Oracle veröffentlicht keine weiteren Details zu diesen Schwachstellen (außer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadenshöhe ausschließlich auf Basis der CVSS Impact Matrix. Der Maximalwert für diese Produkte ist "HIGH" für "Confidentiality", "Integrity" und "Availability" über alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert "HOCH" für die Schadenshöhe.
Affected products
Known affected
2 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Oracle JD Edwards <9.2.9.2
Oracle / JD Edwards
|
<9.2.9.2 | ||
|
Oracle JD Edwards <9.2.9.0
Oracle / JD Edwards
|
<9.2.9.0 |
In Oracle JD Edwards existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein entfernter, anonymer oder authentisierter Angreifer die Vertraulichkeit, Integrität und Verfügbarkeit gefährden. Für die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion notwendig. Oracle veröffentlicht keine weiteren Details zu diesen Schwachstellen (außer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadenshöhe ausschließlich auf Basis der CVSS Impact Matrix. Der Maximalwert für diese Produkte ist "HIGH" für "Confidentiality", "Integrity" und "Availability" über alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert "HOCH" für die Schadenshöhe.
Affected products
Known affected
2 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Oracle JD Edwards <9.2.9.2
Oracle / JD Edwards
|
<9.2.9.2 | ||
|
Oracle JD Edwards <9.2.9.0
Oracle / JD Edwards
|
<9.2.9.0 |
In Oracle JD Edwards existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein entfernter, anonymer oder authentisierter Angreifer die Vertraulichkeit, Integrität und Verfügbarkeit gefährden. Für die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion notwendig. Oracle veröffentlicht keine weiteren Details zu diesen Schwachstellen (außer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadenshöhe ausschließlich auf Basis der CVSS Impact Matrix. Der Maximalwert für diese Produkte ist "HIGH" für "Confidentiality", "Integrity" und "Availability" über alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert "HOCH" für die Schadenshöhe.
Affected products
Known affected
2 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Oracle JD Edwards <9.2.9.2
Oracle / JD Edwards
|
<9.2.9.2 | ||
|
Oracle JD Edwards <9.2.9.0
Oracle / JD Edwards
|
<9.2.9.0 |
In Oracle JD Edwards existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein entfernter, anonymer oder authentisierter Angreifer die Vertraulichkeit, Integrität und Verfügbarkeit gefährden. Für die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion notwendig. Oracle veröffentlicht keine weiteren Details zu diesen Schwachstellen (außer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadenshöhe ausschließlich auf Basis der CVSS Impact Matrix. Der Maximalwert für diese Produkte ist "HIGH" für "Confidentiality", "Integrity" und "Availability" über alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert "HOCH" für die Schadenshöhe.
Affected products
Known affected
2 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Oracle JD Edwards <9.2.9.2
Oracle / JD Edwards
|
<9.2.9.2 | ||
|
Oracle JD Edwards <9.2.9.0
Oracle / JD Edwards
|
<9.2.9.0 |
In Oracle JD Edwards existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein entfernter, anonymer oder authentisierter Angreifer die Vertraulichkeit, Integrität und Verfügbarkeit gefährden. Für die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion notwendig. Oracle veröffentlicht keine weiteren Details zu diesen Schwachstellen (außer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadenshöhe ausschließlich auf Basis der CVSS Impact Matrix. Der Maximalwert für diese Produkte ist "HIGH" für "Confidentiality", "Integrity" und "Availability" über alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert "HOCH" für die Schadenshöhe.
Affected products
Known affected
2 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Oracle JD Edwards <9.2.9.2
Oracle / JD Edwards
|
<9.2.9.2 | ||
|
Oracle JD Edwards <9.2.9.0
Oracle / JD Edwards
|
<9.2.9.0 |
In Oracle JD Edwards existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein entfernter, anonymer oder authentisierter Angreifer die Vertraulichkeit, Integrität und Verfügbarkeit gefährden. Für die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion notwendig. Oracle veröffentlicht keine weiteren Details zu diesen Schwachstellen (außer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadenshöhe ausschließlich auf Basis der CVSS Impact Matrix. Der Maximalwert für diese Produkte ist "HIGH" für "Confidentiality", "Integrity" und "Availability" über alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert "HOCH" für die Schadenshöhe.
Affected products
Known affected
2 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Oracle JD Edwards <9.2.9.2
Oracle / JD Edwards
|
<9.2.9.2 | ||
|
Oracle JD Edwards <9.2.9.0
Oracle / JD Edwards
|
<9.2.9.0 |
In Oracle JD Edwards existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein entfernter, anonymer oder authentisierter Angreifer die Vertraulichkeit, Integrität und Verfügbarkeit gefährden. Für die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion notwendig. Oracle veröffentlicht keine weiteren Details zu diesen Schwachstellen (außer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadenshöhe ausschließlich auf Basis der CVSS Impact Matrix. Der Maximalwert für diese Produkte ist "HIGH" für "Confidentiality", "Integrity" und "Availability" über alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert "HOCH" für die Schadenshöhe.
Affected products
Known affected
2 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Oracle JD Edwards <9.2.9.2
Oracle / JD Edwards
|
<9.2.9.2 | ||
|
Oracle JD Edwards <9.2.9.0
Oracle / JD Edwards
|
<9.2.9.0 |
In Oracle JD Edwards existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein entfernter, anonymer oder authentisierter Angreifer die Vertraulichkeit, Integrität und Verfügbarkeit gefährden. Für die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion notwendig. Oracle veröffentlicht keine weiteren Details zu diesen Schwachstellen (außer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadenshöhe ausschließlich auf Basis der CVSS Impact Matrix. Der Maximalwert für diese Produkte ist "HIGH" für "Confidentiality", "Integrity" und "Availability" über alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert "HOCH" für die Schadenshöhe.
Affected products
Known affected
2 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Oracle JD Edwards <9.2.9.2
Oracle / JD Edwards
|
<9.2.9.2 | ||
|
Oracle JD Edwards <9.2.9.0
Oracle / JD Edwards
|
<9.2.9.0 |
In Oracle JD Edwards existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein entfernter, anonymer oder authentisierter Angreifer die Vertraulichkeit, Integrität und Verfügbarkeit gefährden. Für die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion notwendig. Oracle veröffentlicht keine weiteren Details zu diesen Schwachstellen (außer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadenshöhe ausschließlich auf Basis der CVSS Impact Matrix. Der Maximalwert für diese Produkte ist "HIGH" für "Confidentiality", "Integrity" und "Availability" über alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert "HOCH" für die Schadenshöhe.
Affected products
Known affected
2 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Oracle JD Edwards <9.2.9.2
Oracle / JD Edwards
|
<9.2.9.2 | ||
|
Oracle JD Edwards <9.2.9.0
Oracle / JD Edwards
|
<9.2.9.0 |
In Oracle JD Edwards existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein entfernter, anonymer oder authentisierter Angreifer die Vertraulichkeit, Integrität und Verfügbarkeit gefährden. Für die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion notwendig. Oracle veröffentlicht keine weiteren Details zu diesen Schwachstellen (außer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadenshöhe ausschließlich auf Basis der CVSS Impact Matrix. Der Maximalwert für diese Produkte ist "HIGH" für "Confidentiality", "Integrity" und "Availability" über alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert "HOCH" für die Schadenshöhe.
Affected products
Known affected
2 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Oracle JD Edwards <9.2.9.2
Oracle / JD Edwards
|
<9.2.9.2 | ||
|
Oracle JD Edwards <9.2.9.0
Oracle / JD Edwards
|
<9.2.9.0 |
References
3 references
{
"document": {
"aggregate_severity": {
"text": "hoch"
},
"category": "csaf_base",
"csaf_version": "2.0",
"distribution": {
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "de-DE",
"notes": [
{
"category": "legal_disclaimer",
"text": "Das BSI ist als Anbieter f\u00fcr die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch daf\u00fcr verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgf\u00e4ltig im Einzelfall zu pr\u00fcfen."
},
{
"category": "description",
"text": "Die Komponenten der Oracle JDEdwards sind vollst\u00e4ndig integrierte und komplette L\u00f6sungen gesch\u00e4ftlicher Anwendungen (ERP) f\u00fcr Unternehmen.",
"title": "Produktbeschreibung"
},
{
"category": "summary",
"text": "Ein entfernter, anonymer oder authentisierter Angreifer kann mehrere Schwachstellen in Oracle JD Edwards ausnutzen, um die Vertraulichkeit, Integrit\u00e4t und Verf\u00fcgbarkeit zu gef\u00e4hrden.",
"title": "Angriff"
},
{
"category": "general",
"text": "- Linux\n- Sonstiges\n- UNIX\n- Windows",
"title": "Betroffene Betriebssysteme"
}
],
"publisher": {
"category": "other",
"contact_details": "csaf-provider@cert-bund.de",
"name": "Bundesamt f\u00fcr Sicherheit in der Informationstechnik",
"namespace": "https://www.bsi.bund.de"
},
"references": [
{
"category": "self",
"summary": "WID-SEC-W-2025-0168 - CSAF Version",
"url": "https://wid.cert-bund.de/.well-known/csaf/white/2025/wid-sec-w-2025-0168.json"
},
{
"category": "self",
"summary": "WID-SEC-2025-0168 - Portal Version",
"url": "https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2025-0168"
},
{
"category": "external",
"summary": "Oracle Critical Patch Update Advisory - January 2025 - Appendix Oracle JD Edwards vom 2025-01-21",
"url": "https://www.oracle.com/security-alerts/cpujan2025.html#AppendixJDE"
}
],
"source_lang": "en-US",
"title": "Oracle JD Edwards: Mehrere Schwachstellen",
"tracking": {
"current_release_date": "2025-01-21T23:00:00.000+00:00",
"generator": {
"date": "2025-01-22T12:43:53.020+00:00",
"engine": {
"name": "BSI-WID",
"version": "1.3.10"
}
},
"id": "WID-SEC-W-2025-0168",
"initial_release_date": "2025-01-21T23:00:00.000+00:00",
"revision_history": [
{
"date": "2025-01-21T23:00:00.000+00:00",
"number": "1",
"summary": "Initiale Fassung"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version_range",
"name": "\u003c9.2.9.0",
"product": {
"name": "Oracle JD Edwards \u003c9.2.9.0",
"product_id": "T040474"
}
},
{
"category": "product_version",
"name": "9.2.9.0",
"product": {
"name": "Oracle JD Edwards 9.2.9.0",
"product_id": "T040474-fixed",
"product_identification_helper": {
"cpe": "cpe:/a:oracle:jd_edwards_enterpriseone:9.2.9.0"
}
}
},
{
"category": "product_version_range",
"name": "\u003c9.2.9.2",
"product": {
"name": "Oracle JD Edwards \u003c9.2.9.2",
"product_id": "T040475"
}
},
{
"category": "product_version",
"name": "9.2.9.2",
"product": {
"name": "Oracle JD Edwards 9.2.9.2",
"product_id": "T040475-fixed",
"product_identification_helper": {
"cpe": "cpe:/a:oracle:jd_edwards_enterpriseone:9.2.9.2"
}
}
}
],
"category": "product_name",
"name": "JD Edwards"
}
],
"category": "vendor",
"name": "Oracle"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2023-2976",
"notes": [
{
"category": "description",
"text": "In Oracle JD Edwards existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein entfernter, anonymer oder authentisierter Angreifer die Vertraulichkeit, Integrit\u00e4t und Verf\u00fcgbarkeit gef\u00e4hrden. F\u00fcr die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion notwendig. Oracle ver\u00f6ffentlicht keine weiteren Details zu diesen Schwachstellen (au\u00dfer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadensh\u00f6he ausschlie\u00dflich auf Basis der CVSS Impact Matrix. Der Maximalwert f\u00fcr diese Produkte ist \"HIGH\" f\u00fcr \"Confidentiality\", \"Integrity\" und \"Availability\" \u00fcber alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert \"HOCH\" f\u00fcr die Schadensh\u00f6he."
}
],
"product_status": {
"known_affected": [
"T040475",
"T040474"
]
},
"release_date": "2025-01-21T23:00:00.000+00:00",
"title": "CVE-2023-2976"
},
{
"cve": "CVE-2023-3961",
"notes": [
{
"category": "description",
"text": "In Oracle JD Edwards existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein entfernter, anonymer oder authentisierter Angreifer die Vertraulichkeit, Integrit\u00e4t und Verf\u00fcgbarkeit gef\u00e4hrden. F\u00fcr die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion notwendig. Oracle ver\u00f6ffentlicht keine weiteren Details zu diesen Schwachstellen (au\u00dfer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadensh\u00f6he ausschlie\u00dflich auf Basis der CVSS Impact Matrix. Der Maximalwert f\u00fcr diese Produkte ist \"HIGH\" f\u00fcr \"Confidentiality\", \"Integrity\" und \"Availability\" \u00fcber alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert \"HOCH\" f\u00fcr die Schadensh\u00f6he."
}
],
"product_status": {
"known_affected": [
"T040475",
"T040474"
]
},
"release_date": "2025-01-21T23:00:00.000+00:00",
"title": "CVE-2023-3961"
},
{
"cve": "CVE-2023-4782",
"notes": [
{
"category": "description",
"text": "In Oracle JD Edwards existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein entfernter, anonymer oder authentisierter Angreifer die Vertraulichkeit, Integrit\u00e4t und Verf\u00fcgbarkeit gef\u00e4hrden. F\u00fcr die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion notwendig. Oracle ver\u00f6ffentlicht keine weiteren Details zu diesen Schwachstellen (au\u00dfer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadensh\u00f6he ausschlie\u00dflich auf Basis der CVSS Impact Matrix. Der Maximalwert f\u00fcr diese Produkte ist \"HIGH\" f\u00fcr \"Confidentiality\", \"Integrity\" und \"Availability\" \u00fcber alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert \"HOCH\" f\u00fcr die Schadensh\u00f6he."
}
],
"product_status": {
"known_affected": [
"T040475",
"T040474"
]
},
"release_date": "2025-01-21T23:00:00.000+00:00",
"title": "CVE-2023-4782"
},
{
"cve": "CVE-2023-48795",
"notes": [
{
"category": "description",
"text": "In Oracle JD Edwards existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein entfernter, anonymer oder authentisierter Angreifer die Vertraulichkeit, Integrit\u00e4t und Verf\u00fcgbarkeit gef\u00e4hrden. F\u00fcr die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion notwendig. Oracle ver\u00f6ffentlicht keine weiteren Details zu diesen Schwachstellen (au\u00dfer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadensh\u00f6he ausschlie\u00dflich auf Basis der CVSS Impact Matrix. Der Maximalwert f\u00fcr diese Produkte ist \"HIGH\" f\u00fcr \"Confidentiality\", \"Integrity\" und \"Availability\" \u00fcber alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert \"HOCH\" f\u00fcr die Schadensh\u00f6he."
}
],
"product_status": {
"known_affected": [
"T040475",
"T040474"
]
},
"release_date": "2025-01-21T23:00:00.000+00:00",
"title": "CVE-2023-48795"
},
{
"cve": "CVE-2023-6129",
"notes": [
{
"category": "description",
"text": "In Oracle JD Edwards existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein entfernter, anonymer oder authentisierter Angreifer die Vertraulichkeit, Integrit\u00e4t und Verf\u00fcgbarkeit gef\u00e4hrden. F\u00fcr die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion notwendig. Oracle ver\u00f6ffentlicht keine weiteren Details zu diesen Schwachstellen (au\u00dfer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadensh\u00f6he ausschlie\u00dflich auf Basis der CVSS Impact Matrix. Der Maximalwert f\u00fcr diese Produkte ist \"HIGH\" f\u00fcr \"Confidentiality\", \"Integrity\" und \"Availability\" \u00fcber alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert \"HOCH\" f\u00fcr die Schadensh\u00f6he."
}
],
"product_status": {
"known_affected": [
"T040475",
"T040474"
]
},
"release_date": "2025-01-21T23:00:00.000+00:00",
"title": "CVE-2023-6129"
},
{
"cve": "CVE-2024-21245",
"notes": [
{
"category": "description",
"text": "In Oracle JD Edwards existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein entfernter, anonymer oder authentisierter Angreifer die Vertraulichkeit, Integrit\u00e4t und Verf\u00fcgbarkeit gef\u00e4hrden. F\u00fcr die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion notwendig. Oracle ver\u00f6ffentlicht keine weiteren Details zu diesen Schwachstellen (au\u00dfer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadensh\u00f6he ausschlie\u00dflich auf Basis der CVSS Impact Matrix. Der Maximalwert f\u00fcr diese Produkte ist \"HIGH\" f\u00fcr \"Confidentiality\", \"Integrity\" und \"Availability\" \u00fcber alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert \"HOCH\" f\u00fcr die Schadensh\u00f6he."
}
],
"product_status": {
"known_affected": [
"T040475",
"T040474"
]
},
"release_date": "2025-01-21T23:00:00.000+00:00",
"title": "CVE-2024-21245"
},
{
"cve": "CVE-2024-27280",
"notes": [
{
"category": "description",
"text": "In Oracle JD Edwards existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein entfernter, anonymer oder authentisierter Angreifer die Vertraulichkeit, Integrit\u00e4t und Verf\u00fcgbarkeit gef\u00e4hrden. F\u00fcr die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion notwendig. Oracle ver\u00f6ffentlicht keine weiteren Details zu diesen Schwachstellen (au\u00dfer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadensh\u00f6he ausschlie\u00dflich auf Basis der CVSS Impact Matrix. Der Maximalwert f\u00fcr diese Produkte ist \"HIGH\" f\u00fcr \"Confidentiality\", \"Integrity\" und \"Availability\" \u00fcber alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert \"HOCH\" f\u00fcr die Schadensh\u00f6he."
}
],
"product_status": {
"known_affected": [
"T040475",
"T040474"
]
},
"release_date": "2025-01-21T23:00:00.000+00:00",
"title": "CVE-2024-27280"
},
{
"cve": "CVE-2024-27983",
"notes": [
{
"category": "description",
"text": "In Oracle JD Edwards existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein entfernter, anonymer oder authentisierter Angreifer die Vertraulichkeit, Integrit\u00e4t und Verf\u00fcgbarkeit gef\u00e4hrden. F\u00fcr die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion notwendig. Oracle ver\u00f6ffentlicht keine weiteren Details zu diesen Schwachstellen (au\u00dfer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadensh\u00f6he ausschlie\u00dflich auf Basis der CVSS Impact Matrix. Der Maximalwert f\u00fcr diese Produkte ist \"HIGH\" f\u00fcr \"Confidentiality\", \"Integrity\" und \"Availability\" \u00fcber alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert \"HOCH\" f\u00fcr die Schadensh\u00f6he."
}
],
"product_status": {
"known_affected": [
"T040475",
"T040474"
]
},
"release_date": "2025-01-21T23:00:00.000+00:00",
"title": "CVE-2024-27983"
},
{
"cve": "CVE-2024-29041",
"notes": [
{
"category": "description",
"text": "In Oracle JD Edwards existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein entfernter, anonymer oder authentisierter Angreifer die Vertraulichkeit, Integrit\u00e4t und Verf\u00fcgbarkeit gef\u00e4hrden. F\u00fcr die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion notwendig. Oracle ver\u00f6ffentlicht keine weiteren Details zu diesen Schwachstellen (au\u00dfer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadensh\u00f6he ausschlie\u00dflich auf Basis der CVSS Impact Matrix. Der Maximalwert f\u00fcr diese Produkte ist \"HIGH\" f\u00fcr \"Confidentiality\", \"Integrity\" und \"Availability\" \u00fcber alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert \"HOCH\" f\u00fcr die Schadensh\u00f6he."
}
],
"product_status": {
"known_affected": [
"T040475",
"T040474"
]
},
"release_date": "2025-01-21T23:00:00.000+00:00",
"title": "CVE-2024-29041"
},
{
"cve": "CVE-2025-21507",
"notes": [
{
"category": "description",
"text": "In Oracle JD Edwards existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein entfernter, anonymer oder authentisierter Angreifer die Vertraulichkeit, Integrit\u00e4t und Verf\u00fcgbarkeit gef\u00e4hrden. F\u00fcr die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion notwendig. Oracle ver\u00f6ffentlicht keine weiteren Details zu diesen Schwachstellen (au\u00dfer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadensh\u00f6he ausschlie\u00dflich auf Basis der CVSS Impact Matrix. Der Maximalwert f\u00fcr diese Produkte ist \"HIGH\" f\u00fcr \"Confidentiality\", \"Integrity\" und \"Availability\" \u00fcber alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert \"HOCH\" f\u00fcr die Schadensh\u00f6he."
}
],
"product_status": {
"known_affected": [
"T040475",
"T040474"
]
},
"release_date": "2025-01-21T23:00:00.000+00:00",
"title": "CVE-2025-21507"
},
{
"cve": "CVE-2025-21508",
"notes": [
{
"category": "description",
"text": "In Oracle JD Edwards existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein entfernter, anonymer oder authentisierter Angreifer die Vertraulichkeit, Integrit\u00e4t und Verf\u00fcgbarkeit gef\u00e4hrden. F\u00fcr die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion notwendig. Oracle ver\u00f6ffentlicht keine weiteren Details zu diesen Schwachstellen (au\u00dfer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadensh\u00f6he ausschlie\u00dflich auf Basis der CVSS Impact Matrix. Der Maximalwert f\u00fcr diese Produkte ist \"HIGH\" f\u00fcr \"Confidentiality\", \"Integrity\" und \"Availability\" \u00fcber alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert \"HOCH\" f\u00fcr die Schadensh\u00f6he."
}
],
"product_status": {
"known_affected": [
"T040475",
"T040474"
]
},
"release_date": "2025-01-21T23:00:00.000+00:00",
"title": "CVE-2025-21508"
},
{
"cve": "CVE-2025-21509",
"notes": [
{
"category": "description",
"text": "In Oracle JD Edwards existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein entfernter, anonymer oder authentisierter Angreifer die Vertraulichkeit, Integrit\u00e4t und Verf\u00fcgbarkeit gef\u00e4hrden. F\u00fcr die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion notwendig. Oracle ver\u00f6ffentlicht keine weiteren Details zu diesen Schwachstellen (au\u00dfer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadensh\u00f6he ausschlie\u00dflich auf Basis der CVSS Impact Matrix. Der Maximalwert f\u00fcr diese Produkte ist \"HIGH\" f\u00fcr \"Confidentiality\", \"Integrity\" und \"Availability\" \u00fcber alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert \"HOCH\" f\u00fcr die Schadensh\u00f6he."
}
],
"product_status": {
"known_affected": [
"T040475",
"T040474"
]
},
"release_date": "2025-01-21T23:00:00.000+00:00",
"title": "CVE-2025-21509"
},
{
"cve": "CVE-2025-21510",
"notes": [
{
"category": "description",
"text": "In Oracle JD Edwards existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein entfernter, anonymer oder authentisierter Angreifer die Vertraulichkeit, Integrit\u00e4t und Verf\u00fcgbarkeit gef\u00e4hrden. F\u00fcr die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion notwendig. Oracle ver\u00f6ffentlicht keine weiteren Details zu diesen Schwachstellen (au\u00dfer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadensh\u00f6he ausschlie\u00dflich auf Basis der CVSS Impact Matrix. Der Maximalwert f\u00fcr diese Produkte ist \"HIGH\" f\u00fcr \"Confidentiality\", \"Integrity\" und \"Availability\" \u00fcber alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert \"HOCH\" f\u00fcr die Schadensh\u00f6he."
}
],
"product_status": {
"known_affected": [
"T040475",
"T040474"
]
},
"release_date": "2025-01-21T23:00:00.000+00:00",
"title": "CVE-2025-21510"
},
{
"cve": "CVE-2025-21511",
"notes": [
{
"category": "description",
"text": "In Oracle JD Edwards existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein entfernter, anonymer oder authentisierter Angreifer die Vertraulichkeit, Integrit\u00e4t und Verf\u00fcgbarkeit gef\u00e4hrden. F\u00fcr die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion notwendig. Oracle ver\u00f6ffentlicht keine weiteren Details zu diesen Schwachstellen (au\u00dfer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadensh\u00f6he ausschlie\u00dflich auf Basis der CVSS Impact Matrix. Der Maximalwert f\u00fcr diese Produkte ist \"HIGH\" f\u00fcr \"Confidentiality\", \"Integrity\" und \"Availability\" \u00fcber alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert \"HOCH\" f\u00fcr die Schadensh\u00f6he."
}
],
"product_status": {
"known_affected": [
"T040475",
"T040474"
]
},
"release_date": "2025-01-21T23:00:00.000+00:00",
"title": "CVE-2025-21511"
},
{
"cve": "CVE-2025-21512",
"notes": [
{
"category": "description",
"text": "In Oracle JD Edwards existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein entfernter, anonymer oder authentisierter Angreifer die Vertraulichkeit, Integrit\u00e4t und Verf\u00fcgbarkeit gef\u00e4hrden. F\u00fcr die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion notwendig. Oracle ver\u00f6ffentlicht keine weiteren Details zu diesen Schwachstellen (au\u00dfer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadensh\u00f6he ausschlie\u00dflich auf Basis der CVSS Impact Matrix. Der Maximalwert f\u00fcr diese Produkte ist \"HIGH\" f\u00fcr \"Confidentiality\", \"Integrity\" und \"Availability\" \u00fcber alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert \"HOCH\" f\u00fcr die Schadensh\u00f6he."
}
],
"product_status": {
"known_affected": [
"T040475",
"T040474"
]
},
"release_date": "2025-01-21T23:00:00.000+00:00",
"title": "CVE-2025-21512"
},
{
"cve": "CVE-2025-21513",
"notes": [
{
"category": "description",
"text": "In Oracle JD Edwards existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein entfernter, anonymer oder authentisierter Angreifer die Vertraulichkeit, Integrit\u00e4t und Verf\u00fcgbarkeit gef\u00e4hrden. F\u00fcr die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion notwendig. Oracle ver\u00f6ffentlicht keine weiteren Details zu diesen Schwachstellen (au\u00dfer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadensh\u00f6he ausschlie\u00dflich auf Basis der CVSS Impact Matrix. Der Maximalwert f\u00fcr diese Produkte ist \"HIGH\" f\u00fcr \"Confidentiality\", \"Integrity\" und \"Availability\" \u00fcber alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert \"HOCH\" f\u00fcr die Schadensh\u00f6he."
}
],
"product_status": {
"known_affected": [
"T040475",
"T040474"
]
},
"release_date": "2025-01-21T23:00:00.000+00:00",
"title": "CVE-2025-21513"
},
{
"cve": "CVE-2025-21514",
"notes": [
{
"category": "description",
"text": "In Oracle JD Edwards existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein entfernter, anonymer oder authentisierter Angreifer die Vertraulichkeit, Integrit\u00e4t und Verf\u00fcgbarkeit gef\u00e4hrden. F\u00fcr die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion notwendig. Oracle ver\u00f6ffentlicht keine weiteren Details zu diesen Schwachstellen (au\u00dfer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadensh\u00f6he ausschlie\u00dflich auf Basis der CVSS Impact Matrix. Der Maximalwert f\u00fcr diese Produkte ist \"HIGH\" f\u00fcr \"Confidentiality\", \"Integrity\" und \"Availability\" \u00fcber alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert \"HOCH\" f\u00fcr die Schadensh\u00f6he."
}
],
"product_status": {
"known_affected": [
"T040475",
"T040474"
]
},
"release_date": "2025-01-21T23:00:00.000+00:00",
"title": "CVE-2025-21514"
},
{
"cve": "CVE-2025-21515",
"notes": [
{
"category": "description",
"text": "In Oracle JD Edwards existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein entfernter, anonymer oder authentisierter Angreifer die Vertraulichkeit, Integrit\u00e4t und Verf\u00fcgbarkeit gef\u00e4hrden. F\u00fcr die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion notwendig. Oracle ver\u00f6ffentlicht keine weiteren Details zu diesen Schwachstellen (au\u00dfer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadensh\u00f6he ausschlie\u00dflich auf Basis der CVSS Impact Matrix. Der Maximalwert f\u00fcr diese Produkte ist \"HIGH\" f\u00fcr \"Confidentiality\", \"Integrity\" und \"Availability\" \u00fcber alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert \"HOCH\" f\u00fcr die Schadensh\u00f6he."
}
],
"product_status": {
"known_affected": [
"T040475",
"T040474"
]
},
"release_date": "2025-01-21T23:00:00.000+00:00",
"title": "CVE-2025-21515"
},
{
"cve": "CVE-2025-21517",
"notes": [
{
"category": "description",
"text": "In Oracle JD Edwards existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein entfernter, anonymer oder authentisierter Angreifer die Vertraulichkeit, Integrit\u00e4t und Verf\u00fcgbarkeit gef\u00e4hrden. F\u00fcr die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion notwendig. Oracle ver\u00f6ffentlicht keine weiteren Details zu diesen Schwachstellen (au\u00dfer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadensh\u00f6he ausschlie\u00dflich auf Basis der CVSS Impact Matrix. Der Maximalwert f\u00fcr diese Produkte ist \"HIGH\" f\u00fcr \"Confidentiality\", \"Integrity\" und \"Availability\" \u00fcber alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert \"HOCH\" f\u00fcr die Schadensh\u00f6he."
}
],
"product_status": {
"known_affected": [
"T040475",
"T040474"
]
},
"release_date": "2025-01-21T23:00:00.000+00:00",
"title": "CVE-2025-21517"
},
{
"cve": "CVE-2025-21524",
"notes": [
{
"category": "description",
"text": "In Oracle JD Edwards existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein entfernter, anonymer oder authentisierter Angreifer die Vertraulichkeit, Integrit\u00e4t und Verf\u00fcgbarkeit gef\u00e4hrden. F\u00fcr die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion notwendig. Oracle ver\u00f6ffentlicht keine weiteren Details zu diesen Schwachstellen (au\u00dfer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadensh\u00f6he ausschlie\u00dflich auf Basis der CVSS Impact Matrix. Der Maximalwert f\u00fcr diese Produkte ist \"HIGH\" f\u00fcr \"Confidentiality\", \"Integrity\" und \"Availability\" \u00fcber alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert \"HOCH\" f\u00fcr die Schadensh\u00f6he."
}
],
"product_status": {
"known_affected": [
"T040475",
"T040474"
]
},
"release_date": "2025-01-21T23:00:00.000+00:00",
"title": "CVE-2025-21524"
},
{
"cve": "CVE-2025-21527",
"notes": [
{
"category": "description",
"text": "In Oracle JD Edwards existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein entfernter, anonymer oder authentisierter Angreifer die Vertraulichkeit, Integrit\u00e4t und Verf\u00fcgbarkeit gef\u00e4hrden. F\u00fcr die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion notwendig. Oracle ver\u00f6ffentlicht keine weiteren Details zu diesen Schwachstellen (au\u00dfer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadensh\u00f6he ausschlie\u00dflich auf Basis der CVSS Impact Matrix. Der Maximalwert f\u00fcr diese Produkte ist \"HIGH\" f\u00fcr \"Confidentiality\", \"Integrity\" und \"Availability\" \u00fcber alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert \"HOCH\" f\u00fcr die Schadensh\u00f6he."
}
],
"product_status": {
"known_affected": [
"T040475",
"T040474"
]
},
"release_date": "2025-01-21T23:00:00.000+00:00",
"title": "CVE-2025-21527"
},
{
"cve": "CVE-2025-21538",
"notes": [
{
"category": "description",
"text": "In Oracle JD Edwards existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein entfernter, anonymer oder authentisierter Angreifer die Vertraulichkeit, Integrit\u00e4t und Verf\u00fcgbarkeit gef\u00e4hrden. F\u00fcr die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion notwendig. Oracle ver\u00f6ffentlicht keine weiteren Details zu diesen Schwachstellen (au\u00dfer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadensh\u00f6he ausschlie\u00dflich auf Basis der CVSS Impact Matrix. Der Maximalwert f\u00fcr diese Produkte ist \"HIGH\" f\u00fcr \"Confidentiality\", \"Integrity\" und \"Availability\" \u00fcber alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert \"HOCH\" f\u00fcr die Schadensh\u00f6he."
}
],
"product_status": {
"known_affected": [
"T040475",
"T040474"
]
},
"release_date": "2025-01-21T23:00:00.000+00:00",
"title": "CVE-2025-21538"
},
{
"cve": "CVE-2025-21552",
"notes": [
{
"category": "description",
"text": "In Oracle JD Edwards existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein entfernter, anonymer oder authentisierter Angreifer die Vertraulichkeit, Integrit\u00e4t und Verf\u00fcgbarkeit gef\u00e4hrden. F\u00fcr die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion notwendig. Oracle ver\u00f6ffentlicht keine weiteren Details zu diesen Schwachstellen (au\u00dfer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadensh\u00f6he ausschlie\u00dflich auf Basis der CVSS Impact Matrix. Der Maximalwert f\u00fcr diese Produkte ist \"HIGH\" f\u00fcr \"Confidentiality\", \"Integrity\" und \"Availability\" \u00fcber alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert \"HOCH\" f\u00fcr die Schadensh\u00f6he."
}
],
"product_status": {
"known_affected": [
"T040475",
"T040474"
]
},
"release_date": "2025-01-21T23:00:00.000+00:00",
"title": "CVE-2025-21552"
}
]
}
WID-SEC-W-2025-0810
Vulnerability from csaf_certbund - Published: 2025-04-15 22:00 - Updated: 2025-04-15 22:00Summary
Oracle Retail Applications: Mehrere Schwachstellen
Severity
Hoch
Notes
Das BSI ist als Anbieter für die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch dafür verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgfältig im Einzelfall zu prüfen.
Produktbeschreibung: Oracle Retail Applications ist eine Sammlung von Produkten zur Unterstützung u. a. von Handelsfirmen und der Gastronomie.
Angriff: Ein entfernter, anonymer Angreifer kann mehrere Schwachstellen in Oracle Retail Applications ausnutzen, um die Vertraulichkeit, Integrität und Verfügbarkeit zu gefährden.
Betroffene Betriebssysteme: - Linux
- Sonstiges
- UNIX
- Windows
Affected products
Known affected
8 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Oracle Retail Applications 19.1
Oracle / Retail Applications
|
cpe:/a:oracle:retail_applications:19.1
|
19.1 | |
|
Oracle Retail Applications 19.0.6
Oracle / Retail Applications
|
cpe:/a:oracle:retail_applications:19.0.6
|
19.0.6 | |
|
Oracle Retail Applications 20.0.5
Oracle / Retail Applications
|
cpe:/a:oracle:retail_applications:20.0.5
|
20.0.5 | |
|
Oracle Retail Applications 21.0.4
Oracle / Retail Applications
|
cpe:/a:oracle:retail_applications:21.0.4
|
21.0.4 | |
|
Oracle Retail Applications 22.0.2
Oracle / Retail Applications
|
cpe:/a:oracle:retail_applications:22.0.2
|
22.0.2 | |
|
Oracle Retail Applications 23.0.2
Oracle / Retail Applications
|
cpe:/a:oracle:retail_applications:23.0.2
|
23.0.2 | |
|
Oracle Retail Applications 24.0.1
Oracle / Retail Applications
|
cpe:/a:oracle:retail_applications:24.0.1
|
24.0.1 | |
|
Oracle Retail Applications 16.0.3.16
Oracle / Retail Applications
|
cpe:/a:oracle:retail_applications:16.0.3.16
|
16.0.3.16 |
Affected products
Known affected
8 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Oracle Retail Applications 19.1
Oracle / Retail Applications
|
cpe:/a:oracle:retail_applications:19.1
|
19.1 | |
|
Oracle Retail Applications 19.0.6
Oracle / Retail Applications
|
cpe:/a:oracle:retail_applications:19.0.6
|
19.0.6 | |
|
Oracle Retail Applications 20.0.5
Oracle / Retail Applications
|
cpe:/a:oracle:retail_applications:20.0.5
|
20.0.5 | |
|
Oracle Retail Applications 21.0.4
Oracle / Retail Applications
|
cpe:/a:oracle:retail_applications:21.0.4
|
21.0.4 | |
|
Oracle Retail Applications 22.0.2
Oracle / Retail Applications
|
cpe:/a:oracle:retail_applications:22.0.2
|
22.0.2 | |
|
Oracle Retail Applications 23.0.2
Oracle / Retail Applications
|
cpe:/a:oracle:retail_applications:23.0.2
|
23.0.2 | |
|
Oracle Retail Applications 24.0.1
Oracle / Retail Applications
|
cpe:/a:oracle:retail_applications:24.0.1
|
24.0.1 | |
|
Oracle Retail Applications 16.0.3.16
Oracle / Retail Applications
|
cpe:/a:oracle:retail_applications:16.0.3.16
|
16.0.3.16 |
Affected products
Known affected
8 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Oracle Retail Applications 19.1
Oracle / Retail Applications
|
cpe:/a:oracle:retail_applications:19.1
|
19.1 | |
|
Oracle Retail Applications 19.0.6
Oracle / Retail Applications
|
cpe:/a:oracle:retail_applications:19.0.6
|
19.0.6 | |
|
Oracle Retail Applications 20.0.5
Oracle / Retail Applications
|
cpe:/a:oracle:retail_applications:20.0.5
|
20.0.5 | |
|
Oracle Retail Applications 21.0.4
Oracle / Retail Applications
|
cpe:/a:oracle:retail_applications:21.0.4
|
21.0.4 | |
|
Oracle Retail Applications 22.0.2
Oracle / Retail Applications
|
cpe:/a:oracle:retail_applications:22.0.2
|
22.0.2 | |
|
Oracle Retail Applications 23.0.2
Oracle / Retail Applications
|
cpe:/a:oracle:retail_applications:23.0.2
|
23.0.2 | |
|
Oracle Retail Applications 24.0.1
Oracle / Retail Applications
|
cpe:/a:oracle:retail_applications:24.0.1
|
24.0.1 | |
|
Oracle Retail Applications 16.0.3.16
Oracle / Retail Applications
|
cpe:/a:oracle:retail_applications:16.0.3.16
|
16.0.3.16 |
Affected products
Known affected
8 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Oracle Retail Applications 19.1
Oracle / Retail Applications
|
cpe:/a:oracle:retail_applications:19.1
|
19.1 | |
|
Oracle Retail Applications 19.0.6
Oracle / Retail Applications
|
cpe:/a:oracle:retail_applications:19.0.6
|
19.0.6 | |
|
Oracle Retail Applications 20.0.5
Oracle / Retail Applications
|
cpe:/a:oracle:retail_applications:20.0.5
|
20.0.5 | |
|
Oracle Retail Applications 21.0.4
Oracle / Retail Applications
|
cpe:/a:oracle:retail_applications:21.0.4
|
21.0.4 | |
|
Oracle Retail Applications 22.0.2
Oracle / Retail Applications
|
cpe:/a:oracle:retail_applications:22.0.2
|
22.0.2 | |
|
Oracle Retail Applications 23.0.2
Oracle / Retail Applications
|
cpe:/a:oracle:retail_applications:23.0.2
|
23.0.2 | |
|
Oracle Retail Applications 24.0.1
Oracle / Retail Applications
|
cpe:/a:oracle:retail_applications:24.0.1
|
24.0.1 | |
|
Oracle Retail Applications 16.0.3.16
Oracle / Retail Applications
|
cpe:/a:oracle:retail_applications:16.0.3.16
|
16.0.3.16 |
Affected products
Known affected
8 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Oracle Retail Applications 19.1
Oracle / Retail Applications
|
cpe:/a:oracle:retail_applications:19.1
|
19.1 | |
|
Oracle Retail Applications 19.0.6
Oracle / Retail Applications
|
cpe:/a:oracle:retail_applications:19.0.6
|
19.0.6 | |
|
Oracle Retail Applications 20.0.5
Oracle / Retail Applications
|
cpe:/a:oracle:retail_applications:20.0.5
|
20.0.5 | |
|
Oracle Retail Applications 21.0.4
Oracle / Retail Applications
|
cpe:/a:oracle:retail_applications:21.0.4
|
21.0.4 | |
|
Oracle Retail Applications 22.0.2
Oracle / Retail Applications
|
cpe:/a:oracle:retail_applications:22.0.2
|
22.0.2 | |
|
Oracle Retail Applications 23.0.2
Oracle / Retail Applications
|
cpe:/a:oracle:retail_applications:23.0.2
|
23.0.2 | |
|
Oracle Retail Applications 24.0.1
Oracle / Retail Applications
|
cpe:/a:oracle:retail_applications:24.0.1
|
24.0.1 | |
|
Oracle Retail Applications 16.0.3.16
Oracle / Retail Applications
|
cpe:/a:oracle:retail_applications:16.0.3.16
|
16.0.3.16 |
Affected products
Known affected
8 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Oracle Retail Applications 19.1
Oracle / Retail Applications
|
cpe:/a:oracle:retail_applications:19.1
|
19.1 | |
|
Oracle Retail Applications 19.0.6
Oracle / Retail Applications
|
cpe:/a:oracle:retail_applications:19.0.6
|
19.0.6 | |
|
Oracle Retail Applications 20.0.5
Oracle / Retail Applications
|
cpe:/a:oracle:retail_applications:20.0.5
|
20.0.5 | |
|
Oracle Retail Applications 21.0.4
Oracle / Retail Applications
|
cpe:/a:oracle:retail_applications:21.0.4
|
21.0.4 | |
|
Oracle Retail Applications 22.0.2
Oracle / Retail Applications
|
cpe:/a:oracle:retail_applications:22.0.2
|
22.0.2 | |
|
Oracle Retail Applications 23.0.2
Oracle / Retail Applications
|
cpe:/a:oracle:retail_applications:23.0.2
|
23.0.2 | |
|
Oracle Retail Applications 24.0.1
Oracle / Retail Applications
|
cpe:/a:oracle:retail_applications:24.0.1
|
24.0.1 | |
|
Oracle Retail Applications 16.0.3.16
Oracle / Retail Applications
|
cpe:/a:oracle:retail_applications:16.0.3.16
|
16.0.3.16 |
Affected products
Known affected
8 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Oracle Retail Applications 19.1
Oracle / Retail Applications
|
cpe:/a:oracle:retail_applications:19.1
|
19.1 | |
|
Oracle Retail Applications 19.0.6
Oracle / Retail Applications
|
cpe:/a:oracle:retail_applications:19.0.6
|
19.0.6 | |
|
Oracle Retail Applications 20.0.5
Oracle / Retail Applications
|
cpe:/a:oracle:retail_applications:20.0.5
|
20.0.5 | |
|
Oracle Retail Applications 21.0.4
Oracle / Retail Applications
|
cpe:/a:oracle:retail_applications:21.0.4
|
21.0.4 | |
|
Oracle Retail Applications 22.0.2
Oracle / Retail Applications
|
cpe:/a:oracle:retail_applications:22.0.2
|
22.0.2 | |
|
Oracle Retail Applications 23.0.2
Oracle / Retail Applications
|
cpe:/a:oracle:retail_applications:23.0.2
|
23.0.2 | |
|
Oracle Retail Applications 24.0.1
Oracle / Retail Applications
|
cpe:/a:oracle:retail_applications:24.0.1
|
24.0.1 | |
|
Oracle Retail Applications 16.0.3.16
Oracle / Retail Applications
|
cpe:/a:oracle:retail_applications:16.0.3.16
|
16.0.3.16 |
Affected products
Known affected
8 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Oracle Retail Applications 19.1
Oracle / Retail Applications
|
cpe:/a:oracle:retail_applications:19.1
|
19.1 | |
|
Oracle Retail Applications 19.0.6
Oracle / Retail Applications
|
cpe:/a:oracle:retail_applications:19.0.6
|
19.0.6 | |
|
Oracle Retail Applications 20.0.5
Oracle / Retail Applications
|
cpe:/a:oracle:retail_applications:20.0.5
|
20.0.5 | |
|
Oracle Retail Applications 21.0.4
Oracle / Retail Applications
|
cpe:/a:oracle:retail_applications:21.0.4
|
21.0.4 | |
|
Oracle Retail Applications 22.0.2
Oracle / Retail Applications
|
cpe:/a:oracle:retail_applications:22.0.2
|
22.0.2 | |
|
Oracle Retail Applications 23.0.2
Oracle / Retail Applications
|
cpe:/a:oracle:retail_applications:23.0.2
|
23.0.2 | |
|
Oracle Retail Applications 24.0.1
Oracle / Retail Applications
|
cpe:/a:oracle:retail_applications:24.0.1
|
24.0.1 | |
|
Oracle Retail Applications 16.0.3.16
Oracle / Retail Applications
|
cpe:/a:oracle:retail_applications:16.0.3.16
|
16.0.3.16 |
Affected products
Known affected
8 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Oracle Retail Applications 19.1
Oracle / Retail Applications
|
cpe:/a:oracle:retail_applications:19.1
|
19.1 | |
|
Oracle Retail Applications 19.0.6
Oracle / Retail Applications
|
cpe:/a:oracle:retail_applications:19.0.6
|
19.0.6 | |
|
Oracle Retail Applications 20.0.5
Oracle / Retail Applications
|
cpe:/a:oracle:retail_applications:20.0.5
|
20.0.5 | |
|
Oracle Retail Applications 21.0.4
Oracle / Retail Applications
|
cpe:/a:oracle:retail_applications:21.0.4
|
21.0.4 | |
|
Oracle Retail Applications 22.0.2
Oracle / Retail Applications
|
cpe:/a:oracle:retail_applications:22.0.2
|
22.0.2 | |
|
Oracle Retail Applications 23.0.2
Oracle / Retail Applications
|
cpe:/a:oracle:retail_applications:23.0.2
|
23.0.2 | |
|
Oracle Retail Applications 24.0.1
Oracle / Retail Applications
|
cpe:/a:oracle:retail_applications:24.0.1
|
24.0.1 | |
|
Oracle Retail Applications 16.0.3.16
Oracle / Retail Applications
|
cpe:/a:oracle:retail_applications:16.0.3.16
|
16.0.3.16 |
References
3 references
{
"document": {
"aggregate_severity": {
"text": "hoch"
},
"category": "csaf_base",
"csaf_version": "2.0",
"distribution": {
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "de-DE",
"notes": [
{
"category": "legal_disclaimer",
"text": "Das BSI ist als Anbieter f\u00fcr die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch daf\u00fcr verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgf\u00e4ltig im Einzelfall zu pr\u00fcfen."
},
{
"category": "description",
"text": "Oracle Retail Applications ist eine Sammlung von Produkten zur Unterst\u00fctzung u. a. von Handelsfirmen und der Gastronomie.",
"title": "Produktbeschreibung"
},
{
"category": "summary",
"text": "Ein entfernter, anonymer Angreifer kann mehrere Schwachstellen in Oracle Retail Applications ausnutzen, um die Vertraulichkeit, Integrit\u00e4t und Verf\u00fcgbarkeit zu gef\u00e4hrden.",
"title": "Angriff"
},
{
"category": "general",
"text": "- Linux\n- Sonstiges\n- UNIX\n- Windows",
"title": "Betroffene Betriebssysteme"
}
],
"publisher": {
"category": "other",
"contact_details": "csaf-provider@cert-bund.de",
"name": "Bundesamt f\u00fcr Sicherheit in der Informationstechnik",
"namespace": "https://www.bsi.bund.de"
},
"references": [
{
"category": "self",
"summary": "WID-SEC-W-2025-0810 - CSAF Version",
"url": "https://wid.cert-bund.de/.well-known/csaf/white/2025/wid-sec-w-2025-0810.json"
},
{
"category": "self",
"summary": "WID-SEC-2025-0810 - Portal Version",
"url": "https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2025-0810"
},
{
"category": "external",
"summary": "Oracle Critical Patch Update Advisory - April 2025 - Appendix Oracle Retail Applications vom 2025-04-15",
"url": "https://www.oracle.com/security-alerts/cpuapr2025.html#AppendixRAPP"
}
],
"source_lang": "en-US",
"title": "Oracle Retail Applications: Mehrere Schwachstellen",
"tracking": {
"current_release_date": "2025-04-15T22:00:00.000+00:00",
"generator": {
"date": "2025-04-16T09:16:00.144+00:00",
"engine": {
"name": "BSI-WID",
"version": "1.3.12"
}
},
"id": "WID-SEC-W-2025-0810",
"initial_release_date": "2025-04-15T22:00:00.000+00:00",
"revision_history": [
{
"date": "2025-04-15T22:00:00.000+00:00",
"number": "1",
"summary": "Initiale Fassung"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "19.1",
"product": {
"name": "Oracle Retail Applications 19.1",
"product_id": "T021710",
"product_identification_helper": {
"cpe": "cpe:/a:oracle:retail_applications:19.1"
}
}
},
{
"category": "product_version",
"name": "16.0.3.16",
"product": {
"name": "Oracle Retail Applications 16.0.3.16",
"product_id": "T042829",
"product_identification_helper": {
"cpe": "cpe:/a:oracle:retail_applications:16.0.3.16"
}
}
},
{
"category": "product_version",
"name": "19.0.6",
"product": {
"name": "Oracle Retail Applications 19.0.6",
"product_id": "T042830",
"product_identification_helper": {
"cpe": "cpe:/a:oracle:retail_applications:19.0.6"
}
}
},
{
"category": "product_version",
"name": "20.0.5",
"product": {
"name": "Oracle Retail Applications 20.0.5",
"product_id": "T042831",
"product_identification_helper": {
"cpe": "cpe:/a:oracle:retail_applications:20.0.5"
}
}
},
{
"category": "product_version",
"name": "21.0.4",
"product": {
"name": "Oracle Retail Applications 21.0.4",
"product_id": "T042832",
"product_identification_helper": {
"cpe": "cpe:/a:oracle:retail_applications:21.0.4"
}
}
},
{
"category": "product_version",
"name": "22.0.2",
"product": {
"name": "Oracle Retail Applications 22.0.2",
"product_id": "T042833",
"product_identification_helper": {
"cpe": "cpe:/a:oracle:retail_applications:22.0.2"
}
}
},
{
"category": "product_version",
"name": "23.0.2",
"product": {
"name": "Oracle Retail Applications 23.0.2",
"product_id": "T042834",
"product_identification_helper": {
"cpe": "cpe:/a:oracle:retail_applications:23.0.2"
}
}
},
{
"category": "product_version",
"name": "24.0.1",
"product": {
"name": "Oracle Retail Applications 24.0.1",
"product_id": "T042835",
"product_identification_helper": {
"cpe": "cpe:/a:oracle:retail_applications:24.0.1"
}
}
}
],
"category": "product_name",
"name": "Retail Applications"
}
],
"category": "vendor",
"name": "Oracle"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2022-34381",
"product_status": {
"known_affected": [
"T021710",
"T042830",
"T042831",
"T042832",
"T042833",
"T042834",
"T042835",
"T042829"
]
},
"release_date": "2025-04-15T22:00:00.000+00:00",
"title": "CVE-2022-34381"
},
{
"cve": "CVE-2023-24998",
"product_status": {
"known_affected": [
"T021710",
"T042830",
"T042831",
"T042832",
"T042833",
"T042834",
"T042835",
"T042829"
]
},
"release_date": "2025-04-15T22:00:00.000+00:00",
"title": "CVE-2023-24998"
},
{
"cve": "CVE-2023-40167",
"product_status": {
"known_affected": [
"T021710",
"T042830",
"T042831",
"T042832",
"T042833",
"T042834",
"T042835",
"T042829"
]
},
"release_date": "2025-04-15T22:00:00.000+00:00",
"title": "CVE-2023-40167"
},
{
"cve": "CVE-2023-46589",
"product_status": {
"known_affected": [
"T021710",
"T042830",
"T042831",
"T042832",
"T042833",
"T042834",
"T042835",
"T042829"
]
},
"release_date": "2025-04-15T22:00:00.000+00:00",
"title": "CVE-2023-46589"
},
{
"cve": "CVE-2023-48795",
"product_status": {
"known_affected": [
"T021710",
"T042830",
"T042831",
"T042832",
"T042833",
"T042834",
"T042835",
"T042829"
]
},
"release_date": "2025-04-15T22:00:00.000+00:00",
"title": "CVE-2023-48795"
},
{
"cve": "CVE-2023-51074",
"product_status": {
"known_affected": [
"T021710",
"T042830",
"T042831",
"T042832",
"T042833",
"T042834",
"T042835",
"T042829"
]
},
"release_date": "2025-04-15T22:00:00.000+00:00",
"title": "CVE-2023-51074"
},
{
"cve": "CVE-2024-22243",
"product_status": {
"known_affected": [
"T021710",
"T042830",
"T042831",
"T042832",
"T042833",
"T042834",
"T042835",
"T042829"
]
},
"release_date": "2025-04-15T22:00:00.000+00:00",
"title": "CVE-2024-22243"
},
{
"cve": "CVE-2024-29025",
"product_status": {
"known_affected": [
"T021710",
"T042830",
"T042831",
"T042832",
"T042833",
"T042834",
"T042835",
"T042829"
]
},
"release_date": "2025-04-15T22:00:00.000+00:00",
"title": "CVE-2024-29025"
},
{
"cve": "CVE-2024-47554",
"product_status": {
"known_affected": [
"T021710",
"T042830",
"T042831",
"T042832",
"T042833",
"T042834",
"T042835",
"T042829"
]
},
"release_date": "2025-04-15T22:00:00.000+00:00",
"title": "CVE-2024-47554"
}
]
}
Loading…
Trend slope:
-
(linear fit over daily sighting counts)
Show additional events:
Loading…
Experimental. This forecast is provided for visualization only and may change without notice. Do not use it for operational decisions.
Forecast uses a logistic model when the trend is rising, or an exponential decay model when the trend is falling. Fitted via linearized least squares.
Sightings
| Author | Source | Type | Date | Other |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.
Loading…
Loading…