Action not permitted
Modal body text goes here.
Modal Title
Modal Body
CVE-2024-6119 (GCVE-0-2024-6119)
Vulnerability from cvelistv5 – Published: 2024-09-03 15:58 – Updated: 2026-05-12 11:39- CWE-843 - Access of Resource Using Incompatible Type ('Type Confusion')
| Vendor | Product | Version | |
|---|---|---|---|
| OpenSSL | OpenSSL |
Affected:
3.3.0 , < 3.3.2
(semver)
Affected: 3.2.0 , < 3.2.3 (semver) Affected: 3.1.0 , < 3.1.7 (semver) Affected: 3.0.0 , < 3.0.15 (semver) |
|
| openssl | openssl |
Affected:
3.3.0 , < 3.3.2
(custom)
Affected: 3.2.0 , < 3.2.3 (custom) Affected: 3.1.0 , < 3.1.7 (custom) Affected: 3.0.0 , < 3.0.15 (custom) cpe:2.3:a:openssl:openssl:*:*:*:*:*:*:*:* |
|
| Siemens | RUGGEDCOM RST2428P |
Affected:
0 , < V3.1
(custom)
|
|
| Siemens | SCALANCE XC-300/XR-300/XC-400/XR-500WG/XR-500 family |
Unaffected:
0 , < *
(custom)
|
|
| Siemens | SCALANCE XCM-/XRM-/XCH-/XRH-300 family |
Affected:
0 , < V3.1
(custom)
|
|
| Siemens | SIMATIC S7-1500 CPU 1518-4 PN/DP MFP |
Affected:
V3.1.5 , < *
(custom)
|
|
| Siemens | SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP |
Affected:
V3.1.5 , < *
(custom)
|
|
| Siemens | SIPLUS S7-1500 CPU 1518-4 PN/DP MFP |
Affected:
V3.1.5 , < *
(custom)
|
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-09-12T16:03:01.704Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"url": "http://www.openwall.com/lists/oss-security/2024/09/03/4"
},
{
"url": "https://lists.freebsd.org/archives/freebsd-security/2024-September/000303.html"
},
{
"url": "https://security.netapp.com/advisory/ntap-20240912-0001/"
}
],
"title": "CVE Program Container"
},
{
"affected": [
{
"cpes": [
"cpe:2.3:a:openssl:openssl:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "openssl",
"vendor": "openssl",
"versions": [
{
"lessThan": "3.3.2",
"status": "affected",
"version": "3.3.0",
"versionType": "custom"
},
{
"lessThan": "3.2.3",
"status": "affected",
"version": "3.2.0",
"versionType": "custom"
},
{
"lessThan": "3.1.7",
"status": "affected",
"version": "3.1.0",
"versionType": "custom"
},
{
"lessThan": "3.0.15",
"status": "affected",
"version": "3.0.0",
"versionType": "custom"
}
]
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
}
},
{
"other": {
"content": {
"id": "CVE-2024-6119",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-09-03T20:20:39.935362Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-09-03T20:25:47.056Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"affected": [
{
"defaultStatus": "unknown",
"product": "RUGGEDCOM RST2428P",
"vendor": "Siemens",
"versions": [
{
"lessThan": "V3.1",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SCALANCE XC-300/XR-300/XC-400/XR-500WG/XR-500 family",
"vendor": "Siemens",
"versions": [
{
"lessThan": "*",
"status": "unaffected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SCALANCE XCM-/XRM-/XCH-/XRH-300 family",
"vendor": "Siemens",
"versions": [
{
"lessThan": "V3.1",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIMATIC S7-1500 CPU 1518-4 PN/DP MFP",
"vendor": "Siemens",
"versions": [
{
"lessThan": "*",
"status": "affected",
"version": "V3.1.5",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIMATIC S7-1500 CPU 1518-4 PN/DP MFP",
"vendor": "Siemens",
"versions": [
{
"lessThan": "*",
"status": "affected",
"version": "V3.1.5",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP",
"vendor": "Siemens",
"versions": [
{
"lessThan": "*",
"status": "affected",
"version": "V3.1.5",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP",
"vendor": "Siemens",
"versions": [
{
"lessThan": "*",
"status": "affected",
"version": "V3.1.5",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIPLUS S7-1500 CPU 1518-4 PN/DP MFP",
"vendor": "Siemens",
"versions": [
{
"lessThan": "*",
"status": "affected",
"version": "V3.1.5",
"versionType": "custom"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-05-12T11:39:25.102Z",
"orgId": "0b142b55-0307-4c5a-b3c9-f314f3fb7c5e",
"shortName": "siemens-SADP"
},
"references": [
{
"url": "https://cert-portal.siemens.com/productcert/html/ssa-769027.html"
},
{
"url": "https://cert-portal.siemens.com/productcert/html/ssa-082556.html"
},
{
"url": "https://cert-portal.siemens.com/productcert/html/ssa-613116.html"
}
],
"x_adpType": "supplier"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "OpenSSL",
"vendor": "OpenSSL",
"versions": [
{
"lessThan": "3.3.2",
"status": "affected",
"version": "3.3.0",
"versionType": "semver"
},
{
"lessThan": "3.2.3",
"status": "affected",
"version": "3.2.0",
"versionType": "semver"
},
{
"lessThan": "3.1.7",
"status": "affected",
"version": "3.1.0",
"versionType": "semver"
},
{
"lessThan": "3.0.15",
"status": "affected",
"version": "3.0.0",
"versionType": "semver"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "David Benjamin (Google)"
},
{
"lang": "en",
"type": "remediation developer",
"value": "Viktor Dukhovni"
}
],
"datePublic": "2024-09-03T14:00:00.000Z",
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Issue summary: Applications performing certificate name checks (e.g., TLS\u003cbr\u003eclients checking server certificates) may attempt to read an invalid memory\u003cbr\u003eaddress resulting in abnormal termination of the application process.\u003cbr\u003e\u003cbr\u003eImpact summary: Abnormal termination of an application can a cause a denial of\u003cbr\u003eservice.\u003cbr\u003e\u003cbr\u003eApplications performing certificate name checks (e.g., TLS clients checking\u003cbr\u003eserver certificates) may attempt to read an invalid memory address when\u003cbr\u003ecomparing the expected name with an `otherName` subject alternative name of an\u003cbr\u003eX.509 certificate. This may result in an exception that terminates the\u003cbr\u003eapplication program.\u003cbr\u003e\u003cbr\u003eNote that basic certificate chain validation (signatures, dates, ...) is not\u003cbr\u003eaffected, the denial of service can occur only when the application also\u003cbr\u003especifies an expected DNS name, Email address or IP address.\u003cbr\u003e\u003cbr\u003eTLS servers rarely solicit client certificates, and even when they do, they\u003cbr\u003egenerally don\u0027t perform a name check against a reference identifier (expected\u003cbr\u003eidentity), but rather extract the presented identity after checking the\u003cbr\u003ecertificate chain. So TLS servers are generally not affected and the severity\u003cbr\u003eof the issue is Moderate.\u003cbr\u003e\u003cbr\u003eThe FIPS modules in 3.3, 3.2, 3.1 and 3.0 are not affected by this issue."
}
],
"value": "Issue summary: Applications performing certificate name checks (e.g., TLS\nclients checking server certificates) may attempt to read an invalid memory\naddress resulting in abnormal termination of the application process.\n\nImpact summary: Abnormal termination of an application can a cause a denial of\nservice.\n\nApplications performing certificate name checks (e.g., TLS clients checking\nserver certificates) may attempt to read an invalid memory address when\ncomparing the expected name with an `otherName` subject alternative name of an\nX.509 certificate. This may result in an exception that terminates the\napplication program.\n\nNote that basic certificate chain validation (signatures, dates, ...) is not\naffected, the denial of service can occur only when the application also\nspecifies an expected DNS name, Email address or IP address.\n\nTLS servers rarely solicit client certificates, and even when they do, they\ngenerally don\u0027t perform a name check against a reference identifier (expected\nidentity), but rather extract the presented identity after checking the\ncertificate chain. So TLS servers are generally not affected and the severity\nof the issue is Moderate.\n\nThe FIPS modules in 3.3, 3.2, 3.1 and 3.0 are not affected by this issue."
}
],
"metrics": [
{
"format": "other",
"other": {
"content": {
"text": "Moderate"
},
"type": "https://www.openssl.org/policies/secpolicy.html"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-843",
"description": "CWE-843 Access of Resource Using Incompatible Type (\u0027Type Confusion\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-09-03T15:58:06.970Z",
"orgId": "3a12439a-ef3a-4c79-92e6-6081a721f1e5",
"shortName": "openssl"
},
"references": [
{
"name": "OpenSSL Advisory",
"tags": [
"vendor-advisory"
],
"url": "https://openssl-library.org/news/secadv/20240903.txt"
},
{
"name": "3.3.2 git commit",
"tags": [
"patch"
],
"url": "https://github.com/openssl/openssl/commit/7dfcee2cd2a63b2c64b9b4b0850be64cb695b0a0"
},
{
"name": "3.2.3 git commit",
"tags": [
"patch"
],
"url": "https://github.com/openssl/openssl/commit/05f360d9e849a1b277db628f1f13083a7f8dd04f"
},
{
"name": "3.1.7 git commit",
"tags": [
"patch"
],
"url": "https://github.com/openssl/openssl/commit/621f3729831b05ee828a3203eddb621d014ff2b2"
},
{
"name": "3.0.15 git commit",
"tags": [
"patch"
],
"url": "https://github.com/openssl/openssl/commit/06d1dc3fa96a2ba5a3e22735a033012aadc9f0d6"
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "Possible denial of service in X.509 name checks",
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "3a12439a-ef3a-4c79-92e6-6081a721f1e5",
"assignerShortName": "openssl",
"cveId": "CVE-2024-6119",
"datePublished": "2024-09-03T15:58:06.970Z",
"dateReserved": "2024-06-18T09:24:11.739Z",
"dateUpdated": "2026-05-12T11:39:25.102Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2",
"vulnerability-lookup:meta": {
"epss": {
"cve": "CVE-2024-6119",
"date": "2026-06-30",
"epss": "0.66594",
"percentile": "0.99192"
},
"nvd": "{\"cve\":{\"id\":\"CVE-2024-6119\",\"sourceIdentifier\":\"openssl-security@openssl.org\",\"published\":\"2024-09-03T16:15:07.177\",\"lastModified\":\"2026-06-17T08:17:19.693\",\"vulnStatus\":\"Modified\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"Issue summary: Applications performing certificate name checks (e.g., TLS\\nclients checking server certificates) may attempt to read an invalid memory\\naddress resulting in abnormal termination of the application process.\\n\\nImpact summary: Abnormal termination of an application can a cause a denial of\\nservice.\\n\\nApplications performing certificate name checks (e.g., TLS clients checking\\nserver certificates) may attempt to read an invalid memory address when\\ncomparing the expected name with an `otherName` subject alternative name of an\\nX.509 certificate. This may result in an exception that terminates the\\napplication program.\\n\\nNote that basic certificate chain validation (signatures, dates, ...) is not\\naffected, the denial of service can occur only when the application also\\nspecifies an expected DNS name, Email address or IP address.\\n\\nTLS servers rarely solicit client certificates, and even when they do, they\\ngenerally don\u0027t perform a name check against a reference identifier (expected\\nidentity), but rather extract the presented identity after checking the\\ncertificate chain. So TLS servers are generally not affected and the severity\\nof the issue is Moderate.\\n\\nThe FIPS modules in 3.3, 3.2, 3.1 and 3.0 are not affected by this issue.\"},{\"lang\":\"es\",\"value\":\"Resumen del problema: Las aplicaciones que realizan comprobaciones de nombres de certificados (por ejemplo, clientes TLS que comprueban certificados de servidor) pueden intentar leer una direcci\u00f3n de memoria no v\u00e1lida, lo que da como resultado la finalizaci\u00f3n anormal del proceso de la aplicaci\u00f3n. Resumen del impacto: La finalizaci\u00f3n anormal de una aplicaci\u00f3n puede causar una denegaci\u00f3n de servicio. Las aplicaciones que realizan comprobaciones de nombres de certificados (por ejemplo, clientes TLS que comprueban certificados de servidor) pueden intentar leer una direcci\u00f3n de memoria no v\u00e1lida al comparar el nombre esperado con un nombre alternativo de sujeto `otherName` de un certificado X.509. Esto puede dar como resultado una excepci\u00f3n que finalice el programa de aplicaci\u00f3n. Tenga en cuenta que la validaci\u00f3n b\u00e1sica de la cadena de certificados (firmas, fechas, ...) no se ve afectada, la denegaci\u00f3n de servicio puede ocurrir solo cuando la aplicaci\u00f3n tambi\u00e9n especifica un nombre DNS, una direcci\u00f3n de correo electr\u00f3nico o una direcci\u00f3n IP esperados. Los servidores TLS rara vez solicitan certificados de cliente, e incluso cuando lo hacen, generalmente no realizan una comprobaci\u00f3n de nombre contra un identificador de referencia (identidad esperada), sino que extraen la identidad presentada despu\u00e9s de comprobar la cadena de certificados. Por lo tanto, los servidores TLS generalmente no se ven afectados y la gravedad del problema es moderada. Los m\u00f3dulos FIPS en 3.3, 3.2, 3.1 y 3.0 no se ven afectados por este problema.\"}],\"affected\":[{\"source\":\"openssl-security@openssl.org\",\"affectedData\":[{\"vendor\":\"OpenSSL\",\"product\":\"OpenSSL\",\"defaultStatus\":\"unaffected\",\"versions\":[{\"version\":\"3.3.0\",\"lessThan\":\"3.3.2\",\"versionType\":\"semver\",\"status\":\"affected\"},{\"version\":\"3.2.0\",\"lessThan\":\"3.2.3\",\"versionType\":\"semver\",\"status\":\"affected\"},{\"version\":\"3.1.0\",\"lessThan\":\"3.1.7\",\"versionType\":\"semver\",\"status\":\"affected\"},{\"version\":\"3.0.0\",\"lessThan\":\"3.0.15\",\"versionType\":\"semver\",\"status\":\"affected\"}]}]},{\"source\":\"134c704f-9b21-4f2e-91b3-4a467353bcc0\",\"affectedData\":[{\"vendor\":\"openssl\",\"product\":\"openssl\",\"defaultStatus\":\"unknown\",\"cpes\":[\"cpe:2.3:a:openssl:openssl:*:*:*:*:*:*:*:*\"],\"versions\":[{\"version\":\"3.3.0\",\"lessThan\":\"3.3.2\",\"versionType\":\"custom\",\"status\":\"affected\"},{\"version\":\"3.2.0\",\"lessThan\":\"3.2.3\",\"versionType\":\"custom\",\"status\":\"affected\"},{\"version\":\"3.1.0\",\"lessThan\":\"3.1.7\",\"versionType\":\"custom\",\"status\":\"affected\"},{\"version\":\"3.0.0\",\"lessThan\":\"3.0.15\",\"versionType\":\"custom\",\"status\":\"affected\"}]}]},{\"source\":\"0b142b55-0307-4c5a-b3c9-f314f3fb7c5e\",\"affectedData\":[{\"vendor\":\"Siemens\",\"product\":\"RUGGEDCOM RST2428P\",\"defaultStatus\":\"unknown\",\"versions\":[{\"version\":\"0\",\"lessThan\":\"V3.1\",\"versionType\":\"custom\",\"status\":\"affected\"}]},{\"vendor\":\"Siemens\",\"product\":\"SCALANCE XC-300/XR-300/XC-400/XR-500WG/XR-500 family\",\"defaultStatus\":\"unknown\",\"versions\":[{\"version\":\"0\",\"lessThan\":\"*\",\"versionType\":\"custom\",\"status\":\"unaffected\"}]},{\"vendor\":\"Siemens\",\"product\":\"SCALANCE XCM-/XRM-/XCH-/XRH-300 family\",\"defaultStatus\":\"unknown\",\"versions\":[{\"version\":\"0\",\"lessThan\":\"V3.1\",\"versionType\":\"custom\",\"status\":\"affected\"}]},{\"vendor\":\"Siemens\",\"product\":\"SIMATIC S7-1500 CPU 1518-4 PN/DP MFP\",\"defaultStatus\":\"unknown\",\"versions\":[{\"version\":\"V3.1.5\",\"lessThan\":\"*\",\"versionType\":\"custom\",\"status\":\"affected\"}]},{\"vendor\":\"Siemens\",\"product\":\"SIMATIC S7-1500 CPU 1518-4 PN/DP MFP\",\"defaultStatus\":\"unknown\",\"versions\":[{\"version\":\"V3.1.5\",\"lessThan\":\"*\",\"versionType\":\"custom\",\"status\":\"affected\"}]},{\"vendor\":\"Siemens\",\"product\":\"SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP\",\"defaultStatus\":\"unknown\",\"versions\":[{\"version\":\"V3.1.5\",\"lessThan\":\"*\",\"versionType\":\"custom\",\"status\":\"affected\"}]},{\"vendor\":\"Siemens\",\"product\":\"SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP\",\"defaultStatus\":\"unknown\",\"versions\":[{\"version\":\"V3.1.5\",\"lessThan\":\"*\",\"versionType\":\"custom\",\"status\":\"affected\"}]},{\"vendor\":\"Siemens\",\"product\":\"SIPLUS S7-1500 CPU 1518-4 PN/DP MFP\",\"defaultStatus\":\"unknown\",\"versions\":[{\"version\":\"V3.1.5\",\"lessThan\":\"*\",\"versionType\":\"custom\",\"status\":\"affected\"}]}]}],\"metrics\":{\"cvssMetricV31\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H\",\"baseScore\":7.5,\"baseSeverity\":\"HIGH\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"NONE\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"NONE\",\"integrityImpact\":\"NONE\",\"availabilityImpact\":\"HIGH\"},\"exploitabilityScore\":3.9,\"impactScore\":3.6},{\"source\":\"134c704f-9b21-4f2e-91b3-4a467353bcc0\",\"type\":\"Secondary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N\",\"baseScore\":7.5,\"baseSeverity\":\"HIGH\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"NONE\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"HIGH\",\"integrityImpact\":\"NONE\",\"availabilityImpact\":\"NONE\"},\"exploitabilityScore\":3.9,\"impactScore\":3.6}],\"ssvcV203\":[{\"source\":\"134c704f-9b21-4f2e-91b3-4a467353bcc0\",\"ssvcData\":{\"timestamp\":\"2024-09-03T20:20:39.935362Z\",\"id\":\"CVE-2024-6119\",\"options\":[{\"exploitation\":\"none\"},{\"automatable\":\"yes\"},{\"technicalImpact\":\"partial\"}],\"role\":\"CISA Coordinator\",\"version\":\"2.0.3\"}}]},\"weaknesses\":[{\"source\":\"openssl-security@openssl.org\",\"type\":\"Secondary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-843\"}]},{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-843\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:openssl:openssl:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"3.0.0\",\"versionEndExcluding\":\"3.0.15\",\"matchCriteriaId\":\"F6B2B529-0ABC-49F4-BD03-380F291A84D4\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:openssl:openssl:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"3.1.0\",\"versionEndExcluding\":\"3.1.7\",\"matchCriteriaId\":\"30CD2859-B247-4957-A511-0FE284AA4A3A\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:openssl:openssl:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"3.2.0\",\"versionEndExcluding\":\"3.2.3\",\"matchCriteriaId\":\"B822EA84-566B-44F2-9485-8A97103249D5\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:openssl:openssl:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"3.3.0\",\"versionEndExcluding\":\"3.3.2\",\"matchCriteriaId\":\"37FD7956-A868-459B-90EA-C0D2DCF63AFC\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:netapp:active_iq_unified_manager:-:*:*:*:*:vmware_vsphere:*:*\",\"matchCriteriaId\":\"3A756737-1CC4-42C2-A4DF-E1C893B4E2D5\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:netapp:management_services_for_element_software_and_netapp_hci:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"FDAC85F0-93AF-4BE3-AE1A-8ADAF1CDF9AB\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:netapp:ontap_9:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"AD886814-B4A0-4764-9F08-2060601D8E89\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:netapp:ontap_select_deploy_administration_utility:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"E7CF3019-975D-40BB-A8A4-894E62BD3797\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:netapp:ontap_tools:9:*:*:*:*:vmware_vsphere:*:*\",\"matchCriteriaId\":\"C2D814BE-93EC-42EF-88C5-EA7E7DF07BE5\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:netapp:brocade_fabric_operating_system:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"A2119FFC-08F9-4C3F-881C-9C72916BC652\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:netapp:h300s_firmware:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"6770B6C3-732E-4E22-BF1C-2D2FD610061C\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:netapp:h300s:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"9F9C8C20-42EB-4AB5-BD97-212DEB070C43\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:netapp:h500s_firmware:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"7FFF7106-ED78-49BA-9EC5-B889E3685D53\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:netapp:h500s:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"E63D8B0F-006E-4801-BF9D-1C001BBFB4F9\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:netapp:h700s_firmware:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"56409CEC-5A1E-4450-AA42-641E459CC2AF\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:netapp:h700s:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"B06F4839-D16A-4A61-9BB5-55B13F41E47F\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:netapp:h410s_firmware:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"D0B4AD8A-F172-4558-AEC6-FF424BA2D912\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:netapp:h410s:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"8497A4C9-8474-4A62-8331-3FE862ED4098\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:netapp:h410c_firmware:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"234DEFE0-5CE5-4B0A-96B8-5D227CB8ED31\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:netapp:h410c:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"CDDF61B7-EC5C-467C-B710-B89F502CD04F\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:netapp:h610c_firmware:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"89612649-BACF-4FAC-9BA4-324724FD93A6\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:netapp:h610c:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"F3D9B255-C1AF-42D1-BF9B-13642FBDC080\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:netapp:h610s_firmware:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"FD7CFE0E-9D1E-4495-B302-89C3096FC0DF\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:netapp:h610s:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"F63A3FA7-AAED-4A9D-9FDE-6195302DA0F6\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:netapp:h615c:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"7296A1F2-D315-4FD5-8A73-65C480C855BE\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:o:netapp:h615c_firmware:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"5921A877-18BF-43FE-915C-D226E140ACFC\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:netapp:bootstrap_os:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"95BA156C-C977-4F0C-8DFB-3FAE9CC8C02D\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:netapp:hci_compute_node:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"AD7447BC-F315-4298-A822-549942FC118B\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:netapp:a250_firmware:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"1236B66D-EB11-4324-929F-E2B86683C3C7\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:netapp:a250:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"281DFC67-46BB-4FC2-BE03-3C65C9311F65\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:netapp:500f_firmware:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"ECF32BB1-9A58-4821-AE49-5D5C8200631F\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:netapp:500f:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"F21DE67F-CDFD-4D36-9967-633CD0240C6F\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:netapp:c250_firmware:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"F1AB1EC2-2560-494A-A51B-6F20CE318FEB\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:netapp:c250:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"58DE2B52-4E49-4CD0-9310-00291B0352C7\"}]}]}],\"references\":[{\"url\":\"https://github.com/openssl/openssl/commit/05f360d9e849a1b277db628f1f13083a7f8dd04f\",\"source\":\"openssl-security@openssl.org\",\"tags\":[\"Patch\"]},{\"url\":\"https://github.com/openssl/openssl/commit/06d1dc3fa96a2ba5a3e22735a033012aadc9f0d6\",\"source\":\"openssl-security@openssl.org\",\"tags\":[\"Patch\"]},{\"url\":\"https://github.com/openssl/openssl/commit/621f3729831b05ee828a3203eddb621d014ff2b2\",\"source\":\"openssl-security@openssl.org\",\"tags\":[\"Patch\"]},{\"url\":\"https://github.com/openssl/openssl/commit/7dfcee2cd2a63b2c64b9b4b0850be64cb695b0a0\",\"source\":\"openssl-security@openssl.org\",\"tags\":[\"Patch\"]},{\"url\":\"https://openssl-library.org/news/secadv/20240903.txt\",\"source\":\"openssl-security@openssl.org\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"http://www.openwall.com/lists/oss-security/2024/09/03/4\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mailing List\"]},{\"url\":\"https://lists.freebsd.org/archives/freebsd-security/2024-September/000303.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mailing List\"]},{\"url\":\"https://security.netapp.com/advisory/ntap-20240912-0001/\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://cert-portal.siemens.com/productcert/html/ssa-082556.html\",\"source\":\"0b142b55-0307-4c5a-b3c9-f314f3fb7c5e\"},{\"url\":\"https://cert-portal.siemens.com/productcert/html/ssa-613116.html\",\"source\":\"0b142b55-0307-4c5a-b3c9-f314f3fb7c5e\"},{\"url\":\"https://cert-portal.siemens.com/productcert/html/ssa-769027.html\",\"source\":\"0b142b55-0307-4c5a-b3c9-f314f3fb7c5e\"}]}}",
"vulnrichment": {
"containers": "{\"adp\": [{\"title\": \"CVE Program Container\", \"references\": [{\"url\": \"http://www.openwall.com/lists/oss-security/2024/09/03/4\"}, {\"url\": \"https://lists.freebsd.org/archives/freebsd-security/2024-September/000303.html\"}, {\"url\": \"https://security.netapp.com/advisory/ntap-20240912-0001/\"}], \"providerMetadata\": {\"orgId\": \"af854a3a-2127-422b-91ae-364da2661108\", \"shortName\": \"CVE\", \"dateUpdated\": \"2024-09-12T16:03:01.704Z\"}}, {\"title\": \"CISA ADP Vulnrichment\", \"metrics\": [{\"cvssV3_1\": {\"scope\": \"UNCHANGED\", \"version\": \"3.1\", \"baseScore\": 7.5, \"attackVector\": \"NETWORK\", \"baseSeverity\": \"HIGH\", \"vectorString\": \"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N\", \"integrityImpact\": \"NONE\", \"userInteraction\": \"NONE\", \"attackComplexity\": \"LOW\", \"availabilityImpact\": \"NONE\", \"privilegesRequired\": \"NONE\", \"confidentialityImpact\": \"HIGH\"}}, {\"other\": {\"type\": \"ssvc\", \"content\": {\"id\": \"CVE-2024-6119\", \"role\": \"CISA Coordinator\", \"options\": [{\"Exploitation\": \"none\"}, {\"Automatable\": \"yes\"}, {\"Technical Impact\": \"partial\"}], \"version\": \"2.0.3\", \"timestamp\": \"2024-09-03T20:20:39.935362Z\"}}}], \"affected\": [{\"cpes\": [\"cpe:2.3:a:openssl:openssl:*:*:*:*:*:*:*:*\"], \"vendor\": \"openssl\", \"product\": \"openssl\", \"versions\": [{\"status\": \"affected\", \"version\": \"3.3.0\", \"lessThan\": \"3.3.2\", \"versionType\": \"custom\"}, {\"status\": \"affected\", \"version\": \"3.2.0\", \"lessThan\": \"3.2.3\", \"versionType\": \"custom\"}, {\"status\": \"affected\", \"version\": \"3.1.0\", \"lessThan\": \"3.1.7\", \"versionType\": \"custom\"}, {\"status\": \"affected\", \"version\": \"3.0.0\", \"lessThan\": \"3.0.15\", \"versionType\": \"custom\"}], \"defaultStatus\": \"unknown\"}], \"providerMetadata\": {\"orgId\": \"134c704f-9b21-4f2e-91b3-4a467353bcc0\", \"shortName\": \"CISA-ADP\", \"dateUpdated\": \"2024-09-03T20:25:42.826Z\"}}], \"cna\": {\"title\": \"Possible denial of service in X.509 name checks\", \"source\": {\"discovery\": \"UNKNOWN\"}, \"credits\": [{\"lang\": \"en\", \"type\": \"finder\", \"value\": \"David Benjamin (Google)\"}, {\"lang\": \"en\", \"type\": \"remediation developer\", \"value\": \"Viktor Dukhovni\"}], \"metrics\": [{\"other\": {\"type\": \"https://www.openssl.org/policies/secpolicy.html\", \"content\": {\"text\": \"Moderate\"}}, \"format\": \"other\"}], \"affected\": [{\"vendor\": \"OpenSSL\", \"product\": \"OpenSSL\", \"versions\": [{\"status\": \"affected\", \"version\": \"3.3.0\", \"lessThan\": \"3.3.2\", \"versionType\": \"semver\"}, {\"status\": \"affected\", \"version\": \"3.2.0\", \"lessThan\": \"3.2.3\", \"versionType\": \"semver\"}, {\"status\": \"affected\", \"version\": \"3.1.0\", \"lessThan\": \"3.1.7\", \"versionType\": \"semver\"}, {\"status\": \"affected\", \"version\": \"3.0.0\", \"lessThan\": \"3.0.15\", \"versionType\": \"semver\"}], \"defaultStatus\": \"unaffected\"}], \"datePublic\": \"2024-09-03T14:00:00.000Z\", \"references\": [{\"url\": \"https://openssl-library.org/news/secadv/20240903.txt\", \"name\": \"OpenSSL Advisory\", \"tags\": [\"vendor-advisory\"]}, {\"url\": \"https://github.com/openssl/openssl/commit/7dfcee2cd2a63b2c64b9b4b0850be64cb695b0a0\", \"name\": \"3.3.2 git commit\", \"tags\": [\"patch\"]}, {\"url\": \"https://github.com/openssl/openssl/commit/05f360d9e849a1b277db628f1f13083a7f8dd04f\", \"name\": \"3.2.3 git commit\", \"tags\": [\"patch\"]}, {\"url\": \"https://github.com/openssl/openssl/commit/621f3729831b05ee828a3203eddb621d014ff2b2\", \"name\": \"3.1.7 git commit\", \"tags\": [\"patch\"]}, {\"url\": \"https://github.com/openssl/openssl/commit/06d1dc3fa96a2ba5a3e22735a033012aadc9f0d6\", \"name\": \"3.0.15 git commit\", \"tags\": [\"patch\"]}], \"x_generator\": {\"engine\": \"Vulnogram 0.2.0\"}, \"descriptions\": [{\"lang\": \"en\", \"value\": \"Issue summary: Applications performing certificate name checks (e.g., TLS\\nclients checking server certificates) may attempt to read an invalid memory\\naddress resulting in abnormal termination of the application process.\\n\\nImpact summary: Abnormal termination of an application can a cause a denial of\\nservice.\\n\\nApplications performing certificate name checks (e.g., TLS clients checking\\nserver certificates) may attempt to read an invalid memory address when\\ncomparing the expected name with an `otherName` subject alternative name of an\\nX.509 certificate. This may result in an exception that terminates the\\napplication program.\\n\\nNote that basic certificate chain validation (signatures, dates, ...) is not\\naffected, the denial of service can occur only when the application also\\nspecifies an expected DNS name, Email address or IP address.\\n\\nTLS servers rarely solicit client certificates, and even when they do, they\\ngenerally don\u0027t perform a name check against a reference identifier (expected\\nidentity), but rather extract the presented identity after checking the\\ncertificate chain. So TLS servers are generally not affected and the severity\\nof the issue is Moderate.\\n\\nThe FIPS modules in 3.3, 3.2, 3.1 and 3.0 are not affected by this issue.\", \"supportingMedia\": [{\"type\": \"text/html\", \"value\": \"Issue summary: Applications performing certificate name checks (e.g., TLS\u003cbr\u003eclients checking server certificates) may attempt to read an invalid memory\u003cbr\u003eaddress resulting in abnormal termination of the application process.\u003cbr\u003e\u003cbr\u003eImpact summary: Abnormal termination of an application can a cause a denial of\u003cbr\u003eservice.\u003cbr\u003e\u003cbr\u003eApplications performing certificate name checks (e.g., TLS clients checking\u003cbr\u003eserver certificates) may attempt to read an invalid memory address when\u003cbr\u003ecomparing the expected name with an `otherName` subject alternative name of an\u003cbr\u003eX.509 certificate. This may result in an exception that terminates the\u003cbr\u003eapplication program.\u003cbr\u003e\u003cbr\u003eNote that basic certificate chain validation (signatures, dates, ...) is not\u003cbr\u003eaffected, the denial of service can occur only when the application also\u003cbr\u003especifies an expected DNS name, Email address or IP address.\u003cbr\u003e\u003cbr\u003eTLS servers rarely solicit client certificates, and even when they do, they\u003cbr\u003egenerally don\u0027t perform a name check against a reference identifier (expected\u003cbr\u003eidentity), but rather extract the presented identity after checking the\u003cbr\u003ecertificate chain. So TLS servers are generally not affected and the severity\u003cbr\u003eof the issue is Moderate.\u003cbr\u003e\u003cbr\u003eThe FIPS modules in 3.3, 3.2, 3.1 and 3.0 are not affected by this issue.\", \"base64\": false}]}], \"problemTypes\": [{\"descriptions\": [{\"lang\": \"en\", \"type\": \"CWE\", \"cweId\": \"CWE-843\", \"description\": \"CWE-843 Access of Resource Using Incompatible Type (\u0027Type Confusion\u0027)\"}]}], \"providerMetadata\": {\"orgId\": \"3a12439a-ef3a-4c79-92e6-6081a721f1e5\", \"shortName\": \"openssl\", \"dateUpdated\": \"2024-09-03T15:58:06.970Z\"}}}",
"cveMetadata": "{\"cveId\": \"CVE-2024-6119\", \"state\": \"PUBLISHED\", \"dateUpdated\": \"2024-09-12T16:03:01.704Z\", \"dateReserved\": \"2024-06-18T09:24:11.739Z\", \"assignerOrgId\": \"3a12439a-ef3a-4c79-92e6-6081a721f1e5\", \"datePublished\": \"2024-09-03T15:58:06.970Z\", \"assignerShortName\": \"openssl\"}",
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
}
}
SSA-613116
Vulnerability from csaf_siemens - Published: 2025-08-12 00:00 - Updated: 2026-02-24 00:00| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
RUGGEDCOM RST2428P (6GK6242-6PA00)
Siemens / RUGGEDCOM RST2428P (6GK6242-6PA00)
|
6GK6242-6PA00
|
vers:all/* | |
|
SCALANCE XC-300/XR-300/XC-400/XR-500WG/XR-500 family
Siemens / SCALANCE XC-300/XR-300/XC-400/XR-500WG/XR-500 family
|
vers:all/* | ||
|
SCALANCE XCM-/XRM-/XCH-/XRH-300 family
Siemens / SCALANCE XCM-/XRM-/XCH-/XRH-300 family
|
vers:all/* |
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
SCALANCE XC-300/XR-300/XC-400/XR-500WG/XR-500 family
Siemens / SCALANCE XC-300/XR-300/XC-400/XR-500WG/XR-500 family
|
vers:all/* |
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
SCALANCE XC-300/XR-300/XC-400/XR-500WG/XR-500 family
Siemens / SCALANCE XC-300/XR-300/XC-400/XR-500WG/XR-500 family
|
vers:all/* |
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
RUGGEDCOM RST2428P (6GK6242-6PA00)
Siemens / RUGGEDCOM RST2428P (6GK6242-6PA00)
|
6GK6242-6PA00
|
vers:all/* | |
|
SCALANCE XC-300/XR-300/XC-400/XR-500WG/XR-500 family
Siemens / SCALANCE XC-300/XR-300/XC-400/XR-500WG/XR-500 family
|
vers:all/* | ||
|
SCALANCE XCM-/XRM-/XCH-/XRH-300 family
Siemens / SCALANCE XCM-/XRM-/XCH-/XRH-300 family
|
vers:all/* |
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
RUGGEDCOM RST2428P (6GK6242-6PA00)
Siemens / RUGGEDCOM RST2428P (6GK6242-6PA00)
|
6GK6242-6PA00
|
vers:all/* | |
|
SCALANCE XC-300/XR-300/XC-400/XR-500WG/XR-500 family
Siemens / SCALANCE XC-300/XR-300/XC-400/XR-500WG/XR-500 family
|
vers:all/* | ||
|
SCALANCE XCM-/XRM-/XCH-/XRH-300 family
Siemens / SCALANCE XCM-/XRM-/XCH-/XRH-300 family
|
vers:all/* |
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
RUGGEDCOM RST2428P (6GK6242-6PA00)
Siemens / RUGGEDCOM RST2428P (6GK6242-6PA00)
|
6GK6242-6PA00
|
vers:all/* | |
|
SCALANCE XC-300/XR-300/XC-400/XR-500WG/XR-500 family
Siemens / SCALANCE XC-300/XR-300/XC-400/XR-500WG/XR-500 family
|
vers:all/* | ||
|
SCALANCE XCM-/XRM-/XCH-/XRH-300 family
Siemens / SCALANCE XCM-/XRM-/XCH-/XRH-300 family
|
vers:all/* |
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
RUGGEDCOM RST2428P (6GK6242-6PA00)
Siemens / RUGGEDCOM RST2428P (6GK6242-6PA00)
|
6GK6242-6PA00
|
vers:all/* | |
|
SCALANCE XC-300/XR-300/XC-400/XR-500WG/XR-500 family
Siemens / SCALANCE XC-300/XR-300/XC-400/XR-500WG/XR-500 family
|
vers:all/* | ||
|
SCALANCE XCM-/XRM-/XCH-/XRH-300 family
Siemens / SCALANCE XCM-/XRM-/XCH-/XRH-300 family
|
vers:all/* |
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
RUGGEDCOM RST2428P (6GK6242-6PA00)
Siemens / RUGGEDCOM RST2428P (6GK6242-6PA00)
|
6GK6242-6PA00
|
vers:all/* | |
|
SCALANCE XC-300/XR-300/XC-400/XR-500WG/XR-500 family
Siemens / SCALANCE XC-300/XR-300/XC-400/XR-500WG/XR-500 family
|
vers:all/* | ||
|
SCALANCE XCM-/XRM-/XCH-/XRH-300 family
Siemens / SCALANCE XCM-/XRM-/XCH-/XRH-300 family
|
vers:all/* |
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
RUGGEDCOM RST2428P (6GK6242-6PA00)
Siemens / RUGGEDCOM RST2428P (6GK6242-6PA00)
|
6GK6242-6PA00
|
vers:all/* | |
|
SCALANCE XC-300/XR-300/XC-400/XR-500WG/XR-500 family
Siemens / SCALANCE XC-300/XR-300/XC-400/XR-500WG/XR-500 family
|
vers:all/* | ||
|
SCALANCE XCM-/XRM-/XCH-/XRH-300 family
Siemens / SCALANCE XCM-/XRM-/XCH-/XRH-300 family
|
vers:all/* |
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
RUGGEDCOM RST2428P (6GK6242-6PA00)
Siemens / RUGGEDCOM RST2428P (6GK6242-6PA00)
|
6GK6242-6PA00
|
vers:all/* | |
|
SCALANCE XC-300/XR-300/XC-400/XR-500WG/XR-500 family
Siemens / SCALANCE XC-300/XR-300/XC-400/XR-500WG/XR-500 family
|
vers:all/* | ||
|
SCALANCE XCM-/XRM-/XCH-/XRH-300 family
Siemens / SCALANCE XCM-/XRM-/XCH-/XRH-300 family
|
vers:all/* |
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
RUGGEDCOM RST2428P (6GK6242-6PA00)
Siemens / RUGGEDCOM RST2428P (6GK6242-6PA00)
|
6GK6242-6PA00
|
vers:all/* | |
|
SCALANCE XC-300/XR-300/XC-400/XR-500WG/XR-500 family
Siemens / SCALANCE XC-300/XR-300/XC-400/XR-500WG/XR-500 family
|
vers:all/* | ||
|
SCALANCE XCM-/XRM-/XCH-/XRH-300 family
Siemens / SCALANCE XCM-/XRM-/XCH-/XRH-300 family
|
vers:all/* |
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
RUGGEDCOM RST2428P (6GK6242-6PA00)
Siemens / RUGGEDCOM RST2428P (6GK6242-6PA00)
|
6GK6242-6PA00
|
vers:all/* | |
|
SCALANCE XC-300/XR-300/XC-400/XR-500WG/XR-500 family
Siemens / SCALANCE XC-300/XR-300/XC-400/XR-500WG/XR-500 family
|
vers:all/* | ||
|
SCALANCE XCM-/XRM-/XCH-/XRH-300 family
Siemens / SCALANCE XCM-/XRM-/XCH-/XRH-300 family
|
vers:all/* |
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
RUGGEDCOM RST2428P (6GK6242-6PA00)
Siemens / RUGGEDCOM RST2428P (6GK6242-6PA00)
|
6GK6242-6PA00
|
vers:all/* | |
|
SCALANCE XC-300/XR-300/XC-400/XR-500WG/XR-500 family
Siemens / SCALANCE XC-300/XR-300/XC-400/XR-500WG/XR-500 family
|
vers:all/* | ||
|
SCALANCE XCM-/XRM-/XCH-/XRH-300 family
Siemens / SCALANCE XCM-/XRM-/XCH-/XRH-300 family
|
vers:all/* |
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
RUGGEDCOM RST2428P (6GK6242-6PA00)
Siemens / RUGGEDCOM RST2428P (6GK6242-6PA00)
|
6GK6242-6PA00
|
vers:all/* | |
|
SCALANCE XC-300/XR-300/XC-400/XR-500WG/XR-500 family
Siemens / SCALANCE XC-300/XR-300/XC-400/XR-500WG/XR-500 family
|
vers:all/* | ||
|
SCALANCE XCM-/XRM-/XCH-/XRH-300 family
Siemens / SCALANCE XCM-/XRM-/XCH-/XRH-300 family
|
vers:all/* |
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
RUGGEDCOM RST2428P (6GK6242-6PA00)
Siemens / RUGGEDCOM RST2428P (6GK6242-6PA00)
|
6GK6242-6PA00
|
vers:all/* | |
|
SCALANCE XC-300/XR-300/XC-400/XR-500WG/XR-500 family
Siemens / SCALANCE XC-300/XR-300/XC-400/XR-500WG/XR-500 family
|
vers:all/* | ||
|
SCALANCE XCM-/XRM-/XCH-/XRH-300 family
Siemens / SCALANCE XCM-/XRM-/XCH-/XRH-300 family
|
vers:all/* |
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
RUGGEDCOM RST2428P (6GK6242-6PA00)
Siemens / RUGGEDCOM RST2428P (6GK6242-6PA00)
|
6GK6242-6PA00
|
vers:all/* | |
|
SCALANCE XC-300/XR-300/XC-400/XR-500WG/XR-500 family
Siemens / SCALANCE XC-300/XR-300/XC-400/XR-500WG/XR-500 family
|
vers:all/* | ||
|
SCALANCE XCM-/XRM-/XCH-/XRH-300 family
Siemens / SCALANCE XCM-/XRM-/XCH-/XRH-300 family
|
vers:all/* |
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
RUGGEDCOM RST2428P (6GK6242-6PA00)
Siemens / RUGGEDCOM RST2428P (6GK6242-6PA00)
|
6GK6242-6PA00
|
vers:all/* | |
|
SCALANCE XC-300/XR-300/XC-400/XR-500WG/XR-500 family
Siemens / SCALANCE XC-300/XR-300/XC-400/XR-500WG/XR-500 family
|
vers:all/* | ||
|
SCALANCE XCM-/XRM-/XCH-/XRH-300 family
Siemens / SCALANCE XCM-/XRM-/XCH-/XRH-300 family
|
vers:all/* |
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
RUGGEDCOM RST2428P (6GK6242-6PA00)
Siemens / RUGGEDCOM RST2428P (6GK6242-6PA00)
|
6GK6242-6PA00
|
vers:all/* | |
|
SCALANCE XC-300/XR-300/XC-400/XR-500WG/XR-500 family
Siemens / SCALANCE XC-300/XR-300/XC-400/XR-500WG/XR-500 family
|
vers:all/* | ||
|
SCALANCE XCM-/XRM-/XCH-/XRH-300 family
Siemens / SCALANCE XCM-/XRM-/XCH-/XRH-300 family
|
vers:all/* |
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
RUGGEDCOM RST2428P (6GK6242-6PA00)
Siemens / RUGGEDCOM RST2428P (6GK6242-6PA00)
|
6GK6242-6PA00
|
vers:all/* | |
|
SCALANCE XC-300/XR-300/XC-400/XR-500WG/XR-500 family
Siemens / SCALANCE XC-300/XR-300/XC-400/XR-500WG/XR-500 family
|
vers:all/* | ||
|
SCALANCE XCM-/XRM-/XCH-/XRH-300 family
Siemens / SCALANCE XCM-/XRM-/XCH-/XRH-300 family
|
vers:all/* |
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
RUGGEDCOM RST2428P (6GK6242-6PA00)
Siemens / RUGGEDCOM RST2428P (6GK6242-6PA00)
|
6GK6242-6PA00
|
vers:all/* | |
|
SCALANCE XC-300/XR-300/XC-400/XR-500WG/XR-500 family
Siemens / SCALANCE XC-300/XR-300/XC-400/XR-500WG/XR-500 family
|
vers:all/* | ||
|
SCALANCE XCM-/XRM-/XCH-/XRH-300 family
Siemens / SCALANCE XCM-/XRM-/XCH-/XRH-300 family
|
vers:all/* |
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
RUGGEDCOM RST2428P (6GK6242-6PA00)
Siemens / RUGGEDCOM RST2428P (6GK6242-6PA00)
|
6GK6242-6PA00
|
vers:all/* | |
|
SCALANCE XC-300/XR-300/XC-400/XR-500WG/XR-500 family
Siemens / SCALANCE XC-300/XR-300/XC-400/XR-500WG/XR-500 family
|
vers:all/* | ||
|
SCALANCE XCM-/XRM-/XCH-/XRH-300 family
Siemens / SCALANCE XCM-/XRM-/XCH-/XRH-300 family
|
vers:all/* |
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
RUGGEDCOM RST2428P (6GK6242-6PA00)
Siemens / RUGGEDCOM RST2428P (6GK6242-6PA00)
|
6GK6242-6PA00
|
vers:all/* | |
|
SCALANCE XC-300/XR-300/XC-400/XR-500WG/XR-500 family
Siemens / SCALANCE XC-300/XR-300/XC-400/XR-500WG/XR-500 family
|
vers:all/* | ||
|
SCALANCE XCM-/XRM-/XCH-/XRH-300 family
Siemens / SCALANCE XCM-/XRM-/XCH-/XRH-300 family
|
vers:all/* |
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
RUGGEDCOM RST2428P (6GK6242-6PA00)
Siemens / RUGGEDCOM RST2428P (6GK6242-6PA00)
|
6GK6242-6PA00
|
vers:all/* | |
|
SCALANCE XC-300/XR-300/XC-400/XR-500WG/XR-500 family
Siemens / SCALANCE XC-300/XR-300/XC-400/XR-500WG/XR-500 family
|
vers:all/* | ||
|
SCALANCE XCM-/XRM-/XCH-/XRH-300 family
Siemens / SCALANCE XCM-/XRM-/XCH-/XRH-300 family
|
vers:all/* |
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
RUGGEDCOM RST2428P (6GK6242-6PA00)
Siemens / RUGGEDCOM RST2428P (6GK6242-6PA00)
|
6GK6242-6PA00
|
vers:all/* | |
|
SCALANCE XC-300/XR-300/XC-400/XR-500WG/XR-500 family
Siemens / SCALANCE XC-300/XR-300/XC-400/XR-500WG/XR-500 family
|
vers:all/* | ||
|
SCALANCE XCM-/XRM-/XCH-/XRH-300 family
Siemens / SCALANCE XCM-/XRM-/XCH-/XRH-300 family
|
vers:all/* |
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
RUGGEDCOM RST2428P (6GK6242-6PA00)
Siemens / RUGGEDCOM RST2428P (6GK6242-6PA00)
|
6GK6242-6PA00
|
vers:all/* | |
|
SCALANCE XC-300/XR-300/XC-400/XR-500WG/XR-500 family
Siemens / SCALANCE XC-300/XR-300/XC-400/XR-500WG/XR-500 family
|
vers:all/* | ||
|
SCALANCE XCM-/XRM-/XCH-/XRH-300 family
Siemens / SCALANCE XCM-/XRM-/XCH-/XRH-300 family
|
vers:all/* |
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
RUGGEDCOM RST2428P (6GK6242-6PA00)
Siemens / RUGGEDCOM RST2428P (6GK6242-6PA00)
|
6GK6242-6PA00
|
vers:all/* | |
|
SCALANCE XC-300/XR-300/XC-400/XR-500WG/XR-500 family
Siemens / SCALANCE XC-300/XR-300/XC-400/XR-500WG/XR-500 family
|
vers:all/* | ||
|
SCALANCE XCM-/XRM-/XCH-/XRH-300 family
Siemens / SCALANCE XCM-/XRM-/XCH-/XRH-300 family
|
vers:all/* |
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
RUGGEDCOM RST2428P (6GK6242-6PA00)
Siemens / RUGGEDCOM RST2428P (6GK6242-6PA00)
|
6GK6242-6PA00
|
vers:all/* | |
|
SCALANCE XC-300/XR-300/XC-400/XR-500WG/XR-500 family
Siemens / SCALANCE XC-300/XR-300/XC-400/XR-500WG/XR-500 family
|
vers:all/* | ||
|
SCALANCE XCM-/XRM-/XCH-/XRH-300 family
Siemens / SCALANCE XCM-/XRM-/XCH-/XRH-300 family
|
vers:all/* |
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
RUGGEDCOM RST2428P (6GK6242-6PA00)
Siemens / RUGGEDCOM RST2428P (6GK6242-6PA00)
|
6GK6242-6PA00
|
vers:all/* | |
|
SCALANCE XC-300/XR-300/XC-400/XR-500WG/XR-500 family
Siemens / SCALANCE XC-300/XR-300/XC-400/XR-500WG/XR-500 family
|
vers:all/* | ||
|
SCALANCE XCM-/XRM-/XCH-/XRH-300 family
Siemens / SCALANCE XCM-/XRM-/XCH-/XRH-300 family
|
vers:all/* |
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
RUGGEDCOM RST2428P (6GK6242-6PA00)
Siemens / RUGGEDCOM RST2428P (6GK6242-6PA00)
|
6GK6242-6PA00
|
vers:all/* | |
|
SCALANCE XC-300/XR-300/XC-400/XR-500WG/XR-500 family
Siemens / SCALANCE XC-300/XR-300/XC-400/XR-500WG/XR-500 family
|
vers:all/* | ||
|
SCALANCE XCM-/XRM-/XCH-/XRH-300 family
Siemens / SCALANCE XCM-/XRM-/XCH-/XRH-300 family
|
vers:all/* |
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
RUGGEDCOM RST2428P (6GK6242-6PA00)
Siemens / RUGGEDCOM RST2428P (6GK6242-6PA00)
|
6GK6242-6PA00
|
vers:all/* | |
|
SCALANCE XC-300/XR-300/XC-400/XR-500WG/XR-500 family
Siemens / SCALANCE XC-300/XR-300/XC-400/XR-500WG/XR-500 family
|
vers:all/* | ||
|
SCALANCE XCM-/XRM-/XCH-/XRH-300 family
Siemens / SCALANCE XCM-/XRM-/XCH-/XRH-300 family
|
vers:all/* |
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
RUGGEDCOM RST2428P (6GK6242-6PA00)
Siemens / RUGGEDCOM RST2428P (6GK6242-6PA00)
|
6GK6242-6PA00
|
vers:all/* | |
|
SCALANCE XC-300/XR-300/XC-400/XR-500WG/XR-500 family
Siemens / SCALANCE XC-300/XR-300/XC-400/XR-500WG/XR-500 family
|
vers:all/* | ||
|
SCALANCE XCM-/XRM-/XCH-/XRH-300 family
Siemens / SCALANCE XCM-/XRM-/XCH-/XRH-300 family
|
vers:all/* |
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
RUGGEDCOM RST2428P (6GK6242-6PA00)
Siemens / RUGGEDCOM RST2428P (6GK6242-6PA00)
|
6GK6242-6PA00
|
vers:all/* | |
|
SCALANCE XC-300/XR-300/XC-400/XR-500WG/XR-500 family
Siemens / SCALANCE XC-300/XR-300/XC-400/XR-500WG/XR-500 family
|
vers:all/* | ||
|
SCALANCE XCM-/XRM-/XCH-/XRH-300 family
Siemens / SCALANCE XCM-/XRM-/XCH-/XRH-300 family
|
vers:all/* |
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
RUGGEDCOM RST2428P (6GK6242-6PA00)
Siemens / RUGGEDCOM RST2428P (6GK6242-6PA00)
|
6GK6242-6PA00
|
vers:all/* | |
|
SCALANCE XC-300/XR-300/XC-400/XR-500WG/XR-500 family
Siemens / SCALANCE XC-300/XR-300/XC-400/XR-500WG/XR-500 family
|
vers:all/* | ||
|
SCALANCE XCM-/XRM-/XCH-/XRH-300 family
Siemens / SCALANCE XCM-/XRM-/XCH-/XRH-300 family
|
vers:all/* |
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
RUGGEDCOM RST2428P (6GK6242-6PA00)
Siemens / RUGGEDCOM RST2428P (6GK6242-6PA00)
|
6GK6242-6PA00
|
vers:all/* | |
|
SCALANCE XC-300/XR-300/XC-400/XR-500WG/XR-500 family
Siemens / SCALANCE XC-300/XR-300/XC-400/XR-500WG/XR-500 family
|
vers:all/* | ||
|
SCALANCE XCM-/XRM-/XCH-/XRH-300 family
Siemens / SCALANCE XCM-/XRM-/XCH-/XRH-300 family
|
vers:all/* |
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
RUGGEDCOM RST2428P (6GK6242-6PA00)
Siemens / RUGGEDCOM RST2428P (6GK6242-6PA00)
|
6GK6242-6PA00
|
vers:all/* | |
|
SCALANCE XC-300/XR-300/XC-400/XR-500WG/XR-500 family
Siemens / SCALANCE XC-300/XR-300/XC-400/XR-500WG/XR-500 family
|
vers:all/* | ||
|
SCALANCE XCM-/XRM-/XCH-/XRH-300 family
Siemens / SCALANCE XCM-/XRM-/XCH-/XRH-300 family
|
vers:all/* |
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
RUGGEDCOM RST2428P (6GK6242-6PA00)
Siemens / RUGGEDCOM RST2428P (6GK6242-6PA00)
|
6GK6242-6PA00
|
vers:all/* | |
|
SCALANCE XC-300/XR-300/XC-400/XR-500WG/XR-500 family
Siemens / SCALANCE XC-300/XR-300/XC-400/XR-500WG/XR-500 family
|
vers:all/* | ||
|
SCALANCE XCM-/XRM-/XCH-/XRH-300 family
Siemens / SCALANCE XCM-/XRM-/XCH-/XRH-300 family
|
vers:all/* |
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
RUGGEDCOM RST2428P (6GK6242-6PA00)
Siemens / RUGGEDCOM RST2428P (6GK6242-6PA00)
|
6GK6242-6PA00
|
vers:all/* | |
|
SCALANCE XC-300/XR-300/XC-400/XR-500WG/XR-500 family
Siemens / SCALANCE XC-300/XR-300/XC-400/XR-500WG/XR-500 family
|
vers:all/* | ||
|
SCALANCE XCM-/XRM-/XCH-/XRH-300 family
Siemens / SCALANCE XCM-/XRM-/XCH-/XRH-300 family
|
vers:all/* |
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
RUGGEDCOM RST2428P (6GK6242-6PA00)
Siemens / RUGGEDCOM RST2428P (6GK6242-6PA00)
|
6GK6242-6PA00
|
vers:all/* | |
|
SCALANCE XC-300/XR-300/XC-400/XR-500WG/XR-500 family
Siemens / SCALANCE XC-300/XR-300/XC-400/XR-500WG/XR-500 family
|
vers:all/* | ||
|
SCALANCE XCM-/XRM-/XCH-/XRH-300 family
Siemens / SCALANCE XCM-/XRM-/XCH-/XRH-300 family
|
vers:all/* |
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
RUGGEDCOM RST2428P (6GK6242-6PA00)
Siemens / RUGGEDCOM RST2428P (6GK6242-6PA00)
|
6GK6242-6PA00
|
vers:all/* | |
|
SCALANCE XC-300/XR-300/XC-400/XR-500WG/XR-500 family
Siemens / SCALANCE XC-300/XR-300/XC-400/XR-500WG/XR-500 family
|
vers:all/* | ||
|
SCALANCE XCM-/XRM-/XCH-/XRH-300 family
Siemens / SCALANCE XCM-/XRM-/XCH-/XRH-300 family
|
vers:all/* |
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
RUGGEDCOM RST2428P (6GK6242-6PA00)
Siemens / RUGGEDCOM RST2428P (6GK6242-6PA00)
|
6GK6242-6PA00
|
vers:all/* | |
|
SCALANCE XC-300/XR-300/XC-400/XR-500WG/XR-500 family
Siemens / SCALANCE XC-300/XR-300/XC-400/XR-500WG/XR-500 family
|
vers:all/* | ||
|
SCALANCE XCM-/XRM-/XCH-/XRH-300 family
Siemens / SCALANCE XCM-/XRM-/XCH-/XRH-300 family
|
vers:all/* |
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
RUGGEDCOM RST2428P (6GK6242-6PA00)
Siemens / RUGGEDCOM RST2428P (6GK6242-6PA00)
|
6GK6242-6PA00
|
vers:all/* | |
|
SCALANCE XC-300/XR-300/XC-400/XR-500WG/XR-500 family
Siemens / SCALANCE XC-300/XR-300/XC-400/XR-500WG/XR-500 family
|
vers:all/* | ||
|
SCALANCE XCM-/XRM-/XCH-/XRH-300 family
Siemens / SCALANCE XCM-/XRM-/XCH-/XRH-300 family
|
vers:all/* |
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
RUGGEDCOM RST2428P (6GK6242-6PA00)
Siemens / RUGGEDCOM RST2428P (6GK6242-6PA00)
|
6GK6242-6PA00
|
vers:all/* | |
|
SCALANCE XC-300/XR-300/XC-400/XR-500WG/XR-500 family
Siemens / SCALANCE XC-300/XR-300/XC-400/XR-500WG/XR-500 family
|
vers:all/* | ||
|
SCALANCE XCM-/XRM-/XCH-/XRH-300 family
Siemens / SCALANCE XCM-/XRM-/XCH-/XRH-300 family
|
vers:all/* |
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
RUGGEDCOM RST2428P (6GK6242-6PA00)
Siemens / RUGGEDCOM RST2428P (6GK6242-6PA00)
|
6GK6242-6PA00
|
vers:all/* | |
|
SCALANCE XC-300/XR-300/XC-400/XR-500WG/XR-500 family
Siemens / SCALANCE XC-300/XR-300/XC-400/XR-500WG/XR-500 family
|
vers:all/* | ||
|
SCALANCE XCM-/XRM-/XCH-/XRH-300 family
Siemens / SCALANCE XCM-/XRM-/XCH-/XRH-300 family
|
vers:all/* |
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
RUGGEDCOM RST2428P (6GK6242-6PA00)
Siemens / RUGGEDCOM RST2428P (6GK6242-6PA00)
|
6GK6242-6PA00
|
vers:all/* | |
|
SCALANCE XC-300/XR-300/XC-400/XR-500WG/XR-500 family
Siemens / SCALANCE XC-300/XR-300/XC-400/XR-500WG/XR-500 family
|
vers:all/* | ||
|
SCALANCE XCM-/XRM-/XCH-/XRH-300 family
Siemens / SCALANCE XCM-/XRM-/XCH-/XRH-300 family
|
vers:all/* |
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
RUGGEDCOM RST2428P (6GK6242-6PA00)
Siemens / RUGGEDCOM RST2428P (6GK6242-6PA00)
|
6GK6242-6PA00
|
vers:all/* | |
|
SCALANCE XC-300/XR-300/XC-400/XR-500WG/XR-500 family
Siemens / SCALANCE XC-300/XR-300/XC-400/XR-500WG/XR-500 family
|
vers:all/* | ||
|
SCALANCE XCM-/XRM-/XCH-/XRH-300 family
Siemens / SCALANCE XCM-/XRM-/XCH-/XRH-300 family
|
vers:all/* |
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
RUGGEDCOM RST2428P (6GK6242-6PA00)
Siemens / RUGGEDCOM RST2428P (6GK6242-6PA00)
|
6GK6242-6PA00
|
vers:all/* | |
|
SCALANCE XC-300/XR-300/XC-400/XR-500WG/XR-500 family
Siemens / SCALANCE XC-300/XR-300/XC-400/XR-500WG/XR-500 family
|
vers:all/* | ||
|
SCALANCE XCM-/XRM-/XCH-/XRH-300 family
Siemens / SCALANCE XCM-/XRM-/XCH-/XRH-300 family
|
vers:all/* |
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
RUGGEDCOM RST2428P (6GK6242-6PA00)
Siemens / RUGGEDCOM RST2428P (6GK6242-6PA00)
|
6GK6242-6PA00
|
vers:all/* | |
|
SCALANCE XC-300/XR-300/XC-400/XR-500WG/XR-500 family
Siemens / SCALANCE XC-300/XR-300/XC-400/XR-500WG/XR-500 family
|
vers:all/* | ||
|
SCALANCE XCM-/XRM-/XCH-/XRH-300 family
Siemens / SCALANCE XCM-/XRM-/XCH-/XRH-300 family
|
vers:all/* |
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
RUGGEDCOM RST2428P (6GK6242-6PA00)
Siemens / RUGGEDCOM RST2428P (6GK6242-6PA00)
|
6GK6242-6PA00
|
vers:all/* | |
|
SCALANCE XC-300/XR-300/XC-400/XR-500WG/XR-500 family
Siemens / SCALANCE XC-300/XR-300/XC-400/XR-500WG/XR-500 family
|
vers:all/* | ||
|
SCALANCE XCM-/XRM-/XCH-/XRH-300 family
Siemens / SCALANCE XCM-/XRM-/XCH-/XRH-300 family
|
vers:all/* |
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
RUGGEDCOM RST2428P (6GK6242-6PA00)
Siemens / RUGGEDCOM RST2428P (6GK6242-6PA00)
|
6GK6242-6PA00
|
vers:all/* | |
|
SCALANCE XC-300/XR-300/XC-400/XR-500WG/XR-500 family
Siemens / SCALANCE XC-300/XR-300/XC-400/XR-500WG/XR-500 family
|
vers:all/* | ||
|
SCALANCE XCM-/XRM-/XCH-/XRH-300 family
Siemens / SCALANCE XCM-/XRM-/XCH-/XRH-300 family
|
vers:all/* |
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
RUGGEDCOM RST2428P (6GK6242-6PA00)
Siemens / RUGGEDCOM RST2428P (6GK6242-6PA00)
|
6GK6242-6PA00
|
vers:all/* | |
|
SCALANCE XC-300/XR-300/XC-400/XR-500WG/XR-500 family
Siemens / SCALANCE XC-300/XR-300/XC-400/XR-500WG/XR-500 family
|
vers:all/* | ||
|
SCALANCE XCM-/XRM-/XCH-/XRH-300 family
Siemens / SCALANCE XCM-/XRM-/XCH-/XRH-300 family
|
vers:all/* |
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
RUGGEDCOM RST2428P (6GK6242-6PA00)
Siemens / RUGGEDCOM RST2428P (6GK6242-6PA00)
|
6GK6242-6PA00
|
vers:all/* | |
|
SCALANCE XC-300/XR-300/XC-400/XR-500WG/XR-500 family
Siemens / SCALANCE XC-300/XR-300/XC-400/XR-500WG/XR-500 family
|
vers:all/* | ||
|
SCALANCE XCM-/XRM-/XCH-/XRH-300 family
Siemens / SCALANCE XCM-/XRM-/XCH-/XRH-300 family
|
vers:all/* |
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
RUGGEDCOM RST2428P (6GK6242-6PA00)
Siemens / RUGGEDCOM RST2428P (6GK6242-6PA00)
|
6GK6242-6PA00
|
vers:all/* | |
|
SCALANCE XC-300/XR-300/XC-400/XR-500WG/XR-500 family
Siemens / SCALANCE XC-300/XR-300/XC-400/XR-500WG/XR-500 family
|
vers:all/* | ||
|
SCALANCE XCM-/XRM-/XCH-/XRH-300 family
Siemens / SCALANCE XCM-/XRM-/XCH-/XRH-300 family
|
vers:all/* |
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
RUGGEDCOM RST2428P (6GK6242-6PA00)
Siemens / RUGGEDCOM RST2428P (6GK6242-6PA00)
|
6GK6242-6PA00
|
vers:all/* | |
|
SCALANCE XC-300/XR-300/XC-400/XR-500WG/XR-500 family
Siemens / SCALANCE XC-300/XR-300/XC-400/XR-500WG/XR-500 family
|
vers:all/* | ||
|
SCALANCE XCM-/XRM-/XCH-/XRH-300 family
Siemens / SCALANCE XCM-/XRM-/XCH-/XRH-300 family
|
vers:all/* |
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
RUGGEDCOM RST2428P (6GK6242-6PA00)
Siemens / RUGGEDCOM RST2428P (6GK6242-6PA00)
|
6GK6242-6PA00
|
vers:all/* | |
|
SCALANCE XC-300/XR-300/XC-400/XR-500WG/XR-500 family
Siemens / SCALANCE XC-300/XR-300/XC-400/XR-500WG/XR-500 family
|
vers:all/* | ||
|
SCALANCE XCM-/XRM-/XCH-/XRH-300 family
Siemens / SCALANCE XCM-/XRM-/XCH-/XRH-300 family
|
vers:all/* |
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
RUGGEDCOM RST2428P (6GK6242-6PA00)
Siemens / RUGGEDCOM RST2428P (6GK6242-6PA00)
|
6GK6242-6PA00
|
vers:all/* | |
|
SCALANCE XC-300/XR-300/XC-400/XR-500WG/XR-500 family
Siemens / SCALANCE XC-300/XR-300/XC-400/XR-500WG/XR-500 family
|
vers:all/* | ||
|
SCALANCE XCM-/XRM-/XCH-/XRH-300 family
Siemens / SCALANCE XCM-/XRM-/XCH-/XRH-300 family
|
vers:all/* |
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
RUGGEDCOM RST2428P (6GK6242-6PA00)
Siemens / RUGGEDCOM RST2428P (6GK6242-6PA00)
|
6GK6242-6PA00
|
vers:all/* | |
|
SCALANCE XC-300/XR-300/XC-400/XR-500WG/XR-500 family
Siemens / SCALANCE XC-300/XR-300/XC-400/XR-500WG/XR-500 family
|
vers:all/* | ||
|
SCALANCE XCM-/XRM-/XCH-/XRH-300 family
Siemens / SCALANCE XCM-/XRM-/XCH-/XRH-300 family
|
vers:all/* |
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
RUGGEDCOM RST2428P (6GK6242-6PA00)
Siemens / RUGGEDCOM RST2428P (6GK6242-6PA00)
|
6GK6242-6PA00
|
vers:all/* | |
|
SCALANCE XC-300/XR-300/XC-400/XR-500WG/XR-500 family
Siemens / SCALANCE XC-300/XR-300/XC-400/XR-500WG/XR-500 family
|
vers:all/* | ||
|
SCALANCE XCM-/XRM-/XCH-/XRH-300 family
Siemens / SCALANCE XCM-/XRM-/XCH-/XRH-300 family
|
vers:all/* |
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
RUGGEDCOM RST2428P (6GK6242-6PA00)
Siemens / RUGGEDCOM RST2428P (6GK6242-6PA00)
|
6GK6242-6PA00
|
vers:all/* | |
|
SCALANCE XC-300/XR-300/XC-400/XR-500WG/XR-500 family
Siemens / SCALANCE XC-300/XR-300/XC-400/XR-500WG/XR-500 family
|
vers:all/* | ||
|
SCALANCE XCM-/XRM-/XCH-/XRH-300 family
Siemens / SCALANCE XCM-/XRM-/XCH-/XRH-300 family
|
vers:all/* |
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
RUGGEDCOM RST2428P (6GK6242-6PA00)
Siemens / RUGGEDCOM RST2428P (6GK6242-6PA00)
|
6GK6242-6PA00
|
vers:all/* | |
|
SCALANCE XC-300/XR-300/XC-400/XR-500WG/XR-500 family
Siemens / SCALANCE XC-300/XR-300/XC-400/XR-500WG/XR-500 family
|
vers:all/* | ||
|
SCALANCE XCM-/XRM-/XCH-/XRH-300 family
Siemens / SCALANCE XCM-/XRM-/XCH-/XRH-300 family
|
vers:all/* |
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
RUGGEDCOM RST2428P (6GK6242-6PA00)
Siemens / RUGGEDCOM RST2428P (6GK6242-6PA00)
|
6GK6242-6PA00
|
vers:all/* | |
|
SCALANCE XC-300/XR-300/XC-400/XR-500WG/XR-500 family
Siemens / SCALANCE XC-300/XR-300/XC-400/XR-500WG/XR-500 family
|
vers:all/* | ||
|
SCALANCE XCM-/XRM-/XCH-/XRH-300 family
Siemens / SCALANCE XCM-/XRM-/XCH-/XRH-300 family
|
vers:all/* |
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
RUGGEDCOM RST2428P (6GK6242-6PA00)
Siemens / RUGGEDCOM RST2428P (6GK6242-6PA00)
|
6GK6242-6PA00
|
vers:all/* | |
|
SCALANCE XC-300/XR-300/XC-400/XR-500WG/XR-500 family
Siemens / SCALANCE XC-300/XR-300/XC-400/XR-500WG/XR-500 family
|
vers:all/* | ||
|
SCALANCE XCM-/XRM-/XCH-/XRH-300 family
Siemens / SCALANCE XCM-/XRM-/XCH-/XRH-300 family
|
vers:all/* |
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
RUGGEDCOM RST2428P (6GK6242-6PA00)
Siemens / RUGGEDCOM RST2428P (6GK6242-6PA00)
|
6GK6242-6PA00
|
vers:all/* | |
|
SCALANCE XC-300/XR-300/XC-400/XR-500WG/XR-500 family
Siemens / SCALANCE XC-300/XR-300/XC-400/XR-500WG/XR-500 family
|
vers:all/* | ||
|
SCALANCE XCM-/XRM-/XCH-/XRH-300 family
Siemens / SCALANCE XCM-/XRM-/XCH-/XRH-300 family
|
vers:all/* |
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
RUGGEDCOM RST2428P (6GK6242-6PA00)
Siemens / RUGGEDCOM RST2428P (6GK6242-6PA00)
|
6GK6242-6PA00
|
vers:all/* | |
|
SCALANCE XC-300/XR-300/XC-400/XR-500WG/XR-500 family
Siemens / SCALANCE XC-300/XR-300/XC-400/XR-500WG/XR-500 family
|
vers:all/* | ||
|
SCALANCE XCM-/XRM-/XCH-/XRH-300 family
Siemens / SCALANCE XCM-/XRM-/XCH-/XRH-300 family
|
vers:all/* |
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
RUGGEDCOM RST2428P (6GK6242-6PA00)
Siemens / RUGGEDCOM RST2428P (6GK6242-6PA00)
|
6GK6242-6PA00
|
vers:all/* | |
|
SCALANCE XC-300/XR-300/XC-400/XR-500WG/XR-500 family
Siemens / SCALANCE XC-300/XR-300/XC-400/XR-500WG/XR-500 family
|
vers:all/* | ||
|
SCALANCE XCM-/XRM-/XCH-/XRH-300 family
Siemens / SCALANCE XCM-/XRM-/XCH-/XRH-300 family
|
vers:all/* |
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
RUGGEDCOM RST2428P (6GK6242-6PA00)
Siemens / RUGGEDCOM RST2428P (6GK6242-6PA00)
|
6GK6242-6PA00
|
vers:all/* | |
|
SCALANCE XC-300/XR-300/XC-400/XR-500WG/XR-500 family
Siemens / SCALANCE XC-300/XR-300/XC-400/XR-500WG/XR-500 family
|
vers:all/* | ||
|
SCALANCE XCM-/XRM-/XCH-/XRH-300 family
Siemens / SCALANCE XCM-/XRM-/XCH-/XRH-300 family
|
vers:all/* |
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
RUGGEDCOM RST2428P (6GK6242-6PA00)
Siemens / RUGGEDCOM RST2428P (6GK6242-6PA00)
|
6GK6242-6PA00
|
vers:all/* | |
|
SCALANCE XC-300/XR-300/XC-400/XR-500WG/XR-500 family
Siemens / SCALANCE XC-300/XR-300/XC-400/XR-500WG/XR-500 family
|
vers:all/* | ||
|
SCALANCE XCM-/XRM-/XCH-/XRH-300 family
Siemens / SCALANCE XCM-/XRM-/XCH-/XRH-300 family
|
vers:all/* |
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
RUGGEDCOM RST2428P (6GK6242-6PA00)
Siemens / RUGGEDCOM RST2428P (6GK6242-6PA00)
|
6GK6242-6PA00
|
vers:all/* | |
|
SCALANCE XC-300/XR-300/XC-400/XR-500WG/XR-500 family
Siemens / SCALANCE XC-300/XR-300/XC-400/XR-500WG/XR-500 family
|
vers:all/* | ||
|
SCALANCE XCM-/XRM-/XCH-/XRH-300 family
Siemens / SCALANCE XCM-/XRM-/XCH-/XRH-300 family
|
vers:all/* |
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
RUGGEDCOM RST2428P (6GK6242-6PA00)
Siemens / RUGGEDCOM RST2428P (6GK6242-6PA00)
|
6GK6242-6PA00
|
vers:all/* | |
|
SCALANCE XC-300/XR-300/XC-400/XR-500WG/XR-500 family
Siemens / SCALANCE XC-300/XR-300/XC-400/XR-500WG/XR-500 family
|
vers:all/* | ||
|
SCALANCE XCM-/XRM-/XCH-/XRH-300 family
Siemens / SCALANCE XCM-/XRM-/XCH-/XRH-300 family
|
vers:all/* |
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
RUGGEDCOM RST2428P (6GK6242-6PA00)
Siemens / RUGGEDCOM RST2428P (6GK6242-6PA00)
|
6GK6242-6PA00
|
vers:all/* | |
|
SCALANCE XC-300/XR-300/XC-400/XR-500WG/XR-500 family
Siemens / SCALANCE XC-300/XR-300/XC-400/XR-500WG/XR-500 family
|
vers:all/* | ||
|
SCALANCE XCM-/XRM-/XCH-/XRH-300 family
Siemens / SCALANCE XCM-/XRM-/XCH-/XRH-300 family
|
vers:all/* |
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
RUGGEDCOM RST2428P (6GK6242-6PA00)
Siemens / RUGGEDCOM RST2428P (6GK6242-6PA00)
|
6GK6242-6PA00
|
vers:all/* | |
|
SCALANCE XC-300/XR-300/XC-400/XR-500WG/XR-500 family
Siemens / SCALANCE XC-300/XR-300/XC-400/XR-500WG/XR-500 family
|
vers:all/* | ||
|
SCALANCE XCM-/XRM-/XCH-/XRH-300 family
Siemens / SCALANCE XCM-/XRM-/XCH-/XRH-300 family
|
vers:all/* |
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
RUGGEDCOM RST2428P (6GK6242-6PA00)
Siemens / RUGGEDCOM RST2428P (6GK6242-6PA00)
|
6GK6242-6PA00
|
vers:all/* | |
|
SCALANCE XC-300/XR-300/XC-400/XR-500WG/XR-500 family
Siemens / SCALANCE XC-300/XR-300/XC-400/XR-500WG/XR-500 family
|
vers:all/* | ||
|
SCALANCE XCM-/XRM-/XCH-/XRH-300 family
Siemens / SCALANCE XCM-/XRM-/XCH-/XRH-300 family
|
vers:all/* |
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
RUGGEDCOM RST2428P (6GK6242-6PA00)
Siemens / RUGGEDCOM RST2428P (6GK6242-6PA00)
|
6GK6242-6PA00
|
vers:all/* | |
|
SCALANCE XC-300/XR-300/XC-400/XR-500WG/XR-500 family
Siemens / SCALANCE XC-300/XR-300/XC-400/XR-500WG/XR-500 family
|
vers:all/* | ||
|
SCALANCE XCM-/XRM-/XCH-/XRH-300 family
Siemens / SCALANCE XCM-/XRM-/XCH-/XRH-300 family
|
vers:all/* |
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
RUGGEDCOM RST2428P (6GK6242-6PA00)
Siemens / RUGGEDCOM RST2428P (6GK6242-6PA00)
|
6GK6242-6PA00
|
vers:all/* | |
|
SCALANCE XC-300/XR-300/XC-400/XR-500WG/XR-500 family
Siemens / SCALANCE XC-300/XR-300/XC-400/XR-500WG/XR-500 family
|
vers:all/* | ||
|
SCALANCE XCM-/XRM-/XCH-/XRH-300 family
Siemens / SCALANCE XCM-/XRM-/XCH-/XRH-300 family
|
vers:all/* |
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
RUGGEDCOM RST2428P (6GK6242-6PA00)
Siemens / RUGGEDCOM RST2428P (6GK6242-6PA00)
|
6GK6242-6PA00
|
vers:all/* | |
|
SCALANCE XC-300/XR-300/XC-400/XR-500WG/XR-500 family
Siemens / SCALANCE XC-300/XR-300/XC-400/XR-500WG/XR-500 family
|
vers:all/* | ||
|
SCALANCE XCM-/XRM-/XCH-/XRH-300 family
Siemens / SCALANCE XCM-/XRM-/XCH-/XRH-300 family
|
vers:all/* |
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
RUGGEDCOM RST2428P (6GK6242-6PA00)
Siemens / RUGGEDCOM RST2428P (6GK6242-6PA00)
|
6GK6242-6PA00
|
vers:all/* | |
|
SCALANCE XC-300/XR-300/XC-400/XR-500WG/XR-500 family
Siemens / SCALANCE XC-300/XR-300/XC-400/XR-500WG/XR-500 family
|
vers:all/* | ||
|
SCALANCE XCM-/XRM-/XCH-/XRH-300 family
Siemens / SCALANCE XCM-/XRM-/XCH-/XRH-300 family
|
vers:all/* |
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
RUGGEDCOM RST2428P (6GK6242-6PA00)
Siemens / RUGGEDCOM RST2428P (6GK6242-6PA00)
|
6GK6242-6PA00
|
vers:all/* | |
|
SCALANCE XC-300/XR-300/XC-400/XR-500WG/XR-500 family
Siemens / SCALANCE XC-300/XR-300/XC-400/XR-500WG/XR-500 family
|
vers:all/* | ||
|
SCALANCE XCM-/XRM-/XCH-/XRH-300 family
Siemens / SCALANCE XCM-/XRM-/XCH-/XRH-300 family
|
vers:all/* |
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
RUGGEDCOM RST2428P (6GK6242-6PA00)
Siemens / RUGGEDCOM RST2428P (6GK6242-6PA00)
|
6GK6242-6PA00
|
vers:all/* | |
|
SCALANCE XC-300/XR-300/XC-400/XR-500WG/XR-500 family
Siemens / SCALANCE XC-300/XR-300/XC-400/XR-500WG/XR-500 family
|
vers:all/* | ||
|
SCALANCE XCM-/XRM-/XCH-/XRH-300 family
Siemens / SCALANCE XCM-/XRM-/XCH-/XRH-300 family
|
vers:all/* |
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
RUGGEDCOM RST2428P (6GK6242-6PA00)
Siemens / RUGGEDCOM RST2428P (6GK6242-6PA00)
|
6GK6242-6PA00
|
vers:all/* | |
|
SCALANCE XC-300/XR-300/XC-400/XR-500WG/XR-500 family
Siemens / SCALANCE XC-300/XR-300/XC-400/XR-500WG/XR-500 family
|
vers:all/* | ||
|
SCALANCE XCM-/XRM-/XCH-/XRH-300 family
Siemens / SCALANCE XCM-/XRM-/XCH-/XRH-300 family
|
vers:all/* |
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
RUGGEDCOM RST2428P (6GK6242-6PA00)
Siemens / RUGGEDCOM RST2428P (6GK6242-6PA00)
|
6GK6242-6PA00
|
vers:all/* | |
|
SCALANCE XC-300/XR-300/XC-400/XR-500WG/XR-500 family
Siemens / SCALANCE XC-300/XR-300/XC-400/XR-500WG/XR-500 family
|
vers:all/* | ||
|
SCALANCE XCM-/XRM-/XCH-/XRH-300 family
Siemens / SCALANCE XCM-/XRM-/XCH-/XRH-300 family
|
vers:all/* |
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
RUGGEDCOM RST2428P (6GK6242-6PA00)
Siemens / RUGGEDCOM RST2428P (6GK6242-6PA00)
|
6GK6242-6PA00
|
vers:all/* | |
|
SCALANCE XC-300/XR-300/XC-400/XR-500WG/XR-500 family
Siemens / SCALANCE XC-300/XR-300/XC-400/XR-500WG/XR-500 family
|
vers:all/* | ||
|
SCALANCE XCM-/XRM-/XCH-/XRH-300 family
Siemens / SCALANCE XCM-/XRM-/XCH-/XRH-300 family
|
vers:all/* |
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
RUGGEDCOM RST2428P (6GK6242-6PA00)
Siemens / RUGGEDCOM RST2428P (6GK6242-6PA00)
|
6GK6242-6PA00
|
vers:all/* | |
|
SCALANCE XC-300/XR-300/XC-400/XR-500WG/XR-500 family
Siemens / SCALANCE XC-300/XR-300/XC-400/XR-500WG/XR-500 family
|
vers:all/* | ||
|
SCALANCE XCM-/XRM-/XCH-/XRH-300 family
Siemens / SCALANCE XCM-/XRM-/XCH-/XRH-300 family
|
vers:all/* |
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
RUGGEDCOM RST2428P (6GK6242-6PA00)
Siemens / RUGGEDCOM RST2428P (6GK6242-6PA00)
|
6GK6242-6PA00
|
vers:all/* | |
|
SCALANCE XC-300/XR-300/XC-400/XR-500WG/XR-500 family
Siemens / SCALANCE XC-300/XR-300/XC-400/XR-500WG/XR-500 family
|
vers:all/* | ||
|
SCALANCE XCM-/XRM-/XCH-/XRH-300 family
Siemens / SCALANCE XCM-/XRM-/XCH-/XRH-300 family
|
vers:all/* |
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
RUGGEDCOM RST2428P (6GK6242-6PA00)
Siemens / RUGGEDCOM RST2428P (6GK6242-6PA00)
|
6GK6242-6PA00
|
vers:all/* | |
|
SCALANCE XC-300/XR-300/XC-400/XR-500WG/XR-500 family
Siemens / SCALANCE XC-300/XR-300/XC-400/XR-500WG/XR-500 family
|
vers:all/* | ||
|
SCALANCE XCM-/XRM-/XCH-/XRH-300 family
Siemens / SCALANCE XCM-/XRM-/XCH-/XRH-300 family
|
vers:all/* |
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
RUGGEDCOM RST2428P (6GK6242-6PA00)
Siemens / RUGGEDCOM RST2428P (6GK6242-6PA00)
|
6GK6242-6PA00
|
vers:all/* | |
|
SCALANCE XC-300/XR-300/XC-400/XR-500WG/XR-500 family
Siemens / SCALANCE XC-300/XR-300/XC-400/XR-500WG/XR-500 family
|
vers:all/* | ||
|
SCALANCE XCM-/XRM-/XCH-/XRH-300 family
Siemens / SCALANCE XCM-/XRM-/XCH-/XRH-300 family
|
vers:all/* |
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
RUGGEDCOM RST2428P (6GK6242-6PA00)
Siemens / RUGGEDCOM RST2428P (6GK6242-6PA00)
|
6GK6242-6PA00
|
vers:all/* | |
|
SCALANCE XC-300/XR-300/XC-400/XR-500WG/XR-500 family
Siemens / SCALANCE XC-300/XR-300/XC-400/XR-500WG/XR-500 family
|
vers:all/* | ||
|
SCALANCE XCM-/XRM-/XCH-/XRH-300 family
Siemens / SCALANCE XCM-/XRM-/XCH-/XRH-300 family
|
vers:all/* |
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
RUGGEDCOM RST2428P (6GK6242-6PA00)
Siemens / RUGGEDCOM RST2428P (6GK6242-6PA00)
|
6GK6242-6PA00
|
vers:all/* | |
|
SCALANCE XC-300/XR-300/XC-400/XR-500WG/XR-500 family
Siemens / SCALANCE XC-300/XR-300/XC-400/XR-500WG/XR-500 family
|
vers:all/* | ||
|
SCALANCE XCM-/XRM-/XCH-/XRH-300 family
Siemens / SCALANCE XCM-/XRM-/XCH-/XRH-300 family
|
vers:all/* |
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
RUGGEDCOM RST2428P (6GK6242-6PA00)
Siemens / RUGGEDCOM RST2428P (6GK6242-6PA00)
|
6GK6242-6PA00
|
vers:all/* | |
|
SCALANCE XC-300/XR-300/XC-400/XR-500WG/XR-500 family
Siemens / SCALANCE XC-300/XR-300/XC-400/XR-500WG/XR-500 family
|
vers:all/* | ||
|
SCALANCE XCM-/XRM-/XCH-/XRH-300 family
Siemens / SCALANCE XCM-/XRM-/XCH-/XRH-300 family
|
vers:all/* |
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
RUGGEDCOM RST2428P (6GK6242-6PA00)
Siemens / RUGGEDCOM RST2428P (6GK6242-6PA00)
|
6GK6242-6PA00
|
vers:all/* | |
|
SCALANCE XC-300/XR-300/XC-400/XR-500WG/XR-500 family
Siemens / SCALANCE XC-300/XR-300/XC-400/XR-500WG/XR-500 family
|
vers:all/* | ||
|
SCALANCE XCM-/XRM-/XCH-/XRH-300 family
Siemens / SCALANCE XCM-/XRM-/XCH-/XRH-300 family
|
vers:all/* |
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
RUGGEDCOM RST2428P (6GK6242-6PA00)
Siemens / RUGGEDCOM RST2428P (6GK6242-6PA00)
|
6GK6242-6PA00
|
vers:all/* | |
|
SCALANCE XC-300/XR-300/XC-400/XR-500WG/XR-500 family
Siemens / SCALANCE XC-300/XR-300/XC-400/XR-500WG/XR-500 family
|
vers:all/* | ||
|
SCALANCE XCM-/XRM-/XCH-/XRH-300 family
Siemens / SCALANCE XCM-/XRM-/XCH-/XRH-300 family
|
vers:all/* |
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
RUGGEDCOM RST2428P (6GK6242-6PA00)
Siemens / RUGGEDCOM RST2428P (6GK6242-6PA00)
|
6GK6242-6PA00
|
vers:all/* | |
|
SCALANCE XC-300/XR-300/XC-400/XR-500WG/XR-500 family
Siemens / SCALANCE XC-300/XR-300/XC-400/XR-500WG/XR-500 family
|
vers:all/* | ||
|
SCALANCE XCM-/XRM-/XCH-/XRH-300 family
Siemens / SCALANCE XCM-/XRM-/XCH-/XRH-300 family
|
vers:all/* |
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
RUGGEDCOM RST2428P (6GK6242-6PA00)
Siemens / RUGGEDCOM RST2428P (6GK6242-6PA00)
|
6GK6242-6PA00
|
vers:all/* | |
|
SCALANCE XC-300/XR-300/XC-400/XR-500WG/XR-500 family
Siemens / SCALANCE XC-300/XR-300/XC-400/XR-500WG/XR-500 family
|
vers:all/* | ||
|
SCALANCE XCM-/XRM-/XCH-/XRH-300 family
Siemens / SCALANCE XCM-/XRM-/XCH-/XRH-300 family
|
vers:all/* |
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
RUGGEDCOM RST2428P (6GK6242-6PA00)
Siemens / RUGGEDCOM RST2428P (6GK6242-6PA00)
|
6GK6242-6PA00
|
vers:all/* | |
|
SCALANCE XC-300/XR-300/XC-400/XR-500WG/XR-500 family
Siemens / SCALANCE XC-300/XR-300/XC-400/XR-500WG/XR-500 family
|
vers:all/* | ||
|
SCALANCE XCM-/XRM-/XCH-/XRH-300 family
Siemens / SCALANCE XCM-/XRM-/XCH-/XRH-300 family
|
vers:all/* |
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
RUGGEDCOM RST2428P (6GK6242-6PA00)
Siemens / RUGGEDCOM RST2428P (6GK6242-6PA00)
|
6GK6242-6PA00
|
vers:all/* | |
|
SCALANCE XC-300/XR-300/XC-400/XR-500WG/XR-500 family
Siemens / SCALANCE XC-300/XR-300/XC-400/XR-500WG/XR-500 family
|
vers:all/* | ||
|
SCALANCE XCM-/XRM-/XCH-/XRH-300 family
Siemens / SCALANCE XCM-/XRM-/XCH-/XRH-300 family
|
vers:all/* |
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
RUGGEDCOM RST2428P (6GK6242-6PA00)
Siemens / RUGGEDCOM RST2428P (6GK6242-6PA00)
|
6GK6242-6PA00
|
vers:all/* | |
|
SCALANCE XC-300/XR-300/XC-400/XR-500WG/XR-500 family
Siemens / SCALANCE XC-300/XR-300/XC-400/XR-500WG/XR-500 family
|
vers:all/* | ||
|
SCALANCE XCM-/XRM-/XCH-/XRH-300 family
Siemens / SCALANCE XCM-/XRM-/XCH-/XRH-300 family
|
vers:all/* |
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
RUGGEDCOM RST2428P (6GK6242-6PA00)
Siemens / RUGGEDCOM RST2428P (6GK6242-6PA00)
|
6GK6242-6PA00
|
vers:all/* | |
|
SCALANCE XC-300/XR-300/XC-400/XR-500WG/XR-500 family
Siemens / SCALANCE XC-300/XR-300/XC-400/XR-500WG/XR-500 family
|
vers:all/* | ||
|
SCALANCE XCM-/XRM-/XCH-/XRH-300 family
Siemens / SCALANCE XCM-/XRM-/XCH-/XRH-300 family
|
vers:all/* |
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
SCALANCE XC-300/XR-300/XC-400/XR-500WG/XR-500 family
Siemens / SCALANCE XC-300/XR-300/XC-400/XR-500WG/XR-500 family
|
vers:all/* |
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
SCALANCE XC-300/XR-300/XC-400/XR-500WG/XR-500 family
Siemens / SCALANCE XC-300/XR-300/XC-400/XR-500WG/XR-500 family
|
vers:all/* |
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
SCALANCE XC-300/XR-300/XC-400/XR-500WG/XR-500 family
Siemens / SCALANCE XC-300/XR-300/XC-400/XR-500WG/XR-500 family
|
vers:all/* |
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
RUGGEDCOM RST2428P (6GK6242-6PA00)
Siemens / RUGGEDCOM RST2428P (6GK6242-6PA00)
|
6GK6242-6PA00
|
vers:all/* | |
|
SCALANCE XC-300/XR-300/XC-400/XR-500WG/XR-500 family
Siemens / SCALANCE XC-300/XR-300/XC-400/XR-500WG/XR-500 family
|
vers:all/* | ||
|
SCALANCE XCM-/XRM-/XCH-/XRH-300 family
Siemens / SCALANCE XCM-/XRM-/XCH-/XRH-300 family
|
vers:all/* |
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
RUGGEDCOM RST2428P (6GK6242-6PA00)
Siemens / RUGGEDCOM RST2428P (6GK6242-6PA00)
|
6GK6242-6PA00
|
vers:all/* | |
|
SCALANCE XC-300/XR-300/XC-400/XR-500WG/XR-500 family
Siemens / SCALANCE XC-300/XR-300/XC-400/XR-500WG/XR-500 family
|
vers:all/* | ||
|
SCALANCE XCM-/XRM-/XCH-/XRH-300 family
Siemens / SCALANCE XCM-/XRM-/XCH-/XRH-300 family
|
vers:all/* |
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
RUGGEDCOM RST2428P (6GK6242-6PA00)
Siemens / RUGGEDCOM RST2428P (6GK6242-6PA00)
|
6GK6242-6PA00
|
vers:all/* | |
|
SCALANCE XC-300/XR-300/XC-400/XR-500WG/XR-500 family
Siemens / SCALANCE XC-300/XR-300/XC-400/XR-500WG/XR-500 family
|
vers:all/* | ||
|
SCALANCE XCM-/XRM-/XCH-/XRH-300 family
Siemens / SCALANCE XCM-/XRM-/XCH-/XRH-300 family
|
vers:all/* |
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
RUGGEDCOM RST2428P (6GK6242-6PA00)
Siemens / RUGGEDCOM RST2428P (6GK6242-6PA00)
|
6GK6242-6PA00
|
vers:all/* | |
|
SCALANCE XC-300/XR-300/XC-400/XR-500WG/XR-500 family
Siemens / SCALANCE XC-300/XR-300/XC-400/XR-500WG/XR-500 family
|
vers:all/* | ||
|
SCALANCE XCM-/XRM-/XCH-/XRH-300 family
Siemens / SCALANCE XCM-/XRM-/XCH-/XRH-300 family
|
vers:all/* |
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
RUGGEDCOM RST2428P (6GK6242-6PA00)
Siemens / RUGGEDCOM RST2428P (6GK6242-6PA00)
|
6GK6242-6PA00
|
vers:all/* | |
|
SCALANCE XC-300/XR-300/XC-400/XR-500WG/XR-500 family
Siemens / SCALANCE XC-300/XR-300/XC-400/XR-500WG/XR-500 family
|
vers:all/* | ||
|
SCALANCE XCM-/XRM-/XCH-/XRH-300 family
Siemens / SCALANCE XCM-/XRM-/XCH-/XRH-300 family
|
vers:all/* |
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
RUGGEDCOM RST2428P (6GK6242-6PA00)
Siemens / RUGGEDCOM RST2428P (6GK6242-6PA00)
|
6GK6242-6PA00
|
vers:all/* | |
|
SCALANCE XC-300/XR-300/XC-400/XR-500WG/XR-500 family
Siemens / SCALANCE XC-300/XR-300/XC-400/XR-500WG/XR-500 family
|
vers:all/* | ||
|
SCALANCE XCM-/XRM-/XCH-/XRH-300 family
Siemens / SCALANCE XCM-/XRM-/XCH-/XRH-300 family
|
vers:all/* |
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
SCALANCE XC-300/XR-300/XC-400/XR-500WG/XR-500 family
Siemens / SCALANCE XC-300/XR-300/XC-400/XR-500WG/XR-500 family
|
vers:all/* |
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
SCALANCE XC-300/XR-300/XC-400/XR-500WG/XR-500 family
Siemens / SCALANCE XC-300/XR-300/XC-400/XR-500WG/XR-500 family
|
vers:all/* |
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
SCALANCE XC-300/XR-300/XC-400/XR-500WG/XR-500 family
Siemens / SCALANCE XC-300/XR-300/XC-400/XR-500WG/XR-500 family
|
vers:all/* |
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
SCALANCE XC-300/XR-300/XC-400/XR-500WG/XR-500 family
Siemens / SCALANCE XC-300/XR-300/XC-400/XR-500WG/XR-500 family
|
vers:all/* |
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
SCALANCE XC-300/XR-300/XC-400/XR-500WG/XR-500 family
Siemens / SCALANCE XC-300/XR-300/XC-400/XR-500WG/XR-500 family
|
vers:all/* |
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
SCALANCE XC-300/XR-300/XC-400/XR-500WG/XR-500 family
Siemens / SCALANCE XC-300/XR-300/XC-400/XR-500WG/XR-500 family
|
vers:all/* |
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
SCALANCE XC-300/XR-300/XC-400/XR-500WG/XR-500 family
Siemens / SCALANCE XC-300/XR-300/XC-400/XR-500WG/XR-500 family
|
vers:all/* |
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
RUGGEDCOM RST2428P (6GK6242-6PA00)
Siemens / RUGGEDCOM RST2428P (6GK6242-6PA00)
|
6GK6242-6PA00
|
vers:all/* | |
|
SCALANCE XC-300/XR-300/XC-400/XR-500WG/XR-500 family
Siemens / SCALANCE XC-300/XR-300/XC-400/XR-500WG/XR-500 family
|
vers:all/* | ||
|
SCALANCE XCM-/XRM-/XCH-/XRH-300 family
Siemens / SCALANCE XCM-/XRM-/XCH-/XRH-300 family
|
vers:all/* |
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
RUGGEDCOM RST2428P (6GK6242-6PA00)
Siemens / RUGGEDCOM RST2428P (6GK6242-6PA00)
|
6GK6242-6PA00
|
vers:all/* | |
|
SCALANCE XC-300/XR-300/XC-400/XR-500WG/XR-500 family
Siemens / SCALANCE XC-300/XR-300/XC-400/XR-500WG/XR-500 family
|
vers:all/* | ||
|
SCALANCE XCM-/XRM-/XCH-/XRH-300 family
Siemens / SCALANCE XCM-/XRM-/XCH-/XRH-300 family
|
vers:all/* |
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
RUGGEDCOM RST2428P (6GK6242-6PA00)
Siemens / RUGGEDCOM RST2428P (6GK6242-6PA00)
|
6GK6242-6PA00
|
vers:all/* | |
|
SCALANCE XC-300/XR-300/XC-400/XR-500WG/XR-500 family
Siemens / SCALANCE XC-300/XR-300/XC-400/XR-500WG/XR-500 family
|
vers:all/* | ||
|
SCALANCE XCM-/XRM-/XCH-/XRH-300 family
Siemens / SCALANCE XCM-/XRM-/XCH-/XRH-300 family
|
vers:all/* |
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
RUGGEDCOM RST2428P (6GK6242-6PA00)
Siemens / RUGGEDCOM RST2428P (6GK6242-6PA00)
|
6GK6242-6PA00
|
vers:all/* | |
|
SCALANCE XC-300/XR-300/XC-400/XR-500WG/XR-500 family
Siemens / SCALANCE XC-300/XR-300/XC-400/XR-500WG/XR-500 family
|
vers:all/* | ||
|
SCALANCE XCM-/XRM-/XCH-/XRH-300 family
Siemens / SCALANCE XCM-/XRM-/XCH-/XRH-300 family
|
vers:all/* |
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
RUGGEDCOM RST2428P (6GK6242-6PA00)
Siemens / RUGGEDCOM RST2428P (6GK6242-6PA00)
|
6GK6242-6PA00
|
vers:all/* | |
|
SCALANCE XC-300/XR-300/XC-400/XR-500WG/XR-500 family
Siemens / SCALANCE XC-300/XR-300/XC-400/XR-500WG/XR-500 family
|
vers:all/* | ||
|
SCALANCE XCM-/XRM-/XCH-/XRH-300 family
Siemens / SCALANCE XCM-/XRM-/XCH-/XRH-300 family
|
vers:all/* |
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
RUGGEDCOM RST2428P (6GK6242-6PA00)
Siemens / RUGGEDCOM RST2428P (6GK6242-6PA00)
|
6GK6242-6PA00
|
vers:all/* | |
|
SCALANCE XC-300/XR-300/XC-400/XR-500WG/XR-500 family
Siemens / SCALANCE XC-300/XR-300/XC-400/XR-500WG/XR-500 family
|
vers:all/* | ||
|
SCALANCE XCM-/XRM-/XCH-/XRH-300 family
Siemens / SCALANCE XCM-/XRM-/XCH-/XRH-300 family
|
vers:all/* |
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
RUGGEDCOM RST2428P (6GK6242-6PA00)
Siemens / RUGGEDCOM RST2428P (6GK6242-6PA00)
|
6GK6242-6PA00
|
vers:all/* | |
|
SCALANCE XC-300/XR-300/XC-400/XR-500WG/XR-500 family
Siemens / SCALANCE XC-300/XR-300/XC-400/XR-500WG/XR-500 family
|
vers:all/* | ||
|
SCALANCE XCM-/XRM-/XCH-/XRH-300 family
Siemens / SCALANCE XCM-/XRM-/XCH-/XRH-300 family
|
vers:all/* |
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
RUGGEDCOM RST2428P (6GK6242-6PA00)
Siemens / RUGGEDCOM RST2428P (6GK6242-6PA00)
|
6GK6242-6PA00
|
vers:all/* | |
|
SCALANCE XC-300/XR-300/XC-400/XR-500WG/XR-500 family
Siemens / SCALANCE XC-300/XR-300/XC-400/XR-500WG/XR-500 family
|
vers:all/* | ||
|
SCALANCE XCM-/XRM-/XCH-/XRH-300 family
Siemens / SCALANCE XCM-/XRM-/XCH-/XRH-300 family
|
vers:all/* |
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
RUGGEDCOM RST2428P (6GK6242-6PA00)
Siemens / RUGGEDCOM RST2428P (6GK6242-6PA00)
|
6GK6242-6PA00
|
vers:all/* | |
|
SCALANCE XC-300/XR-300/XC-400/XR-500WG/XR-500 family
Siemens / SCALANCE XC-300/XR-300/XC-400/XR-500WG/XR-500 family
|
vers:all/* | ||
|
SCALANCE XCM-/XRM-/XCH-/XRH-300 family
Siemens / SCALANCE XCM-/XRM-/XCH-/XRH-300 family
|
vers:all/* |
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
RUGGEDCOM RST2428P (6GK6242-6PA00)
Siemens / RUGGEDCOM RST2428P (6GK6242-6PA00)
|
6GK6242-6PA00
|
vers:all/* | |
|
SCALANCE XC-300/XR-300/XC-400/XR-500WG/XR-500 family
Siemens / SCALANCE XC-300/XR-300/XC-400/XR-500WG/XR-500 family
|
vers:all/* | ||
|
SCALANCE XCM-/XRM-/XCH-/XRH-300 family
Siemens / SCALANCE XCM-/XRM-/XCH-/XRH-300 family
|
vers:all/* |
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
RUGGEDCOM RST2428P (6GK6242-6PA00)
Siemens / RUGGEDCOM RST2428P (6GK6242-6PA00)
|
6GK6242-6PA00
|
vers:all/* | |
|
SCALANCE XC-300/XR-300/XC-400/XR-500WG/XR-500 family
Siemens / SCALANCE XC-300/XR-300/XC-400/XR-500WG/XR-500 family
|
vers:all/* | ||
|
SCALANCE XCM-/XRM-/XCH-/XRH-300 family
Siemens / SCALANCE XCM-/XRM-/XCH-/XRH-300 family
|
vers:all/* |
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
RUGGEDCOM RST2428P (6GK6242-6PA00)
Siemens / RUGGEDCOM RST2428P (6GK6242-6PA00)
|
6GK6242-6PA00
|
vers:all/* | |
|
SCALANCE XC-300/XR-300/XC-400/XR-500WG/XR-500 family
Siemens / SCALANCE XC-300/XR-300/XC-400/XR-500WG/XR-500 family
|
vers:all/* | ||
|
SCALANCE XCM-/XRM-/XCH-/XRH-300 family
Siemens / SCALANCE XCM-/XRM-/XCH-/XRH-300 family
|
vers:all/* |
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
RUGGEDCOM RST2428P (6GK6242-6PA00)
Siemens / RUGGEDCOM RST2428P (6GK6242-6PA00)
|
6GK6242-6PA00
|
vers:all/* | |
|
SCALANCE XC-300/XR-300/XC-400/XR-500WG/XR-500 family
Siemens / SCALANCE XC-300/XR-300/XC-400/XR-500WG/XR-500 family
|
vers:all/* | ||
|
SCALANCE XCM-/XRM-/XCH-/XRH-300 family
Siemens / SCALANCE XCM-/XRM-/XCH-/XRH-300 family
|
vers:all/* |
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
RUGGEDCOM RST2428P (6GK6242-6PA00)
Siemens / RUGGEDCOM RST2428P (6GK6242-6PA00)
|
6GK6242-6PA00
|
vers:all/* | |
|
SCALANCE XC-300/XR-300/XC-400/XR-500WG/XR-500 family
Siemens / SCALANCE XC-300/XR-300/XC-400/XR-500WG/XR-500 family
|
vers:all/* | ||
|
SCALANCE XCM-/XRM-/XCH-/XRH-300 family
Siemens / SCALANCE XCM-/XRM-/XCH-/XRH-300 family
|
vers:all/* |
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
RUGGEDCOM RST2428P (6GK6242-6PA00)
Siemens / RUGGEDCOM RST2428P (6GK6242-6PA00)
|
6GK6242-6PA00
|
vers:all/* | |
|
SCALANCE XC-300/XR-300/XC-400/XR-500WG/XR-500 family
Siemens / SCALANCE XC-300/XR-300/XC-400/XR-500WG/XR-500 family
|
vers:all/* | ||
|
SCALANCE XCM-/XRM-/XCH-/XRH-300 family
Siemens / SCALANCE XCM-/XRM-/XCH-/XRH-300 family
|
vers:all/* |
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
RUGGEDCOM RST2428P (6GK6242-6PA00)
Siemens / RUGGEDCOM RST2428P (6GK6242-6PA00)
|
6GK6242-6PA00
|
vers:all/* | |
|
SCALANCE XC-300/XR-300/XC-400/XR-500WG/XR-500 family
Siemens / SCALANCE XC-300/XR-300/XC-400/XR-500WG/XR-500 family
|
vers:all/* | ||
|
SCALANCE XCM-/XRM-/XCH-/XRH-300 family
Siemens / SCALANCE XCM-/XRM-/XCH-/XRH-300 family
|
vers:all/* |
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
RUGGEDCOM RST2428P (6GK6242-6PA00)
Siemens / RUGGEDCOM RST2428P (6GK6242-6PA00)
|
6GK6242-6PA00
|
vers:all/* | |
|
SCALANCE XC-300/XR-300/XC-400/XR-500WG/XR-500 family
Siemens / SCALANCE XC-300/XR-300/XC-400/XR-500WG/XR-500 family
|
vers:all/* | ||
|
SCALANCE XCM-/XRM-/XCH-/XRH-300 family
Siemens / SCALANCE XCM-/XRM-/XCH-/XRH-300 family
|
vers:all/* |
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
RUGGEDCOM RST2428P (6GK6242-6PA00)
Siemens / RUGGEDCOM RST2428P (6GK6242-6PA00)
|
6GK6242-6PA00
|
vers:all/* | |
|
SCALANCE XC-300/XR-300/XC-400/XR-500WG/XR-500 family
Siemens / SCALANCE XC-300/XR-300/XC-400/XR-500WG/XR-500 family
|
vers:all/* | ||
|
SCALANCE XCM-/XRM-/XCH-/XRH-300 family
Siemens / SCALANCE XCM-/XRM-/XCH-/XRH-300 family
|
vers:all/* |
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
RUGGEDCOM RST2428P (6GK6242-6PA00)
Siemens / RUGGEDCOM RST2428P (6GK6242-6PA00)
|
6GK6242-6PA00
|
vers:all/* | |
|
SCALANCE XC-300/XR-300/XC-400/XR-500WG/XR-500 family
Siemens / SCALANCE XC-300/XR-300/XC-400/XR-500WG/XR-500 family
|
vers:all/* | ||
|
SCALANCE XCM-/XRM-/XCH-/XRH-300 family
Siemens / SCALANCE XCM-/XRM-/XCH-/XRH-300 family
|
vers:all/* |
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
RUGGEDCOM RST2428P (6GK6242-6PA00)
Siemens / RUGGEDCOM RST2428P (6GK6242-6PA00)
|
6GK6242-6PA00
|
vers:all/* | |
|
SCALANCE XC-300/XR-300/XC-400/XR-500WG/XR-500 family
Siemens / SCALANCE XC-300/XR-300/XC-400/XR-500WG/XR-500 family
|
vers:all/* | ||
|
SCALANCE XCM-/XRM-/XCH-/XRH-300 family
Siemens / SCALANCE XCM-/XRM-/XCH-/XRH-300 family
|
vers:all/* |
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
RUGGEDCOM RST2428P (6GK6242-6PA00)
Siemens / RUGGEDCOM RST2428P (6GK6242-6PA00)
|
6GK6242-6PA00
|
vers:all/* | |
|
SCALANCE XC-300/XR-300/XC-400/XR-500WG/XR-500 family
Siemens / SCALANCE XC-300/XR-300/XC-400/XR-500WG/XR-500 family
|
vers:all/* | ||
|
SCALANCE XCM-/XRM-/XCH-/XRH-300 family
Siemens / SCALANCE XCM-/XRM-/XCH-/XRH-300 family
|
vers:all/* |
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
RUGGEDCOM RST2428P (6GK6242-6PA00)
Siemens / RUGGEDCOM RST2428P (6GK6242-6PA00)
|
6GK6242-6PA00
|
vers:all/* | |
|
SCALANCE XC-300/XR-300/XC-400/XR-500WG/XR-500 family
Siemens / SCALANCE XC-300/XR-300/XC-400/XR-500WG/XR-500 family
|
vers:all/* | ||
|
SCALANCE XCM-/XRM-/XCH-/XRH-300 family
Siemens / SCALANCE XCM-/XRM-/XCH-/XRH-300 family
|
vers:all/* |
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
RUGGEDCOM RST2428P (6GK6242-6PA00)
Siemens / RUGGEDCOM RST2428P (6GK6242-6PA00)
|
6GK6242-6PA00
|
vers:all/* | |
|
SCALANCE XC-300/XR-300/XC-400/XR-500WG/XR-500 family
Siemens / SCALANCE XC-300/XR-300/XC-400/XR-500WG/XR-500 family
|
vers:all/* | ||
|
SCALANCE XCM-/XRM-/XCH-/XRH-300 family
Siemens / SCALANCE XCM-/XRM-/XCH-/XRH-300 family
|
vers:all/* |
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
RUGGEDCOM RST2428P (6GK6242-6PA00)
Siemens / RUGGEDCOM RST2428P (6GK6242-6PA00)
|
6GK6242-6PA00
|
vers:all/* | |
|
SCALANCE XC-300/XR-300/XC-400/XR-500WG/XR-500 family
Siemens / SCALANCE XC-300/XR-300/XC-400/XR-500WG/XR-500 family
|
vers:all/* | ||
|
SCALANCE XCM-/XRM-/XCH-/XRH-300 family
Siemens / SCALANCE XCM-/XRM-/XCH-/XRH-300 family
|
vers:all/* |
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
RUGGEDCOM RST2428P (6GK6242-6PA00)
Siemens / RUGGEDCOM RST2428P (6GK6242-6PA00)
|
6GK6242-6PA00
|
vers:all/* | |
|
SCALANCE XC-300/XR-300/XC-400/XR-500WG/XR-500 family
Siemens / SCALANCE XC-300/XR-300/XC-400/XR-500WG/XR-500 family
|
vers:all/* | ||
|
SCALANCE XCM-/XRM-/XCH-/XRH-300 family
Siemens / SCALANCE XCM-/XRM-/XCH-/XRH-300 family
|
vers:all/* |
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
RUGGEDCOM RST2428P (6GK6242-6PA00)
Siemens / RUGGEDCOM RST2428P (6GK6242-6PA00)
|
6GK6242-6PA00
|
vers:all/* | |
|
SCALANCE XC-300/XR-300/XC-400/XR-500WG/XR-500 family
Siemens / SCALANCE XC-300/XR-300/XC-400/XR-500WG/XR-500 family
|
vers:all/* | ||
|
SCALANCE XCM-/XRM-/XCH-/XRH-300 family
Siemens / SCALANCE XCM-/XRM-/XCH-/XRH-300 family
|
vers:all/* |
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
RUGGEDCOM RST2428P (6GK6242-6PA00)
Siemens / RUGGEDCOM RST2428P (6GK6242-6PA00)
|
6GK6242-6PA00
|
vers:all/* | |
|
SCALANCE XC-300/XR-300/XC-400/XR-500WG/XR-500 family
Siemens / SCALANCE XC-300/XR-300/XC-400/XR-500WG/XR-500 family
|
vers:all/* | ||
|
SCALANCE XCM-/XRM-/XCH-/XRH-300 family
Siemens / SCALANCE XCM-/XRM-/XCH-/XRH-300 family
|
vers:all/* |
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
RUGGEDCOM RST2428P (6GK6242-6PA00)
Siemens / RUGGEDCOM RST2428P (6GK6242-6PA00)
|
6GK6242-6PA00
|
vers:all/* | |
|
SCALANCE XC-300/XR-300/XC-400/XR-500WG/XR-500 family
Siemens / SCALANCE XC-300/XR-300/XC-400/XR-500WG/XR-500 family
|
vers:all/* | ||
|
SCALANCE XCM-/XRM-/XCH-/XRH-300 family
Siemens / SCALANCE XCM-/XRM-/XCH-/XRH-300 family
|
vers:all/* |
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
RUGGEDCOM RST2428P (6GK6242-6PA00)
Siemens / RUGGEDCOM RST2428P (6GK6242-6PA00)
|
6GK6242-6PA00
|
vers:all/* | |
|
SCALANCE XC-300/XR-300/XC-400/XR-500WG/XR-500 family
Siemens / SCALANCE XC-300/XR-300/XC-400/XR-500WG/XR-500 family
|
vers:all/* | ||
|
SCALANCE XCM-/XRM-/XCH-/XRH-300 family
Siemens / SCALANCE XCM-/XRM-/XCH-/XRH-300 family
|
vers:all/* |
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
RUGGEDCOM RST2428P (6GK6242-6PA00)
Siemens / RUGGEDCOM RST2428P (6GK6242-6PA00)
|
6GK6242-6PA00
|
vers:all/* | |
|
SCALANCE XC-300/XR-300/XC-400/XR-500WG/XR-500 family
Siemens / SCALANCE XC-300/XR-300/XC-400/XR-500WG/XR-500 family
|
vers:all/* | ||
|
SCALANCE XCM-/XRM-/XCH-/XRH-300 family
Siemens / SCALANCE XCM-/XRM-/XCH-/XRH-300 family
|
vers:all/* |
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
RUGGEDCOM RST2428P (6GK6242-6PA00)
Siemens / RUGGEDCOM RST2428P (6GK6242-6PA00)
|
6GK6242-6PA00
|
vers:all/* | |
|
SCALANCE XC-300/XR-300/XC-400/XR-500WG/XR-500 family
Siemens / SCALANCE XC-300/XR-300/XC-400/XR-500WG/XR-500 family
|
vers:all/* | ||
|
SCALANCE XCM-/XRM-/XCH-/XRH-300 family
Siemens / SCALANCE XCM-/XRM-/XCH-/XRH-300 family
|
vers:all/* |
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
RUGGEDCOM RST2428P (6GK6242-6PA00)
Siemens / RUGGEDCOM RST2428P (6GK6242-6PA00)
|
6GK6242-6PA00
|
vers:all/* | |
|
SCALANCE XC-300/XR-300/XC-400/XR-500WG/XR-500 family
Siemens / SCALANCE XC-300/XR-300/XC-400/XR-500WG/XR-500 family
|
vers:all/* | ||
|
SCALANCE XCM-/XRM-/XCH-/XRH-300 family
Siemens / SCALANCE XCM-/XRM-/XCH-/XRH-300 family
|
vers:all/* |
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
RUGGEDCOM RST2428P (6GK6242-6PA00)
Siemens / RUGGEDCOM RST2428P (6GK6242-6PA00)
|
6GK6242-6PA00
|
vers:all/* | |
|
SCALANCE XC-300/XR-300/XC-400/XR-500WG/XR-500 family
Siemens / SCALANCE XC-300/XR-300/XC-400/XR-500WG/XR-500 family
|
vers:all/* | ||
|
SCALANCE XCM-/XRM-/XCH-/XRH-300 family
Siemens / SCALANCE XCM-/XRM-/XCH-/XRH-300 family
|
vers:all/* |
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
RUGGEDCOM RST2428P (6GK6242-6PA00)
Siemens / RUGGEDCOM RST2428P (6GK6242-6PA00)
|
6GK6242-6PA00
|
vers:all/* | |
|
SCALANCE XC-300/XR-300/XC-400/XR-500WG/XR-500 family
Siemens / SCALANCE XC-300/XR-300/XC-400/XR-500WG/XR-500 family
|
vers:all/* | ||
|
SCALANCE XCM-/XRM-/XCH-/XRH-300 family
Siemens / SCALANCE XCM-/XRM-/XCH-/XRH-300 family
|
vers:all/* |
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
RUGGEDCOM RST2428P (6GK6242-6PA00)
Siemens / RUGGEDCOM RST2428P (6GK6242-6PA00)
|
6GK6242-6PA00
|
vers:all/* | |
|
SCALANCE XC-300/XR-300/XC-400/XR-500WG/XR-500 family
Siemens / SCALANCE XC-300/XR-300/XC-400/XR-500WG/XR-500 family
|
vers:all/* | ||
|
SCALANCE XCM-/XRM-/XCH-/XRH-300 family
Siemens / SCALANCE XCM-/XRM-/XCH-/XRH-300 family
|
vers:all/* |
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
RUGGEDCOM RST2428P (6GK6242-6PA00)
Siemens / RUGGEDCOM RST2428P (6GK6242-6PA00)
|
6GK6242-6PA00
|
vers:all/* | |
|
SCALANCE XC-300/XR-300/XC-400/XR-500WG/XR-500 family
Siemens / SCALANCE XC-300/XR-300/XC-400/XR-500WG/XR-500 family
|
vers:all/* | ||
|
SCALANCE XCM-/XRM-/XCH-/XRH-300 family
Siemens / SCALANCE XCM-/XRM-/XCH-/XRH-300 family
|
vers:all/* |
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
RUGGEDCOM RST2428P (6GK6242-6PA00)
Siemens / RUGGEDCOM RST2428P (6GK6242-6PA00)
|
6GK6242-6PA00
|
vers:all/* | |
|
SCALANCE XC-300/XR-300/XC-400/XR-500WG/XR-500 family
Siemens / SCALANCE XC-300/XR-300/XC-400/XR-500WG/XR-500 family
|
vers:all/* | ||
|
SCALANCE XCM-/XRM-/XCH-/XRH-300 family
Siemens / SCALANCE XCM-/XRM-/XCH-/XRH-300 family
|
vers:all/* |
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
RUGGEDCOM RST2428P (6GK6242-6PA00)
Siemens / RUGGEDCOM RST2428P (6GK6242-6PA00)
|
6GK6242-6PA00
|
vers:all/* | |
|
SCALANCE XC-300/XR-300/XC-400/XR-500WG/XR-500 family
Siemens / SCALANCE XC-300/XR-300/XC-400/XR-500WG/XR-500 family
|
vers:all/* | ||
|
SCALANCE XCM-/XRM-/XCH-/XRH-300 family
Siemens / SCALANCE XCM-/XRM-/XCH-/XRH-300 family
|
vers:all/* |
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
RUGGEDCOM RST2428P (6GK6242-6PA00)
Siemens / RUGGEDCOM RST2428P (6GK6242-6PA00)
|
6GK6242-6PA00
|
vers:all/* | |
|
SCALANCE XC-300/XR-300/XC-400/XR-500WG/XR-500 family
Siemens / SCALANCE XC-300/XR-300/XC-400/XR-500WG/XR-500 family
|
vers:all/* | ||
|
SCALANCE XCM-/XRM-/XCH-/XRH-300 family
Siemens / SCALANCE XCM-/XRM-/XCH-/XRH-300 family
|
vers:all/* |
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
RUGGEDCOM RST2428P (6GK6242-6PA00)
Siemens / RUGGEDCOM RST2428P (6GK6242-6PA00)
|
6GK6242-6PA00
|
vers:all/* | |
|
SCALANCE XC-300/XR-300/XC-400/XR-500WG/XR-500 family
Siemens / SCALANCE XC-300/XR-300/XC-400/XR-500WG/XR-500 family
|
vers:all/* | ||
|
SCALANCE XCM-/XRM-/XCH-/XRH-300 family
Siemens / SCALANCE XCM-/XRM-/XCH-/XRH-300 family
|
vers:all/* |
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
RUGGEDCOM RST2428P (6GK6242-6PA00)
Siemens / RUGGEDCOM RST2428P (6GK6242-6PA00)
|
6GK6242-6PA00
|
vers:all/* | |
|
SCALANCE XC-300/XR-300/XC-400/XR-500WG/XR-500 family
Siemens / SCALANCE XC-300/XR-300/XC-400/XR-500WG/XR-500 family
|
vers:all/* | ||
|
SCALANCE XCM-/XRM-/XCH-/XRH-300 family
Siemens / SCALANCE XCM-/XRM-/XCH-/XRH-300 family
|
vers:all/* |
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
RUGGEDCOM RST2428P (6GK6242-6PA00)
Siemens / RUGGEDCOM RST2428P (6GK6242-6PA00)
|
6GK6242-6PA00
|
vers:all/* | |
|
SCALANCE XC-300/XR-300/XC-400/XR-500WG/XR-500 family
Siemens / SCALANCE XC-300/XR-300/XC-400/XR-500WG/XR-500 family
|
vers:all/* | ||
|
SCALANCE XCM-/XRM-/XCH-/XRH-300 family
Siemens / SCALANCE XCM-/XRM-/XCH-/XRH-300 family
|
vers:all/* |
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
RUGGEDCOM RST2428P (6GK6242-6PA00)
Siemens / RUGGEDCOM RST2428P (6GK6242-6PA00)
|
6GK6242-6PA00
|
vers:all/* | |
|
SCALANCE XC-300/XR-300/XC-400/XR-500WG/XR-500 family
Siemens / SCALANCE XC-300/XR-300/XC-400/XR-500WG/XR-500 family
|
vers:all/* | ||
|
SCALANCE XCM-/XRM-/XCH-/XRH-300 family
Siemens / SCALANCE XCM-/XRM-/XCH-/XRH-300 family
|
vers:all/* |
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
RUGGEDCOM RST2428P (6GK6242-6PA00)
Siemens / RUGGEDCOM RST2428P (6GK6242-6PA00)
|
6GK6242-6PA00
|
vers:all/* | |
|
SCALANCE XC-300/XR-300/XC-400/XR-500WG/XR-500 family
Siemens / SCALANCE XC-300/XR-300/XC-400/XR-500WG/XR-500 family
|
vers:all/* | ||
|
SCALANCE XCM-/XRM-/XCH-/XRH-300 family
Siemens / SCALANCE XCM-/XRM-/XCH-/XRH-300 family
|
vers:all/* |
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
RUGGEDCOM RST2428P (6GK6242-6PA00)
Siemens / RUGGEDCOM RST2428P (6GK6242-6PA00)
|
6GK6242-6PA00
|
vers:all/* | |
|
SCALANCE XC-300/XR-300/XC-400/XR-500WG/XR-500 family
Siemens / SCALANCE XC-300/XR-300/XC-400/XR-500WG/XR-500 family
|
vers:all/* | ||
|
SCALANCE XCM-/XRM-/XCH-/XRH-300 family
Siemens / SCALANCE XCM-/XRM-/XCH-/XRH-300 family
|
vers:all/* |
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
RUGGEDCOM RST2428P (6GK6242-6PA00)
Siemens / RUGGEDCOM RST2428P (6GK6242-6PA00)
|
6GK6242-6PA00
|
vers:all/* | |
|
SCALANCE XC-300/XR-300/XC-400/XR-500WG/XR-500 family
Siemens / SCALANCE XC-300/XR-300/XC-400/XR-500WG/XR-500 family
|
vers:all/* | ||
|
SCALANCE XCM-/XRM-/XCH-/XRH-300 family
Siemens / SCALANCE XCM-/XRM-/XCH-/XRH-300 family
|
vers:all/* |
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
RUGGEDCOM RST2428P (6GK6242-6PA00)
Siemens / RUGGEDCOM RST2428P (6GK6242-6PA00)
|
6GK6242-6PA00
|
vers:all/* | |
|
SCALANCE XC-300/XR-300/XC-400/XR-500WG/XR-500 family
Siemens / SCALANCE XC-300/XR-300/XC-400/XR-500WG/XR-500 family
|
vers:all/* | ||
|
SCALANCE XCM-/XRM-/XCH-/XRH-300 family
Siemens / SCALANCE XCM-/XRM-/XCH-/XRH-300 family
|
vers:all/* |
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
RUGGEDCOM RST2428P (6GK6242-6PA00)
Siemens / RUGGEDCOM RST2428P (6GK6242-6PA00)
|
6GK6242-6PA00
|
vers:all/* | |
|
SCALANCE XC-300/XR-300/XC-400/XR-500WG/XR-500 family
Siemens / SCALANCE XC-300/XR-300/XC-400/XR-500WG/XR-500 family
|
vers:all/* | ||
|
SCALANCE XCM-/XRM-/XCH-/XRH-300 family
Siemens / SCALANCE XCM-/XRM-/XCH-/XRH-300 family
|
vers:all/* |
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
RUGGEDCOM RST2428P (6GK6242-6PA00)
Siemens / RUGGEDCOM RST2428P (6GK6242-6PA00)
|
6GK6242-6PA00
|
vers:all/* | |
|
SCALANCE XC-300/XR-300/XC-400/XR-500WG/XR-500 family
Siemens / SCALANCE XC-300/XR-300/XC-400/XR-500WG/XR-500 family
|
vers:all/* | ||
|
SCALANCE XCM-/XRM-/XCH-/XRH-300 family
Siemens / SCALANCE XCM-/XRM-/XCH-/XRH-300 family
|
vers:all/* |
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
RUGGEDCOM RST2428P (6GK6242-6PA00)
Siemens / RUGGEDCOM RST2428P (6GK6242-6PA00)
|
6GK6242-6PA00
|
vers:all/* | |
|
SCALANCE XC-300/XR-300/XC-400/XR-500WG/XR-500 family
Siemens / SCALANCE XC-300/XR-300/XC-400/XR-500WG/XR-500 family
|
vers:all/* | ||
|
SCALANCE XCM-/XRM-/XCH-/XRH-300 family
Siemens / SCALANCE XCM-/XRM-/XCH-/XRH-300 family
|
vers:all/* |
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
RUGGEDCOM RST2428P (6GK6242-6PA00)
Siemens / RUGGEDCOM RST2428P (6GK6242-6PA00)
|
6GK6242-6PA00
|
vers:all/* | |
|
SCALANCE XC-300/XR-300/XC-400/XR-500WG/XR-500 family
Siemens / SCALANCE XC-300/XR-300/XC-400/XR-500WG/XR-500 family
|
vers:all/* | ||
|
SCALANCE XCM-/XRM-/XCH-/XRH-300 family
Siemens / SCALANCE XCM-/XRM-/XCH-/XRH-300 family
|
vers:all/* |
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
RUGGEDCOM RST2428P (6GK6242-6PA00)
Siemens / RUGGEDCOM RST2428P (6GK6242-6PA00)
|
6GK6242-6PA00
|
vers:all/* | |
|
SCALANCE XC-300/XR-300/XC-400/XR-500WG/XR-500 family
Siemens / SCALANCE XC-300/XR-300/XC-400/XR-500WG/XR-500 family
|
vers:all/* | ||
|
SCALANCE XCM-/XRM-/XCH-/XRH-300 family
Siemens / SCALANCE XCM-/XRM-/XCH-/XRH-300 family
|
vers:all/* |
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
RUGGEDCOM RST2428P (6GK6242-6PA00)
Siemens / RUGGEDCOM RST2428P (6GK6242-6PA00)
|
6GK6242-6PA00
|
vers:all/* | |
|
SCALANCE XC-300/XR-300/XC-400/XR-500WG/XR-500 family
Siemens / SCALANCE XC-300/XR-300/XC-400/XR-500WG/XR-500 family
|
vers:all/* | ||
|
SCALANCE XCM-/XRM-/XCH-/XRH-300 family
Siemens / SCALANCE XCM-/XRM-/XCH-/XRH-300 family
|
vers:all/* |
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
SCALANCE XC-300/XR-300/XC-400/XR-500WG/XR-500 family
Siemens / SCALANCE XC-300/XR-300/XC-400/XR-500WG/XR-500 family
|
vers:all/* |
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
RUGGEDCOM RST2428P (6GK6242-6PA00)
Siemens / RUGGEDCOM RST2428P (6GK6242-6PA00)
|
6GK6242-6PA00
|
vers:all/* | |
|
SCALANCE XC-300/XR-300/XC-400/XR-500WG/XR-500 family
Siemens / SCALANCE XC-300/XR-300/XC-400/XR-500WG/XR-500 family
|
vers:all/* | ||
|
SCALANCE XCM-/XRM-/XCH-/XRH-300 family
Siemens / SCALANCE XCM-/XRM-/XCH-/XRH-300 family
|
vers:all/* |
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
SCALANCE XC-300/XR-300/XC-400/XR-500WG/XR-500 family
Siemens / SCALANCE XC-300/XR-300/XC-400/XR-500WG/XR-500 family
|
vers:all/* |
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
SCALANCE XC-300/XR-300/XC-400/XR-500WG/XR-500 family
Siemens / SCALANCE XC-300/XR-300/XC-400/XR-500WG/XR-500 family
|
vers:all/* |
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
SCALANCE XC-300/XR-300/XC-400/XR-500WG/XR-500 family
Siemens / SCALANCE XC-300/XR-300/XC-400/XR-500WG/XR-500 family
|
vers:all/* |
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
SCALANCE XC-300/XR-300/XC-400/XR-500WG/XR-500 family
Siemens / SCALANCE XC-300/XR-300/XC-400/XR-500WG/XR-500 family
|
vers:all/* |
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
SCALANCE XC-300/XR-300/XC-400/XR-500WG/XR-500 family
Siemens / SCALANCE XC-300/XR-300/XC-400/XR-500WG/XR-500 family
|
vers:all/* |
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
SCALANCE XC-300/XR-300/XC-400/XR-500WG/XR-500 family
Siemens / SCALANCE XC-300/XR-300/XC-400/XR-500WG/XR-500 family
|
vers:all/* |
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
SCALANCE XC-300/XR-300/XC-400/XR-500WG/XR-500 family
Siemens / SCALANCE XC-300/XR-300/XC-400/XR-500WG/XR-500 family
|
vers:all/* |
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
SCALANCE XC-300/XR-300/XC-400/XR-500WG/XR-500 family
Siemens / SCALANCE XC-300/XR-300/XC-400/XR-500WG/XR-500 family
|
vers:all/* |
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
SCALANCE XC-300/XR-300/XC-400/XR-500WG/XR-500 family
Siemens / SCALANCE XC-300/XR-300/XC-400/XR-500WG/XR-500 family
|
vers:all/* |
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
SCALANCE XC-300/XR-300/XC-400/XR-500WG/XR-500 family
Siemens / SCALANCE XC-300/XR-300/XC-400/XR-500WG/XR-500 family
|
vers:all/* |
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
SCALANCE XC-300/XR-300/XC-400/XR-500WG/XR-500 family
Siemens / SCALANCE XC-300/XR-300/XC-400/XR-500WG/XR-500 family
|
vers:all/* |
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
SCALANCE XC-300/XR-300/XC-400/XR-500WG/XR-500 family
Siemens / SCALANCE XC-300/XR-300/XC-400/XR-500WG/XR-500 family
|
vers:all/* |
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
SCALANCE XC-300/XR-300/XC-400/XR-500WG/XR-500 family
Siemens / SCALANCE XC-300/XR-300/XC-400/XR-500WG/XR-500 family
|
vers:all/* |
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
SCALANCE XC-300/XR-300/XC-400/XR-500WG/XR-500 family
Siemens / SCALANCE XC-300/XR-300/XC-400/XR-500WG/XR-500 family
|
vers:all/* |
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
SCALANCE XC-300/XR-300/XC-400/XR-500WG/XR-500 family
Siemens / SCALANCE XC-300/XR-300/XC-400/XR-500WG/XR-500 family
|
vers:all/* |
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
SCALANCE XC-300/XR-300/XC-400/XR-500WG/XR-500 family
Siemens / SCALANCE XC-300/XR-300/XC-400/XR-500WG/XR-500 family
|
vers:all/* |
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
RUGGEDCOM RST2428P (6GK6242-6PA00)
Siemens / RUGGEDCOM RST2428P (6GK6242-6PA00)
|
6GK6242-6PA00
|
vers:all/* | |
|
SCALANCE XC-300/XR-300/XC-400/XR-500WG/XR-500 family
Siemens / SCALANCE XC-300/XR-300/XC-400/XR-500WG/XR-500 family
|
vers:all/* | ||
|
SCALANCE XCM-/XRM-/XCH-/XRH-300 family
Siemens / SCALANCE XCM-/XRM-/XCH-/XRH-300 family
|
vers:all/* |
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
RUGGEDCOM RST2428P (6GK6242-6PA00)
Siemens / RUGGEDCOM RST2428P (6GK6242-6PA00)
|
6GK6242-6PA00
|
vers:all/* | |
|
SCALANCE XC-300/XR-300/XC-400/XR-500WG/XR-500 family
Siemens / SCALANCE XC-300/XR-300/XC-400/XR-500WG/XR-500 family
|
vers:all/* | ||
|
SCALANCE XCM-/XRM-/XCH-/XRH-300 family
Siemens / SCALANCE XCM-/XRM-/XCH-/XRH-300 family
|
vers:all/* |
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
RUGGEDCOM RST2428P (6GK6242-6PA00)
Siemens / RUGGEDCOM RST2428P (6GK6242-6PA00)
|
6GK6242-6PA00
|
vers:all/* | |
|
SCALANCE XC-300/XR-300/XC-400/XR-500WG/XR-500 family
Siemens / SCALANCE XC-300/XR-300/XC-400/XR-500WG/XR-500 family
|
vers:all/* | ||
|
SCALANCE XCM-/XRM-/XCH-/XRH-300 family
Siemens / SCALANCE XCM-/XRM-/XCH-/XRH-300 family
|
vers:all/* |
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
RUGGEDCOM RST2428P (6GK6242-6PA00)
Siemens / RUGGEDCOM RST2428P (6GK6242-6PA00)
|
6GK6242-6PA00
|
vers:all/* | |
|
SCALANCE XC-300/XR-300/XC-400/XR-500WG/XR-500 family
Siemens / SCALANCE XC-300/XR-300/XC-400/XR-500WG/XR-500 family
|
vers:all/* | ||
|
SCALANCE XCM-/XRM-/XCH-/XRH-300 family
Siemens / SCALANCE XCM-/XRM-/XCH-/XRH-300 family
|
vers:all/* |
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
RUGGEDCOM RST2428P (6GK6242-6PA00)
Siemens / RUGGEDCOM RST2428P (6GK6242-6PA00)
|
6GK6242-6PA00
|
vers:all/* | |
|
SCALANCE XC-300/XR-300/XC-400/XR-500WG/XR-500 family
Siemens / SCALANCE XC-300/XR-300/XC-400/XR-500WG/XR-500 family
|
vers:all/* | ||
|
SCALANCE XCM-/XRM-/XCH-/XRH-300 family
Siemens / SCALANCE XCM-/XRM-/XCH-/XRH-300 family
|
vers:all/* |
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
RUGGEDCOM RST2428P (6GK6242-6PA00)
Siemens / RUGGEDCOM RST2428P (6GK6242-6PA00)
|
6GK6242-6PA00
|
vers:all/* | |
|
SCALANCE XC-300/XR-300/XC-400/XR-500WG/XR-500 family
Siemens / SCALANCE XC-300/XR-300/XC-400/XR-500WG/XR-500 family
|
vers:all/* | ||
|
SCALANCE XCM-/XRM-/XCH-/XRH-300 family
Siemens / SCALANCE XCM-/XRM-/XCH-/XRH-300 family
|
vers:all/* |
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
RUGGEDCOM RST2428P (6GK6242-6PA00)
Siemens / RUGGEDCOM RST2428P (6GK6242-6PA00)
|
6GK6242-6PA00
|
vers:all/* | |
|
SCALANCE XC-300/XR-300/XC-400/XR-500WG/XR-500 family
Siemens / SCALANCE XC-300/XR-300/XC-400/XR-500WG/XR-500 family
|
vers:all/* | ||
|
SCALANCE XCM-/XRM-/XCH-/XRH-300 family
Siemens / SCALANCE XCM-/XRM-/XCH-/XRH-300 family
|
vers:all/* |
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
SCALANCE XC-300/XR-300/XC-400/XR-500WG/XR-500 family
Siemens / SCALANCE XC-300/XR-300/XC-400/XR-500WG/XR-500 family
|
vers:all/* |
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
SCALANCE XC-300/XR-300/XC-400/XR-500WG/XR-500 family
Siemens / SCALANCE XC-300/XR-300/XC-400/XR-500WG/XR-500 family
|
vers:all/* |
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
SCALANCE XC-300/XR-300/XC-400/XR-500WG/XR-500 family
Siemens / SCALANCE XC-300/XR-300/XC-400/XR-500WG/XR-500 family
|
vers:all/* |
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
SCALANCE XC-300/XR-300/XC-400/XR-500WG/XR-500 family
Siemens / SCALANCE XC-300/XR-300/XC-400/XR-500WG/XR-500 family
|
vers:all/* |
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
RUGGEDCOM RST2428P (6GK6242-6PA00)
Siemens / RUGGEDCOM RST2428P (6GK6242-6PA00)
|
6GK6242-6PA00
|
vers:all/* | |
|
SCALANCE XC-300/XR-300/XC-400/XR-500WG/XR-500 family
Siemens / SCALANCE XC-300/XR-300/XC-400/XR-500WG/XR-500 family
|
vers:all/* | ||
|
SCALANCE XCM-/XRM-/XCH-/XRH-300 family
Siemens / SCALANCE XCM-/XRM-/XCH-/XRH-300 family
|
vers:all/* |
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
RUGGEDCOM RST2428P (6GK6242-6PA00)
Siemens / RUGGEDCOM RST2428P (6GK6242-6PA00)
|
6GK6242-6PA00
|
vers:all/* | |
|
SCALANCE XC-300/XR-300/XC-400/XR-500WG/XR-500 family
Siemens / SCALANCE XC-300/XR-300/XC-400/XR-500WG/XR-500 family
|
vers:all/* | ||
|
SCALANCE XCM-/XRM-/XCH-/XRH-300 family
Siemens / SCALANCE XCM-/XRM-/XCH-/XRH-300 family
|
vers:all/* |
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
SCALANCE XC-300/XR-300/XC-400/XR-500WG/XR-500 family
Siemens / SCALANCE XC-300/XR-300/XC-400/XR-500WG/XR-500 family
|
vers:all/* |
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
SCALANCE XC-300/XR-300/XC-400/XR-500WG/XR-500 family
Siemens / SCALANCE XC-300/XR-300/XC-400/XR-500WG/XR-500 family
|
vers:all/* |
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
SCALANCE XC-300/XR-300/XC-400/XR-500WG/XR-500 family
Siemens / SCALANCE XC-300/XR-300/XC-400/XR-500WG/XR-500 family
|
vers:all/* |
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
SCALANCE XC-300/XR-300/XC-400/XR-500WG/XR-500 family
Siemens / SCALANCE XC-300/XR-300/XC-400/XR-500WG/XR-500 family
|
vers:all/* |
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
SCALANCE XC-300/XR-300/XC-400/XR-500WG/XR-500 family
Siemens / SCALANCE XC-300/XR-300/XC-400/XR-500WG/XR-500 family
|
vers:all/* |
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
SCALANCE XC-300/XR-300/XC-400/XR-500WG/XR-500 family
Siemens / SCALANCE XC-300/XR-300/XC-400/XR-500WG/XR-500 family
|
vers:all/* |
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
SCALANCE XC-300/XR-300/XC-400/XR-500WG/XR-500 family
Siemens / SCALANCE XC-300/XR-300/XC-400/XR-500WG/XR-500 family
|
vers:all/* |
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
SCALANCE XC-300/XR-300/XC-400/XR-500WG/XR-500 family
Siemens / SCALANCE XC-300/XR-300/XC-400/XR-500WG/XR-500 family
|
vers:all/* |
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
SCALANCE XC-300/XR-300/XC-400/XR-500WG/XR-500 family
Siemens / SCALANCE XC-300/XR-300/XC-400/XR-500WG/XR-500 family
|
vers:all/* |
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
SCALANCE XC-300/XR-300/XC-400/XR-500WG/XR-500 family
Siemens / SCALANCE XC-300/XR-300/XC-400/XR-500WG/XR-500 family
|
vers:all/* |
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
SCALANCE XC-300/XR-300/XC-400/XR-500WG/XR-500 family
Siemens / SCALANCE XC-300/XR-300/XC-400/XR-500WG/XR-500 family
|
vers:all/* |
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
SCALANCE XC-300/XR-300/XC-400/XR-500WG/XR-500 family
Siemens / SCALANCE XC-300/XR-300/XC-400/XR-500WG/XR-500 family
|
vers:all/* |
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
SCALANCE XC-300/XR-300/XC-400/XR-500WG/XR-500 family
Siemens / SCALANCE XC-300/XR-300/XC-400/XR-500WG/XR-500 family
|
vers:all/* |
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
SCALANCE XC-300/XR-300/XC-400/XR-500WG/XR-500 family
Siemens / SCALANCE XC-300/XR-300/XC-400/XR-500WG/XR-500 family
|
vers:all/* |
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
SCALANCE XC-300/XR-300/XC-400/XR-500WG/XR-500 family
Siemens / SCALANCE XC-300/XR-300/XC-400/XR-500WG/XR-500 family
|
vers:all/* |
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
SCALANCE XC-300/XR-300/XC-400/XR-500WG/XR-500 family
Siemens / SCALANCE XC-300/XR-300/XC-400/XR-500WG/XR-500 family
|
vers:all/* |
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
SCALANCE XC-300/XR-300/XC-400/XR-500WG/XR-500 family
Siemens / SCALANCE XC-300/XR-300/XC-400/XR-500WG/XR-500 family
|
vers:all/* |
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
SCALANCE XC-300/XR-300/XC-400/XR-500WG/XR-500 family
Siemens / SCALANCE XC-300/XR-300/XC-400/XR-500WG/XR-500 family
|
vers:all/* |
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
SCALANCE XC-300/XR-300/XC-400/XR-500WG/XR-500 family
Siemens / SCALANCE XC-300/XR-300/XC-400/XR-500WG/XR-500 family
|
vers:all/* |
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
SCALANCE XC-300/XR-300/XC-400/XR-500WG/XR-500 family
Siemens / SCALANCE XC-300/XR-300/XC-400/XR-500WG/XR-500 family
|
vers:all/* |
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
SCALANCE XC-300/XR-300/XC-400/XR-500WG/XR-500 family
Siemens / SCALANCE XC-300/XR-300/XC-400/XR-500WG/XR-500 family
|
vers:all/* |
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
SCALANCE XC-300/XR-300/XC-400/XR-500WG/XR-500 family
Siemens / SCALANCE XC-300/XR-300/XC-400/XR-500WG/XR-500 family
|
vers:all/* |
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
SCALANCE XC-300/XR-300/XC-400/XR-500WG/XR-500 family
Siemens / SCALANCE XC-300/XR-300/XC-400/XR-500WG/XR-500 family
|
vers:all/* |
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
SCALANCE XC-300/XR-300/XC-400/XR-500WG/XR-500 family
Siemens / SCALANCE XC-300/XR-300/XC-400/XR-500WG/XR-500 family
|
vers:all/* |
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
SCALANCE XC-300/XR-300/XC-400/XR-500WG/XR-500 family
Siemens / SCALANCE XC-300/XR-300/XC-400/XR-500WG/XR-500 family
|
vers:all/* |
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
SCALANCE XC-300/XR-300/XC-400/XR-500WG/XR-500 family
Siemens / SCALANCE XC-300/XR-300/XC-400/XR-500WG/XR-500 family
|
vers:all/* |
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
SCALANCE XC-300/XR-300/XC-400/XR-500WG/XR-500 family
Siemens / SCALANCE XC-300/XR-300/XC-400/XR-500WG/XR-500 family
|
vers:all/* |
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
SCALANCE XC-300/XR-300/XC-400/XR-500WG/XR-500 family
Siemens / SCALANCE XC-300/XR-300/XC-400/XR-500WG/XR-500 family
|
vers:all/* |
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
SCALANCE XC-300/XR-300/XC-400/XR-500WG/XR-500 family
Siemens / SCALANCE XC-300/XR-300/XC-400/XR-500WG/XR-500 family
|
vers:all/* |
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
SCALANCE XC-300/XR-300/XC-400/XR-500WG/XR-500 family
Siemens / SCALANCE XC-300/XR-300/XC-400/XR-500WG/XR-500 family
|
vers:all/* |
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
SCALANCE XC-300/XR-300/XC-400/XR-500WG/XR-500 family
Siemens / SCALANCE XC-300/XR-300/XC-400/XR-500WG/XR-500 family
|
vers:all/* |
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
SCALANCE XC-300/XR-300/XC-400/XR-500WG/XR-500 family
Siemens / SCALANCE XC-300/XR-300/XC-400/XR-500WG/XR-500 family
|
vers:all/* |
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
SCALANCE XC-300/XR-300/XC-400/XR-500WG/XR-500 family
Siemens / SCALANCE XC-300/XR-300/XC-400/XR-500WG/XR-500 family
|
vers:all/* |
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
SCALANCE XC-300/XR-300/XC-400/XR-500WG/XR-500 family
Siemens / SCALANCE XC-300/XR-300/XC-400/XR-500WG/XR-500 family
|
vers:all/* |
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
SCALANCE XC-300/XR-300/XC-400/XR-500WG/XR-500 family
Siemens / SCALANCE XC-300/XR-300/XC-400/XR-500WG/XR-500 family
|
vers:all/* |
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
SCALANCE XC-300/XR-300/XC-400/XR-500WG/XR-500 family
Siemens / SCALANCE XC-300/XR-300/XC-400/XR-500WG/XR-500 family
|
vers:all/* |
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
SCALANCE XC-300/XR-300/XC-400/XR-500WG/XR-500 family
Siemens / SCALANCE XC-300/XR-300/XC-400/XR-500WG/XR-500 family
|
vers:all/* |
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
SCALANCE XC-300/XR-300/XC-400/XR-500WG/XR-500 family
Siemens / SCALANCE XC-300/XR-300/XC-400/XR-500WG/XR-500 family
|
vers:all/* |
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
SCALANCE XC-300/XR-300/XC-400/XR-500WG/XR-500 family
Siemens / SCALANCE XC-300/XR-300/XC-400/XR-500WG/XR-500 family
|
vers:all/* |
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
SCALANCE XC-300/XR-300/XC-400/XR-500WG/XR-500 family
Siemens / SCALANCE XC-300/XR-300/XC-400/XR-500WG/XR-500 family
|
vers:all/* |
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
SCALANCE XC-300/XR-300/XC-400/XR-500WG/XR-500 family
Siemens / SCALANCE XC-300/XR-300/XC-400/XR-500WG/XR-500 family
|
vers:all/* |
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
SCALANCE XC-300/XR-300/XC-400/XR-500WG/XR-500 family
Siemens / SCALANCE XC-300/XR-300/XC-400/XR-500WG/XR-500 family
|
vers:all/* |
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
SCALANCE XC-300/XR-300/XC-400/XR-500WG/XR-500 family
Siemens / SCALANCE XC-300/XR-300/XC-400/XR-500WG/XR-500 family
|
vers:all/* |
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
SCALANCE XC-300/XR-300/XC-400/XR-500WG/XR-500 family
Siemens / SCALANCE XC-300/XR-300/XC-400/XR-500WG/XR-500 family
|
vers:all/* |
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
SCALANCE XC-300/XR-300/XC-400/XR-500WG/XR-500 family
Siemens / SCALANCE XC-300/XR-300/XC-400/XR-500WG/XR-500 family
|
vers:all/* |
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
SCALANCE XC-300/XR-300/XC-400/XR-500WG/XR-500 family
Siemens / SCALANCE XC-300/XR-300/XC-400/XR-500WG/XR-500 family
|
vers:all/* |
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
SCALANCE XC-300/XR-300/XC-400/XR-500WG/XR-500 family
Siemens / SCALANCE XC-300/XR-300/XC-400/XR-500WG/XR-500 family
|
vers:all/* |
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
SCALANCE XC-300/XR-300/XC-400/XR-500WG/XR-500 family
Siemens / SCALANCE XC-300/XR-300/XC-400/XR-500WG/XR-500 family
|
vers:all/* |
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
SCALANCE XC-300/XR-300/XC-400/XR-500WG/XR-500 family
Siemens / SCALANCE XC-300/XR-300/XC-400/XR-500WG/XR-500 family
|
vers:all/* |
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
SCALANCE XC-300/XR-300/XC-400/XR-500WG/XR-500 family
Siemens / SCALANCE XC-300/XR-300/XC-400/XR-500WG/XR-500 family
|
vers:all/* |
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
SCALANCE XC-300/XR-300/XC-400/XR-500WG/XR-500 family
Siemens / SCALANCE XC-300/XR-300/XC-400/XR-500WG/XR-500 family
|
vers:all/* |
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
SCALANCE XC-300/XR-300/XC-400/XR-500WG/XR-500 family
Siemens / SCALANCE XC-300/XR-300/XC-400/XR-500WG/XR-500 family
|
vers:all/* |
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
SCALANCE XC-300/XR-300/XC-400/XR-500WG/XR-500 family
Siemens / SCALANCE XC-300/XR-300/XC-400/XR-500WG/XR-500 family
|
vers:all/* |
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
SCALANCE XC-300/XR-300/XC-400/XR-500WG/XR-500 family
Siemens / SCALANCE XC-300/XR-300/XC-400/XR-500WG/XR-500 family
|
vers:all/* |
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
SCALANCE XC-300/XR-300/XC-400/XR-500WG/XR-500 family
Siemens / SCALANCE XC-300/XR-300/XC-400/XR-500WG/XR-500 family
|
vers:all/* |
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
SCALANCE XC-300/XR-300/XC-400/XR-500WG/XR-500 family
Siemens / SCALANCE XC-300/XR-300/XC-400/XR-500WG/XR-500 family
|
vers:all/* |
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
SCALANCE XC-300/XR-300/XC-400/XR-500WG/XR-500 family
Siemens / SCALANCE XC-300/XR-300/XC-400/XR-500WG/XR-500 family
|
vers:all/* |
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
SCALANCE XC-300/XR-300/XC-400/XR-500WG/XR-500 family
Siemens / SCALANCE XC-300/XR-300/XC-400/XR-500WG/XR-500 family
|
vers:all/* |
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
SCALANCE XC-300/XR-300/XC-400/XR-500WG/XR-500 family
Siemens / SCALANCE XC-300/XR-300/XC-400/XR-500WG/XR-500 family
|
vers:all/* |
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
SCALANCE XC-300/XR-300/XC-400/XR-500WG/XR-500 family
Siemens / SCALANCE XC-300/XR-300/XC-400/XR-500WG/XR-500 family
|
vers:all/* |
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
SCALANCE XC-300/XR-300/XC-400/XR-500WG/XR-500 family
Siemens / SCALANCE XC-300/XR-300/XC-400/XR-500WG/XR-500 family
|
vers:all/* |
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
SCALANCE XC-300/XR-300/XC-400/XR-500WG/XR-500 family
Siemens / SCALANCE XC-300/XR-300/XC-400/XR-500WG/XR-500 family
|
vers:all/* |
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
SCALANCE XC-300/XR-300/XC-400/XR-500WG/XR-500 family
Siemens / SCALANCE XC-300/XR-300/XC-400/XR-500WG/XR-500 family
|
vers:all/* |
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
SCALANCE XC-300/XR-300/XC-400/XR-500WG/XR-500 family
Siemens / SCALANCE XC-300/XR-300/XC-400/XR-500WG/XR-500 family
|
vers:all/* |
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
SCALANCE XC-300/XR-300/XC-400/XR-500WG/XR-500 family
Siemens / SCALANCE XC-300/XR-300/XC-400/XR-500WG/XR-500 family
|
vers:all/* |
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
SCALANCE XC-300/XR-300/XC-400/XR-500WG/XR-500 family
Siemens / SCALANCE XC-300/XR-300/XC-400/XR-500WG/XR-500 family
|
vers:all/* |
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
SCALANCE XC-300/XR-300/XC-400/XR-500WG/XR-500 family
Siemens / SCALANCE XC-300/XR-300/XC-400/XR-500WG/XR-500 family
|
vers:all/* |
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
SCALANCE XC-300/XR-300/XC-400/XR-500WG/XR-500 family
Siemens / SCALANCE XC-300/XR-300/XC-400/XR-500WG/XR-500 family
|
vers:all/* |
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
SCALANCE XC-300/XR-300/XC-400/XR-500WG/XR-500 family
Siemens / SCALANCE XC-300/XR-300/XC-400/XR-500WG/XR-500 family
|
vers:all/* |
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
SCALANCE XC-300/XR-300/XC-400/XR-500WG/XR-500 family
Siemens / SCALANCE XC-300/XR-300/XC-400/XR-500WG/XR-500 family
|
vers:all/* |
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
SCALANCE XC-300/XR-300/XC-400/XR-500WG/XR-500 family
Siemens / SCALANCE XC-300/XR-300/XC-400/XR-500WG/XR-500 family
|
vers:all/* |
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
SCALANCE XC-300/XR-300/XC-400/XR-500WG/XR-500 family
Siemens / SCALANCE XC-300/XR-300/XC-400/XR-500WG/XR-500 family
|
vers:all/* |
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
SCALANCE XC-300/XR-300/XC-400/XR-500WG/XR-500 family
Siemens / SCALANCE XC-300/XR-300/XC-400/XR-500WG/XR-500 family
|
vers:all/* |
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
SCALANCE XC-300/XR-300/XC-400/XR-500WG/XR-500 family
Siemens / SCALANCE XC-300/XR-300/XC-400/XR-500WG/XR-500 family
|
vers:all/* |
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
SCALANCE XC-300/XR-300/XC-400/XR-500WG/XR-500 family
Siemens / SCALANCE XC-300/XR-300/XC-400/XR-500WG/XR-500 family
|
vers:all/* |
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
SCALANCE XC-300/XR-300/XC-400/XR-500WG/XR-500 family
Siemens / SCALANCE XC-300/XR-300/XC-400/XR-500WG/XR-500 family
|
vers:all/* |
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
SCALANCE XC-300/XR-300/XC-400/XR-500WG/XR-500 family
Siemens / SCALANCE XC-300/XR-300/XC-400/XR-500WG/XR-500 family
|
vers:all/* |
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
SCALANCE XC-300/XR-300/XC-400/XR-500WG/XR-500 family
Siemens / SCALANCE XC-300/XR-300/XC-400/XR-500WG/XR-500 family
|
vers:all/* |
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
SCALANCE XC-300/XR-300/XC-400/XR-500WG/XR-500 family
Siemens / SCALANCE XC-300/XR-300/XC-400/XR-500WG/XR-500 family
|
vers:all/* |
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
SCALANCE XC-300/XR-300/XC-400/XR-500WG/XR-500 family
Siemens / SCALANCE XC-300/XR-300/XC-400/XR-500WG/XR-500 family
|
vers:all/* |
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
SCALANCE XC-300/XR-300/XC-400/XR-500WG/XR-500 family
Siemens / SCALANCE XC-300/XR-300/XC-400/XR-500WG/XR-500 family
|
vers:all/* |
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
RUGGEDCOM RST2428P (6GK6242-6PA00)
Siemens / RUGGEDCOM RST2428P (6GK6242-6PA00)
|
6GK6242-6PA00
|
vers:all/* | |
|
SCALANCE XC-300/XR-300/XC-400/XR-500WG/XR-500 family
Siemens / SCALANCE XC-300/XR-300/XC-400/XR-500WG/XR-500 family
|
vers:all/* | ||
|
SCALANCE XCM-/XRM-/XCH-/XRH-300 family
Siemens / SCALANCE XCM-/XRM-/XCH-/XRH-300 family
|
vers:all/* |
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
SCALANCE XC-300/XR-300/XC-400/XR-500WG/XR-500 family
Siemens / SCALANCE XC-300/XR-300/XC-400/XR-500WG/XR-500 family
|
vers:all/* |
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
SCALANCE XC-300/XR-300/XC-400/XR-500WG/XR-500 family
Siemens / SCALANCE XC-300/XR-300/XC-400/XR-500WG/XR-500 family
|
vers:all/* |
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
SCALANCE XC-300/XR-300/XC-400/XR-500WG/XR-500 family
Siemens / SCALANCE XC-300/XR-300/XC-400/XR-500WG/XR-500 family
|
vers:all/* |
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
SCALANCE XC-300/XR-300/XC-400/XR-500WG/XR-500 family
Siemens / SCALANCE XC-300/XR-300/XC-400/XR-500WG/XR-500 family
|
vers:all/* |
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
SCALANCE XC-300/XR-300/XC-400/XR-500WG/XR-500 family
Siemens / SCALANCE XC-300/XR-300/XC-400/XR-500WG/XR-500 family
|
vers:all/* |
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
SCALANCE XC-300/XR-300/XC-400/XR-500WG/XR-500 family
Siemens / SCALANCE XC-300/XR-300/XC-400/XR-500WG/XR-500 family
|
vers:all/* |
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
SCALANCE XC-300/XR-300/XC-400/XR-500WG/XR-500 family
Siemens / SCALANCE XC-300/XR-300/XC-400/XR-500WG/XR-500 family
|
vers:all/* |
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
SCALANCE XC-300/XR-300/XC-400/XR-500WG/XR-500 family
Siemens / SCALANCE XC-300/XR-300/XC-400/XR-500WG/XR-500 family
|
vers:all/* |
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
SCALANCE XC-300/XR-300/XC-400/XR-500WG/XR-500 family
Siemens / SCALANCE XC-300/XR-300/XC-400/XR-500WG/XR-500 family
|
vers:all/* |
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
SCALANCE XC-300/XR-300/XC-400/XR-500WG/XR-500 family
Siemens / SCALANCE XC-300/XR-300/XC-400/XR-500WG/XR-500 family
|
vers:all/* |
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
SCALANCE XC-300/XR-300/XC-400/XR-500WG/XR-500 family
Siemens / SCALANCE XC-300/XR-300/XC-400/XR-500WG/XR-500 family
|
vers:all/* |
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
SCALANCE XC-300/XR-300/XC-400/XR-500WG/XR-500 family
Siemens / SCALANCE XC-300/XR-300/XC-400/XR-500WG/XR-500 family
|
vers:all/* |
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
SCALANCE XC-300/XR-300/XC-400/XR-500WG/XR-500 family
Siemens / SCALANCE XC-300/XR-300/XC-400/XR-500WG/XR-500 family
|
vers:all/* |
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
SCALANCE XC-300/XR-300/XC-400/XR-500WG/XR-500 family
Siemens / SCALANCE XC-300/XR-300/XC-400/XR-500WG/XR-500 family
|
vers:all/* |
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
SCALANCE XC-300/XR-300/XC-400/XR-500WG/XR-500 family
Siemens / SCALANCE XC-300/XR-300/XC-400/XR-500WG/XR-500 family
|
vers:all/* |
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
SCALANCE XC-300/XR-300/XC-400/XR-500WG/XR-500 family
Siemens / SCALANCE XC-300/XR-300/XC-400/XR-500WG/XR-500 family
|
vers:all/* |
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
SCALANCE XC-300/XR-300/XC-400/XR-500WG/XR-500 family
Siemens / SCALANCE XC-300/XR-300/XC-400/XR-500WG/XR-500 family
|
vers:all/* |
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
SCALANCE XC-300/XR-300/XC-400/XR-500WG/XR-500 family
Siemens / SCALANCE XC-300/XR-300/XC-400/XR-500WG/XR-500 family
|
vers:all/* |
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
SCALANCE XC-300/XR-300/XC-400/XR-500WG/XR-500 family
Siemens / SCALANCE XC-300/XR-300/XC-400/XR-500WG/XR-500 family
|
vers:all/* |
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
SCALANCE XC-300/XR-300/XC-400/XR-500WG/XR-500 family
Siemens / SCALANCE XC-300/XR-300/XC-400/XR-500WG/XR-500 family
|
vers:all/* |
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
SCALANCE XC-300/XR-300/XC-400/XR-500WG/XR-500 family
Siemens / SCALANCE XC-300/XR-300/XC-400/XR-500WG/XR-500 family
|
vers:all/* |
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
SCALANCE XC-300/XR-300/XC-400/XR-500WG/XR-500 family
Siemens / SCALANCE XC-300/XR-300/XC-400/XR-500WG/XR-500 family
|
vers:all/* |
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
SCALANCE XC-300/XR-300/XC-400/XR-500WG/XR-500 family
Siemens / SCALANCE XC-300/XR-300/XC-400/XR-500WG/XR-500 family
|
vers:all/* |
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
SCALANCE XC-300/XR-300/XC-400/XR-500WG/XR-500 family
Siemens / SCALANCE XC-300/XR-300/XC-400/XR-500WG/XR-500 family
|
vers:all/* |
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
SCALANCE XC-300/XR-300/XC-400/XR-500WG/XR-500 family
Siemens / SCALANCE XC-300/XR-300/XC-400/XR-500WG/XR-500 family
|
vers:all/* |
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
SCALANCE XC-300/XR-300/XC-400/XR-500WG/XR-500 family
Siemens / SCALANCE XC-300/XR-300/XC-400/XR-500WG/XR-500 family
|
vers:all/* |
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
SCALANCE XC-300/XR-300/XC-400/XR-500WG/XR-500 family
Siemens / SCALANCE XC-300/XR-300/XC-400/XR-500WG/XR-500 family
|
vers:all/* |
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
SCALANCE XC-300/XR-300/XC-400/XR-500WG/XR-500 family
Siemens / SCALANCE XC-300/XR-300/XC-400/XR-500WG/XR-500 family
|
vers:all/* |
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
SCALANCE XC-300/XR-300/XC-400/XR-500WG/XR-500 family
Siemens / SCALANCE XC-300/XR-300/XC-400/XR-500WG/XR-500 family
|
vers:all/* |
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
SCALANCE XC-300/XR-300/XC-400/XR-500WG/XR-500 family
Siemens / SCALANCE XC-300/XR-300/XC-400/XR-500WG/XR-500 family
|
vers:all/* |
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
SCALANCE XC-300/XR-300/XC-400/XR-500WG/XR-500 family
Siemens / SCALANCE XC-300/XR-300/XC-400/XR-500WG/XR-500 family
|
vers:all/* |
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
SCALANCE XC-300/XR-300/XC-400/XR-500WG/XR-500 family
Siemens / SCALANCE XC-300/XR-300/XC-400/XR-500WG/XR-500 family
|
vers:all/* |
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
SCALANCE XC-300/XR-300/XC-400/XR-500WG/XR-500 family
Siemens / SCALANCE XC-300/XR-300/XC-400/XR-500WG/XR-500 family
|
vers:all/* |
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
SCALANCE XC-300/XR-300/XC-400/XR-500WG/XR-500 family
Siemens / SCALANCE XC-300/XR-300/XC-400/XR-500WG/XR-500 family
|
vers:all/* |
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
SCALANCE XC-300/XR-300/XC-400/XR-500WG/XR-500 family
Siemens / SCALANCE XC-300/XR-300/XC-400/XR-500WG/XR-500 family
|
vers:all/* |
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
SCALANCE XC-300/XR-300/XC-400/XR-500WG/XR-500 family
Siemens / SCALANCE XC-300/XR-300/XC-400/XR-500WG/XR-500 family
|
vers:all/* |
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
SCALANCE XC-300/XR-300/XC-400/XR-500WG/XR-500 family
Siemens / SCALANCE XC-300/XR-300/XC-400/XR-500WG/XR-500 family
|
vers:all/* |
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
SCALANCE XC-300/XR-300/XC-400/XR-500WG/XR-500 family
Siemens / SCALANCE XC-300/XR-300/XC-400/XR-500WG/XR-500 family
|
vers:all/* |
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
SCALANCE XC-300/XR-300/XC-400/XR-500WG/XR-500 family
Siemens / SCALANCE XC-300/XR-300/XC-400/XR-500WG/XR-500 family
|
vers:all/* |
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
SCALANCE XC-300/XR-300/XC-400/XR-500WG/XR-500 family
Siemens / SCALANCE XC-300/XR-300/XC-400/XR-500WG/XR-500 family
|
vers:all/* |
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
SCALANCE XC-300/XR-300/XC-400/XR-500WG/XR-500 family
Siemens / SCALANCE XC-300/XR-300/XC-400/XR-500WG/XR-500 family
|
vers:all/* |
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
SCALANCE XC-300/XR-300/XC-400/XR-500WG/XR-500 family
Siemens / SCALANCE XC-300/XR-300/XC-400/XR-500WG/XR-500 family
|
vers:all/* |
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
SCALANCE XC-300/XR-300/XC-400/XR-500WG/XR-500 family
Siemens / SCALANCE XC-300/XR-300/XC-400/XR-500WG/XR-500 family
|
vers:all/* |
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
SCALANCE XC-300/XR-300/XC-400/XR-500WG/XR-500 family
Siemens / SCALANCE XC-300/XR-300/XC-400/XR-500WG/XR-500 family
|
vers:all/* |
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
SCALANCE XC-300/XR-300/XC-400/XR-500WG/XR-500 family
Siemens / SCALANCE XC-300/XR-300/XC-400/XR-500WG/XR-500 family
|
vers:all/* |
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
SCALANCE XC-300/XR-300/XC-400/XR-500WG/XR-500 family
Siemens / SCALANCE XC-300/XR-300/XC-400/XR-500WG/XR-500 family
|
vers:all/* |
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
SCALANCE XC-300/XR-300/XC-400/XR-500WG/XR-500 family
Siemens / SCALANCE XC-300/XR-300/XC-400/XR-500WG/XR-500 family
|
vers:all/* |
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
SCALANCE XC-300/XR-300/XC-400/XR-500WG/XR-500 family
Siemens / SCALANCE XC-300/XR-300/XC-400/XR-500WG/XR-500 family
|
vers:all/* |
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
SCALANCE XC-300/XR-300/XC-400/XR-500WG/XR-500 family
Siemens / SCALANCE XC-300/XR-300/XC-400/XR-500WG/XR-500 family
|
vers:all/* |
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
SCALANCE XC-300/XR-300/XC-400/XR-500WG/XR-500 family
Siemens / SCALANCE XC-300/XR-300/XC-400/XR-500WG/XR-500 family
|
vers:all/* |
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
SCALANCE XC-300/XR-300/XC-400/XR-500WG/XR-500 family
Siemens / SCALANCE XC-300/XR-300/XC-400/XR-500WG/XR-500 family
|
vers:all/* |
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
SCALANCE XC-300/XR-300/XC-400/XR-500WG/XR-500 family
Siemens / SCALANCE XC-300/XR-300/XC-400/XR-500WG/XR-500 family
|
vers:all/* |
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
SCALANCE XC-300/XR-300/XC-400/XR-500WG/XR-500 family
Siemens / SCALANCE XC-300/XR-300/XC-400/XR-500WG/XR-500 family
|
vers:all/* |
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
SCALANCE XC-300/XR-300/XC-400/XR-500WG/XR-500 family
Siemens / SCALANCE XC-300/XR-300/XC-400/XR-500WG/XR-500 family
|
vers:all/* |
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
SCALANCE XC-300/XR-300/XC-400/XR-500WG/XR-500 family
Siemens / SCALANCE XC-300/XR-300/XC-400/XR-500WG/XR-500 family
|
vers:all/* |
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
SCALANCE XC-300/XR-300/XC-400/XR-500WG/XR-500 family
Siemens / SCALANCE XC-300/XR-300/XC-400/XR-500WG/XR-500 family
|
vers:all/* |
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
SCALANCE XC-300/XR-300/XC-400/XR-500WG/XR-500 family
Siemens / SCALANCE XC-300/XR-300/XC-400/XR-500WG/XR-500 family
|
vers:all/* |
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
SCALANCE XC-300/XR-300/XC-400/XR-500WG/XR-500 family
Siemens / SCALANCE XC-300/XR-300/XC-400/XR-500WG/XR-500 family
|
vers:all/* |
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
SCALANCE XC-300/XR-300/XC-400/XR-500WG/XR-500 family
Siemens / SCALANCE XC-300/XR-300/XC-400/XR-500WG/XR-500 family
|
vers:all/* |
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
SCALANCE XC-300/XR-300/XC-400/XR-500WG/XR-500 family
Siemens / SCALANCE XC-300/XR-300/XC-400/XR-500WG/XR-500 family
|
vers:all/* |
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
SCALANCE XC-300/XR-300/XC-400/XR-500WG/XR-500 family
Siemens / SCALANCE XC-300/XR-300/XC-400/XR-500WG/XR-500 family
|
vers:all/* |
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
SCALANCE XC-300/XR-300/XC-400/XR-500WG/XR-500 family
Siemens / SCALANCE XC-300/XR-300/XC-400/XR-500WG/XR-500 family
|
vers:all/* |
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
SCALANCE XC-300/XR-300/XC-400/XR-500WG/XR-500 family
Siemens / SCALANCE XC-300/XR-300/XC-400/XR-500WG/XR-500 family
|
vers:all/* |
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
SCALANCE XC-300/XR-300/XC-400/XR-500WG/XR-500 family
Siemens / SCALANCE XC-300/XR-300/XC-400/XR-500WG/XR-500 family
|
vers:all/* |
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
SCALANCE XC-300/XR-300/XC-400/XR-500WG/XR-500 family
Siemens / SCALANCE XC-300/XR-300/XC-400/XR-500WG/XR-500 family
|
vers:all/* |
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
SCALANCE XC-300/XR-300/XC-400/XR-500WG/XR-500 family
Siemens / SCALANCE XC-300/XR-300/XC-400/XR-500WG/XR-500 family
|
vers:all/* |
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
SCALANCE XC-300/XR-300/XC-400/XR-500WG/XR-500 family
Siemens / SCALANCE XC-300/XR-300/XC-400/XR-500WG/XR-500 family
|
vers:all/* |
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
SCALANCE XC-300/XR-300/XC-400/XR-500WG/XR-500 family
Siemens / SCALANCE XC-300/XR-300/XC-400/XR-500WG/XR-500 family
|
vers:all/* |
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
SCALANCE XC-300/XR-300/XC-400/XR-500WG/XR-500 family
Siemens / SCALANCE XC-300/XR-300/XC-400/XR-500WG/XR-500 family
|
vers:all/* |
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
SCALANCE XC-300/XR-300/XC-400/XR-500WG/XR-500 family
Siemens / SCALANCE XC-300/XR-300/XC-400/XR-500WG/XR-500 family
|
vers:all/* |
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
SCALANCE XC-300/XR-300/XC-400/XR-500WG/XR-500 family
Siemens / SCALANCE XC-300/XR-300/XC-400/XR-500WG/XR-500 family
|
vers:all/* |
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
SCALANCE XC-300/XR-300/XC-400/XR-500WG/XR-500 family
Siemens / SCALANCE XC-300/XR-300/XC-400/XR-500WG/XR-500 family
|
vers:all/* |
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
SCALANCE XC-300/XR-300/XC-400/XR-500WG/XR-500 family
Siemens / SCALANCE XC-300/XR-300/XC-400/XR-500WG/XR-500 family
|
vers:all/* |
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
SCALANCE XC-300/XR-300/XC-400/XR-500WG/XR-500 family
Siemens / SCALANCE XC-300/XR-300/XC-400/XR-500WG/XR-500 family
|
vers:all/* |
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
SCALANCE XC-300/XR-300/XC-400/XR-500WG/XR-500 family
Siemens / SCALANCE XC-300/XR-300/XC-400/XR-500WG/XR-500 family
|
vers:all/* |
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
SCALANCE XC-300/XR-300/XC-400/XR-500WG/XR-500 family
Siemens / SCALANCE XC-300/XR-300/XC-400/XR-500WG/XR-500 family
|
vers:all/* |
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
SCALANCE XC-300/XR-300/XC-400/XR-500WG/XR-500 family
Siemens / SCALANCE XC-300/XR-300/XC-400/XR-500WG/XR-500 family
|
vers:all/* |
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
SCALANCE XC-300/XR-300/XC-400/XR-500WG/XR-500 family
Siemens / SCALANCE XC-300/XR-300/XC-400/XR-500WG/XR-500 family
|
vers:all/* |
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
SCALANCE XC-300/XR-300/XC-400/XR-500WG/XR-500 family
Siemens / SCALANCE XC-300/XR-300/XC-400/XR-500WG/XR-500 family
|
vers:all/* |
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
SCALANCE XC-300/XR-300/XC-400/XR-500WG/XR-500 family
Siemens / SCALANCE XC-300/XR-300/XC-400/XR-500WG/XR-500 family
|
vers:all/* |
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
SCALANCE XC-300/XR-300/XC-400/XR-500WG/XR-500 family
Siemens / SCALANCE XC-300/XR-300/XC-400/XR-500WG/XR-500 family
|
vers:all/* |
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
SCALANCE XC-300/XR-300/XC-400/XR-500WG/XR-500 family
Siemens / SCALANCE XC-300/XR-300/XC-400/XR-500WG/XR-500 family
|
vers:all/* |
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
SCALANCE XC-300/XR-300/XC-400/XR-500WG/XR-500 family
Siemens / SCALANCE XC-300/XR-300/XC-400/XR-500WG/XR-500 family
|
vers:all/* |
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
SCALANCE XC-300/XR-300/XC-400/XR-500WG/XR-500 family
Siemens / SCALANCE XC-300/XR-300/XC-400/XR-500WG/XR-500 family
|
vers:all/* |
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
SCALANCE XC-300/XR-300/XC-400/XR-500WG/XR-500 family
Siemens / SCALANCE XC-300/XR-300/XC-400/XR-500WG/XR-500 family
|
vers:all/* |
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
SCALANCE XC-300/XR-300/XC-400/XR-500WG/XR-500 family
Siemens / SCALANCE XC-300/XR-300/XC-400/XR-500WG/XR-500 family
|
vers:all/* |
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
SCALANCE XC-300/XR-300/XC-400/XR-500WG/XR-500 family
Siemens / SCALANCE XC-300/XR-300/XC-400/XR-500WG/XR-500 family
|
vers:all/* |
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
SCALANCE XC-300/XR-300/XC-400/XR-500WG/XR-500 family
Siemens / SCALANCE XC-300/XR-300/XC-400/XR-500WG/XR-500 family
|
vers:all/* |
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
SCALANCE XC-300/XR-300/XC-400/XR-500WG/XR-500 family
Siemens / SCALANCE XC-300/XR-300/XC-400/XR-500WG/XR-500 family
|
vers:all/* |
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
SCALANCE XC-300/XR-300/XC-400/XR-500WG/XR-500 family
Siemens / SCALANCE XC-300/XR-300/XC-400/XR-500WG/XR-500 family
|
vers:all/* |
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
SCALANCE XC-300/XR-300/XC-400/XR-500WG/XR-500 family
Siemens / SCALANCE XC-300/XR-300/XC-400/XR-500WG/XR-500 family
|
vers:all/* |
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
SCALANCE XC-300/XR-300/XC-400/XR-500WG/XR-500 family
Siemens / SCALANCE XC-300/XR-300/XC-400/XR-500WG/XR-500 family
|
vers:all/* |
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
SCALANCE XC-300/XR-300/XC-400/XR-500WG/XR-500 family
Siemens / SCALANCE XC-300/XR-300/XC-400/XR-500WG/XR-500 family
|
vers:all/* |
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
SCALANCE XC-300/XR-300/XC-400/XR-500WG/XR-500 family
Siemens / SCALANCE XC-300/XR-300/XC-400/XR-500WG/XR-500 family
|
vers:all/* |
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
SCALANCE XC-300/XR-300/XC-400/XR-500WG/XR-500 family
Siemens / SCALANCE XC-300/XR-300/XC-400/XR-500WG/XR-500 family
|
vers:all/* |
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
SCALANCE XC-300/XR-300/XC-400/XR-500WG/XR-500 family
Siemens / SCALANCE XC-300/XR-300/XC-400/XR-500WG/XR-500 family
|
vers:all/* |
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
SCALANCE XC-300/XR-300/XC-400/XR-500WG/XR-500 family
Siemens / SCALANCE XC-300/XR-300/XC-400/XR-500WG/XR-500 family
|
vers:all/* |
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
SCALANCE XC-300/XR-300/XC-400/XR-500WG/XR-500 family
Siemens / SCALANCE XC-300/XR-300/XC-400/XR-500WG/XR-500 family
|
vers:all/* |
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
SCALANCE XC-300/XR-300/XC-400/XR-500WG/XR-500 family
Siemens / SCALANCE XC-300/XR-300/XC-400/XR-500WG/XR-500 family
|
vers:all/* |
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
SCALANCE XC-300/XR-300/XC-400/XR-500WG/XR-500 family
Siemens / SCALANCE XC-300/XR-300/XC-400/XR-500WG/XR-500 family
|
vers:all/* |
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
SCALANCE XC-300/XR-300/XC-400/XR-500WG/XR-500 family
Siemens / SCALANCE XC-300/XR-300/XC-400/XR-500WG/XR-500 family
|
vers:all/* |
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
SCALANCE XC-300/XR-300/XC-400/XR-500WG/XR-500 family
Siemens / SCALANCE XC-300/XR-300/XC-400/XR-500WG/XR-500 family
|
vers:all/* |
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
SCALANCE XC-300/XR-300/XC-400/XR-500WG/XR-500 family
Siemens / SCALANCE XC-300/XR-300/XC-400/XR-500WG/XR-500 family
|
vers:all/* |
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
SCALANCE XC-300/XR-300/XC-400/XR-500WG/XR-500 family
Siemens / SCALANCE XC-300/XR-300/XC-400/XR-500WG/XR-500 family
|
vers:all/* |
{
"document": {
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Disclosure is not limited. (TLPv2: TLP:CLEAR)",
"tlp": {
"label": "WHITE"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "SINEC OS before V3.1 contains third-party components with multiple vulnerabilities.\n\nSiemens has released new versions for the affected products and recommends to update to the latest versions.",
"title": "Summary"
},
{
"category": "general",
"text": "As a general security measure, Siemens strongly recommends to protect network access to devices with appropriate mechanisms. In order to operate the devices in a protected IT environment, Siemens recommends to configure the environment according to Siemens\u0027 operational guidelines for Industrial Security (Download: https://www.siemens.com/cert/operational-guidelines-industrial-security), and to follow the recommendations in the product manuals.\nAdditional information on Industrial Security by Siemens can be found at: https://www.siemens.com/industrialsecurity",
"title": "General Recommendations"
},
{
"category": "general",
"text": "For further inquiries on security vulnerabilities in Siemens products and solutions, please contact the Siemens ProductCERT: https://www.siemens.com/cert/advisories",
"title": "Additional Resources"
},
{
"category": "legal_disclaimer",
"text": "The use of Siemens Security Advisories is subject to the terms and conditions listed on: https://www.siemens.com/productcert/terms-of-use.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "productcert@siemens.com",
"name": "Siemens ProductCERT",
"namespace": "https://www.siemens.com"
},
"references": [
{
"category": "self",
"summary": "SSA-613116: Multiple Vulnerabilities in Third-Party Components in SINEC OS before V3.1 - HTML Version",
"url": "https://cert-portal.siemens.com/productcert/html/ssa-613116.html"
},
{
"category": "self",
"summary": "SSA-613116: Multiple Vulnerabilities in Third-Party Components in SINEC OS before V3.1 - CSAF Version",
"url": "https://cert-portal.siemens.com/productcert/csaf/ssa-613116.json"
}
],
"title": "SSA-613116: Multiple Vulnerabilities in Third-Party Components in SINEC OS before V3.1",
"tracking": {
"current_release_date": "2026-02-24T00:00:00Z",
"generator": {
"engine": {
"name": "Siemens ProductCERT CSAF Generator",
"version": "1"
}
},
"id": "SSA-613116",
"initial_release_date": "2025-08-12T00:00:00Z",
"revision_history": [
{
"date": "2025-08-12T00:00:00Z",
"legacy_version": "1.0",
"number": "1",
"summary": "Publication Date"
},
{
"date": "2026-02-12T00:00:00Z",
"legacy_version": "1.1",
"number": "2",
"summary": "Corrected list of Affected Products and moved entries to Known Not Affected Products"
},
{
"date": "2026-02-24T00:00:00Z",
"legacy_version": "1.2",
"number": "3",
"summary": "Removed Additional Information note as no SinecOS version lower than 3.1 is supported for SCALANCE XC-300/XR-300/XC-400/XR-500WG/XR-500 family. Removed rejected CVEs (CVE-2024-3950, CVE-2024-44952)"
}
],
"status": "interim",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version_range",
"name": "vers:all/*",
"product": {
"name": "RUGGEDCOM RST2428P (6GK6242-6PA00)",
"product_id": "1",
"product_identification_helper": {
"model_numbers": [
"6GK6242-6PA00"
]
}
}
},
{
"category": "product_version_range",
"name": "vers:intdot/\u003c3.1",
"product": {
"name": "RUGGEDCOM RST2428P (6GK6242-6PA00)",
"product_id": "2",
"product_identification_helper": {
"model_numbers": [
"6GK6242-6PA00"
]
}
}
}
],
"category": "product_name",
"name": "RUGGEDCOM RST2428P (6GK6242-6PA00)"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:all/*",
"product": {
"name": "SCALANCE XC-300/XR-300/XC-400/XR-500WG/XR-500 family",
"product_id": "3"
}
}
],
"category": "product_name",
"name": "SCALANCE XC-300/XR-300/XC-400/XR-500WG/XR-500 family"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:all/*",
"product": {
"name": "SCALANCE XCM-/XRM-/XCH-/XRH-300 family",
"product_id": "4"
}
},
{
"category": "product_version_range",
"name": "vers:intdot/\u003c3.1",
"product": {
"name": "SCALANCE XCM-/XRM-/XCH-/XRH-300 family",
"product_id": "5"
}
}
],
"category": "product_name",
"name": "SCALANCE XCM-/XRM-/XCH-/XRH-300 family"
}
],
"category": "vendor",
"name": "Siemens"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2021-44879",
"cwe": {
"id": "CWE-476",
"name": "NULL Pointer Dereference"
},
"notes": [
{
"category": "summary",
"text": "In gc_data_segment in fs/f2fs/gc.c in the Linux kernel before 5.16.3, special files are not considered, leading to a move_data_page NULL pointer dereference.",
"title": "Summary"
}
],
"product_status": {
"known_not_affected": [
"1",
"3",
"4"
]
},
"threats": [
{
"category": "impact",
"details": "Misinformed",
"product_ids": [
"1",
"4",
"3"
]
}
],
"title": "CVE-2021-44879"
},
{
"cve": "CVE-2022-48655",
"cwe": {
"id": "CWE-125",
"name": "Out-of-bounds Read"
},
"notes": [
{
"category": "summary",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nfirmware: arm_scmi: Harden accesses to the reset domains\n\nAccessing reset domains descriptors by the index upon the SCMI drivers\nrequests through the SCMI reset operations interface can potentially\nlead to out-of-bound violations if the SCMI driver misbehave.\n\nAdd an internal consistency check before any such domains descriptors\naccesses.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"2",
"5"
],
"known_not_affected": [
"3"
]
},
"remediations": [
{
"category": "vendor_fix",
"details": "Update to V3.1 or later version",
"product_ids": [
"2",
"5"
],
"url": "https://support.industry.siemens.com/cs/ww/en/view/109977557/"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.1,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"2",
"5"
]
}
],
"threats": [
{
"category": "impact",
"details": "Misinformed",
"product_ids": [
"3"
]
}
],
"title": "CVE-2022-48655"
},
{
"cve": "CVE-2022-48772",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"notes": [
{
"category": "summary",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nmedia: lgdt3306a: Add a check against null-pointer-def\n\nThe driver should check whether the client provides the platform_data.\n\nThe following log reveals it:\n\n[ 29.610324] BUG: KASAN: null-ptr-deref in kmemdup+0x30/0x40\n[ 29.610730] Read of size 40 at addr 0000000000000000 by task bash/414\n[ 29.612820] Call Trace:\n[ 29.613030] \u003cTASK\u003e\n[ 29.613201] dump_stack_lvl+0x56/0x6f\n[ 29.613496] ? kmemdup+0x30/0x40\n[ 29.613754] print_report.cold+0x494/0x6b7\n[ 29.614082] ? kmemdup+0x30/0x40\n[ 29.614340] kasan_report+0x8a/0x190\n[ 29.614628] ? kmemdup+0x30/0x40\n[ 29.614888] kasan_check_range+0x14d/0x1d0\n[ 29.615213] memcpy+0x20/0x60\n[ 29.615454] kmemdup+0x30/0x40\n[ 29.615700] lgdt3306a_probe+0x52/0x310\n[ 29.616339] i2c_device_probe+0x951/0xa90",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"2",
"5"
],
"known_not_affected": [
"3"
]
},
"remediations": [
{
"category": "vendor_fix",
"details": "Update to V3.1 or later version",
"product_ids": [
"2",
"5"
],
"url": "https://support.industry.siemens.com/cs/ww/en/view/109977557/"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 0.0,
"baseSeverity": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:N/A:N",
"version": "3.1"
},
"products": [
"2",
"5"
]
}
],
"threats": [
{
"category": "impact",
"details": "Misinformed",
"product_ids": [
"3"
]
}
],
"title": "CVE-2022-48772"
},
{
"cve": "CVE-2022-48935",
"cwe": {
"id": "CWE-416",
"name": "Use After Free"
},
"notes": [
{
"category": "summary",
"text": "In the Linux kernel, the following vulnerability has been resolved:\r\n\r\nnetfilter: nf_tables: unregister flowtable hooks on netns exit",
"title": "Summary"
}
],
"product_status": {
"known_not_affected": [
"1",
"3",
"4"
]
},
"threats": [
{
"category": "impact",
"details": "Misinformed",
"product_ids": [
"1",
"4",
"3"
]
}
],
"title": "CVE-2022-48935"
},
{
"cve": "CVE-2023-3567",
"cwe": {
"id": "CWE-416",
"name": "Use After Free"
},
"notes": [
{
"category": "summary",
"text": "A use-after-free flaw was found in vcs_read in drivers/tty/vt/vc_screen.c in vc_screen in the Linux Kernel. This issue may allow an attacker with local user access to cause a system crash or leak internal kernel information.",
"title": "Summary"
}
],
"product_status": {
"known_not_affected": [
"1",
"3",
"4"
]
},
"threats": [
{
"category": "impact",
"details": "Misinformed",
"product_ids": [
"1",
"4",
"3"
]
}
],
"title": "CVE-2023-3567"
},
{
"cve": "CVE-2023-5178",
"cwe": {
"id": "CWE-416",
"name": "Use After Free"
},
"notes": [
{
"category": "summary",
"text": "A use-after-free vulnerability was found in drivers/nvme/target/tcp.c` in `nvmet_tcp_free_crypto` due to a logical bug in the NVMe-oF/TCP subsystem in the Linux kernel. This issue may allow a malicious local privileged user to cause a use-after-free and double-free problem, which may permit remote code execution or lead to local privilege escalation problem.",
"title": "Summary"
}
],
"product_status": {
"known_not_affected": [
"1",
"3",
"4"
]
},
"threats": [
{
"category": "impact",
"details": "Misinformed",
"product_ids": [
"1",
"4",
"3"
]
}
],
"title": "CVE-2023-5178"
},
{
"cve": "CVE-2023-5678",
"cwe": {
"id": "CWE-606",
"name": "Unchecked Input for Loop Condition"
},
"notes": [
{
"category": "summary",
"text": "Issue summary: Generating excessively long X9.42 DH keys or checking excessively long X9.42 DH keys or parameters may be very slow. Impact summary: Applications that use the functions DH_generate_key() to generate an X9.42 DH key may experience long delays. Likewise, applications that use DH_check_pub_key(), DH_check_pub_key_ex() or EVP_PKEY_public_check() to check an X9.42 DH key or X9.42 DH parameters may experience long delays. Where the key or parameters that are being checked have been obtained from an untrusted source this may lead to a Denial of Service. While DH_check() performs all the necessary checks (as of CVE-2023-3817), DH_check_pub_key() doesn\u0027t make any of these checks, and is therefore vulnerable for excessively large P and Q parameters. Likewise, while DH_generate_key() performs a check for an excessively large P, it doesn\u0027t check for an excessively large Q. An application that calls DH_generate_key() or DH_check_pub_key() and supplies a key or parameters obtained from an untrusted source could be vulnerable to a Denial of Service attack. DH_generate_key() and DH_check_pub_key() are also called by a number of other OpenSSL functions. An application calling any of those other functions may similarly be affected. The other functions affected by this are DH_check_pub_key_ex(), EVP_PKEY_public_check(), and EVP_PKEY_generate(). Also vulnerable are the OpenSSL pkey command line application when using the \"-pubcheck\" option, as well as the OpenSSL genpkey command line application. The OpenSSL SSL/TLS implementation is not affected by this issue. The OpenSSL 3.0 and 3.1 FIPS providers are not affected by this issue.",
"title": "Summary"
}
],
"product_status": {
"known_not_affected": [
"1",
"3",
"4"
]
},
"threats": [
{
"category": "impact",
"details": "Misinformed",
"product_ids": [
"1",
"4",
"3"
]
}
],
"title": "CVE-2023-5678"
},
{
"cve": "CVE-2023-5717",
"cwe": {
"id": "CWE-787",
"name": "Out-of-bounds Write"
},
"notes": [
{
"category": "summary",
"text": "A heap out-of-bounds write vulnerability in the Linux kernel\u0027s Linux Kernel Performance Events (perf) component can be exploited to achieve local privilege escalation.\r\n\r\nIf perf_read_group() is called while an event\u0027s sibling_list is smaller than its child\u0027s sibling_list, it can increment or write to memory locations outside of the allocated buffer.\r\n\r\nWe recommend upgrading past commit 32671e3799ca2e4590773fd0e63aaa4229e50c06.",
"title": "Summary"
}
],
"product_status": {
"known_not_affected": [
"1",
"3",
"4"
]
},
"threats": [
{
"category": "impact",
"details": "Misinformed",
"product_ids": [
"1",
"4",
"3"
]
}
],
"title": "CVE-2023-5717"
},
{
"cve": "CVE-2023-6040",
"cwe": {
"id": "CWE-125",
"name": "Out-of-bounds Read"
},
"notes": [
{
"category": "summary",
"text": "An out-of-bounds access vulnerability involving netfilter was reported and fixed as: f1082dd31fe4 (netfilter: nf_tables: Reject tables of unsupported family); While creating a new netfilter table, lack of a safeguard against invalid nf_tables family (pf) values within `nf_tables_newtable` function enables an attacker to achieve out-of-bounds access.",
"title": "Summary"
}
],
"product_status": {
"known_not_affected": [
"1",
"3",
"4"
]
},
"threats": [
{
"category": "impact",
"details": "Misinformed",
"product_ids": [
"1",
"4",
"3"
]
}
],
"title": "CVE-2023-6040"
},
{
"cve": "CVE-2023-6121",
"cwe": {
"id": "CWE-125",
"name": "Out-of-bounds Read"
},
"notes": [
{
"category": "summary",
"text": "An out-of-bounds read vulnerability was found in the NVMe-oF/TCP subsystem in the Linux kernel. This issue may allow a remote attacker to send a crafted TCP packet, triggering a heap-based buffer overflow that results in kmalloc data being printed and potentially leaked to the kernel ring buffer (dmesg).",
"title": "Summary"
}
],
"product_status": {
"known_not_affected": [
"1",
"3",
"4"
]
},
"threats": [
{
"category": "impact",
"details": "Misinformed",
"product_ids": [
"1",
"4",
"3"
]
}
],
"title": "CVE-2023-6121"
},
{
"cve": "CVE-2023-6606",
"cwe": {
"id": "CWE-125",
"name": "Out-of-bounds Read"
},
"notes": [
{
"category": "summary",
"text": "An out-of-bounds read vulnerability was found in smbCalcSize in fs/smb/client/netmisc.c in the Linux Kernel. This issue could allow a local attacker to crash the system or leak internal kernel information.",
"title": "Summary"
}
],
"product_status": {
"known_not_affected": [
"1",
"3",
"4"
]
},
"threats": [
{
"category": "impact",
"details": "Misinformed",
"product_ids": [
"1",
"4",
"3"
]
}
],
"title": "CVE-2023-6606"
},
{
"cve": "CVE-2023-6931",
"cwe": {
"id": "CWE-787",
"name": "Out-of-bounds Write"
},
"notes": [
{
"category": "summary",
"text": "A heap out-of-bounds write vulnerability in the Linux kernel\u0027s Performance Events system component can be exploited to achieve local privilege escalation.\n\nA perf_event\u0027s read_size can overflow, leading to an heap out-of-bounds increment or write in perf_read_group().\n\nWe recommend upgrading past commit 382c27f4ed28f803b1f1473ac2d8db0afc795a1b.",
"title": "Summary"
}
],
"product_status": {
"known_not_affected": [
"1",
"3",
"4"
]
},
"threats": [
{
"category": "impact",
"details": "Misinformed",
"product_ids": [
"1",
"4",
"3"
]
}
],
"title": "CVE-2023-6931"
},
{
"cve": "CVE-2023-6932",
"cwe": {
"id": "CWE-416",
"name": "Use After Free"
},
"notes": [
{
"category": "summary",
"text": "A use-after-free vulnerability in the Linux kernel\u0027s ipv4: igmp component can be exploited to achieve local privilege escalation.\n\nA race condition can be exploited to cause a timer be mistakenly registered on a RCU read locked object which is freed by another thread.\n\nWe recommend upgrading past commit e2b706c691905fe78468c361aaabc719d0a496f1.",
"title": "Summary"
}
],
"product_status": {
"known_not_affected": [
"1",
"3",
"4"
]
},
"threats": [
{
"category": "impact",
"details": "Misinformed",
"product_ids": [
"1",
"4",
"3"
]
}
],
"title": "CVE-2023-6932"
},
{
"cve": "CVE-2023-35827",
"cwe": {
"id": "CWE-416",
"name": "Use After Free"
},
"notes": [
{
"category": "summary",
"text": "An issue was discovered in the Linux kernel through 6.3.8. A use-after-free was found in ravb_remove in drivers/net/ethernet/renesas/ravb_main.c.",
"title": "Summary"
}
],
"product_status": {
"known_not_affected": [
"1",
"3",
"4"
]
},
"threats": [
{
"category": "impact",
"details": "Misinformed",
"product_ids": [
"1",
"4",
"3"
]
}
],
"title": "CVE-2023-35827"
},
{
"cve": "CVE-2023-39198",
"cwe": {
"id": "CWE-416",
"name": "Use After Free"
},
"notes": [
{
"category": "summary",
"text": "A race condition was found in the QXL driver in the Linux kernel. The qxl_mode_dumb_create() function dereferences the qobj returned by the qxl_gem_object_create_with_handle(), but the handle is the only one holding a reference to it. This flaw allows an attacker to guess the returned handle value and trigger a use-after-free issue, potentially leading to a denial of service or privilege escalation.",
"title": "Summary"
}
],
"product_status": {
"known_not_affected": [
"1",
"3",
"4"
]
},
"threats": [
{
"category": "impact",
"details": "Misinformed",
"product_ids": [
"1",
"4",
"3"
]
}
],
"title": "CVE-2023-39198"
},
{
"cve": "CVE-2023-45863",
"cwe": {
"id": "CWE-787",
"name": "Out-of-bounds Write"
},
"notes": [
{
"category": "summary",
"text": "An issue was discovered in lib/kobject.c in the Linux kernel before 6.2.3. With root access, an attacker can trigger a race condition that results in a fill_kobj_path out-of-bounds write.",
"title": "Summary"
}
],
"product_status": {
"known_not_affected": [
"1",
"3",
"4"
]
},
"threats": [
{
"category": "impact",
"details": "Misinformed",
"product_ids": [
"1",
"4",
"3"
]
}
],
"title": "CVE-2023-45863"
},
{
"cve": "CVE-2023-46343",
"cwe": {
"id": "CWE-476",
"name": "NULL Pointer Dereference"
},
"notes": [
{
"category": "summary",
"text": "In the Linux kernel before 6.5.9, there is a NULL pointer dereference in send_acknowledge in net/nfc/nci/spi.c.",
"title": "Summary"
}
],
"product_status": {
"known_not_affected": [
"1",
"3",
"4"
]
},
"threats": [
{
"category": "impact",
"details": "Misinformed",
"product_ids": [
"1",
"4",
"3"
]
}
],
"title": "CVE-2023-46343"
},
{
"cve": "CVE-2023-51779",
"cwe": {
"id": "CWE-416",
"name": "Use After Free"
},
"notes": [
{
"category": "summary",
"text": "bt_sock_recvmsg in net/bluetooth/af_bluetooth.c in the Linux kernel through 6.6.8 has a use-after-free because of a bt_sock_ioctl race condition.",
"title": "Summary"
}
],
"product_status": {
"known_not_affected": [
"1",
"3",
"4"
]
},
"threats": [
{
"category": "impact",
"details": "Misinformed",
"product_ids": [
"1",
"4",
"3"
]
}
],
"title": "CVE-2023-51779"
},
{
"cve": "CVE-2023-51780",
"cwe": {
"id": "CWE-416",
"name": "Use After Free"
},
"notes": [
{
"category": "summary",
"text": "An issue was discovered in the Linux kernel before 6.6.8. do_vcc_ioctl in net/atm/ioctl.c has a use-after-free because of a vcc_recvmsg race condition.",
"title": "Summary"
}
],
"product_status": {
"known_not_affected": [
"1",
"3",
"4"
]
},
"threats": [
{
"category": "impact",
"details": "Misinformed",
"product_ids": [
"1",
"4",
"3"
]
}
],
"title": "CVE-2023-51780"
},
{
"cve": "CVE-2023-51781",
"cwe": {
"id": "CWE-416",
"name": "Use After Free"
},
"notes": [
{
"category": "summary",
"text": "An issue was discovered in the Linux kernel before 6.6.8. atalk_ioctl in net/appletalk/ddp.c has a use-after-free because of an atalk_recvmsg race condition.",
"title": "Summary"
}
],
"product_status": {
"known_not_affected": [
"1",
"3",
"4"
]
},
"threats": [
{
"category": "impact",
"details": "Misinformed",
"product_ids": [
"1",
"4",
"3"
]
}
],
"title": "CVE-2023-51781"
},
{
"cve": "CVE-2023-51782",
"cwe": {
"id": "CWE-416",
"name": "Use After Free"
},
"notes": [
{
"category": "summary",
"text": "An issue was discovered in the Linux kernel before 6.6.8. rose_ioctl in net/rose/af_rose.c has a use-after-free because of a rose_accept race condition.",
"title": "Summary"
}
],
"product_status": {
"known_not_affected": [
"1",
"3",
"4"
]
},
"threats": [
{
"category": "impact",
"details": "Misinformed",
"product_ids": [
"1",
"4",
"3"
]
}
],
"title": "CVE-2023-51782"
},
{
"cve": "CVE-2023-52340",
"cwe": {
"id": "CWE-400",
"name": "Uncontrolled Resource Consumption"
},
"notes": [
{
"category": "summary",
"text": "The IPv6 implementation in the Linux kernel before 6.3 has a net/ipv6/route.c max_size threshold that can be consumed easily, e.g., leading to a denial of service (network is unreachable errors) when IPv6 packets are sent in a loop via a raw socket.",
"title": "Summary"
}
],
"product_status": {
"known_not_affected": [
"1",
"3",
"4"
]
},
"threats": [
{
"category": "impact",
"details": "Misinformed",
"product_ids": [
"1",
"4",
"3"
]
}
],
"title": "CVE-2023-52340"
},
{
"cve": "CVE-2023-52433",
"cwe": {
"id": "CWE-311",
"name": "Missing Encryption of Sensitive Data"
},
"notes": [
{
"category": "summary",
"text": "In the Linux kernel, the following vulnerability has been resolved:\r\n\r\nnetfilter: nft_set_rbtree: skip sync GC for new elements in this transaction",
"title": "Summary"
}
],
"product_status": {
"known_not_affected": [
"1",
"3",
"4"
]
},
"threats": [
{
"category": "impact",
"details": "Misinformed",
"product_ids": [
"1",
"4",
"3"
]
}
],
"title": "CVE-2023-52433"
},
{
"cve": "CVE-2023-52435",
"cwe": {
"id": "CWE-119",
"name": "Improper Restriction of Operations within the Bounds of a Memory Buffer"
},
"notes": [
{
"category": "summary",
"text": "In the Linux kernel, the following vulnerability has been resolved:\r\n\r\nnet: prevent mss overflow in skb_segment()",
"title": "Summary"
}
],
"product_status": {
"known_not_affected": [
"1",
"3",
"4"
]
},
"threats": [
{
"category": "impact",
"details": "Misinformed",
"product_ids": [
"1",
"4",
"3"
]
}
],
"title": "CVE-2023-52435"
},
{
"cve": "CVE-2023-52475",
"cwe": {
"id": "CWE-416",
"name": "Use After Free"
},
"notes": [
{
"category": "summary",
"text": "In the Linux kernel, the following vulnerability has been resolved:\r\n\r\nInput: powermate - fix use-after-free in powermate_config_complete",
"title": "Summary"
}
],
"product_status": {
"known_not_affected": [
"1",
"3",
"4"
]
},
"threats": [
{
"category": "impact",
"details": "Misinformed",
"product_ids": [
"1",
"4",
"3"
]
}
],
"title": "CVE-2023-52475"
},
{
"cve": "CVE-2023-52477",
"cwe": {
"id": "CWE-476",
"name": "NULL Pointer Dereference"
},
"notes": [
{
"category": "summary",
"text": "In the Linux kernel, the following vulnerability has been resolved:\r\n\r\nusb: hub: Guard against accesses to uninitialized BOS descriptors",
"title": "Summary"
}
],
"product_status": {
"known_not_affected": [
"1",
"3",
"4"
]
},
"threats": [
{
"category": "impact",
"details": "Misinformed",
"product_ids": [
"1",
"4",
"3"
]
}
],
"title": "CVE-2023-52477"
},
{
"cve": "CVE-2023-52478",
"cwe": {
"id": "CWE-362",
"name": "Concurrent Execution using Shared Resource with Improper Synchronization (\u0027Race Condition\u0027)"
},
"notes": [
{
"category": "summary",
"text": "In the Linux kernel, the following vulnerability has been resolved:\r\n\r\nHID: logitech-hidpp: Fix kernel crash on receiver USB disconnect",
"title": "Summary"
}
],
"product_status": {
"known_not_affected": [
"1",
"3",
"4"
]
},
"threats": [
{
"category": "impact",
"details": "Misinformed",
"product_ids": [
"1",
"4",
"3"
]
}
],
"title": "CVE-2023-52478"
},
{
"cve": "CVE-2023-52486",
"cwe": {
"id": "CWE-311",
"name": "Missing Encryption of Sensitive Data"
},
"notes": [
{
"category": "summary",
"text": "In the Linux kernel, the following vulnerability has been resolved:\r\n\r\ndrm: Don\u0027t unref the same fb many times by mistake due to deadlock handling",
"title": "Summary"
}
],
"product_status": {
"known_not_affected": [
"1",
"3",
"4"
]
},
"threats": [
{
"category": "impact",
"details": "Misinformed",
"product_ids": [
"1",
"4",
"3"
]
}
],
"title": "CVE-2023-52486"
},
{
"cve": "CVE-2023-52502",
"cwe": {
"id": "CWE-362",
"name": "Concurrent Execution using Shared Resource with Improper Synchronization (\u0027Race Condition\u0027)"
},
"notes": [
{
"category": "summary",
"text": "In the Linux kernel, the following vulnerability has been resolved:\r\n\r\nnet: nfc: fix races in nfc_llcp_sock_get() and nfc_llcp_sock_get_sn()",
"title": "Summary"
}
],
"product_status": {
"known_not_affected": [
"1",
"3",
"4"
]
},
"threats": [
{
"category": "impact",
"details": "Misinformed",
"product_ids": [
"1",
"4",
"3"
]
}
],
"title": "CVE-2023-52502"
},
{
"cve": "CVE-2023-52504",
"cwe": {
"id": "CWE-125",
"name": "Out-of-bounds Read"
},
"notes": [
{
"category": "summary",
"text": "In the Linux kernel, the following vulnerability has been resolved:\r\n\r\nx86/alternatives: Disable KASAN in apply_alternatives()",
"title": "Summary"
}
],
"product_status": {
"known_not_affected": [
"1",
"3",
"4"
]
},
"threats": [
{
"category": "impact",
"details": "Misinformed",
"product_ids": [
"1",
"4",
"3"
]
}
],
"title": "CVE-2023-52504"
},
{
"cve": "CVE-2023-52507",
"cwe": {
"id": "CWE-125",
"name": "Out-of-bounds Read"
},
"notes": [
{
"category": "summary",
"text": "In the Linux kernel, the following vulnerability has been resolved:\r\n\r\nnfc: nci: assert requested protocol is valid",
"title": "Summary"
}
],
"product_status": {
"known_not_affected": [
"1",
"3",
"4"
]
},
"threats": [
{
"category": "impact",
"details": "Misinformed",
"product_ids": [
"1",
"4",
"3"
]
}
],
"title": "CVE-2023-52507"
},
{
"cve": "CVE-2023-52509",
"cwe": {
"id": "CWE-416",
"name": "Use After Free"
},
"notes": [
{
"category": "summary",
"text": "In the Linux kernel, the following vulnerability has been resolved:\r\n\r\nravb: Fix use-after-free issue in ravb_tx_timeout_work()",
"title": "Summary"
}
],
"product_status": {
"known_not_affected": [
"1",
"3",
"4"
]
},
"threats": [
{
"category": "impact",
"details": "Misinformed",
"product_ids": [
"1",
"4",
"3"
]
}
],
"title": "CVE-2023-52509"
},
{
"cve": "CVE-2023-52510",
"cwe": {
"id": "CWE-416",
"name": "Use After Free"
},
"notes": [
{
"category": "summary",
"text": "In the Linux kernel, the following vulnerability has been resolved:\r\n\r\nieee802154: ca8210: Fix a potential UAF in ca8210_probe",
"title": "Summary"
}
],
"product_status": {
"known_not_affected": [
"1",
"3",
"4"
]
},
"threats": [
{
"category": "impact",
"details": "Misinformed",
"product_ids": [
"1",
"4",
"3"
]
}
],
"title": "CVE-2023-52510"
},
{
"cve": "CVE-2023-52581",
"cwe": {
"id": "CWE-311",
"name": "Missing Encryption of Sensitive Data"
},
"notes": [
{
"category": "summary",
"text": "In the Linux kernel, the following vulnerability has been resolved:\r\n\r\nnetfilter: nf_tables: fix memleak when more than 255 elements expired",
"title": "Summary"
}
],
"product_status": {
"known_not_affected": [
"1",
"3",
"4"
]
},
"threats": [
{
"category": "impact",
"details": "Misinformed",
"product_ids": [
"1",
"4",
"3"
]
}
],
"title": "CVE-2023-52581"
},
{
"cve": "CVE-2023-52583",
"cwe": {
"id": "CWE-833",
"name": "Deadlock"
},
"notes": [
{
"category": "summary",
"text": "In the Linux kernel, the following vulnerability has been resolved:\r\n\r\nceph: fix deadlock or deadcode of misusing dget()",
"title": "Summary"
}
],
"product_status": {
"known_not_affected": [
"1",
"3",
"4"
]
},
"threats": [
{
"category": "impact",
"details": "Misinformed",
"product_ids": [
"1",
"4",
"3"
]
}
],
"title": "CVE-2023-52583"
},
{
"cve": "CVE-2023-52587",
"cwe": {
"id": "CWE-413",
"name": "Improper Resource Locking"
},
"notes": [
{
"category": "summary",
"text": "In the Linux kernel, the following vulnerability has been resolved:\r\n\r\nIB/ipoib: Fix mcast list locking",
"title": "Summary"
}
],
"product_status": {
"known_not_affected": [
"1",
"3",
"4"
]
},
"threats": [
{
"category": "impact",
"details": "Misinformed",
"product_ids": [
"1",
"4",
"3"
]
}
],
"title": "CVE-2023-52587"
},
{
"cve": "CVE-2023-52594",
"cwe": {
"id": "CWE-125",
"name": "Out-of-bounds Read"
},
"notes": [
{
"category": "summary",
"text": "In the Linux kernel, the following vulnerability has been resolved:\r\n\r\nwifi: ath9k: Fix potential array-index-out-of-bounds read in ath9k_htc_txstatus()",
"title": "Summary"
}
],
"product_status": {
"known_not_affected": [
"1",
"3",
"4"
]
},
"threats": [
{
"category": "impact",
"details": "Misinformed",
"product_ids": [
"1",
"4",
"3"
]
}
],
"title": "CVE-2023-52594"
},
{
"cve": "CVE-2023-52595",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"notes": [
{
"category": "summary",
"text": "In the Linux kernel, the following vulnerability has been resolved:\r\n\r\nwifi: rt2x00: restart beacon queue when hardware reset",
"title": "Summary"
}
],
"product_status": {
"known_not_affected": [
"1",
"3",
"4"
]
},
"threats": [
{
"category": "impact",
"details": "Misinformed",
"product_ids": [
"1",
"4",
"3"
]
}
],
"title": "CVE-2023-52595"
},
{
"cve": "CVE-2023-52597",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"notes": [
{
"category": "summary",
"text": "In the Linux kernel, the following vulnerability has been resolved:\r\n\r\nKVM: s390: fix setting of fpc register",
"title": "Summary"
}
],
"product_status": {
"known_not_affected": [
"1",
"3",
"4"
]
},
"threats": [
{
"category": "impact",
"details": "Misinformed",
"product_ids": [
"1",
"4",
"3"
]
}
],
"title": "CVE-2023-52597"
},
{
"cve": "CVE-2023-52598",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"notes": [
{
"category": "summary",
"text": "In the Linux kernel, the following vulnerability has been resolved:\r\n\r\ns390/ptrace: handle setting of fpc register correctly",
"title": "Summary"
}
],
"product_status": {
"known_not_affected": [
"1",
"3",
"4"
]
},
"threats": [
{
"category": "impact",
"details": "Misinformed",
"product_ids": [
"1",
"4",
"3"
]
}
],
"title": "CVE-2023-52598"
},
{
"cve": "CVE-2023-52599",
"cwe": {
"id": "CWE-125",
"name": "Out-of-bounds Read"
},
"notes": [
{
"category": "summary",
"text": "In the Linux kernel, the following vulnerability has been resolved:\r\n\r\njfs: fix array-index-out-of-bounds in diNewExt",
"title": "Summary"
}
],
"product_status": {
"known_not_affected": [
"1",
"3",
"4"
]
},
"threats": [
{
"category": "impact",
"details": "Misinformed",
"product_ids": [
"1",
"4",
"3"
]
}
],
"title": "CVE-2023-52599"
},
{
"cve": "CVE-2023-52600",
"cwe": {
"id": "CWE-416",
"name": "Use After Free"
},
"notes": [
{
"category": "summary",
"text": "In the Linux kernel, the following vulnerability has been resolved:\r\n\r\njfs: fix uaf in jfs_evict_inode",
"title": "Summary"
}
],
"product_status": {
"known_not_affected": [
"1",
"3",
"4"
]
},
"threats": [
{
"category": "impact",
"details": "Misinformed",
"product_ids": [
"1",
"4",
"3"
]
}
],
"title": "CVE-2023-52600"
},
{
"cve": "CVE-2023-52601",
"cwe": {
"id": "CWE-125",
"name": "Out-of-bounds Read"
},
"notes": [
{
"category": "summary",
"text": "In the Linux kernel, the following vulnerability has been resolved:\r\n\r\njfs: fix array-index-out-of-bounds in dbAdjTree",
"title": "Summary"
}
],
"product_status": {
"known_not_affected": [
"1",
"3",
"4"
]
},
"threats": [
{
"category": "impact",
"details": "Misinformed",
"product_ids": [
"1",
"4",
"3"
]
}
],
"title": "CVE-2023-52601"
},
{
"cve": "CVE-2023-52602",
"cwe": {
"id": "CWE-125",
"name": "Out-of-bounds Read"
},
"notes": [
{
"category": "summary",
"text": "In the Linux kernel, the following vulnerability has been resolved:\r\n\r\njfs: fix slab-out-of-bounds Read in dtSearch",
"title": "Summary"
}
],
"product_status": {
"known_not_affected": [
"1",
"3",
"4"
]
},
"threats": [
{
"category": "impact",
"details": "Misinformed",
"product_ids": [
"1",
"4",
"3"
]
}
],
"title": "CVE-2023-52602"
},
{
"cve": "CVE-2023-52603",
"cwe": {
"id": "CWE-125",
"name": "Out-of-bounds Read"
},
"notes": [
{
"category": "summary",
"text": "In the Linux kernel, the following vulnerability has been resolved:\r\n\r\nUBSAN: array-index-out-of-bounds in dtSplitRoot",
"title": "Summary"
}
],
"product_status": {
"known_not_affected": [
"1",
"3",
"4"
]
},
"threats": [
{
"category": "impact",
"details": "Misinformed",
"product_ids": [
"1",
"4",
"3"
]
}
],
"title": "CVE-2023-52603"
},
{
"cve": "CVE-2023-52604",
"cwe": {
"id": "CWE-125",
"name": "Out-of-bounds Read"
},
"notes": [
{
"category": "summary",
"text": "In the Linux kernel, the following vulnerability has been resolved:\r\n\r\nFS:JFS:UBSAN:array-index-out-of-bounds in dbAdjTree",
"title": "Summary"
}
],
"product_status": {
"known_not_affected": [
"1",
"3",
"4"
]
},
"threats": [
{
"category": "impact",
"details": "Misinformed",
"product_ids": [
"1",
"4",
"3"
]
}
],
"title": "CVE-2023-52604"
},
{
"cve": "CVE-2023-52606",
"cwe": {
"id": "CWE-121",
"name": "Stack-based Buffer Overflow"
},
"notes": [
{
"category": "summary",
"text": "In the Linux kernel, the following vulnerability has been resolved:\r\n\r\npowerpc/lib: Validate size for vector operations",
"title": "Summary"
}
],
"product_status": {
"known_not_affected": [
"1",
"3",
"4"
]
},
"threats": [
{
"category": "impact",
"details": "Misinformed",
"product_ids": [
"1",
"4",
"3"
]
}
],
"title": "CVE-2023-52606"
},
{
"cve": "CVE-2023-52607",
"cwe": {
"id": "CWE-395",
"name": "Use of NullPointerException Catch to Detect NULL Pointer Dereference"
},
"notes": [
{
"category": "summary",
"text": "In the Linux kernel, the following vulnerability has been resolved:\r\n\r\npowerpc/mm: Fix null-pointer dereference in pgtable_cache_add",
"title": "Summary"
}
],
"product_status": {
"known_not_affected": [
"1",
"3",
"4"
]
},
"threats": [
{
"category": "impact",
"details": "Misinformed",
"product_ids": [
"1",
"4",
"3"
]
}
],
"title": "CVE-2023-52607"
},
{
"cve": "CVE-2023-52615",
"cwe": {
"id": "CWE-833",
"name": "Deadlock"
},
"notes": [
{
"category": "summary",
"text": "In the Linux kernel, the following vulnerability has been resolved:\r\n\r\nhwrng: core - Fix page fault dead lock on mmap-ed hwrng",
"title": "Summary"
}
],
"product_status": {
"known_not_affected": [
"1",
"3",
"4"
]
},
"threats": [
{
"category": "impact",
"details": "Misinformed",
"product_ids": [
"1",
"4",
"3"
]
}
],
"title": "CVE-2023-52615"
},
{
"cve": "CVE-2023-52617",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"notes": [
{
"category": "summary",
"text": "In the Linux kernel, the following vulnerability has been resolved:\r\n\r\nPCI: switchtec: Fix stdev_release() crash after surprise hot remove",
"title": "Summary"
}
],
"product_status": {
"known_not_affected": [
"1",
"3",
"4"
]
},
"threats": [
{
"category": "impact",
"details": "Misinformed",
"product_ids": [
"1",
"4",
"3"
]
}
],
"title": "CVE-2023-52617"
},
{
"cve": "CVE-2023-52619",
"cwe": {
"id": "CWE-99",
"name": "Improper Control of Resource Identifiers (\u0027Resource Injection\u0027)"
},
"notes": [
{
"category": "summary",
"text": "In the Linux kernel, the following vulnerability has been resolved:\r\n\r\npstore/ram: Fix crash when setting number of cpus to an odd number",
"title": "Summary"
}
],
"product_status": {
"known_not_affected": [
"1",
"3",
"4"
]
},
"threats": [
{
"category": "impact",
"details": "Misinformed",
"product_ids": [
"1",
"4",
"3"
]
}
],
"title": "CVE-2023-52619"
},
{
"cve": "CVE-2023-52622",
"cwe": {
"id": "CWE-131",
"name": "Incorrect Calculation of Buffer Size"
},
"notes": [
{
"category": "summary",
"text": "In the Linux kernel, the following vulnerability has been resolved: ext4: avoid online resizing failures due to oversized flex bg.",
"title": "Summary"
}
],
"product_status": {
"known_not_affected": [
"1",
"3",
"4"
]
},
"threats": [
{
"category": "impact",
"details": "Misinformed",
"product_ids": [
"1",
"4",
"3"
]
}
],
"title": "CVE-2023-52622"
},
{
"cve": "CVE-2023-52623",
"cwe": {
"id": "CWE-362",
"name": "Concurrent Execution using Shared Resource with Improper Synchronization (\u0027Race Condition\u0027)"
},
"notes": [
{
"category": "summary",
"text": "In the Linux kernel, the following vulnerability has been resolved:\r\n\r\nSUNRPC: Fix a suspicious RCU usage warning",
"title": "Summary"
}
],
"product_status": {
"known_not_affected": [
"1",
"3",
"4"
]
},
"threats": [
{
"category": "impact",
"details": "Misinformed",
"product_ids": [
"1",
"4",
"3"
]
}
],
"title": "CVE-2023-52623"
},
{
"cve": "CVE-2023-52637",
"cwe": {
"id": "CWE-311",
"name": "Missing Encryption of Sensitive Data"
},
"notes": [
{
"category": "summary",
"text": "In the Linux kernel, the following vulnerability has been resolved:\r\n\r\ncan: j1939: Fix UAF in j1939_sk_match_filter during setsockopt(SO_J1939_FILTER)",
"title": "Summary"
}
],
"product_status": {
"known_not_affected": [
"1",
"3",
"4"
]
},
"threats": [
{
"category": "impact",
"details": "Misinformed",
"product_ids": [
"1",
"4",
"3"
]
}
],
"title": "CVE-2023-52637"
},
{
"cve": "CVE-2023-52654",
"cwe": {
"id": "CWE-311",
"name": "Missing Encryption of Sensitive Data"
},
"notes": [
{
"category": "summary",
"text": "In the Linux kernel, the following vulnerability has been resolved:\r\n\r\nio_uring/af_unix: disable sending io_uring over sockets",
"title": "Summary"
}
],
"product_status": {
"known_not_affected": [
"1",
"3",
"4"
]
},
"threats": [
{
"category": "impact",
"details": "Misinformed",
"product_ids": [
"1",
"4",
"3"
]
}
],
"title": "CVE-2023-52654"
},
{
"cve": "CVE-2023-52655",
"cwe": {
"id": "CWE-311",
"name": "Missing Encryption of Sensitive Data"
},
"notes": [
{
"category": "summary",
"text": "In the Linux kernel, the following vulnerability has been resolved:\r\n\r\nusb: aqc111: check packet for fixup for true limit",
"title": "Summary"
}
],
"product_status": {
"known_not_affected": [
"1",
"3",
"4"
]
},
"threats": [
{
"category": "impact",
"details": "Misinformed",
"product_ids": [
"1",
"4",
"3"
]
}
],
"title": "CVE-2023-52655"
},
{
"cve": "CVE-2023-52670",
"cwe": {
"id": "CWE-311",
"name": "Missing Encryption of Sensitive Data"
},
"notes": [
{
"category": "summary",
"text": "In the Linux kernel, the following vulnerability has been resolved:\r\n\r\nrpmsg: virtio: Free driver_override when rpmsg_remove()",
"title": "Summary"
}
],
"product_status": {
"known_not_affected": [
"1",
"3",
"4"
]
},
"threats": [
{
"category": "impact",
"details": "Misinformed",
"product_ids": [
"1",
"4",
"3"
]
}
],
"title": "CVE-2023-52670"
},
{
"cve": "CVE-2023-52753",
"cwe": {
"id": "CWE-476",
"name": "NULL Pointer Dereference"
},
"notes": [
{
"category": "summary",
"text": "In the Linux kernel, the following vulnerability has been resolved:\r\n\r\ndrm/amd/display: Avoid NULL dereference of timing generator",
"title": "Summary"
}
],
"product_status": {
"known_not_affected": [
"1",
"3",
"4"
]
},
"threats": [
{
"category": "impact",
"details": "Misinformed",
"product_ids": [
"1",
"4",
"3"
]
}
],
"title": "CVE-2023-52753"
},
{
"cve": "CVE-2023-52764",
"cwe": {
"id": "CWE-311",
"name": "Missing Encryption of Sensitive Data"
},
"notes": [
{
"category": "summary",
"text": "In the Linux kernel, the following vulnerability has been resolved:\r\n\r\nmedia: gspca: cpia1: shift-out-of-bounds in set_flicker",
"title": "Summary"
}
],
"product_status": {
"known_not_affected": [
"1",
"3",
"4"
]
},
"threats": [
{
"category": "impact",
"details": "Misinformed",
"product_ids": [
"1",
"4",
"3"
]
}
],
"title": "CVE-2023-52764"
},
{
"cve": "CVE-2023-52774",
"cwe": {
"id": "CWE-311",
"name": "Missing Encryption of Sensitive Data"
},
"notes": [
{
"category": "summary",
"text": "In the Linux kernel, the following vulnerability has been resolved:\r\n\r\ns390/dasd: protect device queue against concurrent access",
"title": "Summary"
}
],
"product_status": {
"known_not_affected": [
"1",
"3",
"4"
]
},
"threats": [
{
"category": "impact",
"details": "Misinformed",
"product_ids": [
"1",
"4",
"3"
]
}
],
"title": "CVE-2023-52774"
},
{
"cve": "CVE-2023-52784",
"cwe": {
"id": "CWE-99",
"name": "Improper Control of Resource Identifiers (\u0027Resource Injection\u0027)"
},
"notes": [
{
"category": "summary",
"text": "In the Linux kernel, the following vulnerability has been resolved:\r\n\r\nbonding: stop the device in bond_setup_by_slave()",
"title": "Summary"
}
],
"product_status": {
"known_not_affected": [
"1",
"3",
"4"
]
},
"threats": [
{
"category": "impact",
"details": "Misinformed",
"product_ids": [
"1",
"4",
"3"
]
}
],
"title": "CVE-2023-52784"
},
{
"cve": "CVE-2023-52789",
"cwe": {
"id": "CWE-311",
"name": "Missing Encryption of Sensitive Data"
},
"notes": [
{
"category": "summary",
"text": "In the Linux kernel, the following vulnerability has been resolved:\r\n\r\ntty: vcc: Add check for kstrdup() in vcc_probe()",
"title": "Summary"
}
],
"product_status": {
"known_not_affected": [
"1",
"3",
"4"
]
},
"threats": [
{
"category": "impact",
"details": "Misinformed",
"product_ids": [
"1",
"4",
"3"
]
}
],
"title": "CVE-2023-52789"
},
{
"cve": "CVE-2023-52791",
"cwe": {
"id": "CWE-311",
"name": "Missing Encryption of Sensitive Data"
},
"notes": [
{
"category": "summary",
"text": "In the Linux kernel, the following vulnerability has been resolved:\r\n\r\ni2c: core: Run atomic i2c xfer when !preemptible",
"title": "Summary"
}
],
"product_status": {
"known_not_affected": [
"1",
"3",
"4"
]
},
"threats": [
{
"category": "impact",
"details": "Misinformed",
"product_ids": [
"1",
"4",
"3"
]
}
],
"title": "CVE-2023-52791"
},
{
"cve": "CVE-2023-52796",
"cwe": {
"id": "CWE-311",
"name": "Missing Encryption of Sensitive Data"
},
"notes": [
{
"category": "summary",
"text": "In the Linux kernel, the following vulnerability has been resolved:\r\n\r\nipvlan: add ipvlan_route_v6_outbound() helper",
"title": "Summary"
}
],
"product_status": {
"known_not_affected": [
"1",
"3",
"4"
]
},
"threats": [
{
"category": "impact",
"details": "Misinformed",
"product_ids": [
"1",
"4",
"3"
]
}
],
"title": "CVE-2023-52796"
},
{
"cve": "CVE-2023-52799",
"cwe": {
"id": "CWE-311",
"name": "Missing Encryption of Sensitive Data"
},
"notes": [
{
"category": "summary",
"text": "In the Linux kernel, the following vulnerability has been resolved:\r\n\r\njfs: fix array-index-out-of-bounds in dbFindLeaf",
"title": "Summary"
}
],
"product_status": {
"known_not_affected": [
"1",
"3",
"4"
]
},
"threats": [
{
"category": "impact",
"details": "Misinformed",
"product_ids": [
"1",
"4",
"3"
]
}
],
"title": "CVE-2023-52799"
},
{
"cve": "CVE-2023-52804",
"cwe": {
"id": "CWE-311",
"name": "Missing Encryption of Sensitive Data"
},
"notes": [
{
"category": "summary",
"text": "In the Linux kernel, the following vulnerability has been resolved:\r\n\r\nfs/jfs: Add validity check for db_maxag and db_agpref",
"title": "Summary"
}
],
"product_status": {
"known_not_affected": [
"1",
"3",
"4"
]
},
"threats": [
{
"category": "impact",
"details": "Misinformed",
"product_ids": [
"1",
"4",
"3"
]
}
],
"title": "CVE-2023-52804"
},
{
"cve": "CVE-2023-52805",
"cwe": {
"id": "CWE-311",
"name": "Missing Encryption of Sensitive Data"
},
"notes": [
{
"category": "summary",
"text": "In the Linux kernel, the following vulnerability has been resolved:\r\n\r\njfs: fix array-index-out-of-bounds in diAlloc",
"title": "Summary"
}
],
"product_status": {
"known_not_affected": [
"1",
"3",
"4"
]
},
"threats": [
{
"category": "impact",
"details": "Misinformed",
"product_ids": [
"1",
"4",
"3"
]
}
],
"title": "CVE-2023-52805"
},
{
"cve": "CVE-2023-52806",
"cwe": {
"id": "CWE-476",
"name": "NULL Pointer Dereference"
},
"notes": [
{
"category": "summary",
"text": "In the Linux kernel, the following vulnerability has been resolved:\r\n\r\nALSA: hda: Fix possible null-ptr-deref when assigning a stream",
"title": "Summary"
}
],
"product_status": {
"known_not_affected": [
"1",
"3",
"4"
]
},
"threats": [
{
"category": "impact",
"details": "Misinformed",
"product_ids": [
"1",
"4",
"3"
]
}
],
"title": "CVE-2023-52806"
},
{
"cve": "CVE-2023-52809",
"cwe": {
"id": "CWE-476",
"name": "NULL Pointer Dereference"
},
"notes": [
{
"category": "summary",
"text": "In the Linux kernel, the following vulnerability has been resolved:\r\n\r\nscsi: libfc: Fix potential NULL pointer dereference in fc_lport_ptp_setup()",
"title": "Summary"
}
],
"product_status": {
"known_not_affected": [
"1",
"3",
"4"
]
},
"threats": [
{
"category": "impact",
"details": "Misinformed",
"product_ids": [
"1",
"4",
"3"
]
}
],
"title": "CVE-2023-52809"
},
{
"cve": "CVE-2023-52810",
"cwe": {
"id": "CWE-311",
"name": "Missing Encryption of Sensitive Data"
},
"notes": [
{
"category": "summary",
"text": "In the Linux kernel, the following vulnerability has been resolved:\r\n\r\nfs/jfs: Add check for negative db_l2nbperpage",
"title": "Summary"
}
],
"product_status": {
"known_not_affected": [
"1",
"3",
"4"
]
},
"threats": [
{
"category": "impact",
"details": "Misinformed",
"product_ids": [
"1",
"4",
"3"
]
}
],
"title": "CVE-2023-52810"
},
{
"cve": "CVE-2023-52813",
"cwe": {
"id": "CWE-311",
"name": "Missing Encryption of Sensitive Data"
},
"notes": [
{
"category": "summary",
"text": "In the Linux kernel, the following vulnerability has been resolved:\r\n\r\ncrypto: pcrypt - Fix hungtask for PADATA_RESET",
"title": "Summary"
}
],
"product_status": {
"known_not_affected": [
"1",
"3",
"4"
]
},
"threats": [
{
"category": "impact",
"details": "Misinformed",
"product_ids": [
"1",
"4",
"3"
]
}
],
"title": "CVE-2023-52813"
},
{
"cve": "CVE-2023-52817",
"cwe": {
"id": "CWE-476",
"name": "NULL Pointer Dereference"
},
"notes": [
{
"category": "summary",
"text": "In the Linux kernel, the following vulnerability has been resolved:\r\n\r\ndrm/amdgpu: Fix a null pointer access when the smc_rreg pointer is NULL",
"title": "Summary"
}
],
"product_status": {
"known_not_affected": [
"1",
"3",
"4"
]
},
"threats": [
{
"category": "impact",
"details": "Misinformed",
"product_ids": [
"1",
"4",
"3"
]
}
],
"title": "CVE-2023-52817"
},
{
"cve": "CVE-2023-52818",
"cwe": {
"id": "CWE-311",
"name": "Missing Encryption of Sensitive Data"
},
"notes": [
{
"category": "summary",
"text": "In the Linux kernel, the following vulnerability has been resolved:\r\n\r\ndrm/amd: Fix UBSAN array-index-out-of-bounds for SMU7",
"title": "Summary"
}
],
"product_status": {
"known_not_affected": [
"1",
"3",
"4"
]
},
"threats": [
{
"category": "impact",
"details": "Misinformed",
"product_ids": [
"1",
"4",
"3"
]
}
],
"title": "CVE-2023-52818"
},
{
"cve": "CVE-2023-52819",
"cwe": {
"id": "CWE-311",
"name": "Missing Encryption of Sensitive Data"
},
"notes": [
{
"category": "summary",
"text": "In the Linux kernel, the following vulnerability has been resolved:\r\n\r\ndrm/amd: Fix UBSAN array-index-out-of-bounds for Polaris and Tonga",
"title": "Summary"
}
],
"product_status": {
"known_not_affected": [
"1",
"3",
"4"
]
},
"threats": [
{
"category": "impact",
"details": "Misinformed",
"product_ids": [
"1",
"4",
"3"
]
}
],
"title": "CVE-2023-52819"
},
{
"cve": "CVE-2023-52832",
"cwe": {
"id": "CWE-311",
"name": "Missing Encryption of Sensitive Data"
},
"notes": [
{
"category": "summary",
"text": "In the Linux kernel, the following vulnerability has been resolved:\r\n\r\nwifi: mac80211: don\u0027t return unset power in ieee80211_get_tx_power()",
"title": "Summary"
}
],
"product_status": {
"known_not_affected": [
"1",
"3",
"4"
]
},
"threats": [
{
"category": "impact",
"details": "Misinformed",
"product_ids": [
"1",
"4",
"3"
]
}
],
"title": "CVE-2023-52832"
},
{
"cve": "CVE-2023-52835",
"cwe": {
"id": "CWE-125",
"name": "Out-of-bounds Read"
},
"notes": [
{
"category": "summary",
"text": "In the Linux kernel, the following vulnerability has been resolved:\r\n\r\nperf/core: Bail out early if the request AUX area is out of bound",
"title": "Summary"
}
],
"product_status": {
"known_not_affected": [
"1",
"3",
"4"
]
},
"threats": [
{
"category": "impact",
"details": "Misinformed",
"product_ids": [
"1",
"4",
"3"
]
}
],
"title": "CVE-2023-52835"
},
{
"cve": "CVE-2023-52836",
"cwe": {
"id": "CWE-99",
"name": "Improper Control of Resource Identifiers (\u0027Resource Injection\u0027)"
},
"notes": [
{
"category": "summary",
"text": "In the Linux kernel, the following vulnerability has been resolved:\r\n\r\nlocking/ww_mutex/test: Fix potential workqueue corruption",
"title": "Summary"
}
],
"product_status": {
"known_not_affected": [
"1",
"3",
"4"
]
},
"threats": [
{
"category": "impact",
"details": "Misinformed",
"product_ids": [
"1",
"4",
"3"
]
}
],
"title": "CVE-2023-52836"
},
{
"cve": "CVE-2023-52838",
"cwe": {
"id": "CWE-311",
"name": "Missing Encryption of Sensitive Data"
},
"notes": [
{
"category": "summary",
"text": "In the Linux kernel, the following vulnerability has been resolved:\r\n\r\nfbdev: imsttfb: fix a resource leak in probe",
"title": "Summary"
}
],
"product_status": {
"known_not_affected": [
"1",
"3",
"4"
]
},
"threats": [
{
"category": "impact",
"details": "Misinformed",
"product_ids": [
"1",
"4",
"3"
]
}
],
"title": "CVE-2023-52838"
},
{
"cve": "CVE-2023-52840",
"cwe": {
"id": "CWE-311",
"name": "Missing Encryption of Sensitive Data"
},
"notes": [
{
"category": "summary",
"text": "In the Linux kernel, the following vulnerability has been resolved:\r\n\r\nInput: synaptics-rmi4 - fix use after free in rmi_unregister_function()",
"title": "Summary"
}
],
"product_status": {
"known_not_affected": [
"1",
"3",
"4"
]
},
"threats": [
{
"category": "impact",
"details": "Misinformed",
"product_ids": [
"1",
"4",
"3"
]
}
],
"title": "CVE-2023-52840"
},
{
"cve": "CVE-2023-52843",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"notes": [
{
"category": "summary",
"text": "In the Linux kernel, the following vulnerability has been resolved:\r\n\r\nllc: verify mac len before reading mac header",
"title": "Summary"
}
],
"product_status": {
"known_not_affected": [
"1",
"3",
"4"
]
},
"threats": [
{
"category": "impact",
"details": "Misinformed",
"product_ids": [
"1",
"4",
"3"
]
}
],
"title": "CVE-2023-52843"
},
{
"cve": "CVE-2023-52845",
"cwe": {
"id": "CWE-311",
"name": "Missing Encryption of Sensitive Data"
},
"notes": [
{
"category": "summary",
"text": "In the Linux kernel, the following vulnerability has been resolved:\r\n\r\ntipc: Change nla_policy for bearer-related names to NLA_NUL_STRING",
"title": "Summary"
}
],
"product_status": {
"known_not_affected": [
"1",
"3",
"4"
]
},
"threats": [
{
"category": "impact",
"details": "Misinformed",
"product_ids": [
"1",
"4",
"3"
]
}
],
"title": "CVE-2023-52845"
},
{
"cve": "CVE-2023-52847",
"cwe": {
"id": "CWE-311",
"name": "Missing Encryption of Sensitive Data"
},
"notes": [
{
"category": "summary",
"text": "In the Linux kernel, the following vulnerability has been resolved:\r\n\r\nmedia: bttv: fix use after free error due to btv-\u003etimeout timer",
"title": "Summary"
}
],
"product_status": {
"known_not_affected": [
"1",
"3",
"4"
]
},
"threats": [
{
"category": "impact",
"details": "Misinformed",
"product_ids": [
"1",
"4",
"3"
]
}
],
"title": "CVE-2023-52847"
},
{
"cve": "CVE-2023-52853",
"cwe": {
"id": "CWE-311",
"name": "Missing Encryption of Sensitive Data"
},
"notes": [
{
"category": "summary",
"text": "In the Linux kernel, the following vulnerability has been resolved:\r\n\r\nhid: cp2112: Fix duplicate workqueue initialization",
"title": "Summary"
}
],
"product_status": {
"known_not_affected": [
"1",
"3",
"4"
]
},
"threats": [
{
"category": "impact",
"details": "Misinformed",
"product_ids": [
"1",
"4",
"3"
]
}
],
"title": "CVE-2023-52853"
},
{
"cve": "CVE-2023-52855",
"cwe": {
"id": "CWE-311",
"name": "Missing Encryption of Sensitive Data"
},
"notes": [
{
"category": "summary",
"text": "In the Linux kernel, the following vulnerability has been resolved:\r\n\r\nusb: dwc2: fix possible NULL pointer dereference caused by driver concurrency",
"title": "Summary"
}
],
"product_status": {
"known_not_affected": [
"1",
"3",
"4"
]
},
"threats": [
{
"category": "impact",
"details": "Misinformed",
"product_ids": [
"1",
"4",
"3"
]
}
],
"title": "CVE-2023-52855"
},
{
"cve": "CVE-2023-52858",
"cwe": {
"id": "CWE-311",
"name": "Missing Encryption of Sensitive Data"
},
"notes": [
{
"category": "summary",
"text": "In the Linux kernel, the following vulnerability has been resolved:\r\n\r\nclk: mediatek: clk-mt7629: Add check for mtk_alloc_clk_data",
"title": "Summary"
}
],
"product_status": {
"known_not_affected": [
"1",
"3",
"4"
]
},
"threats": [
{
"category": "impact",
"details": "Misinformed",
"product_ids": [
"1",
"4",
"3"
]
}
],
"title": "CVE-2023-52858"
},
{
"cve": "CVE-2023-52864",
"cwe": {
"id": "CWE-311",
"name": "Missing Encryption of Sensitive Data"
},
"notes": [
{
"category": "summary",
"text": "In the Linux kernel, the following vulnerability has been resolved:\r\n\r\nplatform/x86: wmi: Fix opening of char device",
"title": "Summary"
}
],
"product_status": {
"known_not_affected": [
"1",
"3",
"4"
]
},
"threats": [
{
"category": "impact",
"details": "Misinformed",
"product_ids": [
"1",
"4",
"3"
]
}
],
"title": "CVE-2023-52864"
},
{
"cve": "CVE-2023-52865",
"cwe": {
"id": "CWE-476",
"name": "NULL Pointer Dereference"
},
"notes": [
{
"category": "summary",
"text": "In the Linux kernel, the following vulnerability has been resolved:\r\n\r\nclk: mediatek: clk-mt6797: Add check for mtk_alloc_clk_data",
"title": "Summary"
}
],
"product_status": {
"known_not_affected": [
"1",
"3",
"4"
]
},
"threats": [
{
"category": "impact",
"details": "Misinformed",
"product_ids": [
"1",
"4",
"3"
]
}
],
"title": "CVE-2023-52865"
},
{
"cve": "CVE-2023-52867",
"cwe": {
"id": "CWE-311",
"name": "Missing Encryption of Sensitive Data"
},
"notes": [
{
"category": "summary",
"text": "In the Linux kernel, the following vulnerability has been resolved:\r\n\r\ndrm/radeon: possible buffer overflow",
"title": "Summary"
}
],
"product_status": {
"known_not_affected": [
"1",
"3",
"4"
]
},
"threats": [
{
"category": "impact",
"details": "Misinformed",
"product_ids": [
"1",
"4",
"3"
]
}
],
"title": "CVE-2023-52867"
},
{
"cve": "CVE-2023-52868",
"cwe": {
"id": "CWE-311",
"name": "Missing Encryption of Sensitive Data"
},
"notes": [
{
"category": "summary",
"text": "In the Linux kernel, the following vulnerability has been resolved:\r\n\r\nthermal: core: prevent potential string overflow",
"title": "Summary"
}
],
"product_status": {
"known_not_affected": [
"1",
"3",
"4"
]
},
"threats": [
{
"category": "impact",
"details": "Misinformed",
"product_ids": [
"1",
"4",
"3"
]
}
],
"title": "CVE-2023-52868"
},
{
"cve": "CVE-2023-52871",
"cwe": {
"id": "CWE-311",
"name": "Missing Encryption of Sensitive Data"
},
"notes": [
{
"category": "summary",
"text": "In the Linux kernel, the following vulnerability has been resolved:\r\n\r\nsoc: qcom: llcc: Handle a second device without data corruption",
"title": "Summary"
}
],
"product_status": {
"known_not_affected": [
"1",
"3",
"4"
]
},
"threats": [
{
"category": "impact",
"details": "Misinformed",
"product_ids": [
"1",
"4",
"3"
]
}
],
"title": "CVE-2023-52871"
},
{
"cve": "CVE-2023-52873",
"cwe": {
"id": "CWE-311",
"name": "Missing Encryption of Sensitive Data"
},
"notes": [
{
"category": "summary",
"text": "In the Linux kernel, the following vulnerability has been resolved:\r\n\r\nclk: mediatek: clk-mt6779: Add check for mtk_alloc_clk_data",
"title": "Summary"
}
],
"product_status": {
"known_not_affected": [
"1",
"3",
"4"
]
},
"threats": [
{
"category": "impact",
"details": "Misinformed",
"product_ids": [
"1",
"4",
"3"
]
}
],
"title": "CVE-2023-52873"
},
{
"cve": "CVE-2023-52875",
"cwe": {
"id": "CWE-476",
"name": "NULL Pointer Dereference"
},
"notes": [
{
"category": "summary",
"text": "In the Linux kernel, the following vulnerability has been resolved:\r\n\r\nclk: mediatek: clk-mt2701: Add check for mtk_alloc_clk_data",
"title": "Summary"
}
],
"product_status": {
"known_not_affected": [
"1",
"3",
"4"
]
},
"threats": [
{
"category": "impact",
"details": "Misinformed",
"product_ids": [
"1",
"4",
"3"
]
}
],
"title": "CVE-2023-52875"
},
{
"cve": "CVE-2023-52876",
"cwe": {
"id": "CWE-311",
"name": "Missing Encryption of Sensitive Data"
},
"notes": [
{
"category": "summary",
"text": "In the Linux kernel, the following vulnerability has been resolved:\r\n\r\nclk: mediatek: clk-mt7629-eth: Add check for mtk_alloc_clk_data",
"title": "Summary"
}
],
"product_status": {
"known_not_affected": [
"1",
"3",
"4"
]
},
"threats": [
{
"category": "impact",
"details": "Misinformed",
"product_ids": [
"1",
"4",
"3"
]
}
],
"title": "CVE-2023-52876"
},
{
"cve": "CVE-2023-52879",
"cwe": {
"id": "CWE-311",
"name": "Missing Encryption of Sensitive Data"
},
"notes": [
{
"category": "summary",
"text": "In the Linux kernel, the following vulnerability has been resolved:\r\n\r\ntracing: Have trace_event_file have ref counters",
"title": "Summary"
}
],
"product_status": {
"known_not_affected": [
"1",
"3",
"4"
]
},
"threats": [
{
"category": "impact",
"details": "Misinformed",
"product_ids": [
"1",
"4",
"3"
]
}
],
"title": "CVE-2023-52879"
},
{
"cve": "CVE-2023-52881",
"cwe": {
"id": "CWE-311",
"name": "Missing Encryption of Sensitive Data"
},
"notes": [
{
"category": "summary",
"text": "In the Linux kernel, the following vulnerability has been resolved:\r\n\r\ntcp: do not accept ACK of bytes we never sent",
"title": "Summary"
}
],
"product_status": {
"known_not_affected": [
"1",
"3",
"4"
]
},
"threats": [
{
"category": "impact",
"details": "Misinformed",
"product_ids": [
"1",
"4",
"3"
]
}
],
"title": "CVE-2023-52881"
},
{
"cve": "CVE-2023-52882",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"notes": [
{
"category": "summary",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nclk: sunxi-ng: h6: Reparent CPUX during PLL CPUX rate change\n\nWhile PLL CPUX clock rate change when CPU is running from it works in\nvast majority of cases, now and then it causes instability. This leads\nto system crashes and other undefined behaviour. After a lot of testing\n(30+ hours) while also doing a lot of frequency switches, we can\u0027t\nobserve any instability issues anymore when doing reparenting to stable\nclock like 24 MHz oscillator.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"2",
"5"
],
"known_not_affected": [
"3"
]
},
"remediations": [
{
"category": "vendor_fix",
"details": "Update to V3.1 or later version",
"product_ids": [
"2",
"5"
],
"url": "https://support.industry.siemens.com/cs/ww/en/view/109977557/"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 0.0,
"baseSeverity": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:N/A:N",
"version": "3.1"
},
"products": [
"2",
"5"
]
}
],
"threats": [
{
"category": "impact",
"details": "Misinformed",
"product_ids": [
"3"
]
}
],
"title": "CVE-2023-52882"
},
{
"cve": "CVE-2023-52887",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"notes": [
{
"category": "summary",
"text": "net: can: j1939: vulnerability related to error handling for closely received RTS messages in xtp_rx_rts_session_new, which is addressed by replacing less informative backtraces with a new method that provides clearer error messages and allows for early termination of problematic sessions.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"2",
"5"
],
"known_not_affected": [
"3"
]
},
"remediations": [
{
"category": "vendor_fix",
"details": "Update to V3.1 or later version",
"product_ids": [
"2",
"5"
],
"url": "https://support.industry.siemens.com/cs/ww/en/view/109977557/"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C",
"version": "3.1"
},
"products": [
"2",
"5"
]
}
],
"threats": [
{
"category": "impact",
"details": "Misinformed",
"product_ids": [
"3"
]
}
],
"title": "CVE-2023-52887"
},
{
"cve": "CVE-2023-52918",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"notes": [
{
"category": "summary",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nmedia: pci: cx23885: check cx23885_vdev_init() return\n\ncx23885_vdev_init() can return a NULL pointer, but that pointer\nis used in the next line without a check.\n\nAdd a NULL pointer check and go to the error unwind if it is NULL.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"2",
"5"
],
"known_not_affected": [
"3"
]
},
"remediations": [
{
"category": "vendor_fix",
"details": "Update to V3.1 or later version",
"product_ids": [
"2",
"5"
],
"url": "https://support.industry.siemens.com/cs/ww/en/view/109977557/"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 0.0,
"baseSeverity": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:N/A:N",
"version": "3.1"
},
"products": [
"2",
"5"
]
}
],
"threats": [
{
"category": "impact",
"details": "Misinformed",
"product_ids": [
"3"
]
}
],
"title": "CVE-2023-52918"
},
{
"cve": "CVE-2023-52919",
"cwe": {
"id": "CWE-476",
"name": "NULL Pointer Dereference"
},
"notes": [
{
"category": "summary",
"text": "In the Linux kernel, the following vulnerability has been resolved:\r\n\r\nnfc: nci: fix possible NULL pointer dereference in send_acknowledge()",
"title": "Summary"
}
],
"product_status": {
"known_not_affected": [
"1",
"3",
"4"
]
},
"threats": [
{
"category": "impact",
"details": "Misinformed",
"product_ids": [
"1",
"4",
"3"
]
}
],
"title": "CVE-2023-52919"
},
{
"cve": "CVE-2024-0193",
"cwe": {
"id": "CWE-416",
"name": "Use After Free"
},
"notes": [
{
"category": "summary",
"text": "A use-after-free flaw was found in the netfilter subsystem of the Linux kernel. If the catchall element is garbage-collected when the pipapo set is removed, the element can be deactivated twice. This can cause a use-after-free issue on an NFT_CHAIN object or NFT_OBJECT object, allowing a local unprivileged user with CAP_NET_ADMIN capability to escalate their privileges on the system.",
"title": "Summary"
}
],
"product_status": {
"known_not_affected": [
"1",
"3",
"4"
]
},
"threats": [
{
"category": "impact",
"details": "Misinformed",
"product_ids": [
"1",
"4",
"3"
]
}
],
"title": "CVE-2024-0193"
},
{
"cve": "CVE-2024-0584",
"cwe": {
"id": "CWE-416",
"name": "Use After Free"
},
"notes": [
{
"category": "summary",
"text": "A use-after-free issue was found in igmp_start_timer in net/ipv4/igmp.c in the network sub-component in the Linux Kernel. This flaw allows a local user to observe a refcnt use-after-free issue when receiving an igmp query packet, leading to a kernel information leak.",
"title": "Summary"
}
],
"product_status": {
"known_not_affected": [
"1",
"3",
"4"
]
},
"threats": [
{
"category": "impact",
"details": "Misinformed",
"product_ids": [
"1",
"4",
"3"
]
}
],
"title": "CVE-2024-0584"
},
{
"cve": "CVE-2024-0646",
"cwe": {
"id": "CWE-1314",
"name": "Missing Write Protection for Parametric Data Values"
},
"notes": [
{
"category": "summary",
"text": "An out-of-bounds memory write flaw was found in the Linux kernel\u2019s Transport Layer Security functionality in how a user calls a function splice with a ktls socket as the destination. This flaw allows a local user to crash or potentially escalate their privileges on the system.",
"title": "Summary"
}
],
"product_status": {
"known_not_affected": [
"1",
"3",
"4"
]
},
"threats": [
{
"category": "impact",
"details": "Misinformed",
"product_ids": [
"1",
"4",
"3"
]
}
],
"title": "CVE-2024-0646"
},
{
"cve": "CVE-2024-0841",
"cwe": {
"id": "CWE-476",
"name": "NULL Pointer Dereference"
},
"notes": [
{
"category": "summary",
"text": "A null pointer dereference flaw was found in the hugetlbfs_fill_super function in the Linux kernel hugetlbfs (HugeTLB pages) functionality. This issue may allow a local user to crash the system or potentially escalate their privileges on the system.",
"title": "Summary"
}
],
"product_status": {
"known_not_affected": [
"1",
"3",
"4"
]
},
"threats": [
{
"category": "impact",
"details": "Misinformed",
"product_ids": [
"1",
"4",
"3"
]
}
],
"title": "CVE-2024-0841"
},
{
"cve": "CVE-2024-1086",
"cwe": {
"id": "CWE-416",
"name": "Use After Free"
},
"notes": [
{
"category": "summary",
"text": "A use-after-free vulnerability in the Linux kernel\u0027s netfilter: nf_tables component can be exploited to achieve local privilege escalation.\r\n\r\nThe nft_verdict_init() function allows positive values as drop error within the hook verdict, and hence the nf_hook_slow() function can cause a double free vulnerability when NF_DROP is issued with a drop error which resembles NF_ACCEPT.",
"title": "Summary"
}
],
"product_status": {
"known_not_affected": [
"1",
"3",
"4"
]
},
"threats": [
{
"category": "impact",
"details": "Misinformed",
"product_ids": [
"1",
"4",
"3"
]
}
],
"title": "CVE-2024-1086"
},
{
"cve": "CVE-2024-2511",
"cwe": {
"id": "CWE-400",
"name": "Uncontrolled Resource Consumption"
},
"notes": [
{
"category": "summary",
"text": "Some non-default TLS server configurations can cause unbounded memory growth when processing TLSv1.3 sessions. An attacker may exploit certain server configurations to trigger unbounded memory growth that would lead to a Denial of Service This problem can occur in TLSv1.3 if the non-default SSL_OP_NO_TICKET option is being used (but not if early_data support is also configured and the default anti-replay protection is in use). In this case, under certain conditions, the session cache can get into an incorrect state and it will fail to flush properly as it fills. The session cache will continue to grow in an unbounded manner. A malicious client could deliberately create the scenario for this failure to force a Denial of Service. It may also happen by accident in normal operation. This issue only affects TLS servers supporting TLSv1.3. It does not affect TLS clients. The FIPS modules in 3.2, 3.1 and 3.0 are not affected by this issue. OpenSSL 1.0.2 is also not affected by this issue.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"2",
"5"
],
"known_not_affected": [
"3"
]
},
"remediations": [
{
"category": "vendor_fix",
"details": "Update to V3.1 or later version",
"product_ids": [
"2",
"5"
],
"url": "https://support.industry.siemens.com/cs/ww/en/view/109977557/"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 3.7,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"2",
"5"
]
}
],
"threats": [
{
"category": "impact",
"details": "Misinformed",
"product_ids": [
"3"
]
}
],
"title": "CVE-2024-2511"
},
{
"cve": "CVE-2024-4603",
"cwe": {
"id": "CWE-834",
"name": "Excessive Iteration"
},
"notes": [
{
"category": "summary",
"text": "Checking excessively long DSA keys or parameters may be very slow. Applications that use the functions EVP_PKEY_param_check() or EVP_PKEY_public_check() to check a DSA public key or DSA parameters may experience long delays. Where the key or parameters that are being checked have been obtained from an untrusted source this may lead to a Denial of Service. The functions EVP_PKEY_param_check() or EVP_PKEY_public_check() perform various checks on DSA parameters. Some of those computations take a long time if the modulus (`p` parameter) is too large. Trying to use a very large modulus is slow and OpenSSL will not allow using public keys with a modulus which is over 10,000 bits in length for signature verification. However the key and parameter check functions do not limit the modulus size when performing the checks. An application that calls EVP_PKEY_param_check() or EVP_PKEY_public_check() and supplies a key or parameters obtained from an untrusted source could be vulnerable to a Denial of Service attack. These functions are not called by OpenSSL itself on untrusted DSA keys so only applications that directly call these functions may be vulnerable. Also vulnerable are the OpenSSL pkey and pkeyparam command line applications when using the `-check` option. The OpenSSL SSL/TLS implementation is not affected by this issue. The OpenSSL 3.0 and 3.1 FIPS providers are affected by this issue.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"2",
"5"
],
"known_not_affected": [
"3"
]
},
"remediations": [
{
"category": "vendor_fix",
"details": "Update to V3.1 or later version",
"product_ids": [
"2",
"5"
],
"url": "https://support.industry.siemens.com/cs/ww/en/view/109977557/"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"2",
"5"
]
}
],
"threats": [
{
"category": "impact",
"details": "Misinformed",
"product_ids": [
"3"
]
}
],
"title": "CVE-2024-4603"
},
{
"cve": "CVE-2024-4741",
"cwe": {
"id": "CWE-416",
"name": "Use After Free"
},
"notes": [
{
"category": "summary",
"text": "Calling the OpenSSL API function SSL_free_buffers may cause memory to be accessed that was previously freed in some situations",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"2",
"5"
],
"known_not_affected": [
"3"
]
},
"remediations": [
{
"category": "vendor_fix",
"details": "Update to V3.1 or later version",
"product_ids": [
"2",
"5"
],
"url": "https://support.industry.siemens.com/cs/ww/en/view/109977557/"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"2",
"5"
]
}
],
"threats": [
{
"category": "impact",
"details": "Misinformed",
"product_ids": [
"3"
]
}
],
"title": "CVE-2024-4741"
},
{
"cve": "CVE-2024-5535",
"cwe": {
"id": "CWE-200",
"name": "Exposure of Sensitive Information to an Unauthorized Actor"
},
"notes": [
{
"category": "summary",
"text": "Issue summary: Calling the OpenSSL API function SSL_select_next_proto with an empty supported client protocols buffer may cause a crash or memory contents to be sent to the peer. Impact summary: A buffer overread can have a range of potential consequences such as unexpected application beahviour or a crash. In particular this issue could result in up to 255 bytes of arbitrary private data from memory being sent to the peer leading to a loss of confidentiality. However, only applications that directly call the SSL_select_next_proto function with a 0 length list of supported client protocols are affected by this issue. This would normally never be a valid scenario and is typically not under attacker control but may occur by accident in the case of a configuration or programming error in the calling application. The OpenSSL API function SSL_select_next_proto is typically used by TLS applications that support ALPN (Application Layer Protocol Negotiation) or NPN (Next Protocol Negotiation). NPN is older, was never standardised and is deprecated in favour of ALPN. We believe that ALPN is significantly more widely deployed than NPN. The SSL_select_next_proto function accepts a list of protocols from the server and a list of protocols from the client and returns the first protocol that appears in the server list that also appears in the client list. In the case of no overlap between the two lists it returns the first item in the client list. In either case it will signal whether an overlap between the two lists was found. In the case where SSL_select_next_proto is called with a zero length client list it fails to notice this condition and returns the memory immediately following the client list pointer (and reports that there was no overlap in the lists). This function is typically called from a server side application callback for ALPN or a client side application callback for NPN. In the case of ALPN the list of protocols supplied by the client is guaranteed by libssl to never be zero in length. The list of server protocols comes from the application and should never normally be expected to be of zero length. In this case if the SSL_select_next_proto function has been called as expected (with the list supplied by the client passed in the client/client_len parameters), then the application will not be vulnerable to this issue. If the application has accidentally been configured with a zero length server list, and has accidentally passed that zero length server list in the client/client_len parameters, and has additionally failed to correctly handle a \"no overlap\" response (which would normally result in a handshake failure in ALPN) then it will be vulnerable to this problem. In the case of NPN, the protocol permits the client to opportunistically select a protocol when there is no overlap. OpenSSL returns the first client protocol in the no overlap case in support of this. The list of client protocols comes from the application and should never normally be expected to be of zero length. However if the SSL_select_next_proto function is accidentally called with a client_len of 0 then an invalid memory pointer will be returned instead. If the application uses this output as the opportunistic protocol then the loss of confidentiality will occur. This issue has been assessed as Low severity because applications are most likely to be vulnerable if they are using NPN instead of ALPN - but NPN is not widely used. It also requires an application configuration or programming error. Finally, this issue would not typically be under attacker control making active exploitation unlikely. The FIPS modules in 3.3, 3.2, 3.1 and 3.0 are not affected by this issue. Due to the low severity of this issue we are not issuing new releases of OpenSSL at this time. The fix will be included in the next releases when they become available.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"2",
"5"
],
"known_not_affected": [
"3"
]
},
"remediations": [
{
"category": "vendor_fix",
"details": "Update to V3.1 or later version",
"product_ids": [
"2",
"5"
],
"url": "https://support.industry.siemens.com/cs/ww/en/view/109977557/"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"2",
"5"
]
}
],
"threats": [
{
"category": "impact",
"details": "Misinformed",
"product_ids": [
"3"
]
}
],
"title": "CVE-2024-5535"
},
{
"cve": "CVE-2024-6119",
"cwe": {
"id": "CWE-843",
"name": "Access of Resource Using Incompatible Type (\u0027Type Confusion\u0027)"
},
"notes": [
{
"category": "summary",
"text": "Applications performing certificate name checks (e.g., TLS clients checking server certificates) may attempt to read an invalid memory address resulting in abnormal termination of the application process. Impact summary: Abnormal termination of an application can a cause a denial of service. Applications performing certificate name checks (e.g., TLS clients checking server certificates) may attempt to read an invalid memory address when comparing the expected name with an `otherName` subject alternative name of an X.509 certificate. This may result in an exception that terminates the application program. Note that basic certificate chain validation (signatures, dates, ...) is not affected, the denial of service can occur only when the application also specifies an expected DNS name, Email address or IP address. TLS servers rarely solicit client certificates, and even when they do, they generally don\u0027t perform a name check against a reference identifier (expected identity), but rather extract the presented identity after checking the certificate chain. So TLS servers are generally not affected and the severity of the issue is Moderate. The FIPS modules in 3.3, 3.2, 3.1 and 3.0 are not affected by this issue.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"2",
"5"
],
"known_not_affected": [
"3"
]
},
"remediations": [
{
"category": "vendor_fix",
"details": "Update to V3.1 or later version",
"product_ids": [
"2",
"5"
],
"url": "https://support.industry.siemens.com/cs/ww/en/view/109977557/"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"2",
"5"
]
}
],
"threats": [
{
"category": "impact",
"details": "Misinformed",
"product_ids": [
"3"
]
}
],
"title": "CVE-2024-6119"
},
{
"cve": "CVE-2024-6232",
"cwe": {
"id": "CWE-1333",
"name": "Inefficient Regular Expression Complexity"
},
"notes": [
{
"category": "summary",
"text": "There is a MEDIUM severity vulnerability affecting CPython.\n\n\n\n\n\nRegular expressions that allowed excessive backtracking during tarfile.TarFile header parsing are vulnerable to ReDoS via specifically-crafted tar archives.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"2",
"5"
],
"known_not_affected": [
"3"
]
},
"remediations": [
{
"category": "vendor_fix",
"details": "Update to V3.1 or later version",
"product_ids": [
"2",
"5"
],
"url": "https://support.industry.siemens.com/cs/ww/en/view/109977557/"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"2",
"5"
]
}
],
"threats": [
{
"category": "impact",
"details": "Misinformed",
"product_ids": [
"3"
]
}
],
"title": "CVE-2024-6232"
},
{
"cve": "CVE-2024-25741",
"cwe": {
"id": "CWE-703",
"name": "Improper Check or Handling of Exceptional Conditions"
},
"notes": [
{
"category": "summary",
"text": "printer_write in drivers/usb/gadget/function/f_printer.c in the Linux kernel through 6.7.4 does not properly call usb_ep_queue, which might allow attackers to cause a denial of service or have unspecified other impact.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"2",
"5"
],
"known_not_affected": [
"3"
]
},
"remediations": [
{
"category": "vendor_fix",
"details": "Update to V3.1 or later version",
"product_ids": [
"2",
"5"
],
"url": "https://support.industry.siemens.com/cs/ww/en/view/109977557/"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"2",
"5"
]
}
],
"threats": [
{
"category": "impact",
"details": "Misinformed",
"product_ids": [
"3"
]
}
],
"title": "CVE-2024-25741"
},
{
"cve": "CVE-2024-26581",
"cwe": {
"id": "CWE-311",
"name": "Missing Encryption of Sensitive Data"
},
"notes": [
{
"category": "summary",
"text": "In the Linux kernel, the following vulnerability has been resolved:\r\n\r\nnetfilter: nft_set_rbtree: skip end interval element from gc",
"title": "Summary"
}
],
"product_status": {
"known_not_affected": [
"1",
"3",
"4"
]
},
"threats": [
{
"category": "impact",
"details": "Misinformed",
"product_ids": [
"1",
"4",
"3"
]
}
],
"title": "CVE-2024-26581"
},
{
"cve": "CVE-2024-26593",
"cwe": {
"id": "CWE-125",
"name": "Out-of-bounds Read"
},
"notes": [
{
"category": "summary",
"text": "In the Linux kernel, the following vulnerability has been resolved:\r\n\r\ni2c: i801: Fix block process call transactions",
"title": "Summary"
}
],
"product_status": {
"known_not_affected": [
"1",
"3",
"4"
]
},
"threats": [
{
"category": "impact",
"details": "Misinformed",
"product_ids": [
"1",
"4",
"3"
]
}
],
"title": "CVE-2024-26593"
},
{
"cve": "CVE-2024-26598",
"cwe": {
"id": "CWE-416",
"name": "Use After Free"
},
"notes": [
{
"category": "summary",
"text": "In the Linux kernel, the following vulnerability has been resolved:\r\n\r\nKVM: arm64: vgic-its: Avoid potential UAF in LPI translation cache",
"title": "Summary"
}
],
"product_status": {
"known_not_affected": [
"1",
"3",
"4"
]
},
"threats": [
{
"category": "impact",
"details": "Misinformed",
"product_ids": [
"1",
"4",
"3"
]
}
],
"title": "CVE-2024-26598"
},
{
"cve": "CVE-2024-26600",
"cwe": {
"id": "CWE-476",
"name": "NULL Pointer Dereference"
},
"notes": [
{
"category": "summary",
"text": "In the Linux kernel, the following vulnerability has been resolved:\r\n\r\nphy: ti: phy-omap-usb2: Fix NULL pointer dereference for SRP",
"title": "Summary"
}
],
"product_status": {
"known_not_affected": [
"1",
"3",
"4"
]
},
"threats": [
{
"category": "impact",
"details": "Misinformed",
"product_ids": [
"1",
"4",
"3"
]
}
],
"title": "CVE-2024-26600"
},
{
"cve": "CVE-2024-26602",
"cwe": {
"id": "CWE-311",
"name": "Missing Encryption of Sensitive Data"
},
"notes": [
{
"category": "summary",
"text": "In the Linux kernel, the following vulnerability has been resolved:\r\n\r\nsched/membarrier: reduce the ability to hammer on sys_membarrier",
"title": "Summary"
}
],
"product_status": {
"known_not_affected": [
"1",
"3",
"4"
]
},
"threats": [
{
"category": "impact",
"details": "Misinformed",
"product_ids": [
"1",
"4",
"3"
]
}
],
"title": "CVE-2024-26602"
},
{
"cve": "CVE-2024-26606",
"cwe": {
"id": "CWE-311",
"name": "Missing Encryption of Sensitive Data"
},
"notes": [
{
"category": "summary",
"text": "In the Linux kernel, the following vulnerability has been resolved:\r\n\r\nbinder: signal epoll threads of self-work",
"title": "Summary"
}
],
"product_status": {
"known_not_affected": [
"1",
"3",
"4"
]
},
"threats": [
{
"category": "impact",
"details": "Misinformed",
"product_ids": [
"1",
"4",
"3"
]
}
],
"title": "CVE-2024-26606"
},
{
"cve": "CVE-2024-26615",
"cwe": {
"id": "CWE-311",
"name": "Missing Encryption of Sensitive Data"
},
"notes": [
{
"category": "summary",
"text": "In the Linux kernel, the following vulnerability has been resolved:\r\n\r\nnet/smc: fix illegal rmb_desc access in SMC-D connection dump",
"title": "Summary"
}
],
"product_status": {
"known_not_affected": [
"1",
"3",
"4"
]
},
"threats": [
{
"category": "impact",
"details": "Misinformed",
"product_ids": [
"1",
"4",
"3"
]
}
],
"title": "CVE-2024-26615"
},
{
"cve": "CVE-2024-26625",
"cwe": {
"id": "CWE-416",
"name": "Use After Free"
},
"notes": [
{
"category": "summary",
"text": "In the Linux kernel, the following vulnerability has been resolved:\r\n\r\nllc: call sock_orphan() at release time",
"title": "Summary"
}
],
"product_status": {
"known_not_affected": [
"1",
"3",
"4"
]
},
"threats": [
{
"category": "impact",
"details": "Misinformed",
"product_ids": [
"1",
"4",
"3"
]
}
],
"title": "CVE-2024-26625"
},
{
"cve": "CVE-2024-26635",
"cwe": {
"id": "CWE-456",
"name": "Missing Initialization of a Variable"
},
"notes": [
{
"category": "summary",
"text": "In the Linux kernel, the following vulnerability has been resolved:\r\n\r\nllc: Drop support for ETH_P_TR_802_2.",
"title": "Summary"
}
],
"product_status": {
"known_not_affected": [
"1",
"3",
"4"
]
},
"threats": [
{
"category": "impact",
"details": "Misinformed",
"product_ids": [
"1",
"4",
"3"
]
}
],
"title": "CVE-2024-26635"
},
{
"cve": "CVE-2024-26636",
"cwe": {
"id": "CWE-413",
"name": "Improper Resource Locking"
},
"notes": [
{
"category": "summary",
"text": "In the Linux kernel, the following vulnerability has been resolved:\r\n\r\nllc: make llc_ui_sendmsg() more robust against bonding changes",
"title": "Summary"
}
],
"product_status": {
"known_not_affected": [
"1",
"3",
"4"
]
},
"threats": [
{
"category": "impact",
"details": "Misinformed",
"product_ids": [
"1",
"4",
"3"
]
}
],
"title": "CVE-2024-26636"
},
{
"cve": "CVE-2024-26645",
"cwe": {
"id": "CWE-362",
"name": "Concurrent Execution using Shared Resource with Improper Synchronization (\u0027Race Condition\u0027)"
},
"notes": [
{
"category": "summary",
"text": "In the Linux kernel, the following vulnerability has been resolved: tracing: Ensure visibility when inserting an element into tracing_map.",
"title": "Summary"
}
],
"product_status": {
"known_not_affected": [
"1",
"3",
"4"
]
},
"threats": [
{
"category": "impact",
"details": "Misinformed",
"product_ids": [
"1",
"4",
"3"
]
}
],
"title": "CVE-2024-26645"
},
{
"cve": "CVE-2024-26663",
"cwe": {
"id": "CWE-311",
"name": "Missing Encryption of Sensitive Data"
},
"notes": [
{
"category": "summary",
"text": "In the Linux kernel, the following vulnerability has been resolved:\r\n\r\ntipc: Check the bearer type before calling tipc_udp_nl_bearer_add()",
"title": "Summary"
}
],
"product_status": {
"known_not_affected": [
"1",
"3",
"4"
]
},
"threats": [
{
"category": "impact",
"details": "Misinformed",
"product_ids": [
"1",
"4",
"3"
]
}
],
"title": "CVE-2024-26663"
},
{
"cve": "CVE-2024-26664",
"cwe": {
"id": "CWE-311",
"name": "Missing Encryption of Sensitive Data"
},
"notes": [
{
"category": "summary",
"text": "In the Linux kernel, the following vulnerability has been resolved:\r\n\r\nhwmon: (coretemp) Fix out-of-bounds memory access",
"title": "Summary"
}
],
"product_status": {
"known_not_affected": [
"1",
"3",
"4"
]
},
"threats": [
{
"category": "impact",
"details": "Misinformed",
"product_ids": [
"1",
"4",
"3"
]
}
],
"title": "CVE-2024-26664"
},
{
"cve": "CVE-2024-26671",
"cwe": {
"id": "CWE-362",
"name": "Concurrent Execution using Shared Resource with Improper Synchronization (\u0027Race Condition\u0027)"
},
"notes": [
{
"category": "summary",
"text": "In the Linux kernel, the following vulnerability has been resolved: blk-mq: fix IO hang from sbitmap wakeup race.",
"title": "Summary"
}
],
"product_status": {
"known_not_affected": [
"1",
"3",
"4"
]
},
"threats": [
{
"category": "impact",
"details": "Misinformed",
"product_ids": [
"1",
"4",
"3"
]
}
],
"title": "CVE-2024-26671"
},
{
"cve": "CVE-2024-26673",
"cwe": {
"id": "CWE-311",
"name": "Missing Encryption of Sensitive Data"
},
"notes": [
{
"category": "summary",
"text": "In the Linux kernel, the following vulnerability has been resolved:\r\n\r\nnetfilter: nft_ct: sanitize layer 3 and 4 protocol number in custom expectations",
"title": "Summary"
}
],
"product_status": {
"known_not_affected": [
"1",
"3",
"4"
]
},
"threats": [
{
"category": "impact",
"details": "Misinformed",
"product_ids": [
"1",
"4",
"3"
]
}
],
"title": "CVE-2024-26673"
},
{
"cve": "CVE-2024-26675",
"cwe": {
"id": "CWE-311",
"name": "Missing Encryption of Sensitive Data"
},
"notes": [
{
"category": "summary",
"text": "In the Linux kernel, the following vulnerability has been resolved:\r\n\r\nppp_async: limit MRU to 64K",
"title": "Summary"
}
],
"product_status": {
"known_not_affected": [
"1",
"3",
"4"
]
},
"threats": [
{
"category": "impact",
"details": "Misinformed",
"product_ids": [
"1",
"4",
"3"
]
}
],
"title": "CVE-2024-26675"
},
{
"cve": "CVE-2024-26679",
"cwe": {
"id": "CWE-413",
"name": "Improper Resource Locking"
},
"notes": [
{
"category": "summary",
"text": "In the Linux kernel, the following vulnerability has been resolved:\r\n\r\ninet: read sk-\u003esk_family once in inet_recv_error()",
"title": "Summary"
}
],
"product_status": {
"known_not_affected": [
"1",
"3",
"4"
]
},
"threats": [
{
"category": "impact",
"details": "Misinformed",
"product_ids": [
"1",
"4",
"3"
]
}
],
"title": "CVE-2024-26679"
},
{
"cve": "CVE-2024-26684",
"cwe": {
"id": "CWE-311",
"name": "Missing Encryption of Sensitive Data"
},
"notes": [
{
"category": "summary",
"text": "In the Linux kernel, the following vulnerability has been resolved:\r\n\r\nnet: stmmac: xgmac: fix handling of DPP safety error for DMA channels",
"title": "Summary"
}
],
"product_status": {
"known_not_affected": [
"1",
"3",
"4"
]
},
"threats": [
{
"category": "impact",
"details": "Misinformed",
"product_ids": [
"1",
"4",
"3"
]
}
],
"title": "CVE-2024-26684"
},
{
"cve": "CVE-2024-26685",
"cwe": {
"id": "CWE-311",
"name": "Missing Encryption of Sensitive Data"
},
"notes": [
{
"category": "summary",
"text": "In the Linux kernel, the following vulnerability has been resolved:\r\n\r\nnilfs2: fix potential bug in end_buffer_async_write",
"title": "Summary"
}
],
"product_status": {
"known_not_affected": [
"1",
"3",
"4"
]
},
"threats": [
{
"category": "impact",
"details": "Misinformed",
"product_ids": [
"1",
"4",
"3"
]
}
],
"title": "CVE-2024-26685"
},
{
"cve": "CVE-2024-26688",
"cwe": {
"id": "CWE-311",
"name": "Missing Encryption of Sensitive Data"
},
"notes": [
{
"category": "summary",
"text": "In the Linux kernel, the following vulnerability has been resolved:\r\n\r\nfs,hugetlb: fix NULL pointer dereference in hugetlbs_fill_super",
"title": "Summary"
}
],
"product_status": {
"known_not_affected": [
"1",
"3",
"4"
]
},
"threats": [
{
"category": "impact",
"details": "Misinformed",
"product_ids": [
"1",
"4",
"3"
]
}
],
"title": "CVE-2024-26688"
},
{
"cve": "CVE-2024-26696",
"cwe": {
"id": "CWE-311",
"name": "Missing Encryption of Sensitive Data"
},
"notes": [
{
"category": "summary",
"text": "In the Linux kernel, the following vulnerability has been resolved:\r\n\r\nnilfs2: fix hang in nilfs_lookup_dirty_data_buffers()",
"title": "Summary"
}
],
"product_status": {
"known_not_affected": [
"1",
"3",
"4"
]
},
"threats": [
{
"category": "impact",
"details": "Misinformed",
"product_ids": [
"1",
"4",
"3"
]
}
],
"title": "CVE-2024-26696"
},
{
"cve": "CVE-2024-26697",
"cwe": {
"id": "CWE-311",
"name": "Missing Encryption of Sensitive Data"
},
"notes": [
{
"category": "summary",
"text": "In the Linux kernel, the following vulnerability has been resolved:\r\n\r\nnilfs2: fix data corruption in dsync block recovery for small block sizes",
"title": "Summary"
}
],
"product_status": {
"known_not_affected": [
"1",
"3",
"4"
]
},
"threats": [
{
"category": "impact",
"details": "Misinformed",
"product_ids": [
"1",
"4",
"3"
]
}
],
"title": "CVE-2024-26697"
},
{
"cve": "CVE-2024-26702",
"cwe": {
"id": "CWE-311",
"name": "Missing Encryption of Sensitive Data"
},
"notes": [
{
"category": "summary",
"text": "In the Linux kernel, the following vulnerability has been resolved:\r\n\r\niio: magnetometer: rm3100: add boundary check for the value read from RM3100_REG_TMRC",
"title": "Summary"
}
],
"product_status": {
"known_not_affected": [
"1",
"3",
"4"
]
},
"threats": [
{
"category": "impact",
"details": "Misinformed",
"product_ids": [
"1",
"4",
"3"
]
}
],
"title": "CVE-2024-26702"
},
{
"cve": "CVE-2024-26704",
"cwe": {
"id": "CWE-311",
"name": "Missing Encryption of Sensitive Data"
},
"notes": [
{
"category": "summary",
"text": "In the Linux kernel, the following vulnerability has been resolved:\r\n\r\next4: fix double-free of blocks due to wrong extents moved_len",
"title": "Summary"
}
],
"product_status": {
"known_not_affected": [
"1",
"3",
"4"
]
},
"threats": [
{
"category": "impact",
"details": "Misinformed",
"product_ids": [
"1",
"4",
"3"
]
}
],
"title": "CVE-2024-26704"
},
{
"cve": "CVE-2024-26720",
"cwe": {
"id": "CWE-311",
"name": "Missing Encryption of Sensitive Data"
},
"notes": [
{
"category": "summary",
"text": "In the Linux kernel, the following vulnerability has been resolved:\r\n\r\nmm/writeback: fix possible divide-by-zero in wb_dirty_limits(), again",
"title": "Summary"
}
],
"product_status": {
"known_not_affected": [
"1",
"3",
"4"
]
},
"threats": [
{
"category": "impact",
"details": "Misinformed",
"product_ids": [
"1",
"4",
"3"
]
}
],
"title": "CVE-2024-26720"
},
{
"cve": "CVE-2024-26722",
"cwe": {
"id": "CWE-311",
"name": "Missing Encryption of Sensitive Data"
},
"notes": [
{
"category": "summary",
"text": "In the Linux kernel, the following vulnerability has been resolved:\r\n\r\nASoC: rt5645: Fix deadlock in rt5645_jack_detect_work()",
"title": "Summary"
}
],
"product_status": {
"known_not_affected": [
"1",
"3",
"4"
]
},
"threats": [
{
"category": "impact",
"details": "Misinformed",
"product_ids": [
"1",
"4",
"3"
]
}
],
"title": "CVE-2024-26722"
},
{
"cve": "CVE-2024-26735",
"cwe": {
"id": "CWE-311",
"name": "Missing Encryption of Sensitive Data"
},
"notes": [
{
"category": "summary",
"text": "In the Linux kernel, the following vulnerability has been resolved:\r\n\r\nipv6: sr: fix possible use-after-free and null-ptr-deref",
"title": "Summary"
}
],
"product_status": {
"known_not_affected": [
"1",
"3",
"4"
]
},
"threats": [
{
"category": "impact",
"details": "Misinformed",
"product_ids": [
"1",
"4",
"3"
]
}
],
"title": "CVE-2024-26735"
},
{
"cve": "CVE-2024-26736",
"cwe": {
"id": "CWE-311",
"name": "Missing Encryption of Sensitive Data"
},
"notes": [
{
"category": "summary",
"text": "In the Linux kernel, the following vulnerability has been resolved:\r\n\r\nafs: Increase buffer size in afs_update_volume_status()",
"title": "Summary"
}
],
"product_status": {
"known_not_affected": [
"1",
"3",
"4"
]
},
"threats": [
{
"category": "impact",
"details": "Misinformed",
"product_ids": [
"1",
"4",
"3"
]
}
],
"title": "CVE-2024-26736"
},
{
"cve": "CVE-2024-26748",
"cwe": {
"id": "CWE-311",
"name": "Missing Encryption of Sensitive Data"
},
"notes": [
{
"category": "summary",
"text": "In the Linux kernel, the following vulnerability has been resolved:\r\n\r\nusb: cdns3: fix memory double free when handle zero packet",
"title": "Summary"
}
],
"product_status": {
"known_not_affected": [
"1",
"3",
"4"
]
},
"threats": [
{
"category": "impact",
"details": "Misinformed",
"product_ids": [
"1",
"4",
"3"
]
}
],
"title": "CVE-2024-26748"
},
{
"cve": "CVE-2024-26749",
"cwe": {
"id": "CWE-311",
"name": "Missing Encryption of Sensitive Data"
},
"notes": [
{
"category": "summary",
"text": "In the Linux kernel, the following vulnerability has been resolved:\r\n\r\nusb: cdns3: fixed memory use after free at cdns3_gadget_ep_disable()",
"title": "Summary"
}
],
"product_status": {
"known_not_affected": [
"1",
"3",
"4"
]
},
"threats": [
{
"category": "impact",
"details": "Misinformed",
"product_ids": [
"1",
"4",
"3"
]
}
],
"title": "CVE-2024-26749"
},
{
"cve": "CVE-2024-26751",
"cwe": {
"id": "CWE-311",
"name": "Missing Encryption of Sensitive Data"
},
"notes": [
{
"category": "summary",
"text": "In the Linux kernel, the following vulnerability has been resolved:\r\n\r\nARM: ep93xx: Add terminator to gpiod_lookup_table",
"title": "Summary"
}
],
"product_status": {
"known_not_affected": [
"1",
"3",
"4"
]
},
"threats": [
{
"category": "impact",
"details": "Misinformed",
"product_ids": [
"1",
"4",
"3"
]
}
],
"title": "CVE-2024-26751"
},
{
"cve": "CVE-2024-26752",
"cwe": {
"id": "CWE-311",
"name": "Missing Encryption of Sensitive Data"
},
"notes": [
{
"category": "summary",
"text": "In the Linux kernel, the following vulnerability has been resolved:\r\n\r\nl2tp: pass correct message length to ip6_append_data",
"title": "Summary"
}
],
"product_status": {
"known_not_affected": [
"1",
"3",
"4"
]
},
"threats": [
{
"category": "impact",
"details": "Misinformed",
"product_ids": [
"1",
"4",
"3"
]
}
],
"title": "CVE-2024-26752"
},
{
"cve": "CVE-2024-26754",
"cwe": {
"id": "CWE-311",
"name": "Missing Encryption of Sensitive Data"
},
"notes": [
{
"category": "summary",
"text": "In the Linux kernel, the following vulnerability has been resolved:\r\n\r\ngtp: fix use-after-free and null-ptr-deref in gtp_genl_dump_pdp()",
"title": "Summary"
}
],
"product_status": {
"known_not_affected": [
"1",
"3",
"4"
]
},
"threats": [
{
"category": "impact",
"details": "Misinformed",
"product_ids": [
"1",
"4",
"3"
]
}
],
"title": "CVE-2024-26754"
},
{
"cve": "CVE-2024-26763",
"cwe": {
"id": "CWE-311",
"name": "Missing Encryption of Sensitive Data"
},
"notes": [
{
"category": "summary",
"text": "In the Linux kernel, the following vulnerability has been resolved:\r\n\r\ndm-crypt: don\u0027t modify the data when using authenticated encryption",
"title": "Summary"
}
],
"product_status": {
"known_not_affected": [
"1",
"3",
"4"
]
},
"threats": [
{
"category": "impact",
"details": "Misinformed",
"product_ids": [
"1",
"4",
"3"
]
}
],
"title": "CVE-2024-26763"
},
{
"cve": "CVE-2024-26764",
"cwe": {
"id": "CWE-311",
"name": "Missing Encryption of Sensitive Data"
},
"notes": [
{
"category": "summary",
"text": "In the Linux kernel, the following vulnerability has been resolved:\r\n\r\nfs/aio: Restrict kiocb_set_cancel_fn() to I/O submitted via libaio",
"title": "Summary"
}
],
"product_status": {
"known_not_affected": [
"1",
"3",
"4"
]
},
"threats": [
{
"category": "impact",
"details": "Misinformed",
"product_ids": [
"1",
"4",
"3"
]
}
],
"title": "CVE-2024-26764"
},
{
"cve": "CVE-2024-26766",
"cwe": {
"id": "CWE-311",
"name": "Missing Encryption of Sensitive Data"
},
"notes": [
{
"category": "summary",
"text": "In the Linux kernel, the following vulnerability has been resolved:\r\n\r\nIB/hfi1: Fix sdma.h tx-\u003enum_descs off-by-one error",
"title": "Summary"
}
],
"product_status": {
"known_not_affected": [
"1",
"3",
"4"
]
},
"threats": [
{
"category": "impact",
"details": "Misinformed",
"product_ids": [
"1",
"4",
"3"
]
}
],
"title": "CVE-2024-26766"
},
{
"cve": "CVE-2024-26772",
"cwe": {
"id": "CWE-413",
"name": "Improper Resource Locking"
},
"notes": [
{
"category": "summary",
"text": "In the Linux kernel, the following vulnerability has been resolved:\r\n\r\next4: avoid allocating blocks from corrupted group in ext4_mb_find_by_goal()\r\n\r\nPlaces the logic for checking if the group\u0027s block bitmap is corrupt under\r\nthe protection of the group lock to avoid allocating blocks from the group\r\nwith a corrupted block bitmap.",
"title": "Summary"
}
],
"product_status": {
"known_not_affected": [
"1",
"3",
"4"
]
},
"threats": [
{
"category": "impact",
"details": "Misinformed",
"product_ids": [
"1",
"4",
"3"
]
}
],
"title": "CVE-2024-26772"
},
{
"cve": "CVE-2024-26773",
"cwe": {
"id": "CWE-413",
"name": "Improper Resource Locking"
},
"notes": [
{
"category": "summary",
"text": "In the Linux kernel, the following vulnerability has been resolved: ext4: avoid allocating blocks from corrupted group in ext4_mb_try_best_found().",
"title": "Summary"
}
],
"product_status": {
"known_not_affected": [
"1",
"3",
"4"
]
},
"threats": [
{
"category": "impact",
"details": "Misinformed",
"product_ids": [
"1",
"4",
"3"
]
}
],
"title": "CVE-2024-26773"
},
{
"cve": "CVE-2024-26777",
"cwe": {
"id": "CWE-369",
"name": "Divide By Zero"
},
"notes": [
{
"category": "summary",
"text": "In the Linux kernel, the following vulnerability has been resolved:\r\n\r\nfbdev: sis: Error out if pixclock equals zero",
"title": "Summary"
}
],
"product_status": {
"known_not_affected": [
"1",
"3",
"4"
]
},
"threats": [
{
"category": "impact",
"details": "Misinformed",
"product_ids": [
"1",
"4",
"3"
]
}
],
"title": "CVE-2024-26777"
},
{
"cve": "CVE-2024-26778",
"cwe": {
"id": "CWE-311",
"name": "Missing Encryption of Sensitive Data"
},
"notes": [
{
"category": "summary",
"text": "In the Linux kernel, the following vulnerability has been resolved:\r\n\r\nfbdev: savage: Error out if pixclock equals zero",
"title": "Summary"
}
],
"product_status": {
"known_not_affected": [
"1",
"3",
"4"
]
},
"threats": [
{
"category": "impact",
"details": "Misinformed",
"product_ids": [
"1",
"4",
"3"
]
}
],
"title": "CVE-2024-26778"
},
{
"cve": "CVE-2024-26779",
"cwe": {
"id": "CWE-311",
"name": "Missing Encryption of Sensitive Data"
},
"notes": [
{
"category": "summary",
"text": "In the Linux kernel, the following vulnerability has been resolved:\r\n\r\nwifi: mac80211: fix race condition on enabling fast-xmit",
"title": "Summary"
}
],
"product_status": {
"known_not_affected": [
"1",
"3",
"4"
]
},
"threats": [
{
"category": "impact",
"details": "Misinformed",
"product_ids": [
"1",
"4",
"3"
]
}
],
"title": "CVE-2024-26779"
},
{
"cve": "CVE-2024-26788",
"cwe": {
"id": "CWE-311",
"name": "Missing Encryption of Sensitive Data"
},
"notes": [
{
"category": "summary",
"text": "In the Linux kernel, the following vulnerability has been resolved:\r\n\r\ndmaengine: fsl-qdma: init irq after reg initialization",
"title": "Summary"
}
],
"product_status": {
"known_not_affected": [
"1",
"3",
"4"
]
},
"threats": [
{
"category": "impact",
"details": "Misinformed",
"product_ids": [
"1",
"4",
"3"
]
}
],
"title": "CVE-2024-26788"
},
{
"cve": "CVE-2024-26790",
"cwe": {
"id": "CWE-311",
"name": "Missing Encryption of Sensitive Data"
},
"notes": [
{
"category": "summary",
"text": "In the Linux kernel, the following vulnerability has been resolved:\r\n\r\ndmaengine: fsl-qdma: fix SoC may hang on 16 byte unaligned read",
"title": "Summary"
}
],
"product_status": {
"known_not_affected": [
"1",
"3",
"4"
]
},
"threats": [
{
"category": "impact",
"details": "Misinformed",
"product_ids": [
"1",
"4",
"3"
]
}
],
"title": "CVE-2024-26790"
},
{
"cve": "CVE-2024-26791",
"cwe": {
"id": "CWE-311",
"name": "Missing Encryption of Sensitive Data"
},
"notes": [
{
"category": "summary",
"text": "In the Linux kernel, the following vulnerability has been resolved:\r\n\r\nbtrfs: dev-replace: properly validate device names",
"title": "Summary"
}
],
"product_status": {
"known_not_affected": [
"1",
"3",
"4"
]
},
"threats": [
{
"category": "impact",
"details": "Misinformed",
"product_ids": [
"1",
"4",
"3"
]
}
],
"title": "CVE-2024-26791"
},
{
"cve": "CVE-2024-26793",
"cwe": {
"id": "CWE-311",
"name": "Missing Encryption of Sensitive Data"
},
"notes": [
{
"category": "summary",
"text": "In the Linux kernel, the following vulnerability has been resolved:\r\n\r\ngtp: fix use-after-free and null-ptr-deref in gtp_newlink()",
"title": "Summary"
}
],
"product_status": {
"known_not_affected": [
"1",
"3",
"4"
]
},
"threats": [
{
"category": "impact",
"details": "Misinformed",
"product_ids": [
"1",
"4",
"3"
]
}
],
"title": "CVE-2024-26793"
},
{
"cve": "CVE-2024-26801",
"cwe": {
"id": "CWE-311",
"name": "Missing Encryption of Sensitive Data"
},
"notes": [
{
"category": "summary",
"text": "In the Linux kernel, the following vulnerability has been resolved:\r\n\r\nBluetooth: Avoid potential use-after-free in hci_error_reset",
"title": "Summary"
}
],
"product_status": {
"known_not_affected": [
"1",
"3",
"4"
]
},
"threats": [
{
"category": "impact",
"details": "Misinformed",
"product_ids": [
"1",
"4",
"3"
]
}
],
"title": "CVE-2024-26801"
},
{
"cve": "CVE-2024-26804",
"cwe": {
"id": "CWE-311",
"name": "Missing Encryption of Sensitive Data"
},
"notes": [
{
"category": "summary",
"text": "In the Linux kernel, the following vulnerability has been resolved:\r\n\r\nnet: ip_tunnel: prevent perpetual headroom growth",
"title": "Summary"
}
],
"product_status": {
"known_not_affected": [
"1",
"3",
"4"
]
},
"threats": [
{
"category": "impact",
"details": "Misinformed",
"product_ids": [
"1",
"4",
"3"
]
}
],
"title": "CVE-2024-26804"
},
{
"cve": "CVE-2024-26805",
"cwe": {
"id": "CWE-416",
"name": "Use After Free"
},
"notes": [
{
"category": "summary",
"text": "In the Linux kernel, the following vulnerability has been resolved: netlink: Fix kernel-infoleak-after-free in skb_datagram_iter.",
"title": "Summary"
}
],
"product_status": {
"known_not_affected": [
"1",
"3",
"4"
]
},
"threats": [
{
"category": "impact",
"details": "Misinformed",
"product_ids": [
"1",
"4",
"3"
]
}
],
"title": "CVE-2024-26805"
},
{
"cve": "CVE-2024-26825",
"cwe": {
"id": "CWE-402",
"name": "Transmission of Private Resources into a New Sphere (\u0027Resource Leak\u0027)"
},
"notes": [
{
"category": "summary",
"text": "In the Linux kernel, the following vulnerability has been resolved:\r\n\r\nnfc: nci: free rx_data_reassembly skb on NCI device cleanup",
"title": "Summary"
}
],
"product_status": {
"known_not_affected": [
"1",
"3",
"4"
]
},
"threats": [
{
"category": "impact",
"details": "Misinformed",
"product_ids": [
"1",
"4",
"3"
]
}
],
"title": "CVE-2024-26825"
},
{
"cve": "CVE-2024-26835",
"cwe": {
"id": "CWE-459",
"name": "Incomplete Cleanup"
},
"notes": [
{
"category": "summary",
"text": "In the Linux kernel, the following vulnerability has been resolved:\r\n\r\nnetfilter: nf_tables: set dormant flag on hook register failure",
"title": "Summary"
}
],
"product_status": {
"known_not_affected": [
"1",
"3",
"4"
]
},
"threats": [
{
"category": "impact",
"details": "Misinformed",
"product_ids": [
"1",
"4",
"3"
]
}
],
"title": "CVE-2024-26835"
},
{
"cve": "CVE-2024-26839",
"cwe": {
"id": "CWE-402",
"name": "Transmission of Private Resources into a New Sphere (\u0027Resource Leak\u0027)"
},
"notes": [
{
"category": "summary",
"text": "In the Linux kernel, the following vulnerability has been resolved:\r\n\r\nIB/hfi1: Fix a memleak in init_credit_return",
"title": "Summary"
}
],
"product_status": {
"known_not_affected": [
"1",
"3",
"4"
]
},
"threats": [
{
"category": "impact",
"details": "Misinformed",
"product_ids": [
"1",
"4",
"3"
]
}
],
"title": "CVE-2024-26839"
},
{
"cve": "CVE-2024-26840",
"cwe": {
"id": "CWE-402",
"name": "Transmission of Private Resources into a New Sphere (\u0027Resource Leak\u0027)"
},
"notes": [
{
"category": "summary",
"text": "In the Linux kernel, the following vulnerability has been resolved:\r\n\r\ncachefiles: fix memory leak in cachefiles_add_cache()",
"title": "Summary"
}
],
"product_status": {
"known_not_affected": [
"1",
"3",
"4"
]
},
"threats": [
{
"category": "impact",
"details": "Misinformed",
"product_ids": [
"1",
"4",
"3"
]
}
],
"title": "CVE-2024-26840"
},
{
"cve": "CVE-2024-26845",
"cwe": {
"id": "CWE-99",
"name": "Improper Control of Resource Identifiers (\u0027Resource Injection\u0027)"
},
"notes": [
{
"category": "summary",
"text": "In the Linux kernel, the following vulnerability has been resolved:\r\n\r\nscsi: target: core: Add TMF to tmr_list handling",
"title": "Summary"
}
],
"product_status": {
"known_not_affected": [
"1",
"3",
"4"
]
},
"threats": [
{
"category": "impact",
"details": "Misinformed",
"product_ids": [
"1",
"4",
"3"
]
}
],
"title": "CVE-2024-26845"
},
{
"cve": "CVE-2024-26900",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"notes": [
{
"category": "summary",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nmd: fix kmemleak of rdev-\u003eserial\n\nIf kobject_add() is fail in bind_rdev_to_array(), \u0027rdev-\u003eserial\u0027 will be\nalloc not be freed, and kmemleak occurs.\n\nunreferenced object 0xffff88815a350000 (size 49152):\n comm \"mdadm\", pid 789, jiffies 4294716910\n hex dump (first 32 bytes):\n 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................\n 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................\n backtrace (crc f773277a):\n [\u003c0000000058b0a453\u003e] kmemleak_alloc+0x61/0xe0\n [\u003c00000000366adf14\u003e] __kmalloc_large_node+0x15e/0x270\n [\u003c000000002e82961b\u003e] __kmalloc_node.cold+0x11/0x7f\n [\u003c00000000f206d60a\u003e] kvmalloc_node+0x74/0x150\n [\u003c0000000034bf3363\u003e] rdev_init_serial+0x67/0x170\n [\u003c0000000010e08fe9\u003e] mddev_create_serial_pool+0x62/0x220\n [\u003c00000000c3837bf0\u003e] bind_rdev_to_array+0x2af/0x630\n [\u003c0000000073c28560\u003e] md_add_new_disk+0x400/0x9f0\n [\u003c00000000770e30ff\u003e] md_ioctl+0x15bf/0x1c10\n [\u003c000000006cfab718\u003e] blkdev_ioctl+0x191/0x3f0\n [\u003c0000000085086a11\u003e] vfs_ioctl+0x22/0x60\n [\u003c0000000018b656fe\u003e] __x64_sys_ioctl+0xba/0xe0\n [\u003c00000000e54e675e\u003e] do_syscall_64+0x71/0x150\n [\u003c000000008b0ad622\u003e] entry_SYSCALL_64_after_hwframe+0x6c/0x74",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"2",
"5"
],
"known_not_affected": [
"3"
]
},
"remediations": [
{
"category": "vendor_fix",
"details": "Update to V3.1 or later version",
"product_ids": [
"2",
"5"
],
"url": "https://support.industry.siemens.com/cs/ww/en/view/109977557/"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 0.0,
"baseSeverity": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:N/A:N",
"version": "3.1"
},
"products": [
"2",
"5"
]
}
],
"threats": [
{
"category": "impact",
"details": "Misinformed",
"product_ids": [
"3"
]
}
],
"title": "CVE-2024-26900"
},
{
"cve": "CVE-2024-26910",
"cwe": {
"id": "CWE-362",
"name": "Concurrent Execution using Shared Resource with Improper Synchronization (\u0027Race Condition\u0027)"
},
"notes": [
{
"category": "summary",
"text": "In the Linux kernel, the following vulnerability has been resolved:\r\n\r\nnetfilter: ipset: fix performance regression in swap operation",
"title": "Summary"
}
],
"product_status": {
"known_not_affected": [
"1",
"3",
"4"
]
},
"threats": [
{
"category": "impact",
"details": "Misinformed",
"product_ids": [
"1",
"4",
"3"
]
}
],
"title": "CVE-2024-26910"
},
{
"cve": "CVE-2024-26923",
"cwe": {
"id": "CWE-362",
"name": "Concurrent Execution using Shared Resource with Improper Synchronization (\u0027Race Condition\u0027)"
},
"notes": [
{
"category": "summary",
"text": "In the Linux kernel, the following vulnerability has been resolved: af_unix: Fix garbage collector racing against connect().",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"2",
"5"
],
"known_not_affected": [
"3"
]
},
"remediations": [
{
"category": "vendor_fix",
"details": "Update to V3.1 or later version",
"product_ids": [
"2",
"5"
],
"url": "https://support.industry.siemens.com/cs/ww/en/view/109977557/"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.0,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"2",
"5"
]
}
],
"threats": [
{
"category": "impact",
"details": "Misinformed",
"product_ids": [
"3"
]
}
],
"title": "CVE-2024-26923"
},
{
"cve": "CVE-2024-26924",
"cwe": {
"id": "CWE-476",
"name": "NULL Pointer Dereference"
},
"notes": [
{
"category": "summary",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnetfilter: nft_set_pipapo: do not free live element\n\nPablo reports a crash with large batches of elements with a\nback-to-back add/remove pattern. Quoting Pablo:\n\n add_elem(\"00000000\") timeout 100 ms\n ...\n add_elem(\"0000000X\") timeout 100 ms\n del_elem(\"0000000X\") \u003c---------------- delete one that was just added\n ...\n add_elem(\"00005000\") timeout 100 ms\n\n 1) nft_pipapo_remove() removes element 0000000X\n Then, KASAN shows a splat.\n\nLooking at the remove function there is a chance that we will drop a\nrule that maps to a non-deactivated element.\n\nRemoval happens in two steps, first we do a lookup for key k and return the\nto-be-removed element and mark it as inactive in the next generation.\nThen, in a second step, the element gets removed from the set/map.\n\nThe _remove function does not work correctly if we have more than one\nelement that share the same key.\n\nThis can happen if we insert an element into a set when the set already\nholds an element with same key, but the element mapping to the existing\nkey has timed out or is not active in the next generation.\n\nIn such case its possible that removal will unmap the wrong element.\nIf this happens, we will leak the non-deactivated element, it becomes\nunreachable.\n\nThe element that got deactivated (and will be freed later) will\nremain reachable in the set data structure, this can result in\na crash when such an element is retrieved during lookup (stale\npointer).\n\nAdd a check that the fully matching key does in fact map to the element\nthat we have marked as inactive in the deactivation step.\nIf not, we need to continue searching.\n\nAdd a bug/warn trap at the end of the function as well, the remove\nfunction must not ever be called with an invisible/unreachable/non-existent\nelement.\n\nv2: avoid uneeded temporary variable (Stefano)",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"2",
"5"
],
"known_not_affected": [
"3"
]
},
"remediations": [
{
"category": "vendor_fix",
"details": "Update to V3.1 or later version",
"product_ids": [
"2",
"5"
],
"url": "https://support.industry.siemens.com/cs/ww/en/view/109977557/"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"2",
"5"
]
}
],
"threats": [
{
"category": "impact",
"details": "Misinformed",
"product_ids": [
"3"
]
}
],
"title": "CVE-2024-26924"
},
{
"cve": "CVE-2024-26926",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"notes": [
{
"category": "summary",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nbinder: check offset alignment in binder_get_object()\n\nCommit 6d98eb95b450 (\"binder: avoid potential data leakage when copying\ntxn\") introduced changes to how binder objects are copied. In doing so,\nit unintentionally removed an offset alignment check done through calls\nto binder_alloc_copy_from_buffer() -\u003e check_buffer().\n\nThese calls were replaced in binder_get_object() with copy_from_user(),\nso now an explicit offset alignment check is needed here. This avoids\nlater complications when unwinding the objects gets harder.\n\nIt is worth noting this check existed prior to commit 7a67a39320df\n(\"binder: add function to copy binder object from buffer\"), likely\nremoved due to redundancy at the time.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"2",
"5"
],
"known_not_affected": [
"3"
]
},
"remediations": [
{
"category": "vendor_fix",
"details": "Update to V3.1 or later version",
"product_ids": [
"2",
"5"
],
"url": "https://support.industry.siemens.com/cs/ww/en/view/109977557/"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 0.0,
"baseSeverity": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:N/A:N",
"version": "3.1"
},
"products": [
"2",
"5"
]
}
],
"threats": [
{
"category": "impact",
"details": "Misinformed",
"product_ids": [
"3"
]
}
],
"title": "CVE-2024-26926"
},
{
"cve": "CVE-2024-26988",
"cwe": {
"id": "CWE-120",
"name": "Buffer Copy without Checking Size of Input (\u0027Classic Buffer Overflow\u0027)"
},
"notes": [
{
"category": "summary",
"text": "In the Linux kernel, the following vulnerability has been resolved:\r\n\r\ninit/main.c: Fix potential static_command_line memory overflow",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"2",
"5"
],
"known_not_affected": [
"3"
]
},
"remediations": [
{
"category": "vendor_fix",
"details": "Update to V3.1 or later version",
"product_ids": [
"2",
"5"
],
"url": "https://support.industry.siemens.com/cs/ww/en/view/109977557/"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"2",
"5"
]
}
],
"threats": [
{
"category": "impact",
"details": "Misinformed",
"product_ids": [
"3"
]
}
],
"title": "CVE-2024-26988"
},
{
"cve": "CVE-2024-26993",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"notes": [
{
"category": "summary",
"text": "In the Linux kernel, the following vulnerability has been resolved:\r\n\r\nfs: sysfs: Fix reference leak in sysfs_break_active_protection()",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"2",
"5"
],
"known_not_affected": [
"3"
]
},
"remediations": [
{
"category": "vendor_fix",
"details": "Update to V3.1 or later version",
"product_ids": [
"2",
"5"
],
"url": "https://support.industry.siemens.com/cs/ww/en/view/109977557/"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"2",
"5"
]
}
],
"threats": [
{
"category": "impact",
"details": "Misinformed",
"product_ids": [
"3"
]
}
],
"title": "CVE-2024-26993"
},
{
"cve": "CVE-2024-26994",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"notes": [
{
"category": "summary",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nspeakup: Avoid crash on very long word\n\nIn case a console is set up really large and contains a really long word\n(\u003e 256 characters), we have to stop before the length of the word buffer.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"2",
"5"
],
"known_not_affected": [
"3"
]
},
"remediations": [
{
"category": "vendor_fix",
"details": "Update to V3.1 or later version",
"product_ids": [
"2",
"5"
],
"url": "https://support.industry.siemens.com/cs/ww/en/view/109977557/"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L",
"version": "3.1"
},
"products": [
"2",
"5"
]
}
],
"threats": [
{
"category": "impact",
"details": "Misinformed",
"product_ids": [
"3"
]
}
],
"title": "CVE-2024-26994"
},
{
"cve": "CVE-2024-26997",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"notes": [
{
"category": "summary",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nusb: dwc2: host: Fix dereference issue in DDMA completion flow.\n\nFixed variable dereference issue in DDMA completion flow.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"2",
"5"
],
"known_not_affected": [
"3"
]
},
"remediations": [
{
"category": "vendor_fix",
"details": "Update to V3.1 or later version",
"product_ids": [
"2",
"5"
],
"url": "https://support.industry.siemens.com/cs/ww/en/view/109977557/"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 0.0,
"baseSeverity": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:N/A:N",
"version": "3.1"
},
"products": [
"2",
"5"
]
}
],
"threats": [
{
"category": "impact",
"details": "Misinformed",
"product_ids": [
"3"
]
}
],
"title": "CVE-2024-26997"
},
{
"cve": "CVE-2024-26999",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"notes": [
{
"category": "summary",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nserial/pmac_zilog: Remove flawed mitigation for rx irq flood\n\nThe mitigation was intended to stop the irq completely. That may be\nbetter than a hard lock-up but it turns out that you get a crash anyway\nif you\u0027re using pmac_zilog as a serial console:\n\nttyPZ0: pmz: rx irq flood !\nBUG: spinlock recursion on CPU#0, swapper/0\n\nThat\u0027s because the pr_err() call in pmz_receive_chars() results in\npmz_console_write() attempting to lock a spinlock already locked in\npmz_interrupt(). With CONFIG_DEBUG_SPINLOCK=y, this produces a fatal\nBUG splat. The spinlock in question is the one in struct uart_port.\n\nEven when it\u0027s not fatal, the serial port rx function ceases to work.\nAlso, the iteration limit doesn\u0027t play nicely with QEMU, as can be\nseen in the bug report linked below.\n\nA web search for other reports of the error message \"pmz: rx irq flood\"\ndidn\u0027t produce anything. So I don\u0027t think this code is needed any more.\nRemove it.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"2",
"5"
],
"known_not_affected": [
"3"
]
},
"remediations": [
{
"category": "vendor_fix",
"details": "Update to V3.1 or later version",
"product_ids": [
"2",
"5"
],
"url": "https://support.industry.siemens.com/cs/ww/en/view/109977557/"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 0.0,
"baseSeverity": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:N/A:N",
"version": "3.1"
},
"products": [
"2",
"5"
]
}
],
"threats": [
{
"category": "impact",
"details": "Misinformed",
"product_ids": [
"3"
]
}
],
"title": "CVE-2024-26999"
},
{
"cve": "CVE-2024-27000",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"notes": [
{
"category": "summary",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nserial: mxs-auart: add spinlock around changing cts state\n\nThe uart_handle_cts_change() function in serial_core expects the caller\nto hold uport-\u003elock. For example, I have seen the below kernel splat,\nwhen the Bluetooth driver is loaded on an i.MX28 board.\n\n [ 85.119255] ------------[ cut here ]------------\n [ 85.124413] WARNING: CPU: 0 PID: 27 at /drivers/tty/serial/serial_core.c:3453 uart_handle_cts_change+0xb4/0xec\n [ 85.134694] Modules linked in: hci_uart bluetooth ecdh_generic ecc wlcore_sdio configfs\n [ 85.143314] CPU: 0 PID: 27 Comm: kworker/u3:0 Not tainted 6.6.3-00021-gd62a2f068f92 #1\n [ 85.151396] Hardware name: Freescale MXS (Device Tree)\n [ 85.156679] Workqueue: hci0 hci_power_on [bluetooth]\n (...)\n [ 85.191765] uart_handle_cts_change from mxs_auart_irq_handle+0x380/0x3f4\n [ 85.198787] mxs_auart_irq_handle from __handle_irq_event_percpu+0x88/0x210\n (...)",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"2",
"5"
],
"known_not_affected": [
"3"
]
},
"remediations": [
{
"category": "vendor_fix",
"details": "Update to V3.1 or later version",
"product_ids": [
"2",
"5"
],
"url": "https://support.industry.siemens.com/cs/ww/en/view/109977557/"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 0.0,
"baseSeverity": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:N/A:N",
"version": "3.1"
},
"products": [
"2",
"5"
]
}
],
"threats": [
{
"category": "impact",
"details": "Misinformed",
"product_ids": [
"3"
]
}
],
"title": "CVE-2024-27000"
},
{
"cve": "CVE-2024-27001",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"notes": [
{
"category": "summary",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ncomedi: vmk80xx: fix incomplete endpoint checking\n\nWhile vmk80xx does have endpoint checking implemented, some things\ncan fall through the cracks. Depending on the hardware model,\nURBs can have either bulk or interrupt type, and current version\nof vmk80xx_find_usb_endpoints() function does not take that fully\ninto account. While this warning does not seem to be too harmful,\nat the very least it will crash systems with \u0027panic_on_warn\u0027 set on\nthem.\n\nFix the issue found by Syzkaller [1] by somewhat simplifying the\nendpoint checking process with usb_find_common_endpoints() and\nensuring that only expected endpoint types are present.\n\nThis patch has not been tested on real hardware.\n\n[1] Syzkaller report:\nusb 1-1: BOGUS urb xfer, pipe 1 != type 3\nWARNING: CPU: 0 PID: 781 at drivers/usb/core/urb.c:504 usb_submit_urb+0xc4e/0x18c0 drivers/usb/core/urb.c:503\n...\nCall Trace:\n \u003cTASK\u003e\n usb_start_wait_urb+0x113/0x520 drivers/usb/core/message.c:59\n vmk80xx_reset_device drivers/comedi/drivers/vmk80xx.c:227 [inline]\n vmk80xx_auto_attach+0xa1c/0x1a40 drivers/comedi/drivers/vmk80xx.c:818\n comedi_auto_config+0x238/0x380 drivers/comedi/drivers.c:1067\n usb_probe_interface+0x5cd/0xb00 drivers/usb/core/driver.c:399\n...\n\nSimilar issue also found by Syzkaller:",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"2",
"5"
],
"known_not_affected": [
"3"
]
},
"remediations": [
{
"category": "vendor_fix",
"details": "Update to V3.1 or later version",
"product_ids": [
"2",
"5"
],
"url": "https://support.industry.siemens.com/cs/ww/en/view/109977557/"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 0.0,
"baseSeverity": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:N/A:N",
"version": "3.1"
},
"products": [
"2",
"5"
]
}
],
"threats": [
{
"category": "impact",
"details": "Misinformed",
"product_ids": [
"3"
]
}
],
"title": "CVE-2024-27001"
},
{
"cve": "CVE-2024-27004",
"cwe": {
"id": "CWE-667",
"name": "Improper Locking"
},
"notes": [
{
"category": "summary",
"text": "In the Linux kernel, the following vulnerability has been resolved:\r\n\r\nclk: Get runtime PM before walking tree during disable_unused",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"2",
"5"
],
"known_not_affected": [
"3"
]
},
"remediations": [
{
"category": "vendor_fix",
"details": "Update to V3.1 or later version",
"product_ids": [
"2",
"5"
],
"url": "https://support.industry.siemens.com/cs/ww/en/view/109977557/"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"2",
"5"
]
}
],
"threats": [
{
"category": "impact",
"details": "Misinformed",
"product_ids": [
"3"
]
}
],
"title": "CVE-2024-27004"
},
{
"cve": "CVE-2024-27013",
"cwe": {
"id": "CWE-770",
"name": "Allocation of Resources Without Limits or Throttling"
},
"notes": [
{
"category": "summary",
"text": "In the Linux kernel, the following vulnerability has been resolved:\r\n\r\ntun: limit printing rate when illegal packet received by tun dev\r\n\r\nvhost_worker will call tun call backs to receive packets. If too many\r\nillegal packets arrives, tun_do_read will keep dumping packet contents.\r\nWhen console is enabled, it will costs much more cpu time to dump\r\npacket and soft lockup will be detected.\r\n\r\nnet_ratelimit mechanism can be used to limit the dumping rate.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"2",
"5"
],
"known_not_affected": [
"3"
]
},
"remediations": [
{
"category": "vendor_fix",
"details": "Update to V3.1 or later version",
"product_ids": [
"2",
"5"
],
"url": "https://support.industry.siemens.com/cs/ww/en/view/109977557/"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"2",
"5"
]
}
],
"threats": [
{
"category": "impact",
"details": "Misinformed",
"product_ids": [
"3"
]
}
],
"title": "CVE-2024-27013"
},
{
"cve": "CVE-2024-27019",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"notes": [
{
"category": "summary",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnetfilter: nf_tables: Fix potential data-race in __nft_obj_type_get()\n\nnft_unregister_obj() can concurrent with __nft_obj_type_get(),\nand there is not any protection when iterate over nf_tables_objects\nlist in __nft_obj_type_get(). Therefore, there is potential data-race\nof nf_tables_objects list entry.\n\nUse list_for_each_entry_rcu() to iterate over nf_tables_objects\nlist in __nft_obj_type_get(), and use rcu_read_lock() in the caller\nnft_obj_type_get() to protect the entire type query process.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"2",
"5"
],
"known_not_affected": [
"3"
]
},
"remediations": [
{
"category": "vendor_fix",
"details": "Update to V3.1 or later version",
"product_ids": [
"2",
"5"
],
"url": "https://support.industry.siemens.com/cs/ww/en/view/109977557/"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 0.0,
"baseSeverity": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:N/A:N",
"version": "3.1"
},
"products": [
"2",
"5"
]
}
],
"threats": [
{
"category": "impact",
"details": "Misinformed",
"product_ids": [
"3"
]
}
],
"title": "CVE-2024-27019"
},
{
"cve": "CVE-2024-27020",
"cwe": {
"id": "CWE-362",
"name": "Concurrent Execution using Shared Resource with Improper Synchronization (\u0027Race Condition\u0027)"
},
"notes": [
{
"category": "summary",
"text": "In the Linux kernel, the following vulnerability has been resolved: netfilter: nf_tables: Fix potential data-race in nft_expr_type_get().",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"2",
"5"
],
"known_not_affected": [
"3"
]
},
"remediations": [
{
"category": "vendor_fix",
"details": "Update to V3.1 or later version",
"product_ids": [
"2",
"5"
],
"url": "https://support.industry.siemens.com/cs/ww/en/view/109977557/"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"2",
"5"
]
}
],
"threats": [
{
"category": "impact",
"details": "Misinformed",
"product_ids": [
"3"
]
}
],
"title": "CVE-2024-27020"
},
{
"cve": "CVE-2024-27395",
"cwe": {
"id": "CWE-416",
"name": "Use After Free"
},
"notes": [
{
"category": "summary",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: openvswitch: Fix Use-After-Free in ovs_ct_exit\n\nSince kfree_rcu, which is called in the hlist_for_each_entry_rcu traversal\nof ovs_ct_limit_exit, is not part of the RCU read critical section, it\nis possible that the RCU grace period will pass during the traversal and\nthe key will be free.\n\nTo prevent this, it should be changed to hlist_for_each_entry_safe.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"2",
"5"
],
"known_not_affected": [
"3"
]
},
"remediations": [
{
"category": "vendor_fix",
"details": "Update to V3.1 or later version",
"product_ids": [
"2",
"5"
],
"url": "https://support.industry.siemens.com/cs/ww/en/view/109977557/"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"2",
"5"
]
}
],
"threats": [
{
"category": "impact",
"details": "Misinformed",
"product_ids": [
"3"
]
}
],
"title": "CVE-2024-27395"
},
{
"cve": "CVE-2024-27396",
"cwe": {
"id": "CWE-416",
"name": "Use After Free"
},
"notes": [
{
"category": "summary",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: gtp: Fix Use-After-Free in gtp_dellink\n\nSince call_rcu, which is called in the hlist_for_each_entry_rcu traversal\nof gtp_dellink, is not part of the RCU read critical section, it\nis possible that the RCU grace period will pass during the traversal and\nthe key will be free.\n\nTo prevent this, it should be changed to hlist_for_each_entry_safe.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"2",
"5"
],
"known_not_affected": [
"3"
]
},
"remediations": [
{
"category": "vendor_fix",
"details": "Update to V3.1 or later version",
"product_ids": [
"2",
"5"
],
"url": "https://support.industry.siemens.com/cs/ww/en/view/109977557/"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"2",
"5"
]
}
],
"threats": [
{
"category": "impact",
"details": "Misinformed",
"product_ids": [
"3"
]
}
],
"title": "CVE-2024-27396"
},
{
"cve": "CVE-2024-27405",
"cwe": {
"id": "CWE-311",
"name": "Missing Encryption of Sensitive Data"
},
"notes": [
{
"category": "summary",
"text": "In the Linux kernel, the following vulnerability has been resolved:\r\n\r\nusb: gadget: ncm: Avoid dropping datagrams of properly parsed NTBs",
"title": "Summary"
}
],
"product_status": {
"known_not_affected": [
"1",
"3",
"4"
]
},
"threats": [
{
"category": "impact",
"details": "Misinformed",
"product_ids": [
"1",
"4",
"3"
]
}
],
"title": "CVE-2024-27405"
},
{
"cve": "CVE-2024-27410",
"cwe": {
"id": "CWE-311",
"name": "Missing Encryption of Sensitive Data"
},
"notes": [
{
"category": "summary",
"text": "In the Linux kernel, the following vulnerability has been resolved:\r\n\r\nwifi: nl80211: reject iftype change with mesh ID change",
"title": "Summary"
}
],
"product_status": {
"known_not_affected": [
"1",
"3",
"4"
]
},
"threats": [
{
"category": "impact",
"details": "Misinformed",
"product_ids": [
"1",
"4",
"3"
]
}
],
"title": "CVE-2024-27410"
},
{
"cve": "CVE-2024-27412",
"cwe": {
"id": "CWE-311",
"name": "Missing Encryption of Sensitive Data"
},
"notes": [
{
"category": "summary",
"text": "In the Linux kernel, the following vulnerability has been resolved:\r\n\r\npower: supply: bq27xxx-i2c: Do not free non existing IRQ",
"title": "Summary"
}
],
"product_status": {
"known_not_affected": [
"1",
"3",
"4"
]
},
"threats": [
{
"category": "impact",
"details": "Misinformed",
"product_ids": [
"1",
"4",
"3"
]
}
],
"title": "CVE-2024-27412"
},
{
"cve": "CVE-2024-27413",
"cwe": {
"id": "CWE-311",
"name": "Missing Encryption of Sensitive Data"
},
"notes": [
{
"category": "summary",
"text": "In the Linux kernel, the following vulnerability has been resolved:\r\n\r\nefi/capsule-loader: fix incorrect allocation size",
"title": "Summary"
}
],
"product_status": {
"known_not_affected": [
"1",
"3",
"4"
]
},
"threats": [
{
"category": "impact",
"details": "Misinformed",
"product_ids": [
"1",
"4",
"3"
]
}
],
"title": "CVE-2024-27413"
},
{
"cve": "CVE-2024-27414",
"cwe": {
"id": "CWE-311",
"name": "Missing Encryption of Sensitive Data"
},
"notes": [
{
"category": "summary",
"text": "In the Linux kernel, the following vulnerability has been resolved:\r\n\r\nrtnetlink: fix error logic of IFLA_BRIDGE_FLAGS writing back",
"title": "Summary"
}
],
"product_status": {
"known_not_affected": [
"1",
"3",
"4"
]
},
"threats": [
{
"category": "impact",
"details": "Misinformed",
"product_ids": [
"1",
"4",
"3"
]
}
],
"title": "CVE-2024-27414"
},
{
"cve": "CVE-2024-27416",
"cwe": {
"id": "CWE-311",
"name": "Missing Encryption of Sensitive Data"
},
"notes": [
{
"category": "summary",
"text": "In the Linux kernel, the following vulnerability has been resolved:\r\n\r\nBluetooth: hci_event: Fix handling of HCI_EV_IO_CAPA_REQUEST",
"title": "Summary"
}
],
"product_status": {
"known_not_affected": [
"1",
"3",
"4"
]
},
"threats": [
{
"category": "impact",
"details": "Misinformed",
"product_ids": [
"1",
"4",
"3"
]
}
],
"title": "CVE-2024-27416"
},
{
"cve": "CVE-2024-27417",
"cwe": {
"id": "CWE-311",
"name": "Missing Encryption of Sensitive Data"
},
"notes": [
{
"category": "summary",
"text": "In the Linux kernel, the following vulnerability has been resolved:\r\n\r\nipv6: fix potential \"struct net\" leak in inet6_rtm_getaddr()",
"title": "Summary"
}
],
"product_status": {
"known_not_affected": [
"1",
"3",
"4"
]
},
"threats": [
{
"category": "impact",
"details": "Misinformed",
"product_ids": [
"1",
"4",
"3"
]
}
],
"title": "CVE-2024-27417"
},
{
"cve": "CVE-2024-31076",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"notes": [
{
"category": "summary",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ngenirq/cpuhotplug, x86/vector: Prevent vector leak during CPU offline\n\nThe absence of IRQD_MOVE_PCNTXT prevents immediate effectiveness of\ninterrupt affinity reconfiguration via procfs. Instead, the change is\ndeferred until the next instance of the interrupt being triggered on the\noriginal CPU.\n\nWhen the interrupt next triggers on the original CPU, the new affinity is\nenforced within __irq_move_irq(). A vector is allocated from the new CPU,\nbut the old vector on the original CPU remains and is not immediately\nreclaimed. Instead, apicd-\u003emove_in_progress is flagged, and the reclaiming\nprocess is delayed until the next trigger of the interrupt on the new CPU.\n\nUpon the subsequent triggering of the interrupt on the new CPU,\nirq_complete_move() adds a task to the old CPU\u0027s vector_cleanup list if it\nremains online. Subsequently, the timer on the old CPU iterates over its\nvector_cleanup list, reclaiming old vectors.\n\nHowever, a rare scenario arises if the old CPU is outgoing before the\ninterrupt triggers again on the new CPU.\n\nIn that case irq_force_complete_move() is not invoked on the outgoing CPU\nto reclaim the old apicd-\u003eprev_vector because the interrupt isn\u0027t currently\naffine to the outgoing CPU, and irq_needs_fixup() returns false. Even\nthough __vector_schedule_cleanup() is later called on the new CPU, it\ndoesn\u0027t reclaim apicd-\u003eprev_vector; instead, it simply resets both\napicd-\u003emove_in_progress and apicd-\u003eprev_vector to 0.\n\nAs a result, the vector remains unreclaimed in vector_matrix, leading to a\nCPU vector leak.\n\nTo address this issue, move the invocation of irq_force_complete_move()\nbefore the irq_needs_fixup() call to reclaim apicd-\u003eprev_vector, if the\ninterrupt is currently or used to be affine to the outgoing CPU.\n\nAdditionally, reclaim the vector in __vector_schedule_cleanup() as well,\nfollowing a warning message, although theoretically it should never see\napicd-\u003emove_in_progress with apicd-\u003eprev_cpu pointing to an offline CPU.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"2",
"5"
],
"known_not_affected": [
"3"
]
},
"remediations": [
{
"category": "vendor_fix",
"details": "Update to V3.1 or later version",
"product_ids": [
"2",
"5"
],
"url": "https://support.industry.siemens.com/cs/ww/en/view/109977557/"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 0.0,
"baseSeverity": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:N/A:N",
"version": "3.1"
},
"products": [
"2",
"5"
]
}
],
"threats": [
{
"category": "impact",
"details": "Misinformed",
"product_ids": [
"3"
]
}
],
"title": "CVE-2024-31076"
},
{
"cve": "CVE-2024-33621",
"cwe": {
"id": "CWE-1287",
"name": "Improper Validation of Specified Type of Input"
},
"notes": [
{
"category": "summary",
"text": "In the Linux kernel, the following vulnerability has been resolved: ipvlan: Dont Use skb-\u003esk in ipvlan_process_v4 / 6_outbound.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"2",
"5"
],
"known_not_affected": [
"3"
]
},
"remediations": [
{
"category": "vendor_fix",
"details": "Update to V3.1 or later version",
"product_ids": [
"2",
"5"
],
"url": "https://support.industry.siemens.com/cs/ww/en/view/109977557/"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.4,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"2",
"5"
]
}
],
"threats": [
{
"category": "impact",
"details": "Misinformed",
"product_ids": [
"3"
]
}
],
"title": "CVE-2024-33621"
},
{
"cve": "CVE-2024-34397",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"notes": [
{
"category": "summary",
"text": "An issue was discovered in GNOME GLib before 2.78.5, and 2.79.x and 2.80.x before 2.80.1. When a GDBus-based client subscribes to signals from a trusted system service such as NetworkManager on a shared computer, other users of the same computer can send spoofed D-Bus signals that the GDBus-based client will wrongly interpret as having been sent by the trusted system service. This could lead to the GDBus-based client behaving incorrectly, with an application-dependent impact.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"2",
"5"
],
"known_not_affected": [
"3"
]
},
"remediations": [
{
"category": "vendor_fix",
"details": "Update to V3.1 or later version",
"product_ids": [
"2",
"5"
],
"url": "https://support.industry.siemens.com/cs/ww/en/view/109977557/"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.2,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:L",
"version": "3.1"
},
"products": [
"2",
"5"
]
}
],
"threats": [
{
"category": "impact",
"details": "Misinformed",
"product_ids": [
"3"
]
}
],
"title": "CVE-2024-34397"
},
{
"cve": "CVE-2024-35247",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"notes": [
{
"category": "summary",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nfpga: region: add owner module and take its refcount\n\nThe current implementation of the fpga region assumes that the low-level\nmodule registers a driver for the parent device and uses its owner pointer\nto take the module\u0027s refcount. This approach is problematic since it can\nlead to a null pointer dereference while attempting to get the region\nduring programming if the parent device does not have a driver.\n\nTo address this problem, add a module owner pointer to the fpga_region\nstruct and use it to take the module\u0027s refcount. Modify the functions for\nregistering a region to take an additional owner module parameter and\nrename them to avoid conflicts. Use the old function names for helper\nmacros that automatically set the module that registers the region as the\nowner. This ensures compatibility with existing low-level control modules\nand reduces the chances of registering a region without setting the owner.\n\nAlso, update the documentation to keep it consistent with the new interface\nfor registering an fpga region.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"2",
"5"
],
"known_not_affected": [
"3"
]
},
"remediations": [
{
"category": "vendor_fix",
"details": "Update to V3.1 or later version",
"product_ids": [
"2",
"5"
],
"url": "https://support.industry.siemens.com/cs/ww/en/view/109977557/"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 0.0,
"baseSeverity": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:N/A:N",
"version": "3.1"
},
"products": [
"2",
"5"
]
}
],
"threats": [
{
"category": "impact",
"details": "Misinformed",
"product_ids": [
"3"
]
}
],
"title": "CVE-2024-35247"
},
{
"cve": "CVE-2024-35833",
"cwe": {
"id": "CWE-311",
"name": "Missing Encryption of Sensitive Data"
},
"notes": [
{
"category": "summary",
"text": "In the Linux kernel, the following vulnerability has been resolved:\r\n\r\ndmaengine: fsl-qdma: Fix a memory leak related to the queue command DMA",
"title": "Summary"
}
],
"product_status": {
"known_not_affected": [
"1",
"3",
"4"
]
},
"threats": [
{
"category": "impact",
"details": "Misinformed",
"product_ids": [
"1",
"4",
"3"
]
}
],
"title": "CVE-2024-35833"
},
{
"cve": "CVE-2024-35835",
"cwe": {
"id": "CWE-415",
"name": "Double Free"
},
"notes": [
{
"category": "summary",
"text": "In the Linux kernel, the following vulnerability has been resolved:\r\n\r\nnet/mlx5e: fix a double-free in arfs_create_groups",
"title": "Summary"
}
],
"product_status": {
"known_not_affected": [
"1",
"3",
"4"
]
},
"threats": [
{
"category": "impact",
"details": "Misinformed",
"product_ids": [
"1",
"4",
"3"
]
}
],
"title": "CVE-2024-35835"
},
{
"cve": "CVE-2024-35847",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"notes": [
{
"category": "summary",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nirqchip/gic-v3-its: Prevent double free on error\n\nThe error handling path in its_vpe_irq_domain_alloc() causes a double free\nwhen its_vpe_init() fails after successfully allocating at least one\ninterrupt. This happens because its_vpe_irq_domain_free() frees the\ninterrupts along with the area bitmap and the vprop_page and\nits_vpe_irq_domain_alloc() subsequently frees the area bitmap and the\nvprop_page again.\n\nFix this by unconditionally invoking its_vpe_irq_domain_free() which\nhandles all cases correctly and by removing the bitmap/vprop_page freeing\nfrom its_vpe_irq_domain_alloc().\n\n[ tglx: Massaged change log ]",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"2",
"5"
],
"known_not_affected": [
"3"
]
},
"remediations": [
{
"category": "vendor_fix",
"details": "Update to V3.1 or later version",
"product_ids": [
"2",
"5"
],
"url": "https://support.industry.siemens.com/cs/ww/en/view/109977557/"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 0.0,
"baseSeverity": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:N/A:N",
"version": "3.1"
},
"products": [
"2",
"5"
]
}
],
"threats": [
{
"category": "impact",
"details": "Misinformed",
"product_ids": [
"3"
]
}
],
"title": "CVE-2024-35847"
},
{
"cve": "CVE-2024-35848",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"notes": [
{
"category": "summary",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\neeprom: at24: fix memory corruption race condition\n\nIf the eeprom is not accessible, an nvmem device will be registered, the\nread will fail, and the device will be torn down. If another driver\naccesses the nvmem device after the teardown, it will reference\ninvalid memory.\n\nMove the failure point before registering the nvmem device.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"2",
"5"
],
"known_not_affected": [
"3"
]
},
"remediations": [
{
"category": "vendor_fix",
"details": "Update to V3.1 or later version",
"product_ids": [
"2",
"5"
],
"url": "https://support.industry.siemens.com/cs/ww/en/view/109977557/"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 0.0,
"baseSeverity": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:N/A:N",
"version": "3.1"
},
"products": [
"2",
"5"
]
}
],
"threats": [
{
"category": "impact",
"details": "Misinformed",
"product_ids": [
"3"
]
}
],
"title": "CVE-2024-35848"
},
{
"cve": "CVE-2024-35852",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"notes": [
{
"category": "summary",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nmlxsw: spectrum_acl_tcam: Fix memory leak when canceling rehash work\n\nThe rehash delayed work is rescheduled with a delay if the number of\ncredits at end of the work is not negative as supposedly it means that\nthe migration ended. Otherwise, it is rescheduled immediately.\n\nAfter \"mlxsw: spectrum_acl_tcam: Fix possible use-after-free during\nrehash\" the above is no longer accurate as a non-negative number of\ncredits is no longer indicative of the migration being done. It can also\nhappen if the work encountered an error in which case the migration will\nresume the next time the work is scheduled.\n\nThe significance of the above is that it is possible for the work to be\npending and associated with hints that were allocated when the migration\nstarted. This leads to the hints being leaked [1] when the work is\ncanceled while pending as part of ACL region dismantle.\n\nFix by freeing the hints if hints are associated with a work that was\ncanceled while pending.\n\nBlame the original commit since the reliance on not having a pending\nwork associated with hints is fragile.\n\n[1]\nunreferenced object 0xffff88810e7c3000 (size 256):\n comm \"kworker/0:16\", pid 176, jiffies 4295460353\n hex dump (first 32 bytes):\n 00 30 95 11 81 88 ff ff 61 00 00 00 00 00 00 80 .0......a.......\n 00 00 61 00 40 00 00 00 00 00 00 00 04 00 00 00 ..a.@...........\n backtrace (crc 2544ddb9):\n [\u003c00000000cf8cfab3\u003e] kmalloc_trace+0x23f/0x2a0\n [\u003c000000004d9a1ad9\u003e] objagg_hints_get+0x42/0x390\n [\u003c000000000b143cf3\u003e] mlxsw_sp_acl_erp_rehash_hints_get+0xca/0x400\n [\u003c0000000059bdb60a\u003e] mlxsw_sp_acl_tcam_vregion_rehash_work+0x868/0x1160\n [\u003c00000000e81fd734\u003e] process_one_work+0x59c/0xf20\n [\u003c00000000ceee9e81\u003e] worker_thread+0x799/0x12c0\n [\u003c00000000bda6fe39\u003e] kthread+0x246/0x300\n [\u003c0000000070056d23\u003e] ret_from_fork+0x34/0x70\n [\u003c00000000dea2b93e\u003e] ret_from_fork_asm+0x1a/0x30",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"2",
"5"
],
"known_not_affected": [
"3"
]
},
"remediations": [
{
"category": "vendor_fix",
"details": "Update to V3.1 or later version",
"product_ids": [
"2",
"5"
],
"url": "https://support.industry.siemens.com/cs/ww/en/view/109977557/"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 0.0,
"baseSeverity": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:N/A:N",
"version": "3.1"
},
"products": [
"2",
"5"
]
}
],
"threats": [
{
"category": "impact",
"details": "Misinformed",
"product_ids": [
"3"
]
}
],
"title": "CVE-2024-35852"
},
{
"cve": "CVE-2024-35853",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"notes": [
{
"category": "summary",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nmlxsw: spectrum_acl_tcam: Fix memory leak during rehash\n\nThe rehash delayed work migrates filters from one region to another.\nThis is done by iterating over all chunks (all the filters with the same\npriority) in the region and in each chunk iterating over all the\nfilters.\n\nIf the migration fails, the code tries to migrate the filters back to\nthe old region. However, the rollback itself can also fail in which case\nanother migration will be erroneously performed. Besides the fact that\nthis ping pong is not a very good idea, it also creates a problem.\n\nEach virtual chunk references two chunks: The currently used one\n(\u0027vchunk-\u003echunk\u0027) and a backup (\u0027vchunk-\u003echunk2\u0027). During migration the\nfirst holds the chunk we want to migrate filters to and the second holds\nthe chunk we are migrating filters from.\n\nThe code currently assumes - but does not verify - that the backup chunk\ndoes not exist (NULL) if the currently used chunk does not reference the\ntarget region. This assumption breaks when we are trying to rollback a\nrollback, resulting in the backup chunk being overwritten and leaked\n[1].\n\nFix by not rolling back a failed rollback and add a warning to avoid\nfuture cases.\n\n[1]\nWARNING: CPU: 5 PID: 1063 at lib/parman.c:291 parman_destroy+0x17/0x20\nModules linked in:\nCPU: 5 PID: 1063 Comm: kworker/5:11 Tainted: G W 6.9.0-rc2-custom-00784-gc6a05c468a0b #14\nHardware name: Mellanox Technologies Ltd. MSN3700/VMOD0005, BIOS 5.11 01/06/2019\nWorkqueue: mlxsw_core mlxsw_sp_acl_tcam_vregion_rehash_work\nRIP: 0010:parman_destroy+0x17/0x20\n[...]\nCall Trace:\n \u003cTASK\u003e\n mlxsw_sp_acl_atcam_region_fini+0x19/0x60\n mlxsw_sp_acl_tcam_region_destroy+0x49/0xf0\n mlxsw_sp_acl_tcam_vregion_rehash_work+0x1f1/0x470\n process_one_work+0x151/0x370\n worker_thread+0x2cb/0x3e0\n kthread+0xd0/0x100\n ret_from_fork+0x34/0x50\n ret_from_fork_asm+0x1a/0x30\n \u003c/TASK\u003e",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"2",
"5"
],
"known_not_affected": [
"3"
]
},
"remediations": [
{
"category": "vendor_fix",
"details": "Update to V3.1 or later version",
"product_ids": [
"2",
"5"
],
"url": "https://support.industry.siemens.com/cs/ww/en/view/109977557/"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.4,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:H",
"version": "3.1"
},
"products": [
"2",
"5"
]
}
],
"threats": [
{
"category": "impact",
"details": "Misinformed",
"product_ids": [
"3"
]
}
],
"title": "CVE-2024-35853"
},
{
"cve": "CVE-2024-35854",
"cwe": {
"id": "CWE-416",
"name": "Use After Free"
},
"notes": [
{
"category": "summary",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nmlxsw: spectrum_acl_tcam: Fix possible use-after-free during rehash\n\nThe rehash delayed work migrates filters from one region to another\naccording to the number of available credits.\n\nThe migrated from region is destroyed at the end of the work if the\nnumber of credits is non-negative as the assumption is that this is\nindicative of migration being complete. This assumption is incorrect as\na non-negative number of credits can also be the result of a failed\nmigration.\n\nThe destruction of a region that still has filters referencing it can\nresult in a use-after-free [1].\n\nFix by not destroying the region if migration failed.\n\n[1]\nBUG: KASAN: slab-use-after-free in mlxsw_sp_acl_ctcam_region_entry_remove+0x21d/0x230\nRead of size 8 at addr ffff8881735319e8 by task kworker/0:31/3858\n\nCPU: 0 PID: 3858 Comm: kworker/0:31 Tainted: G W 6.9.0-rc2-custom-00782-gf2275c2157d8 #5\nHardware name: Mellanox Technologies Ltd. MSN3700/VMOD0005, BIOS 5.11 01/06/2019\nWorkqueue: mlxsw_core mlxsw_sp_acl_tcam_vregion_rehash_work\nCall Trace:\n \u003cTASK\u003e\n dump_stack_lvl+0xc6/0x120\n print_report+0xce/0x670\n kasan_report+0xd7/0x110\n mlxsw_sp_acl_ctcam_region_entry_remove+0x21d/0x230\n mlxsw_sp_acl_ctcam_entry_del+0x2e/0x70\n mlxsw_sp_acl_atcam_entry_del+0x81/0x210\n mlxsw_sp_acl_tcam_vchunk_migrate_all+0x3cd/0xb50\n mlxsw_sp_acl_tcam_vregion_rehash_work+0x157/0x1300\n process_one_work+0x8eb/0x19b0\n worker_thread+0x6c9/0xf70\n kthread+0x2c9/0x3b0\n ret_from_fork+0x4d/0x80\n ret_from_fork_asm+0x1a/0x30\n \u003c/TASK\u003e\n\nAllocated by task 174:\n kasan_save_stack+0x33/0x60\n kasan_save_track+0x14/0x30\n __kasan_kmalloc+0x8f/0xa0\n __kmalloc+0x19c/0x360\n mlxsw_sp_acl_tcam_region_create+0xdf/0x9c0\n mlxsw_sp_acl_tcam_vregion_rehash_work+0x954/0x1300\n process_one_work+0x8eb/0x19b0\n worker_thread+0x6c9/0xf70\n kthread+0x2c9/0x3b0\n ret_from_fork+0x4d/0x80\n ret_from_fork_asm+0x1a/0x30\n\nFreed by task 7:\n kasan_save_stack+0x33/0x60\n kasan_save_track+0x14/0x30\n kasan_save_free_info+0x3b/0x60\n poison_slab_object+0x102/0x170\n __kasan_slab_free+0x14/0x30\n kfree+0xc1/0x290\n mlxsw_sp_acl_tcam_region_destroy+0x272/0x310\n mlxsw_sp_acl_tcam_vregion_rehash_work+0x731/0x1300\n process_one_work+0x8eb/0x19b0\n worker_thread+0x6c9/0xf70\n kthread+0x2c9/0x3b0\n ret_from_fork+0x4d/0x80\n ret_from_fork_asm+0x1a/0x30",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"2",
"5"
],
"known_not_affected": [
"3"
]
},
"remediations": [
{
"category": "vendor_fix",
"details": "Update to V3.1 or later version",
"product_ids": [
"2",
"5"
],
"url": "https://support.industry.siemens.com/cs/ww/en/view/109977557/"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"2",
"5"
]
}
],
"threats": [
{
"category": "impact",
"details": "Misinformed",
"product_ids": [
"3"
]
}
],
"title": "CVE-2024-35854"
},
{
"cve": "CVE-2024-35855",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"notes": [
{
"category": "summary",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nmlxsw: spectrum_acl_tcam: Fix possible use-after-free during activity update\n\nThe rule activity update delayed work periodically traverses the list of\nconfigured rules and queries their activity from the device.\n\nAs part of this task it accesses the entry pointed by \u0027ventry-\u003eentry\u0027,\nbut this entry can be changed concurrently by the rehash delayed work,\nleading to a use-after-free [1].\n\nFix by closing the race and perform the activity query under the\n\u0027vregion-\u003elock\u0027 mutex.\n\n[1]\nBUG: KASAN: slab-use-after-free in mlxsw_sp_acl_tcam_flower_rule_activity_get+0x121/0x140\nRead of size 8 at addr ffff8881054ed808 by task kworker/0:18/181\n\nCPU: 0 PID: 181 Comm: kworker/0:18 Not tainted 6.9.0-rc2-custom-00781-gd5ab772d32f7 #2\nHardware name: Mellanox Technologies Ltd. MSN3700/VMOD0005, BIOS 5.11 01/06/2019\nWorkqueue: mlxsw_core mlxsw_sp_acl_rule_activity_update_work\nCall Trace:\n \u003cTASK\u003e\n dump_stack_lvl+0xc6/0x120\n print_report+0xce/0x670\n kasan_report+0xd7/0x110\n mlxsw_sp_acl_tcam_flower_rule_activity_get+0x121/0x140\n mlxsw_sp_acl_rule_activity_update_work+0x219/0x400\n process_one_work+0x8eb/0x19b0\n worker_thread+0x6c9/0xf70\n kthread+0x2c9/0x3b0\n ret_from_fork+0x4d/0x80\n ret_from_fork_asm+0x1a/0x30\n \u003c/TASK\u003e\n\nAllocated by task 1039:\n kasan_save_stack+0x33/0x60\n kasan_save_track+0x14/0x30\n __kasan_kmalloc+0x8f/0xa0\n __kmalloc+0x19c/0x360\n mlxsw_sp_acl_tcam_entry_create+0x7b/0x1f0\n mlxsw_sp_acl_tcam_vchunk_migrate_all+0x30d/0xb50\n mlxsw_sp_acl_tcam_vregion_rehash_work+0x157/0x1300\n process_one_work+0x8eb/0x19b0\n worker_thread+0x6c9/0xf70\n kthread+0x2c9/0x3b0\n ret_from_fork+0x4d/0x80\n ret_from_fork_asm+0x1a/0x30\n\nFreed by task 1039:\n kasan_save_stack+0x33/0x60\n kasan_save_track+0x14/0x30\n kasan_save_free_info+0x3b/0x60\n poison_slab_object+0x102/0x170\n __kasan_slab_free+0x14/0x30\n kfree+0xc1/0x290\n mlxsw_sp_acl_tcam_vchunk_migrate_all+0x3d7/0xb50\n mlxsw_sp_acl_tcam_vregion_rehash_work+0x157/0x1300\n process_one_work+0x8eb/0x19b0\n worker_thread+0x6c9/0xf70\n kthread+0x2c9/0x3b0\n ret_from_fork+0x4d/0x80\n ret_from_fork_asm+0x1a/0x30",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"2",
"5"
],
"known_not_affected": [
"3"
]
},
"remediations": [
{
"category": "vendor_fix",
"details": "Update to V3.1 or later version",
"product_ids": [
"2",
"5"
],
"url": "https://support.industry.siemens.com/cs/ww/en/view/109977557/"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 0.0,
"baseSeverity": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:N/A:N",
"version": "3.1"
},
"products": [
"2",
"5"
]
}
],
"threats": [
{
"category": "impact",
"details": "Misinformed",
"product_ids": [
"3"
]
}
],
"title": "CVE-2024-35855"
},
{
"cve": "CVE-2024-35947",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"notes": [
{
"category": "summary",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndyndbg: fix old BUG_ON in \u003econtrol parser\n\nFix a BUG_ON from 2009. Even if it looks \"unreachable\" (I didn\u0027t\nreally look), lets make sure by removing it, doing pr_err and return\n-EINVAL instead.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"2",
"5"
],
"known_not_affected": [
"3"
]
},
"remediations": [
{
"category": "vendor_fix",
"details": "Update to V3.1 or later version",
"product_ids": [
"2",
"5"
],
"url": "https://support.industry.siemens.com/cs/ww/en/view/109977557/"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"2",
"5"
]
}
],
"threats": [
{
"category": "impact",
"details": "Misinformed",
"product_ids": [
"3"
]
}
],
"title": "CVE-2024-35947"
},
{
"cve": "CVE-2024-35955",
"cwe": {
"id": "CWE-416",
"name": "Use After Free"
},
"notes": [
{
"category": "summary",
"text": "kprobes: Fix possible use-after-free issue on kprobe registration",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"2",
"5"
],
"known_not_affected": [
"3"
]
},
"remediations": [
{
"category": "vendor_fix",
"details": "Update to V3.1 or later version",
"product_ids": [
"2",
"5"
],
"url": "https://support.industry.siemens.com/cs/ww/en/view/109977557/"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"2",
"5"
]
}
],
"threats": [
{
"category": "impact",
"details": "Misinformed",
"product_ids": [
"3"
]
}
],
"title": "CVE-2024-35955"
},
{
"cve": "CVE-2024-35958",
"cwe": {
"id": "CWE-416",
"name": "Use After Free"
},
"notes": [
{
"category": "summary",
"text": "net: ena: Fix incorrect descriptor free behavior",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"2",
"5"
],
"known_not_affected": [
"3"
]
},
"remediations": [
{
"category": "vendor_fix",
"details": "Update to V3.1 or later version",
"product_ids": [
"2",
"5"
],
"url": "https://support.industry.siemens.com/cs/ww/en/view/109977557/"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"2",
"5"
]
}
],
"threats": [
{
"category": "impact",
"details": "Misinformed",
"product_ids": [
"3"
]
}
],
"title": "CVE-2024-35958"
},
{
"cve": "CVE-2024-35960",
"cwe": {
"id": "CWE-476",
"name": "NULL Pointer Dereference"
},
"notes": [
{
"category": "summary",
"text": "net/mlx5: Properly link new fs rules into the tree",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"2",
"5"
],
"known_not_affected": [
"3"
]
},
"remediations": [
{
"category": "vendor_fix",
"details": "Update to V3.1 or later version",
"product_ids": [
"2",
"5"
],
"url": "https://support.industry.siemens.com/cs/ww/en/view/109977557/"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 9.1,
"baseSeverity": "CRITICAL",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H",
"version": "3.1"
},
"products": [
"2",
"5"
]
}
],
"threats": [
{
"category": "impact",
"details": "Misinformed",
"product_ids": [
"3"
]
}
],
"title": "CVE-2024-35960"
},
{
"cve": "CVE-2024-35962",
"cwe": {
"id": "CWE-1284",
"name": "Improper Validation of Specified Quantity in Input"
},
"notes": [
{
"category": "summary",
"text": "netfilter: complete validation of user input",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"2",
"5"
],
"known_not_affected": [
"3"
]
},
"remediations": [
{
"category": "vendor_fix",
"details": "Update to V3.1 or later version",
"product_ids": [
"2",
"5"
],
"url": "https://support.industry.siemens.com/cs/ww/en/view/109977557/"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"2",
"5"
]
}
],
"threats": [
{
"category": "impact",
"details": "Misinformed",
"product_ids": [
"3"
]
}
],
"title": "CVE-2024-35962"
},
{
"cve": "CVE-2024-35969",
"cwe": {
"id": "CWE-770",
"name": "Allocation of Resources Without Limits or Throttling"
},
"notes": [
{
"category": "summary",
"text": "ipv6: fix race condition between ipv6_get_ifaddr and ipv6_del_addr",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"2",
"5"
],
"known_not_affected": [
"3"
]
},
"remediations": [
{
"category": "vendor_fix",
"details": "Update to V3.1 or later version",
"product_ids": [
"2",
"5"
],
"url": "https://support.industry.siemens.com/cs/ww/en/view/109977557/"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"2",
"5"
]
}
],
"threats": [
{
"category": "impact",
"details": "Misinformed",
"product_ids": [
"3"
]
}
],
"title": "CVE-2024-35969"
},
{
"cve": "CVE-2024-35973",
"cwe": {
"id": "CWE-908",
"name": "Use of Uninitialized Resource"
},
"notes": [
{
"category": "summary",
"text": "geneve: fix header validation in geneve_xmit_skb",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"2",
"5"
],
"known_not_affected": [
"3"
]
},
"remediations": [
{
"category": "vendor_fix",
"details": "Update to V3.1 or later version",
"product_ids": [
"2",
"5"
],
"url": "https://support.industry.siemens.com/cs/ww/en/view/109977557/"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"2",
"5"
]
}
],
"threats": [
{
"category": "impact",
"details": "Misinformed",
"product_ids": [
"3"
]
}
],
"title": "CVE-2024-35973"
},
{
"cve": "CVE-2024-35976",
"cwe": {
"id": "CWE-787",
"name": "Out-of-bounds Write"
},
"notes": [
{
"category": "summary",
"text": "xsk: validate user input for XDP_UMEM|COMPLETION_FILL_RING",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"2",
"5"
],
"known_not_affected": [
"3"
]
},
"remediations": [
{
"category": "vendor_fix",
"details": "Update to V3.1 or later version",
"product_ids": [
"2",
"5"
],
"url": "https://support.industry.siemens.com/cs/ww/en/view/109977557/"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.7,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N",
"version": "3.1"
},
"products": [
"2",
"5"
]
}
],
"threats": [
{
"category": "impact",
"details": "Misinformed",
"product_ids": [
"3"
]
}
],
"title": "CVE-2024-35976"
},
{
"cve": "CVE-2024-35983",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"notes": [
{
"category": "summary",
"text": "bounds: Use the right number of bits for power-of-two CONFIG_NR_CPUS",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"2",
"5"
],
"known_not_affected": [
"3"
]
},
"remediations": [
{
"category": "vendor_fix",
"details": "Update to V3.1 or later version",
"product_ids": [
"2",
"5"
],
"url": "https://support.industry.siemens.com/cs/ww/en/view/109977557/"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"2",
"5"
]
}
],
"threats": [
{
"category": "impact",
"details": "Misinformed",
"product_ids": [
"3"
]
}
],
"title": "CVE-2024-35983"
},
{
"cve": "CVE-2024-35984",
"cwe": {
"id": "CWE-476",
"name": "NULL Pointer Dereference"
},
"notes": [
{
"category": "summary",
"text": "i2c: smbus: fix NULL function pointer dereference",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"2",
"5"
],
"known_not_affected": [
"3"
]
},
"remediations": [
{
"category": "vendor_fix",
"details": "Update to V3.1 or later version",
"product_ids": [
"2",
"5"
],
"url": "https://support.industry.siemens.com/cs/ww/en/view/109977557/"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"2",
"5"
]
}
],
"threats": [
{
"category": "impact",
"details": "Misinformed",
"product_ids": [
"3"
]
}
],
"title": "CVE-2024-35984"
},
{
"cve": "CVE-2024-35990",
"cwe": {
"id": "CWE-667",
"name": "Improper Locking"
},
"notes": [
{
"category": "summary",
"text": "dma: xilinx_dpdma: Fix locking",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"2",
"5"
],
"known_not_affected": [
"3"
]
},
"remediations": [
{
"category": "vendor_fix",
"details": "Update to V3.1 or later version",
"product_ids": [
"2",
"5"
],
"url": "https://support.industry.siemens.com/cs/ww/en/view/109977557/"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"2",
"5"
]
}
],
"threats": [
{
"category": "impact",
"details": "Misinformed",
"product_ids": [
"3"
]
}
],
"title": "CVE-2024-35990"
},
{
"cve": "CVE-2024-35996",
"cwe": {
"id": "CWE-655",
"name": "Insufficient Psychological Acceptability"
},
"notes": [
{
"category": "summary",
"text": "cpu: Re-enable CPU mitigations by default for !X86 architectures",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"2",
"5"
],
"known_not_affected": [
"3"
]
},
"remediations": [
{
"category": "vendor_fix",
"details": "Update to V3.1 or later version",
"product_ids": [
"2",
"5"
],
"url": "https://support.industry.siemens.com/cs/ww/en/view/109977557/"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"2",
"5"
]
}
],
"threats": [
{
"category": "impact",
"details": "Misinformed",
"product_ids": [
"3"
]
}
],
"title": "CVE-2024-35996"
},
{
"cve": "CVE-2024-36005",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"notes": [
{
"category": "summary",
"text": "netfilter: nf_tables: honor table dormant flag from netdev release event path",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"2",
"5"
],
"known_not_affected": [
"3"
]
},
"remediations": [
{
"category": "vendor_fix",
"details": "Update to V3.1 or later version",
"product_ids": [
"2",
"5"
],
"url": "https://support.industry.siemens.com/cs/ww/en/view/109977557/"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"2",
"5"
]
}
],
"threats": [
{
"category": "impact",
"details": "Misinformed",
"product_ids": [
"3"
]
}
],
"title": "CVE-2024-36005"
},
{
"cve": "CVE-2024-36006",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"notes": [
{
"category": "summary",
"text": "In the Linux kernel, the following vulnerability has been resolved:\r\n\r\nmlxsw: spectrum_acl_tcam: Fix incorrect list API usage",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"2",
"5"
],
"known_not_affected": [
"3"
]
},
"remediations": [
{
"category": "vendor_fix",
"details": "Update to V3.1 or later version",
"product_ids": [
"2",
"5"
],
"url": "https://support.industry.siemens.com/cs/ww/en/view/109977557/"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"2",
"5"
]
}
],
"threats": [
{
"category": "impact",
"details": "Misinformed",
"product_ids": [
"3"
]
}
],
"title": "CVE-2024-36006"
},
{
"cve": "CVE-2024-36007",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"notes": [
{
"category": "summary",
"text": "In the Linux kernel, the following vulnerability has been resolved:\r\n\r\nmlxsw: spectrum_acl_tcam: Fix warning during rehash\r\n\r\nAs previously explained, the rehash delayed work migrates filters from\r\none region to another. This is done by iterating over all chunks (all\r\nthe filters with the same priority) in the region and in each chunk\r\niterating over all the filters.\r\n\r\nWhen the work runs out of credits it stores the current chunk and entry\r\nas markers in the per-work context so that it would know where to resume\r\nthe migration from the next time the work is scheduled.\r\n\r\nUpon error, the chunk marker is reset to NULL, but without resetting the\r\nentry markers despite being relative to it. This can result in migration\r\nbeing resumed from an entry that does not belong to the chunk being\r\nmigrated. In turn, this will eventually lead to a chunk being iterated\r\nover as if it is an entry. Because of how the two structures happen to\r\nbe defined, this does not lead to KASAN splats, but to warnings such as.\r\n\r\nFix by creating a helper that resets all the markers and call it from\r\nall the places the currently only reset the chunk marker. For good\r\nmeasures also call it when starting a completely new rehash. Add a\r\nwarning to avoid future cases.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"2",
"5"
],
"known_not_affected": [
"3"
]
},
"remediations": [
{
"category": "vendor_fix",
"details": "Update to V3.1 or later version",
"product_ids": [
"2",
"5"
],
"url": "https://support.industry.siemens.com/cs/ww/en/view/109977557/"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"2",
"5"
]
}
],
"threats": [
{
"category": "impact",
"details": "Misinformed",
"product_ids": [
"3"
]
}
],
"title": "CVE-2024-36007"
},
{
"cve": "CVE-2024-36008",
"cwe": {
"id": "CWE-476",
"name": "NULL Pointer Dereference"
},
"notes": [
{
"category": "summary",
"text": "In the Linux kernel, the following vulnerability has been resolved:\r\n\r\nipv4: check for NULL idev in ip_route_use_hint()\r\n\r\nsyzbot was able to trigger a NULL deref in fib_validate_source()\r\nin an old tree.\r\n\r\nIt appears the bug exists in latest trees.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"2",
"5"
],
"known_not_affected": [
"3"
]
},
"remediations": [
{
"category": "vendor_fix",
"details": "Update to V3.1 or later version",
"product_ids": [
"2",
"5"
],
"url": "https://support.industry.siemens.com/cs/ww/en/view/109977557/"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"2",
"5"
]
}
],
"threats": [
{
"category": "impact",
"details": "Misinformed",
"product_ids": [
"3"
]
}
],
"title": "CVE-2024-36008"
},
{
"cve": "CVE-2024-36015",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"notes": [
{
"category": "summary",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nppdev: Add an error check in register_device\n\nIn register_device, the return value of ida_simple_get is unchecked,\nin witch ida_simple_get will use an invalid index value.\n\nTo address this issue, index should be checked after ida_simple_get. When\nthe index value is abnormal, a warning message should be printed, the port\nshould be dropped, and the value should be recorded.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"2",
"5"
],
"known_not_affected": [
"3"
]
},
"remediations": [
{
"category": "vendor_fix",
"details": "Update to V3.1 or later version",
"product_ids": [
"2",
"5"
],
"url": "https://support.industry.siemens.com/cs/ww/en/view/109977557/"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 0.0,
"baseSeverity": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:N/A:N",
"version": "3.1"
},
"products": [
"2",
"5"
]
}
],
"threats": [
{
"category": "impact",
"details": "Misinformed",
"product_ids": [
"3"
]
}
],
"title": "CVE-2024-36015"
},
{
"cve": "CVE-2024-36016",
"cwe": {
"id": "CWE-125",
"name": "Out-of-bounds Read"
},
"notes": [
{
"category": "summary",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ntty: n_gsm: fix possible out-of-bounds in gsm0_receive()\n\nAssuming the following:\n- side A configures the n_gsm in basic option mode\n- side B sends the header of a basic option mode frame with data length 1\n- side A switches to advanced option mode\n- side B sends 2 data bytes which exceeds gsm-\u003elen\n Reason: gsm-\u003elen is not used in advanced option mode.\n- side A switches to basic option mode\n- side B keeps sending until gsm0_receive() writes past gsm-\u003ebuf\n Reason: Neither gsm-\u003estate nor gsm-\u003elen have been reset after\n reconfiguration.\n\nFix this by changing gsm-\u003ecount to gsm-\u003elen comparison from equal to less\nthan. Also add upper limit checks against the constant MAX_MRU in\ngsm0_receive() and gsm1_receive() to harden against memory corruption of\ngsm-\u003elen and gsm-\u003emru.\n\nAll other checks remain as we still need to limit the data according to the\nuser configuration and actual payload size.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"2",
"5"
],
"known_not_affected": [
"3"
]
},
"remediations": [
{
"category": "vendor_fix",
"details": "Update to V3.1 or later version",
"product_ids": [
"2",
"5"
],
"url": "https://support.industry.siemens.com/cs/ww/en/view/109977557/"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.7,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H",
"version": "3.1"
},
"products": [
"2",
"5"
]
}
],
"threats": [
{
"category": "impact",
"details": "Misinformed",
"product_ids": [
"3"
]
}
],
"title": "CVE-2024-36016"
},
{
"cve": "CVE-2024-36017",
"cwe": {
"id": "CWE-125",
"name": "Out-of-bounds Read"
},
"notes": [
{
"category": "summary",
"text": "In the Linux kernel, the following vulnerability has been resolved: rtnetlink: Correct nested IFLA_VF_VLAN_LIST attribute validation Each attribute inside a nested IFLA_VF_VLAN_LIST is assumed to be a struct ifla_vf_vlan_info so the size of such attribute needs to be at least of sizeof(struct ifla_vf_vlan_info) which is 14 bytes. The current size validation in do_setvfinfo is against NLA_HDRLEN (4 bytes) which is less than sizeof(struct ifla_vf_vlan_info) so this validation is not enough and a too small attribute might be cast to a struct ifla_vf_vlan_info, this might result in an out of bands read access when accessing the saved (casted) entry in ivvl.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"2",
"5"
],
"known_not_affected": [
"3"
]
},
"remediations": [
{
"category": "vendor_fix",
"details": "Update to V3.1 or later version",
"product_ids": [
"2",
"5"
],
"url": "https://support.industry.siemens.com/cs/ww/en/view/109977557/"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"2",
"5"
]
}
],
"threats": [
{
"category": "impact",
"details": "Misinformed",
"product_ids": [
"3"
]
}
],
"title": "CVE-2024-36017"
},
{
"cve": "CVE-2024-36031",
"cwe": {
"id": "CWE-324",
"name": "Use of a Key Past its Expiration Date"
},
"notes": [
{
"category": "summary",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nkeys: Fix overwrite of key expiration on instantiation\n\nThe expiry time of a key is unconditionally overwritten during\ninstantiation, defaulting to turn it permanent. This causes a problem\nfor DNS resolution as the expiration set by user-space is overwritten to\nTIME64_MAX, disabling further DNS updates. Fix this by restoring the\ncondition that key_set_expiry is only called when the pre-parser sets a\nspecific expiry.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"2",
"5"
],
"known_not_affected": [
"3"
]
},
"remediations": [
{
"category": "vendor_fix",
"details": "Update to V3.1 or later version",
"product_ids": [
"2",
"5"
],
"url": "https://support.industry.siemens.com/cs/ww/en/view/109977557/"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"2",
"5"
]
}
],
"threats": [
{
"category": "impact",
"details": "Misinformed",
"product_ids": [
"3"
]
}
],
"title": "CVE-2024-36031"
},
{
"cve": "CVE-2024-36270",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"notes": [
{
"category": "summary",
"text": "netfilter: tproxy: bail out if IP has been disabled on the device syzbot reports: general protection fault, probably for non-canonical address",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"2",
"5"
],
"known_not_affected": [
"3"
]
},
"remediations": [
{
"category": "vendor_fix",
"details": "Update to V3.1 or later version",
"product_ids": [
"2",
"5"
],
"url": "https://support.industry.siemens.com/cs/ww/en/view/109977557/"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"2",
"5"
]
}
],
"threats": [
{
"category": "impact",
"details": "Misinformed",
"product_ids": [
"3"
]
}
],
"title": "CVE-2024-36270"
},
{
"cve": "CVE-2024-36286",
"cwe": {
"id": "CWE-1287",
"name": "Improper Validation of Specified Type of Input"
},
"notes": [
{
"category": "summary",
"text": "In the Linux kernel, the following vulnerability has been resolved: netfilter: nfnetlink_queue: acquire rcu_read_lock() in instance_destroy_rcu().",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"2",
"5"
],
"known_not_affected": [
"3"
]
},
"remediations": [
{
"category": "vendor_fix",
"details": "Update to V3.1 or later version",
"product_ids": [
"2",
"5"
],
"url": "https://support.industry.siemens.com/cs/ww/en/view/109977557/"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"2",
"5"
]
}
],
"threats": [
{
"category": "impact",
"details": "Misinformed",
"product_ids": [
"3"
]
}
],
"title": "CVE-2024-36286"
},
{
"cve": "CVE-2024-36288",
"cwe": {
"id": "CWE-119",
"name": "Improper Restriction of Operations within the Bounds of a Memory Buffer"
},
"notes": [
{
"category": "summary",
"text": "SUNRPC: Fix loop termination condition in gss_free_in_token_pages() The in_token-\u003epages[] array is not NULL terminated. This results in the following KASAN splat: KASAN: maybe wild-memory-access in range [0x04a2013400000008-0x04a201340000000f].",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"2",
"5"
],
"known_not_affected": [
"3"
]
},
"remediations": [
{
"category": "vendor_fix",
"details": "Update to V3.1 or later version",
"product_ids": [
"2",
"5"
],
"url": "https://support.industry.siemens.com/cs/ww/en/view/109977557/"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"2",
"5"
]
}
],
"threats": [
{
"category": "impact",
"details": "Misinformed",
"product_ids": [
"3"
]
}
],
"title": "CVE-2024-36288"
},
{
"cve": "CVE-2024-36484",
"cwe": {
"id": "CWE-99",
"name": "Improper Control of Resource Identifiers (\u0027Resource Injection\u0027)"
},
"notes": [
{
"category": "summary",
"text": "In the Linux kernel, the following vulnerability has been resolved: net: relax socket state check at accept time.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"2",
"5"
],
"known_not_affected": [
"3"
]
},
"remediations": [
{
"category": "vendor_fix",
"details": "Update to V3.1 or later version",
"product_ids": [
"2",
"5"
],
"url": "https://support.industry.siemens.com/cs/ww/en/view/109977557/"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"2",
"5"
]
}
],
"threats": [
{
"category": "impact",
"details": "Misinformed",
"product_ids": [
"3"
]
}
],
"title": "CVE-2024-36484"
},
{
"cve": "CVE-2024-36489",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"notes": [
{
"category": "summary",
"text": "tls: missing memory barrier in tls_init. In tls_init(), a write memory barrier is missing, and store-store reordering may cause NULL dereference in tls_{setsockopt,getsockopt}.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"2",
"5"
],
"known_not_affected": [
"3"
]
},
"remediations": [
{
"category": "vendor_fix",
"details": "Update to V3.1 or later version",
"product_ids": [
"2",
"5"
],
"url": "https://support.industry.siemens.com/cs/ww/en/view/109977557/"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"2",
"5"
]
}
],
"threats": [
{
"category": "impact",
"details": "Misinformed",
"product_ids": [
"3"
]
}
],
"title": "CVE-2024-36489"
},
{
"cve": "CVE-2024-36883",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"notes": [
{
"category": "summary",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: fix out-of-bounds access in ops_init\n\nnet_alloc_generic is called by net_alloc, which is called without any\nlocking. It reads max_gen_ptrs, which is changed under pernet_ops_rwsem. It\nis read twice, first to allocate an array, then to set s.len, which is\nlater used to limit the bounds of the array access.\n\nIt is possible that the array is allocated and another thread is\nregistering a new pernet ops, increments max_gen_ptrs, which is then used\nto set s.len with a larger than allocated length for the variable array.\n\nFix it by reading max_gen_ptrs only once in net_alloc_generic. If\nmax_gen_ptrs is later incremented, it will be caught in net_assign_generic.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"2",
"5"
],
"known_not_affected": [
"3"
]
},
"remediations": [
{
"category": "vendor_fix",
"details": "Update to V3.1 or later version",
"product_ids": [
"2",
"5"
],
"url": "https://support.industry.siemens.com/cs/ww/en/view/109977557/"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 0.0,
"baseSeverity": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:N/A:N",
"version": "3.1"
},
"products": [
"2",
"5"
]
}
],
"threats": [
{
"category": "impact",
"details": "Misinformed",
"product_ids": [
"3"
]
}
],
"title": "CVE-2024-36883"
},
{
"cve": "CVE-2024-36886",
"cwe": {
"id": "CWE-416",
"name": "Use After Free"
},
"notes": [
{
"category": "summary",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ntipc: fix UAF in error path\n\nSam Page (sam4k) working with Trend Micro Zero Day Initiative reported\na UAF in the tipc_buf_append() error path:\n\nBUG: KASAN: slab-use-after-free in kfree_skb_list_reason+0x47e/0x4c0\nlinux/net/core/skbuff.c:1183\nRead of size 8 at addr ffff88804d2a7c80 by task poc/8034\n\nCPU: 1 PID: 8034 Comm: poc Not tainted 6.8.2 #1\nHardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS\n1.16.0-debian-1.16.0-5 04/01/2014\nCall Trace:\n \u003cIRQ\u003e\n __dump_stack linux/lib/dump_stack.c:88\n dump_stack_lvl+0xd9/0x1b0 linux/lib/dump_stack.c:106\n print_address_description linux/mm/kasan/report.c:377\n print_report+0xc4/0x620 linux/mm/kasan/report.c:488\n kasan_report+0xda/0x110 linux/mm/kasan/report.c:601\n kfree_skb_list_reason+0x47e/0x4c0 linux/net/core/skbuff.c:1183\n skb_release_data+0x5af/0x880 linux/net/core/skbuff.c:1026\n skb_release_all linux/net/core/skbuff.c:1094\n __kfree_skb linux/net/core/skbuff.c:1108\n kfree_skb_reason+0x12d/0x210 linux/net/core/skbuff.c:1144\n kfree_skb linux/./include/linux/skbuff.h:1244\n tipc_buf_append+0x425/0xb50 linux/net/tipc/msg.c:186\n tipc_link_input+0x224/0x7c0 linux/net/tipc/link.c:1324\n tipc_link_rcv+0x76e/0x2d70 linux/net/tipc/link.c:1824\n tipc_rcv+0x45f/0x10f0 linux/net/tipc/node.c:2159\n tipc_udp_recv+0x73b/0x8f0 linux/net/tipc/udp_media.c:390\n udp_queue_rcv_one_skb+0xad2/0x1850 linux/net/ipv4/udp.c:2108\n udp_queue_rcv_skb+0x131/0xb00 linux/net/ipv4/udp.c:2186\n udp_unicast_rcv_skb+0x165/0x3b0 linux/net/ipv4/udp.c:2346\n __udp4_lib_rcv+0x2594/0x3400 linux/net/ipv4/udp.c:2422\n ip_protocol_deliver_rcu+0x30c/0x4e0 linux/net/ipv4/ip_input.c:205\n ip_local_deliver_finish+0x2e4/0x520 linux/net/ipv4/ip_input.c:233\n NF_HOOK linux/./include/linux/netfilter.h:314\n NF_HOOK linux/./include/linux/netfilter.h:308\n ip_local_deliver+0x18e/0x1f0 linux/net/ipv4/ip_input.c:254\n dst_input linux/./include/net/dst.h:461\n ip_rcv_finish linux/net/ipv4/ip_input.c:449\n NF_HOOK linux/./include/linux/netfilter.h:314\n NF_HOOK linux/./include/linux/netfilter.h:308\n ip_rcv+0x2c5/0x5d0 linux/net/ipv4/ip_input.c:569\n __netif_receive_skb_one_core+0x199/0x1e0 linux/net/core/dev.c:5534\n __netif_receive_skb+0x1f/0x1c0 linux/net/core/dev.c:5648\n process_backlog+0x101/0x6b0 linux/net/core/dev.c:5976\n __napi_poll.constprop.0+0xba/0x550 linux/net/core/dev.c:6576\n napi_poll linux/net/core/dev.c:6645\n net_rx_action+0x95a/0xe90 linux/net/core/dev.c:6781\n __do_softirq+0x21f/0x8e7 linux/kernel/softirq.c:553\n do_softirq linux/kernel/softirq.c:454\n do_softirq+0xb2/0xf0 linux/kernel/softirq.c:441\n \u003c/IRQ\u003e\n \u003cTASK\u003e\n __local_bh_enable_ip+0x100/0x120 linux/kernel/softirq.c:381\n local_bh_enable linux/./include/linux/bottom_half.h:33\n rcu_read_unlock_bh linux/./include/linux/rcupdate.h:851\n __dev_queue_xmit+0x871/0x3ee0 linux/net/core/dev.c:4378\n dev_queue_xmit linux/./include/linux/netdevice.h:3169\n neigh_hh_output linux/./include/net/neighbour.h:526\n neigh_output linux/./include/net/neighbour.h:540\n ip_finish_output2+0x169f/0x2550 linux/net/ipv4/ip_output.c:235\n __ip_finish_output linux/net/ipv4/ip_output.c:313\n __ip_finish_output+0x49e/0x950 linux/net/ipv4/ip_output.c:295\n ip_finish_output+0x31/0x310 linux/net/ipv4/ip_output.c:323\n NF_HOOK_COND linux/./include/linux/netfilter.h:303\n ip_output+0x13b/0x2a0 linux/net/ipv4/ip_output.c:433\n dst_output linux/./include/net/dst.h:451\n ip_local_out linux/net/ipv4/ip_output.c:129\n ip_send_skb+0x3e5/0x560 linux/net/ipv4/ip_output.c:1492\n udp_send_skb+0x73f/0x1530 linux/net/ipv4/udp.c:963\n udp_sendmsg+0x1a36/0x2b40 linux/net/ipv4/udp.c:1250\n inet_sendmsg+0x105/0x140 linux/net/ipv4/af_inet.c:850\n sock_sendmsg_nosec linux/net/socket.c:730\n __sock_sendmsg linux/net/socket.c:745\n __sys_sendto+0x42c/0x4e0 linux/net/socket.c:2191\n __do_sys_sendto linux/net/socket.c:2203\n __se_sys_sendto linux/net/socket.c:2199\n __x64_sys_sendto+0xe0/0x1c0 linux/net/socket.c:2199\n do_syscall_x64 linux/arch/x86/entry/common.c:52\n do_syscall_\n---truncated---",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"2",
"5"
],
"known_not_affected": [
"3"
]
},
"remediations": [
{
"category": "vendor_fix",
"details": "Update to V3.1 or later version",
"product_ids": [
"2",
"5"
],
"url": "https://support.industry.siemens.com/cs/ww/en/view/109977557/"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.1,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"2",
"5"
]
}
],
"threats": [
{
"category": "impact",
"details": "Misinformed",
"product_ids": [
"3"
]
}
],
"title": "CVE-2024-36886"
},
{
"cve": "CVE-2024-36889",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"notes": [
{
"category": "summary",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nmptcp: ensure snd_nxt is properly initialized on connect\n\nChristoph reported a splat hinting at a corrupted snd_una:\n\n WARNING: CPU: 1 PID: 38 at net/mptcp/protocol.c:1005 __mptcp_clean_una+0x4b3/0x620 net/mptcp/protocol.c:1005\n Modules linked in:\n CPU: 1 PID: 38 Comm: kworker/1:1 Not tainted 6.9.0-rc1-gbbeac67456c9 #59\n Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.11.0-2.el7 04/01/2014\n Workqueue: events mptcp_worker\n RIP: 0010:__mptcp_clean_una+0x4b3/0x620 net/mptcp/protocol.c:1005\n Code: be 06 01 00 00 bf 06 01 00 00 e8 a8 12 e7 fe e9 00 fe ff ff e8\n \t8e 1a e7 fe 0f b7 ab 3e 02 00 00 e9 d3 fd ff ff e8 7d 1a e7 fe\n \t\u003c0f\u003e 0b 4c 8b bb e0 05 00 00 e9 74 fc ff ff e8 6a 1a e7 fe 0f 0b e9\n RSP: 0018:ffffc9000013fd48 EFLAGS: 00010293\n RAX: 0000000000000000 RBX: ffff8881029bd280 RCX: ffffffff82382fe4\n RDX: ffff8881003cbd00 RSI: ffffffff823833c3 RDI: 0000000000000001\n RBP: 0000000000000000 R08: 0000000000000001 R09: 0000000000000000\n R10: 0000000000000000 R11: fefefefefefefeff R12: ffff888138ba8000\n R13: 0000000000000106 R14: ffff8881029bd908 R15: ffff888126560000\n FS: 0000000000000000(0000) GS:ffff88813bd00000(0000) knlGS:0000000000000000\n CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\n CR2: 00007f604a5dae38 CR3: 0000000101dac002 CR4: 0000000000170ef0\n Call Trace:\n \u003cTASK\u003e\n __mptcp_clean_una_wakeup net/mptcp/protocol.c:1055 [inline]\n mptcp_clean_una_wakeup net/mptcp/protocol.c:1062 [inline]\n __mptcp_retrans+0x7f/0x7e0 net/mptcp/protocol.c:2615\n mptcp_worker+0x434/0x740 net/mptcp/protocol.c:2767\n process_one_work+0x1e0/0x560 kernel/workqueue.c:3254\n process_scheduled_works kernel/workqueue.c:3335 [inline]\n worker_thread+0x3c7/0x640 kernel/workqueue.c:3416\n kthread+0x121/0x170 kernel/kthread.c:388\n ret_from_fork+0x44/0x50 arch/x86/kernel/process.c:147\n ret_from_fork_asm+0x1a/0x30 arch/x86/entry/entry_64.S:243\n \u003c/TASK\u003e\n\nWhen fallback to TCP happens early on a client socket, snd_nxt\nis not yet initialized and any incoming ack will copy such value\ninto snd_una. If the mptcp worker (dumbly) tries mptcp-level\nre-injection after such ack, that would unconditionally trigger a send\nbuffer cleanup using \u0027bad\u0027 snd_una values.\n\nWe could easily disable re-injection for fallback sockets, but such\ndumb behavior already helped catching a few subtle issues and a very\nlow to zero impact in practice.\n\nInstead address the issue always initializing snd_nxt (and write_seq,\nfor consistency) at connect time.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"2",
"5"
],
"known_not_affected": [
"3"
]
},
"remediations": [
{
"category": "vendor_fix",
"details": "Update to V3.1 or later version",
"product_ids": [
"2",
"5"
],
"url": "https://support.industry.siemens.com/cs/ww/en/view/109977557/"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 0.0,
"baseSeverity": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:N/A:N",
"version": "3.1"
},
"products": [
"2",
"5"
]
}
],
"threats": [
{
"category": "impact",
"details": "Misinformed",
"product_ids": [
"3"
]
}
],
"title": "CVE-2024-36889"
},
{
"cve": "CVE-2024-36901",
"cwe": {
"id": "CWE-476",
"name": "NULL Pointer Dereference"
},
"notes": [
{
"category": "summary",
"text": "ipv6: prevent NULL dereference in ip6_output() According to syzbot, there is a chance that ip6_dst_idev() returns NULL in ip6_output().",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"2",
"5"
],
"known_not_affected": [
"3"
]
},
"remediations": [
{
"category": "vendor_fix",
"details": "Update to V3.1 or later version",
"product_ids": [
"2",
"5"
],
"url": "https://support.industry.siemens.com/cs/ww/en/view/109977557/"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C",
"version": "3.1"
},
"products": [
"2",
"5"
]
}
],
"threats": [
{
"category": "impact",
"details": "Misinformed",
"product_ids": [
"3"
]
}
],
"title": "CVE-2024-36901"
},
{
"cve": "CVE-2024-36902",
"cwe": {
"id": "CWE-476",
"name": "NULL Pointer Dereference"
},
"notes": [
{
"category": "summary",
"text": "Vulnerability in Linux kernel: ipv6: fib6_rules: avoid possible NULL dereference in fib6_rule_action() syzbot is able to trigger the following crash [1], caused by unsafe ip6_dst_idev() use. Indeed ip6_dst_idev() can return NULL, and must always be checked.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"2",
"5"
],
"known_not_affected": [
"3"
]
},
"remediations": [
{
"category": "vendor_fix",
"details": "Update to V3.1 or later version",
"product_ids": [
"2",
"5"
],
"url": "https://support.industry.siemens.com/cs/ww/en/view/109977557/"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"2",
"5"
]
}
],
"threats": [
{
"category": "impact",
"details": "Misinformed",
"product_ids": [
"3"
]
}
],
"title": "CVE-2024-36902"
},
{
"cve": "CVE-2024-36904",
"cwe": {
"id": "CWE-416",
"name": "Use After Free"
},
"notes": [
{
"category": "summary",
"text": "In the Linux kernel, the following vulnerability has been resolved: tcp: Use refcount_inc_not_zero() in tcp_twsk_unique().",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"2",
"5"
],
"known_not_affected": [
"3"
]
},
"remediations": [
{
"category": "vendor_fix",
"details": "Update to V3.1 or later version",
"product_ids": [
"2",
"5"
],
"url": "https://support.industry.siemens.com/cs/ww/en/view/109977557/"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"2",
"5"
]
}
],
"threats": [
{
"category": "impact",
"details": "Misinformed",
"product_ids": [
"3"
]
}
],
"title": "CVE-2024-36904"
},
{
"cve": "CVE-2024-36905",
"cwe": {
"id": "CWE-369",
"name": "Divide By Zero"
},
"notes": [
{
"category": "summary",
"text": "In the Linux kernel, the following vulnerability has been resolved: tcp: defer shutdown(SEND_SHUTDOWN) for TCP_SYN_RECV sockets.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"2",
"5"
],
"known_not_affected": [
"3"
]
},
"remediations": [
{
"category": "vendor_fix",
"details": "Update to V3.1 or later version",
"product_ids": [
"2",
"5"
],
"url": "https://support.industry.siemens.com/cs/ww/en/view/109977557/"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"2",
"5"
]
}
],
"threats": [
{
"category": "impact",
"details": "Misinformed",
"product_ids": [
"3"
]
}
],
"title": "CVE-2024-36905"
},
{
"cve": "CVE-2024-36916",
"cwe": {
"id": "CWE-787",
"name": "Out-of-bounds Write"
},
"notes": [
{
"category": "summary",
"text": "In the Linux kernel, the following vulnerability has been resolved: blk-iocost: avoid out of bounds shift UBSAN catches undefined behavior in blk-iocost, where sometimes iocg-\u003edelay is shifted right by a number that is too large, resulting in undefined behavior on some architectures. [ 186.556576] ------------[ cut here ]------------ UBSAN: shift-out-of-bounds in block/blk-iocost.c:1366:23 shift exponent 64 is too large for 64-bit type \u0027u64\u0027 (aka \u0027unsigned long long\u0027) CPU: 16 PID: 0 Comm: swapper/16 Tainted: G S E N 6.9.0-0_fbk700_debug_rc2_kbuilder_0_gc85af715cac0 #1 Hardware name: Quanta Twin Lakes MP/Twin Lakes Passive MP, BIOS F09_3A23 12/08/2020 Call Trace: \u003cIRQ\u003e dump_stack_lvl+0x8f/0xe0 __ubsan_handle_shift_out_of_bounds+0x22c/0x280 iocg_kick_delay+0x30b/0x310 ioc_timer_fn+0x2fb/0x1f80 __run_timer_base+0x1b6/0x250 ... Avoid that undefined behavior by simply taking the \"delay = 0\" branch if the shift is too large. I am not sure what the symptoms of an undefined value delay will be, but I suspect it could be more than a little annoying to debug.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"2",
"5"
],
"known_not_affected": [
"3"
]
},
"remediations": [
{
"category": "vendor_fix",
"details": "Update to V3.1 or later version",
"product_ids": [
"2",
"5"
],
"url": "https://support.industry.siemens.com/cs/ww/en/view/109977557/"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:L",
"version": "3.1"
},
"products": [
"2",
"5"
]
}
],
"threats": [
{
"category": "impact",
"details": "Misinformed",
"product_ids": [
"3"
]
}
],
"title": "CVE-2024-36916"
},
{
"cve": "CVE-2024-36929",
"cwe": {
"id": "CWE-237",
"name": "Improper Handling of Structural Elements"
},
"notes": [
{
"category": "summary",
"text": "In the Linux kernel, the following vulnerability has been resolved: net: core: reject skb_copy(_expand) for fraglist GSO skbs SKB_GSO_FRAGLIST skbs must not be linearized, otherwise they become invalid. Return NULL if such an skb is passed to skb_copy or skb_copy_expand, in order to prevent a crash on a potential later call to skb_gso_segment.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"2",
"5"
],
"known_not_affected": [
"3"
]
},
"remediations": [
{
"category": "vendor_fix",
"details": "Update to V3.1 or later version",
"product_ids": [
"2",
"5"
],
"url": "https://support.industry.siemens.com/cs/ww/en/view/109977557/"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"2",
"5"
]
}
],
"threats": [
{
"category": "impact",
"details": "Misinformed",
"product_ids": [
"3"
]
}
],
"title": "CVE-2024-36929"
},
{
"cve": "CVE-2024-36933",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"notes": [
{
"category": "summary",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnsh: Restore skb-\u003e{protocol,data,mac_header} for outer header in nsh_gso_segment().\n\nsyzbot triggered various splats (see [0] and links) by a crafted GSO\npacket of VIRTIO_NET_HDR_GSO_UDP layering the following protocols:\n\n ETH_P_8021AD + ETH_P_NSH + ETH_P_IPV6 + IPPROTO_UDP\n\nNSH can encapsulate IPv4, IPv6, Ethernet, NSH, and MPLS. As the inner\nprotocol can be Ethernet, NSH GSO handler, nsh_gso_segment(), calls\nskb_mac_gso_segment() to invoke inner protocol GSO handlers.\n\nnsh_gso_segment() does the following for the original skb before\ncalling skb_mac_gso_segment()\n\n 1. reset skb-\u003enetwork_header\n 2. save the original skb-\u003e{mac_heaeder,mac_len} in a local variable\n 3. pull the NSH header\n 4. resets skb-\u003emac_header\n 5. set up skb-\u003emac_len and skb-\u003eprotocol for the inner protocol.\n\nand does the following for the segmented skb\n\n 6. set ntohs(ETH_P_NSH) to skb-\u003eprotocol\n 7. push the NSH header\n 8. restore skb-\u003emac_header\n 9. set skb-\u003emac_header + mac_len to skb-\u003enetwork_header\n 10. restore skb-\u003emac_len\n\nThere are two problems in 6-7 and 8-9.\n\n (a)\n After 6 \u0026 7, skb-\u003edata points to the NSH header, so the outer header\n (ETH_P_8021AD in this case) is stripped when skb is sent out of netdev.\n\n Also, if NSH is encapsulated by NSH + Ethernet (so NSH-Ethernet-NSH),\n skb_pull() in the first nsh_gso_segment() will make skb-\u003edata point\n to the middle of the outer NSH or Ethernet header because the Ethernet\n header is not pulled by the second nsh_gso_segment().\n\n (b)\n While restoring skb-\u003e{mac_header,network_header} in 8 \u0026 9,\n nsh_gso_segment() does not assume that the data in the linear\n buffer is shifted.\n\n However, udp6_ufo_fragment() could shift the data and change\n skb-\u003emac_header accordingly as demonstrated by syzbot.\n\n If this happens, even the restored skb-\u003emac_header points to\n the middle of the outer header.\n\nIt seems nsh_gso_segment() has never worked with outer headers so far.\n\nAt the end of nsh_gso_segment(), the outer header must be restored for\nthe segmented skb, instead of the NSH header.\n\nTo do that, let\u0027s calculate the outer header position relatively from\nthe inner header and set skb-\u003e{data,mac_header,protocol} properly.\n\n[0]:\nBUG: KMSAN: uninit-value in ipvlan_process_outbound drivers/net/ipvlan/ipvlan_core.c:524 [inline]\nBUG: KMSAN: uninit-value in ipvlan_xmit_mode_l3 drivers/net/ipvlan/ipvlan_core.c:602 [inline]\nBUG: KMSAN: uninit-value in ipvlan_queue_xmit+0xf44/0x16b0 drivers/net/ipvlan/ipvlan_core.c:668\n ipvlan_process_outbound drivers/net/ipvlan/ipvlan_core.c:524 [inline]\n ipvlan_xmit_mode_l3 drivers/net/ipvlan/ipvlan_core.c:602 [inline]\n ipvlan_queue_xmit+0xf44/0x16b0 drivers/net/ipvlan/ipvlan_core.c:668\n ipvlan_start_xmit+0x5c/0x1a0 drivers/net/ipvlan/ipvlan_main.c:222\n __netdev_start_xmit include/linux/netdevice.h:4989 [inline]\n netdev_start_xmit include/linux/netdevice.h:5003 [inline]\n xmit_one net/core/dev.c:3547 [inline]\n dev_hard_start_xmit+0x244/0xa10 net/core/dev.c:3563\n __dev_queue_xmit+0x33ed/0x51c0 net/core/dev.c:4351\n dev_queue_xmit include/linux/netdevice.h:3171 [inline]\n packet_xmit+0x9c/0x6b0 net/packet/af_packet.c:276\n packet_snd net/packet/af_packet.c:3081 [inline]\n packet_sendmsg+0x8aef/0x9f10 net/packet/af_packet.c:3113\n sock_sendmsg_nosec net/socket.c:730 [inline]\n __sock_sendmsg net/socket.c:745 [inline]\n __sys_sendto+0x735/0xa10 net/socket.c:2191\n __do_sys_sendto net/socket.c:2203 [inline]\n __se_sys_sendto net/socket.c:2199 [inline]\n __x64_sys_sendto+0x125/0x1c0 net/socket.c:2199\n do_syscall_x64 arch/x86/entry/common.c:52 [inline]\n do_syscall_64+0xcf/0x1e0 arch/x86/entry/common.c:83\n entry_SYSCALL_64_after_hwframe+0x63/0x6b\n\nUninit was created at:\n slab_post_alloc_hook mm/slub.c:3819 [inline]\n slab_alloc_node mm/slub.c:3860 [inline]\n __do_kmalloc_node mm/slub.c:3980 [inline]\n __kmalloc_node_track_caller+0x705/0x1000 mm/slub.c:4001\n kmalloc_reserve+0x249/0x4a0 net/core/skbuff.c:582\n __\n---truncated---",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"2",
"5"
],
"known_not_affected": [
"3"
]
},
"remediations": [
{
"category": "vendor_fix",
"details": "Update to V3.1 or later version",
"product_ids": [
"2",
"5"
],
"url": "https://support.industry.siemens.com/cs/ww/en/view/109977557/"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 0.0,
"baseSeverity": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:N/A:N",
"version": "3.1"
},
"products": [
"2",
"5"
]
}
],
"threats": [
{
"category": "impact",
"details": "Misinformed",
"product_ids": [
"3"
]
}
],
"title": "CVE-2024-36933"
},
{
"cve": "CVE-2024-36934",
"cwe": {
"id": "CWE-125",
"name": "Out-of-bounds Read"
},
"notes": [
{
"category": "summary",
"text": "In the Linux kernel, the following vulnerability has been resolved: bna: ensure the copied buf is NUL terminated Currently, we allocate a nbytes-sized kernel buffer and copy nbytes from userspace to that buffer. Later, we use sscanf on this buffer but we don\u0027t ensure that the string is terminated inside the buffer, this can lead to OOB read when using sscanf. Fix this issue by using memdup_user_nul instead of memdup_user.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"2",
"5"
],
"known_not_affected": [
"3"
]
},
"remediations": [
{
"category": "vendor_fix",
"details": "Update to V3.1 or later version",
"product_ids": [
"2",
"5"
],
"url": "https://support.industry.siemens.com/cs/ww/en/view/109977557/"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"2",
"5"
]
}
],
"threats": [
{
"category": "impact",
"details": "Misinformed",
"product_ids": [
"3"
]
}
],
"title": "CVE-2024-36934"
},
{
"cve": "CVE-2024-36938",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"notes": [
{
"category": "summary",
"text": "Denial of Service Vulnerability in the Linux Kernel: bpf, skmsg: Fix NULL pointer dereference in sk_psock_skb_ingress_enqueue Fix NULL pointer data-races in sk_psock_skb_ingress_enqueue() which syzbot reported.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"2",
"5"
],
"known_not_affected": [
"3"
]
},
"remediations": [
{
"category": "vendor_fix",
"details": "Update to V3.1 or later version",
"product_ids": [
"2",
"5"
],
"url": "https://support.industry.siemens.com/cs/ww/en/view/109977557/"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C",
"version": "3.1"
},
"products": [
"2",
"5"
]
}
],
"threats": [
{
"category": "impact",
"details": "Misinformed",
"product_ids": [
"3"
]
}
],
"title": "CVE-2024-36938"
},
{
"cve": "CVE-2024-36940",
"cwe": {
"id": "CWE-415",
"name": "Double Free"
},
"notes": [
{
"category": "summary",
"text": "In the Linux kernel, the following vulnerability has been resolved: pinctrl: core: delete incorrect free in pinctrl_enable() The \"pctldev\" struct is allocated in devm_pinctrl_register_and_init(). It\u0027s a devm_ managed pointer that is freed by devm_pinctrl_dev_release(), so freeing it in pinctrl_enable() will lead to a double free. The devm_pinctrl_dev_release() function frees the pindescs and destroys the mutex as well.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"2",
"5"
],
"known_not_affected": [
"3"
]
},
"remediations": [
{
"category": "vendor_fix",
"details": "Update to V3.1 or later version",
"product_ids": [
"2",
"5"
],
"url": "https://support.industry.siemens.com/cs/ww/en/view/109977557/"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"2",
"5"
]
}
],
"threats": [
{
"category": "impact",
"details": "Misinformed",
"product_ids": [
"3"
]
}
],
"title": "CVE-2024-36940"
},
{
"cve": "CVE-2024-36946",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"notes": [
{
"category": "summary",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nphonet: fix rtm_phonet_notify() skb allocation\n\nfill_route() stores three components in the skb:\n\n- struct rtmsg\n- RTA_DST (u8)\n- RTA_OIF (u32)\n\nTherefore, rtm_phonet_notify() should use\n\nNLMSG_ALIGN(sizeof(struct rtmsg)) +\nnla_total_size(1) +\nnla_total_size(4)",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"2",
"5"
],
"known_not_affected": [
"3"
]
},
"remediations": [
{
"category": "vendor_fix",
"details": "Update to V3.1 or later version",
"product_ids": [
"2",
"5"
],
"url": "https://support.industry.siemens.com/cs/ww/en/view/109977557/"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 0.0,
"baseSeverity": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:N/A:N",
"version": "3.1"
},
"products": [
"2",
"5"
]
}
],
"threats": [
{
"category": "impact",
"details": "Misinformed",
"product_ids": [
"3"
]
}
],
"title": "CVE-2024-36946"
},
{
"cve": "CVE-2024-36954",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"notes": [
{
"category": "summary",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ntipc: fix a possible memleak in tipc_buf_append\n\n__skb_linearize() doesn\u0027t free the skb when it fails, so move\n\u0027*buf = NULL\u0027 after __skb_linearize(), so that the skb can be\nfreed on the err path.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"2",
"5"
],
"known_not_affected": [
"3"
]
},
"remediations": [
{
"category": "vendor_fix",
"details": "Update to V3.1 or later version",
"product_ids": [
"2",
"5"
],
"url": "https://support.industry.siemens.com/cs/ww/en/view/109977557/"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 0.0,
"baseSeverity": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:N/A:N",
"version": "3.1"
},
"products": [
"2",
"5"
]
}
],
"threats": [
{
"category": "impact",
"details": "Misinformed",
"product_ids": [
"3"
]
}
],
"title": "CVE-2024-36954"
},
{
"cve": "CVE-2024-36957",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"notes": [
{
"category": "summary",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nocteontx2-af: avoid off-by-one read from userspace\n\nWe try to access count + 1 byte from userspace with memdup_user(buffer,\ncount + 1). However, the userspace only provides buffer of count bytes and\nonly these count bytes are verified to be okay to access. To ensure the\ncopied buffer is NUL terminated, we use memdup_user_nul instead.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"2",
"5"
],
"known_not_affected": [
"3"
]
},
"remediations": [
{
"category": "vendor_fix",
"details": "Update to V3.1 or later version",
"product_ids": [
"2",
"5"
],
"url": "https://support.industry.siemens.com/cs/ww/en/view/109977557/"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 0.0,
"baseSeverity": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:N/A:N",
"version": "3.1"
},
"products": [
"2",
"5"
]
}
],
"threats": [
{
"category": "impact",
"details": "Misinformed",
"product_ids": [
"3"
]
}
],
"title": "CVE-2024-36957"
},
{
"cve": "CVE-2024-36959",
"cwe": {
"id": "CWE-668",
"name": "Exposure of Resource to Wrong Sphere"
},
"notes": [
{
"category": "summary",
"text": "In the Linux kernel, the following vulnerability has been resolved: pinctrl: devicetree: fix refcount leak in pinctrl_dt_to_map() If we fail to allocate propname buffer, we need to drop the reference count we just took. Because the pinctrl_dt_free_maps() includes the droping operation, here we call it directly.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"2",
"5"
],
"known_not_affected": [
"3"
]
},
"remediations": [
{
"category": "vendor_fix",
"details": "Update to V3.1 or later version",
"product_ids": [
"2",
"5"
],
"url": "https://support.industry.siemens.com/cs/ww/en/view/109977557/"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"2",
"5"
]
}
],
"threats": [
{
"category": "impact",
"details": "Misinformed",
"product_ids": [
"3"
]
}
],
"title": "CVE-2024-36959"
},
{
"cve": "CVE-2024-36964",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"notes": [
{
"category": "summary",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nfs/9p: only translate RWX permissions for plain 9P2000\n\nGarbage in plain 9P2000\u0027s perm bits is allowed through, which causes it\nto be able to set (among others) the suid bit. This was presumably not\nthe intent since the unix extended bits are handled explicitly and\nconditionally on .u.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"2",
"5"
],
"known_not_affected": [
"3"
]
},
"remediations": [
{
"category": "vendor_fix",
"details": "Update to V3.1 or later version",
"product_ids": [
"2",
"5"
],
"url": "https://support.industry.siemens.com/cs/ww/en/view/109977557/"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 0.0,
"baseSeverity": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:N/A:N",
"version": "3.1"
},
"products": [
"2",
"5"
]
}
],
"threats": [
{
"category": "impact",
"details": "Misinformed",
"product_ids": [
"3"
]
}
],
"title": "CVE-2024-36964"
},
{
"cve": "CVE-2024-36971",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"notes": [
{
"category": "summary",
"text": "1. Describe what is the vulnerability about, e.g.:\n Affected devices do not properly validate input in the hack-me endpoint of the web service.\n\n 2. Describe what an attacker could do with it - e.g.:\n This could allow an unauthenticated remote attacker to execute arbitrary code on the device.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"2",
"5"
],
"known_not_affected": [
"3"
]
},
"remediations": [
{
"category": "vendor_fix",
"details": "Update to V3.1 or later version",
"product_ids": [
"2",
"5"
],
"url": "https://support.industry.siemens.com/cs/ww/en/view/109977557/"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 0.0,
"baseSeverity": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:N/A:N/E:P/RL:O/RC:C",
"version": "3.1"
},
"products": [
"2",
"5"
]
}
],
"threats": [
{
"category": "impact",
"details": "Misinformed",
"product_ids": [
"3"
]
}
],
"title": "CVE-2024-36971"
},
{
"cve": "CVE-2024-36974",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"notes": [
{
"category": "summary",
"text": "net/sched: taprio: always validate TCA_TAPRIO_ATTR_PRIOMAP. If one TCA_TAPRIO_ATTR_PRIOMAP attribute has been provided, taprio_parse_mqprio_opt() must validate it, or userspace can inject arbitrary data to the kernel, the second time taprio_change() is called. First call (with valid attributes) sets dev-\u003enum_tc to a non zero value. Second call (with arbitrary mqprio attributes) returns early from taprio_parse_mqprio_opt() and bad things can happen.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"2",
"5"
],
"known_not_affected": [
"3"
]
},
"remediations": [
{
"category": "vendor_fix",
"details": "Update to V3.1 or later version",
"product_ids": [
"2",
"5"
],
"url": "https://support.industry.siemens.com/cs/ww/en/view/109977557/"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"2",
"5"
]
}
],
"threats": [
{
"category": "impact",
"details": "Misinformed",
"product_ids": [
"3"
]
}
],
"title": "CVE-2024-36974"
},
{
"cve": "CVE-2024-36978",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"notes": [
{
"category": "summary",
"text": "net: sched: sch_multiq: possible OOB write in multiq_tune() q-\u003ebands will be assigned to qopt-\u003ebands to execute subsequent code logic after kmalloc. So the old q-\u003ebands should not be used in kmalloc. Otherwise, an out-of-bounds write will occur.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"2",
"5"
],
"known_not_affected": [
"3"
]
},
"remediations": [
{
"category": "vendor_fix",
"details": "Update to V3.1 or later version",
"product_ids": [
"2",
"5"
],
"url": "https://support.industry.siemens.com/cs/ww/en/view/109977557/"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:L",
"version": "3.1"
},
"products": [
"2",
"5"
]
}
],
"threats": [
{
"category": "impact",
"details": "Misinformed",
"product_ids": [
"3"
]
}
],
"title": "CVE-2024-36978"
},
{
"cve": "CVE-2024-37356",
"cwe": {
"id": "CWE-125",
"name": "Out-of-bounds Read"
},
"notes": [
{
"category": "summary",
"text": "In the Linux kernel, the following vulnerability has been resolved: tcp: Fix shift-out-of-bounds in dctcp_update_alpha().",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"2",
"5"
],
"known_not_affected": [
"3"
]
},
"remediations": [
{
"category": "vendor_fix",
"details": "Update to V3.1 or later version",
"product_ids": [
"2",
"5"
],
"url": "https://support.industry.siemens.com/cs/ww/en/view/109977557/"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.6,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:H",
"version": "3.1"
},
"products": [
"2",
"5"
]
}
],
"threats": [
{
"category": "impact",
"details": "Misinformed",
"product_ids": [
"3"
]
}
],
"title": "CVE-2024-37356"
},
{
"cve": "CVE-2024-38381",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"notes": [
{
"category": "summary",
"text": "nfc: nci: Fix uninit-value in nci_rx_work syzbot reported the following uninit-value access issue [1] nci_rx_work() parses received packet from ndev-\u003erx_q. It should be validated header size, payload size and total packet size before processing the packet. If an invalid packet is detected, it should be silently discarded.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"2",
"5"
],
"known_not_affected": [
"3"
]
},
"remediations": [
{
"category": "vendor_fix",
"details": "Update to V3.1 or later version",
"product_ids": [
"2",
"5"
],
"url": "https://support.industry.siemens.com/cs/ww/en/view/109977557/"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"2",
"5"
]
}
],
"threats": [
{
"category": "impact",
"details": "Misinformed",
"product_ids": [
"3"
]
}
],
"title": "CVE-2024-38381"
},
{
"cve": "CVE-2024-38555",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"notes": [
{
"category": "summary",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet/mlx5: Discard command completions in internal error\n\nFix use after free when FW completion arrives while device is in\ninternal error state. Avoid calling completion handler in this case,\nsince the device will flush the command interface and trigger all\ncompletions manually.\n\nKernel log:\n------------[ cut here ]------------\nrefcount_t: underflow; use-after-free.\n...\nRIP: 0010:refcount_warn_saturate+0xd8/0xe0\n...\nCall Trace:\n\u003cIRQ\u003e\n? __warn+0x79/0x120\n? refcount_warn_saturate+0xd8/0xe0\n? report_bug+0x17c/0x190\n? handle_bug+0x3c/0x60\n? exc_invalid_op+0x14/0x70\n? asm_exc_invalid_op+0x16/0x20\n? refcount_warn_saturate+0xd8/0xe0\ncmd_ent_put+0x13b/0x160 [mlx5_core]\nmlx5_cmd_comp_handler+0x5f9/0x670 [mlx5_core]\ncmd_comp_notifier+0x1f/0x30 [mlx5_core]\nnotifier_call_chain+0x35/0xb0\natomic_notifier_call_chain+0x16/0x20\nmlx5_eq_async_int+0xf6/0x290 [mlx5_core]\nnotifier_call_chain+0x35/0xb0\natomic_notifier_call_chain+0x16/0x20\nirq_int_handler+0x19/0x30 [mlx5_core]\n__handle_irq_event_percpu+0x4b/0x160\nhandle_irq_event+0x2e/0x80\nhandle_edge_irq+0x98/0x230\n__common_interrupt+0x3b/0xa0\ncommon_interrupt+0x7b/0xa0\n\u003c/IRQ\u003e\n\u003cTASK\u003e\nasm_common_interrupt+0x22/0x40",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"2",
"5"
],
"known_not_affected": [
"3"
]
},
"remediations": [
{
"category": "vendor_fix",
"details": "Update to V3.1 or later version",
"product_ids": [
"2",
"5"
],
"url": "https://support.industry.siemens.com/cs/ww/en/view/109977557/"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 0.0,
"baseSeverity": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:N/A:N",
"version": "3.1"
},
"products": [
"2",
"5"
]
}
],
"threats": [
{
"category": "impact",
"details": "Misinformed",
"product_ids": [
"3"
]
}
],
"title": "CVE-2024-38555"
},
{
"cve": "CVE-2024-38558",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"notes": [
{
"category": "summary",
"text": "net: openvswitch: fix overwriting ct original tuple for ICMPv6 OVS_PACKET_CMD_EXECUTE has 3 main attributes: - OVS_PACKET_ATTR_KEY - Packet metadata in a netlink format. - OVS_PACKET_ATTR_PACKET - Binary packet content. - OVS_PACKET_ATTR_ACTIONS - Actions to execute on the packet. OVS_PACKET_ATTR_KEY is parsed first to populate sw_flow_key structure with the metadata like conntrack state, input port, recirculation id, etc.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"2",
"5"
],
"known_not_affected": [
"3"
]
},
"remediations": [
{
"category": "vendor_fix",
"details": "Update to V3.1 or later version",
"product_ids": [
"2",
"5"
],
"url": "https://support.industry.siemens.com/cs/ww/en/view/109977557/"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"2",
"5"
]
}
],
"threats": [
{
"category": "impact",
"details": "Misinformed",
"product_ids": [
"3"
]
}
],
"title": "CVE-2024-38558"
},
{
"cve": "CVE-2024-38578",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"notes": [
{
"category": "summary",
"text": "ecryptfs: Fix buffer size for tag 66 packet The \u0027TAG 66 Packet Format\u0027 description is missing the cipher code and checksum fields that are packed into the message packet. As a result, the buffer allocated for the packet is 3 bytes too small and write_tag_66_packet() will write up to 3 bytes past the end of the buffer. Fix this by increasing the size of the allocation so the whole packet will always fit in the buffer.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"2",
"5"
],
"known_not_affected": [
"3"
]
},
"remediations": [
{
"category": "vendor_fix",
"details": "Update to V3.1 or later version",
"product_ids": [
"2",
"5"
],
"url": "https://support.industry.siemens.com/cs/ww/en/view/109977557/"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"2",
"5"
]
}
],
"threats": [
{
"category": "impact",
"details": "Misinformed",
"product_ids": [
"3"
]
}
],
"title": "CVE-2024-38578"
},
{
"cve": "CVE-2024-38579",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"notes": [
{
"category": "summary",
"text": "crypto: bcm - Fix pointer arithmetic In spu2_dump_omd() value of ptr is increased by ciph_key_len instead of hash_iv_len which could lead to going beyond the buffer boundaries.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"2",
"5"
],
"known_not_affected": [
"3"
]
},
"remediations": [
{
"category": "vendor_fix",
"details": "Update to V3.1 or later version",
"product_ids": [
"2",
"5"
],
"url": "https://support.industry.siemens.com/cs/ww/en/view/109977557/"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"2",
"5"
]
}
],
"threats": [
{
"category": "impact",
"details": "Misinformed",
"product_ids": [
"3"
]
}
],
"title": "CVE-2024-38579"
},
{
"cve": "CVE-2024-38586",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"notes": [
{
"category": "summary",
"text": "r8169: possible ring buffer corruption on fragmented Tx packets. Vulnerability on the RTL8125b when transmitting small fragmented packets, whereby invalid entries were inserted into the transmit ring buffer, subsequently leading to calls to dma_unmap_single() with a null address. This was caused by rtl8169_start_xmit() not noticing changes to nr_frags which may occur when small packets are padded (to work around hardware quirks) in rtl8169_tso_csum_v2().",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"2",
"5"
],
"known_not_affected": [
"3"
]
},
"remediations": [
{
"category": "vendor_fix",
"details": "Update to V3.1 or later version",
"product_ids": [
"2",
"5"
],
"url": "https://support.industry.siemens.com/cs/ww/en/view/109977557/"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.7,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C",
"version": "3.1"
},
"products": [
"2",
"5"
]
}
],
"threats": [
{
"category": "impact",
"details": "Misinformed",
"product_ids": [
"3"
]
}
],
"title": "CVE-2024-38586"
},
{
"cve": "CVE-2024-38587",
"cwe": {
"id": "CWE-129",
"name": "Improper Validation of Array Index"
},
"notes": [
{
"category": "summary",
"text": "In the Linux kernel, the following vulnerability has been resolved:\r\n\r\nspeakup: Fix sizeof() vs ARRAY_SIZE() bug\r\n\r\nThe \"buf\" pointer is an array of u16 values. This code should be\r\nusing ARRAY_SIZE() (which is 256) instead of sizeof() (which is 512),\r\notherwise it can the still got out of bounds.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"2",
"5"
],
"known_not_affected": [
"3"
]
},
"remediations": [
{
"category": "vendor_fix",
"details": "Update to V3.1 or later version",
"product_ids": [
"2",
"5"
],
"url": "https://support.industry.siemens.com/cs/ww/en/view/109977557/"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"2",
"5"
]
}
],
"threats": [
{
"category": "impact",
"details": "Misinformed",
"product_ids": [
"3"
]
}
],
"title": "CVE-2024-38587"
},
{
"cve": "CVE-2024-38589",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"notes": [
{
"category": "summary",
"text": "netrom: fix possible dead-lock in nr_rt_ioctl() syzbot loves netrom, and found a possible deadlock in nr_rt_ioctl [1] Make sure we always acquire nr_node_list_lock before nr_node_lock(nr_node).",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"2",
"5"
],
"known_not_affected": [
"3"
]
},
"remediations": [
{
"category": "vendor_fix",
"details": "Update to V3.1 or later version",
"product_ids": [
"2",
"5"
],
"url": "https://support.industry.siemens.com/cs/ww/en/view/109977557/"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"2",
"5"
]
}
],
"threats": [
{
"category": "impact",
"details": "Misinformed",
"product_ids": [
"3"
]
}
],
"title": "CVE-2024-38589"
},
{
"cve": "CVE-2024-38590",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"notes": [
{
"category": "summary",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nRDMA/hns: Modify the print level of CQE error\n\nToo much print may lead to a panic in kernel. Change ibdev_err() to\nibdev_err_ratelimited(), and change the printing level of cqe dump\nto debug level.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"2",
"5"
],
"known_not_affected": [
"3"
]
},
"remediations": [
{
"category": "vendor_fix",
"details": "Update to V3.1 or later version",
"product_ids": [
"2",
"5"
],
"url": "https://support.industry.siemens.com/cs/ww/en/view/109977557/"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 0.0,
"baseSeverity": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:N/A:N",
"version": "3.1"
},
"products": [
"2",
"5"
]
}
],
"threats": [
{
"category": "impact",
"details": "Misinformed",
"product_ids": [
"3"
]
}
],
"title": "CVE-2024-38590"
},
{
"cve": "CVE-2024-38596",
"cwe": {
"id": "CWE-362",
"name": "Concurrent Execution using Shared Resource with Improper Synchronization (\u0027Race Condition\u0027)"
},
"notes": [
{
"category": "summary",
"text": "In the Linux kernel, the following vulnerability has been resolved: af_unix: Fix data races in unix_release_sock/unix_stream_sendmsg.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"2",
"5"
],
"known_not_affected": [
"3"
]
},
"remediations": [
{
"category": "vendor_fix",
"details": "Update to V3.1 or later version",
"product_ids": [
"2",
"5"
],
"url": "https://support.industry.siemens.com/cs/ww/en/view/109977557/"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.7,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"2",
"5"
]
}
],
"threats": [
{
"category": "impact",
"details": "Misinformed",
"product_ids": [
"3"
]
}
],
"title": "CVE-2024-38596"
},
{
"cve": "CVE-2024-38597",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"notes": [
{
"category": "summary",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\neth: sungem: remove .ndo_poll_controller to avoid deadlocks\n\nErhard reports netpoll warnings from sungem:\n\n netpoll_send_skb_on_dev(): eth0 enabled interrupts in poll (gem_start_xmit+0x0/0x398)\n WARNING: CPU: 1 PID: 1 at net/core/netpoll.c:370 netpoll_send_skb+0x1fc/0x20c\n\ngem_poll_controller() disables interrupts, which may sleep.\nWe can\u0027t sleep in netpoll, it has interrupts disabled completely.\nStrangely, gem_poll_controller() doesn\u0027t even poll the completions,\nand instead acts as if an interrupt has fired so it just schedules\nNAPI and exits. None of this has been necessary for years, since\nnetpoll invokes NAPI directly.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"2",
"5"
],
"known_not_affected": [
"3"
]
},
"remediations": [
{
"category": "vendor_fix",
"details": "Update to V3.1 or later version",
"product_ids": [
"2",
"5"
],
"url": "https://support.industry.siemens.com/cs/ww/en/view/109977557/"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 0.0,
"baseSeverity": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:N/A:N",
"version": "3.1"
},
"products": [
"2",
"5"
]
}
],
"threats": [
{
"category": "impact",
"details": "Misinformed",
"product_ids": [
"3"
]
}
],
"title": "CVE-2024-38597"
},
{
"cve": "CVE-2024-38598",
"cwe": {
"id": "CWE-667",
"name": "Improper Locking"
},
"notes": [
{
"category": "summary",
"text": "In the Linux kernel, the following vulnerability has been resolved: md: fix resync softlockup when bitmap size is less than array size.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"2",
"5"
],
"known_not_affected": [
"3"
]
},
"remediations": [
{
"category": "vendor_fix",
"details": "Update to V3.1 or later version",
"product_ids": [
"2",
"5"
],
"url": "https://support.industry.siemens.com/cs/ww/en/view/109977557/"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"2",
"5"
]
}
],
"threats": [
{
"category": "impact",
"details": "Misinformed",
"product_ids": [
"3"
]
}
],
"title": "CVE-2024-38598"
},
{
"cve": "CVE-2024-38601",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"notes": [
{
"category": "summary",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nring-buffer: Fix a race between readers and resize checks\n\nThe reader code in rb_get_reader_page() swaps a new reader page into the\nring buffer by doing cmpxchg on old-\u003elist.prev-\u003enext to point it to the\nnew page. Following that, if the operation is successful,\nold-\u003elist.next-\u003eprev gets updated too. This means the underlying\ndoubly-linked list is temporarily inconsistent, page-\u003eprev-\u003enext or\npage-\u003enext-\u003eprev might not be equal back to page for some page in the\nring buffer.\n\nThe resize operation in ring_buffer_resize() can be invoked in parallel.\nIt calls rb_check_pages() which can detect the described inconsistency\nand stop further tracing:\n\n[ 190.271762] ------------[ cut here ]------------\n[ 190.271771] WARNING: CPU: 1 PID: 6186 at kernel/trace/ring_buffer.c:1467 rb_check_pages.isra.0+0x6a/0xa0\n[ 190.271789] Modules linked in: [...]\n[ 190.271991] Unloaded tainted modules: intel_uncore_frequency(E):1 skx_edac(E):1\n[ 190.272002] CPU: 1 PID: 6186 Comm: cmd.sh Kdump: loaded Tainted: G E 6.9.0-rc6-default #5 158d3e1e6d0b091c34c3b96bfd99a1c58306d79f\n[ 190.272011] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS rel-1.16.0-0-gd239552c-rebuilt.opensuse.org 04/01/2014\n[ 190.272015] RIP: 0010:rb_check_pages.isra.0+0x6a/0xa0\n[ 190.272023] Code: [...]\n[ 190.272028] RSP: 0018:ffff9c37463abb70 EFLAGS: 00010206\n[ 190.272034] RAX: ffff8eba04b6cb80 RBX: 0000000000000007 RCX: ffff8eba01f13d80\n[ 190.272038] RDX: ffff8eba01f130c0 RSI: ffff8eba04b6cd00 RDI: ffff8eba0004c700\n[ 190.272042] RBP: ffff8eba0004c700 R08: 0000000000010002 R09: 0000000000000000\n[ 190.272045] R10: 00000000ffff7f52 R11: ffff8eba7f600000 R12: ffff8eba0004c720\n[ 190.272049] R13: ffff8eba00223a00 R14: 0000000000000008 R15: ffff8eba067a8000\n[ 190.272053] FS: 00007f1bd64752c0(0000) GS:ffff8eba7f680000(0000) knlGS:0000000000000000\n[ 190.272057] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\n[ 190.272061] CR2: 00007f1bd6662590 CR3: 000000010291e001 CR4: 0000000000370ef0\n[ 190.272070] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000\n[ 190.272073] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400\n[ 190.272077] Call Trace:\n[ 190.272098] \u003cTASK\u003e\n[ 190.272189] ring_buffer_resize+0x2ab/0x460\n[ 190.272199] __tracing_resize_ring_buffer.part.0+0x23/0xa0\n[ 190.272206] tracing_resize_ring_buffer+0x65/0x90\n[ 190.272216] tracing_entries_write+0x74/0xc0\n[ 190.272225] vfs_write+0xf5/0x420\n[ 190.272248] ksys_write+0x67/0xe0\n[ 190.272256] do_syscall_64+0x82/0x170\n[ 190.272363] entry_SYSCALL_64_after_hwframe+0x76/0x7e\n[ 190.272373] RIP: 0033:0x7f1bd657d263\n[ 190.272381] Code: [...]\n[ 190.272385] RSP: 002b:00007ffe72b643f8 EFLAGS: 00000246 ORIG_RAX: 0000000000000001\n[ 190.272391] RAX: ffffffffffffffda RBX: 0000000000000002 RCX: 00007f1bd657d263\n[ 190.272395] RDX: 0000000000000002 RSI: 0000555a6eb538e0 RDI: 0000000000000001\n[ 190.272398] RBP: 0000555a6eb538e0 R08: 000000000000000a R09: 0000000000000000\n[ 190.272401] R10: 0000555a6eb55190 R11: 0000000000000246 R12: 00007f1bd6662500\n[ 190.272404] R13: 0000000000000002 R14: 00007f1bd6667c00 R15: 0000000000000002\n[ 190.272412] \u003c/TASK\u003e\n[ 190.272414] ---[ end trace 0000000000000000 ]---\n\nNote that ring_buffer_resize() calls rb_check_pages() only if the parent\ntrace_buffer has recording disabled. Recent commit d78ab792705c\n(\"tracing: Stop current tracer when resizing buffer\") causes that it is\nnow always the case which makes it more likely to experience this issue.\n\nThe window to hit this race is nonetheless very small. To help\nreproducing it, one can add a delay loop in rb_get_reader_page():\n\n ret = rb_head_page_replace(reader, cpu_buffer-\u003ereader_page);\n if (!ret)\n \tgoto spin;\n for (unsigned i = 0; i \u003c 1U \u003c\u003c 26; i++) /* inserted delay loop */\n \t__asm__ __volatile__ (\"\" : : : \"memory\");\n rb_list_head(reader-\u003elist.next)-\u003eprev = \u0026cpu_buffer-\u003ereader_page-\u003elist;\n\n.. \n---truncated---",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"2",
"5"
],
"known_not_affected": [
"3"
]
},
"remediations": [
{
"category": "vendor_fix",
"details": "Update to V3.1 or later version",
"product_ids": [
"2",
"5"
],
"url": "https://support.industry.siemens.com/cs/ww/en/view/109977557/"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 0.0,
"baseSeverity": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:N/A:N",
"version": "3.1"
},
"products": [
"2",
"5"
]
}
],
"threats": [
{
"category": "impact",
"details": "Misinformed",
"product_ids": [
"3"
]
}
],
"title": "CVE-2024-38601"
},
{
"cve": "CVE-2024-38612",
"cwe": {
"id": "CWE-459",
"name": "Incomplete Cleanup"
},
"notes": [
{
"category": "summary",
"text": "In the Linux kernel, the following vulnerability has been resolved: ipv6: sr: fix invalid unregister error path The error path of seg6_init() is wrong in case CONFIG_IPV6_SEG6_LWTUNNEL is not defined. In that case if seg6_hmac_init() fails, the genl_unregister_family() isn\u0027t called. This issue exist since commit 46738b1317e1 (\"ipv6: sr: add option to control lwtunnel support\"), and commit 5559cea2d5aa (\"ipv6: sr: fix possible use-after-free and null-ptr-deref\") replaced unregister_pernet_subsys() with genl_unregister_family() in this error path.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"2",
"5"
],
"known_not_affected": [
"3"
]
},
"remediations": [
{
"category": "vendor_fix",
"details": "Update to V3.1 or later version",
"product_ids": [
"2",
"5"
],
"url": "https://support.industry.siemens.com/cs/ww/en/view/109977557/"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"2",
"5"
]
}
],
"threats": [
{
"category": "impact",
"details": "Misinformed",
"product_ids": [
"3"
]
}
],
"title": "CVE-2024-38612"
},
{
"cve": "CVE-2024-38615",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"notes": [
{
"category": "summary",
"text": "cpufreq: exit() callback is optional The exit() callback is optional and shouldn\u0027t be called without checking a valid pointer first. Also, we must clear freq_table pointer even if the exit() callback isn\u0027t present.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"2",
"5"
],
"known_not_affected": [
"3"
]
},
"remediations": [
{
"category": "vendor_fix",
"details": "Update to V3.1 or later version",
"product_ids": [
"2",
"5"
],
"url": "https://support.industry.siemens.com/cs/ww/en/view/109977557/"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"2",
"5"
]
}
],
"threats": [
{
"category": "impact",
"details": "Misinformed",
"product_ids": [
"3"
]
}
],
"title": "CVE-2024-38615"
},
{
"cve": "CVE-2024-38619",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"notes": [
{
"category": "summary",
"text": "usb-storage: alauda: Check whether the media is initialized. The member \"uzonesize\" of struct alauda_info will remain 0 if alauda_init_media() fails, potentially causing divide errors in alauda_read_data() and alauda_write_lba().",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"2",
"5"
],
"known_not_affected": [
"3"
]
},
"remediations": [
{
"category": "vendor_fix",
"details": "Update to V3.1 or later version",
"product_ids": [
"2",
"5"
],
"url": "https://support.industry.siemens.com/cs/ww/en/view/109977557/"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"2",
"5"
]
}
],
"threats": [
{
"category": "impact",
"details": "Misinformed",
"product_ids": [
"3"
]
}
],
"title": "CVE-2024-38619"
},
{
"cve": "CVE-2024-38627",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"notes": [
{
"category": "summary",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nstm class: Fix a double free in stm_register_device()\n\nThe put_device(\u0026stm-\u003edev) call will trigger stm_device_release() which\nfrees \"stm\" so the vfree(stm) on the next line is a double free.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"2",
"5"
],
"known_not_affected": [
"3"
]
},
"remediations": [
{
"category": "vendor_fix",
"details": "Update to V3.1 or later version",
"product_ids": [
"2",
"5"
],
"url": "https://support.industry.siemens.com/cs/ww/en/view/109977557/"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 0.0,
"baseSeverity": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:N/A:N",
"version": "3.1"
},
"products": [
"2",
"5"
]
}
],
"threats": [
{
"category": "impact",
"details": "Misinformed",
"product_ids": [
"3"
]
}
],
"title": "CVE-2024-38627"
},
{
"cve": "CVE-2024-38633",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"notes": [
{
"category": "summary",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nserial: max3100: Update uart_driver_registered on driver removal\n\nThe removal of the last MAX3100 device triggers the removal of\nthe driver. However, code doesn\u0027t update the respective global\nvariable and after insmod \u2014 rmmod \u2014 insmod cycle the kernel\noopses:\n\n max3100 spi-PRP0001:01: max3100_probe: adding port 0\n BUG: kernel NULL pointer dereference, address: 0000000000000408\n ...\n RIP: 0010:serial_core_register_port+0xa0/0x840\n ...\n max3100_probe+0x1b6/0x280 [max3100]\n spi_probe+0x8d/0xb0\n\nUpdate the actual state so next time UART driver will be registered\nagain.\n\nHugo also noticed, that the error path in the probe also affected\nby having the variable set, and not cleared. Instead of clearing it\nmove the assignment after the successfull uart_register_driver() call.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"2",
"5"
],
"known_not_affected": [
"3"
]
},
"remediations": [
{
"category": "vendor_fix",
"details": "Update to V3.1 or later version",
"product_ids": [
"2",
"5"
],
"url": "https://support.industry.siemens.com/cs/ww/en/view/109977557/"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 0.0,
"baseSeverity": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:N/A:N",
"version": "3.1"
},
"products": [
"2",
"5"
]
}
],
"threats": [
{
"category": "impact",
"details": "Misinformed",
"product_ids": [
"3"
]
}
],
"title": "CVE-2024-38633"
},
{
"cve": "CVE-2024-38634",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"notes": [
{
"category": "summary",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nserial: max3100: Lock port-\u003elock when calling uart_handle_cts_change()\n\nuart_handle_cts_change() has to be called with port lock taken,\nSince we run it in a separate work, the lock may not be taken at\nthe time of running. Make sure that it\u0027s taken by explicitly doing\nthat. Without it we got a splat:\n\n WARNING: CPU: 0 PID: 10 at drivers/tty/serial/serial_core.c:3491 uart_handle_cts_change+0xa6/0xb0\n ...\n Workqueue: max3100-0 max3100_work [max3100]\n RIP: 0010:uart_handle_cts_change+0xa6/0xb0\n ...\n max3100_handlerx+0xc5/0x110 [max3100]\n max3100_work+0x12a/0x340 [max3100]",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"2",
"5"
],
"known_not_affected": [
"3"
]
},
"remediations": [
{
"category": "vendor_fix",
"details": "Update to V3.1 or later version",
"product_ids": [
"2",
"5"
],
"url": "https://support.industry.siemens.com/cs/ww/en/view/109977557/"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 0.0,
"baseSeverity": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:N/A:N",
"version": "3.1"
},
"products": [
"2",
"5"
]
}
],
"threats": [
{
"category": "impact",
"details": "Misinformed",
"product_ids": [
"3"
]
}
],
"title": "CVE-2024-38634"
},
{
"cve": "CVE-2024-38637",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"notes": [
{
"category": "summary",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ngreybus: lights: check return of get_channel_from_mode\n\nIf channel for the given node is not found we return null from\nget_channel_from_mode. Make sure we validate the return pointer\nbefore using it in two of the missing places.\n\nThis was originally reported in [0]:\nFound by Linux Verification Center (linuxtesting.org) with SVACE.\n\n[0] https://lore.kernel.org/all/20240301190425.120605-1-m.lobanov@rosalinux.ru",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"2",
"5"
],
"known_not_affected": [
"3"
]
},
"remediations": [
{
"category": "vendor_fix",
"details": "Update to V3.1 or later version",
"product_ids": [
"2",
"5"
],
"url": "https://support.industry.siemens.com/cs/ww/en/view/109977557/"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 0.0,
"baseSeverity": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:N/A:N",
"version": "3.1"
},
"products": [
"2",
"5"
]
}
],
"threats": [
{
"category": "impact",
"details": "Misinformed",
"product_ids": [
"3"
]
}
],
"title": "CVE-2024-38637"
},
{
"cve": "CVE-2024-38659",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"notes": [
{
"category": "summary",
"text": "enic: Validate length of nl attributes in enic_set_vf_port enic_set_vf_port assumes that the nl attribute IFLA_PORT_PROFILE is of length PORT_PROFILE_MAX and that the nl attributes IFLA_PORT_INSTANCE_UUID, IFLA_PORT_HOST_UUID are of length PORT_UUID_MAX. These attributes are validated (in the function do_setlink in rtnetlink.c) using the nla_policy ifla_port_policy. The policy defines IFLA_PORT_PROFILE as NLA_STRING, IFLA_PORT_INSTANCE_UUID as NLA_BINARY and IFLA_PORT_HOST_UUID as NLA_STRING. That means that the length validation using the policy is for the max size of the attributes and not on exact size so the length of these attributes might be less than the sizes that enic_set_vf_port expects. This might cause an out of bands read access in the memcpys of the data of these attributes in enic_set_vf_port.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"2",
"5"
],
"known_not_affected": [
"3"
]
},
"remediations": [
{
"category": "vendor_fix",
"details": "Update to V3.1 or later version",
"product_ids": [
"2",
"5"
],
"url": "https://support.industry.siemens.com/cs/ww/en/view/109977557/"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"2",
"5"
]
}
],
"threats": [
{
"category": "impact",
"details": "Misinformed",
"product_ids": [
"3"
]
}
],
"title": "CVE-2024-38659"
},
{
"cve": "CVE-2024-38662",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"notes": [
{
"category": "summary",
"text": "bpf: Allow delete from sockmap/sockhash only if update is allowed. We have seen an influx of syzkaller reports where a BPF program attached to a tracepoint triggers a locking rule violation by performing a map_delete on a sockmap/sockhash. We don\u0027t intend to support this artificial use scenario. Extend the existing verifier allowed-program-type check for updating sockmap/sockhash to also cover deleting from a map. From now on only BPF programs which were previously allowed to update sockmap/sockhash can delete from these map types.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"2",
"5"
],
"known_not_affected": [
"3"
]
},
"remediations": [
{
"category": "vendor_fix",
"details": "Update to V3.1 or later version",
"product_ids": [
"2",
"5"
],
"url": "https://support.industry.siemens.com/cs/ww/en/view/109977557/"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.4,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"2",
"5"
]
}
],
"threats": [
{
"category": "impact",
"details": "Misinformed",
"product_ids": [
"3"
]
}
],
"title": "CVE-2024-38662"
},
{
"cve": "CVE-2024-38780",
"cwe": {
"id": "CWE-667",
"name": "Improper Locking"
},
"notes": [
{
"category": "summary",
"text": "In the Linux kernel, the following vulnerability has been resolved: dma-buf/sw-sync: don\u0027t enable IRQ from sync_print_obj().",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"2",
"5"
],
"known_not_affected": [
"3"
]
},
"remediations": [
{
"category": "vendor_fix",
"details": "Update to V3.1 or later version",
"product_ids": [
"2",
"5"
],
"url": "https://support.industry.siemens.com/cs/ww/en/view/109977557/"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"2",
"5"
]
}
],
"threats": [
{
"category": "impact",
"details": "Misinformed",
"product_ids": [
"3"
]
}
],
"title": "CVE-2024-38780"
},
{
"cve": "CVE-2024-39276",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"notes": [
{
"category": "summary",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\next4: fix mb_cache_entry\u0027s e_refcnt leak in ext4_xattr_block_cache_find()\n\nSyzbot reports a warning as follows:\n\n============================================\nWARNING: CPU: 0 PID: 5075 at fs/mbcache.c:419 mb_cache_destroy+0x224/0x290\nModules linked in:\nCPU: 0 PID: 5075 Comm: syz-executor199 Not tainted 6.9.0-rc6-gb947cc5bf6d7\nRIP: 0010:mb_cache_destroy+0x224/0x290 fs/mbcache.c:419\nCall Trace:\n \u003cTASK\u003e\n ext4_put_super+0x6d4/0xcd0 fs/ext4/super.c:1375\n generic_shutdown_super+0x136/0x2d0 fs/super.c:641\n kill_block_super+0x44/0x90 fs/super.c:1675\n ext4_kill_sb+0x68/0xa0 fs/ext4/super.c:7327\n[...]\n============================================\n\nThis is because when finding an entry in ext4_xattr_block_cache_find(), if\next4_sb_bread() returns -ENOMEM, the ce\u0027s e_refcnt, which has already grown\nin the __entry_find(), won\u0027t be put away, and eventually trigger the above\nissue in mb_cache_destroy() due to reference count leakage.\n\nSo call mb_cache_entry_put() on the -ENOMEM error branch as a quick fix.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"2",
"5"
],
"known_not_affected": [
"3"
]
},
"remediations": [
{
"category": "vendor_fix",
"details": "Update to V3.1 or later version",
"product_ids": [
"2",
"5"
],
"url": "https://support.industry.siemens.com/cs/ww/en/view/109977557/"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"2",
"5"
]
}
],
"threats": [
{
"category": "impact",
"details": "Misinformed",
"product_ids": [
"3"
]
}
],
"title": "CVE-2024-39276"
},
{
"cve": "CVE-2024-39292",
"cwe": {
"id": "CWE-415",
"name": "Double Free"
},
"notes": [
{
"category": "summary",
"text": "In the Linux kernel, the following vulnerability has been resolved: um: Add winch to winch_handlers before registering winch IRQ Registering a winch IRQ is racy, an interrupt may occur before the winch is added to the winch_handlers list. If that happens, register_winch_irq() adds to that list a winch that is scheduled to be (or has already been) freed, causing a panic later in winch_cleanup(). Avoid the race by adding the winch to the winch_handlers list before registering the IRQ, and rolling back if um_request_irq() fails.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"2",
"5"
],
"known_not_affected": [
"3"
]
},
"remediations": [
{
"category": "vendor_fix",
"details": "Update to V3.1 or later version",
"product_ids": [
"2",
"5"
],
"url": "https://support.industry.siemens.com/cs/ww/en/view/109977557/"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"2",
"5"
]
}
],
"threats": [
{
"category": "impact",
"details": "Misinformed",
"product_ids": [
"3"
]
}
],
"title": "CVE-2024-39292"
},
{
"cve": "CVE-2024-39301",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"notes": [
{
"category": "summary",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet/9p: fix uninit-value in p9_client_rpc()\n\nSyzbot with the help of KMSAN reported the following error:\n\nBUG: KMSAN: uninit-value in trace_9p_client_res include/trace/events/9p.h:146 [inline]\nBUG: KMSAN: uninit-value in p9_client_rpc+0x1314/0x1340 net/9p/client.c:754\n trace_9p_client_res include/trace/events/9p.h:146 [inline]\n p9_client_rpc+0x1314/0x1340 net/9p/client.c:754\n p9_client_create+0x1551/0x1ff0 net/9p/client.c:1031\n v9fs_session_init+0x1b9/0x28e0 fs/9p/v9fs.c:410\n v9fs_mount+0xe2/0x12b0 fs/9p/vfs_super.c:122\n legacy_get_tree+0x114/0x290 fs/fs_context.c:662\n vfs_get_tree+0xa7/0x570 fs/super.c:1797\n do_new_mount+0x71f/0x15e0 fs/namespace.c:3352\n path_mount+0x742/0x1f20 fs/namespace.c:3679\n do_mount fs/namespace.c:3692 [inline]\n __do_sys_mount fs/namespace.c:3898 [inline]\n __se_sys_mount+0x725/0x810 fs/namespace.c:3875\n __x64_sys_mount+0xe4/0x150 fs/namespace.c:3875\n do_syscall_64+0xd5/0x1f0\n entry_SYSCALL_64_after_hwframe+0x6d/0x75\n\nUninit was created at:\n __alloc_pages+0x9d6/0xe70 mm/page_alloc.c:4598\n __alloc_pages_node include/linux/gfp.h:238 [inline]\n alloc_pages_node include/linux/gfp.h:261 [inline]\n alloc_slab_page mm/slub.c:2175 [inline]\n allocate_slab mm/slub.c:2338 [inline]\n new_slab+0x2de/0x1400 mm/slub.c:2391\n ___slab_alloc+0x1184/0x33d0 mm/slub.c:3525\n __slab_alloc mm/slub.c:3610 [inline]\n __slab_alloc_node mm/slub.c:3663 [inline]\n slab_alloc_node mm/slub.c:3835 [inline]\n kmem_cache_alloc+0x6d3/0xbe0 mm/slub.c:3852\n p9_tag_alloc net/9p/client.c:278 [inline]\n p9_client_prepare_req+0x20a/0x1770 net/9p/client.c:641\n p9_client_rpc+0x27e/0x1340 net/9p/client.c:688\n p9_client_create+0x1551/0x1ff0 net/9p/client.c:1031\n v9fs_session_init+0x1b9/0x28e0 fs/9p/v9fs.c:410\n v9fs_mount+0xe2/0x12b0 fs/9p/vfs_super.c:122\n legacy_get_tree+0x114/0x290 fs/fs_context.c:662\n vfs_get_tree+0xa7/0x570 fs/super.c:1797\n do_new_mount+0x71f/0x15e0 fs/namespace.c:3352\n path_mount+0x742/0x1f20 fs/namespace.c:3679\n do_mount fs/namespace.c:3692 [inline]\n __do_sys_mount fs/namespace.c:3898 [inline]\n __se_sys_mount+0x725/0x810 fs/namespace.c:3875\n __x64_sys_mount+0xe4/0x150 fs/namespace.c:3875\n do_syscall_64+0xd5/0x1f0\n entry_SYSCALL_64_after_hwframe+0x6d/0x75\n\nIf p9_check_errors() fails early in p9_client_rpc(), req-\u003erc.tag\nwill not be properly initialized. However, trace_9p_client_res()\nends up trying to print it out anyway before p9_client_rpc()\nfinishes.\n\nFix this issue by assigning default values to p9_fcall fields\nsuch as \u0027tag\u0027 and (just in case KMSAN unearths something new) \u0027id\u0027\nduring the tag allocation stage.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"2",
"5"
],
"known_not_affected": [
"3"
]
},
"remediations": [
{
"category": "vendor_fix",
"details": "Update to V3.1 or later version",
"product_ids": [
"2",
"5"
],
"url": "https://support.industry.siemens.com/cs/ww/en/view/109977557/"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 0.0,
"baseSeverity": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:N/A:N",
"version": "3.1"
},
"products": [
"2",
"5"
]
}
],
"threats": [
{
"category": "impact",
"details": "Misinformed",
"product_ids": [
"3"
]
}
],
"title": "CVE-2024-39301"
},
{
"cve": "CVE-2024-39468",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"notes": [
{
"category": "summary",
"text": "smb: client: Deadlock in smb2_find_smb_tcon().",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"2",
"5"
],
"known_not_affected": [
"3"
]
},
"remediations": [
{
"category": "vendor_fix",
"details": "Update to V3.1 or later version",
"product_ids": [
"2",
"5"
],
"url": "https://support.industry.siemens.com/cs/ww/en/view/109977557/"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"2",
"5"
]
}
],
"threats": [
{
"category": "impact",
"details": "Misinformed",
"product_ids": [
"3"
]
}
],
"title": "CVE-2024-39468"
},
{
"cve": "CVE-2024-39475",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"notes": [
{
"category": "summary",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nfbdev: savage: Handle err return when savagefb_check_var failed\n\nThe commit 04e5eac8f3ab(\"fbdev: savage: Error out if pixclock equals zero\")\nchecks the value of pixclock to avoid divide-by-zero error. However\nthe function savagefb_probe doesn\u0027t handle the error return of\nsavagefb_check_var. When pixclock is 0, it will cause divide-by-zero error.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"2",
"5"
],
"known_not_affected": [
"3"
]
},
"remediations": [
{
"category": "vendor_fix",
"details": "Update to V3.1 or later version",
"product_ids": [
"2",
"5"
],
"url": "https://support.industry.siemens.com/cs/ww/en/view/109977557/"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 0.0,
"baseSeverity": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:N/A:N",
"version": "3.1"
},
"products": [
"2",
"5"
]
}
],
"threats": [
{
"category": "impact",
"details": "Misinformed",
"product_ids": [
"3"
]
}
],
"title": "CVE-2024-39475"
},
{
"cve": "CVE-2024-39476",
"cwe": {
"id": "CWE-667",
"name": "Improper Locking"
},
"notes": [
{
"category": "summary",
"text": "In the Linux kernel, the following vulnerability has been resolved:\r\n\r\nmd/raid5: fix deadlock that raid5d() wait for itself to clear MD_SB_CHANGE_PENDING",
"title": "Summary"
}
],
"product_status": {
"known_not_affected": [
"1",
"3",
"4"
]
},
"threats": [
{
"category": "impact",
"details": "Misinformed",
"product_ids": [
"1",
"4",
"3"
]
}
],
"title": "CVE-2024-39476"
},
{
"cve": "CVE-2024-39480",
"cwe": {
"id": "CWE-121",
"name": "Stack-based Buffer Overflow"
},
"notes": [
{
"category": "summary",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nkdb: Fix buffer overflow during tab-complete\n\nCurrently, when the user attempts symbol completion with the Tab key, kdb\nwill use strncpy() to insert the completed symbol into the command buffer.\nUnfortunately it passes the size of the source buffer rather than the\ndestination to strncpy() with predictably horrible results. Most obviously\nif the command buffer is already full but cp, the cursor position, is in\nthe middle of the buffer, then we will write past the end of the supplied\nbuffer.\n\nFix this by replacing the dubious strncpy() calls with memmove()/memcpy()\ncalls plus explicit boundary checks to make sure we have enough space\nbefore we start moving characters around.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"2",
"5"
],
"known_not_affected": [
"3"
]
},
"remediations": [
{
"category": "vendor_fix",
"details": "Update to V3.1 or later version",
"product_ids": [
"2",
"5"
],
"url": "https://support.industry.siemens.com/cs/ww/en/view/109977557/"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"2",
"5"
]
}
],
"threats": [
{
"category": "impact",
"details": "Misinformed",
"product_ids": [
"3"
]
}
],
"title": "CVE-2024-39480"
},
{
"cve": "CVE-2024-39482",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"notes": [
{
"category": "summary",
"text": "bcache: Variable length array abuse in btree_iter.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"2",
"5"
],
"known_not_affected": [
"3"
]
},
"remediations": [
{
"category": "vendor_fix",
"details": "Update to V3.1 or later version",
"product_ids": [
"2",
"5"
],
"url": "https://support.industry.siemens.com/cs/ww/en/view/109977557/"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"2",
"5"
]
}
],
"threats": [
{
"category": "impact",
"details": "Misinformed",
"product_ids": [
"3"
]
}
],
"title": "CVE-2024-39482"
},
{
"cve": "CVE-2024-39487",
"cwe": {
"id": "CWE-125",
"name": "Out-of-bounds Read"
},
"notes": [
{
"category": "summary",
"text": "In the Linux kernel, the following vulnerability has been resolved: bonding: Fix out-of-bounds read in bond_option_arp_ip_targets_set().",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"2",
"5"
],
"known_not_affected": [
"3"
]
},
"remediations": [
{
"category": "vendor_fix",
"details": "Update to V3.1 or later version",
"product_ids": [
"2",
"5"
],
"url": "https://support.industry.siemens.com/cs/ww/en/view/109977557/"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"2",
"5"
]
}
],
"threats": [
{
"category": "impact",
"details": "Misinformed",
"product_ids": [
"3"
]
}
],
"title": "CVE-2024-39487"
},
{
"cve": "CVE-2024-39489",
"cwe": {
"id": "CWE-401",
"name": "Missing Release of Memory after Effective Lifetime"
},
"notes": [
{
"category": "summary",
"text": "In the Linux kernel, the following vulnerability has been resolved: ipv6: sr: fix memleak in seg6_hmac_init_algo seg6_hmac_init_algo returns without cleaning up the previous allocations if one fails, so it\u0027s going to leak all that memory and the crypto tfms. Update seg6_hmac_exit to only free the memory when allocated, so we can reuse the code directly.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"2",
"5"
],
"known_not_affected": [
"3"
]
},
"remediations": [
{
"category": "vendor_fix",
"details": "Update to V3.1 or later version",
"product_ids": [
"2",
"5"
],
"url": "https://support.industry.siemens.com/cs/ww/en/view/109977557/"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"2",
"5"
]
}
],
"threats": [
{
"category": "impact",
"details": "Misinformed",
"product_ids": [
"3"
]
}
],
"title": "CVE-2024-39489"
},
{
"cve": "CVE-2024-39493",
"cwe": {
"id": "CWE-401",
"name": "Missing Release of Memory after Effective Lifetime"
},
"notes": [
{
"category": "summary",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ncrypto: qat - Fix ADF_DEV_RESET_SYNC memory leak\n\nUsing completion_done to determine whether the caller has gone\naway only works after a complete call. Furthermore it\u0027s still\npossible that the caller has not yet called wait_for_completion,\nresulting in another potential UAF.\n\nFix this by making the caller use cancel_work_sync and then freeing\nthe memory safely.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"2",
"5"
],
"known_not_affected": [
"3"
]
},
"remediations": [
{
"category": "vendor_fix",
"details": "Update to V3.1 or later version",
"product_ids": [
"2",
"5"
],
"url": "https://support.industry.siemens.com/cs/ww/en/view/109977557/"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"2",
"5"
]
}
],
"threats": [
{
"category": "impact",
"details": "Misinformed",
"product_ids": [
"3"
]
}
],
"title": "CVE-2024-39493"
},
{
"cve": "CVE-2024-39495",
"cwe": {
"id": "CWE-416",
"name": "Use After Free"
},
"notes": [
{
"category": "summary",
"text": "greybus: use-after-free vulnerability in gb_interface_release due to race condition.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"2",
"5"
],
"known_not_affected": [
"3"
]
},
"remediations": [
{
"category": "vendor_fix",
"details": "Update to V3.1 or later version",
"product_ids": [
"2",
"5"
],
"url": "https://support.industry.siemens.com/cs/ww/en/view/109977557/"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C",
"version": "3.1"
},
"products": [
"2",
"5"
]
}
],
"threats": [
{
"category": "impact",
"details": "Misinformed",
"product_ids": [
"3"
]
}
],
"title": "CVE-2024-39495"
},
{
"cve": "CVE-2024-39499",
"cwe": {
"id": "CWE-119",
"name": "Improper Restriction of Operations within the Bounds of a Memory Buffer"
},
"notes": [
{
"category": "summary",
"text": "vmci: speculation leaks by sanitizing event in event_deliver(). event_msg is controlled by user-space, event_msg-\u003eevent_data.event is passed to event_deliver() and used as an index without sanitization, leading to information leaks.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"2",
"5"
],
"known_not_affected": [
"3"
]
},
"remediations": [
{
"category": "vendor_fix",
"details": "Update to V3.1 or later version",
"product_ids": [
"2",
"5"
],
"url": "https://support.industry.siemens.com/cs/ww/en/view/109977557/"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C",
"version": "3.1"
},
"products": [
"2",
"5"
]
}
],
"threats": [
{
"category": "impact",
"details": "Misinformed",
"product_ids": [
"3"
]
}
],
"title": "CVE-2024-39499"
},
{
"cve": "CVE-2024-39502",
"cwe": {
"id": "CWE-416",
"name": "Use After Free"
},
"notes": [
{
"category": "summary",
"text": "ionic: use after netif_napi_del(). When queues are started, netif_napi_add() and napi_enable() are called. If there are 4 queues and only 3 queues are used for the current configuration, only 3 queues\u0027 napi should be registered and enabled. The ionic_qcq_enable() checks whether the .poll pointer is not NULL for enabling only the using queue\u0027 napi. Unused queues\u0027 napi will not be registered by netif_napi_add(), so the .poll pointer indicates NULL. But it couldn\u0027t distinguish whether the napi was unregistered or not because netif_napi_del() doesn\u0027t reset the .poll pointer to NULL. So, ionic_qcq_enable() calls napi_enable() for the queue, which was unregistered by netif_napi_del().",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"2",
"5"
],
"known_not_affected": [
"3"
]
},
"remediations": [
{
"category": "vendor_fix",
"details": "Update to V3.1 or later version",
"product_ids": [
"2",
"5"
],
"url": "https://support.industry.siemens.com/cs/ww/en/view/109977557/"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"2",
"5"
]
}
],
"threats": [
{
"category": "impact",
"details": "Misinformed",
"product_ids": [
"3"
]
}
],
"title": "CVE-2024-39502"
},
{
"cve": "CVE-2024-39503",
"cwe": {
"id": "CWE-416",
"name": "Use After Free"
},
"notes": [
{
"category": "summary",
"text": "netfilter: ipset: race between namespace cleanup and gc in the list:set type. The namespace cleanup can destroy the list:set type of sets while the gc of the set type is waiting to run in rcu cleanup. The latter uses data from the destroyed set which thus leads use after free.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"2",
"5"
],
"known_not_affected": [
"3"
]
},
"remediations": [
{
"category": "vendor_fix",
"details": "Update to V3.1 or later version",
"product_ids": [
"2",
"5"
],
"url": "https://support.industry.siemens.com/cs/ww/en/view/109977557/"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"2",
"5"
]
}
],
"threats": [
{
"category": "impact",
"details": "Misinformed",
"product_ids": [
"3"
]
}
],
"title": "CVE-2024-39503"
},
{
"cve": "CVE-2024-39506",
"cwe": {
"id": "CWE-476",
"name": "NULL Pointer Dereference"
},
"notes": [
{
"category": "summary",
"text": "liquidio: Adjust a NULL pointer handling path in lio_vf_rep_copy_packet. In lio_vf_rep_copy_packet() pg_info-\u003epage is compared to a NULL value, but then it is unconditionally passed to skb_add_rx_frag(), which could lead to null pointer dereference.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"2",
"5"
],
"known_not_affected": [
"3"
]
},
"remediations": [
{
"category": "vendor_fix",
"details": "Update to V3.1 or later version",
"product_ids": [
"2",
"5"
],
"url": "https://support.industry.siemens.com/cs/ww/en/view/109977557/"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C",
"version": "3.1"
},
"products": [
"2",
"5"
]
}
],
"threats": [
{
"category": "impact",
"details": "Misinformed",
"product_ids": [
"3"
]
}
],
"title": "CVE-2024-39506"
},
{
"cve": "CVE-2024-40904",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"notes": [
{
"category": "summary",
"text": "USB: class: cdc-wdm: CPU lockup caused by excessive log messages.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"2",
"5"
],
"known_not_affected": [
"3"
]
},
"remediations": [
{
"category": "vendor_fix",
"details": "Update to V3.1 or later version",
"product_ids": [
"2",
"5"
],
"url": "https://support.industry.siemens.com/cs/ww/en/view/109977557/"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.4,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C",
"version": "3.1"
},
"products": [
"2",
"5"
]
}
],
"threats": [
{
"category": "impact",
"details": "Misinformed",
"product_ids": [
"3"
]
}
],
"title": "CVE-2024-40904"
},
{
"cve": "CVE-2024-40905",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"notes": [
{
"category": "summary",
"text": "ipv6: possible race in __fib6_drop_pcpu_from().",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"2",
"5"
],
"known_not_affected": [
"3"
]
},
"remediations": [
{
"category": "vendor_fix",
"details": "Update to V3.1 or later version",
"product_ids": [
"2",
"5"
],
"url": "https://support.industry.siemens.com/cs/ww/en/view/109977557/"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.4,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"2",
"5"
]
}
],
"threats": [
{
"category": "impact",
"details": "Misinformed",
"product_ids": [
"3"
]
}
],
"title": "CVE-2024-40905"
},
{
"cve": "CVE-2024-40931",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"notes": [
{
"category": "summary",
"text": "mptcp: ensure snd_una is properly initialized on connect.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"2",
"5"
],
"known_not_affected": [
"3"
]
},
"remediations": [
{
"category": "vendor_fix",
"details": "Update to V3.1 or later version",
"product_ids": [
"2",
"5"
],
"url": "https://support.industry.siemens.com/cs/ww/en/view/109977557/"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C",
"version": "3.1"
},
"products": [
"2",
"5"
]
}
],
"threats": [
{
"category": "impact",
"details": "Misinformed",
"product_ids": [
"3"
]
}
],
"title": "CVE-2024-40931"
},
{
"cve": "CVE-2024-40945",
"cwe": {
"id": "CWE-393",
"name": "Return of Wrong Status Code"
},
"notes": [
{
"category": "summary",
"text": "iommu: Return right value in iommu_sva_bind_device() iommu_sva_bind_device() should return either a sva bond handle or an ERR_PTR value in error cases. Existing drivers (idxd and uacce) only check the return value with IS_ERR(). This could potentially lead to a kernel NULL pointer dereference issue if the function returns NULL instead of an error pointer. In reality, this doesn\u0027t cause any problems because iommu_sva_bind_device() only returns NULL when the kernel is not configured with CONFIG_IOMMU_SVA.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"2",
"5"
],
"known_not_affected": [
"3"
]
},
"remediations": [
{
"category": "vendor_fix",
"details": "Update to V3.1 or later version",
"product_ids": [
"2",
"5"
],
"url": "https://support.industry.siemens.com/cs/ww/en/view/109977557/"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.8,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:H",
"version": "3.1"
},
"products": [
"2",
"5"
]
}
],
"threats": [
{
"category": "impact",
"details": "Misinformed",
"product_ids": [
"3"
]
}
],
"title": "CVE-2024-40945"
},
{
"cve": "CVE-2024-40947",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"notes": [
{
"category": "summary",
"text": "ima: Avoid blocking in RCU read-side critical section, a panic happens in ima_match_policy.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"2",
"5"
],
"known_not_affected": [
"3"
]
},
"remediations": [
{
"category": "vendor_fix",
"details": "Update to V3.1 or later version",
"product_ids": [
"2",
"5"
],
"url": "https://support.industry.siemens.com/cs/ww/en/view/109977557/"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C",
"version": "3.1"
},
"products": [
"2",
"5"
]
}
],
"threats": [
{
"category": "impact",
"details": "Misinformed",
"product_ids": [
"3"
]
}
],
"title": "CVE-2024-40947"
},
{
"cve": "CVE-2024-40958",
"cwe": {
"id": "CWE-416",
"name": "Use After Free"
},
"notes": [
{
"category": "summary",
"text": "netns: Make get_net_ns() handle zero refcount net Syzkaller hit a warning: refcount_t: addition on 0; use-after-free.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"2",
"5"
],
"known_not_affected": [
"3"
]
},
"remediations": [
{
"category": "vendor_fix",
"details": "Update to V3.1 or later version",
"product_ids": [
"2",
"5"
],
"url": "https://support.industry.siemens.com/cs/ww/en/view/109977557/"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.0,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N",
"version": "3.1"
},
"products": [
"2",
"5"
]
}
],
"threats": [
{
"category": "impact",
"details": "Misinformed",
"product_ids": [
"3"
]
}
],
"title": "CVE-2024-40958"
},
{
"cve": "CVE-2024-40959",
"cwe": {
"id": "CWE-476",
"name": "NULL Pointer Dereference"
},
"notes": [
{
"category": "summary",
"text": "In the Linux kernel, the following vulnerability has been resolved: xfrm6: check ip6_dst_idev() return value in xfrm6_get_saddr().",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"2",
"5"
],
"known_not_affected": [
"3"
]
},
"remediations": [
{
"category": "vendor_fix",
"details": "Update to V3.1 or later version",
"product_ids": [
"2",
"5"
],
"url": "https://support.industry.siemens.com/cs/ww/en/view/109977557/"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"2",
"5"
]
}
],
"threats": [
{
"category": "impact",
"details": "Misinformed",
"product_ids": [
"3"
]
}
],
"title": "CVE-2024-40959"
},
{
"cve": "CVE-2024-40960",
"cwe": {
"id": "CWE-476",
"name": "NULL Pointer Dereference"
},
"notes": [
{
"category": "summary",
"text": "ipv6: prevent possible NULL dereference in rt6_probe() syzbot caught a NULL dereference in rt6_probe() [1] Bail out if __in6_dev_get() returns NULL.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"2",
"5"
],
"known_not_affected": [
"3"
]
},
"remediations": [
{
"category": "vendor_fix",
"details": "Update to V3.1 or later version",
"product_ids": [
"2",
"5"
],
"url": "https://support.industry.siemens.com/cs/ww/en/view/109977557/"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"2",
"5"
]
}
],
"threats": [
{
"category": "impact",
"details": "Misinformed",
"product_ids": [
"3"
]
}
],
"title": "CVE-2024-40960"
},
{
"cve": "CVE-2024-40961",
"cwe": {
"id": "CWE-476",
"name": "NULL Pointer Dereference"
},
"notes": [
{
"category": "summary",
"text": "ipv6: prevent possible NULL deref in fib6_nh_init() syzbot reminds us that in6_dev_get() can return NULL.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"2",
"5"
],
"known_not_affected": [
"3"
]
},
"remediations": [
{
"category": "vendor_fix",
"details": "Update to V3.1 or later version",
"product_ids": [
"2",
"5"
],
"url": "https://support.industry.siemens.com/cs/ww/en/view/109977557/"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"2",
"5"
]
}
],
"threats": [
{
"category": "impact",
"details": "Misinformed",
"product_ids": [
"3"
]
}
],
"title": "CVE-2024-40961"
},
{
"cve": "CVE-2024-40980",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"notes": [
{
"category": "summary",
"text": "drop_monitor: replace spin_lock by raw_spin_lock trace_drop_common() is called with preemption disabled, and it acquires a spin_lock. This is problematic for RT kernels because spin_locks are sleeping locks in this configuration, which causes the following splat.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"2",
"5"
],
"known_not_affected": [
"3"
]
},
"remediations": [
{
"category": "vendor_fix",
"details": "Update to V3.1 or later version",
"product_ids": [
"2",
"5"
],
"url": "https://support.industry.siemens.com/cs/ww/en/view/109977557/"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L",
"version": "3.1"
},
"products": [
"2",
"5"
]
}
],
"threats": [
{
"category": "impact",
"details": "Misinformed",
"product_ids": [
"3"
]
}
],
"title": "CVE-2024-40980"
},
{
"cve": "CVE-2024-40983",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"notes": [
{
"category": "summary",
"text": "tipc: possible crash before doing decryption.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"2",
"5"
],
"known_not_affected": [
"3"
]
},
"remediations": [
{
"category": "vendor_fix",
"details": "Update to V3.1 or later version",
"product_ids": [
"2",
"5"
],
"url": "https://support.industry.siemens.com/cs/ww/en/view/109977557/"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C",
"version": "3.1"
},
"products": [
"2",
"5"
]
}
],
"threats": [
{
"category": "impact",
"details": "Misinformed",
"product_ids": [
"3"
]
}
],
"title": "CVE-2024-40983"
},
{
"cve": "CVE-2024-40984",
"cwe": {
"id": "CWE-476",
"name": "NULL Pointer Dereference"
},
"notes": [
{
"category": "summary",
"text": "ACPICA: Revert \"ACPICA: avoid Info: mapping multiple BARs. Your kernel is fine.\"",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"2",
"5"
],
"known_not_affected": [
"3"
]
},
"remediations": [
{
"category": "vendor_fix",
"details": "Update to V3.1 or later version",
"product_ids": [
"2",
"5"
],
"url": "https://support.industry.siemens.com/cs/ww/en/view/109977557/"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"2",
"5"
]
}
],
"threats": [
{
"category": "impact",
"details": "Misinformed",
"product_ids": [
"3"
]
}
],
"title": "CVE-2024-40984"
},
{
"cve": "CVE-2024-40990",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"notes": [
{
"category": "summary",
"text": "ptp: integer overflow in max_vclocks_store.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"2",
"5"
],
"known_not_affected": [
"3"
]
},
"remediations": [
{
"category": "vendor_fix",
"details": "Update to V3.1 or later version",
"product_ids": [
"2",
"5"
],
"url": "https://support.industry.siemens.com/cs/ww/en/view/109977557/"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C",
"version": "3.1"
},
"products": [
"2",
"5"
]
}
],
"threats": [
{
"category": "impact",
"details": "Misinformed",
"product_ids": [
"3"
]
}
],
"title": "CVE-2024-40990"
},
{
"cve": "CVE-2024-40995",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"notes": [
{
"category": "summary",
"text": "net/sched: act_api: possible infinite loop in tcf_idr_check_alloc().",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"2",
"5"
],
"known_not_affected": [
"3"
]
},
"remediations": [
{
"category": "vendor_fix",
"details": "Update to V3.1 or later version",
"product_ids": [
"2",
"5"
],
"url": "https://support.industry.siemens.com/cs/ww/en/view/109977557/"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"2",
"5"
]
}
],
"threats": [
{
"category": "impact",
"details": "Misinformed",
"product_ids": [
"3"
]
}
],
"title": "CVE-2024-40995"
},
{
"cve": "CVE-2024-41000",
"cwe": {
"id": "CWE-190",
"name": "Integer Overflow or Wraparound"
},
"notes": [
{
"category": "summary",
"text": "block/ioctl: prefer different overflow check Running syzkaller with the newly reintroduced signed integer overflow sanitizer.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"2",
"5"
],
"known_not_affected": [
"3"
]
},
"remediations": [
{
"category": "vendor_fix",
"details": "Update to V3.1 or later version",
"product_ids": [
"2",
"5"
],
"url": "https://support.industry.siemens.com/cs/ww/en/view/109977557/"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L",
"version": "3.1"
},
"products": [
"2",
"5"
]
}
],
"threats": [
{
"category": "impact",
"details": "Misinformed",
"product_ids": [
"3"
]
}
],
"title": "CVE-2024-41000"
},
{
"cve": "CVE-2024-41004",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"notes": [
{
"category": "summary",
"text": "tracing: Build event generation tests only as modules The kprobes and synth event generation test modules add events and lock (get a reference) those event file reference in module init function, and unlock and delete it in module exit function. This is because those are designed for playing as modules. If we make those modules as built-in, those events are left locked in the kernel, and never be removed.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"2",
"5"
],
"known_not_affected": [
"3"
]
},
"remediations": [
{
"category": "vendor_fix",
"details": "Update to V3.1 or later version",
"product_ids": [
"2",
"5"
],
"url": "https://support.industry.siemens.com/cs/ww/en/view/109977557/"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L",
"version": "3.1"
},
"products": [
"2",
"5"
]
}
],
"threats": [
{
"category": "impact",
"details": "Misinformed",
"product_ids": [
"3"
]
}
],
"title": "CVE-2024-41004"
},
{
"cve": "CVE-2024-41005",
"cwe": {
"id": "CWE-362",
"name": "Concurrent Execution using Shared Resource with Improper Synchronization (\u0027Race Condition\u0027)"
},
"notes": [
{
"category": "summary",
"text": "netpoll: race condition in netpoll_owner_active KCSAN detected a race condition in netpoll.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"2",
"5"
],
"known_not_affected": [
"3"
]
},
"remediations": [
{
"category": "vendor_fix",
"details": "Update to V3.1 or later version",
"product_ids": [
"2",
"5"
],
"url": "https://support.industry.siemens.com/cs/ww/en/view/109977557/"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.9,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L",
"version": "3.1"
},
"products": [
"2",
"5"
]
}
],
"threats": [
{
"category": "impact",
"details": "Misinformed",
"product_ids": [
"3"
]
}
],
"title": "CVE-2024-41005"
},
{
"cve": "CVE-2024-41006",
"cwe": {
"id": "CWE-404",
"name": "Improper Resource Shutdown or Release"
},
"notes": [
{
"category": "summary",
"text": "netrom: a memory leak in nr_heartbeat_expiry().",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"2",
"5"
],
"known_not_affected": [
"3"
]
},
"remediations": [
{
"category": "vendor_fix",
"details": "Update to V3.1 or later version",
"product_ids": [
"2",
"5"
],
"url": "https://support.industry.siemens.com/cs/ww/en/view/109977557/"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.4,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:L",
"version": "3.1"
},
"products": [
"2",
"5"
]
}
],
"threats": [
{
"category": "impact",
"details": "Misinformed",
"product_ids": [
"3"
]
}
],
"title": "CVE-2024-41006"
},
{
"cve": "CVE-2024-41007",
"cwe": {
"id": "CWE-99",
"name": "Improper Control of Resource Identifiers (\u0027Resource Injection\u0027)"
},
"notes": [
{
"category": "summary",
"text": "tcp: avoid too many retransmit packets If a TCP socket is using TCP_USER_TIMEOUT.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"2",
"5"
],
"known_not_affected": [
"3"
]
},
"remediations": [
{
"category": "vendor_fix",
"details": "Update to V3.1 or later version",
"product_ids": [
"2",
"5"
],
"url": "https://support.industry.siemens.com/cs/ww/en/view/109977557/"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 3.3,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L/E:U/RL:O/RC:C",
"version": "3.1"
},
"products": [
"2",
"5"
]
}
],
"threats": [
{
"category": "impact",
"details": "Misinformed",
"product_ids": [
"3"
]
}
],
"title": "CVE-2024-41007"
},
{
"cve": "CVE-2024-41009",
"cwe": {
"id": "CWE-770",
"name": "Allocation of Resources Without Limits or Throttling"
},
"notes": [
{
"category": "summary",
"text": "bpf: Fix overrunning reservations in ringbuf.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"2",
"5"
],
"known_not_affected": [
"3"
]
},
"remediations": [
{
"category": "vendor_fix",
"details": "Update to V3.1 or later version",
"product_ids": [
"2",
"5"
],
"url": "https://support.industry.siemens.com/cs/ww/en/view/109977557/"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C",
"version": "3.1"
},
"products": [
"2",
"5"
]
}
],
"threats": [
{
"category": "impact",
"details": "Misinformed",
"product_ids": [
"3"
]
}
],
"title": "CVE-2024-41009"
},
{
"cve": "CVE-2024-41012",
"cwe": {
"id": "CWE-416",
"name": "Use After Free"
},
"notes": [
{
"category": "summary",
"text": "filelock: Remove locks reliably when fcntl/close race is detected When fcntl_setlk() races with close(), it removes the created lock with do_lock_file_wait().",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"2",
"5"
],
"known_not_affected": [
"3"
]
},
"remediations": [
{
"category": "vendor_fix",
"details": "Update to V3.1 or later version",
"product_ids": [
"2",
"5"
],
"url": "https://support.industry.siemens.com/cs/ww/en/view/109977557/"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:H/E:U/RL:O/RC:C",
"version": "3.1"
},
"products": [
"2",
"5"
]
}
],
"threats": [
{
"category": "impact",
"details": "Misinformed",
"product_ids": [
"3"
]
}
],
"title": "CVE-2024-41012"
},
{
"cve": "CVE-2024-41020",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"notes": [
{
"category": "summary",
"text": "filelock: race condition vulnerability between fcntl and close operations, which can lead to issues in the recovery compatibility path.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"2",
"5"
],
"known_not_affected": [
"3"
]
},
"remediations": [
{
"category": "vendor_fix",
"details": "Update to V3.1 or later version",
"product_ids": [
"2",
"5"
],
"url": "https://support.industry.siemens.com/cs/ww/en/view/109977557/"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C",
"version": "3.1"
},
"products": [
"2",
"5"
]
}
],
"threats": [
{
"category": "impact",
"details": "Misinformed",
"product_ids": [
"3"
]
}
],
"title": "CVE-2024-41020"
},
{
"cve": "CVE-2024-41035",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"notes": [
{
"category": "summary",
"text": "USB: core: duplicate endpoint bug.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"2",
"5"
],
"known_not_affected": [
"3"
]
},
"remediations": [
{
"category": "vendor_fix",
"details": "Update to V3.1 or later version",
"product_ids": [
"2",
"5"
],
"url": "https://support.industry.siemens.com/cs/ww/en/view/109977557/"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.1,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H/E:U/RL:O/RC:C",
"version": "3.1"
},
"products": [
"2",
"5"
]
}
],
"threats": [
{
"category": "impact",
"details": "Misinformed",
"product_ids": [
"3"
]
}
],
"title": "CVE-2024-41035"
},
{
"cve": "CVE-2024-41040",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"notes": [
{
"category": "summary",
"text": "net/sched: UAF when resolving a clash.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"2",
"5"
],
"known_not_affected": [
"3"
]
},
"remediations": [
{
"category": "vendor_fix",
"details": "Update to V3.1 or later version",
"product_ids": [
"2",
"5"
],
"url": "https://support.industry.siemens.com/cs/ww/en/view/109977557/"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C",
"version": "3.1"
},
"products": [
"2",
"5"
]
}
],
"threats": [
{
"category": "impact",
"details": "Misinformed",
"product_ids": [
"3"
]
}
],
"title": "CVE-2024-41040"
},
{
"cve": "CVE-2024-41041",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"notes": [
{
"category": "summary",
"text": "udp: small race window.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"2",
"5"
],
"known_not_affected": [
"3"
]
},
"remediations": [
{
"category": "vendor_fix",
"details": "Update to V3.1 or later version",
"product_ids": [
"2",
"5"
],
"url": "https://support.industry.siemens.com/cs/ww/en/view/109977557/"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C",
"version": "3.1"
},
"products": [
"2",
"5"
]
}
],
"threats": [
{
"category": "impact",
"details": "Misinformed",
"product_ids": [
"3"
]
}
],
"title": "CVE-2024-41041"
},
{
"cve": "CVE-2024-41044",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"notes": [
{
"category": "summary",
"text": "ppp: claimed-as-LCP but actually malformed packets.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"2",
"5"
],
"known_not_affected": [
"3"
]
},
"remediations": [
{
"category": "vendor_fix",
"details": "Update to V3.1 or later version",
"product_ids": [
"2",
"5"
],
"url": "https://support.industry.siemens.com/cs/ww/en/view/109977557/"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C",
"version": "3.1"
},
"products": [
"2",
"5"
]
}
],
"threats": [
{
"category": "impact",
"details": "Misinformed",
"product_ids": [
"3"
]
}
],
"title": "CVE-2024-41044"
},
{
"cve": "CVE-2024-41046",
"cwe": {
"id": "CWE-415",
"name": "Double Free"
},
"notes": [
{
"category": "summary",
"text": "In the Linux kernel, the following vulnerability has been resolved: net: ethernet: lantiq_etop: fix double free in detach The number of the currently released descriptor is never incremented which results in the same skb being released multiple times.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"2",
"5"
],
"known_not_affected": [
"3"
]
},
"remediations": [
{
"category": "vendor_fix",
"details": "Update to V3.1 or later version",
"product_ids": [
"2",
"5"
],
"url": "https://support.industry.siemens.com/cs/ww/en/view/109977557/"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"2",
"5"
]
}
],
"threats": [
{
"category": "impact",
"details": "Misinformed",
"product_ids": [
"3"
]
}
],
"title": "CVE-2024-41046"
},
{
"cve": "CVE-2024-41049",
"cwe": {
"id": "CWE-416",
"name": "Use After Free"
},
"notes": [
{
"category": "summary",
"text": "In the Linux kernel, the following vulnerability has been resolved: filelock: fix potential use-after-free in posix_lock_inode Light Hsieh reported a KASAN UAF warning in trace_posix_lock_inode(). The request pointer had been changed earlier to point to a lock entry that was added to the inode\u0027s list. However, before the tracepoint could fire, another task raced in and freed that lock. Fix this by moving the tracepoint inside the spinlock, which should ensure that this doesn\u0027t happen.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"2",
"5"
],
"known_not_affected": [
"3"
]
},
"remediations": [
{
"category": "vendor_fix",
"details": "Update to V3.1 or later version",
"product_ids": [
"2",
"5"
],
"url": "https://support.industry.siemens.com/cs/ww/en/view/109977557/"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"2",
"5"
]
}
],
"threats": [
{
"category": "impact",
"details": "Misinformed",
"product_ids": [
"3"
]
}
],
"title": "CVE-2024-41049"
},
{
"cve": "CVE-2024-41055",
"cwe": {
"id": "CWE-476",
"name": "NULL Pointer Dereference"
},
"notes": [
{
"category": "summary",
"text": "In the Linux kernel, the following vulnerability has been resolved: mm: prevent derefencing NULL ptr in pfn_section_valid() Commit 5ec8e8ea8b77 (\"mm/sparsemem: fix race in accessing memory_section-\u003eusage\") changed pfn_section_valid() to add a READ_ONCE() call around \"ms-\u003eusage\" to fix a race with section_deactivate() where ms-\u003eusage can be cleared. The READ_ONCE() call, by itself, is not enough to prevent NULL pointer dereference. We need to check its value before dereferencing it.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"2",
"5"
],
"known_not_affected": [
"3"
]
},
"remediations": [
{
"category": "vendor_fix",
"details": "Update to V3.1 or later version",
"product_ids": [
"2",
"5"
],
"url": "https://support.industry.siemens.com/cs/ww/en/view/109977557/"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"2",
"5"
]
}
],
"threats": [
{
"category": "impact",
"details": "Misinformed",
"product_ids": [
"3"
]
}
],
"title": "CVE-2024-41055"
},
{
"cve": "CVE-2024-41077",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"notes": [
{
"category": "summary",
"text": "null_blk: validation error on block size.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"2",
"5"
],
"known_not_affected": [
"3"
]
},
"remediations": [
{
"category": "vendor_fix",
"details": "Update to V3.1 or later version",
"product_ids": [
"2",
"5"
],
"url": "https://support.industry.siemens.com/cs/ww/en/view/109977557/"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.1,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H/E:U/RL:O/RC:C",
"version": "3.1"
},
"products": [
"2",
"5"
]
}
],
"threats": [
{
"category": "impact",
"details": "Misinformed",
"product_ids": [
"3"
]
}
],
"title": "CVE-2024-41077"
},
{
"cve": "CVE-2024-41081",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"notes": [
{
"category": "summary",
"text": "ila: block BH in ila_output().",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"2",
"5"
],
"known_not_affected": [
"3"
]
},
"remediations": [
{
"category": "vendor_fix",
"details": "Update to V3.1 or later version",
"product_ids": [
"2",
"5"
],
"url": "https://support.industry.siemens.com/cs/ww/en/view/109977557/"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C",
"version": "3.1"
},
"products": [
"2",
"5"
]
}
],
"threats": [
{
"category": "impact",
"details": "Misinformed",
"product_ids": [
"3"
]
}
],
"title": "CVE-2024-41081"
},
{
"cve": "CVE-2024-41087",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"notes": [
{
"category": "summary",
"text": "ata: libata-core: double free on error.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"2",
"5"
],
"known_not_affected": [
"3"
]
},
"remediations": [
{
"category": "vendor_fix",
"details": "Update to V3.1 or later version",
"product_ids": [
"2",
"5"
],
"url": "https://support.industry.siemens.com/cs/ww/en/view/109977557/"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C",
"version": "3.1"
},
"products": [
"2",
"5"
]
}
],
"threats": [
{
"category": "impact",
"details": "Misinformed",
"product_ids": [
"3"
]
}
],
"title": "CVE-2024-41087"
},
{
"cve": "CVE-2024-41090",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"notes": [
{
"category": "summary",
"text": "tap: add missing verification for short frame. Missing to check against the validity of the frame length in the tap_get_user_xdp() path, which could cause a corrupted skb to be sent downstack. Even before the skb is transmitted, the tap_get_user_xdp()--\u003eskb_set_network_header() may assume the size is more than ETH_HLEN. Once transmitted, this could either cause out-of-bound access beyond the actual length, or confuse the underlayer with incorrect or inconsistent header length in the skb metadata.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"2",
"5"
],
"known_not_affected": [
"3"
]
},
"remediations": [
{
"category": "vendor_fix",
"details": "Update to V3.1 or later version",
"product_ids": [
"2",
"5"
],
"url": "https://support.industry.siemens.com/cs/ww/en/view/109977557/"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.1,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H/E:U/RL:O/RC:C",
"version": "3.1"
},
"products": [
"2",
"5"
]
}
],
"threats": [
{
"category": "impact",
"details": "Misinformed",
"product_ids": [
"3"
]
}
],
"title": "CVE-2024-41090"
},
{
"cve": "CVE-2024-41091",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"notes": [
{
"category": "summary",
"text": "tun: add missing verification for short frame. Missing to check against the validity of the frame length in the tun_xdp_one() path could cause a corrupted skb to be sent downstack. Even before the skb is transmitted, the tun_xdp_one--\u003eeth_type_trans() may access the Ethernet header although it can be less than ETH_HLEN. Once transmitted, this could either causeout-of-bound access beyond the actual length, or confuse the underlayer with incorrect or inconsistent header length in the skb metadata.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"2",
"5"
],
"known_not_affected": [
"3"
]
},
"remediations": [
{
"category": "vendor_fix",
"details": "Update to V3.1 or later version",
"product_ids": [
"2",
"5"
],
"url": "https://support.industry.siemens.com/cs/ww/en/view/109977557/"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.1,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H/E:U/RL:O/RC:C",
"version": "3.1"
},
"products": [
"2",
"5"
]
}
],
"threats": [
{
"category": "impact",
"details": "Misinformed",
"product_ids": [
"3"
]
}
],
"title": "CVE-2024-41091"
},
{
"cve": "CVE-2024-41097",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"notes": [
{
"category": "summary",
"text": "usb: atm: cxacru: incomplete endpoint checking in cxacru_bind().",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"2",
"5"
],
"known_not_affected": [
"3"
]
},
"remediations": [
{
"category": "vendor_fix",
"details": "Update to V3.1 or later version",
"product_ids": [
"2",
"5"
],
"url": "https://support.industry.siemens.com/cs/ww/en/view/109977557/"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:P/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C",
"version": "3.1"
},
"products": [
"2",
"5"
]
}
],
"threats": [
{
"category": "impact",
"details": "Misinformed",
"product_ids": [
"3"
]
}
],
"title": "CVE-2024-41097"
},
{
"cve": "CVE-2024-42070",
"cwe": {
"id": "CWE-401",
"name": "Missing Release of Memory after Effective Lifetime"
},
"notes": [
{
"category": "summary",
"text": "In the Linux kernel, the following vulnerability has been resolved: netfilter: nf_tables: fully validate NFT_DATA_VALUE on store to data registers register store validation for NFT_DATA_VALUE is conditional, however, the datatype is always either NFT_DATA_VALUE or NFT_DATA_VERDICT. This only requires a new helper function to infer the register type from the set datatype so this conditional check can be removed. Otherwise, pointer to chain object can be leaked through the registers.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"2",
"5"
],
"known_not_affected": [
"3"
]
},
"remediations": [
{
"category": "vendor_fix",
"details": "Update to V3.1 or later version",
"product_ids": [
"2",
"5"
],
"url": "https://support.industry.siemens.com/cs/ww/en/view/109977557/"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"2",
"5"
]
}
],
"threats": [
{
"category": "impact",
"details": "Misinformed",
"product_ids": [
"3"
]
}
],
"title": "CVE-2024-42070"
},
{
"cve": "CVE-2024-42076",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"notes": [
{
"category": "summary",
"text": "net: can: j1939: unused data in j1939_send_one().",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"2",
"5"
],
"known_not_affected": [
"3"
]
},
"remediations": [
{
"category": "vendor_fix",
"details": "Update to V3.1 or later version",
"product_ids": [
"2",
"5"
],
"url": "https://support.industry.siemens.com/cs/ww/en/view/109977557/"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C",
"version": "3.1"
},
"products": [
"2",
"5"
]
}
],
"threats": [
{
"category": "impact",
"details": "Misinformed",
"product_ids": [
"3"
]
}
],
"title": "CVE-2024-42076"
},
{
"cve": "CVE-2024-42082",
"cwe": {
"id": "CWE-770",
"name": "Allocation of Resources Without Limits or Throttling"
},
"notes": [
{
"category": "summary",
"text": "xdp: unused WARN() in __xdp_reg_mem_model().",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"2",
"5"
],
"known_not_affected": [
"3"
]
},
"remediations": [
{
"category": "vendor_fix",
"details": "Update to V3.1 or later version",
"product_ids": [
"2",
"5"
],
"url": "https://support.industry.siemens.com/cs/ww/en/view/109977557/"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"2",
"5"
]
}
],
"threats": [
{
"category": "impact",
"details": "Misinformed",
"product_ids": [
"3"
]
}
],
"title": "CVE-2024-42082"
},
{
"cve": "CVE-2024-42084",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"notes": [
{
"category": "summary",
"text": "ftruncate: passing a negative length accidentally succeeds in truncating to file size between 2GiB and 4GiB.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"2",
"5"
],
"known_not_affected": [
"3"
]
},
"remediations": [
{
"category": "vendor_fix",
"details": "Update to V3.1 or later version",
"product_ids": [
"2",
"5"
],
"url": "https://support.industry.siemens.com/cs/ww/en/view/109977557/"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.1,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H/E:U/RL:O/RC:C",
"version": "3.1"
},
"products": [
"2",
"5"
]
}
],
"threats": [
{
"category": "impact",
"details": "Misinformed",
"product_ids": [
"3"
]
}
],
"title": "CVE-2024-42084"
},
{
"cve": "CVE-2024-42086",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"notes": [
{
"category": "summary",
"text": "iio: chemical: bme680: overflows in compensate() functions.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"2",
"5"
],
"known_not_affected": [
"3"
]
},
"remediations": [
{
"category": "vendor_fix",
"details": "Update to V3.1 or later version",
"product_ids": [
"2",
"5"
],
"url": "https://support.industry.siemens.com/cs/ww/en/view/109977557/"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C",
"version": "3.1"
},
"products": [
"2",
"5"
]
}
],
"threats": [
{
"category": "impact",
"details": "Misinformed",
"product_ids": [
"3"
]
}
],
"title": "CVE-2024-42086"
},
{
"cve": "CVE-2024-42089",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"notes": [
{
"category": "summary",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nASoC: fsl-asoc-card: set priv-\u003epdev before using it\n\npriv-\u003epdev pointer was set after being used in\nfsl_asoc_card_audmux_init().\nMove this assignment at the start of the probe function, so\nsub-functions can correctly use pdev through priv.\n\nfsl_asoc_card_audmux_init() dereferences priv-\u003epdev to get access to the\ndev struct, used with dev_err macros.\nAs priv is zero-initialised, there would be a NULL pointer dereference.\nNote that if priv-\u003edev is dereferenced before assignment but never used,\nfor example if there is no error to be printed, the driver won\u0027t crash\nprobably due to compiler optimisations.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"2",
"5"
],
"known_not_affected": [
"3"
]
},
"remediations": [
{
"category": "vendor_fix",
"details": "Update to V3.1 or later version",
"product_ids": [
"2",
"5"
],
"url": "https://support.industry.siemens.com/cs/ww/en/view/109977557/"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 0.0,
"baseSeverity": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:N/A:N",
"version": "3.1"
},
"products": [
"2",
"5"
]
}
],
"threats": [
{
"category": "impact",
"details": "Misinformed",
"product_ids": [
"3"
]
}
],
"title": "CVE-2024-42089"
},
{
"cve": "CVE-2024-42092",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"notes": [
{
"category": "summary",
"text": "gpio: davinci: There can be out of chips-\u003eirqs array boundaries access in davinci_gpio_probe().",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"2",
"5"
],
"known_not_affected": [
"3"
]
},
"remediations": [
{
"category": "vendor_fix",
"details": "Update to V3.1 or later version",
"product_ids": [
"2",
"5"
],
"url": "https://support.industry.siemens.com/cs/ww/en/view/109977557/"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C",
"version": "3.1"
},
"products": [
"2",
"5"
]
}
],
"threats": [
{
"category": "impact",
"details": "Misinformed",
"product_ids": [
"3"
]
}
],
"title": "CVE-2024-42092"
},
{
"cve": "CVE-2024-42093",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"notes": [
{
"category": "summary",
"text": "net/dpaa2: explicit cpumask var allocation on stack For CONFIG_CPUMASK_OFFSTACK=y kernel, explicit allocation of cpumask variable on stack can cause potential stack overflow.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"2",
"5"
],
"known_not_affected": [
"3"
]
},
"remediations": [
{
"category": "vendor_fix",
"details": "Update to V3.1 or later version",
"product_ids": [
"2",
"5"
],
"url": "https://support.industry.siemens.com/cs/ww/en/view/109977557/"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.1,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H",
"version": "3.1"
},
"products": [
"2",
"5"
]
}
],
"threats": [
{
"category": "impact",
"details": "Misinformed",
"product_ids": [
"3"
]
}
],
"title": "CVE-2024-42093"
},
{
"cve": "CVE-2024-42094",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"notes": [
{
"category": "summary",
"text": "net/iucv: explicit cpumask var allocation on stack For CONFIG_CPUMASK_OFFSTACK=y kernel, explicit allocation of cpumask variable on stack can cause potential stack overflow.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"2",
"5"
],
"known_not_affected": [
"3"
]
},
"remediations": [
{
"category": "vendor_fix",
"details": "Update to V3.1 or later version",
"product_ids": [
"2",
"5"
],
"url": "https://support.industry.siemens.com/cs/ww/en/view/109977557/"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.1,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H",
"version": "3.1"
},
"products": [
"2",
"5"
]
}
],
"threats": [
{
"category": "impact",
"details": "Misinformed",
"product_ids": [
"3"
]
}
],
"title": "CVE-2024-42094"
},
{
"cve": "CVE-2024-42095",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"notes": [
{
"category": "summary",
"text": "serial: 8250_omap: Erroneous timeout can be triggered, and it may lead to storm of interrupts.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"2",
"5"
],
"known_not_affected": [
"3"
]
},
"remediations": [
{
"category": "vendor_fix",
"details": "Update to V3.1 or later version",
"product_ids": [
"2",
"5"
],
"url": "https://support.industry.siemens.com/cs/ww/en/view/109977557/"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C",
"version": "3.1"
},
"products": [
"2",
"5"
]
}
],
"threats": [
{
"category": "impact",
"details": "Misinformed",
"product_ids": [
"3"
]
}
],
"title": "CVE-2024-42095"
},
{
"cve": "CVE-2024-42102",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"notes": [
{
"category": "summary",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nRevert \"mm/writeback: fix possible divide-by-zero in wb_dirty_limits(), again\"\n\nPatch series \"mm: Avoid possible overflows in dirty throttling\".\n\nDirty throttling logic assumes dirty limits in page units fit into\n32-bits. This patch series makes sure this is true (see patch 2/2 for\nmore details).\n\n\nThis patch (of 2):\n\nThis reverts commit 9319b647902cbd5cc884ac08a8a6d54ce111fc78.\n\nThe commit is broken in several ways. Firstly, the removed (u64) cast\nfrom the multiplication will introduce a multiplication overflow on 32-bit\narchs if wb_thresh * bg_thresh \u003e= 1\u003c\u003c32 (which is actually common - the\ndefault settings with 4GB of RAM will trigger this). Secondly, the\ndiv64_u64() is unnecessarily expensive on 32-bit archs. We have\ndiv64_ul() in case we want to be safe \u0026 cheap. Thirdly, if dirty\nthresholds are larger than 1\u003c\u003c32 pages, then dirty balancing is going to\nblow up in many other spectacular ways anyway so trying to fix one\npossible overflow is just moot.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"2",
"5"
],
"known_not_affected": [
"3"
]
},
"remediations": [
{
"category": "vendor_fix",
"details": "Update to V3.1 or later version",
"product_ids": [
"2",
"5"
],
"url": "https://support.industry.siemens.com/cs/ww/en/view/109977557/"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 0.0,
"baseSeverity": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:N/A:N",
"version": "3.1"
},
"products": [
"2",
"5"
]
}
],
"threats": [
{
"category": "impact",
"details": "Misinformed",
"product_ids": [
"3"
]
}
],
"title": "CVE-2024-42102"
},
{
"cve": "CVE-2024-42106",
"cwe": {
"id": "CWE-908",
"name": "Use of Uninitialized Resource"
},
"notes": [
{
"category": "summary",
"text": "In the Linux kernel, the following vulnerability has been resolved: inet_diag: Initialize pad field in struct inet_diag_req_v2.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"2",
"5"
],
"known_not_affected": [
"3"
]
},
"remediations": [
{
"category": "vendor_fix",
"details": "Update to V3.1 or later version",
"product_ids": [
"2",
"5"
],
"url": "https://support.industry.siemens.com/cs/ww/en/view/109977557/"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.4,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"2",
"5"
]
}
],
"threats": [
{
"category": "impact",
"details": "Misinformed",
"product_ids": [
"3"
]
}
],
"title": "CVE-2024-42106"
},
{
"cve": "CVE-2024-42131",
"cwe": {
"id": "CWE-190",
"name": "Integer Overflow or Wraparound"
},
"notes": [
{
"category": "summary",
"text": "In the Linux kernel, the following vulnerability has been resolved: mm: avoid overflows in dirty throttling logic The dirty throttling logic is interspersed with assumptions that dirty limits in PAGE_SIZE units fit into 32-bit (so that various multiplications fit into 64-bits). If limits end up being larger, we will hit overflows, possible divisions by 0 etc. Fix these problems by never allowing so large dirty limits as they have dubious practical value anyway. For dirty_bytes / dirty_background_bytes interfaces we can just refuse to set so large limits. For dirty_ratio / dirty_background_ratio it isn\u0027t so simple as the dirty limit is computed from the amount of available memory which can change due to memory hotplug etc. So when converting dirty limits from ratios to numbers of pages, we just don\u0027t allow the result to exceed UINT_MAX. This is root-only triggerable problem which occurs when the operator sets dirty limits to \u003e16 TB.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"2",
"5"
],
"known_not_affected": [
"3"
]
},
"remediations": [
{
"category": "vendor_fix",
"details": "Update to V3.1 or later version",
"product_ids": [
"2",
"5"
],
"url": "https://support.industry.siemens.com/cs/ww/en/view/109977557/"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.4,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"2",
"5"
]
}
],
"threats": [
{
"category": "impact",
"details": "Misinformed",
"product_ids": [
"3"
]
}
],
"title": "CVE-2024-42131"
},
{
"cve": "CVE-2024-42145",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"notes": [
{
"category": "summary",
"text": "IB/core: an unbounded UMAD receive list, poses a risk of uncontrolled growth.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"2",
"5"
],
"known_not_affected": [
"3"
]
},
"remediations": [
{
"category": "vendor_fix",
"details": "Update to V3.1 or later version",
"product_ids": [
"2",
"5"
],
"url": "https://support.industry.siemens.com/cs/ww/en/view/109977557/"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C",
"version": "3.1"
},
"products": [
"2",
"5"
]
}
],
"threats": [
{
"category": "impact",
"details": "Misinformed",
"product_ids": [
"3"
]
}
],
"title": "CVE-2024-42145"
},
{
"cve": "CVE-2024-42148",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"notes": [
{
"category": "summary",
"text": "bnx2x: multiple UBSAN array-index-out-of-bounds.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"2",
"5"
],
"known_not_affected": [
"3"
]
},
"remediations": [
{
"category": "vendor_fix",
"details": "Update to V3.1 or later version",
"product_ids": [
"2",
"5"
],
"url": "https://support.industry.siemens.com/cs/ww/en/view/109977557/"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C",
"version": "3.1"
},
"products": [
"2",
"5"
]
}
],
"threats": [
{
"category": "impact",
"details": "Misinformed",
"product_ids": [
"3"
]
}
],
"title": "CVE-2024-42148"
},
{
"cve": "CVE-2024-42152",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"notes": [
{
"category": "summary",
"text": "nvmet: possible leak when destroy a ctrl during qp establishment.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"2",
"5"
],
"known_not_affected": [
"3"
]
},
"remediations": [
{
"category": "vendor_fix",
"details": "Update to V3.1 or later version",
"product_ids": [
"2",
"5"
],
"url": "https://support.industry.siemens.com/cs/ww/en/view/109977557/"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.1,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H/E:U/RL:O/RC:C",
"version": "3.1"
},
"products": [
"2",
"5"
]
}
],
"threats": [
{
"category": "impact",
"details": "Misinformed",
"product_ids": [
"3"
]
}
],
"title": "CVE-2024-42152"
},
{
"cve": "CVE-2024-42153",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"notes": [
{
"category": "summary",
"text": "i2c: pnx: potential deadlock warning from del_timer_sync() call in isr.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"2",
"5"
],
"known_not_affected": [
"3"
]
},
"remediations": [
{
"category": "vendor_fix",
"details": "Update to V3.1 or later version",
"product_ids": [
"2",
"5"
],
"url": "https://support.industry.siemens.com/cs/ww/en/view/109977557/"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C",
"version": "3.1"
},
"products": [
"2",
"5"
]
}
],
"threats": [
{
"category": "impact",
"details": "Misinformed",
"product_ids": [
"3"
]
}
],
"title": "CVE-2024-42153"
},
{
"cve": "CVE-2024-42154",
"cwe": {
"id": "CWE-805",
"name": "Buffer Access with Incorrect Length Value"
},
"notes": [
{
"category": "summary",
"text": "In the Linux kernel, the following vulnerability has been resolved: tcp_metrics: validate source addr length I don\u0027t see anything checking that TCP_METRICS_ATTR_SADDR_IPV4 is at least 4 bytes long, and the policy doesn\u0027t have an entry for this attribute at all (neither does it for IPv6 but v6 is manually validated).",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"2",
"5"
],
"known_not_affected": [
"3"
]
},
"remediations": [
{
"category": "vendor_fix",
"details": "Update to V3.1 or later version",
"product_ids": [
"2",
"5"
],
"url": "https://support.industry.siemens.com/cs/ww/en/view/109977557/"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"2",
"5"
]
}
],
"threats": [
{
"category": "impact",
"details": "Misinformed",
"product_ids": [
"3"
]
}
],
"title": "CVE-2024-42154"
},
{
"cve": "CVE-2024-42161",
"cwe": {
"id": "CWE-457",
"name": "Use of Uninitialized Variable"
},
"notes": [
{
"category": "summary",
"text": "In the Linux kernel, the following vulnerability has been resolved: bpf: Avoid uninitialized value in BPF_CORE_READ_BITFIELD.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"2",
"5"
],
"known_not_affected": [
"3"
]
},
"remediations": [
{
"category": "vendor_fix",
"details": "Update to V3.1 or later version",
"product_ids": [
"2",
"5"
],
"url": "https://support.industry.siemens.com/cs/ww/en/view/109977557/"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"2",
"5"
]
}
],
"threats": [
{
"category": "impact",
"details": "Misinformed",
"product_ids": [
"3"
]
}
],
"title": "CVE-2024-42161"
},
{
"cve": "CVE-2024-42223",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"notes": [
{
"category": "summary",
"text": "media: dvb-frontends: tda10048: integer overflow state-\u003extal_hz can be up to 16M, so it can overflow a 32 bit integer when multiplied by pll_mfactor.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"2",
"5"
],
"known_not_affected": [
"3"
]
},
"remediations": [
{
"category": "vendor_fix",
"details": "Update to V3.1 or later version",
"product_ids": [
"2",
"5"
],
"url": "https://support.industry.siemens.com/cs/ww/en/view/109977557/"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C",
"version": "3.1"
},
"products": [
"2",
"5"
]
}
],
"threats": [
{
"category": "impact",
"details": "Misinformed",
"product_ids": [
"3"
]
}
],
"title": "CVE-2024-42223"
},
{
"cve": "CVE-2024-42229",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"notes": [
{
"category": "summary",
"text": "crypto: aead,cipher - key buffer after use not zeroized.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"2",
"5"
],
"known_not_affected": [
"3"
]
},
"remediations": [
{
"category": "vendor_fix",
"details": "Update to V3.1 or later version",
"product_ids": [
"2",
"5"
],
"url": "https://support.industry.siemens.com/cs/ww/en/view/109977557/"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.1,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C",
"version": "3.1"
},
"products": [
"2",
"5"
]
}
],
"threats": [
{
"category": "impact",
"details": "Misinformed",
"product_ids": [
"3"
]
}
],
"title": "CVE-2024-42229"
},
{
"cve": "CVE-2024-42232",
"cwe": {
"id": "CWE-362",
"name": "Concurrent Execution using Shared Resource with Improper Synchronization (\u0027Race Condition\u0027)"
},
"notes": [
{
"category": "summary",
"text": "libceph: fix race between delayed_work() and ceph_monc_stop() The way the delayed work is handled in ceph_monc_stop() is prone to races with mon_fault() and possibly also finish_hunting(). Both of these can requeue the delayed work which wouldn\u0027t be canceled by any of the following code in case that happens after cancel_delayed_work_sync() runs -- __close_session() doesn\u0027t mess with the delayed work in order to avoid interfering with the hunting interval logic. This part was missed in(libceph: behave in mon_fault() if cur_mon \u003c \") and use-after-free can still ensue on monc and objects that hang off of it, with monc-\u003e auth and monc-\u003emonmap being particularly susceptible to quickly being reused.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"2",
"5"
],
"known_not_affected": [
"3"
]
},
"remediations": [
{
"category": "vendor_fix",
"details": "Update to V3.1 or later version",
"product_ids": [
"2",
"5"
],
"url": "https://support.industry.siemens.com/cs/ww/en/view/109977557/"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C",
"version": "3.1"
},
"products": [
"2",
"5"
]
}
],
"threats": [
{
"category": "impact",
"details": "Misinformed",
"product_ids": [
"3"
]
}
],
"title": "CVE-2024-42232"
},
{
"cve": "CVE-2024-42236",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"notes": [
{
"category": "summary",
"text": "usb: gadget: configfs: OOB read/write in usb_string_copy().",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"2",
"5"
],
"known_not_affected": [
"3"
]
},
"remediations": [
{
"category": "vendor_fix",
"details": "Update to V3.1 or later version",
"product_ids": [
"2",
"5"
],
"url": "https://support.industry.siemens.com/cs/ww/en/view/109977557/"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C",
"version": "3.1"
},
"products": [
"2",
"5"
]
}
],
"threats": [
{
"category": "impact",
"details": "Misinformed",
"product_ids": [
"3"
]
}
],
"title": "CVE-2024-42236"
},
{
"cve": "CVE-2024-42244",
"cwe": {
"id": "CWE-99",
"name": "Improper Control of Resource Identifiers (\u0027Resource Injection\u0027)"
},
"notes": [
{
"category": "summary",
"text": "USB: serial: mos7840: fix crash on resume Since(\"USB: serial: use generic method if no alternative is provided in usb serial layer\"), USB serial core calls the generic resume implementation when the driver has not provided one. This can trigger a crash on resume with mos7840 since support for multiple read URBs was added back in 2011. Specifically, both port read URBs are now submitted on resume for open ports, but the context pointer of the second URB is left set to the core rather than mos7840 port structure.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"2",
"5"
],
"known_not_affected": [
"3"
]
},
"remediations": [
{
"category": "vendor_fix",
"details": "Update to V3.1 or later version",
"product_ids": [
"2",
"5"
],
"url": "https://support.industry.siemens.com/cs/ww/en/view/109977557/"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C",
"version": "3.1"
},
"products": [
"2",
"5"
]
}
],
"threats": [
{
"category": "impact",
"details": "Misinformed",
"product_ids": [
"3"
]
}
],
"title": "CVE-2024-42244"
},
{
"cve": "CVE-2024-42247",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"notes": [
{
"category": "summary",
"text": "wireguard: allowedips: unaligned 64-bit memory accesses.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"2",
"5"
],
"known_not_affected": [
"3"
]
},
"remediations": [
{
"category": "vendor_fix",
"details": "Update to V3.1 or later version",
"product_ids": [
"2",
"5"
],
"url": "https://support.industry.siemens.com/cs/ww/en/view/109977557/"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C",
"version": "3.1"
},
"products": [
"2",
"5"
]
}
],
"threats": [
{
"category": "impact",
"details": "Misinformed",
"product_ids": [
"3"
]
}
],
"title": "CVE-2024-42247"
},
{
"cve": "CVE-2024-43861",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"notes": [
{
"category": "summary",
"text": "net: usb: qmi_wwan: memory leak for not ip packets.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"2",
"5"
],
"known_not_affected": [
"3"
]
},
"remediations": [
{
"category": "vendor_fix",
"details": "Update to V3.1 or later version",
"product_ids": [
"2",
"5"
],
"url": "https://support.industry.siemens.com/cs/ww/en/view/109977557/"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C",
"version": "3.1"
},
"products": [
"2",
"5"
]
}
],
"threats": [
{
"category": "impact",
"details": "Misinformed",
"product_ids": [
"3"
]
}
],
"title": "CVE-2024-43861"
},
{
"cve": "CVE-2024-43871",
"cwe": {
"id": "CWE-416",
"name": "Use After Free"
},
"notes": [
{
"category": "summary",
"text": "In the Linux kernel, the following vulnerability has been resolved: devres: Fix memory leakage caused by driver API devm_free_percpu() It will cause memory leakage when use driver API devm_free_percpu() to free memory allocated by devm_alloc_percpu(), fixed by using devres_release() instead of devres_destroy() within devm_free_percpu().",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"2",
"5"
],
"known_not_affected": [
"3"
]
},
"remediations": [
{
"category": "vendor_fix",
"details": "Update to V3.1 or later version",
"product_ids": [
"2",
"5"
],
"url": "https://support.industry.siemens.com/cs/ww/en/view/109977557/"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"2",
"5"
]
}
],
"threats": [
{
"category": "impact",
"details": "Misinformed",
"product_ids": [
"3"
]
}
],
"title": "CVE-2024-43871"
},
{
"cve": "CVE-2024-43880",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"notes": [
{
"category": "summary",
"text": "mlxsw: spectrum_acl_erp: object nesting warning.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"2",
"5"
],
"known_not_affected": [
"3"
]
},
"remediations": [
{
"category": "vendor_fix",
"details": "Update to V3.1 or later version",
"product_ids": [
"2",
"5"
],
"url": "https://support.industry.siemens.com/cs/ww/en/view/109977557/"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C",
"version": "3.1"
},
"products": [
"2",
"5"
]
}
],
"threats": [
{
"category": "impact",
"details": "Misinformed",
"product_ids": [
"3"
]
}
],
"title": "CVE-2024-43880"
},
{
"cve": "CVE-2024-43882",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"notes": [
{
"category": "summary",
"text": "exec: the execution may gain unintended privileges.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"2",
"5"
],
"known_not_affected": [
"3"
]
},
"remediations": [
{
"category": "vendor_fix",
"details": "Update to V3.1 or later version",
"product_ids": [
"2",
"5"
],
"url": "https://support.industry.siemens.com/cs/ww/en/view/109977557/"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.0,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"2",
"5"
]
}
],
"threats": [
{
"category": "impact",
"details": "Misinformed",
"product_ids": [
"3"
]
}
],
"title": "CVE-2024-43882"
},
{
"cve": "CVE-2024-43883",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"notes": [
{
"category": "summary",
"text": "usb: vhci-hcd: vulnerability due to the vhci-hcd driver dropping references before new ones were gained, potentially leading to the use of stale pointers.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"2",
"5"
],
"known_not_affected": [
"3"
]
},
"remediations": [
{
"category": "vendor_fix",
"details": "Update to V3.1 or later version",
"product_ids": [
"2",
"5"
],
"url": "https://support.industry.siemens.com/cs/ww/en/view/109977557/"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C",
"version": "3.1"
},
"products": [
"2",
"5"
]
}
],
"threats": [
{
"category": "impact",
"details": "Misinformed",
"product_ids": [
"3"
]
}
],
"title": "CVE-2024-43883"
},
{
"cve": "CVE-2024-43889",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"notes": [
{
"category": "summary",
"text": "padata: vulnerability due to a possible divide-by-zero error in padata_mt_helper() during bootup, caused by an uninitialized chunk_size being zero.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"2",
"5"
],
"known_not_affected": [
"3"
]
},
"remediations": [
{
"category": "vendor_fix",
"details": "Update to V3.1 or later version",
"product_ids": [
"2",
"5"
],
"url": "https://support.industry.siemens.com/cs/ww/en/view/109977557/"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"2",
"5"
]
}
],
"threats": [
{
"category": "impact",
"details": "Misinformed",
"product_ids": [
"3"
]
}
],
"title": "CVE-2024-43889"
},
{
"cve": "CVE-2024-43890",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"notes": [
{
"category": "summary",
"text": "tracing: vulnerability due to an overflow in get_free_elt(), which could lead to infinite loops and CPU hangs when the tracing map becomes full.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"2",
"5"
],
"known_not_affected": [
"3"
]
},
"remediations": [
{
"category": "vendor_fix",
"details": "Update to V3.1 or later version",
"product_ids": [
"2",
"5"
],
"url": "https://support.industry.siemens.com/cs/ww/en/view/109977557/"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"2",
"5"
]
}
],
"threats": [
{
"category": "impact",
"details": "Misinformed",
"product_ids": [
"3"
]
}
],
"title": "CVE-2024-43890"
},
{
"cve": "CVE-2024-43893",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"notes": [
{
"category": "summary",
"text": "serial: core: vulnerability due to a missing check for uartclk being zero, leading to a potential divide-by-zero error when calling ioctl TIOCSSERIAL with an invalid baud_base.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"2",
"5"
],
"known_not_affected": [
"3"
]
},
"remediations": [
{
"category": "vendor_fix",
"details": "Update to V3.1 or later version",
"product_ids": [
"2",
"5"
],
"url": "https://support.industry.siemens.com/cs/ww/en/view/109977557/"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"2",
"5"
]
}
],
"threats": [
{
"category": "impact",
"details": "Misinformed",
"product_ids": [
"3"
]
}
],
"title": "CVE-2024-43893"
},
{
"cve": "CVE-2024-44935",
"cwe": {
"id": "CWE-476",
"name": "NULL Pointer Dereference"
},
"notes": [
{
"category": "summary",
"text": "sctp: Fix null-ptr-deref in reuseport_add_sock(). A Null Pointer Dereference in reuseport_add_sock() while accessing sk2-\u003esk_reuseport_cb . The repro first creates a listener with SO_REUSEPORT. Then, it creates another listener on the same port and concurrently closes the first listener. The second listen() calls reuseport_add_sock() with the first listener as sk2, where sk2-\u003esk_reuseport_cb is not expected to be cleared concurrently, but the close() does clear it by reuseport_detach_sock().",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"2",
"5"
],
"known_not_affected": [
"3"
]
},
"remediations": [
{
"category": "vendor_fix",
"details": "Update to V3.1 or later version",
"product_ids": [
"2",
"5"
],
"url": "https://support.industry.siemens.com/cs/ww/en/view/109977557/"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"2",
"5"
]
}
],
"threats": [
{
"category": "impact",
"details": "Misinformed",
"product_ids": [
"3"
]
}
],
"title": "CVE-2024-44935"
},
{
"cve": "CVE-2024-44944",
"cwe": {
"id": "CWE-401",
"name": "Missing Release of Memory after Effective Lifetime"
},
"notes": [
{
"category": "summary",
"text": "In the Linux kernel, the following vulnerability has been resolved: netfilter: ctnetlink: use helper function to calculate expect ID Delete expectation path is missing a call to the nf_expect_get_id() helper function to calculate the expectation ID, otherwise LSB of the expectation object address is leaked to userspace.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"2",
"5"
],
"known_not_affected": [
"3"
]
},
"remediations": [
{
"category": "vendor_fix",
"details": "Update to V3.1 or later version",
"product_ids": [
"2",
"5"
],
"url": "https://support.industry.siemens.com/cs/ww/en/view/109977557/"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"2",
"5"
]
}
],
"threats": [
{
"category": "impact",
"details": "Misinformed",
"product_ids": [
"3"
]
}
],
"title": "CVE-2024-44944"
},
{
"cve": "CVE-2024-44949",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"notes": [
{
"category": "summary",
"text": "parisc: fix a possible DMA corruption ARCH_DMA_MINALIGN was defined as 16 - this is too small - it may be possible that two unrelated 16-byte allocations share a cache line. If one of these allocations is written using DMA and the other is written using cached write, the value that was written with DMA may be corrupted.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"2",
"5"
],
"known_not_affected": [
"3"
]
},
"remediations": [
{
"category": "vendor_fix",
"details": "Update to V3.1 or later version",
"product_ids": [
"2",
"5"
],
"url": "https://support.industry.siemens.com/cs/ww/en/view/109977557/"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C",
"version": "3.1"
},
"products": [
"2",
"5"
]
}
],
"threats": [
{
"category": "impact",
"details": "Misinformed",
"product_ids": [
"3"
]
}
],
"title": "CVE-2024-44949"
},
{
"cve": "CVE-2024-44960",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"notes": [
{
"category": "summary",
"text": "usb: gadget: core: Check for unset descriptor. It needs to be reassured that the descriptor has been set before looking at maxpacket. This fixes a null pointer panic in this case. This may happen if the gadget doesn\u0027t properly set up the endpoint for the current speed, or the gadget descriptors are malformed and the descriptor for the speed/endpoint are not found. No current gadget driver is known to have this problem, but this may cause a hard-to-find bug during development of new gadgets.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"2",
"5"
],
"known_not_affected": [
"3"
]
},
"remediations": [
{
"category": "vendor_fix",
"details": "Update to V3.1 or later version",
"product_ids": [
"2",
"5"
],
"url": "https://support.industry.siemens.com/cs/ww/en/view/109977557/"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"2",
"5"
]
}
],
"threats": [
{
"category": "impact",
"details": "Misinformed",
"product_ids": [
"3"
]
}
],
"title": "CVE-2024-44960"
},
{
"cve": "CVE-2024-44971",
"cwe": {
"id": "CWE-401",
"name": "Missing Release of Memory after Effective Lifetime"
},
"notes": [
{
"category": "summary",
"text": "net: dsa: bcm_sf2: vulnerability caused a memory leak by not decrementing the reference count after finding and removing PHY devices, which has been fixed by adding a call to phy_device_free() to balance the reference count.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"2",
"5"
],
"known_not_affected": [
"3"
]
},
"remediations": [
{
"category": "vendor_fix",
"details": "Update to V3.1 or later version",
"product_ids": [
"2",
"5"
],
"url": "https://support.industry.siemens.com/cs/ww/en/view/109977557/"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C",
"version": "3.1"
},
"products": [
"2",
"5"
]
}
],
"threats": [
{
"category": "impact",
"details": "Misinformed",
"product_ids": [
"3"
]
}
],
"title": "CVE-2024-44971"
},
{
"cve": "CVE-2024-44987",
"cwe": {
"id": "CWE-416",
"name": "Use After Free"
},
"notes": [
{
"category": "summary",
"text": "In the Linux kernel, the following vulnerability has been resolved: ipv6: prevent UAF in ip6_send_skb().",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"2",
"5"
],
"known_not_affected": [
"3"
]
},
"remediations": [
{
"category": "vendor_fix",
"details": "Update to V3.1 or later version",
"product_ids": [
"2",
"5"
],
"url": "https://support.industry.siemens.com/cs/ww/en/view/109977557/"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"2",
"5"
]
}
],
"threats": [
{
"category": "impact",
"details": "Misinformed",
"product_ids": [
"3"
]
}
],
"title": "CVE-2024-44987"
},
{
"cve": "CVE-2024-44989",
"cwe": {
"id": "CWE-476",
"name": "NULL Pointer Dereference"
},
"notes": [
{
"category": "summary",
"text": "In the Linux kernel, the following vulnerability has been resolved: bonding: fix xfrm real_dev null pointer dereference.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"2",
"5"
],
"known_not_affected": [
"3"
]
},
"remediations": [
{
"category": "vendor_fix",
"details": "Update to V3.1 or later version",
"product_ids": [
"2",
"5"
],
"url": "https://support.industry.siemens.com/cs/ww/en/view/109977557/"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"2",
"5"
]
}
],
"threats": [
{
"category": "impact",
"details": "Misinformed",
"product_ids": [
"3"
]
}
],
"title": "CVE-2024-44989"
},
{
"cve": "CVE-2024-44990",
"cwe": {
"id": "CWE-476",
"name": "NULL Pointer Dereference"
},
"notes": [
{
"category": "summary",
"text": "In the Linux kernel, the following vulnerability has been resolved: bonding: fix null pointer deref in bond_ipsec_offload_ok We must check if there is an active slave before dereferencing the pointer.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"2",
"5"
],
"known_not_affected": [
"3"
]
},
"remediations": [
{
"category": "vendor_fix",
"details": "Update to V3.1 or later version",
"product_ids": [
"2",
"5"
],
"url": "https://support.industry.siemens.com/cs/ww/en/view/109977557/"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"2",
"5"
]
}
],
"threats": [
{
"category": "impact",
"details": "Misinformed",
"product_ids": [
"3"
]
}
],
"title": "CVE-2024-44990"
},
{
"cve": "CVE-2024-44995",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"notes": [
{
"category": "summary",
"text": "net: hns3: a deadlock problem when config TC during resetting.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"2",
"5"
],
"known_not_affected": [
"3"
]
},
"remediations": [
{
"category": "vendor_fix",
"details": "Update to V3.1 or later version",
"product_ids": [
"2",
"5"
],
"url": "https://support.industry.siemens.com/cs/ww/en/view/109977557/"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C",
"version": "3.1"
},
"products": [
"2",
"5"
]
}
],
"threats": [
{
"category": "impact",
"details": "Misinformed",
"product_ids": [
"3"
]
}
],
"title": "CVE-2024-44995"
},
{
"cve": "CVE-2024-44998",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"notes": [
{
"category": "summary",
"text": "atm: idt77252: use after free in dequeue_rx().",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"2",
"5"
],
"known_not_affected": [
"3"
]
},
"remediations": [
{
"category": "vendor_fix",
"details": "Update to V3.1 or later version",
"product_ids": [
"2",
"5"
],
"url": "https://support.industry.siemens.com/cs/ww/en/view/109977557/"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C",
"version": "3.1"
},
"products": [
"2",
"5"
]
}
],
"threats": [
{
"category": "impact",
"details": "Misinformed",
"product_ids": [
"3"
]
}
],
"title": "CVE-2024-44998"
},
{
"cve": "CVE-2024-44999",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"notes": [
{
"category": "summary",
"text": "gtp: missing network headers in gtp_dev_xmit().",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"2",
"5"
],
"known_not_affected": [
"3"
]
},
"remediations": [
{
"category": "vendor_fix",
"details": "Update to V3.1 or later version",
"product_ids": [
"2",
"5"
],
"url": "https://support.industry.siemens.com/cs/ww/en/view/109977557/"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.1,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H/E:U/RL:O/RC:C",
"version": "3.1"
},
"products": [
"2",
"5"
]
}
],
"threats": [
{
"category": "impact",
"details": "Misinformed",
"product_ids": [
"3"
]
}
],
"title": "CVE-2024-44999"
},
{
"cve": "CVE-2024-45003",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"notes": [
{
"category": "summary",
"text": "vfs: Some filesystems(eg. ext4 with ea_inode feature, ubifs with xattr) may do inode lookup in the inode evicting callback function, if the inode lookup is operated under the inode lru traversing context, deadlock problems may happen.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"2",
"5"
],
"known_not_affected": [
"3"
]
},
"remediations": [
{
"category": "vendor_fix",
"details": "Update to V3.1 or later version",
"product_ids": [
"2",
"5"
],
"url": "https://support.industry.siemens.com/cs/ww/en/view/109977557/"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C",
"version": "3.1"
},
"products": [
"2",
"5"
]
}
],
"threats": [
{
"category": "impact",
"details": "Misinformed",
"product_ids": [
"3"
]
}
],
"title": "CVE-2024-45003"
},
{
"cve": "CVE-2024-45006",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"notes": [
{
"category": "summary",
"text": "xhci: Panther point NULL pointer deref at full-speed re-enumeration.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"2",
"5"
],
"known_not_affected": [
"3"
]
},
"remediations": [
{
"category": "vendor_fix",
"details": "Update to V3.1 or later version",
"product_ids": [
"2",
"5"
],
"url": "https://support.industry.siemens.com/cs/ww/en/view/109977557/"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C",
"version": "3.1"
},
"products": [
"2",
"5"
]
}
],
"threats": [
{
"category": "impact",
"details": "Misinformed",
"product_ids": [
"3"
]
}
],
"title": "CVE-2024-45006"
},
{
"cve": "CVE-2024-45008",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"notes": [
{
"category": "summary",
"text": "Input: missing limit on max slots results in too large allocation at input_mt_init_slots().",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"2",
"5"
],
"known_not_affected": [
"3"
]
},
"remediations": [
{
"category": "vendor_fix",
"details": "Update to V3.1 or later version",
"product_ids": [
"2",
"5"
],
"url": "https://support.industry.siemens.com/cs/ww/en/view/109977557/"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C",
"version": "3.1"
},
"products": [
"2",
"5"
]
}
],
"threats": [
{
"category": "impact",
"details": "Misinformed",
"product_ids": [
"3"
]
}
],
"title": "CVE-2024-45008"
},
{
"cve": "CVE-2024-45021",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"notes": [
{
"category": "summary",
"text": "memcg_write_event_control(): a user-triggerable oops.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"2",
"5"
],
"known_not_affected": [
"3"
]
},
"remediations": [
{
"category": "vendor_fix",
"details": "Update to V3.1 or later version",
"product_ids": [
"2",
"5"
],
"url": "https://support.industry.siemens.com/cs/ww/en/view/109977557/"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C",
"version": "3.1"
},
"products": [
"2",
"5"
]
}
],
"threats": [
{
"category": "impact",
"details": "Misinformed",
"product_ids": [
"3"
]
}
],
"title": "CVE-2024-45021"
},
{
"cve": "CVE-2024-45025",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"notes": [
{
"category": "summary",
"text": "bitmap corruption on close_range() with CLOSE_RANGE_UNSHARE copy_fd_bitmaps.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"2",
"5"
],
"known_not_affected": [
"3"
]
},
"remediations": [
{
"category": "vendor_fix",
"details": "Update to V3.1 or later version",
"product_ids": [
"2",
"5"
],
"url": "https://support.industry.siemens.com/cs/ww/en/view/109977557/"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C",
"version": "3.1"
},
"products": [
"2",
"5"
]
}
],
"threats": [
{
"category": "impact",
"details": "Misinformed",
"product_ids": [
"3"
]
}
],
"title": "CVE-2024-45025"
},
{
"cve": "CVE-2024-45490",
"cwe": {
"id": "CWE-131",
"name": "Incorrect Calculation of Buffer Size"
},
"notes": [
{
"category": "summary",
"text": "An issue was discovered in libexpat before 2.6.3. xmlparse.c does not reject a negative length for XML_ParseBuffer.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"2",
"5"
],
"known_not_affected": [
"3"
]
},
"remediations": [
{
"category": "vendor_fix",
"details": "Update to V3.1 or later version",
"product_ids": [
"2",
"5"
],
"url": "https://support.industry.siemens.com/cs/ww/en/view/109977557/"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"2",
"5"
]
}
],
"threats": [
{
"category": "impact",
"details": "Misinformed",
"product_ids": [
"3"
]
}
],
"title": "CVE-2024-45490"
},
{
"cve": "CVE-2024-45491",
"cwe": {
"id": "CWE-190",
"name": "Integer Overflow or Wraparound"
},
"notes": [
{
"category": "summary",
"text": "An issue was discovered in libexpat before 2.6.3. dtdCopy in xmlparse.c can have an integer overflow for nDefaultAtts on 32-bit platforms (where UINT_MAX equals SIZE_MAX).",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"2",
"5"
],
"known_not_affected": [
"3"
]
},
"remediations": [
{
"category": "vendor_fix",
"details": "Update to V3.1 or later version",
"product_ids": [
"2",
"5"
],
"url": "https://support.industry.siemens.com/cs/ww/en/view/109977557/"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.3,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L",
"version": "3.1"
},
"products": [
"2",
"5"
]
}
],
"threats": [
{
"category": "impact",
"details": "Misinformed",
"product_ids": [
"3"
]
}
],
"title": "CVE-2024-45491"
},
{
"cve": "CVE-2024-45492",
"cwe": {
"id": "CWE-190",
"name": "Integer Overflow or Wraparound"
},
"notes": [
{
"category": "summary",
"text": "An issue was discovered in libexpat before 2.6.3. nextScaffoldPart in xmlparse.c can have an integer overflow for m_groupSize on 32-bit platforms (where UINT_MAX equals SIZE_MAX).",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"2",
"5"
],
"known_not_affected": [
"3"
]
},
"remediations": [
{
"category": "vendor_fix",
"details": "Update to V3.1 or later version",
"product_ids": [
"2",
"5"
],
"url": "https://support.industry.siemens.com/cs/ww/en/view/109977557/"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.3,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L",
"version": "3.1"
},
"products": [
"2",
"5"
]
}
],
"threats": [
{
"category": "impact",
"details": "Misinformed",
"product_ids": [
"3"
]
}
],
"title": "CVE-2024-45492"
},
{
"cve": "CVE-2024-46674",
"cwe": {
"id": "CWE-416",
"name": "Use After Free"
},
"notes": [
{
"category": "summary",
"text": "usb: dwc3: st: fix probed platform device ref count on probe error path. The probe function never performs any paltform device allocation, thus error path \"undo_platform_dev_alloc\" is entirely bogus. It drops the reference count from the platform device being probed. If error path is triggered, this will lead to unbalanced device reference counts and premature release of device resources, thus possible use-after-free when releasing remaining devm-managed resources.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"2",
"5"
],
"known_not_affected": [
"3"
]
},
"remediations": [
{
"category": "vendor_fix",
"details": "Update to V3.1 or later version",
"product_ids": [
"2",
"5"
],
"url": "https://support.industry.siemens.com/cs/ww/en/view/109977557/"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C",
"version": "3.1"
},
"products": [
"2",
"5"
]
}
],
"threats": [
{
"category": "impact",
"details": "Misinformed",
"product_ids": [
"3"
]
}
],
"title": "CVE-2024-46674"
},
{
"cve": "CVE-2024-46675",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"notes": [
{
"category": "summary",
"text": "usb: dwc3: core: A vulnerability where the USB core could access an invalid event buffer address during runtime suspend, potentially causing SMMU faults and other memory issues in Exynos platforms.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"2",
"5"
],
"known_not_affected": [
"3"
]
},
"remediations": [
{
"category": "vendor_fix",
"details": "Update to V3.1 or later version",
"product_ids": [
"2",
"5"
],
"url": "https://support.industry.siemens.com/cs/ww/en/view/109977557/"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C",
"version": "3.1"
},
"products": [
"2",
"5"
]
}
],
"threats": [
{
"category": "impact",
"details": "Misinformed",
"product_ids": [
"3"
]
}
],
"title": "CVE-2024-46675"
},
{
"cve": "CVE-2024-46676",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"notes": [
{
"category": "summary",
"text": "nfc: pn533: Add poll mod list filling check. In case of im_protocols value is 1 and tm_protocols value is 0 this combination successfully passes the check \u0027if (!im_protocols \u0026\u0026 !tm_protocols)\u0027 in the nfc_start_poll(). But then after pn533_poll_create_mod_list() call in pn533_start_poll() poll mod list will remain empty and dev-\u003epoll_mod_count will remain 0 which lead to division by zero.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"2",
"5"
],
"known_not_affected": [
"3"
]
},
"remediations": [
{
"category": "vendor_fix",
"details": "Update to V3.1 or later version",
"product_ids": [
"2",
"5"
],
"url": "https://support.industry.siemens.com/cs/ww/en/view/109977557/"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C",
"version": "3.1"
},
"products": [
"2",
"5"
]
}
],
"threats": [
{
"category": "impact",
"details": "Misinformed",
"product_ids": [
"3"
]
}
],
"title": "CVE-2024-46676"
},
{
"cve": "CVE-2024-46677",
"cwe": {
"id": "CWE-476",
"name": "NULL Pointer Dereference"
},
"notes": [
{
"category": "summary",
"text": "gtp: fix NULL pointer dereference. When sockfd_lookup() fails, gtp_encap_enable_socket() returns a NULL pointer, but its callers only check for error pointers thus miss the NULL pointer case.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"2",
"5"
],
"known_not_affected": [
"3"
]
},
"remediations": [
{
"category": "vendor_fix",
"details": "Update to V3.1 or later version",
"product_ids": [
"2",
"5"
],
"url": "https://support.industry.siemens.com/cs/ww/en/view/109977557/"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C",
"version": "3.1"
},
"products": [
"2",
"5"
]
}
],
"threats": [
{
"category": "impact",
"details": "Misinformed",
"product_ids": [
"3"
]
}
],
"title": "CVE-2024-46677"
},
{
"cve": "CVE-2024-46679",
"cwe": {
"id": "CWE-362",
"name": "Concurrent Execution using Shared Resource with Improper Synchronization (\u0027Race Condition\u0027)"
},
"notes": [
{
"category": "summary",
"text": "In the Linux kernel, the following vulnerability has been resolved: ethtool: check device is present when getting link settings.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"2",
"5"
],
"known_not_affected": [
"3"
]
},
"remediations": [
{
"category": "vendor_fix",
"details": "Update to V3.1 or later version",
"product_ids": [
"2",
"5"
],
"url": "https://support.industry.siemens.com/cs/ww/en/view/109977557/"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"2",
"5"
]
}
],
"threats": [
{
"category": "impact",
"details": "Misinformed",
"product_ids": [
"3"
]
}
],
"title": "CVE-2024-46679"
},
{
"cve": "CVE-2024-46685",
"cwe": {
"id": "CWE-476",
"name": "NULL Pointer Dereference"
},
"notes": [
{
"category": "summary",
"text": "pinctrl: single: fix NULL dereference in pcs_get_function(). pinmux_generic_get_function() can return NULL and the pointer \u0027function\u0027 was dereferenced without checking against NULL.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"2",
"5"
],
"known_not_affected": [
"3"
]
},
"remediations": [
{
"category": "vendor_fix",
"details": "Update to V3.1 or later version",
"product_ids": [
"2",
"5"
],
"url": "https://support.industry.siemens.com/cs/ww/en/view/109977557/"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C",
"version": "3.1"
},
"products": [
"2",
"5"
]
}
],
"threats": [
{
"category": "impact",
"details": "Misinformed",
"product_ids": [
"3"
]
}
],
"title": "CVE-2024-46685"
},
{
"cve": "CVE-2024-46689",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"notes": [
{
"category": "summary",
"text": "soc: qcom: cmd-db: Map shared memory as WC, not WB Linux does not write into cmd-db region. This region of memory is write protected by XPU. XPU may sometime falsely detect clean cache eviction as \"write\" into the write protected region leading to secure interrupt which causes an endless loop somewhere in Trust Zone.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"2",
"5"
],
"known_not_affected": [
"3"
]
},
"remediations": [
{
"category": "vendor_fix",
"details": "Update to V3.1 or later version",
"product_ids": [
"2",
"5"
],
"url": "https://support.industry.siemens.com/cs/ww/en/view/109977557/"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C",
"version": "3.1"
},
"products": [
"2",
"5"
]
}
],
"threats": [
{
"category": "impact",
"details": "Misinformed",
"product_ids": [
"3"
]
}
],
"title": "CVE-2024-46689"
}
]
}
SSA-769027
Vulnerability from csaf_siemens - Published: 2025-02-11 00:00 - Updated: 2025-02-11 00:00| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
SCALANCE WAB762-1 (6GK5762-1AJ00-6AA0)
Siemens / SCALANCE WAB762-1 (6GK5762-1AJ00-6AA0)
|
6GK5762-1AJ00-6AA0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
|
SCALANCE WAM763-1 (6GK5763-1AL00-7DA0)
Siemens / SCALANCE WAM763-1 (6GK5763-1AL00-7DA0)
|
6GK5763-1AL00-7DA0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
|
SCALANCE WAM763-1 (ME) (6GK5763-1AL00-7DC0)
Siemens / SCALANCE WAM763-1 (ME) (6GK5763-1AL00-7DC0)
|
6GK5763-1AL00-7DC0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
|
SCALANCE WAM763-1 (US) (6GK5763-1AL00-7DB0)
Siemens / SCALANCE WAM763-1 (US) (6GK5763-1AL00-7DB0)
|
6GK5763-1AL00-7DB0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
|
SCALANCE WAM766-1 (6GK5766-1GE00-7DA0)
Siemens / SCALANCE WAM766-1 (6GK5766-1GE00-7DA0)
|
6GK5766-1GE00-7DA0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
|
SCALANCE WAM766-1 (ME) (6GK5766-1GE00-7DC0)
Siemens / SCALANCE WAM766-1 (ME) (6GK5766-1GE00-7DC0)
|
6GK5766-1GE00-7DC0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
|
SCALANCE WAM766-1 (US) (6GK5766-1GE00-7DB0)
Siemens / SCALANCE WAM766-1 (US) (6GK5766-1GE00-7DB0)
|
6GK5766-1GE00-7DB0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
|
SCALANCE WAM766-1 EEC (6GK5766-1GE00-7TA0)
Siemens / SCALANCE WAM766-1 EEC (6GK5766-1GE00-7TA0)
|
6GK5766-1GE00-7TA0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
|
SCALANCE WAM766-1 EEC (ME) (6GK5766-1GE00-7TC0)
Siemens / SCALANCE WAM766-1 EEC (ME) (6GK5766-1GE00-7TC0)
|
6GK5766-1GE00-7TC0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
|
SCALANCE WAM766-1 EEC (US) (6GK5766-1GE00-7TB0)
Siemens / SCALANCE WAM766-1 EEC (US) (6GK5766-1GE00-7TB0)
|
6GK5766-1GE00-7TB0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
|
SCALANCE WUB762-1 (6GK5762-1AJ00-1AA0)
Siemens / SCALANCE WUB762-1 (6GK5762-1AJ00-1AA0)
|
6GK5762-1AJ00-1AA0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
|
SCALANCE WUB762-1 iFeatures (6GK5762-1AJ00-2AA0)
Siemens / SCALANCE WUB762-1 iFeatures (6GK5762-1AJ00-2AA0)
|
6GK5762-1AJ00-2AA0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
|
SCALANCE WUM763-1 (6GK5763-1AL00-3AA0)
Siemens / SCALANCE WUM763-1 (6GK5763-1AL00-3AA0)
|
6GK5763-1AL00-3AA0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
|
SCALANCE WUM763-1 (6GK5763-1AL00-3DA0)
Siemens / SCALANCE WUM763-1 (6GK5763-1AL00-3DA0)
|
6GK5763-1AL00-3DA0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
|
SCALANCE WUM763-1 (US) (6GK5763-1AL00-3AB0)
Siemens / SCALANCE WUM763-1 (US) (6GK5763-1AL00-3AB0)
|
6GK5763-1AL00-3AB0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
|
SCALANCE WUM763-1 (US) (6GK5763-1AL00-3DB0)
Siemens / SCALANCE WUM763-1 (US) (6GK5763-1AL00-3DB0)
|
6GK5763-1AL00-3DB0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
|
SCALANCE WUM766-1 (6GK5766-1GE00-3DA0)
Siemens / SCALANCE WUM766-1 (6GK5766-1GE00-3DA0)
|
6GK5766-1GE00-3DA0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
|
SCALANCE WUM766-1 (ME) (6GK5766-1GE00-3DC0)
Siemens / SCALANCE WUM766-1 (ME) (6GK5766-1GE00-3DC0)
|
6GK5766-1GE00-3DC0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
|
SCALANCE WUM766-1 (USA) (6GK5766-1GE00-3DB0)
Siemens / SCALANCE WUM766-1 (USA) (6GK5766-1GE00-3DB0)
|
6GK5766-1GE00-3DB0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
SCALANCE WAB762-1 (6GK5762-1AJ00-6AA0)
Siemens / SCALANCE WAB762-1 (6GK5762-1AJ00-6AA0)
|
6GK5762-1AJ00-6AA0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
|
SCALANCE WAM763-1 (6GK5763-1AL00-7DA0)
Siemens / SCALANCE WAM763-1 (6GK5763-1AL00-7DA0)
|
6GK5763-1AL00-7DA0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
|
SCALANCE WAM763-1 (ME) (6GK5763-1AL00-7DC0)
Siemens / SCALANCE WAM763-1 (ME) (6GK5763-1AL00-7DC0)
|
6GK5763-1AL00-7DC0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
|
SCALANCE WAM763-1 (US) (6GK5763-1AL00-7DB0)
Siemens / SCALANCE WAM763-1 (US) (6GK5763-1AL00-7DB0)
|
6GK5763-1AL00-7DB0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
|
SCALANCE WAM766-1 (6GK5766-1GE00-7DA0)
Siemens / SCALANCE WAM766-1 (6GK5766-1GE00-7DA0)
|
6GK5766-1GE00-7DA0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
|
SCALANCE WAM766-1 (ME) (6GK5766-1GE00-7DC0)
Siemens / SCALANCE WAM766-1 (ME) (6GK5766-1GE00-7DC0)
|
6GK5766-1GE00-7DC0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
|
SCALANCE WAM766-1 (US) (6GK5766-1GE00-7DB0)
Siemens / SCALANCE WAM766-1 (US) (6GK5766-1GE00-7DB0)
|
6GK5766-1GE00-7DB0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
|
SCALANCE WAM766-1 EEC (6GK5766-1GE00-7TA0)
Siemens / SCALANCE WAM766-1 EEC (6GK5766-1GE00-7TA0)
|
6GK5766-1GE00-7TA0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
|
SCALANCE WAM766-1 EEC (ME) (6GK5766-1GE00-7TC0)
Siemens / SCALANCE WAM766-1 EEC (ME) (6GK5766-1GE00-7TC0)
|
6GK5766-1GE00-7TC0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
|
SCALANCE WAM766-1 EEC (US) (6GK5766-1GE00-7TB0)
Siemens / SCALANCE WAM766-1 EEC (US) (6GK5766-1GE00-7TB0)
|
6GK5766-1GE00-7TB0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
|
SCALANCE WUB762-1 (6GK5762-1AJ00-1AA0)
Siemens / SCALANCE WUB762-1 (6GK5762-1AJ00-1AA0)
|
6GK5762-1AJ00-1AA0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
|
SCALANCE WUB762-1 iFeatures (6GK5762-1AJ00-2AA0)
Siemens / SCALANCE WUB762-1 iFeatures (6GK5762-1AJ00-2AA0)
|
6GK5762-1AJ00-2AA0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
|
SCALANCE WUM763-1 (6GK5763-1AL00-3AA0)
Siemens / SCALANCE WUM763-1 (6GK5763-1AL00-3AA0)
|
6GK5763-1AL00-3AA0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
|
SCALANCE WUM763-1 (6GK5763-1AL00-3DA0)
Siemens / SCALANCE WUM763-1 (6GK5763-1AL00-3DA0)
|
6GK5763-1AL00-3DA0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
|
SCALANCE WUM763-1 (US) (6GK5763-1AL00-3AB0)
Siemens / SCALANCE WUM763-1 (US) (6GK5763-1AL00-3AB0)
|
6GK5763-1AL00-3AB0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
|
SCALANCE WUM763-1 (US) (6GK5763-1AL00-3DB0)
Siemens / SCALANCE WUM763-1 (US) (6GK5763-1AL00-3DB0)
|
6GK5763-1AL00-3DB0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
|
SCALANCE WUM766-1 (6GK5766-1GE00-3DA0)
Siemens / SCALANCE WUM766-1 (6GK5766-1GE00-3DA0)
|
6GK5766-1GE00-3DA0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
|
SCALANCE WUM766-1 (ME) (6GK5766-1GE00-3DC0)
Siemens / SCALANCE WUM766-1 (ME) (6GK5766-1GE00-3DC0)
|
6GK5766-1GE00-3DC0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
|
SCALANCE WUM766-1 (USA) (6GK5766-1GE00-3DB0)
Siemens / SCALANCE WUM766-1 (USA) (6GK5766-1GE00-3DB0)
|
6GK5766-1GE00-3DB0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
SCALANCE WAB762-1 (6GK5762-1AJ00-6AA0)
Siemens / SCALANCE WAB762-1 (6GK5762-1AJ00-6AA0)
|
6GK5762-1AJ00-6AA0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
|
SCALANCE WAM763-1 (6GK5763-1AL00-7DA0)
Siemens / SCALANCE WAM763-1 (6GK5763-1AL00-7DA0)
|
6GK5763-1AL00-7DA0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
|
SCALANCE WAM763-1 (ME) (6GK5763-1AL00-7DC0)
Siemens / SCALANCE WAM763-1 (ME) (6GK5763-1AL00-7DC0)
|
6GK5763-1AL00-7DC0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
|
SCALANCE WAM763-1 (US) (6GK5763-1AL00-7DB0)
Siemens / SCALANCE WAM763-1 (US) (6GK5763-1AL00-7DB0)
|
6GK5763-1AL00-7DB0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
|
SCALANCE WAM766-1 (6GK5766-1GE00-7DA0)
Siemens / SCALANCE WAM766-1 (6GK5766-1GE00-7DA0)
|
6GK5766-1GE00-7DA0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
|
SCALANCE WAM766-1 (ME) (6GK5766-1GE00-7DC0)
Siemens / SCALANCE WAM766-1 (ME) (6GK5766-1GE00-7DC0)
|
6GK5766-1GE00-7DC0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
|
SCALANCE WAM766-1 (US) (6GK5766-1GE00-7DB0)
Siemens / SCALANCE WAM766-1 (US) (6GK5766-1GE00-7DB0)
|
6GK5766-1GE00-7DB0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
|
SCALANCE WAM766-1 EEC (6GK5766-1GE00-7TA0)
Siemens / SCALANCE WAM766-1 EEC (6GK5766-1GE00-7TA0)
|
6GK5766-1GE00-7TA0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
|
SCALANCE WAM766-1 EEC (ME) (6GK5766-1GE00-7TC0)
Siemens / SCALANCE WAM766-1 EEC (ME) (6GK5766-1GE00-7TC0)
|
6GK5766-1GE00-7TC0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
|
SCALANCE WAM766-1 EEC (US) (6GK5766-1GE00-7TB0)
Siemens / SCALANCE WAM766-1 EEC (US) (6GK5766-1GE00-7TB0)
|
6GK5766-1GE00-7TB0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
|
SCALANCE WUB762-1 (6GK5762-1AJ00-1AA0)
Siemens / SCALANCE WUB762-1 (6GK5762-1AJ00-1AA0)
|
6GK5762-1AJ00-1AA0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
|
SCALANCE WUB762-1 iFeatures (6GK5762-1AJ00-2AA0)
Siemens / SCALANCE WUB762-1 iFeatures (6GK5762-1AJ00-2AA0)
|
6GK5762-1AJ00-2AA0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
|
SCALANCE WUM763-1 (6GK5763-1AL00-3AA0)
Siemens / SCALANCE WUM763-1 (6GK5763-1AL00-3AA0)
|
6GK5763-1AL00-3AA0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
|
SCALANCE WUM763-1 (6GK5763-1AL00-3DA0)
Siemens / SCALANCE WUM763-1 (6GK5763-1AL00-3DA0)
|
6GK5763-1AL00-3DA0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
|
SCALANCE WUM763-1 (US) (6GK5763-1AL00-3AB0)
Siemens / SCALANCE WUM763-1 (US) (6GK5763-1AL00-3AB0)
|
6GK5763-1AL00-3AB0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
|
SCALANCE WUM763-1 (US) (6GK5763-1AL00-3DB0)
Siemens / SCALANCE WUM763-1 (US) (6GK5763-1AL00-3DB0)
|
6GK5763-1AL00-3DB0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
|
SCALANCE WUM766-1 (6GK5766-1GE00-3DA0)
Siemens / SCALANCE WUM766-1 (6GK5766-1GE00-3DA0)
|
6GK5766-1GE00-3DA0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
|
SCALANCE WUM766-1 (ME) (6GK5766-1GE00-3DC0)
Siemens / SCALANCE WUM766-1 (ME) (6GK5766-1GE00-3DC0)
|
6GK5766-1GE00-3DC0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
|
SCALANCE WUM766-1 (USA) (6GK5766-1GE00-3DB0)
Siemens / SCALANCE WUM766-1 (USA) (6GK5766-1GE00-3DB0)
|
6GK5766-1GE00-3DB0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
SCALANCE WAB762-1 (6GK5762-1AJ00-6AA0)
Siemens / SCALANCE WAB762-1 (6GK5762-1AJ00-6AA0)
|
6GK5762-1AJ00-6AA0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
|
SCALANCE WAM763-1 (6GK5763-1AL00-7DA0)
Siemens / SCALANCE WAM763-1 (6GK5763-1AL00-7DA0)
|
6GK5763-1AL00-7DA0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
|
SCALANCE WAM763-1 (ME) (6GK5763-1AL00-7DC0)
Siemens / SCALANCE WAM763-1 (ME) (6GK5763-1AL00-7DC0)
|
6GK5763-1AL00-7DC0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
|
SCALANCE WAM763-1 (US) (6GK5763-1AL00-7DB0)
Siemens / SCALANCE WAM763-1 (US) (6GK5763-1AL00-7DB0)
|
6GK5763-1AL00-7DB0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
|
SCALANCE WAM766-1 (6GK5766-1GE00-7DA0)
Siemens / SCALANCE WAM766-1 (6GK5766-1GE00-7DA0)
|
6GK5766-1GE00-7DA0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
|
SCALANCE WAM766-1 (ME) (6GK5766-1GE00-7DC0)
Siemens / SCALANCE WAM766-1 (ME) (6GK5766-1GE00-7DC0)
|
6GK5766-1GE00-7DC0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
|
SCALANCE WAM766-1 (US) (6GK5766-1GE00-7DB0)
Siemens / SCALANCE WAM766-1 (US) (6GK5766-1GE00-7DB0)
|
6GK5766-1GE00-7DB0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
|
SCALANCE WAM766-1 EEC (6GK5766-1GE00-7TA0)
Siemens / SCALANCE WAM766-1 EEC (6GK5766-1GE00-7TA0)
|
6GK5766-1GE00-7TA0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
|
SCALANCE WAM766-1 EEC (ME) (6GK5766-1GE00-7TC0)
Siemens / SCALANCE WAM766-1 EEC (ME) (6GK5766-1GE00-7TC0)
|
6GK5766-1GE00-7TC0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
|
SCALANCE WAM766-1 EEC (US) (6GK5766-1GE00-7TB0)
Siemens / SCALANCE WAM766-1 EEC (US) (6GK5766-1GE00-7TB0)
|
6GK5766-1GE00-7TB0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
|
SCALANCE WUB762-1 (6GK5762-1AJ00-1AA0)
Siemens / SCALANCE WUB762-1 (6GK5762-1AJ00-1AA0)
|
6GK5762-1AJ00-1AA0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
|
SCALANCE WUB762-1 iFeatures (6GK5762-1AJ00-2AA0)
Siemens / SCALANCE WUB762-1 iFeatures (6GK5762-1AJ00-2AA0)
|
6GK5762-1AJ00-2AA0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
|
SCALANCE WUM763-1 (6GK5763-1AL00-3AA0)
Siemens / SCALANCE WUM763-1 (6GK5763-1AL00-3AA0)
|
6GK5763-1AL00-3AA0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
|
SCALANCE WUM763-1 (6GK5763-1AL00-3DA0)
Siemens / SCALANCE WUM763-1 (6GK5763-1AL00-3DA0)
|
6GK5763-1AL00-3DA0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
|
SCALANCE WUM763-1 (US) (6GK5763-1AL00-3AB0)
Siemens / SCALANCE WUM763-1 (US) (6GK5763-1AL00-3AB0)
|
6GK5763-1AL00-3AB0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
|
SCALANCE WUM763-1 (US) (6GK5763-1AL00-3DB0)
Siemens / SCALANCE WUM763-1 (US) (6GK5763-1AL00-3DB0)
|
6GK5763-1AL00-3DB0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
|
SCALANCE WUM766-1 (6GK5766-1GE00-3DA0)
Siemens / SCALANCE WUM766-1 (6GK5766-1GE00-3DA0)
|
6GK5766-1GE00-3DA0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
|
SCALANCE WUM766-1 (ME) (6GK5766-1GE00-3DC0)
Siemens / SCALANCE WUM766-1 (ME) (6GK5766-1GE00-3DC0)
|
6GK5766-1GE00-3DC0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
|
SCALANCE WUM766-1 (USA) (6GK5766-1GE00-3DB0)
Siemens / SCALANCE WUM766-1 (USA) (6GK5766-1GE00-3DB0)
|
6GK5766-1GE00-3DB0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
SCALANCE WAB762-1 (6GK5762-1AJ00-6AA0)
Siemens / SCALANCE WAB762-1 (6GK5762-1AJ00-6AA0)
|
6GK5762-1AJ00-6AA0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
|
SCALANCE WAM763-1 (6GK5763-1AL00-7DA0)
Siemens / SCALANCE WAM763-1 (6GK5763-1AL00-7DA0)
|
6GK5763-1AL00-7DA0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
|
SCALANCE WAM763-1 (ME) (6GK5763-1AL00-7DC0)
Siemens / SCALANCE WAM763-1 (ME) (6GK5763-1AL00-7DC0)
|
6GK5763-1AL00-7DC0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
|
SCALANCE WAM763-1 (US) (6GK5763-1AL00-7DB0)
Siemens / SCALANCE WAM763-1 (US) (6GK5763-1AL00-7DB0)
|
6GK5763-1AL00-7DB0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
|
SCALANCE WAM766-1 (6GK5766-1GE00-7DA0)
Siemens / SCALANCE WAM766-1 (6GK5766-1GE00-7DA0)
|
6GK5766-1GE00-7DA0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
|
SCALANCE WAM766-1 (ME) (6GK5766-1GE00-7DC0)
Siemens / SCALANCE WAM766-1 (ME) (6GK5766-1GE00-7DC0)
|
6GK5766-1GE00-7DC0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
|
SCALANCE WAM766-1 (US) (6GK5766-1GE00-7DB0)
Siemens / SCALANCE WAM766-1 (US) (6GK5766-1GE00-7DB0)
|
6GK5766-1GE00-7DB0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
|
SCALANCE WAM766-1 EEC (6GK5766-1GE00-7TA0)
Siemens / SCALANCE WAM766-1 EEC (6GK5766-1GE00-7TA0)
|
6GK5766-1GE00-7TA0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
|
SCALANCE WAM766-1 EEC (ME) (6GK5766-1GE00-7TC0)
Siemens / SCALANCE WAM766-1 EEC (ME) (6GK5766-1GE00-7TC0)
|
6GK5766-1GE00-7TC0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
|
SCALANCE WAM766-1 EEC (US) (6GK5766-1GE00-7TB0)
Siemens / SCALANCE WAM766-1 EEC (US) (6GK5766-1GE00-7TB0)
|
6GK5766-1GE00-7TB0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
|
SCALANCE WUB762-1 (6GK5762-1AJ00-1AA0)
Siemens / SCALANCE WUB762-1 (6GK5762-1AJ00-1AA0)
|
6GK5762-1AJ00-1AA0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
|
SCALANCE WUB762-1 iFeatures (6GK5762-1AJ00-2AA0)
Siemens / SCALANCE WUB762-1 iFeatures (6GK5762-1AJ00-2AA0)
|
6GK5762-1AJ00-2AA0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
|
SCALANCE WUM763-1 (6GK5763-1AL00-3AA0)
Siemens / SCALANCE WUM763-1 (6GK5763-1AL00-3AA0)
|
6GK5763-1AL00-3AA0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
|
SCALANCE WUM763-1 (6GK5763-1AL00-3DA0)
Siemens / SCALANCE WUM763-1 (6GK5763-1AL00-3DA0)
|
6GK5763-1AL00-3DA0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
|
SCALANCE WUM763-1 (US) (6GK5763-1AL00-3AB0)
Siemens / SCALANCE WUM763-1 (US) (6GK5763-1AL00-3AB0)
|
6GK5763-1AL00-3AB0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
|
SCALANCE WUM763-1 (US) (6GK5763-1AL00-3DB0)
Siemens / SCALANCE WUM763-1 (US) (6GK5763-1AL00-3DB0)
|
6GK5763-1AL00-3DB0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
|
SCALANCE WUM766-1 (6GK5766-1GE00-3DA0)
Siemens / SCALANCE WUM766-1 (6GK5766-1GE00-3DA0)
|
6GK5766-1GE00-3DA0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
|
SCALANCE WUM766-1 (ME) (6GK5766-1GE00-3DC0)
Siemens / SCALANCE WUM766-1 (ME) (6GK5766-1GE00-3DC0)
|
6GK5766-1GE00-3DC0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
|
SCALANCE WUM766-1 (USA) (6GK5766-1GE00-3DB0)
Siemens / SCALANCE WUM766-1 (USA) (6GK5766-1GE00-3DB0)
|
6GK5766-1GE00-3DB0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
SCALANCE WAB762-1 (6GK5762-1AJ00-6AA0)
Siemens / SCALANCE WAB762-1 (6GK5762-1AJ00-6AA0)
|
6GK5762-1AJ00-6AA0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
|
SCALANCE WAM763-1 (6GK5763-1AL00-7DA0)
Siemens / SCALANCE WAM763-1 (6GK5763-1AL00-7DA0)
|
6GK5763-1AL00-7DA0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
|
SCALANCE WAM763-1 (ME) (6GK5763-1AL00-7DC0)
Siemens / SCALANCE WAM763-1 (ME) (6GK5763-1AL00-7DC0)
|
6GK5763-1AL00-7DC0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
|
SCALANCE WAM763-1 (US) (6GK5763-1AL00-7DB0)
Siemens / SCALANCE WAM763-1 (US) (6GK5763-1AL00-7DB0)
|
6GK5763-1AL00-7DB0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
|
SCALANCE WAM766-1 (6GK5766-1GE00-7DA0)
Siemens / SCALANCE WAM766-1 (6GK5766-1GE00-7DA0)
|
6GK5766-1GE00-7DA0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
|
SCALANCE WAM766-1 (ME) (6GK5766-1GE00-7DC0)
Siemens / SCALANCE WAM766-1 (ME) (6GK5766-1GE00-7DC0)
|
6GK5766-1GE00-7DC0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
|
SCALANCE WAM766-1 (US) (6GK5766-1GE00-7DB0)
Siemens / SCALANCE WAM766-1 (US) (6GK5766-1GE00-7DB0)
|
6GK5766-1GE00-7DB0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
|
SCALANCE WAM766-1 EEC (6GK5766-1GE00-7TA0)
Siemens / SCALANCE WAM766-1 EEC (6GK5766-1GE00-7TA0)
|
6GK5766-1GE00-7TA0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
|
SCALANCE WAM766-1 EEC (ME) (6GK5766-1GE00-7TC0)
Siemens / SCALANCE WAM766-1 EEC (ME) (6GK5766-1GE00-7TC0)
|
6GK5766-1GE00-7TC0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
|
SCALANCE WAM766-1 EEC (US) (6GK5766-1GE00-7TB0)
Siemens / SCALANCE WAM766-1 EEC (US) (6GK5766-1GE00-7TB0)
|
6GK5766-1GE00-7TB0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
|
SCALANCE WUB762-1 (6GK5762-1AJ00-1AA0)
Siemens / SCALANCE WUB762-1 (6GK5762-1AJ00-1AA0)
|
6GK5762-1AJ00-1AA0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
|
SCALANCE WUB762-1 iFeatures (6GK5762-1AJ00-2AA0)
Siemens / SCALANCE WUB762-1 iFeatures (6GK5762-1AJ00-2AA0)
|
6GK5762-1AJ00-2AA0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
|
SCALANCE WUM763-1 (6GK5763-1AL00-3AA0)
Siemens / SCALANCE WUM763-1 (6GK5763-1AL00-3AA0)
|
6GK5763-1AL00-3AA0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
|
SCALANCE WUM763-1 (6GK5763-1AL00-3DA0)
Siemens / SCALANCE WUM763-1 (6GK5763-1AL00-3DA0)
|
6GK5763-1AL00-3DA0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
|
SCALANCE WUM763-1 (US) (6GK5763-1AL00-3AB0)
Siemens / SCALANCE WUM763-1 (US) (6GK5763-1AL00-3AB0)
|
6GK5763-1AL00-3AB0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
|
SCALANCE WUM763-1 (US) (6GK5763-1AL00-3DB0)
Siemens / SCALANCE WUM763-1 (US) (6GK5763-1AL00-3DB0)
|
6GK5763-1AL00-3DB0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
|
SCALANCE WUM766-1 (6GK5766-1GE00-3DA0)
Siemens / SCALANCE WUM766-1 (6GK5766-1GE00-3DA0)
|
6GK5766-1GE00-3DA0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
|
SCALANCE WUM766-1 (ME) (6GK5766-1GE00-3DC0)
Siemens / SCALANCE WUM766-1 (ME) (6GK5766-1GE00-3DC0)
|
6GK5766-1GE00-3DC0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
|
SCALANCE WUM766-1 (USA) (6GK5766-1GE00-3DB0)
Siemens / SCALANCE WUM766-1 (USA) (6GK5766-1GE00-3DB0)
|
6GK5766-1GE00-3DB0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
SCALANCE WAB762-1 (6GK5762-1AJ00-6AA0)
Siemens / SCALANCE WAB762-1 (6GK5762-1AJ00-6AA0)
|
6GK5762-1AJ00-6AA0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
|
SCALANCE WAM763-1 (6GK5763-1AL00-7DA0)
Siemens / SCALANCE WAM763-1 (6GK5763-1AL00-7DA0)
|
6GK5763-1AL00-7DA0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
|
SCALANCE WAM763-1 (ME) (6GK5763-1AL00-7DC0)
Siemens / SCALANCE WAM763-1 (ME) (6GK5763-1AL00-7DC0)
|
6GK5763-1AL00-7DC0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
|
SCALANCE WAM763-1 (US) (6GK5763-1AL00-7DB0)
Siemens / SCALANCE WAM763-1 (US) (6GK5763-1AL00-7DB0)
|
6GK5763-1AL00-7DB0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
|
SCALANCE WAM766-1 (6GK5766-1GE00-7DA0)
Siemens / SCALANCE WAM766-1 (6GK5766-1GE00-7DA0)
|
6GK5766-1GE00-7DA0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
|
SCALANCE WAM766-1 (ME) (6GK5766-1GE00-7DC0)
Siemens / SCALANCE WAM766-1 (ME) (6GK5766-1GE00-7DC0)
|
6GK5766-1GE00-7DC0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
|
SCALANCE WAM766-1 (US) (6GK5766-1GE00-7DB0)
Siemens / SCALANCE WAM766-1 (US) (6GK5766-1GE00-7DB0)
|
6GK5766-1GE00-7DB0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
|
SCALANCE WAM766-1 EEC (6GK5766-1GE00-7TA0)
Siemens / SCALANCE WAM766-1 EEC (6GK5766-1GE00-7TA0)
|
6GK5766-1GE00-7TA0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
|
SCALANCE WAM766-1 EEC (ME) (6GK5766-1GE00-7TC0)
Siemens / SCALANCE WAM766-1 EEC (ME) (6GK5766-1GE00-7TC0)
|
6GK5766-1GE00-7TC0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
|
SCALANCE WAM766-1 EEC (US) (6GK5766-1GE00-7TB0)
Siemens / SCALANCE WAM766-1 EEC (US) (6GK5766-1GE00-7TB0)
|
6GK5766-1GE00-7TB0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
|
SCALANCE WUB762-1 (6GK5762-1AJ00-1AA0)
Siemens / SCALANCE WUB762-1 (6GK5762-1AJ00-1AA0)
|
6GK5762-1AJ00-1AA0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
|
SCALANCE WUB762-1 iFeatures (6GK5762-1AJ00-2AA0)
Siemens / SCALANCE WUB762-1 iFeatures (6GK5762-1AJ00-2AA0)
|
6GK5762-1AJ00-2AA0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
|
SCALANCE WUM763-1 (6GK5763-1AL00-3AA0)
Siemens / SCALANCE WUM763-1 (6GK5763-1AL00-3AA0)
|
6GK5763-1AL00-3AA0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
|
SCALANCE WUM763-1 (6GK5763-1AL00-3DA0)
Siemens / SCALANCE WUM763-1 (6GK5763-1AL00-3DA0)
|
6GK5763-1AL00-3DA0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
|
SCALANCE WUM763-1 (US) (6GK5763-1AL00-3AB0)
Siemens / SCALANCE WUM763-1 (US) (6GK5763-1AL00-3AB0)
|
6GK5763-1AL00-3AB0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
|
SCALANCE WUM763-1 (US) (6GK5763-1AL00-3DB0)
Siemens / SCALANCE WUM763-1 (US) (6GK5763-1AL00-3DB0)
|
6GK5763-1AL00-3DB0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
|
SCALANCE WUM766-1 (6GK5766-1GE00-3DA0)
Siemens / SCALANCE WUM766-1 (6GK5766-1GE00-3DA0)
|
6GK5766-1GE00-3DA0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
|
SCALANCE WUM766-1 (ME) (6GK5766-1GE00-3DC0)
Siemens / SCALANCE WUM766-1 (ME) (6GK5766-1GE00-3DC0)
|
6GK5766-1GE00-3DC0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
|
SCALANCE WUM766-1 (USA) (6GK5766-1GE00-3DB0)
Siemens / SCALANCE WUM766-1 (USA) (6GK5766-1GE00-3DB0)
|
6GK5766-1GE00-3DB0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
SCALANCE WAB762-1 (6GK5762-1AJ00-6AA0)
Siemens / SCALANCE WAB762-1 (6GK5762-1AJ00-6AA0)
|
6GK5762-1AJ00-6AA0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
|
SCALANCE WAM763-1 (6GK5763-1AL00-7DA0)
Siemens / SCALANCE WAM763-1 (6GK5763-1AL00-7DA0)
|
6GK5763-1AL00-7DA0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
|
SCALANCE WAM763-1 (ME) (6GK5763-1AL00-7DC0)
Siemens / SCALANCE WAM763-1 (ME) (6GK5763-1AL00-7DC0)
|
6GK5763-1AL00-7DC0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
|
SCALANCE WAM763-1 (US) (6GK5763-1AL00-7DB0)
Siemens / SCALANCE WAM763-1 (US) (6GK5763-1AL00-7DB0)
|
6GK5763-1AL00-7DB0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
|
SCALANCE WAM766-1 (6GK5766-1GE00-7DA0)
Siemens / SCALANCE WAM766-1 (6GK5766-1GE00-7DA0)
|
6GK5766-1GE00-7DA0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
|
SCALANCE WAM766-1 (ME) (6GK5766-1GE00-7DC0)
Siemens / SCALANCE WAM766-1 (ME) (6GK5766-1GE00-7DC0)
|
6GK5766-1GE00-7DC0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
|
SCALANCE WAM766-1 (US) (6GK5766-1GE00-7DB0)
Siemens / SCALANCE WAM766-1 (US) (6GK5766-1GE00-7DB0)
|
6GK5766-1GE00-7DB0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
|
SCALANCE WAM766-1 EEC (6GK5766-1GE00-7TA0)
Siemens / SCALANCE WAM766-1 EEC (6GK5766-1GE00-7TA0)
|
6GK5766-1GE00-7TA0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
|
SCALANCE WAM766-1 EEC (ME) (6GK5766-1GE00-7TC0)
Siemens / SCALANCE WAM766-1 EEC (ME) (6GK5766-1GE00-7TC0)
|
6GK5766-1GE00-7TC0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
|
SCALANCE WAM766-1 EEC (US) (6GK5766-1GE00-7TB0)
Siemens / SCALANCE WAM766-1 EEC (US) (6GK5766-1GE00-7TB0)
|
6GK5766-1GE00-7TB0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
|
SCALANCE WUB762-1 (6GK5762-1AJ00-1AA0)
Siemens / SCALANCE WUB762-1 (6GK5762-1AJ00-1AA0)
|
6GK5762-1AJ00-1AA0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
|
SCALANCE WUB762-1 iFeatures (6GK5762-1AJ00-2AA0)
Siemens / SCALANCE WUB762-1 iFeatures (6GK5762-1AJ00-2AA0)
|
6GK5762-1AJ00-2AA0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
|
SCALANCE WUM763-1 (6GK5763-1AL00-3AA0)
Siemens / SCALANCE WUM763-1 (6GK5763-1AL00-3AA0)
|
6GK5763-1AL00-3AA0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
|
SCALANCE WUM763-1 (6GK5763-1AL00-3DA0)
Siemens / SCALANCE WUM763-1 (6GK5763-1AL00-3DA0)
|
6GK5763-1AL00-3DA0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
|
SCALANCE WUM763-1 (US) (6GK5763-1AL00-3AB0)
Siemens / SCALANCE WUM763-1 (US) (6GK5763-1AL00-3AB0)
|
6GK5763-1AL00-3AB0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
|
SCALANCE WUM763-1 (US) (6GK5763-1AL00-3DB0)
Siemens / SCALANCE WUM763-1 (US) (6GK5763-1AL00-3DB0)
|
6GK5763-1AL00-3DB0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
|
SCALANCE WUM766-1 (6GK5766-1GE00-3DA0)
Siemens / SCALANCE WUM766-1 (6GK5766-1GE00-3DA0)
|
6GK5766-1GE00-3DA0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
|
SCALANCE WUM766-1 (ME) (6GK5766-1GE00-3DC0)
Siemens / SCALANCE WUM766-1 (ME) (6GK5766-1GE00-3DC0)
|
6GK5766-1GE00-3DC0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
|
SCALANCE WUM766-1 (USA) (6GK5766-1GE00-3DB0)
Siemens / SCALANCE WUM766-1 (USA) (6GK5766-1GE00-3DB0)
|
6GK5766-1GE00-3DB0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
SCALANCE WAB762-1 (6GK5762-1AJ00-6AA0)
Siemens / SCALANCE WAB762-1 (6GK5762-1AJ00-6AA0)
|
6GK5762-1AJ00-6AA0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
|
SCALANCE WAM763-1 (6GK5763-1AL00-7DA0)
Siemens / SCALANCE WAM763-1 (6GK5763-1AL00-7DA0)
|
6GK5763-1AL00-7DA0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
|
SCALANCE WAM763-1 (ME) (6GK5763-1AL00-7DC0)
Siemens / SCALANCE WAM763-1 (ME) (6GK5763-1AL00-7DC0)
|
6GK5763-1AL00-7DC0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
|
SCALANCE WAM763-1 (US) (6GK5763-1AL00-7DB0)
Siemens / SCALANCE WAM763-1 (US) (6GK5763-1AL00-7DB0)
|
6GK5763-1AL00-7DB0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
|
SCALANCE WAM766-1 (6GK5766-1GE00-7DA0)
Siemens / SCALANCE WAM766-1 (6GK5766-1GE00-7DA0)
|
6GK5766-1GE00-7DA0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
|
SCALANCE WAM766-1 (ME) (6GK5766-1GE00-7DC0)
Siemens / SCALANCE WAM766-1 (ME) (6GK5766-1GE00-7DC0)
|
6GK5766-1GE00-7DC0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
|
SCALANCE WAM766-1 (US) (6GK5766-1GE00-7DB0)
Siemens / SCALANCE WAM766-1 (US) (6GK5766-1GE00-7DB0)
|
6GK5766-1GE00-7DB0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
|
SCALANCE WAM766-1 EEC (6GK5766-1GE00-7TA0)
Siemens / SCALANCE WAM766-1 EEC (6GK5766-1GE00-7TA0)
|
6GK5766-1GE00-7TA0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
|
SCALANCE WAM766-1 EEC (ME) (6GK5766-1GE00-7TC0)
Siemens / SCALANCE WAM766-1 EEC (ME) (6GK5766-1GE00-7TC0)
|
6GK5766-1GE00-7TC0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
|
SCALANCE WAM766-1 EEC (US) (6GK5766-1GE00-7TB0)
Siemens / SCALANCE WAM766-1 EEC (US) (6GK5766-1GE00-7TB0)
|
6GK5766-1GE00-7TB0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
|
SCALANCE WUB762-1 (6GK5762-1AJ00-1AA0)
Siemens / SCALANCE WUB762-1 (6GK5762-1AJ00-1AA0)
|
6GK5762-1AJ00-1AA0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
|
SCALANCE WUB762-1 iFeatures (6GK5762-1AJ00-2AA0)
Siemens / SCALANCE WUB762-1 iFeatures (6GK5762-1AJ00-2AA0)
|
6GK5762-1AJ00-2AA0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
|
SCALANCE WUM763-1 (6GK5763-1AL00-3AA0)
Siemens / SCALANCE WUM763-1 (6GK5763-1AL00-3AA0)
|
6GK5763-1AL00-3AA0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
|
SCALANCE WUM763-1 (6GK5763-1AL00-3DA0)
Siemens / SCALANCE WUM763-1 (6GK5763-1AL00-3DA0)
|
6GK5763-1AL00-3DA0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
|
SCALANCE WUM763-1 (US) (6GK5763-1AL00-3AB0)
Siemens / SCALANCE WUM763-1 (US) (6GK5763-1AL00-3AB0)
|
6GK5763-1AL00-3AB0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
|
SCALANCE WUM763-1 (US) (6GK5763-1AL00-3DB0)
Siemens / SCALANCE WUM763-1 (US) (6GK5763-1AL00-3DB0)
|
6GK5763-1AL00-3DB0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
|
SCALANCE WUM766-1 (6GK5766-1GE00-3DA0)
Siemens / SCALANCE WUM766-1 (6GK5766-1GE00-3DA0)
|
6GK5766-1GE00-3DA0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
|
SCALANCE WUM766-1 (ME) (6GK5766-1GE00-3DC0)
Siemens / SCALANCE WUM766-1 (ME) (6GK5766-1GE00-3DC0)
|
6GK5766-1GE00-3DC0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
|
SCALANCE WUM766-1 (USA) (6GK5766-1GE00-3DB0)
Siemens / SCALANCE WUM766-1 (USA) (6GK5766-1GE00-3DB0)
|
6GK5766-1GE00-3DB0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
SCALANCE WAB762-1 (6GK5762-1AJ00-6AA0)
Siemens / SCALANCE WAB762-1 (6GK5762-1AJ00-6AA0)
|
6GK5762-1AJ00-6AA0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
|
SCALANCE WAM763-1 (6GK5763-1AL00-7DA0)
Siemens / SCALANCE WAM763-1 (6GK5763-1AL00-7DA0)
|
6GK5763-1AL00-7DA0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
|
SCALANCE WAM763-1 (ME) (6GK5763-1AL00-7DC0)
Siemens / SCALANCE WAM763-1 (ME) (6GK5763-1AL00-7DC0)
|
6GK5763-1AL00-7DC0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
|
SCALANCE WAM763-1 (US) (6GK5763-1AL00-7DB0)
Siemens / SCALANCE WAM763-1 (US) (6GK5763-1AL00-7DB0)
|
6GK5763-1AL00-7DB0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
|
SCALANCE WAM766-1 (6GK5766-1GE00-7DA0)
Siemens / SCALANCE WAM766-1 (6GK5766-1GE00-7DA0)
|
6GK5766-1GE00-7DA0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
|
SCALANCE WAM766-1 (ME) (6GK5766-1GE00-7DC0)
Siemens / SCALANCE WAM766-1 (ME) (6GK5766-1GE00-7DC0)
|
6GK5766-1GE00-7DC0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
|
SCALANCE WAM766-1 (US) (6GK5766-1GE00-7DB0)
Siemens / SCALANCE WAM766-1 (US) (6GK5766-1GE00-7DB0)
|
6GK5766-1GE00-7DB0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
|
SCALANCE WAM766-1 EEC (6GK5766-1GE00-7TA0)
Siemens / SCALANCE WAM766-1 EEC (6GK5766-1GE00-7TA0)
|
6GK5766-1GE00-7TA0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
|
SCALANCE WAM766-1 EEC (ME) (6GK5766-1GE00-7TC0)
Siemens / SCALANCE WAM766-1 EEC (ME) (6GK5766-1GE00-7TC0)
|
6GK5766-1GE00-7TC0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
|
SCALANCE WAM766-1 EEC (US) (6GK5766-1GE00-7TB0)
Siemens / SCALANCE WAM766-1 EEC (US) (6GK5766-1GE00-7TB0)
|
6GK5766-1GE00-7TB0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
|
SCALANCE WUB762-1 (6GK5762-1AJ00-1AA0)
Siemens / SCALANCE WUB762-1 (6GK5762-1AJ00-1AA0)
|
6GK5762-1AJ00-1AA0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
|
SCALANCE WUB762-1 iFeatures (6GK5762-1AJ00-2AA0)
Siemens / SCALANCE WUB762-1 iFeatures (6GK5762-1AJ00-2AA0)
|
6GK5762-1AJ00-2AA0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
|
SCALANCE WUM763-1 (6GK5763-1AL00-3AA0)
Siemens / SCALANCE WUM763-1 (6GK5763-1AL00-3AA0)
|
6GK5763-1AL00-3AA0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
|
SCALANCE WUM763-1 (6GK5763-1AL00-3DA0)
Siemens / SCALANCE WUM763-1 (6GK5763-1AL00-3DA0)
|
6GK5763-1AL00-3DA0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
|
SCALANCE WUM763-1 (US) (6GK5763-1AL00-3AB0)
Siemens / SCALANCE WUM763-1 (US) (6GK5763-1AL00-3AB0)
|
6GK5763-1AL00-3AB0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
|
SCALANCE WUM763-1 (US) (6GK5763-1AL00-3DB0)
Siemens / SCALANCE WUM763-1 (US) (6GK5763-1AL00-3DB0)
|
6GK5763-1AL00-3DB0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
|
SCALANCE WUM766-1 (6GK5766-1GE00-3DA0)
Siemens / SCALANCE WUM766-1 (6GK5766-1GE00-3DA0)
|
6GK5766-1GE00-3DA0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
|
SCALANCE WUM766-1 (ME) (6GK5766-1GE00-3DC0)
Siemens / SCALANCE WUM766-1 (ME) (6GK5766-1GE00-3DC0)
|
6GK5766-1GE00-3DC0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
|
SCALANCE WUM766-1 (USA) (6GK5766-1GE00-3DB0)
Siemens / SCALANCE WUM766-1 (USA) (6GK5766-1GE00-3DB0)
|
6GK5766-1GE00-3DB0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
SCALANCE WAB762-1 (6GK5762-1AJ00-6AA0)
Siemens / SCALANCE WAB762-1 (6GK5762-1AJ00-6AA0)
|
6GK5762-1AJ00-6AA0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
|
SCALANCE WAM763-1 (6GK5763-1AL00-7DA0)
Siemens / SCALANCE WAM763-1 (6GK5763-1AL00-7DA0)
|
6GK5763-1AL00-7DA0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
|
SCALANCE WAM763-1 (ME) (6GK5763-1AL00-7DC0)
Siemens / SCALANCE WAM763-1 (ME) (6GK5763-1AL00-7DC0)
|
6GK5763-1AL00-7DC0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
|
SCALANCE WAM763-1 (US) (6GK5763-1AL00-7DB0)
Siemens / SCALANCE WAM763-1 (US) (6GK5763-1AL00-7DB0)
|
6GK5763-1AL00-7DB0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
|
SCALANCE WAM766-1 (6GK5766-1GE00-7DA0)
Siemens / SCALANCE WAM766-1 (6GK5766-1GE00-7DA0)
|
6GK5766-1GE00-7DA0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
|
SCALANCE WAM766-1 (ME) (6GK5766-1GE00-7DC0)
Siemens / SCALANCE WAM766-1 (ME) (6GK5766-1GE00-7DC0)
|
6GK5766-1GE00-7DC0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
|
SCALANCE WAM766-1 (US) (6GK5766-1GE00-7DB0)
Siemens / SCALANCE WAM766-1 (US) (6GK5766-1GE00-7DB0)
|
6GK5766-1GE00-7DB0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
|
SCALANCE WAM766-1 EEC (6GK5766-1GE00-7TA0)
Siemens / SCALANCE WAM766-1 EEC (6GK5766-1GE00-7TA0)
|
6GK5766-1GE00-7TA0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
|
SCALANCE WAM766-1 EEC (ME) (6GK5766-1GE00-7TC0)
Siemens / SCALANCE WAM766-1 EEC (ME) (6GK5766-1GE00-7TC0)
|
6GK5766-1GE00-7TC0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
|
SCALANCE WAM766-1 EEC (US) (6GK5766-1GE00-7TB0)
Siemens / SCALANCE WAM766-1 EEC (US) (6GK5766-1GE00-7TB0)
|
6GK5766-1GE00-7TB0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
|
SCALANCE WUB762-1 (6GK5762-1AJ00-1AA0)
Siemens / SCALANCE WUB762-1 (6GK5762-1AJ00-1AA0)
|
6GK5762-1AJ00-1AA0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
|
SCALANCE WUB762-1 iFeatures (6GK5762-1AJ00-2AA0)
Siemens / SCALANCE WUB762-1 iFeatures (6GK5762-1AJ00-2AA0)
|
6GK5762-1AJ00-2AA0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
|
SCALANCE WUM763-1 (6GK5763-1AL00-3AA0)
Siemens / SCALANCE WUM763-1 (6GK5763-1AL00-3AA0)
|
6GK5763-1AL00-3AA0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
|
SCALANCE WUM763-1 (6GK5763-1AL00-3DA0)
Siemens / SCALANCE WUM763-1 (6GK5763-1AL00-3DA0)
|
6GK5763-1AL00-3DA0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
|
SCALANCE WUM763-1 (US) (6GK5763-1AL00-3AB0)
Siemens / SCALANCE WUM763-1 (US) (6GK5763-1AL00-3AB0)
|
6GK5763-1AL00-3AB0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
|
SCALANCE WUM763-1 (US) (6GK5763-1AL00-3DB0)
Siemens / SCALANCE WUM763-1 (US) (6GK5763-1AL00-3DB0)
|
6GK5763-1AL00-3DB0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
|
SCALANCE WUM766-1 (6GK5766-1GE00-3DA0)
Siemens / SCALANCE WUM766-1 (6GK5766-1GE00-3DA0)
|
6GK5766-1GE00-3DA0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
|
SCALANCE WUM766-1 (ME) (6GK5766-1GE00-3DC0)
Siemens / SCALANCE WUM766-1 (ME) (6GK5766-1GE00-3DC0)
|
6GK5766-1GE00-3DC0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
|
SCALANCE WUM766-1 (USA) (6GK5766-1GE00-3DB0)
Siemens / SCALANCE WUM766-1 (USA) (6GK5766-1GE00-3DB0)
|
6GK5766-1GE00-3DB0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
SCALANCE WAB762-1 (6GK5762-1AJ00-6AA0)
Siemens / SCALANCE WAB762-1 (6GK5762-1AJ00-6AA0)
|
6GK5762-1AJ00-6AA0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
|
SCALANCE WAM763-1 (6GK5763-1AL00-7DA0)
Siemens / SCALANCE WAM763-1 (6GK5763-1AL00-7DA0)
|
6GK5763-1AL00-7DA0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
|
SCALANCE WAM763-1 (ME) (6GK5763-1AL00-7DC0)
Siemens / SCALANCE WAM763-1 (ME) (6GK5763-1AL00-7DC0)
|
6GK5763-1AL00-7DC0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
|
SCALANCE WAM763-1 (US) (6GK5763-1AL00-7DB0)
Siemens / SCALANCE WAM763-1 (US) (6GK5763-1AL00-7DB0)
|
6GK5763-1AL00-7DB0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
|
SCALANCE WAM766-1 (6GK5766-1GE00-7DA0)
Siemens / SCALANCE WAM766-1 (6GK5766-1GE00-7DA0)
|
6GK5766-1GE00-7DA0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
|
SCALANCE WAM766-1 (ME) (6GK5766-1GE00-7DC0)
Siemens / SCALANCE WAM766-1 (ME) (6GK5766-1GE00-7DC0)
|
6GK5766-1GE00-7DC0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
|
SCALANCE WAM766-1 (US) (6GK5766-1GE00-7DB0)
Siemens / SCALANCE WAM766-1 (US) (6GK5766-1GE00-7DB0)
|
6GK5766-1GE00-7DB0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
|
SCALANCE WAM766-1 EEC (6GK5766-1GE00-7TA0)
Siemens / SCALANCE WAM766-1 EEC (6GK5766-1GE00-7TA0)
|
6GK5766-1GE00-7TA0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
|
SCALANCE WAM766-1 EEC (ME) (6GK5766-1GE00-7TC0)
Siemens / SCALANCE WAM766-1 EEC (ME) (6GK5766-1GE00-7TC0)
|
6GK5766-1GE00-7TC0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
|
SCALANCE WAM766-1 EEC (US) (6GK5766-1GE00-7TB0)
Siemens / SCALANCE WAM766-1 EEC (US) (6GK5766-1GE00-7TB0)
|
6GK5766-1GE00-7TB0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
|
SCALANCE WUB762-1 (6GK5762-1AJ00-1AA0)
Siemens / SCALANCE WUB762-1 (6GK5762-1AJ00-1AA0)
|
6GK5762-1AJ00-1AA0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
|
SCALANCE WUB762-1 iFeatures (6GK5762-1AJ00-2AA0)
Siemens / SCALANCE WUB762-1 iFeatures (6GK5762-1AJ00-2AA0)
|
6GK5762-1AJ00-2AA0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
|
SCALANCE WUM763-1 (6GK5763-1AL00-3AA0)
Siemens / SCALANCE WUM763-1 (6GK5763-1AL00-3AA0)
|
6GK5763-1AL00-3AA0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
|
SCALANCE WUM763-1 (6GK5763-1AL00-3DA0)
Siemens / SCALANCE WUM763-1 (6GK5763-1AL00-3DA0)
|
6GK5763-1AL00-3DA0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
|
SCALANCE WUM763-1 (US) (6GK5763-1AL00-3AB0)
Siemens / SCALANCE WUM763-1 (US) (6GK5763-1AL00-3AB0)
|
6GK5763-1AL00-3AB0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
|
SCALANCE WUM763-1 (US) (6GK5763-1AL00-3DB0)
Siemens / SCALANCE WUM763-1 (US) (6GK5763-1AL00-3DB0)
|
6GK5763-1AL00-3DB0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
|
SCALANCE WUM766-1 (6GK5766-1GE00-3DA0)
Siemens / SCALANCE WUM766-1 (6GK5766-1GE00-3DA0)
|
6GK5766-1GE00-3DA0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
|
SCALANCE WUM766-1 (ME) (6GK5766-1GE00-3DC0)
Siemens / SCALANCE WUM766-1 (ME) (6GK5766-1GE00-3DC0)
|
6GK5766-1GE00-3DC0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
|
SCALANCE WUM766-1 (USA) (6GK5766-1GE00-3DB0)
Siemens / SCALANCE WUM766-1 (USA) (6GK5766-1GE00-3DB0)
|
6GK5766-1GE00-3DB0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
SCALANCE WAB762-1 (6GK5762-1AJ00-6AA0)
Siemens / SCALANCE WAB762-1 (6GK5762-1AJ00-6AA0)
|
6GK5762-1AJ00-6AA0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
|
SCALANCE WAM763-1 (6GK5763-1AL00-7DA0)
Siemens / SCALANCE WAM763-1 (6GK5763-1AL00-7DA0)
|
6GK5763-1AL00-7DA0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
|
SCALANCE WAM763-1 (ME) (6GK5763-1AL00-7DC0)
Siemens / SCALANCE WAM763-1 (ME) (6GK5763-1AL00-7DC0)
|
6GK5763-1AL00-7DC0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
|
SCALANCE WAM763-1 (US) (6GK5763-1AL00-7DB0)
Siemens / SCALANCE WAM763-1 (US) (6GK5763-1AL00-7DB0)
|
6GK5763-1AL00-7DB0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
|
SCALANCE WAM766-1 (6GK5766-1GE00-7DA0)
Siemens / SCALANCE WAM766-1 (6GK5766-1GE00-7DA0)
|
6GK5766-1GE00-7DA0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
|
SCALANCE WAM766-1 (ME) (6GK5766-1GE00-7DC0)
Siemens / SCALANCE WAM766-1 (ME) (6GK5766-1GE00-7DC0)
|
6GK5766-1GE00-7DC0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
|
SCALANCE WAM766-1 (US) (6GK5766-1GE00-7DB0)
Siemens / SCALANCE WAM766-1 (US) (6GK5766-1GE00-7DB0)
|
6GK5766-1GE00-7DB0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
|
SCALANCE WAM766-1 EEC (6GK5766-1GE00-7TA0)
Siemens / SCALANCE WAM766-1 EEC (6GK5766-1GE00-7TA0)
|
6GK5766-1GE00-7TA0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
|
SCALANCE WAM766-1 EEC (ME) (6GK5766-1GE00-7TC0)
Siemens / SCALANCE WAM766-1 EEC (ME) (6GK5766-1GE00-7TC0)
|
6GK5766-1GE00-7TC0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
|
SCALANCE WAM766-1 EEC (US) (6GK5766-1GE00-7TB0)
Siemens / SCALANCE WAM766-1 EEC (US) (6GK5766-1GE00-7TB0)
|
6GK5766-1GE00-7TB0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
|
SCALANCE WUB762-1 (6GK5762-1AJ00-1AA0)
Siemens / SCALANCE WUB762-1 (6GK5762-1AJ00-1AA0)
|
6GK5762-1AJ00-1AA0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
|
SCALANCE WUB762-1 iFeatures (6GK5762-1AJ00-2AA0)
Siemens / SCALANCE WUB762-1 iFeatures (6GK5762-1AJ00-2AA0)
|
6GK5762-1AJ00-2AA0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
|
SCALANCE WUM763-1 (6GK5763-1AL00-3AA0)
Siemens / SCALANCE WUM763-1 (6GK5763-1AL00-3AA0)
|
6GK5763-1AL00-3AA0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
|
SCALANCE WUM763-1 (6GK5763-1AL00-3DA0)
Siemens / SCALANCE WUM763-1 (6GK5763-1AL00-3DA0)
|
6GK5763-1AL00-3DA0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
|
SCALANCE WUM763-1 (US) (6GK5763-1AL00-3AB0)
Siemens / SCALANCE WUM763-1 (US) (6GK5763-1AL00-3AB0)
|
6GK5763-1AL00-3AB0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
|
SCALANCE WUM763-1 (US) (6GK5763-1AL00-3DB0)
Siemens / SCALANCE WUM763-1 (US) (6GK5763-1AL00-3DB0)
|
6GK5763-1AL00-3DB0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
|
SCALANCE WUM766-1 (6GK5766-1GE00-3DA0)
Siemens / SCALANCE WUM766-1 (6GK5766-1GE00-3DA0)
|
6GK5766-1GE00-3DA0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
|
SCALANCE WUM766-1 (ME) (6GK5766-1GE00-3DC0)
Siemens / SCALANCE WUM766-1 (ME) (6GK5766-1GE00-3DC0)
|
6GK5766-1GE00-3DC0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
|
SCALANCE WUM766-1 (USA) (6GK5766-1GE00-3DB0)
Siemens / SCALANCE WUM766-1 (USA) (6GK5766-1GE00-3DB0)
|
6GK5766-1GE00-3DB0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
SCALANCE WAB762-1 (6GK5762-1AJ00-6AA0)
Siemens / SCALANCE WAB762-1 (6GK5762-1AJ00-6AA0)
|
6GK5762-1AJ00-6AA0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
|
SCALANCE WAM763-1 (6GK5763-1AL00-7DA0)
Siemens / SCALANCE WAM763-1 (6GK5763-1AL00-7DA0)
|
6GK5763-1AL00-7DA0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
|
SCALANCE WAM763-1 (ME) (6GK5763-1AL00-7DC0)
Siemens / SCALANCE WAM763-1 (ME) (6GK5763-1AL00-7DC0)
|
6GK5763-1AL00-7DC0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
|
SCALANCE WAM763-1 (US) (6GK5763-1AL00-7DB0)
Siemens / SCALANCE WAM763-1 (US) (6GK5763-1AL00-7DB0)
|
6GK5763-1AL00-7DB0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
|
SCALANCE WAM766-1 (6GK5766-1GE00-7DA0)
Siemens / SCALANCE WAM766-1 (6GK5766-1GE00-7DA0)
|
6GK5766-1GE00-7DA0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
|
SCALANCE WAM766-1 (ME) (6GK5766-1GE00-7DC0)
Siemens / SCALANCE WAM766-1 (ME) (6GK5766-1GE00-7DC0)
|
6GK5766-1GE00-7DC0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
|
SCALANCE WAM766-1 (US) (6GK5766-1GE00-7DB0)
Siemens / SCALANCE WAM766-1 (US) (6GK5766-1GE00-7DB0)
|
6GK5766-1GE00-7DB0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
|
SCALANCE WAM766-1 EEC (6GK5766-1GE00-7TA0)
Siemens / SCALANCE WAM766-1 EEC (6GK5766-1GE00-7TA0)
|
6GK5766-1GE00-7TA0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
|
SCALANCE WAM766-1 EEC (ME) (6GK5766-1GE00-7TC0)
Siemens / SCALANCE WAM766-1 EEC (ME) (6GK5766-1GE00-7TC0)
|
6GK5766-1GE00-7TC0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
|
SCALANCE WAM766-1 EEC (US) (6GK5766-1GE00-7TB0)
Siemens / SCALANCE WAM766-1 EEC (US) (6GK5766-1GE00-7TB0)
|
6GK5766-1GE00-7TB0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
|
SCALANCE WUB762-1 (6GK5762-1AJ00-1AA0)
Siemens / SCALANCE WUB762-1 (6GK5762-1AJ00-1AA0)
|
6GK5762-1AJ00-1AA0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
|
SCALANCE WUB762-1 iFeatures (6GK5762-1AJ00-2AA0)
Siemens / SCALANCE WUB762-1 iFeatures (6GK5762-1AJ00-2AA0)
|
6GK5762-1AJ00-2AA0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
|
SCALANCE WUM763-1 (6GK5763-1AL00-3AA0)
Siemens / SCALANCE WUM763-1 (6GK5763-1AL00-3AA0)
|
6GK5763-1AL00-3AA0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
|
SCALANCE WUM763-1 (6GK5763-1AL00-3DA0)
Siemens / SCALANCE WUM763-1 (6GK5763-1AL00-3DA0)
|
6GK5763-1AL00-3DA0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
|
SCALANCE WUM763-1 (US) (6GK5763-1AL00-3AB0)
Siemens / SCALANCE WUM763-1 (US) (6GK5763-1AL00-3AB0)
|
6GK5763-1AL00-3AB0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
|
SCALANCE WUM763-1 (US) (6GK5763-1AL00-3DB0)
Siemens / SCALANCE WUM763-1 (US) (6GK5763-1AL00-3DB0)
|
6GK5763-1AL00-3DB0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
|
SCALANCE WUM766-1 (6GK5766-1GE00-3DA0)
Siemens / SCALANCE WUM766-1 (6GK5766-1GE00-3DA0)
|
6GK5766-1GE00-3DA0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
|
SCALANCE WUM766-1 (ME) (6GK5766-1GE00-3DC0)
Siemens / SCALANCE WUM766-1 (ME) (6GK5766-1GE00-3DC0)
|
6GK5766-1GE00-3DC0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
|
SCALANCE WUM766-1 (USA) (6GK5766-1GE00-3DB0)
Siemens / SCALANCE WUM766-1 (USA) (6GK5766-1GE00-3DB0)
|
6GK5766-1GE00-3DB0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
SCALANCE WAB762-1 (6GK5762-1AJ00-6AA0)
Siemens / SCALANCE WAB762-1 (6GK5762-1AJ00-6AA0)
|
6GK5762-1AJ00-6AA0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
|
SCALANCE WAM763-1 (6GK5763-1AL00-7DA0)
Siemens / SCALANCE WAM763-1 (6GK5763-1AL00-7DA0)
|
6GK5763-1AL00-7DA0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
|
SCALANCE WAM763-1 (ME) (6GK5763-1AL00-7DC0)
Siemens / SCALANCE WAM763-1 (ME) (6GK5763-1AL00-7DC0)
|
6GK5763-1AL00-7DC0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
|
SCALANCE WAM763-1 (US) (6GK5763-1AL00-7DB0)
Siemens / SCALANCE WAM763-1 (US) (6GK5763-1AL00-7DB0)
|
6GK5763-1AL00-7DB0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
|
SCALANCE WAM766-1 (6GK5766-1GE00-7DA0)
Siemens / SCALANCE WAM766-1 (6GK5766-1GE00-7DA0)
|
6GK5766-1GE00-7DA0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
|
SCALANCE WAM766-1 (ME) (6GK5766-1GE00-7DC0)
Siemens / SCALANCE WAM766-1 (ME) (6GK5766-1GE00-7DC0)
|
6GK5766-1GE00-7DC0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
|
SCALANCE WAM766-1 (US) (6GK5766-1GE00-7DB0)
Siemens / SCALANCE WAM766-1 (US) (6GK5766-1GE00-7DB0)
|
6GK5766-1GE00-7DB0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
|
SCALANCE WAM766-1 EEC (6GK5766-1GE00-7TA0)
Siemens / SCALANCE WAM766-1 EEC (6GK5766-1GE00-7TA0)
|
6GK5766-1GE00-7TA0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
|
SCALANCE WAM766-1 EEC (ME) (6GK5766-1GE00-7TC0)
Siemens / SCALANCE WAM766-1 EEC (ME) (6GK5766-1GE00-7TC0)
|
6GK5766-1GE00-7TC0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
|
SCALANCE WAM766-1 EEC (US) (6GK5766-1GE00-7TB0)
Siemens / SCALANCE WAM766-1 EEC (US) (6GK5766-1GE00-7TB0)
|
6GK5766-1GE00-7TB0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
|
SCALANCE WUB762-1 (6GK5762-1AJ00-1AA0)
Siemens / SCALANCE WUB762-1 (6GK5762-1AJ00-1AA0)
|
6GK5762-1AJ00-1AA0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
|
SCALANCE WUB762-1 iFeatures (6GK5762-1AJ00-2AA0)
Siemens / SCALANCE WUB762-1 iFeatures (6GK5762-1AJ00-2AA0)
|
6GK5762-1AJ00-2AA0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
|
SCALANCE WUM763-1 (6GK5763-1AL00-3AA0)
Siemens / SCALANCE WUM763-1 (6GK5763-1AL00-3AA0)
|
6GK5763-1AL00-3AA0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
|
SCALANCE WUM763-1 (6GK5763-1AL00-3DA0)
Siemens / SCALANCE WUM763-1 (6GK5763-1AL00-3DA0)
|
6GK5763-1AL00-3DA0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
|
SCALANCE WUM763-1 (US) (6GK5763-1AL00-3AB0)
Siemens / SCALANCE WUM763-1 (US) (6GK5763-1AL00-3AB0)
|
6GK5763-1AL00-3AB0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
|
SCALANCE WUM763-1 (US) (6GK5763-1AL00-3DB0)
Siemens / SCALANCE WUM763-1 (US) (6GK5763-1AL00-3DB0)
|
6GK5763-1AL00-3DB0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
|
SCALANCE WUM766-1 (6GK5766-1GE00-3DA0)
Siemens / SCALANCE WUM766-1 (6GK5766-1GE00-3DA0)
|
6GK5766-1GE00-3DA0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
|
SCALANCE WUM766-1 (ME) (6GK5766-1GE00-3DC0)
Siemens / SCALANCE WUM766-1 (ME) (6GK5766-1GE00-3DC0)
|
6GK5766-1GE00-3DC0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
|
SCALANCE WUM766-1 (USA) (6GK5766-1GE00-3DB0)
Siemens / SCALANCE WUM766-1 (USA) (6GK5766-1GE00-3DB0)
|
6GK5766-1GE00-3DB0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
SCALANCE WAB762-1 (6GK5762-1AJ00-6AA0)
Siemens / SCALANCE WAB762-1 (6GK5762-1AJ00-6AA0)
|
6GK5762-1AJ00-6AA0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
|
SCALANCE WAM763-1 (6GK5763-1AL00-7DA0)
Siemens / SCALANCE WAM763-1 (6GK5763-1AL00-7DA0)
|
6GK5763-1AL00-7DA0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
|
SCALANCE WAM763-1 (ME) (6GK5763-1AL00-7DC0)
Siemens / SCALANCE WAM763-1 (ME) (6GK5763-1AL00-7DC0)
|
6GK5763-1AL00-7DC0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
|
SCALANCE WAM763-1 (US) (6GK5763-1AL00-7DB0)
Siemens / SCALANCE WAM763-1 (US) (6GK5763-1AL00-7DB0)
|
6GK5763-1AL00-7DB0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
|
SCALANCE WAM766-1 (6GK5766-1GE00-7DA0)
Siemens / SCALANCE WAM766-1 (6GK5766-1GE00-7DA0)
|
6GK5766-1GE00-7DA0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
|
SCALANCE WAM766-1 (ME) (6GK5766-1GE00-7DC0)
Siemens / SCALANCE WAM766-1 (ME) (6GK5766-1GE00-7DC0)
|
6GK5766-1GE00-7DC0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
|
SCALANCE WAM766-1 (US) (6GK5766-1GE00-7DB0)
Siemens / SCALANCE WAM766-1 (US) (6GK5766-1GE00-7DB0)
|
6GK5766-1GE00-7DB0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
|
SCALANCE WAM766-1 EEC (6GK5766-1GE00-7TA0)
Siemens / SCALANCE WAM766-1 EEC (6GK5766-1GE00-7TA0)
|
6GK5766-1GE00-7TA0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
|
SCALANCE WAM766-1 EEC (ME) (6GK5766-1GE00-7TC0)
Siemens / SCALANCE WAM766-1 EEC (ME) (6GK5766-1GE00-7TC0)
|
6GK5766-1GE00-7TC0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
|
SCALANCE WAM766-1 EEC (US) (6GK5766-1GE00-7TB0)
Siemens / SCALANCE WAM766-1 EEC (US) (6GK5766-1GE00-7TB0)
|
6GK5766-1GE00-7TB0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
|
SCALANCE WUB762-1 (6GK5762-1AJ00-1AA0)
Siemens / SCALANCE WUB762-1 (6GK5762-1AJ00-1AA0)
|
6GK5762-1AJ00-1AA0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
|
SCALANCE WUB762-1 iFeatures (6GK5762-1AJ00-2AA0)
Siemens / SCALANCE WUB762-1 iFeatures (6GK5762-1AJ00-2AA0)
|
6GK5762-1AJ00-2AA0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
|
SCALANCE WUM763-1 (6GK5763-1AL00-3AA0)
Siemens / SCALANCE WUM763-1 (6GK5763-1AL00-3AA0)
|
6GK5763-1AL00-3AA0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
|
SCALANCE WUM763-1 (6GK5763-1AL00-3DA0)
Siemens / SCALANCE WUM763-1 (6GK5763-1AL00-3DA0)
|
6GK5763-1AL00-3DA0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
|
SCALANCE WUM763-1 (US) (6GK5763-1AL00-3AB0)
Siemens / SCALANCE WUM763-1 (US) (6GK5763-1AL00-3AB0)
|
6GK5763-1AL00-3AB0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
|
SCALANCE WUM763-1 (US) (6GK5763-1AL00-3DB0)
Siemens / SCALANCE WUM763-1 (US) (6GK5763-1AL00-3DB0)
|
6GK5763-1AL00-3DB0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
|
SCALANCE WUM766-1 (6GK5766-1GE00-3DA0)
Siemens / SCALANCE WUM766-1 (6GK5766-1GE00-3DA0)
|
6GK5766-1GE00-3DA0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
|
SCALANCE WUM766-1 (ME) (6GK5766-1GE00-3DC0)
Siemens / SCALANCE WUM766-1 (ME) (6GK5766-1GE00-3DC0)
|
6GK5766-1GE00-3DC0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
|
SCALANCE WUM766-1 (USA) (6GK5766-1GE00-3DB0)
Siemens / SCALANCE WUM766-1 (USA) (6GK5766-1GE00-3DB0)
|
6GK5766-1GE00-3DB0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
SCALANCE WAB762-1 (6GK5762-1AJ00-6AA0)
Siemens / SCALANCE WAB762-1 (6GK5762-1AJ00-6AA0)
|
6GK5762-1AJ00-6AA0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
|
SCALANCE WAM763-1 (6GK5763-1AL00-7DA0)
Siemens / SCALANCE WAM763-1 (6GK5763-1AL00-7DA0)
|
6GK5763-1AL00-7DA0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
|
SCALANCE WAM763-1 (ME) (6GK5763-1AL00-7DC0)
Siemens / SCALANCE WAM763-1 (ME) (6GK5763-1AL00-7DC0)
|
6GK5763-1AL00-7DC0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
|
SCALANCE WAM763-1 (US) (6GK5763-1AL00-7DB0)
Siemens / SCALANCE WAM763-1 (US) (6GK5763-1AL00-7DB0)
|
6GK5763-1AL00-7DB0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
|
SCALANCE WAM766-1 (6GK5766-1GE00-7DA0)
Siemens / SCALANCE WAM766-1 (6GK5766-1GE00-7DA0)
|
6GK5766-1GE00-7DA0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
|
SCALANCE WAM766-1 (ME) (6GK5766-1GE00-7DC0)
Siemens / SCALANCE WAM766-1 (ME) (6GK5766-1GE00-7DC0)
|
6GK5766-1GE00-7DC0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
|
SCALANCE WAM766-1 (US) (6GK5766-1GE00-7DB0)
Siemens / SCALANCE WAM766-1 (US) (6GK5766-1GE00-7DB0)
|
6GK5766-1GE00-7DB0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
|
SCALANCE WAM766-1 EEC (6GK5766-1GE00-7TA0)
Siemens / SCALANCE WAM766-1 EEC (6GK5766-1GE00-7TA0)
|
6GK5766-1GE00-7TA0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
|
SCALANCE WAM766-1 EEC (ME) (6GK5766-1GE00-7TC0)
Siemens / SCALANCE WAM766-1 EEC (ME) (6GK5766-1GE00-7TC0)
|
6GK5766-1GE00-7TC0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
|
SCALANCE WAM766-1 EEC (US) (6GK5766-1GE00-7TB0)
Siemens / SCALANCE WAM766-1 EEC (US) (6GK5766-1GE00-7TB0)
|
6GK5766-1GE00-7TB0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
|
SCALANCE WUB762-1 (6GK5762-1AJ00-1AA0)
Siemens / SCALANCE WUB762-1 (6GK5762-1AJ00-1AA0)
|
6GK5762-1AJ00-1AA0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
|
SCALANCE WUB762-1 iFeatures (6GK5762-1AJ00-2AA0)
Siemens / SCALANCE WUB762-1 iFeatures (6GK5762-1AJ00-2AA0)
|
6GK5762-1AJ00-2AA0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
|
SCALANCE WUM763-1 (6GK5763-1AL00-3AA0)
Siemens / SCALANCE WUM763-1 (6GK5763-1AL00-3AA0)
|
6GK5763-1AL00-3AA0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
|
SCALANCE WUM763-1 (6GK5763-1AL00-3DA0)
Siemens / SCALANCE WUM763-1 (6GK5763-1AL00-3DA0)
|
6GK5763-1AL00-3DA0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
|
SCALANCE WUM763-1 (US) (6GK5763-1AL00-3AB0)
Siemens / SCALANCE WUM763-1 (US) (6GK5763-1AL00-3AB0)
|
6GK5763-1AL00-3AB0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
|
SCALANCE WUM763-1 (US) (6GK5763-1AL00-3DB0)
Siemens / SCALANCE WUM763-1 (US) (6GK5763-1AL00-3DB0)
|
6GK5763-1AL00-3DB0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
|
SCALANCE WUM766-1 (6GK5766-1GE00-3DA0)
Siemens / SCALANCE WUM766-1 (6GK5766-1GE00-3DA0)
|
6GK5766-1GE00-3DA0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
|
SCALANCE WUM766-1 (ME) (6GK5766-1GE00-3DC0)
Siemens / SCALANCE WUM766-1 (ME) (6GK5766-1GE00-3DC0)
|
6GK5766-1GE00-3DC0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
|
SCALANCE WUM766-1 (USA) (6GK5766-1GE00-3DB0)
Siemens / SCALANCE WUM766-1 (USA) (6GK5766-1GE00-3DB0)
|
6GK5766-1GE00-3DB0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
SCALANCE WAB762-1 (6GK5762-1AJ00-6AA0)
Siemens / SCALANCE WAB762-1 (6GK5762-1AJ00-6AA0)
|
6GK5762-1AJ00-6AA0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
|
SCALANCE WAM763-1 (6GK5763-1AL00-7DA0)
Siemens / SCALANCE WAM763-1 (6GK5763-1AL00-7DA0)
|
6GK5763-1AL00-7DA0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
|
SCALANCE WAM763-1 (ME) (6GK5763-1AL00-7DC0)
Siemens / SCALANCE WAM763-1 (ME) (6GK5763-1AL00-7DC0)
|
6GK5763-1AL00-7DC0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
|
SCALANCE WAM763-1 (US) (6GK5763-1AL00-7DB0)
Siemens / SCALANCE WAM763-1 (US) (6GK5763-1AL00-7DB0)
|
6GK5763-1AL00-7DB0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
|
SCALANCE WAM766-1 (6GK5766-1GE00-7DA0)
Siemens / SCALANCE WAM766-1 (6GK5766-1GE00-7DA0)
|
6GK5766-1GE00-7DA0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
|
SCALANCE WAM766-1 (ME) (6GK5766-1GE00-7DC0)
Siemens / SCALANCE WAM766-1 (ME) (6GK5766-1GE00-7DC0)
|
6GK5766-1GE00-7DC0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
|
SCALANCE WAM766-1 (US) (6GK5766-1GE00-7DB0)
Siemens / SCALANCE WAM766-1 (US) (6GK5766-1GE00-7DB0)
|
6GK5766-1GE00-7DB0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
|
SCALANCE WAM766-1 EEC (6GK5766-1GE00-7TA0)
Siemens / SCALANCE WAM766-1 EEC (6GK5766-1GE00-7TA0)
|
6GK5766-1GE00-7TA0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
|
SCALANCE WAM766-1 EEC (ME) (6GK5766-1GE00-7TC0)
Siemens / SCALANCE WAM766-1 EEC (ME) (6GK5766-1GE00-7TC0)
|
6GK5766-1GE00-7TC0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
|
SCALANCE WAM766-1 EEC (US) (6GK5766-1GE00-7TB0)
Siemens / SCALANCE WAM766-1 EEC (US) (6GK5766-1GE00-7TB0)
|
6GK5766-1GE00-7TB0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
|
SCALANCE WUB762-1 (6GK5762-1AJ00-1AA0)
Siemens / SCALANCE WUB762-1 (6GK5762-1AJ00-1AA0)
|
6GK5762-1AJ00-1AA0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
|
SCALANCE WUB762-1 iFeatures (6GK5762-1AJ00-2AA0)
Siemens / SCALANCE WUB762-1 iFeatures (6GK5762-1AJ00-2AA0)
|
6GK5762-1AJ00-2AA0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
|
SCALANCE WUM763-1 (6GK5763-1AL00-3AA0)
Siemens / SCALANCE WUM763-1 (6GK5763-1AL00-3AA0)
|
6GK5763-1AL00-3AA0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
|
SCALANCE WUM763-1 (6GK5763-1AL00-3DA0)
Siemens / SCALANCE WUM763-1 (6GK5763-1AL00-3DA0)
|
6GK5763-1AL00-3DA0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
|
SCALANCE WUM763-1 (US) (6GK5763-1AL00-3AB0)
Siemens / SCALANCE WUM763-1 (US) (6GK5763-1AL00-3AB0)
|
6GK5763-1AL00-3AB0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
|
SCALANCE WUM763-1 (US) (6GK5763-1AL00-3DB0)
Siemens / SCALANCE WUM763-1 (US) (6GK5763-1AL00-3DB0)
|
6GK5763-1AL00-3DB0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
|
SCALANCE WUM766-1 (6GK5766-1GE00-3DA0)
Siemens / SCALANCE WUM766-1 (6GK5766-1GE00-3DA0)
|
6GK5766-1GE00-3DA0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
|
SCALANCE WUM766-1 (ME) (6GK5766-1GE00-3DC0)
Siemens / SCALANCE WUM766-1 (ME) (6GK5766-1GE00-3DC0)
|
6GK5766-1GE00-3DC0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
|
SCALANCE WUM766-1 (USA) (6GK5766-1GE00-3DB0)
Siemens / SCALANCE WUM766-1 (USA) (6GK5766-1GE00-3DB0)
|
6GK5766-1GE00-3DB0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
SCALANCE WAB762-1 (6GK5762-1AJ00-6AA0)
Siemens / SCALANCE WAB762-1 (6GK5762-1AJ00-6AA0)
|
6GK5762-1AJ00-6AA0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
|
SCALANCE WAM763-1 (6GK5763-1AL00-7DA0)
Siemens / SCALANCE WAM763-1 (6GK5763-1AL00-7DA0)
|
6GK5763-1AL00-7DA0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
|
SCALANCE WAM763-1 (ME) (6GK5763-1AL00-7DC0)
Siemens / SCALANCE WAM763-1 (ME) (6GK5763-1AL00-7DC0)
|
6GK5763-1AL00-7DC0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
|
SCALANCE WAM763-1 (US) (6GK5763-1AL00-7DB0)
Siemens / SCALANCE WAM763-1 (US) (6GK5763-1AL00-7DB0)
|
6GK5763-1AL00-7DB0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
|
SCALANCE WAM766-1 (6GK5766-1GE00-7DA0)
Siemens / SCALANCE WAM766-1 (6GK5766-1GE00-7DA0)
|
6GK5766-1GE00-7DA0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
|
SCALANCE WAM766-1 (ME) (6GK5766-1GE00-7DC0)
Siemens / SCALANCE WAM766-1 (ME) (6GK5766-1GE00-7DC0)
|
6GK5766-1GE00-7DC0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
|
SCALANCE WAM766-1 (US) (6GK5766-1GE00-7DB0)
Siemens / SCALANCE WAM766-1 (US) (6GK5766-1GE00-7DB0)
|
6GK5766-1GE00-7DB0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
|
SCALANCE WAM766-1 EEC (6GK5766-1GE00-7TA0)
Siemens / SCALANCE WAM766-1 EEC (6GK5766-1GE00-7TA0)
|
6GK5766-1GE00-7TA0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
|
SCALANCE WAM766-1 EEC (ME) (6GK5766-1GE00-7TC0)
Siemens / SCALANCE WAM766-1 EEC (ME) (6GK5766-1GE00-7TC0)
|
6GK5766-1GE00-7TC0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
|
SCALANCE WAM766-1 EEC (US) (6GK5766-1GE00-7TB0)
Siemens / SCALANCE WAM766-1 EEC (US) (6GK5766-1GE00-7TB0)
|
6GK5766-1GE00-7TB0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
|
SCALANCE WUB762-1 (6GK5762-1AJ00-1AA0)
Siemens / SCALANCE WUB762-1 (6GK5762-1AJ00-1AA0)
|
6GK5762-1AJ00-1AA0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
|
SCALANCE WUB762-1 iFeatures (6GK5762-1AJ00-2AA0)
Siemens / SCALANCE WUB762-1 iFeatures (6GK5762-1AJ00-2AA0)
|
6GK5762-1AJ00-2AA0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
|
SCALANCE WUM763-1 (6GK5763-1AL00-3AA0)
Siemens / SCALANCE WUM763-1 (6GK5763-1AL00-3AA0)
|
6GK5763-1AL00-3AA0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
|
SCALANCE WUM763-1 (6GK5763-1AL00-3DA0)
Siemens / SCALANCE WUM763-1 (6GK5763-1AL00-3DA0)
|
6GK5763-1AL00-3DA0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
|
SCALANCE WUM763-1 (US) (6GK5763-1AL00-3AB0)
Siemens / SCALANCE WUM763-1 (US) (6GK5763-1AL00-3AB0)
|
6GK5763-1AL00-3AB0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
|
SCALANCE WUM763-1 (US) (6GK5763-1AL00-3DB0)
Siemens / SCALANCE WUM763-1 (US) (6GK5763-1AL00-3DB0)
|
6GK5763-1AL00-3DB0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
|
SCALANCE WUM766-1 (6GK5766-1GE00-3DA0)
Siemens / SCALANCE WUM766-1 (6GK5766-1GE00-3DA0)
|
6GK5766-1GE00-3DA0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
|
SCALANCE WUM766-1 (ME) (6GK5766-1GE00-3DC0)
Siemens / SCALANCE WUM766-1 (ME) (6GK5766-1GE00-3DC0)
|
6GK5766-1GE00-3DC0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
|
SCALANCE WUM766-1 (USA) (6GK5766-1GE00-3DB0)
Siemens / SCALANCE WUM766-1 (USA) (6GK5766-1GE00-3DB0)
|
6GK5766-1GE00-3DB0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
SCALANCE WAB762-1 (6GK5762-1AJ00-6AA0)
Siemens / SCALANCE WAB762-1 (6GK5762-1AJ00-6AA0)
|
6GK5762-1AJ00-6AA0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
|
SCALANCE WAM763-1 (6GK5763-1AL00-7DA0)
Siemens / SCALANCE WAM763-1 (6GK5763-1AL00-7DA0)
|
6GK5763-1AL00-7DA0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
|
SCALANCE WAM763-1 (ME) (6GK5763-1AL00-7DC0)
Siemens / SCALANCE WAM763-1 (ME) (6GK5763-1AL00-7DC0)
|
6GK5763-1AL00-7DC0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
|
SCALANCE WAM763-1 (US) (6GK5763-1AL00-7DB0)
Siemens / SCALANCE WAM763-1 (US) (6GK5763-1AL00-7DB0)
|
6GK5763-1AL00-7DB0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
|
SCALANCE WAM766-1 (6GK5766-1GE00-7DA0)
Siemens / SCALANCE WAM766-1 (6GK5766-1GE00-7DA0)
|
6GK5766-1GE00-7DA0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
|
SCALANCE WAM766-1 (ME) (6GK5766-1GE00-7DC0)
Siemens / SCALANCE WAM766-1 (ME) (6GK5766-1GE00-7DC0)
|
6GK5766-1GE00-7DC0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
|
SCALANCE WAM766-1 (US) (6GK5766-1GE00-7DB0)
Siemens / SCALANCE WAM766-1 (US) (6GK5766-1GE00-7DB0)
|
6GK5766-1GE00-7DB0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
|
SCALANCE WAM766-1 EEC (6GK5766-1GE00-7TA0)
Siemens / SCALANCE WAM766-1 EEC (6GK5766-1GE00-7TA0)
|
6GK5766-1GE00-7TA0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
|
SCALANCE WAM766-1 EEC (ME) (6GK5766-1GE00-7TC0)
Siemens / SCALANCE WAM766-1 EEC (ME) (6GK5766-1GE00-7TC0)
|
6GK5766-1GE00-7TC0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
|
SCALANCE WAM766-1 EEC (US) (6GK5766-1GE00-7TB0)
Siemens / SCALANCE WAM766-1 EEC (US) (6GK5766-1GE00-7TB0)
|
6GK5766-1GE00-7TB0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
|
SCALANCE WUB762-1 (6GK5762-1AJ00-1AA0)
Siemens / SCALANCE WUB762-1 (6GK5762-1AJ00-1AA0)
|
6GK5762-1AJ00-1AA0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
|
SCALANCE WUB762-1 iFeatures (6GK5762-1AJ00-2AA0)
Siemens / SCALANCE WUB762-1 iFeatures (6GK5762-1AJ00-2AA0)
|
6GK5762-1AJ00-2AA0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
|
SCALANCE WUM763-1 (6GK5763-1AL00-3AA0)
Siemens / SCALANCE WUM763-1 (6GK5763-1AL00-3AA0)
|
6GK5763-1AL00-3AA0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
|
SCALANCE WUM763-1 (6GK5763-1AL00-3DA0)
Siemens / SCALANCE WUM763-1 (6GK5763-1AL00-3DA0)
|
6GK5763-1AL00-3DA0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
|
SCALANCE WUM763-1 (US) (6GK5763-1AL00-3AB0)
Siemens / SCALANCE WUM763-1 (US) (6GK5763-1AL00-3AB0)
|
6GK5763-1AL00-3AB0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
|
SCALANCE WUM763-1 (US) (6GK5763-1AL00-3DB0)
Siemens / SCALANCE WUM763-1 (US) (6GK5763-1AL00-3DB0)
|
6GK5763-1AL00-3DB0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
|
SCALANCE WUM766-1 (6GK5766-1GE00-3DA0)
Siemens / SCALANCE WUM766-1 (6GK5766-1GE00-3DA0)
|
6GK5766-1GE00-3DA0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
|
SCALANCE WUM766-1 (ME) (6GK5766-1GE00-3DC0)
Siemens / SCALANCE WUM766-1 (ME) (6GK5766-1GE00-3DC0)
|
6GK5766-1GE00-3DC0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
|
SCALANCE WUM766-1 (USA) (6GK5766-1GE00-3DB0)
Siemens / SCALANCE WUM766-1 (USA) (6GK5766-1GE00-3DB0)
|
6GK5766-1GE00-3DB0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
SCALANCE WAB762-1 (6GK5762-1AJ00-6AA0)
Siemens / SCALANCE WAB762-1 (6GK5762-1AJ00-6AA0)
|
6GK5762-1AJ00-6AA0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
|
SCALANCE WAM763-1 (6GK5763-1AL00-7DA0)
Siemens / SCALANCE WAM763-1 (6GK5763-1AL00-7DA0)
|
6GK5763-1AL00-7DA0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
|
SCALANCE WAM763-1 (ME) (6GK5763-1AL00-7DC0)
Siemens / SCALANCE WAM763-1 (ME) (6GK5763-1AL00-7DC0)
|
6GK5763-1AL00-7DC0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
|
SCALANCE WAM763-1 (US) (6GK5763-1AL00-7DB0)
Siemens / SCALANCE WAM763-1 (US) (6GK5763-1AL00-7DB0)
|
6GK5763-1AL00-7DB0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
|
SCALANCE WAM766-1 (6GK5766-1GE00-7DA0)
Siemens / SCALANCE WAM766-1 (6GK5766-1GE00-7DA0)
|
6GK5766-1GE00-7DA0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
|
SCALANCE WAM766-1 (ME) (6GK5766-1GE00-7DC0)
Siemens / SCALANCE WAM766-1 (ME) (6GK5766-1GE00-7DC0)
|
6GK5766-1GE00-7DC0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
|
SCALANCE WAM766-1 (US) (6GK5766-1GE00-7DB0)
Siemens / SCALANCE WAM766-1 (US) (6GK5766-1GE00-7DB0)
|
6GK5766-1GE00-7DB0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
|
SCALANCE WAM766-1 EEC (6GK5766-1GE00-7TA0)
Siemens / SCALANCE WAM766-1 EEC (6GK5766-1GE00-7TA0)
|
6GK5766-1GE00-7TA0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
|
SCALANCE WAM766-1 EEC (ME) (6GK5766-1GE00-7TC0)
Siemens / SCALANCE WAM766-1 EEC (ME) (6GK5766-1GE00-7TC0)
|
6GK5766-1GE00-7TC0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
|
SCALANCE WAM766-1 EEC (US) (6GK5766-1GE00-7TB0)
Siemens / SCALANCE WAM766-1 EEC (US) (6GK5766-1GE00-7TB0)
|
6GK5766-1GE00-7TB0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
|
SCALANCE WUB762-1 (6GK5762-1AJ00-1AA0)
Siemens / SCALANCE WUB762-1 (6GK5762-1AJ00-1AA0)
|
6GK5762-1AJ00-1AA0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
|
SCALANCE WUB762-1 iFeatures (6GK5762-1AJ00-2AA0)
Siemens / SCALANCE WUB762-1 iFeatures (6GK5762-1AJ00-2AA0)
|
6GK5762-1AJ00-2AA0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
|
SCALANCE WUM763-1 (6GK5763-1AL00-3AA0)
Siemens / SCALANCE WUM763-1 (6GK5763-1AL00-3AA0)
|
6GK5763-1AL00-3AA0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
|
SCALANCE WUM763-1 (6GK5763-1AL00-3DA0)
Siemens / SCALANCE WUM763-1 (6GK5763-1AL00-3DA0)
|
6GK5763-1AL00-3DA0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
|
SCALANCE WUM763-1 (US) (6GK5763-1AL00-3AB0)
Siemens / SCALANCE WUM763-1 (US) (6GK5763-1AL00-3AB0)
|
6GK5763-1AL00-3AB0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
|
SCALANCE WUM763-1 (US) (6GK5763-1AL00-3DB0)
Siemens / SCALANCE WUM763-1 (US) (6GK5763-1AL00-3DB0)
|
6GK5763-1AL00-3DB0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
|
SCALANCE WUM766-1 (6GK5766-1GE00-3DA0)
Siemens / SCALANCE WUM766-1 (6GK5766-1GE00-3DA0)
|
6GK5766-1GE00-3DA0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
|
SCALANCE WUM766-1 (ME) (6GK5766-1GE00-3DC0)
Siemens / SCALANCE WUM766-1 (ME) (6GK5766-1GE00-3DC0)
|
6GK5766-1GE00-3DC0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
|
SCALANCE WUM766-1 (USA) (6GK5766-1GE00-3DB0)
Siemens / SCALANCE WUM766-1 (USA) (6GK5766-1GE00-3DB0)
|
6GK5766-1GE00-3DB0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
SCALANCE WAB762-1 (6GK5762-1AJ00-6AA0)
Siemens / SCALANCE WAB762-1 (6GK5762-1AJ00-6AA0)
|
6GK5762-1AJ00-6AA0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
|
SCALANCE WAM763-1 (6GK5763-1AL00-7DA0)
Siemens / SCALANCE WAM763-1 (6GK5763-1AL00-7DA0)
|
6GK5763-1AL00-7DA0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
|
SCALANCE WAM763-1 (ME) (6GK5763-1AL00-7DC0)
Siemens / SCALANCE WAM763-1 (ME) (6GK5763-1AL00-7DC0)
|
6GK5763-1AL00-7DC0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
|
SCALANCE WAM763-1 (US) (6GK5763-1AL00-7DB0)
Siemens / SCALANCE WAM763-1 (US) (6GK5763-1AL00-7DB0)
|
6GK5763-1AL00-7DB0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
|
SCALANCE WAM766-1 (6GK5766-1GE00-7DA0)
Siemens / SCALANCE WAM766-1 (6GK5766-1GE00-7DA0)
|
6GK5766-1GE00-7DA0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
|
SCALANCE WAM766-1 (ME) (6GK5766-1GE00-7DC0)
Siemens / SCALANCE WAM766-1 (ME) (6GK5766-1GE00-7DC0)
|
6GK5766-1GE00-7DC0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
|
SCALANCE WAM766-1 (US) (6GK5766-1GE00-7DB0)
Siemens / SCALANCE WAM766-1 (US) (6GK5766-1GE00-7DB0)
|
6GK5766-1GE00-7DB0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
|
SCALANCE WAM766-1 EEC (6GK5766-1GE00-7TA0)
Siemens / SCALANCE WAM766-1 EEC (6GK5766-1GE00-7TA0)
|
6GK5766-1GE00-7TA0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
|
SCALANCE WAM766-1 EEC (ME) (6GK5766-1GE00-7TC0)
Siemens / SCALANCE WAM766-1 EEC (ME) (6GK5766-1GE00-7TC0)
|
6GK5766-1GE00-7TC0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
|
SCALANCE WAM766-1 EEC (US) (6GK5766-1GE00-7TB0)
Siemens / SCALANCE WAM766-1 EEC (US) (6GK5766-1GE00-7TB0)
|
6GK5766-1GE00-7TB0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
|
SCALANCE WUB762-1 (6GK5762-1AJ00-1AA0)
Siemens / SCALANCE WUB762-1 (6GK5762-1AJ00-1AA0)
|
6GK5762-1AJ00-1AA0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
|
SCALANCE WUB762-1 iFeatures (6GK5762-1AJ00-2AA0)
Siemens / SCALANCE WUB762-1 iFeatures (6GK5762-1AJ00-2AA0)
|
6GK5762-1AJ00-2AA0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
|
SCALANCE WUM763-1 (6GK5763-1AL00-3AA0)
Siemens / SCALANCE WUM763-1 (6GK5763-1AL00-3AA0)
|
6GK5763-1AL00-3AA0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
|
SCALANCE WUM763-1 (6GK5763-1AL00-3DA0)
Siemens / SCALANCE WUM763-1 (6GK5763-1AL00-3DA0)
|
6GK5763-1AL00-3DA0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
|
SCALANCE WUM763-1 (US) (6GK5763-1AL00-3AB0)
Siemens / SCALANCE WUM763-1 (US) (6GK5763-1AL00-3AB0)
|
6GK5763-1AL00-3AB0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
|
SCALANCE WUM763-1 (US) (6GK5763-1AL00-3DB0)
Siemens / SCALANCE WUM763-1 (US) (6GK5763-1AL00-3DB0)
|
6GK5763-1AL00-3DB0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
|
SCALANCE WUM766-1 (6GK5766-1GE00-3DA0)
Siemens / SCALANCE WUM766-1 (6GK5766-1GE00-3DA0)
|
6GK5766-1GE00-3DA0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
|
SCALANCE WUM766-1 (ME) (6GK5766-1GE00-3DC0)
Siemens / SCALANCE WUM766-1 (ME) (6GK5766-1GE00-3DC0)
|
6GK5766-1GE00-3DC0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
|
SCALANCE WUM766-1 (USA) (6GK5766-1GE00-3DB0)
Siemens / SCALANCE WUM766-1 (USA) (6GK5766-1GE00-3DB0)
|
6GK5766-1GE00-3DB0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
SCALANCE WAB762-1 (6GK5762-1AJ00-6AA0)
Siemens / SCALANCE WAB762-1 (6GK5762-1AJ00-6AA0)
|
6GK5762-1AJ00-6AA0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
|
SCALANCE WAM763-1 (6GK5763-1AL00-7DA0)
Siemens / SCALANCE WAM763-1 (6GK5763-1AL00-7DA0)
|
6GK5763-1AL00-7DA0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
|
SCALANCE WAM763-1 (ME) (6GK5763-1AL00-7DC0)
Siemens / SCALANCE WAM763-1 (ME) (6GK5763-1AL00-7DC0)
|
6GK5763-1AL00-7DC0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
|
SCALANCE WAM763-1 (US) (6GK5763-1AL00-7DB0)
Siemens / SCALANCE WAM763-1 (US) (6GK5763-1AL00-7DB0)
|
6GK5763-1AL00-7DB0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
|
SCALANCE WAM766-1 (6GK5766-1GE00-7DA0)
Siemens / SCALANCE WAM766-1 (6GK5766-1GE00-7DA0)
|
6GK5766-1GE00-7DA0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
|
SCALANCE WAM766-1 (ME) (6GK5766-1GE00-7DC0)
Siemens / SCALANCE WAM766-1 (ME) (6GK5766-1GE00-7DC0)
|
6GK5766-1GE00-7DC0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
|
SCALANCE WAM766-1 (US) (6GK5766-1GE00-7DB0)
Siemens / SCALANCE WAM766-1 (US) (6GK5766-1GE00-7DB0)
|
6GK5766-1GE00-7DB0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
|
SCALANCE WAM766-1 EEC (6GK5766-1GE00-7TA0)
Siemens / SCALANCE WAM766-1 EEC (6GK5766-1GE00-7TA0)
|
6GK5766-1GE00-7TA0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
|
SCALANCE WAM766-1 EEC (ME) (6GK5766-1GE00-7TC0)
Siemens / SCALANCE WAM766-1 EEC (ME) (6GK5766-1GE00-7TC0)
|
6GK5766-1GE00-7TC0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
|
SCALANCE WAM766-1 EEC (US) (6GK5766-1GE00-7TB0)
Siemens / SCALANCE WAM766-1 EEC (US) (6GK5766-1GE00-7TB0)
|
6GK5766-1GE00-7TB0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
|
SCALANCE WUB762-1 (6GK5762-1AJ00-1AA0)
Siemens / SCALANCE WUB762-1 (6GK5762-1AJ00-1AA0)
|
6GK5762-1AJ00-1AA0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
|
SCALANCE WUB762-1 iFeatures (6GK5762-1AJ00-2AA0)
Siemens / SCALANCE WUB762-1 iFeatures (6GK5762-1AJ00-2AA0)
|
6GK5762-1AJ00-2AA0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
|
SCALANCE WUM763-1 (6GK5763-1AL00-3AA0)
Siemens / SCALANCE WUM763-1 (6GK5763-1AL00-3AA0)
|
6GK5763-1AL00-3AA0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
|
SCALANCE WUM763-1 (6GK5763-1AL00-3DA0)
Siemens / SCALANCE WUM763-1 (6GK5763-1AL00-3DA0)
|
6GK5763-1AL00-3DA0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
|
SCALANCE WUM763-1 (US) (6GK5763-1AL00-3AB0)
Siemens / SCALANCE WUM763-1 (US) (6GK5763-1AL00-3AB0)
|
6GK5763-1AL00-3AB0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
|
SCALANCE WUM763-1 (US) (6GK5763-1AL00-3DB0)
Siemens / SCALANCE WUM763-1 (US) (6GK5763-1AL00-3DB0)
|
6GK5763-1AL00-3DB0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
|
SCALANCE WUM766-1 (6GK5766-1GE00-3DA0)
Siemens / SCALANCE WUM766-1 (6GK5766-1GE00-3DA0)
|
6GK5766-1GE00-3DA0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
|
SCALANCE WUM766-1 (ME) (6GK5766-1GE00-3DC0)
Siemens / SCALANCE WUM766-1 (ME) (6GK5766-1GE00-3DC0)
|
6GK5766-1GE00-3DC0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
|
SCALANCE WUM766-1 (USA) (6GK5766-1GE00-3DB0)
Siemens / SCALANCE WUM766-1 (USA) (6GK5766-1GE00-3DB0)
|
6GK5766-1GE00-3DB0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
SCALANCE WAB762-1 (6GK5762-1AJ00-6AA0)
Siemens / SCALANCE WAB762-1 (6GK5762-1AJ00-6AA0)
|
6GK5762-1AJ00-6AA0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
|
SCALANCE WAM763-1 (6GK5763-1AL00-7DA0)
Siemens / SCALANCE WAM763-1 (6GK5763-1AL00-7DA0)
|
6GK5763-1AL00-7DA0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
|
SCALANCE WAM763-1 (ME) (6GK5763-1AL00-7DC0)
Siemens / SCALANCE WAM763-1 (ME) (6GK5763-1AL00-7DC0)
|
6GK5763-1AL00-7DC0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
|
SCALANCE WAM763-1 (US) (6GK5763-1AL00-7DB0)
Siemens / SCALANCE WAM763-1 (US) (6GK5763-1AL00-7DB0)
|
6GK5763-1AL00-7DB0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
|
SCALANCE WAM766-1 (6GK5766-1GE00-7DA0)
Siemens / SCALANCE WAM766-1 (6GK5766-1GE00-7DA0)
|
6GK5766-1GE00-7DA0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
|
SCALANCE WAM766-1 (ME) (6GK5766-1GE00-7DC0)
Siemens / SCALANCE WAM766-1 (ME) (6GK5766-1GE00-7DC0)
|
6GK5766-1GE00-7DC0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
|
SCALANCE WAM766-1 (US) (6GK5766-1GE00-7DB0)
Siemens / SCALANCE WAM766-1 (US) (6GK5766-1GE00-7DB0)
|
6GK5766-1GE00-7DB0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
|
SCALANCE WAM766-1 EEC (6GK5766-1GE00-7TA0)
Siemens / SCALANCE WAM766-1 EEC (6GK5766-1GE00-7TA0)
|
6GK5766-1GE00-7TA0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
|
SCALANCE WAM766-1 EEC (ME) (6GK5766-1GE00-7TC0)
Siemens / SCALANCE WAM766-1 EEC (ME) (6GK5766-1GE00-7TC0)
|
6GK5766-1GE00-7TC0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
|
SCALANCE WAM766-1 EEC (US) (6GK5766-1GE00-7TB0)
Siemens / SCALANCE WAM766-1 EEC (US) (6GK5766-1GE00-7TB0)
|
6GK5766-1GE00-7TB0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
|
SCALANCE WUB762-1 (6GK5762-1AJ00-1AA0)
Siemens / SCALANCE WUB762-1 (6GK5762-1AJ00-1AA0)
|
6GK5762-1AJ00-1AA0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
|
SCALANCE WUB762-1 iFeatures (6GK5762-1AJ00-2AA0)
Siemens / SCALANCE WUB762-1 iFeatures (6GK5762-1AJ00-2AA0)
|
6GK5762-1AJ00-2AA0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
|
SCALANCE WUM763-1 (6GK5763-1AL00-3AA0)
Siemens / SCALANCE WUM763-1 (6GK5763-1AL00-3AA0)
|
6GK5763-1AL00-3AA0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
|
SCALANCE WUM763-1 (6GK5763-1AL00-3DA0)
Siemens / SCALANCE WUM763-1 (6GK5763-1AL00-3DA0)
|
6GK5763-1AL00-3DA0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
|
SCALANCE WUM763-1 (US) (6GK5763-1AL00-3AB0)
Siemens / SCALANCE WUM763-1 (US) (6GK5763-1AL00-3AB0)
|
6GK5763-1AL00-3AB0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
|
SCALANCE WUM763-1 (US) (6GK5763-1AL00-3DB0)
Siemens / SCALANCE WUM763-1 (US) (6GK5763-1AL00-3DB0)
|
6GK5763-1AL00-3DB0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
|
SCALANCE WUM766-1 (6GK5766-1GE00-3DA0)
Siemens / SCALANCE WUM766-1 (6GK5766-1GE00-3DA0)
|
6GK5766-1GE00-3DA0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
|
SCALANCE WUM766-1 (ME) (6GK5766-1GE00-3DC0)
Siemens / SCALANCE WUM766-1 (ME) (6GK5766-1GE00-3DC0)
|
6GK5766-1GE00-3DC0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
|
SCALANCE WUM766-1 (USA) (6GK5766-1GE00-3DB0)
Siemens / SCALANCE WUM766-1 (USA) (6GK5766-1GE00-3DB0)
|
6GK5766-1GE00-3DB0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
SCALANCE WAB762-1 (6GK5762-1AJ00-6AA0)
Siemens / SCALANCE WAB762-1 (6GK5762-1AJ00-6AA0)
|
6GK5762-1AJ00-6AA0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
|
SCALANCE WAM763-1 (6GK5763-1AL00-7DA0)
Siemens / SCALANCE WAM763-1 (6GK5763-1AL00-7DA0)
|
6GK5763-1AL00-7DA0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
|
SCALANCE WAM763-1 (ME) (6GK5763-1AL00-7DC0)
Siemens / SCALANCE WAM763-1 (ME) (6GK5763-1AL00-7DC0)
|
6GK5763-1AL00-7DC0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
|
SCALANCE WAM763-1 (US) (6GK5763-1AL00-7DB0)
Siemens / SCALANCE WAM763-1 (US) (6GK5763-1AL00-7DB0)
|
6GK5763-1AL00-7DB0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
|
SCALANCE WAM766-1 (6GK5766-1GE00-7DA0)
Siemens / SCALANCE WAM766-1 (6GK5766-1GE00-7DA0)
|
6GK5766-1GE00-7DA0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
|
SCALANCE WAM766-1 (ME) (6GK5766-1GE00-7DC0)
Siemens / SCALANCE WAM766-1 (ME) (6GK5766-1GE00-7DC0)
|
6GK5766-1GE00-7DC0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
|
SCALANCE WAM766-1 (US) (6GK5766-1GE00-7DB0)
Siemens / SCALANCE WAM766-1 (US) (6GK5766-1GE00-7DB0)
|
6GK5766-1GE00-7DB0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
|
SCALANCE WAM766-1 EEC (6GK5766-1GE00-7TA0)
Siemens / SCALANCE WAM766-1 EEC (6GK5766-1GE00-7TA0)
|
6GK5766-1GE00-7TA0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
|
SCALANCE WAM766-1 EEC (ME) (6GK5766-1GE00-7TC0)
Siemens / SCALANCE WAM766-1 EEC (ME) (6GK5766-1GE00-7TC0)
|
6GK5766-1GE00-7TC0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
|
SCALANCE WAM766-1 EEC (US) (6GK5766-1GE00-7TB0)
Siemens / SCALANCE WAM766-1 EEC (US) (6GK5766-1GE00-7TB0)
|
6GK5766-1GE00-7TB0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
|
SCALANCE WUB762-1 (6GK5762-1AJ00-1AA0)
Siemens / SCALANCE WUB762-1 (6GK5762-1AJ00-1AA0)
|
6GK5762-1AJ00-1AA0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
|
SCALANCE WUB762-1 iFeatures (6GK5762-1AJ00-2AA0)
Siemens / SCALANCE WUB762-1 iFeatures (6GK5762-1AJ00-2AA0)
|
6GK5762-1AJ00-2AA0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
|
SCALANCE WUM763-1 (6GK5763-1AL00-3AA0)
Siemens / SCALANCE WUM763-1 (6GK5763-1AL00-3AA0)
|
6GK5763-1AL00-3AA0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
|
SCALANCE WUM763-1 (6GK5763-1AL00-3DA0)
Siemens / SCALANCE WUM763-1 (6GK5763-1AL00-3DA0)
|
6GK5763-1AL00-3DA0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
|
SCALANCE WUM763-1 (US) (6GK5763-1AL00-3AB0)
Siemens / SCALANCE WUM763-1 (US) (6GK5763-1AL00-3AB0)
|
6GK5763-1AL00-3AB0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
|
SCALANCE WUM763-1 (US) (6GK5763-1AL00-3DB0)
Siemens / SCALANCE WUM763-1 (US) (6GK5763-1AL00-3DB0)
|
6GK5763-1AL00-3DB0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
|
SCALANCE WUM766-1 (6GK5766-1GE00-3DA0)
Siemens / SCALANCE WUM766-1 (6GK5766-1GE00-3DA0)
|
6GK5766-1GE00-3DA0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
|
SCALANCE WUM766-1 (ME) (6GK5766-1GE00-3DC0)
Siemens / SCALANCE WUM766-1 (ME) (6GK5766-1GE00-3DC0)
|
6GK5766-1GE00-3DC0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
|
SCALANCE WUM766-1 (USA) (6GK5766-1GE00-3DB0)
Siemens / SCALANCE WUM766-1 (USA) (6GK5766-1GE00-3DB0)
|
6GK5766-1GE00-3DB0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
SCALANCE WAB762-1 (6GK5762-1AJ00-6AA0)
Siemens / SCALANCE WAB762-1 (6GK5762-1AJ00-6AA0)
|
6GK5762-1AJ00-6AA0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
|
SCALANCE WAM763-1 (6GK5763-1AL00-7DA0)
Siemens / SCALANCE WAM763-1 (6GK5763-1AL00-7DA0)
|
6GK5763-1AL00-7DA0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
|
SCALANCE WAM763-1 (ME) (6GK5763-1AL00-7DC0)
Siemens / SCALANCE WAM763-1 (ME) (6GK5763-1AL00-7DC0)
|
6GK5763-1AL00-7DC0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
|
SCALANCE WAM763-1 (US) (6GK5763-1AL00-7DB0)
Siemens / SCALANCE WAM763-1 (US) (6GK5763-1AL00-7DB0)
|
6GK5763-1AL00-7DB0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
|
SCALANCE WAM766-1 (6GK5766-1GE00-7DA0)
Siemens / SCALANCE WAM766-1 (6GK5766-1GE00-7DA0)
|
6GK5766-1GE00-7DA0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
|
SCALANCE WAM766-1 (ME) (6GK5766-1GE00-7DC0)
Siemens / SCALANCE WAM766-1 (ME) (6GK5766-1GE00-7DC0)
|
6GK5766-1GE00-7DC0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
|
SCALANCE WAM766-1 (US) (6GK5766-1GE00-7DB0)
Siemens / SCALANCE WAM766-1 (US) (6GK5766-1GE00-7DB0)
|
6GK5766-1GE00-7DB0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
|
SCALANCE WAM766-1 EEC (6GK5766-1GE00-7TA0)
Siemens / SCALANCE WAM766-1 EEC (6GK5766-1GE00-7TA0)
|
6GK5766-1GE00-7TA0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
|
SCALANCE WAM766-1 EEC (ME) (6GK5766-1GE00-7TC0)
Siemens / SCALANCE WAM766-1 EEC (ME) (6GK5766-1GE00-7TC0)
|
6GK5766-1GE00-7TC0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
|
SCALANCE WAM766-1 EEC (US) (6GK5766-1GE00-7TB0)
Siemens / SCALANCE WAM766-1 EEC (US) (6GK5766-1GE00-7TB0)
|
6GK5766-1GE00-7TB0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
|
SCALANCE WUB762-1 (6GK5762-1AJ00-1AA0)
Siemens / SCALANCE WUB762-1 (6GK5762-1AJ00-1AA0)
|
6GK5762-1AJ00-1AA0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
|
SCALANCE WUB762-1 iFeatures (6GK5762-1AJ00-2AA0)
Siemens / SCALANCE WUB762-1 iFeatures (6GK5762-1AJ00-2AA0)
|
6GK5762-1AJ00-2AA0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
|
SCALANCE WUM763-1 (6GK5763-1AL00-3AA0)
Siemens / SCALANCE WUM763-1 (6GK5763-1AL00-3AA0)
|
6GK5763-1AL00-3AA0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
|
SCALANCE WUM763-1 (6GK5763-1AL00-3DA0)
Siemens / SCALANCE WUM763-1 (6GK5763-1AL00-3DA0)
|
6GK5763-1AL00-3DA0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
|
SCALANCE WUM763-1 (US) (6GK5763-1AL00-3AB0)
Siemens / SCALANCE WUM763-1 (US) (6GK5763-1AL00-3AB0)
|
6GK5763-1AL00-3AB0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
|
SCALANCE WUM763-1 (US) (6GK5763-1AL00-3DB0)
Siemens / SCALANCE WUM763-1 (US) (6GK5763-1AL00-3DB0)
|
6GK5763-1AL00-3DB0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
|
SCALANCE WUM766-1 (6GK5766-1GE00-3DA0)
Siemens / SCALANCE WUM766-1 (6GK5766-1GE00-3DA0)
|
6GK5766-1GE00-3DA0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
|
SCALANCE WUM766-1 (ME) (6GK5766-1GE00-3DC0)
Siemens / SCALANCE WUM766-1 (ME) (6GK5766-1GE00-3DC0)
|
6GK5766-1GE00-3DC0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
|
SCALANCE WUM766-1 (USA) (6GK5766-1GE00-3DB0)
Siemens / SCALANCE WUM766-1 (USA) (6GK5766-1GE00-3DB0)
|
6GK5766-1GE00-3DB0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
SCALANCE WAB762-1 (6GK5762-1AJ00-6AA0)
Siemens / SCALANCE WAB762-1 (6GK5762-1AJ00-6AA0)
|
6GK5762-1AJ00-6AA0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
|
SCALANCE WAM763-1 (6GK5763-1AL00-7DA0)
Siemens / SCALANCE WAM763-1 (6GK5763-1AL00-7DA0)
|
6GK5763-1AL00-7DA0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
|
SCALANCE WAM763-1 (ME) (6GK5763-1AL00-7DC0)
Siemens / SCALANCE WAM763-1 (ME) (6GK5763-1AL00-7DC0)
|
6GK5763-1AL00-7DC0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
|
SCALANCE WAM763-1 (US) (6GK5763-1AL00-7DB0)
Siemens / SCALANCE WAM763-1 (US) (6GK5763-1AL00-7DB0)
|
6GK5763-1AL00-7DB0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
|
SCALANCE WAM766-1 (6GK5766-1GE00-7DA0)
Siemens / SCALANCE WAM766-1 (6GK5766-1GE00-7DA0)
|
6GK5766-1GE00-7DA0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
|
SCALANCE WAM766-1 (ME) (6GK5766-1GE00-7DC0)
Siemens / SCALANCE WAM766-1 (ME) (6GK5766-1GE00-7DC0)
|
6GK5766-1GE00-7DC0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
|
SCALANCE WAM766-1 (US) (6GK5766-1GE00-7DB0)
Siemens / SCALANCE WAM766-1 (US) (6GK5766-1GE00-7DB0)
|
6GK5766-1GE00-7DB0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
|
SCALANCE WAM766-1 EEC (6GK5766-1GE00-7TA0)
Siemens / SCALANCE WAM766-1 EEC (6GK5766-1GE00-7TA0)
|
6GK5766-1GE00-7TA0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
|
SCALANCE WAM766-1 EEC (ME) (6GK5766-1GE00-7TC0)
Siemens / SCALANCE WAM766-1 EEC (ME) (6GK5766-1GE00-7TC0)
|
6GK5766-1GE00-7TC0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
|
SCALANCE WAM766-1 EEC (US) (6GK5766-1GE00-7TB0)
Siemens / SCALANCE WAM766-1 EEC (US) (6GK5766-1GE00-7TB0)
|
6GK5766-1GE00-7TB0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
|
SCALANCE WUB762-1 (6GK5762-1AJ00-1AA0)
Siemens / SCALANCE WUB762-1 (6GK5762-1AJ00-1AA0)
|
6GK5762-1AJ00-1AA0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
|
SCALANCE WUB762-1 iFeatures (6GK5762-1AJ00-2AA0)
Siemens / SCALANCE WUB762-1 iFeatures (6GK5762-1AJ00-2AA0)
|
6GK5762-1AJ00-2AA0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
|
SCALANCE WUM763-1 (6GK5763-1AL00-3AA0)
Siemens / SCALANCE WUM763-1 (6GK5763-1AL00-3AA0)
|
6GK5763-1AL00-3AA0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
|
SCALANCE WUM763-1 (6GK5763-1AL00-3DA0)
Siemens / SCALANCE WUM763-1 (6GK5763-1AL00-3DA0)
|
6GK5763-1AL00-3DA0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
|
SCALANCE WUM763-1 (US) (6GK5763-1AL00-3AB0)
Siemens / SCALANCE WUM763-1 (US) (6GK5763-1AL00-3AB0)
|
6GK5763-1AL00-3AB0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
|
SCALANCE WUM763-1 (US) (6GK5763-1AL00-3DB0)
Siemens / SCALANCE WUM763-1 (US) (6GK5763-1AL00-3DB0)
|
6GK5763-1AL00-3DB0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
|
SCALANCE WUM766-1 (6GK5766-1GE00-3DA0)
Siemens / SCALANCE WUM766-1 (6GK5766-1GE00-3DA0)
|
6GK5766-1GE00-3DA0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
|
SCALANCE WUM766-1 (ME) (6GK5766-1GE00-3DC0)
Siemens / SCALANCE WUM766-1 (ME) (6GK5766-1GE00-3DC0)
|
6GK5766-1GE00-3DC0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
|
SCALANCE WUM766-1 (USA) (6GK5766-1GE00-3DB0)
Siemens / SCALANCE WUM766-1 (USA) (6GK5766-1GE00-3DB0)
|
6GK5766-1GE00-3DB0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
SCALANCE WAB762-1 (6GK5762-1AJ00-6AA0)
Siemens / SCALANCE WAB762-1 (6GK5762-1AJ00-6AA0)
|
6GK5762-1AJ00-6AA0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
|
SCALANCE WAM763-1 (6GK5763-1AL00-7DA0)
Siemens / SCALANCE WAM763-1 (6GK5763-1AL00-7DA0)
|
6GK5763-1AL00-7DA0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
|
SCALANCE WAM763-1 (ME) (6GK5763-1AL00-7DC0)
Siemens / SCALANCE WAM763-1 (ME) (6GK5763-1AL00-7DC0)
|
6GK5763-1AL00-7DC0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
|
SCALANCE WAM763-1 (US) (6GK5763-1AL00-7DB0)
Siemens / SCALANCE WAM763-1 (US) (6GK5763-1AL00-7DB0)
|
6GK5763-1AL00-7DB0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
|
SCALANCE WAM766-1 (6GK5766-1GE00-7DA0)
Siemens / SCALANCE WAM766-1 (6GK5766-1GE00-7DA0)
|
6GK5766-1GE00-7DA0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
|
SCALANCE WAM766-1 (ME) (6GK5766-1GE00-7DC0)
Siemens / SCALANCE WAM766-1 (ME) (6GK5766-1GE00-7DC0)
|
6GK5766-1GE00-7DC0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
|
SCALANCE WAM766-1 (US) (6GK5766-1GE00-7DB0)
Siemens / SCALANCE WAM766-1 (US) (6GK5766-1GE00-7DB0)
|
6GK5766-1GE00-7DB0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
|
SCALANCE WAM766-1 EEC (6GK5766-1GE00-7TA0)
Siemens / SCALANCE WAM766-1 EEC (6GK5766-1GE00-7TA0)
|
6GK5766-1GE00-7TA0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
|
SCALANCE WAM766-1 EEC (ME) (6GK5766-1GE00-7TC0)
Siemens / SCALANCE WAM766-1 EEC (ME) (6GK5766-1GE00-7TC0)
|
6GK5766-1GE00-7TC0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
|
SCALANCE WAM766-1 EEC (US) (6GK5766-1GE00-7TB0)
Siemens / SCALANCE WAM766-1 EEC (US) (6GK5766-1GE00-7TB0)
|
6GK5766-1GE00-7TB0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
|
SCALANCE WUB762-1 (6GK5762-1AJ00-1AA0)
Siemens / SCALANCE WUB762-1 (6GK5762-1AJ00-1AA0)
|
6GK5762-1AJ00-1AA0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
|
SCALANCE WUB762-1 iFeatures (6GK5762-1AJ00-2AA0)
Siemens / SCALANCE WUB762-1 iFeatures (6GK5762-1AJ00-2AA0)
|
6GK5762-1AJ00-2AA0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
|
SCALANCE WUM763-1 (6GK5763-1AL00-3AA0)
Siemens / SCALANCE WUM763-1 (6GK5763-1AL00-3AA0)
|
6GK5763-1AL00-3AA0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
|
SCALANCE WUM763-1 (6GK5763-1AL00-3DA0)
Siemens / SCALANCE WUM763-1 (6GK5763-1AL00-3DA0)
|
6GK5763-1AL00-3DA0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
|
SCALANCE WUM763-1 (US) (6GK5763-1AL00-3AB0)
Siemens / SCALANCE WUM763-1 (US) (6GK5763-1AL00-3AB0)
|
6GK5763-1AL00-3AB0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
|
SCALANCE WUM763-1 (US) (6GK5763-1AL00-3DB0)
Siemens / SCALANCE WUM763-1 (US) (6GK5763-1AL00-3DB0)
|
6GK5763-1AL00-3DB0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
|
SCALANCE WUM766-1 (6GK5766-1GE00-3DA0)
Siemens / SCALANCE WUM766-1 (6GK5766-1GE00-3DA0)
|
6GK5766-1GE00-3DA0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
|
SCALANCE WUM766-1 (ME) (6GK5766-1GE00-3DC0)
Siemens / SCALANCE WUM766-1 (ME) (6GK5766-1GE00-3DC0)
|
6GK5766-1GE00-3DC0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
|
SCALANCE WUM766-1 (USA) (6GK5766-1GE00-3DB0)
Siemens / SCALANCE WUM766-1 (USA) (6GK5766-1GE00-3DB0)
|
6GK5766-1GE00-3DB0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
SCALANCE WAB762-1 (6GK5762-1AJ00-6AA0)
Siemens / SCALANCE WAB762-1 (6GK5762-1AJ00-6AA0)
|
6GK5762-1AJ00-6AA0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
|
SCALANCE WAM763-1 (6GK5763-1AL00-7DA0)
Siemens / SCALANCE WAM763-1 (6GK5763-1AL00-7DA0)
|
6GK5763-1AL00-7DA0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
|
SCALANCE WAM763-1 (ME) (6GK5763-1AL00-7DC0)
Siemens / SCALANCE WAM763-1 (ME) (6GK5763-1AL00-7DC0)
|
6GK5763-1AL00-7DC0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
|
SCALANCE WAM763-1 (US) (6GK5763-1AL00-7DB0)
Siemens / SCALANCE WAM763-1 (US) (6GK5763-1AL00-7DB0)
|
6GK5763-1AL00-7DB0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
|
SCALANCE WAM766-1 (6GK5766-1GE00-7DA0)
Siemens / SCALANCE WAM766-1 (6GK5766-1GE00-7DA0)
|
6GK5766-1GE00-7DA0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
|
SCALANCE WAM766-1 (ME) (6GK5766-1GE00-7DC0)
Siemens / SCALANCE WAM766-1 (ME) (6GK5766-1GE00-7DC0)
|
6GK5766-1GE00-7DC0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
|
SCALANCE WAM766-1 (US) (6GK5766-1GE00-7DB0)
Siemens / SCALANCE WAM766-1 (US) (6GK5766-1GE00-7DB0)
|
6GK5766-1GE00-7DB0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
|
SCALANCE WAM766-1 EEC (6GK5766-1GE00-7TA0)
Siemens / SCALANCE WAM766-1 EEC (6GK5766-1GE00-7TA0)
|
6GK5766-1GE00-7TA0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
|
SCALANCE WAM766-1 EEC (ME) (6GK5766-1GE00-7TC0)
Siemens / SCALANCE WAM766-1 EEC (ME) (6GK5766-1GE00-7TC0)
|
6GK5766-1GE00-7TC0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
|
SCALANCE WAM766-1 EEC (US) (6GK5766-1GE00-7TB0)
Siemens / SCALANCE WAM766-1 EEC (US) (6GK5766-1GE00-7TB0)
|
6GK5766-1GE00-7TB0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
|
SCALANCE WUB762-1 (6GK5762-1AJ00-1AA0)
Siemens / SCALANCE WUB762-1 (6GK5762-1AJ00-1AA0)
|
6GK5762-1AJ00-1AA0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
|
SCALANCE WUB762-1 iFeatures (6GK5762-1AJ00-2AA0)
Siemens / SCALANCE WUB762-1 iFeatures (6GK5762-1AJ00-2AA0)
|
6GK5762-1AJ00-2AA0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
|
SCALANCE WUM763-1 (6GK5763-1AL00-3AA0)
Siemens / SCALANCE WUM763-1 (6GK5763-1AL00-3AA0)
|
6GK5763-1AL00-3AA0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
|
SCALANCE WUM763-1 (6GK5763-1AL00-3DA0)
Siemens / SCALANCE WUM763-1 (6GK5763-1AL00-3DA0)
|
6GK5763-1AL00-3DA0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
|
SCALANCE WUM763-1 (US) (6GK5763-1AL00-3AB0)
Siemens / SCALANCE WUM763-1 (US) (6GK5763-1AL00-3AB0)
|
6GK5763-1AL00-3AB0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
|
SCALANCE WUM763-1 (US) (6GK5763-1AL00-3DB0)
Siemens / SCALANCE WUM763-1 (US) (6GK5763-1AL00-3DB0)
|
6GK5763-1AL00-3DB0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
|
SCALANCE WUM766-1 (6GK5766-1GE00-3DA0)
Siemens / SCALANCE WUM766-1 (6GK5766-1GE00-3DA0)
|
6GK5766-1GE00-3DA0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
|
SCALANCE WUM766-1 (ME) (6GK5766-1GE00-3DC0)
Siemens / SCALANCE WUM766-1 (ME) (6GK5766-1GE00-3DC0)
|
6GK5766-1GE00-3DC0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
|
SCALANCE WUM766-1 (USA) (6GK5766-1GE00-3DB0)
Siemens / SCALANCE WUM766-1 (USA) (6GK5766-1GE00-3DB0)
|
6GK5766-1GE00-3DB0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
SCALANCE WAB762-1 (6GK5762-1AJ00-6AA0)
Siemens / SCALANCE WAB762-1 (6GK5762-1AJ00-6AA0)
|
6GK5762-1AJ00-6AA0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
|
SCALANCE WAM763-1 (6GK5763-1AL00-7DA0)
Siemens / SCALANCE WAM763-1 (6GK5763-1AL00-7DA0)
|
6GK5763-1AL00-7DA0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
|
SCALANCE WAM763-1 (ME) (6GK5763-1AL00-7DC0)
Siemens / SCALANCE WAM763-1 (ME) (6GK5763-1AL00-7DC0)
|
6GK5763-1AL00-7DC0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
|
SCALANCE WAM763-1 (US) (6GK5763-1AL00-7DB0)
Siemens / SCALANCE WAM763-1 (US) (6GK5763-1AL00-7DB0)
|
6GK5763-1AL00-7DB0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
|
SCALANCE WAM766-1 (6GK5766-1GE00-7DA0)
Siemens / SCALANCE WAM766-1 (6GK5766-1GE00-7DA0)
|
6GK5766-1GE00-7DA0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
|
SCALANCE WAM766-1 (ME) (6GK5766-1GE00-7DC0)
Siemens / SCALANCE WAM766-1 (ME) (6GK5766-1GE00-7DC0)
|
6GK5766-1GE00-7DC0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
|
SCALANCE WAM766-1 (US) (6GK5766-1GE00-7DB0)
Siemens / SCALANCE WAM766-1 (US) (6GK5766-1GE00-7DB0)
|
6GK5766-1GE00-7DB0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
|
SCALANCE WAM766-1 EEC (6GK5766-1GE00-7TA0)
Siemens / SCALANCE WAM766-1 EEC (6GK5766-1GE00-7TA0)
|
6GK5766-1GE00-7TA0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
|
SCALANCE WAM766-1 EEC (ME) (6GK5766-1GE00-7TC0)
Siemens / SCALANCE WAM766-1 EEC (ME) (6GK5766-1GE00-7TC0)
|
6GK5766-1GE00-7TC0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
|
SCALANCE WAM766-1 EEC (US) (6GK5766-1GE00-7TB0)
Siemens / SCALANCE WAM766-1 EEC (US) (6GK5766-1GE00-7TB0)
|
6GK5766-1GE00-7TB0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
|
SCALANCE WUB762-1 (6GK5762-1AJ00-1AA0)
Siemens / SCALANCE WUB762-1 (6GK5762-1AJ00-1AA0)
|
6GK5762-1AJ00-1AA0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
|
SCALANCE WUB762-1 iFeatures (6GK5762-1AJ00-2AA0)
Siemens / SCALANCE WUB762-1 iFeatures (6GK5762-1AJ00-2AA0)
|
6GK5762-1AJ00-2AA0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
|
SCALANCE WUM763-1 (6GK5763-1AL00-3AA0)
Siemens / SCALANCE WUM763-1 (6GK5763-1AL00-3AA0)
|
6GK5763-1AL00-3AA0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
|
SCALANCE WUM763-1 (6GK5763-1AL00-3DA0)
Siemens / SCALANCE WUM763-1 (6GK5763-1AL00-3DA0)
|
6GK5763-1AL00-3DA0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
|
SCALANCE WUM763-1 (US) (6GK5763-1AL00-3AB0)
Siemens / SCALANCE WUM763-1 (US) (6GK5763-1AL00-3AB0)
|
6GK5763-1AL00-3AB0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
|
SCALANCE WUM763-1 (US) (6GK5763-1AL00-3DB0)
Siemens / SCALANCE WUM763-1 (US) (6GK5763-1AL00-3DB0)
|
6GK5763-1AL00-3DB0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
|
SCALANCE WUM766-1 (6GK5766-1GE00-3DA0)
Siemens / SCALANCE WUM766-1 (6GK5766-1GE00-3DA0)
|
6GK5766-1GE00-3DA0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
|
SCALANCE WUM766-1 (ME) (6GK5766-1GE00-3DC0)
Siemens / SCALANCE WUM766-1 (ME) (6GK5766-1GE00-3DC0)
|
6GK5766-1GE00-3DC0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
|
SCALANCE WUM766-1 (USA) (6GK5766-1GE00-3DB0)
Siemens / SCALANCE WUM766-1 (USA) (6GK5766-1GE00-3DB0)
|
6GK5766-1GE00-3DB0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
SCALANCE WAB762-1 (6GK5762-1AJ00-6AA0)
Siemens / SCALANCE WAB762-1 (6GK5762-1AJ00-6AA0)
|
6GK5762-1AJ00-6AA0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
|
SCALANCE WAM763-1 (6GK5763-1AL00-7DA0)
Siemens / SCALANCE WAM763-1 (6GK5763-1AL00-7DA0)
|
6GK5763-1AL00-7DA0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
|
SCALANCE WAM763-1 (ME) (6GK5763-1AL00-7DC0)
Siemens / SCALANCE WAM763-1 (ME) (6GK5763-1AL00-7DC0)
|
6GK5763-1AL00-7DC0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
|
SCALANCE WAM763-1 (US) (6GK5763-1AL00-7DB0)
Siemens / SCALANCE WAM763-1 (US) (6GK5763-1AL00-7DB0)
|
6GK5763-1AL00-7DB0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
|
SCALANCE WAM766-1 (6GK5766-1GE00-7DA0)
Siemens / SCALANCE WAM766-1 (6GK5766-1GE00-7DA0)
|
6GK5766-1GE00-7DA0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
|
SCALANCE WAM766-1 (ME) (6GK5766-1GE00-7DC0)
Siemens / SCALANCE WAM766-1 (ME) (6GK5766-1GE00-7DC0)
|
6GK5766-1GE00-7DC0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
|
SCALANCE WAM766-1 (US) (6GK5766-1GE00-7DB0)
Siemens / SCALANCE WAM766-1 (US) (6GK5766-1GE00-7DB0)
|
6GK5766-1GE00-7DB0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
|
SCALANCE WAM766-1 EEC (6GK5766-1GE00-7TA0)
Siemens / SCALANCE WAM766-1 EEC (6GK5766-1GE00-7TA0)
|
6GK5766-1GE00-7TA0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
|
SCALANCE WAM766-1 EEC (ME) (6GK5766-1GE00-7TC0)
Siemens / SCALANCE WAM766-1 EEC (ME) (6GK5766-1GE00-7TC0)
|
6GK5766-1GE00-7TC0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
|
SCALANCE WAM766-1 EEC (US) (6GK5766-1GE00-7TB0)
Siemens / SCALANCE WAM766-1 EEC (US) (6GK5766-1GE00-7TB0)
|
6GK5766-1GE00-7TB0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
|
SCALANCE WUB762-1 (6GK5762-1AJ00-1AA0)
Siemens / SCALANCE WUB762-1 (6GK5762-1AJ00-1AA0)
|
6GK5762-1AJ00-1AA0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
|
SCALANCE WUB762-1 iFeatures (6GK5762-1AJ00-2AA0)
Siemens / SCALANCE WUB762-1 iFeatures (6GK5762-1AJ00-2AA0)
|
6GK5762-1AJ00-2AA0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
|
SCALANCE WUM763-1 (6GK5763-1AL00-3AA0)
Siemens / SCALANCE WUM763-1 (6GK5763-1AL00-3AA0)
|
6GK5763-1AL00-3AA0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
|
SCALANCE WUM763-1 (6GK5763-1AL00-3DA0)
Siemens / SCALANCE WUM763-1 (6GK5763-1AL00-3DA0)
|
6GK5763-1AL00-3DA0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
|
SCALANCE WUM763-1 (US) (6GK5763-1AL00-3AB0)
Siemens / SCALANCE WUM763-1 (US) (6GK5763-1AL00-3AB0)
|
6GK5763-1AL00-3AB0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
|
SCALANCE WUM763-1 (US) (6GK5763-1AL00-3DB0)
Siemens / SCALANCE WUM763-1 (US) (6GK5763-1AL00-3DB0)
|
6GK5763-1AL00-3DB0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
|
SCALANCE WUM766-1 (6GK5766-1GE00-3DA0)
Siemens / SCALANCE WUM766-1 (6GK5766-1GE00-3DA0)
|
6GK5766-1GE00-3DA0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
|
SCALANCE WUM766-1 (ME) (6GK5766-1GE00-3DC0)
Siemens / SCALANCE WUM766-1 (ME) (6GK5766-1GE00-3DC0)
|
6GK5766-1GE00-3DC0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
|
SCALANCE WUM766-1 (USA) (6GK5766-1GE00-3DB0)
Siemens / SCALANCE WUM766-1 (USA) (6GK5766-1GE00-3DB0)
|
6GK5766-1GE00-3DB0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
SCALANCE WAB762-1 (6GK5762-1AJ00-6AA0)
Siemens / SCALANCE WAB762-1 (6GK5762-1AJ00-6AA0)
|
6GK5762-1AJ00-6AA0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
|
SCALANCE WAM763-1 (6GK5763-1AL00-7DA0)
Siemens / SCALANCE WAM763-1 (6GK5763-1AL00-7DA0)
|
6GK5763-1AL00-7DA0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
|
SCALANCE WAM763-1 (ME) (6GK5763-1AL00-7DC0)
Siemens / SCALANCE WAM763-1 (ME) (6GK5763-1AL00-7DC0)
|
6GK5763-1AL00-7DC0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
|
SCALANCE WAM763-1 (US) (6GK5763-1AL00-7DB0)
Siemens / SCALANCE WAM763-1 (US) (6GK5763-1AL00-7DB0)
|
6GK5763-1AL00-7DB0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
|
SCALANCE WAM766-1 (6GK5766-1GE00-7DA0)
Siemens / SCALANCE WAM766-1 (6GK5766-1GE00-7DA0)
|
6GK5766-1GE00-7DA0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
|
SCALANCE WAM766-1 (ME) (6GK5766-1GE00-7DC0)
Siemens / SCALANCE WAM766-1 (ME) (6GK5766-1GE00-7DC0)
|
6GK5766-1GE00-7DC0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
|
SCALANCE WAM766-1 (US) (6GK5766-1GE00-7DB0)
Siemens / SCALANCE WAM766-1 (US) (6GK5766-1GE00-7DB0)
|
6GK5766-1GE00-7DB0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
|
SCALANCE WAM766-1 EEC (6GK5766-1GE00-7TA0)
Siemens / SCALANCE WAM766-1 EEC (6GK5766-1GE00-7TA0)
|
6GK5766-1GE00-7TA0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
|
SCALANCE WAM766-1 EEC (ME) (6GK5766-1GE00-7TC0)
Siemens / SCALANCE WAM766-1 EEC (ME) (6GK5766-1GE00-7TC0)
|
6GK5766-1GE00-7TC0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
|
SCALANCE WAM766-1 EEC (US) (6GK5766-1GE00-7TB0)
Siemens / SCALANCE WAM766-1 EEC (US) (6GK5766-1GE00-7TB0)
|
6GK5766-1GE00-7TB0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
|
SCALANCE WUB762-1 (6GK5762-1AJ00-1AA0)
Siemens / SCALANCE WUB762-1 (6GK5762-1AJ00-1AA0)
|
6GK5762-1AJ00-1AA0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
|
SCALANCE WUB762-1 iFeatures (6GK5762-1AJ00-2AA0)
Siemens / SCALANCE WUB762-1 iFeatures (6GK5762-1AJ00-2AA0)
|
6GK5762-1AJ00-2AA0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
|
SCALANCE WUM763-1 (6GK5763-1AL00-3AA0)
Siemens / SCALANCE WUM763-1 (6GK5763-1AL00-3AA0)
|
6GK5763-1AL00-3AA0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
|
SCALANCE WUM763-1 (6GK5763-1AL00-3DA0)
Siemens / SCALANCE WUM763-1 (6GK5763-1AL00-3DA0)
|
6GK5763-1AL00-3DA0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
|
SCALANCE WUM763-1 (US) (6GK5763-1AL00-3AB0)
Siemens / SCALANCE WUM763-1 (US) (6GK5763-1AL00-3AB0)
|
6GK5763-1AL00-3AB0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
|
SCALANCE WUM763-1 (US) (6GK5763-1AL00-3DB0)
Siemens / SCALANCE WUM763-1 (US) (6GK5763-1AL00-3DB0)
|
6GK5763-1AL00-3DB0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
|
SCALANCE WUM766-1 (6GK5766-1GE00-3DA0)
Siemens / SCALANCE WUM766-1 (6GK5766-1GE00-3DA0)
|
6GK5766-1GE00-3DA0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
|
SCALANCE WUM766-1 (ME) (6GK5766-1GE00-3DC0)
Siemens / SCALANCE WUM766-1 (ME) (6GK5766-1GE00-3DC0)
|
6GK5766-1GE00-3DC0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
|
SCALANCE WUM766-1 (USA) (6GK5766-1GE00-3DB0)
Siemens / SCALANCE WUM766-1 (USA) (6GK5766-1GE00-3DB0)
|
6GK5766-1GE00-3DB0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
SCALANCE WAB762-1 (6GK5762-1AJ00-6AA0)
Siemens / SCALANCE WAB762-1 (6GK5762-1AJ00-6AA0)
|
6GK5762-1AJ00-6AA0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
|
SCALANCE WAM763-1 (6GK5763-1AL00-7DA0)
Siemens / SCALANCE WAM763-1 (6GK5763-1AL00-7DA0)
|
6GK5763-1AL00-7DA0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
|
SCALANCE WAM763-1 (ME) (6GK5763-1AL00-7DC0)
Siemens / SCALANCE WAM763-1 (ME) (6GK5763-1AL00-7DC0)
|
6GK5763-1AL00-7DC0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
|
SCALANCE WAM763-1 (US) (6GK5763-1AL00-7DB0)
Siemens / SCALANCE WAM763-1 (US) (6GK5763-1AL00-7DB0)
|
6GK5763-1AL00-7DB0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
|
SCALANCE WAM766-1 (6GK5766-1GE00-7DA0)
Siemens / SCALANCE WAM766-1 (6GK5766-1GE00-7DA0)
|
6GK5766-1GE00-7DA0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
|
SCALANCE WAM766-1 (ME) (6GK5766-1GE00-7DC0)
Siemens / SCALANCE WAM766-1 (ME) (6GK5766-1GE00-7DC0)
|
6GK5766-1GE00-7DC0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
|
SCALANCE WAM766-1 (US) (6GK5766-1GE00-7DB0)
Siemens / SCALANCE WAM766-1 (US) (6GK5766-1GE00-7DB0)
|
6GK5766-1GE00-7DB0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
|
SCALANCE WAM766-1 EEC (6GK5766-1GE00-7TA0)
Siemens / SCALANCE WAM766-1 EEC (6GK5766-1GE00-7TA0)
|
6GK5766-1GE00-7TA0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
|
SCALANCE WAM766-1 EEC (ME) (6GK5766-1GE00-7TC0)
Siemens / SCALANCE WAM766-1 EEC (ME) (6GK5766-1GE00-7TC0)
|
6GK5766-1GE00-7TC0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
|
SCALANCE WAM766-1 EEC (US) (6GK5766-1GE00-7TB0)
Siemens / SCALANCE WAM766-1 EEC (US) (6GK5766-1GE00-7TB0)
|
6GK5766-1GE00-7TB0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
|
SCALANCE WUB762-1 (6GK5762-1AJ00-1AA0)
Siemens / SCALANCE WUB762-1 (6GK5762-1AJ00-1AA0)
|
6GK5762-1AJ00-1AA0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
|
SCALANCE WUB762-1 iFeatures (6GK5762-1AJ00-2AA0)
Siemens / SCALANCE WUB762-1 iFeatures (6GK5762-1AJ00-2AA0)
|
6GK5762-1AJ00-2AA0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
|
SCALANCE WUM763-1 (6GK5763-1AL00-3AA0)
Siemens / SCALANCE WUM763-1 (6GK5763-1AL00-3AA0)
|
6GK5763-1AL00-3AA0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
|
SCALANCE WUM763-1 (6GK5763-1AL00-3DA0)
Siemens / SCALANCE WUM763-1 (6GK5763-1AL00-3DA0)
|
6GK5763-1AL00-3DA0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
|
SCALANCE WUM763-1 (US) (6GK5763-1AL00-3AB0)
Siemens / SCALANCE WUM763-1 (US) (6GK5763-1AL00-3AB0)
|
6GK5763-1AL00-3AB0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
|
SCALANCE WUM763-1 (US) (6GK5763-1AL00-3DB0)
Siemens / SCALANCE WUM763-1 (US) (6GK5763-1AL00-3DB0)
|
6GK5763-1AL00-3DB0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
|
SCALANCE WUM766-1 (6GK5766-1GE00-3DA0)
Siemens / SCALANCE WUM766-1 (6GK5766-1GE00-3DA0)
|
6GK5766-1GE00-3DA0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
|
SCALANCE WUM766-1 (ME) (6GK5766-1GE00-3DC0)
Siemens / SCALANCE WUM766-1 (ME) (6GK5766-1GE00-3DC0)
|
6GK5766-1GE00-3DC0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
|
SCALANCE WUM766-1 (USA) (6GK5766-1GE00-3DB0)
Siemens / SCALANCE WUM766-1 (USA) (6GK5766-1GE00-3DB0)
|
6GK5766-1GE00-3DB0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
SCALANCE WAB762-1 (6GK5762-1AJ00-6AA0)
Siemens / SCALANCE WAB762-1 (6GK5762-1AJ00-6AA0)
|
6GK5762-1AJ00-6AA0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
|
SCALANCE WAM763-1 (6GK5763-1AL00-7DA0)
Siemens / SCALANCE WAM763-1 (6GK5763-1AL00-7DA0)
|
6GK5763-1AL00-7DA0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
|
SCALANCE WAM763-1 (ME) (6GK5763-1AL00-7DC0)
Siemens / SCALANCE WAM763-1 (ME) (6GK5763-1AL00-7DC0)
|
6GK5763-1AL00-7DC0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
|
SCALANCE WAM763-1 (US) (6GK5763-1AL00-7DB0)
Siemens / SCALANCE WAM763-1 (US) (6GK5763-1AL00-7DB0)
|
6GK5763-1AL00-7DB0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
|
SCALANCE WAM766-1 (6GK5766-1GE00-7DA0)
Siemens / SCALANCE WAM766-1 (6GK5766-1GE00-7DA0)
|
6GK5766-1GE00-7DA0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
|
SCALANCE WAM766-1 (ME) (6GK5766-1GE00-7DC0)
Siemens / SCALANCE WAM766-1 (ME) (6GK5766-1GE00-7DC0)
|
6GK5766-1GE00-7DC0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
|
SCALANCE WAM766-1 (US) (6GK5766-1GE00-7DB0)
Siemens / SCALANCE WAM766-1 (US) (6GK5766-1GE00-7DB0)
|
6GK5766-1GE00-7DB0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
|
SCALANCE WAM766-1 EEC (6GK5766-1GE00-7TA0)
Siemens / SCALANCE WAM766-1 EEC (6GK5766-1GE00-7TA0)
|
6GK5766-1GE00-7TA0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
|
SCALANCE WAM766-1 EEC (ME) (6GK5766-1GE00-7TC0)
Siemens / SCALANCE WAM766-1 EEC (ME) (6GK5766-1GE00-7TC0)
|
6GK5766-1GE00-7TC0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
|
SCALANCE WAM766-1 EEC (US) (6GK5766-1GE00-7TB0)
Siemens / SCALANCE WAM766-1 EEC (US) (6GK5766-1GE00-7TB0)
|
6GK5766-1GE00-7TB0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
|
SCALANCE WUB762-1 (6GK5762-1AJ00-1AA0)
Siemens / SCALANCE WUB762-1 (6GK5762-1AJ00-1AA0)
|
6GK5762-1AJ00-1AA0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
|
SCALANCE WUB762-1 iFeatures (6GK5762-1AJ00-2AA0)
Siemens / SCALANCE WUB762-1 iFeatures (6GK5762-1AJ00-2AA0)
|
6GK5762-1AJ00-2AA0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
|
SCALANCE WUM763-1 (6GK5763-1AL00-3AA0)
Siemens / SCALANCE WUM763-1 (6GK5763-1AL00-3AA0)
|
6GK5763-1AL00-3AA0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
|
SCALANCE WUM763-1 (6GK5763-1AL00-3DA0)
Siemens / SCALANCE WUM763-1 (6GK5763-1AL00-3DA0)
|
6GK5763-1AL00-3DA0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
|
SCALANCE WUM763-1 (US) (6GK5763-1AL00-3AB0)
Siemens / SCALANCE WUM763-1 (US) (6GK5763-1AL00-3AB0)
|
6GK5763-1AL00-3AB0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
|
SCALANCE WUM763-1 (US) (6GK5763-1AL00-3DB0)
Siemens / SCALANCE WUM763-1 (US) (6GK5763-1AL00-3DB0)
|
6GK5763-1AL00-3DB0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
|
SCALANCE WUM766-1 (6GK5766-1GE00-3DA0)
Siemens / SCALANCE WUM766-1 (6GK5766-1GE00-3DA0)
|
6GK5766-1GE00-3DA0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
|
SCALANCE WUM766-1 (ME) (6GK5766-1GE00-3DC0)
Siemens / SCALANCE WUM766-1 (ME) (6GK5766-1GE00-3DC0)
|
6GK5766-1GE00-3DC0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
|
SCALANCE WUM766-1 (USA) (6GK5766-1GE00-3DB0)
Siemens / SCALANCE WUM766-1 (USA) (6GK5766-1GE00-3DB0)
|
6GK5766-1GE00-3DB0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
SCALANCE WAB762-1 (6GK5762-1AJ00-6AA0)
Siemens / SCALANCE WAB762-1 (6GK5762-1AJ00-6AA0)
|
6GK5762-1AJ00-6AA0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
|
SCALANCE WAM763-1 (6GK5763-1AL00-7DA0)
Siemens / SCALANCE WAM763-1 (6GK5763-1AL00-7DA0)
|
6GK5763-1AL00-7DA0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
|
SCALANCE WAM763-1 (ME) (6GK5763-1AL00-7DC0)
Siemens / SCALANCE WAM763-1 (ME) (6GK5763-1AL00-7DC0)
|
6GK5763-1AL00-7DC0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
|
SCALANCE WAM763-1 (US) (6GK5763-1AL00-7DB0)
Siemens / SCALANCE WAM763-1 (US) (6GK5763-1AL00-7DB0)
|
6GK5763-1AL00-7DB0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
|
SCALANCE WAM766-1 (6GK5766-1GE00-7DA0)
Siemens / SCALANCE WAM766-1 (6GK5766-1GE00-7DA0)
|
6GK5766-1GE00-7DA0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
|
SCALANCE WAM766-1 (ME) (6GK5766-1GE00-7DC0)
Siemens / SCALANCE WAM766-1 (ME) (6GK5766-1GE00-7DC0)
|
6GK5766-1GE00-7DC0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
|
SCALANCE WAM766-1 (US) (6GK5766-1GE00-7DB0)
Siemens / SCALANCE WAM766-1 (US) (6GK5766-1GE00-7DB0)
|
6GK5766-1GE00-7DB0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
|
SCALANCE WAM766-1 EEC (6GK5766-1GE00-7TA0)
Siemens / SCALANCE WAM766-1 EEC (6GK5766-1GE00-7TA0)
|
6GK5766-1GE00-7TA0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
|
SCALANCE WAM766-1 EEC (ME) (6GK5766-1GE00-7TC0)
Siemens / SCALANCE WAM766-1 EEC (ME) (6GK5766-1GE00-7TC0)
|
6GK5766-1GE00-7TC0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
|
SCALANCE WAM766-1 EEC (US) (6GK5766-1GE00-7TB0)
Siemens / SCALANCE WAM766-1 EEC (US) (6GK5766-1GE00-7TB0)
|
6GK5766-1GE00-7TB0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
|
SCALANCE WUB762-1 (6GK5762-1AJ00-1AA0)
Siemens / SCALANCE WUB762-1 (6GK5762-1AJ00-1AA0)
|
6GK5762-1AJ00-1AA0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
|
SCALANCE WUB762-1 iFeatures (6GK5762-1AJ00-2AA0)
Siemens / SCALANCE WUB762-1 iFeatures (6GK5762-1AJ00-2AA0)
|
6GK5762-1AJ00-2AA0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
|
SCALANCE WUM763-1 (6GK5763-1AL00-3AA0)
Siemens / SCALANCE WUM763-1 (6GK5763-1AL00-3AA0)
|
6GK5763-1AL00-3AA0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
|
SCALANCE WUM763-1 (6GK5763-1AL00-3DA0)
Siemens / SCALANCE WUM763-1 (6GK5763-1AL00-3DA0)
|
6GK5763-1AL00-3DA0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
|
SCALANCE WUM763-1 (US) (6GK5763-1AL00-3AB0)
Siemens / SCALANCE WUM763-1 (US) (6GK5763-1AL00-3AB0)
|
6GK5763-1AL00-3AB0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
|
SCALANCE WUM763-1 (US) (6GK5763-1AL00-3DB0)
Siemens / SCALANCE WUM763-1 (US) (6GK5763-1AL00-3DB0)
|
6GK5763-1AL00-3DB0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
|
SCALANCE WUM766-1 (6GK5766-1GE00-3DA0)
Siemens / SCALANCE WUM766-1 (6GK5766-1GE00-3DA0)
|
6GK5766-1GE00-3DA0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
|
SCALANCE WUM766-1 (ME) (6GK5766-1GE00-3DC0)
Siemens / SCALANCE WUM766-1 (ME) (6GK5766-1GE00-3DC0)
|
6GK5766-1GE00-3DC0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
|
SCALANCE WUM766-1 (USA) (6GK5766-1GE00-3DB0)
Siemens / SCALANCE WUM766-1 (USA) (6GK5766-1GE00-3DB0)
|
6GK5766-1GE00-3DB0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
SCALANCE WAB762-1 (6GK5762-1AJ00-6AA0)
Siemens / SCALANCE WAB762-1 (6GK5762-1AJ00-6AA0)
|
6GK5762-1AJ00-6AA0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
|
SCALANCE WAM763-1 (6GK5763-1AL00-7DA0)
Siemens / SCALANCE WAM763-1 (6GK5763-1AL00-7DA0)
|
6GK5763-1AL00-7DA0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
|
SCALANCE WAM763-1 (ME) (6GK5763-1AL00-7DC0)
Siemens / SCALANCE WAM763-1 (ME) (6GK5763-1AL00-7DC0)
|
6GK5763-1AL00-7DC0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
|
SCALANCE WAM763-1 (US) (6GK5763-1AL00-7DB0)
Siemens / SCALANCE WAM763-1 (US) (6GK5763-1AL00-7DB0)
|
6GK5763-1AL00-7DB0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
|
SCALANCE WAM766-1 (6GK5766-1GE00-7DA0)
Siemens / SCALANCE WAM766-1 (6GK5766-1GE00-7DA0)
|
6GK5766-1GE00-7DA0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
|
SCALANCE WAM766-1 (ME) (6GK5766-1GE00-7DC0)
Siemens / SCALANCE WAM766-1 (ME) (6GK5766-1GE00-7DC0)
|
6GK5766-1GE00-7DC0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
|
SCALANCE WAM766-1 (US) (6GK5766-1GE00-7DB0)
Siemens / SCALANCE WAM766-1 (US) (6GK5766-1GE00-7DB0)
|
6GK5766-1GE00-7DB0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
|
SCALANCE WAM766-1 EEC (6GK5766-1GE00-7TA0)
Siemens / SCALANCE WAM766-1 EEC (6GK5766-1GE00-7TA0)
|
6GK5766-1GE00-7TA0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
|
SCALANCE WAM766-1 EEC (ME) (6GK5766-1GE00-7TC0)
Siemens / SCALANCE WAM766-1 EEC (ME) (6GK5766-1GE00-7TC0)
|
6GK5766-1GE00-7TC0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
|
SCALANCE WAM766-1 EEC (US) (6GK5766-1GE00-7TB0)
Siemens / SCALANCE WAM766-1 EEC (US) (6GK5766-1GE00-7TB0)
|
6GK5766-1GE00-7TB0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
|
SCALANCE WUB762-1 (6GK5762-1AJ00-1AA0)
Siemens / SCALANCE WUB762-1 (6GK5762-1AJ00-1AA0)
|
6GK5762-1AJ00-1AA0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
|
SCALANCE WUB762-1 iFeatures (6GK5762-1AJ00-2AA0)
Siemens / SCALANCE WUB762-1 iFeatures (6GK5762-1AJ00-2AA0)
|
6GK5762-1AJ00-2AA0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
|
SCALANCE WUM763-1 (6GK5763-1AL00-3AA0)
Siemens / SCALANCE WUM763-1 (6GK5763-1AL00-3AA0)
|
6GK5763-1AL00-3AA0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
|
SCALANCE WUM763-1 (6GK5763-1AL00-3DA0)
Siemens / SCALANCE WUM763-1 (6GK5763-1AL00-3DA0)
|
6GK5763-1AL00-3DA0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
|
SCALANCE WUM763-1 (US) (6GK5763-1AL00-3AB0)
Siemens / SCALANCE WUM763-1 (US) (6GK5763-1AL00-3AB0)
|
6GK5763-1AL00-3AB0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
|
SCALANCE WUM763-1 (US) (6GK5763-1AL00-3DB0)
Siemens / SCALANCE WUM763-1 (US) (6GK5763-1AL00-3DB0)
|
6GK5763-1AL00-3DB0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
|
SCALANCE WUM766-1 (6GK5766-1GE00-3DA0)
Siemens / SCALANCE WUM766-1 (6GK5766-1GE00-3DA0)
|
6GK5766-1GE00-3DA0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
|
SCALANCE WUM766-1 (ME) (6GK5766-1GE00-3DC0)
Siemens / SCALANCE WUM766-1 (ME) (6GK5766-1GE00-3DC0)
|
6GK5766-1GE00-3DC0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
|
SCALANCE WUM766-1 (USA) (6GK5766-1GE00-3DB0)
Siemens / SCALANCE WUM766-1 (USA) (6GK5766-1GE00-3DB0)
|
6GK5766-1GE00-3DB0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
SCALANCE WAB762-1 (6GK5762-1AJ00-6AA0)
Siemens / SCALANCE WAB762-1 (6GK5762-1AJ00-6AA0)
|
6GK5762-1AJ00-6AA0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
|
SCALANCE WAM763-1 (6GK5763-1AL00-7DA0)
Siemens / SCALANCE WAM763-1 (6GK5763-1AL00-7DA0)
|
6GK5763-1AL00-7DA0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
|
SCALANCE WAM763-1 (ME) (6GK5763-1AL00-7DC0)
Siemens / SCALANCE WAM763-1 (ME) (6GK5763-1AL00-7DC0)
|
6GK5763-1AL00-7DC0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
|
SCALANCE WAM763-1 (US) (6GK5763-1AL00-7DB0)
Siemens / SCALANCE WAM763-1 (US) (6GK5763-1AL00-7DB0)
|
6GK5763-1AL00-7DB0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
|
SCALANCE WAM766-1 (6GK5766-1GE00-7DA0)
Siemens / SCALANCE WAM766-1 (6GK5766-1GE00-7DA0)
|
6GK5766-1GE00-7DA0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
|
SCALANCE WAM766-1 (ME) (6GK5766-1GE00-7DC0)
Siemens / SCALANCE WAM766-1 (ME) (6GK5766-1GE00-7DC0)
|
6GK5766-1GE00-7DC0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
|
SCALANCE WAM766-1 (US) (6GK5766-1GE00-7DB0)
Siemens / SCALANCE WAM766-1 (US) (6GK5766-1GE00-7DB0)
|
6GK5766-1GE00-7DB0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
|
SCALANCE WAM766-1 EEC (6GK5766-1GE00-7TA0)
Siemens / SCALANCE WAM766-1 EEC (6GK5766-1GE00-7TA0)
|
6GK5766-1GE00-7TA0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
|
SCALANCE WAM766-1 EEC (ME) (6GK5766-1GE00-7TC0)
Siemens / SCALANCE WAM766-1 EEC (ME) (6GK5766-1GE00-7TC0)
|
6GK5766-1GE00-7TC0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
|
SCALANCE WAM766-1 EEC (US) (6GK5766-1GE00-7TB0)
Siemens / SCALANCE WAM766-1 EEC (US) (6GK5766-1GE00-7TB0)
|
6GK5766-1GE00-7TB0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
|
SCALANCE WUB762-1 (6GK5762-1AJ00-1AA0)
Siemens / SCALANCE WUB762-1 (6GK5762-1AJ00-1AA0)
|
6GK5762-1AJ00-1AA0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
|
SCALANCE WUB762-1 iFeatures (6GK5762-1AJ00-2AA0)
Siemens / SCALANCE WUB762-1 iFeatures (6GK5762-1AJ00-2AA0)
|
6GK5762-1AJ00-2AA0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
|
SCALANCE WUM763-1 (6GK5763-1AL00-3AA0)
Siemens / SCALANCE WUM763-1 (6GK5763-1AL00-3AA0)
|
6GK5763-1AL00-3AA0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
|
SCALANCE WUM763-1 (6GK5763-1AL00-3DA0)
Siemens / SCALANCE WUM763-1 (6GK5763-1AL00-3DA0)
|
6GK5763-1AL00-3DA0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
|
SCALANCE WUM763-1 (US) (6GK5763-1AL00-3AB0)
Siemens / SCALANCE WUM763-1 (US) (6GK5763-1AL00-3AB0)
|
6GK5763-1AL00-3AB0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
|
SCALANCE WUM763-1 (US) (6GK5763-1AL00-3DB0)
Siemens / SCALANCE WUM763-1 (US) (6GK5763-1AL00-3DB0)
|
6GK5763-1AL00-3DB0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
|
SCALANCE WUM766-1 (6GK5766-1GE00-3DA0)
Siemens / SCALANCE WUM766-1 (6GK5766-1GE00-3DA0)
|
6GK5766-1GE00-3DA0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
|
SCALANCE WUM766-1 (ME) (6GK5766-1GE00-3DC0)
Siemens / SCALANCE WUM766-1 (ME) (6GK5766-1GE00-3DC0)
|
6GK5766-1GE00-3DC0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
|
SCALANCE WUM766-1 (USA) (6GK5766-1GE00-3DB0)
Siemens / SCALANCE WUM766-1 (USA) (6GK5766-1GE00-3DB0)
|
6GK5766-1GE00-3DB0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
SCALANCE WAB762-1 (6GK5762-1AJ00-6AA0)
Siemens / SCALANCE WAB762-1 (6GK5762-1AJ00-6AA0)
|
6GK5762-1AJ00-6AA0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
|
SCALANCE WAM763-1 (6GK5763-1AL00-7DA0)
Siemens / SCALANCE WAM763-1 (6GK5763-1AL00-7DA0)
|
6GK5763-1AL00-7DA0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
|
SCALANCE WAM763-1 (ME) (6GK5763-1AL00-7DC0)
Siemens / SCALANCE WAM763-1 (ME) (6GK5763-1AL00-7DC0)
|
6GK5763-1AL00-7DC0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
|
SCALANCE WAM763-1 (US) (6GK5763-1AL00-7DB0)
Siemens / SCALANCE WAM763-1 (US) (6GK5763-1AL00-7DB0)
|
6GK5763-1AL00-7DB0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
|
SCALANCE WAM766-1 (6GK5766-1GE00-7DA0)
Siemens / SCALANCE WAM766-1 (6GK5766-1GE00-7DA0)
|
6GK5766-1GE00-7DA0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
|
SCALANCE WAM766-1 (ME) (6GK5766-1GE00-7DC0)
Siemens / SCALANCE WAM766-1 (ME) (6GK5766-1GE00-7DC0)
|
6GK5766-1GE00-7DC0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
|
SCALANCE WAM766-1 (US) (6GK5766-1GE00-7DB0)
Siemens / SCALANCE WAM766-1 (US) (6GK5766-1GE00-7DB0)
|
6GK5766-1GE00-7DB0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
|
SCALANCE WAM766-1 EEC (6GK5766-1GE00-7TA0)
Siemens / SCALANCE WAM766-1 EEC (6GK5766-1GE00-7TA0)
|
6GK5766-1GE00-7TA0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
|
SCALANCE WAM766-1 EEC (ME) (6GK5766-1GE00-7TC0)
Siemens / SCALANCE WAM766-1 EEC (ME) (6GK5766-1GE00-7TC0)
|
6GK5766-1GE00-7TC0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
|
SCALANCE WAM766-1 EEC (US) (6GK5766-1GE00-7TB0)
Siemens / SCALANCE WAM766-1 EEC (US) (6GK5766-1GE00-7TB0)
|
6GK5766-1GE00-7TB0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
|
SCALANCE WUB762-1 (6GK5762-1AJ00-1AA0)
Siemens / SCALANCE WUB762-1 (6GK5762-1AJ00-1AA0)
|
6GK5762-1AJ00-1AA0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
|
SCALANCE WUB762-1 iFeatures (6GK5762-1AJ00-2AA0)
Siemens / SCALANCE WUB762-1 iFeatures (6GK5762-1AJ00-2AA0)
|
6GK5762-1AJ00-2AA0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
|
SCALANCE WUM763-1 (6GK5763-1AL00-3AA0)
Siemens / SCALANCE WUM763-1 (6GK5763-1AL00-3AA0)
|
6GK5763-1AL00-3AA0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
|
SCALANCE WUM763-1 (6GK5763-1AL00-3DA0)
Siemens / SCALANCE WUM763-1 (6GK5763-1AL00-3DA0)
|
6GK5763-1AL00-3DA0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
|
SCALANCE WUM763-1 (US) (6GK5763-1AL00-3AB0)
Siemens / SCALANCE WUM763-1 (US) (6GK5763-1AL00-3AB0)
|
6GK5763-1AL00-3AB0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
|
SCALANCE WUM763-1 (US) (6GK5763-1AL00-3DB0)
Siemens / SCALANCE WUM763-1 (US) (6GK5763-1AL00-3DB0)
|
6GK5763-1AL00-3DB0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
|
SCALANCE WUM766-1 (6GK5766-1GE00-3DA0)
Siemens / SCALANCE WUM766-1 (6GK5766-1GE00-3DA0)
|
6GK5766-1GE00-3DA0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
|
SCALANCE WUM766-1 (ME) (6GK5766-1GE00-3DC0)
Siemens / SCALANCE WUM766-1 (ME) (6GK5766-1GE00-3DC0)
|
6GK5766-1GE00-3DC0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
|
SCALANCE WUM766-1 (USA) (6GK5766-1GE00-3DB0)
Siemens / SCALANCE WUM766-1 (USA) (6GK5766-1GE00-3DB0)
|
6GK5766-1GE00-3DB0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
SCALANCE WAB762-1 (6GK5762-1AJ00-6AA0)
Siemens / SCALANCE WAB762-1 (6GK5762-1AJ00-6AA0)
|
6GK5762-1AJ00-6AA0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
|
SCALANCE WAM763-1 (6GK5763-1AL00-7DA0)
Siemens / SCALANCE WAM763-1 (6GK5763-1AL00-7DA0)
|
6GK5763-1AL00-7DA0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
|
SCALANCE WAM763-1 (ME) (6GK5763-1AL00-7DC0)
Siemens / SCALANCE WAM763-1 (ME) (6GK5763-1AL00-7DC0)
|
6GK5763-1AL00-7DC0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
|
SCALANCE WAM763-1 (US) (6GK5763-1AL00-7DB0)
Siemens / SCALANCE WAM763-1 (US) (6GK5763-1AL00-7DB0)
|
6GK5763-1AL00-7DB0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
|
SCALANCE WAM766-1 (6GK5766-1GE00-7DA0)
Siemens / SCALANCE WAM766-1 (6GK5766-1GE00-7DA0)
|
6GK5766-1GE00-7DA0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
|
SCALANCE WAM766-1 (ME) (6GK5766-1GE00-7DC0)
Siemens / SCALANCE WAM766-1 (ME) (6GK5766-1GE00-7DC0)
|
6GK5766-1GE00-7DC0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
|
SCALANCE WAM766-1 (US) (6GK5766-1GE00-7DB0)
Siemens / SCALANCE WAM766-1 (US) (6GK5766-1GE00-7DB0)
|
6GK5766-1GE00-7DB0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
|
SCALANCE WAM766-1 EEC (6GK5766-1GE00-7TA0)
Siemens / SCALANCE WAM766-1 EEC (6GK5766-1GE00-7TA0)
|
6GK5766-1GE00-7TA0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
|
SCALANCE WAM766-1 EEC (ME) (6GK5766-1GE00-7TC0)
Siemens / SCALANCE WAM766-1 EEC (ME) (6GK5766-1GE00-7TC0)
|
6GK5766-1GE00-7TC0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
|
SCALANCE WAM766-1 EEC (US) (6GK5766-1GE00-7TB0)
Siemens / SCALANCE WAM766-1 EEC (US) (6GK5766-1GE00-7TB0)
|
6GK5766-1GE00-7TB0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
|
SCALANCE WUB762-1 (6GK5762-1AJ00-1AA0)
Siemens / SCALANCE WUB762-1 (6GK5762-1AJ00-1AA0)
|
6GK5762-1AJ00-1AA0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
|
SCALANCE WUB762-1 iFeatures (6GK5762-1AJ00-2AA0)
Siemens / SCALANCE WUB762-1 iFeatures (6GK5762-1AJ00-2AA0)
|
6GK5762-1AJ00-2AA0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
|
SCALANCE WUM763-1 (6GK5763-1AL00-3AA0)
Siemens / SCALANCE WUM763-1 (6GK5763-1AL00-3AA0)
|
6GK5763-1AL00-3AA0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
|
SCALANCE WUM763-1 (6GK5763-1AL00-3DA0)
Siemens / SCALANCE WUM763-1 (6GK5763-1AL00-3DA0)
|
6GK5763-1AL00-3DA0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
|
SCALANCE WUM763-1 (US) (6GK5763-1AL00-3AB0)
Siemens / SCALANCE WUM763-1 (US) (6GK5763-1AL00-3AB0)
|
6GK5763-1AL00-3AB0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
|
SCALANCE WUM763-1 (US) (6GK5763-1AL00-3DB0)
Siemens / SCALANCE WUM763-1 (US) (6GK5763-1AL00-3DB0)
|
6GK5763-1AL00-3DB0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
|
SCALANCE WUM766-1 (6GK5766-1GE00-3DA0)
Siemens / SCALANCE WUM766-1 (6GK5766-1GE00-3DA0)
|
6GK5766-1GE00-3DA0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
|
SCALANCE WUM766-1 (ME) (6GK5766-1GE00-3DC0)
Siemens / SCALANCE WUM766-1 (ME) (6GK5766-1GE00-3DC0)
|
6GK5766-1GE00-3DC0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
|
SCALANCE WUM766-1 (USA) (6GK5766-1GE00-3DB0)
Siemens / SCALANCE WUM766-1 (USA) (6GK5766-1GE00-3DB0)
|
6GK5766-1GE00-3DB0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
SCALANCE WAB762-1 (6GK5762-1AJ00-6AA0)
Siemens / SCALANCE WAB762-1 (6GK5762-1AJ00-6AA0)
|
6GK5762-1AJ00-6AA0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
|
SCALANCE WAM763-1 (6GK5763-1AL00-7DA0)
Siemens / SCALANCE WAM763-1 (6GK5763-1AL00-7DA0)
|
6GK5763-1AL00-7DA0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
|
SCALANCE WAM763-1 (ME) (6GK5763-1AL00-7DC0)
Siemens / SCALANCE WAM763-1 (ME) (6GK5763-1AL00-7DC0)
|
6GK5763-1AL00-7DC0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
|
SCALANCE WAM763-1 (US) (6GK5763-1AL00-7DB0)
Siemens / SCALANCE WAM763-1 (US) (6GK5763-1AL00-7DB0)
|
6GK5763-1AL00-7DB0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
|
SCALANCE WAM766-1 (6GK5766-1GE00-7DA0)
Siemens / SCALANCE WAM766-1 (6GK5766-1GE00-7DA0)
|
6GK5766-1GE00-7DA0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
|
SCALANCE WAM766-1 (ME) (6GK5766-1GE00-7DC0)
Siemens / SCALANCE WAM766-1 (ME) (6GK5766-1GE00-7DC0)
|
6GK5766-1GE00-7DC0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
|
SCALANCE WAM766-1 (US) (6GK5766-1GE00-7DB0)
Siemens / SCALANCE WAM766-1 (US) (6GK5766-1GE00-7DB0)
|
6GK5766-1GE00-7DB0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
|
SCALANCE WAM766-1 EEC (6GK5766-1GE00-7TA0)
Siemens / SCALANCE WAM766-1 EEC (6GK5766-1GE00-7TA0)
|
6GK5766-1GE00-7TA0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
|
SCALANCE WAM766-1 EEC (ME) (6GK5766-1GE00-7TC0)
Siemens / SCALANCE WAM766-1 EEC (ME) (6GK5766-1GE00-7TC0)
|
6GK5766-1GE00-7TC0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
|
SCALANCE WAM766-1 EEC (US) (6GK5766-1GE00-7TB0)
Siemens / SCALANCE WAM766-1 EEC (US) (6GK5766-1GE00-7TB0)
|
6GK5766-1GE00-7TB0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
|
SCALANCE WUB762-1 (6GK5762-1AJ00-1AA0)
Siemens / SCALANCE WUB762-1 (6GK5762-1AJ00-1AA0)
|
6GK5762-1AJ00-1AA0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
|
SCALANCE WUB762-1 iFeatures (6GK5762-1AJ00-2AA0)
Siemens / SCALANCE WUB762-1 iFeatures (6GK5762-1AJ00-2AA0)
|
6GK5762-1AJ00-2AA0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
|
SCALANCE WUM763-1 (6GK5763-1AL00-3AA0)
Siemens / SCALANCE WUM763-1 (6GK5763-1AL00-3AA0)
|
6GK5763-1AL00-3AA0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
|
SCALANCE WUM763-1 (6GK5763-1AL00-3DA0)
Siemens / SCALANCE WUM763-1 (6GK5763-1AL00-3DA0)
|
6GK5763-1AL00-3DA0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
|
SCALANCE WUM763-1 (US) (6GK5763-1AL00-3AB0)
Siemens / SCALANCE WUM763-1 (US) (6GK5763-1AL00-3AB0)
|
6GK5763-1AL00-3AB0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
|
SCALANCE WUM763-1 (US) (6GK5763-1AL00-3DB0)
Siemens / SCALANCE WUM763-1 (US) (6GK5763-1AL00-3DB0)
|
6GK5763-1AL00-3DB0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
|
SCALANCE WUM766-1 (6GK5766-1GE00-3DA0)
Siemens / SCALANCE WUM766-1 (6GK5766-1GE00-3DA0)
|
6GK5766-1GE00-3DA0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
|
SCALANCE WUM766-1 (ME) (6GK5766-1GE00-3DC0)
Siemens / SCALANCE WUM766-1 (ME) (6GK5766-1GE00-3DC0)
|
6GK5766-1GE00-3DC0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
|
SCALANCE WUM766-1 (USA) (6GK5766-1GE00-3DB0)
Siemens / SCALANCE WUM766-1 (USA) (6GK5766-1GE00-3DB0)
|
6GK5766-1GE00-3DB0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
SCALANCE WAB762-1 (6GK5762-1AJ00-6AA0)
Siemens / SCALANCE WAB762-1 (6GK5762-1AJ00-6AA0)
|
6GK5762-1AJ00-6AA0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
|
SCALANCE WAM763-1 (6GK5763-1AL00-7DA0)
Siemens / SCALANCE WAM763-1 (6GK5763-1AL00-7DA0)
|
6GK5763-1AL00-7DA0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
|
SCALANCE WAM763-1 (ME) (6GK5763-1AL00-7DC0)
Siemens / SCALANCE WAM763-1 (ME) (6GK5763-1AL00-7DC0)
|
6GK5763-1AL00-7DC0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
|
SCALANCE WAM763-1 (US) (6GK5763-1AL00-7DB0)
Siemens / SCALANCE WAM763-1 (US) (6GK5763-1AL00-7DB0)
|
6GK5763-1AL00-7DB0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
|
SCALANCE WAM766-1 (6GK5766-1GE00-7DA0)
Siemens / SCALANCE WAM766-1 (6GK5766-1GE00-7DA0)
|
6GK5766-1GE00-7DA0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
|
SCALANCE WAM766-1 (ME) (6GK5766-1GE00-7DC0)
Siemens / SCALANCE WAM766-1 (ME) (6GK5766-1GE00-7DC0)
|
6GK5766-1GE00-7DC0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
|
SCALANCE WAM766-1 (US) (6GK5766-1GE00-7DB0)
Siemens / SCALANCE WAM766-1 (US) (6GK5766-1GE00-7DB0)
|
6GK5766-1GE00-7DB0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
|
SCALANCE WAM766-1 EEC (6GK5766-1GE00-7TA0)
Siemens / SCALANCE WAM766-1 EEC (6GK5766-1GE00-7TA0)
|
6GK5766-1GE00-7TA0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
|
SCALANCE WAM766-1 EEC (ME) (6GK5766-1GE00-7TC0)
Siemens / SCALANCE WAM766-1 EEC (ME) (6GK5766-1GE00-7TC0)
|
6GK5766-1GE00-7TC0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
|
SCALANCE WAM766-1 EEC (US) (6GK5766-1GE00-7TB0)
Siemens / SCALANCE WAM766-1 EEC (US) (6GK5766-1GE00-7TB0)
|
6GK5766-1GE00-7TB0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
|
SCALANCE WUB762-1 (6GK5762-1AJ00-1AA0)
Siemens / SCALANCE WUB762-1 (6GK5762-1AJ00-1AA0)
|
6GK5762-1AJ00-1AA0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
|
SCALANCE WUB762-1 iFeatures (6GK5762-1AJ00-2AA0)
Siemens / SCALANCE WUB762-1 iFeatures (6GK5762-1AJ00-2AA0)
|
6GK5762-1AJ00-2AA0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
|
SCALANCE WUM763-1 (6GK5763-1AL00-3AA0)
Siemens / SCALANCE WUM763-1 (6GK5763-1AL00-3AA0)
|
6GK5763-1AL00-3AA0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
|
SCALANCE WUM763-1 (6GK5763-1AL00-3DA0)
Siemens / SCALANCE WUM763-1 (6GK5763-1AL00-3DA0)
|
6GK5763-1AL00-3DA0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
|
SCALANCE WUM763-1 (US) (6GK5763-1AL00-3AB0)
Siemens / SCALANCE WUM763-1 (US) (6GK5763-1AL00-3AB0)
|
6GK5763-1AL00-3AB0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
|
SCALANCE WUM763-1 (US) (6GK5763-1AL00-3DB0)
Siemens / SCALANCE WUM763-1 (US) (6GK5763-1AL00-3DB0)
|
6GK5763-1AL00-3DB0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
|
SCALANCE WUM766-1 (6GK5766-1GE00-3DA0)
Siemens / SCALANCE WUM766-1 (6GK5766-1GE00-3DA0)
|
6GK5766-1GE00-3DA0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
|
SCALANCE WUM766-1 (ME) (6GK5766-1GE00-3DC0)
Siemens / SCALANCE WUM766-1 (ME) (6GK5766-1GE00-3DC0)
|
6GK5766-1GE00-3DC0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
|
SCALANCE WUM766-1 (USA) (6GK5766-1GE00-3DB0)
Siemens / SCALANCE WUM766-1 (USA) (6GK5766-1GE00-3DB0)
|
6GK5766-1GE00-3DB0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
SCALANCE WAB762-1 (6GK5762-1AJ00-6AA0)
Siemens / SCALANCE WAB762-1 (6GK5762-1AJ00-6AA0)
|
6GK5762-1AJ00-6AA0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
|
SCALANCE WAM763-1 (6GK5763-1AL00-7DA0)
Siemens / SCALANCE WAM763-1 (6GK5763-1AL00-7DA0)
|
6GK5763-1AL00-7DA0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
|
SCALANCE WAM763-1 (ME) (6GK5763-1AL00-7DC0)
Siemens / SCALANCE WAM763-1 (ME) (6GK5763-1AL00-7DC0)
|
6GK5763-1AL00-7DC0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
|
SCALANCE WAM763-1 (US) (6GK5763-1AL00-7DB0)
Siemens / SCALANCE WAM763-1 (US) (6GK5763-1AL00-7DB0)
|
6GK5763-1AL00-7DB0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
|
SCALANCE WAM766-1 (6GK5766-1GE00-7DA0)
Siemens / SCALANCE WAM766-1 (6GK5766-1GE00-7DA0)
|
6GK5766-1GE00-7DA0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
|
SCALANCE WAM766-1 (ME) (6GK5766-1GE00-7DC0)
Siemens / SCALANCE WAM766-1 (ME) (6GK5766-1GE00-7DC0)
|
6GK5766-1GE00-7DC0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
|
SCALANCE WAM766-1 (US) (6GK5766-1GE00-7DB0)
Siemens / SCALANCE WAM766-1 (US) (6GK5766-1GE00-7DB0)
|
6GK5766-1GE00-7DB0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
|
SCALANCE WAM766-1 EEC (6GK5766-1GE00-7TA0)
Siemens / SCALANCE WAM766-1 EEC (6GK5766-1GE00-7TA0)
|
6GK5766-1GE00-7TA0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
|
SCALANCE WAM766-1 EEC (ME) (6GK5766-1GE00-7TC0)
Siemens / SCALANCE WAM766-1 EEC (ME) (6GK5766-1GE00-7TC0)
|
6GK5766-1GE00-7TC0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
|
SCALANCE WAM766-1 EEC (US) (6GK5766-1GE00-7TB0)
Siemens / SCALANCE WAM766-1 EEC (US) (6GK5766-1GE00-7TB0)
|
6GK5766-1GE00-7TB0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
|
SCALANCE WUB762-1 (6GK5762-1AJ00-1AA0)
Siemens / SCALANCE WUB762-1 (6GK5762-1AJ00-1AA0)
|
6GK5762-1AJ00-1AA0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
|
SCALANCE WUB762-1 iFeatures (6GK5762-1AJ00-2AA0)
Siemens / SCALANCE WUB762-1 iFeatures (6GK5762-1AJ00-2AA0)
|
6GK5762-1AJ00-2AA0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
|
SCALANCE WUM763-1 (6GK5763-1AL00-3AA0)
Siemens / SCALANCE WUM763-1 (6GK5763-1AL00-3AA0)
|
6GK5763-1AL00-3AA0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
|
SCALANCE WUM763-1 (6GK5763-1AL00-3DA0)
Siemens / SCALANCE WUM763-1 (6GK5763-1AL00-3DA0)
|
6GK5763-1AL00-3DA0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
|
SCALANCE WUM763-1 (US) (6GK5763-1AL00-3AB0)
Siemens / SCALANCE WUM763-1 (US) (6GK5763-1AL00-3AB0)
|
6GK5763-1AL00-3AB0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
|
SCALANCE WUM763-1 (US) (6GK5763-1AL00-3DB0)
Siemens / SCALANCE WUM763-1 (US) (6GK5763-1AL00-3DB0)
|
6GK5763-1AL00-3DB0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
|
SCALANCE WUM766-1 (6GK5766-1GE00-3DA0)
Siemens / SCALANCE WUM766-1 (6GK5766-1GE00-3DA0)
|
6GK5766-1GE00-3DA0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
|
SCALANCE WUM766-1 (ME) (6GK5766-1GE00-3DC0)
Siemens / SCALANCE WUM766-1 (ME) (6GK5766-1GE00-3DC0)
|
6GK5766-1GE00-3DC0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
|
SCALANCE WUM766-1 (USA) (6GK5766-1GE00-3DB0)
Siemens / SCALANCE WUM766-1 (USA) (6GK5766-1GE00-3DB0)
|
6GK5766-1GE00-3DB0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
SCALANCE WAB762-1 (6GK5762-1AJ00-6AA0)
Siemens / SCALANCE WAB762-1 (6GK5762-1AJ00-6AA0)
|
6GK5762-1AJ00-6AA0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
|
SCALANCE WAM763-1 (6GK5763-1AL00-7DA0)
Siemens / SCALANCE WAM763-1 (6GK5763-1AL00-7DA0)
|
6GK5763-1AL00-7DA0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
|
SCALANCE WAM763-1 (ME) (6GK5763-1AL00-7DC0)
Siemens / SCALANCE WAM763-1 (ME) (6GK5763-1AL00-7DC0)
|
6GK5763-1AL00-7DC0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
|
SCALANCE WAM763-1 (US) (6GK5763-1AL00-7DB0)
Siemens / SCALANCE WAM763-1 (US) (6GK5763-1AL00-7DB0)
|
6GK5763-1AL00-7DB0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
|
SCALANCE WAM766-1 (6GK5766-1GE00-7DA0)
Siemens / SCALANCE WAM766-1 (6GK5766-1GE00-7DA0)
|
6GK5766-1GE00-7DA0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
|
SCALANCE WAM766-1 (ME) (6GK5766-1GE00-7DC0)
Siemens / SCALANCE WAM766-1 (ME) (6GK5766-1GE00-7DC0)
|
6GK5766-1GE00-7DC0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
|
SCALANCE WAM766-1 (US) (6GK5766-1GE00-7DB0)
Siemens / SCALANCE WAM766-1 (US) (6GK5766-1GE00-7DB0)
|
6GK5766-1GE00-7DB0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
|
SCALANCE WAM766-1 EEC (6GK5766-1GE00-7TA0)
Siemens / SCALANCE WAM766-1 EEC (6GK5766-1GE00-7TA0)
|
6GK5766-1GE00-7TA0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
|
SCALANCE WAM766-1 EEC (ME) (6GK5766-1GE00-7TC0)
Siemens / SCALANCE WAM766-1 EEC (ME) (6GK5766-1GE00-7TC0)
|
6GK5766-1GE00-7TC0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
|
SCALANCE WAM766-1 EEC (US) (6GK5766-1GE00-7TB0)
Siemens / SCALANCE WAM766-1 EEC (US) (6GK5766-1GE00-7TB0)
|
6GK5766-1GE00-7TB0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
|
SCALANCE WUB762-1 (6GK5762-1AJ00-1AA0)
Siemens / SCALANCE WUB762-1 (6GK5762-1AJ00-1AA0)
|
6GK5762-1AJ00-1AA0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
|
SCALANCE WUB762-1 iFeatures (6GK5762-1AJ00-2AA0)
Siemens / SCALANCE WUB762-1 iFeatures (6GK5762-1AJ00-2AA0)
|
6GK5762-1AJ00-2AA0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
|
SCALANCE WUM763-1 (6GK5763-1AL00-3AA0)
Siemens / SCALANCE WUM763-1 (6GK5763-1AL00-3AA0)
|
6GK5763-1AL00-3AA0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
|
SCALANCE WUM763-1 (6GK5763-1AL00-3DA0)
Siemens / SCALANCE WUM763-1 (6GK5763-1AL00-3DA0)
|
6GK5763-1AL00-3DA0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
|
SCALANCE WUM763-1 (US) (6GK5763-1AL00-3AB0)
Siemens / SCALANCE WUM763-1 (US) (6GK5763-1AL00-3AB0)
|
6GK5763-1AL00-3AB0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
|
SCALANCE WUM763-1 (US) (6GK5763-1AL00-3DB0)
Siemens / SCALANCE WUM763-1 (US) (6GK5763-1AL00-3DB0)
|
6GK5763-1AL00-3DB0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
|
SCALANCE WUM766-1 (6GK5766-1GE00-3DA0)
Siemens / SCALANCE WUM766-1 (6GK5766-1GE00-3DA0)
|
6GK5766-1GE00-3DA0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
|
SCALANCE WUM766-1 (ME) (6GK5766-1GE00-3DC0)
Siemens / SCALANCE WUM766-1 (ME) (6GK5766-1GE00-3DC0)
|
6GK5766-1GE00-3DC0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
|
SCALANCE WUM766-1 (USA) (6GK5766-1GE00-3DB0)
Siemens / SCALANCE WUM766-1 (USA) (6GK5766-1GE00-3DB0)
|
6GK5766-1GE00-3DB0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
SCALANCE WAB762-1 (6GK5762-1AJ00-6AA0)
Siemens / SCALANCE WAB762-1 (6GK5762-1AJ00-6AA0)
|
6GK5762-1AJ00-6AA0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
|
SCALANCE WAM763-1 (6GK5763-1AL00-7DA0)
Siemens / SCALANCE WAM763-1 (6GK5763-1AL00-7DA0)
|
6GK5763-1AL00-7DA0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
|
SCALANCE WAM763-1 (ME) (6GK5763-1AL00-7DC0)
Siemens / SCALANCE WAM763-1 (ME) (6GK5763-1AL00-7DC0)
|
6GK5763-1AL00-7DC0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
|
SCALANCE WAM763-1 (US) (6GK5763-1AL00-7DB0)
Siemens / SCALANCE WAM763-1 (US) (6GK5763-1AL00-7DB0)
|
6GK5763-1AL00-7DB0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
|
SCALANCE WAM766-1 (6GK5766-1GE00-7DA0)
Siemens / SCALANCE WAM766-1 (6GK5766-1GE00-7DA0)
|
6GK5766-1GE00-7DA0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
|
SCALANCE WAM766-1 (ME) (6GK5766-1GE00-7DC0)
Siemens / SCALANCE WAM766-1 (ME) (6GK5766-1GE00-7DC0)
|
6GK5766-1GE00-7DC0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
|
SCALANCE WAM766-1 (US) (6GK5766-1GE00-7DB0)
Siemens / SCALANCE WAM766-1 (US) (6GK5766-1GE00-7DB0)
|
6GK5766-1GE00-7DB0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
|
SCALANCE WAM766-1 EEC (6GK5766-1GE00-7TA0)
Siemens / SCALANCE WAM766-1 EEC (6GK5766-1GE00-7TA0)
|
6GK5766-1GE00-7TA0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
|
SCALANCE WAM766-1 EEC (ME) (6GK5766-1GE00-7TC0)
Siemens / SCALANCE WAM766-1 EEC (ME) (6GK5766-1GE00-7TC0)
|
6GK5766-1GE00-7TC0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
|
SCALANCE WAM766-1 EEC (US) (6GK5766-1GE00-7TB0)
Siemens / SCALANCE WAM766-1 EEC (US) (6GK5766-1GE00-7TB0)
|
6GK5766-1GE00-7TB0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
|
SCALANCE WUB762-1 (6GK5762-1AJ00-1AA0)
Siemens / SCALANCE WUB762-1 (6GK5762-1AJ00-1AA0)
|
6GK5762-1AJ00-1AA0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
|
SCALANCE WUB762-1 iFeatures (6GK5762-1AJ00-2AA0)
Siemens / SCALANCE WUB762-1 iFeatures (6GK5762-1AJ00-2AA0)
|
6GK5762-1AJ00-2AA0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
|
SCALANCE WUM763-1 (6GK5763-1AL00-3AA0)
Siemens / SCALANCE WUM763-1 (6GK5763-1AL00-3AA0)
|
6GK5763-1AL00-3AA0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
|
SCALANCE WUM763-1 (6GK5763-1AL00-3DA0)
Siemens / SCALANCE WUM763-1 (6GK5763-1AL00-3DA0)
|
6GK5763-1AL00-3DA0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
|
SCALANCE WUM763-1 (US) (6GK5763-1AL00-3AB0)
Siemens / SCALANCE WUM763-1 (US) (6GK5763-1AL00-3AB0)
|
6GK5763-1AL00-3AB0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
|
SCALANCE WUM763-1 (US) (6GK5763-1AL00-3DB0)
Siemens / SCALANCE WUM763-1 (US) (6GK5763-1AL00-3DB0)
|
6GK5763-1AL00-3DB0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
|
SCALANCE WUM766-1 (6GK5766-1GE00-3DA0)
Siemens / SCALANCE WUM766-1 (6GK5766-1GE00-3DA0)
|
6GK5766-1GE00-3DA0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
|
SCALANCE WUM766-1 (ME) (6GK5766-1GE00-3DC0)
Siemens / SCALANCE WUM766-1 (ME) (6GK5766-1GE00-3DC0)
|
6GK5766-1GE00-3DC0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
|
SCALANCE WUM766-1 (USA) (6GK5766-1GE00-3DB0)
Siemens / SCALANCE WUM766-1 (USA) (6GK5766-1GE00-3DB0)
|
6GK5766-1GE00-3DB0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
SCALANCE WAB762-1 (6GK5762-1AJ00-6AA0)
Siemens / SCALANCE WAB762-1 (6GK5762-1AJ00-6AA0)
|
6GK5762-1AJ00-6AA0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
|
SCALANCE WAM763-1 (6GK5763-1AL00-7DA0)
Siemens / SCALANCE WAM763-1 (6GK5763-1AL00-7DA0)
|
6GK5763-1AL00-7DA0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
|
SCALANCE WAM763-1 (ME) (6GK5763-1AL00-7DC0)
Siemens / SCALANCE WAM763-1 (ME) (6GK5763-1AL00-7DC0)
|
6GK5763-1AL00-7DC0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
|
SCALANCE WAM763-1 (US) (6GK5763-1AL00-7DB0)
Siemens / SCALANCE WAM763-1 (US) (6GK5763-1AL00-7DB0)
|
6GK5763-1AL00-7DB0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
|
SCALANCE WAM766-1 (6GK5766-1GE00-7DA0)
Siemens / SCALANCE WAM766-1 (6GK5766-1GE00-7DA0)
|
6GK5766-1GE00-7DA0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
|
SCALANCE WAM766-1 (ME) (6GK5766-1GE00-7DC0)
Siemens / SCALANCE WAM766-1 (ME) (6GK5766-1GE00-7DC0)
|
6GK5766-1GE00-7DC0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
|
SCALANCE WAM766-1 (US) (6GK5766-1GE00-7DB0)
Siemens / SCALANCE WAM766-1 (US) (6GK5766-1GE00-7DB0)
|
6GK5766-1GE00-7DB0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
|
SCALANCE WAM766-1 EEC (6GK5766-1GE00-7TA0)
Siemens / SCALANCE WAM766-1 EEC (6GK5766-1GE00-7TA0)
|
6GK5766-1GE00-7TA0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
|
SCALANCE WAM766-1 EEC (ME) (6GK5766-1GE00-7TC0)
Siemens / SCALANCE WAM766-1 EEC (ME) (6GK5766-1GE00-7TC0)
|
6GK5766-1GE00-7TC0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
|
SCALANCE WAM766-1 EEC (US) (6GK5766-1GE00-7TB0)
Siemens / SCALANCE WAM766-1 EEC (US) (6GK5766-1GE00-7TB0)
|
6GK5766-1GE00-7TB0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
|
SCALANCE WUB762-1 (6GK5762-1AJ00-1AA0)
Siemens / SCALANCE WUB762-1 (6GK5762-1AJ00-1AA0)
|
6GK5762-1AJ00-1AA0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
|
SCALANCE WUB762-1 iFeatures (6GK5762-1AJ00-2AA0)
Siemens / SCALANCE WUB762-1 iFeatures (6GK5762-1AJ00-2AA0)
|
6GK5762-1AJ00-2AA0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
|
SCALANCE WUM763-1 (6GK5763-1AL00-3AA0)
Siemens / SCALANCE WUM763-1 (6GK5763-1AL00-3AA0)
|
6GK5763-1AL00-3AA0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
|
SCALANCE WUM763-1 (6GK5763-1AL00-3DA0)
Siemens / SCALANCE WUM763-1 (6GK5763-1AL00-3DA0)
|
6GK5763-1AL00-3DA0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
|
SCALANCE WUM763-1 (US) (6GK5763-1AL00-3AB0)
Siemens / SCALANCE WUM763-1 (US) (6GK5763-1AL00-3AB0)
|
6GK5763-1AL00-3AB0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
|
SCALANCE WUM763-1 (US) (6GK5763-1AL00-3DB0)
Siemens / SCALANCE WUM763-1 (US) (6GK5763-1AL00-3DB0)
|
6GK5763-1AL00-3DB0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
|
SCALANCE WUM766-1 (6GK5766-1GE00-3DA0)
Siemens / SCALANCE WUM766-1 (6GK5766-1GE00-3DA0)
|
6GK5766-1GE00-3DA0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
|
SCALANCE WUM766-1 (ME) (6GK5766-1GE00-3DC0)
Siemens / SCALANCE WUM766-1 (ME) (6GK5766-1GE00-3DC0)
|
6GK5766-1GE00-3DC0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
|
SCALANCE WUM766-1 (USA) (6GK5766-1GE00-3DB0)
Siemens / SCALANCE WUM766-1 (USA) (6GK5766-1GE00-3DB0)
|
6GK5766-1GE00-3DB0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
SCALANCE WAB762-1 (6GK5762-1AJ00-6AA0)
Siemens / SCALANCE WAB762-1 (6GK5762-1AJ00-6AA0)
|
6GK5762-1AJ00-6AA0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
|
SCALANCE WAM763-1 (6GK5763-1AL00-7DA0)
Siemens / SCALANCE WAM763-1 (6GK5763-1AL00-7DA0)
|
6GK5763-1AL00-7DA0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
|
SCALANCE WAM763-1 (ME) (6GK5763-1AL00-7DC0)
Siemens / SCALANCE WAM763-1 (ME) (6GK5763-1AL00-7DC0)
|
6GK5763-1AL00-7DC0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
|
SCALANCE WAM763-1 (US) (6GK5763-1AL00-7DB0)
Siemens / SCALANCE WAM763-1 (US) (6GK5763-1AL00-7DB0)
|
6GK5763-1AL00-7DB0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
|
SCALANCE WAM766-1 (6GK5766-1GE00-7DA0)
Siemens / SCALANCE WAM766-1 (6GK5766-1GE00-7DA0)
|
6GK5766-1GE00-7DA0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
|
SCALANCE WAM766-1 (ME) (6GK5766-1GE00-7DC0)
Siemens / SCALANCE WAM766-1 (ME) (6GK5766-1GE00-7DC0)
|
6GK5766-1GE00-7DC0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
|
SCALANCE WAM766-1 (US) (6GK5766-1GE00-7DB0)
Siemens / SCALANCE WAM766-1 (US) (6GK5766-1GE00-7DB0)
|
6GK5766-1GE00-7DB0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
|
SCALANCE WAM766-1 EEC (6GK5766-1GE00-7TA0)
Siemens / SCALANCE WAM766-1 EEC (6GK5766-1GE00-7TA0)
|
6GK5766-1GE00-7TA0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
|
SCALANCE WAM766-1 EEC (ME) (6GK5766-1GE00-7TC0)
Siemens / SCALANCE WAM766-1 EEC (ME) (6GK5766-1GE00-7TC0)
|
6GK5766-1GE00-7TC0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
|
SCALANCE WAM766-1 EEC (US) (6GK5766-1GE00-7TB0)
Siemens / SCALANCE WAM766-1 EEC (US) (6GK5766-1GE00-7TB0)
|
6GK5766-1GE00-7TB0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
|
SCALANCE WUB762-1 (6GK5762-1AJ00-1AA0)
Siemens / SCALANCE WUB762-1 (6GK5762-1AJ00-1AA0)
|
6GK5762-1AJ00-1AA0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
|
SCALANCE WUB762-1 iFeatures (6GK5762-1AJ00-2AA0)
Siemens / SCALANCE WUB762-1 iFeatures (6GK5762-1AJ00-2AA0)
|
6GK5762-1AJ00-2AA0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
|
SCALANCE WUM763-1 (6GK5763-1AL00-3AA0)
Siemens / SCALANCE WUM763-1 (6GK5763-1AL00-3AA0)
|
6GK5763-1AL00-3AA0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
|
SCALANCE WUM763-1 (6GK5763-1AL00-3DA0)
Siemens / SCALANCE WUM763-1 (6GK5763-1AL00-3DA0)
|
6GK5763-1AL00-3DA0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
|
SCALANCE WUM763-1 (US) (6GK5763-1AL00-3AB0)
Siemens / SCALANCE WUM763-1 (US) (6GK5763-1AL00-3AB0)
|
6GK5763-1AL00-3AB0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
|
SCALANCE WUM763-1 (US) (6GK5763-1AL00-3DB0)
Siemens / SCALANCE WUM763-1 (US) (6GK5763-1AL00-3DB0)
|
6GK5763-1AL00-3DB0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
|
SCALANCE WUM766-1 (6GK5766-1GE00-3DA0)
Siemens / SCALANCE WUM766-1 (6GK5766-1GE00-3DA0)
|
6GK5766-1GE00-3DA0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
|
SCALANCE WUM766-1 (ME) (6GK5766-1GE00-3DC0)
Siemens / SCALANCE WUM766-1 (ME) (6GK5766-1GE00-3DC0)
|
6GK5766-1GE00-3DC0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
|
SCALANCE WUM766-1 (USA) (6GK5766-1GE00-3DB0)
Siemens / SCALANCE WUM766-1 (USA) (6GK5766-1GE00-3DB0)
|
6GK5766-1GE00-3DB0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
SCALANCE WAB762-1 (6GK5762-1AJ00-6AA0)
Siemens / SCALANCE WAB762-1 (6GK5762-1AJ00-6AA0)
|
6GK5762-1AJ00-6AA0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
|
SCALANCE WAM763-1 (6GK5763-1AL00-7DA0)
Siemens / SCALANCE WAM763-1 (6GK5763-1AL00-7DA0)
|
6GK5763-1AL00-7DA0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
|
SCALANCE WAM763-1 (ME) (6GK5763-1AL00-7DC0)
Siemens / SCALANCE WAM763-1 (ME) (6GK5763-1AL00-7DC0)
|
6GK5763-1AL00-7DC0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
|
SCALANCE WAM763-1 (US) (6GK5763-1AL00-7DB0)
Siemens / SCALANCE WAM763-1 (US) (6GK5763-1AL00-7DB0)
|
6GK5763-1AL00-7DB0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
|
SCALANCE WAM766-1 (6GK5766-1GE00-7DA0)
Siemens / SCALANCE WAM766-1 (6GK5766-1GE00-7DA0)
|
6GK5766-1GE00-7DA0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
|
SCALANCE WAM766-1 (ME) (6GK5766-1GE00-7DC0)
Siemens / SCALANCE WAM766-1 (ME) (6GK5766-1GE00-7DC0)
|
6GK5766-1GE00-7DC0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
|
SCALANCE WAM766-1 (US) (6GK5766-1GE00-7DB0)
Siemens / SCALANCE WAM766-1 (US) (6GK5766-1GE00-7DB0)
|
6GK5766-1GE00-7DB0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
|
SCALANCE WAM766-1 EEC (6GK5766-1GE00-7TA0)
Siemens / SCALANCE WAM766-1 EEC (6GK5766-1GE00-7TA0)
|
6GK5766-1GE00-7TA0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
|
SCALANCE WAM766-1 EEC (ME) (6GK5766-1GE00-7TC0)
Siemens / SCALANCE WAM766-1 EEC (ME) (6GK5766-1GE00-7TC0)
|
6GK5766-1GE00-7TC0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
|
SCALANCE WAM766-1 EEC (US) (6GK5766-1GE00-7TB0)
Siemens / SCALANCE WAM766-1 EEC (US) (6GK5766-1GE00-7TB0)
|
6GK5766-1GE00-7TB0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
|
SCALANCE WUB762-1 (6GK5762-1AJ00-1AA0)
Siemens / SCALANCE WUB762-1 (6GK5762-1AJ00-1AA0)
|
6GK5762-1AJ00-1AA0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
|
SCALANCE WUB762-1 iFeatures (6GK5762-1AJ00-2AA0)
Siemens / SCALANCE WUB762-1 iFeatures (6GK5762-1AJ00-2AA0)
|
6GK5762-1AJ00-2AA0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
|
SCALANCE WUM763-1 (6GK5763-1AL00-3AA0)
Siemens / SCALANCE WUM763-1 (6GK5763-1AL00-3AA0)
|
6GK5763-1AL00-3AA0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
|
SCALANCE WUM763-1 (6GK5763-1AL00-3DA0)
Siemens / SCALANCE WUM763-1 (6GK5763-1AL00-3DA0)
|
6GK5763-1AL00-3DA0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
|
SCALANCE WUM763-1 (US) (6GK5763-1AL00-3AB0)
Siemens / SCALANCE WUM763-1 (US) (6GK5763-1AL00-3AB0)
|
6GK5763-1AL00-3AB0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
|
SCALANCE WUM763-1 (US) (6GK5763-1AL00-3DB0)
Siemens / SCALANCE WUM763-1 (US) (6GK5763-1AL00-3DB0)
|
6GK5763-1AL00-3DB0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
|
SCALANCE WUM766-1 (6GK5766-1GE00-3DA0)
Siemens / SCALANCE WUM766-1 (6GK5766-1GE00-3DA0)
|
6GK5766-1GE00-3DA0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
|
SCALANCE WUM766-1 (ME) (6GK5766-1GE00-3DC0)
Siemens / SCALANCE WUM766-1 (ME) (6GK5766-1GE00-3DC0)
|
6GK5766-1GE00-3DC0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
|
SCALANCE WUM766-1 (USA) (6GK5766-1GE00-3DB0)
Siemens / SCALANCE WUM766-1 (USA) (6GK5766-1GE00-3DB0)
|
6GK5766-1GE00-3DB0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
SCALANCE WAB762-1 (6GK5762-1AJ00-6AA0)
Siemens / SCALANCE WAB762-1 (6GK5762-1AJ00-6AA0)
|
6GK5762-1AJ00-6AA0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
|
SCALANCE WAM763-1 (6GK5763-1AL00-7DA0)
Siemens / SCALANCE WAM763-1 (6GK5763-1AL00-7DA0)
|
6GK5763-1AL00-7DA0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
|
SCALANCE WAM763-1 (ME) (6GK5763-1AL00-7DC0)
Siemens / SCALANCE WAM763-1 (ME) (6GK5763-1AL00-7DC0)
|
6GK5763-1AL00-7DC0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
|
SCALANCE WAM763-1 (US) (6GK5763-1AL00-7DB0)
Siemens / SCALANCE WAM763-1 (US) (6GK5763-1AL00-7DB0)
|
6GK5763-1AL00-7DB0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
|
SCALANCE WAM766-1 (6GK5766-1GE00-7DA0)
Siemens / SCALANCE WAM766-1 (6GK5766-1GE00-7DA0)
|
6GK5766-1GE00-7DA0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
|
SCALANCE WAM766-1 (ME) (6GK5766-1GE00-7DC0)
Siemens / SCALANCE WAM766-1 (ME) (6GK5766-1GE00-7DC0)
|
6GK5766-1GE00-7DC0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
|
SCALANCE WAM766-1 (US) (6GK5766-1GE00-7DB0)
Siemens / SCALANCE WAM766-1 (US) (6GK5766-1GE00-7DB0)
|
6GK5766-1GE00-7DB0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
|
SCALANCE WAM766-1 EEC (6GK5766-1GE00-7TA0)
Siemens / SCALANCE WAM766-1 EEC (6GK5766-1GE00-7TA0)
|
6GK5766-1GE00-7TA0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
|
SCALANCE WAM766-1 EEC (ME) (6GK5766-1GE00-7TC0)
Siemens / SCALANCE WAM766-1 EEC (ME) (6GK5766-1GE00-7TC0)
|
6GK5766-1GE00-7TC0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
|
SCALANCE WAM766-1 EEC (US) (6GK5766-1GE00-7TB0)
Siemens / SCALANCE WAM766-1 EEC (US) (6GK5766-1GE00-7TB0)
|
6GK5766-1GE00-7TB0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
|
SCALANCE WUB762-1 (6GK5762-1AJ00-1AA0)
Siemens / SCALANCE WUB762-1 (6GK5762-1AJ00-1AA0)
|
6GK5762-1AJ00-1AA0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
|
SCALANCE WUB762-1 iFeatures (6GK5762-1AJ00-2AA0)
Siemens / SCALANCE WUB762-1 iFeatures (6GK5762-1AJ00-2AA0)
|
6GK5762-1AJ00-2AA0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
|
SCALANCE WUM763-1 (6GK5763-1AL00-3AA0)
Siemens / SCALANCE WUM763-1 (6GK5763-1AL00-3AA0)
|
6GK5763-1AL00-3AA0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
|
SCALANCE WUM763-1 (6GK5763-1AL00-3DA0)
Siemens / SCALANCE WUM763-1 (6GK5763-1AL00-3DA0)
|
6GK5763-1AL00-3DA0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
|
SCALANCE WUM763-1 (US) (6GK5763-1AL00-3AB0)
Siemens / SCALANCE WUM763-1 (US) (6GK5763-1AL00-3AB0)
|
6GK5763-1AL00-3AB0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
|
SCALANCE WUM763-1 (US) (6GK5763-1AL00-3DB0)
Siemens / SCALANCE WUM763-1 (US) (6GK5763-1AL00-3DB0)
|
6GK5763-1AL00-3DB0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
|
SCALANCE WUM766-1 (6GK5766-1GE00-3DA0)
Siemens / SCALANCE WUM766-1 (6GK5766-1GE00-3DA0)
|
6GK5766-1GE00-3DA0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
|
SCALANCE WUM766-1 (ME) (6GK5766-1GE00-3DC0)
Siemens / SCALANCE WUM766-1 (ME) (6GK5766-1GE00-3DC0)
|
6GK5766-1GE00-3DC0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
|
SCALANCE WUM766-1 (USA) (6GK5766-1GE00-3DB0)
Siemens / SCALANCE WUM766-1 (USA) (6GK5766-1GE00-3DB0)
|
6GK5766-1GE00-3DB0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
SCALANCE WAB762-1 (6GK5762-1AJ00-6AA0)
Siemens / SCALANCE WAB762-1 (6GK5762-1AJ00-6AA0)
|
6GK5762-1AJ00-6AA0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
|
SCALANCE WAM763-1 (6GK5763-1AL00-7DA0)
Siemens / SCALANCE WAM763-1 (6GK5763-1AL00-7DA0)
|
6GK5763-1AL00-7DA0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
|
SCALANCE WAM763-1 (ME) (6GK5763-1AL00-7DC0)
Siemens / SCALANCE WAM763-1 (ME) (6GK5763-1AL00-7DC0)
|
6GK5763-1AL00-7DC0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
|
SCALANCE WAM763-1 (US) (6GK5763-1AL00-7DB0)
Siemens / SCALANCE WAM763-1 (US) (6GK5763-1AL00-7DB0)
|
6GK5763-1AL00-7DB0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
|
SCALANCE WAM766-1 (6GK5766-1GE00-7DA0)
Siemens / SCALANCE WAM766-1 (6GK5766-1GE00-7DA0)
|
6GK5766-1GE00-7DA0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
|
SCALANCE WAM766-1 (ME) (6GK5766-1GE00-7DC0)
Siemens / SCALANCE WAM766-1 (ME) (6GK5766-1GE00-7DC0)
|
6GK5766-1GE00-7DC0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
|
SCALANCE WAM766-1 (US) (6GK5766-1GE00-7DB0)
Siemens / SCALANCE WAM766-1 (US) (6GK5766-1GE00-7DB0)
|
6GK5766-1GE00-7DB0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
|
SCALANCE WAM766-1 EEC (6GK5766-1GE00-7TA0)
Siemens / SCALANCE WAM766-1 EEC (6GK5766-1GE00-7TA0)
|
6GK5766-1GE00-7TA0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
|
SCALANCE WAM766-1 EEC (ME) (6GK5766-1GE00-7TC0)
Siemens / SCALANCE WAM766-1 EEC (ME) (6GK5766-1GE00-7TC0)
|
6GK5766-1GE00-7TC0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
|
SCALANCE WAM766-1 EEC (US) (6GK5766-1GE00-7TB0)
Siemens / SCALANCE WAM766-1 EEC (US) (6GK5766-1GE00-7TB0)
|
6GK5766-1GE00-7TB0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
|
SCALANCE WUB762-1 (6GK5762-1AJ00-1AA0)
Siemens / SCALANCE WUB762-1 (6GK5762-1AJ00-1AA0)
|
6GK5762-1AJ00-1AA0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
|
SCALANCE WUB762-1 iFeatures (6GK5762-1AJ00-2AA0)
Siemens / SCALANCE WUB762-1 iFeatures (6GK5762-1AJ00-2AA0)
|
6GK5762-1AJ00-2AA0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
|
SCALANCE WUM763-1 (6GK5763-1AL00-3AA0)
Siemens / SCALANCE WUM763-1 (6GK5763-1AL00-3AA0)
|
6GK5763-1AL00-3AA0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
|
SCALANCE WUM763-1 (6GK5763-1AL00-3DA0)
Siemens / SCALANCE WUM763-1 (6GK5763-1AL00-3DA0)
|
6GK5763-1AL00-3DA0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
|
SCALANCE WUM763-1 (US) (6GK5763-1AL00-3AB0)
Siemens / SCALANCE WUM763-1 (US) (6GK5763-1AL00-3AB0)
|
6GK5763-1AL00-3AB0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
|
SCALANCE WUM763-1 (US) (6GK5763-1AL00-3DB0)
Siemens / SCALANCE WUM763-1 (US) (6GK5763-1AL00-3DB0)
|
6GK5763-1AL00-3DB0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
|
SCALANCE WUM766-1 (6GK5766-1GE00-3DA0)
Siemens / SCALANCE WUM766-1 (6GK5766-1GE00-3DA0)
|
6GK5766-1GE00-3DA0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
|
SCALANCE WUM766-1 (ME) (6GK5766-1GE00-3DC0)
Siemens / SCALANCE WUM766-1 (ME) (6GK5766-1GE00-3DC0)
|
6GK5766-1GE00-3DC0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
|
SCALANCE WUM766-1 (USA) (6GK5766-1GE00-3DB0)
Siemens / SCALANCE WUM766-1 (USA) (6GK5766-1GE00-3DB0)
|
6GK5766-1GE00-3DB0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
SCALANCE WAB762-1 (6GK5762-1AJ00-6AA0)
Siemens / SCALANCE WAB762-1 (6GK5762-1AJ00-6AA0)
|
6GK5762-1AJ00-6AA0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
|
SCALANCE WAM763-1 (6GK5763-1AL00-7DA0)
Siemens / SCALANCE WAM763-1 (6GK5763-1AL00-7DA0)
|
6GK5763-1AL00-7DA0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
|
SCALANCE WAM763-1 (ME) (6GK5763-1AL00-7DC0)
Siemens / SCALANCE WAM763-1 (ME) (6GK5763-1AL00-7DC0)
|
6GK5763-1AL00-7DC0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
|
SCALANCE WAM763-1 (US) (6GK5763-1AL00-7DB0)
Siemens / SCALANCE WAM763-1 (US) (6GK5763-1AL00-7DB0)
|
6GK5763-1AL00-7DB0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
|
SCALANCE WAM766-1 (6GK5766-1GE00-7DA0)
Siemens / SCALANCE WAM766-1 (6GK5766-1GE00-7DA0)
|
6GK5766-1GE00-7DA0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
|
SCALANCE WAM766-1 (ME) (6GK5766-1GE00-7DC0)
Siemens / SCALANCE WAM766-1 (ME) (6GK5766-1GE00-7DC0)
|
6GK5766-1GE00-7DC0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
|
SCALANCE WAM766-1 (US) (6GK5766-1GE00-7DB0)
Siemens / SCALANCE WAM766-1 (US) (6GK5766-1GE00-7DB0)
|
6GK5766-1GE00-7DB0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
|
SCALANCE WAM766-1 EEC (6GK5766-1GE00-7TA0)
Siemens / SCALANCE WAM766-1 EEC (6GK5766-1GE00-7TA0)
|
6GK5766-1GE00-7TA0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
|
SCALANCE WAM766-1 EEC (ME) (6GK5766-1GE00-7TC0)
Siemens / SCALANCE WAM766-1 EEC (ME) (6GK5766-1GE00-7TC0)
|
6GK5766-1GE00-7TC0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
|
SCALANCE WAM766-1 EEC (US) (6GK5766-1GE00-7TB0)
Siemens / SCALANCE WAM766-1 EEC (US) (6GK5766-1GE00-7TB0)
|
6GK5766-1GE00-7TB0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
|
SCALANCE WUB762-1 (6GK5762-1AJ00-1AA0)
Siemens / SCALANCE WUB762-1 (6GK5762-1AJ00-1AA0)
|
6GK5762-1AJ00-1AA0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
|
SCALANCE WUB762-1 iFeatures (6GK5762-1AJ00-2AA0)
Siemens / SCALANCE WUB762-1 iFeatures (6GK5762-1AJ00-2AA0)
|
6GK5762-1AJ00-2AA0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
|
SCALANCE WUM763-1 (6GK5763-1AL00-3AA0)
Siemens / SCALANCE WUM763-1 (6GK5763-1AL00-3AA0)
|
6GK5763-1AL00-3AA0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
|
SCALANCE WUM763-1 (6GK5763-1AL00-3DA0)
Siemens / SCALANCE WUM763-1 (6GK5763-1AL00-3DA0)
|
6GK5763-1AL00-3DA0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
|
SCALANCE WUM763-1 (US) (6GK5763-1AL00-3AB0)
Siemens / SCALANCE WUM763-1 (US) (6GK5763-1AL00-3AB0)
|
6GK5763-1AL00-3AB0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
|
SCALANCE WUM763-1 (US) (6GK5763-1AL00-3DB0)
Siemens / SCALANCE WUM763-1 (US) (6GK5763-1AL00-3DB0)
|
6GK5763-1AL00-3DB0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
|
SCALANCE WUM766-1 (6GK5766-1GE00-3DA0)
Siemens / SCALANCE WUM766-1 (6GK5766-1GE00-3DA0)
|
6GK5766-1GE00-3DA0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
|
SCALANCE WUM766-1 (ME) (6GK5766-1GE00-3DC0)
Siemens / SCALANCE WUM766-1 (ME) (6GK5766-1GE00-3DC0)
|
6GK5766-1GE00-3DC0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
|
SCALANCE WUM766-1 (USA) (6GK5766-1GE00-3DB0)
Siemens / SCALANCE WUM766-1 (USA) (6GK5766-1GE00-3DB0)
|
6GK5766-1GE00-3DB0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
SCALANCE WAB762-1 (6GK5762-1AJ00-6AA0)
Siemens / SCALANCE WAB762-1 (6GK5762-1AJ00-6AA0)
|
6GK5762-1AJ00-6AA0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
|
SCALANCE WAM763-1 (6GK5763-1AL00-7DA0)
Siemens / SCALANCE WAM763-1 (6GK5763-1AL00-7DA0)
|
6GK5763-1AL00-7DA0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
|
SCALANCE WAM763-1 (ME) (6GK5763-1AL00-7DC0)
Siemens / SCALANCE WAM763-1 (ME) (6GK5763-1AL00-7DC0)
|
6GK5763-1AL00-7DC0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
|
SCALANCE WAM763-1 (US) (6GK5763-1AL00-7DB0)
Siemens / SCALANCE WAM763-1 (US) (6GK5763-1AL00-7DB0)
|
6GK5763-1AL00-7DB0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
|
SCALANCE WAM766-1 (6GK5766-1GE00-7DA0)
Siemens / SCALANCE WAM766-1 (6GK5766-1GE00-7DA0)
|
6GK5766-1GE00-7DA0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
|
SCALANCE WAM766-1 (ME) (6GK5766-1GE00-7DC0)
Siemens / SCALANCE WAM766-1 (ME) (6GK5766-1GE00-7DC0)
|
6GK5766-1GE00-7DC0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
|
SCALANCE WAM766-1 (US) (6GK5766-1GE00-7DB0)
Siemens / SCALANCE WAM766-1 (US) (6GK5766-1GE00-7DB0)
|
6GK5766-1GE00-7DB0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
|
SCALANCE WAM766-1 EEC (6GK5766-1GE00-7TA0)
Siemens / SCALANCE WAM766-1 EEC (6GK5766-1GE00-7TA0)
|
6GK5766-1GE00-7TA0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
|
SCALANCE WAM766-1 EEC (ME) (6GK5766-1GE00-7TC0)
Siemens / SCALANCE WAM766-1 EEC (ME) (6GK5766-1GE00-7TC0)
|
6GK5766-1GE00-7TC0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
|
SCALANCE WAM766-1 EEC (US) (6GK5766-1GE00-7TB0)
Siemens / SCALANCE WAM766-1 EEC (US) (6GK5766-1GE00-7TB0)
|
6GK5766-1GE00-7TB0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
|
SCALANCE WUB762-1 (6GK5762-1AJ00-1AA0)
Siemens / SCALANCE WUB762-1 (6GK5762-1AJ00-1AA0)
|
6GK5762-1AJ00-1AA0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
|
SCALANCE WUB762-1 iFeatures (6GK5762-1AJ00-2AA0)
Siemens / SCALANCE WUB762-1 iFeatures (6GK5762-1AJ00-2AA0)
|
6GK5762-1AJ00-2AA0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
|
SCALANCE WUM763-1 (6GK5763-1AL00-3AA0)
Siemens / SCALANCE WUM763-1 (6GK5763-1AL00-3AA0)
|
6GK5763-1AL00-3AA0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
|
SCALANCE WUM763-1 (6GK5763-1AL00-3DA0)
Siemens / SCALANCE WUM763-1 (6GK5763-1AL00-3DA0)
|
6GK5763-1AL00-3DA0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
|
SCALANCE WUM763-1 (US) (6GK5763-1AL00-3AB0)
Siemens / SCALANCE WUM763-1 (US) (6GK5763-1AL00-3AB0)
|
6GK5763-1AL00-3AB0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
|
SCALANCE WUM763-1 (US) (6GK5763-1AL00-3DB0)
Siemens / SCALANCE WUM763-1 (US) (6GK5763-1AL00-3DB0)
|
6GK5763-1AL00-3DB0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
|
SCALANCE WUM766-1 (6GK5766-1GE00-3DA0)
Siemens / SCALANCE WUM766-1 (6GK5766-1GE00-3DA0)
|
6GK5766-1GE00-3DA0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
|
SCALANCE WUM766-1 (ME) (6GK5766-1GE00-3DC0)
Siemens / SCALANCE WUM766-1 (ME) (6GK5766-1GE00-3DC0)
|
6GK5766-1GE00-3DC0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
|
SCALANCE WUM766-1 (USA) (6GK5766-1GE00-3DB0)
Siemens / SCALANCE WUM766-1 (USA) (6GK5766-1GE00-3DB0)
|
6GK5766-1GE00-3DB0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
SCALANCE WAB762-1 (6GK5762-1AJ00-6AA0)
Siemens / SCALANCE WAB762-1 (6GK5762-1AJ00-6AA0)
|
6GK5762-1AJ00-6AA0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
|
SCALANCE WAM763-1 (6GK5763-1AL00-7DA0)
Siemens / SCALANCE WAM763-1 (6GK5763-1AL00-7DA0)
|
6GK5763-1AL00-7DA0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
|
SCALANCE WAM763-1 (ME) (6GK5763-1AL00-7DC0)
Siemens / SCALANCE WAM763-1 (ME) (6GK5763-1AL00-7DC0)
|
6GK5763-1AL00-7DC0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
|
SCALANCE WAM763-1 (US) (6GK5763-1AL00-7DB0)
Siemens / SCALANCE WAM763-1 (US) (6GK5763-1AL00-7DB0)
|
6GK5763-1AL00-7DB0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
|
SCALANCE WAM766-1 (6GK5766-1GE00-7DA0)
Siemens / SCALANCE WAM766-1 (6GK5766-1GE00-7DA0)
|
6GK5766-1GE00-7DA0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
|
SCALANCE WAM766-1 (ME) (6GK5766-1GE00-7DC0)
Siemens / SCALANCE WAM766-1 (ME) (6GK5766-1GE00-7DC0)
|
6GK5766-1GE00-7DC0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
|
SCALANCE WAM766-1 (US) (6GK5766-1GE00-7DB0)
Siemens / SCALANCE WAM766-1 (US) (6GK5766-1GE00-7DB0)
|
6GK5766-1GE00-7DB0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
|
SCALANCE WAM766-1 EEC (6GK5766-1GE00-7TA0)
Siemens / SCALANCE WAM766-1 EEC (6GK5766-1GE00-7TA0)
|
6GK5766-1GE00-7TA0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
|
SCALANCE WAM766-1 EEC (ME) (6GK5766-1GE00-7TC0)
Siemens / SCALANCE WAM766-1 EEC (ME) (6GK5766-1GE00-7TC0)
|
6GK5766-1GE00-7TC0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
|
SCALANCE WAM766-1 EEC (US) (6GK5766-1GE00-7TB0)
Siemens / SCALANCE WAM766-1 EEC (US) (6GK5766-1GE00-7TB0)
|
6GK5766-1GE00-7TB0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
|
SCALANCE WUB762-1 (6GK5762-1AJ00-1AA0)
Siemens / SCALANCE WUB762-1 (6GK5762-1AJ00-1AA0)
|
6GK5762-1AJ00-1AA0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
|
SCALANCE WUB762-1 iFeatures (6GK5762-1AJ00-2AA0)
Siemens / SCALANCE WUB762-1 iFeatures (6GK5762-1AJ00-2AA0)
|
6GK5762-1AJ00-2AA0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
|
SCALANCE WUM763-1 (6GK5763-1AL00-3AA0)
Siemens / SCALANCE WUM763-1 (6GK5763-1AL00-3AA0)
|
6GK5763-1AL00-3AA0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
|
SCALANCE WUM763-1 (6GK5763-1AL00-3DA0)
Siemens / SCALANCE WUM763-1 (6GK5763-1AL00-3DA0)
|
6GK5763-1AL00-3DA0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
|
SCALANCE WUM763-1 (US) (6GK5763-1AL00-3AB0)
Siemens / SCALANCE WUM763-1 (US) (6GK5763-1AL00-3AB0)
|
6GK5763-1AL00-3AB0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
|
SCALANCE WUM763-1 (US) (6GK5763-1AL00-3DB0)
Siemens / SCALANCE WUM763-1 (US) (6GK5763-1AL00-3DB0)
|
6GK5763-1AL00-3DB0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
|
SCALANCE WUM766-1 (6GK5766-1GE00-3DA0)
Siemens / SCALANCE WUM766-1 (6GK5766-1GE00-3DA0)
|
6GK5766-1GE00-3DA0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
|
SCALANCE WUM766-1 (ME) (6GK5766-1GE00-3DC0)
Siemens / SCALANCE WUM766-1 (ME) (6GK5766-1GE00-3DC0)
|
6GK5766-1GE00-3DC0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
|
SCALANCE WUM766-1 (USA) (6GK5766-1GE00-3DB0)
Siemens / SCALANCE WUM766-1 (USA) (6GK5766-1GE00-3DB0)
|
6GK5766-1GE00-3DB0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
SCALANCE WAB762-1 (6GK5762-1AJ00-6AA0)
Siemens / SCALANCE WAB762-1 (6GK5762-1AJ00-6AA0)
|
6GK5762-1AJ00-6AA0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
|
SCALANCE WAM763-1 (6GK5763-1AL00-7DA0)
Siemens / SCALANCE WAM763-1 (6GK5763-1AL00-7DA0)
|
6GK5763-1AL00-7DA0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
|
SCALANCE WAM763-1 (ME) (6GK5763-1AL00-7DC0)
Siemens / SCALANCE WAM763-1 (ME) (6GK5763-1AL00-7DC0)
|
6GK5763-1AL00-7DC0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
|
SCALANCE WAM763-1 (US) (6GK5763-1AL00-7DB0)
Siemens / SCALANCE WAM763-1 (US) (6GK5763-1AL00-7DB0)
|
6GK5763-1AL00-7DB0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
|
SCALANCE WAM766-1 (6GK5766-1GE00-7DA0)
Siemens / SCALANCE WAM766-1 (6GK5766-1GE00-7DA0)
|
6GK5766-1GE00-7DA0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
|
SCALANCE WAM766-1 (ME) (6GK5766-1GE00-7DC0)
Siemens / SCALANCE WAM766-1 (ME) (6GK5766-1GE00-7DC0)
|
6GK5766-1GE00-7DC0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
|
SCALANCE WAM766-1 (US) (6GK5766-1GE00-7DB0)
Siemens / SCALANCE WAM766-1 (US) (6GK5766-1GE00-7DB0)
|
6GK5766-1GE00-7DB0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
|
SCALANCE WAM766-1 EEC (6GK5766-1GE00-7TA0)
Siemens / SCALANCE WAM766-1 EEC (6GK5766-1GE00-7TA0)
|
6GK5766-1GE00-7TA0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
|
SCALANCE WAM766-1 EEC (ME) (6GK5766-1GE00-7TC0)
Siemens / SCALANCE WAM766-1 EEC (ME) (6GK5766-1GE00-7TC0)
|
6GK5766-1GE00-7TC0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
|
SCALANCE WAM766-1 EEC (US) (6GK5766-1GE00-7TB0)
Siemens / SCALANCE WAM766-1 EEC (US) (6GK5766-1GE00-7TB0)
|
6GK5766-1GE00-7TB0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
|
SCALANCE WUB762-1 (6GK5762-1AJ00-1AA0)
Siemens / SCALANCE WUB762-1 (6GK5762-1AJ00-1AA0)
|
6GK5762-1AJ00-1AA0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
|
SCALANCE WUB762-1 iFeatures (6GK5762-1AJ00-2AA0)
Siemens / SCALANCE WUB762-1 iFeatures (6GK5762-1AJ00-2AA0)
|
6GK5762-1AJ00-2AA0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
|
SCALANCE WUM763-1 (6GK5763-1AL00-3AA0)
Siemens / SCALANCE WUM763-1 (6GK5763-1AL00-3AA0)
|
6GK5763-1AL00-3AA0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
|
SCALANCE WUM763-1 (6GK5763-1AL00-3DA0)
Siemens / SCALANCE WUM763-1 (6GK5763-1AL00-3DA0)
|
6GK5763-1AL00-3DA0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
|
SCALANCE WUM763-1 (US) (6GK5763-1AL00-3AB0)
Siemens / SCALANCE WUM763-1 (US) (6GK5763-1AL00-3AB0)
|
6GK5763-1AL00-3AB0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
|
SCALANCE WUM763-1 (US) (6GK5763-1AL00-3DB0)
Siemens / SCALANCE WUM763-1 (US) (6GK5763-1AL00-3DB0)
|
6GK5763-1AL00-3DB0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
|
SCALANCE WUM766-1 (6GK5766-1GE00-3DA0)
Siemens / SCALANCE WUM766-1 (6GK5766-1GE00-3DA0)
|
6GK5766-1GE00-3DA0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
|
SCALANCE WUM766-1 (ME) (6GK5766-1GE00-3DC0)
Siemens / SCALANCE WUM766-1 (ME) (6GK5766-1GE00-3DC0)
|
6GK5766-1GE00-3DC0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
|
SCALANCE WUM766-1 (USA) (6GK5766-1GE00-3DB0)
Siemens / SCALANCE WUM766-1 (USA) (6GK5766-1GE00-3DB0)
|
6GK5766-1GE00-3DB0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
SCALANCE WAB762-1 (6GK5762-1AJ00-6AA0)
Siemens / SCALANCE WAB762-1 (6GK5762-1AJ00-6AA0)
|
6GK5762-1AJ00-6AA0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
|
SCALANCE WAM763-1 (6GK5763-1AL00-7DA0)
Siemens / SCALANCE WAM763-1 (6GK5763-1AL00-7DA0)
|
6GK5763-1AL00-7DA0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
|
SCALANCE WAM763-1 (ME) (6GK5763-1AL00-7DC0)
Siemens / SCALANCE WAM763-1 (ME) (6GK5763-1AL00-7DC0)
|
6GK5763-1AL00-7DC0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
|
SCALANCE WAM763-1 (US) (6GK5763-1AL00-7DB0)
Siemens / SCALANCE WAM763-1 (US) (6GK5763-1AL00-7DB0)
|
6GK5763-1AL00-7DB0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
|
SCALANCE WAM766-1 (6GK5766-1GE00-7DA0)
Siemens / SCALANCE WAM766-1 (6GK5766-1GE00-7DA0)
|
6GK5766-1GE00-7DA0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
|
SCALANCE WAM766-1 (ME) (6GK5766-1GE00-7DC0)
Siemens / SCALANCE WAM766-1 (ME) (6GK5766-1GE00-7DC0)
|
6GK5766-1GE00-7DC0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
|
SCALANCE WAM766-1 (US) (6GK5766-1GE00-7DB0)
Siemens / SCALANCE WAM766-1 (US) (6GK5766-1GE00-7DB0)
|
6GK5766-1GE00-7DB0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
|
SCALANCE WAM766-1 EEC (6GK5766-1GE00-7TA0)
Siemens / SCALANCE WAM766-1 EEC (6GK5766-1GE00-7TA0)
|
6GK5766-1GE00-7TA0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
|
SCALANCE WAM766-1 EEC (ME) (6GK5766-1GE00-7TC0)
Siemens / SCALANCE WAM766-1 EEC (ME) (6GK5766-1GE00-7TC0)
|
6GK5766-1GE00-7TC0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
|
SCALANCE WAM766-1 EEC (US) (6GK5766-1GE00-7TB0)
Siemens / SCALANCE WAM766-1 EEC (US) (6GK5766-1GE00-7TB0)
|
6GK5766-1GE00-7TB0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
|
SCALANCE WUB762-1 (6GK5762-1AJ00-1AA0)
Siemens / SCALANCE WUB762-1 (6GK5762-1AJ00-1AA0)
|
6GK5762-1AJ00-1AA0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
|
SCALANCE WUB762-1 iFeatures (6GK5762-1AJ00-2AA0)
Siemens / SCALANCE WUB762-1 iFeatures (6GK5762-1AJ00-2AA0)
|
6GK5762-1AJ00-2AA0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
|
SCALANCE WUM763-1 (6GK5763-1AL00-3AA0)
Siemens / SCALANCE WUM763-1 (6GK5763-1AL00-3AA0)
|
6GK5763-1AL00-3AA0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
|
SCALANCE WUM763-1 (6GK5763-1AL00-3DA0)
Siemens / SCALANCE WUM763-1 (6GK5763-1AL00-3DA0)
|
6GK5763-1AL00-3DA0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
|
SCALANCE WUM763-1 (US) (6GK5763-1AL00-3AB0)
Siemens / SCALANCE WUM763-1 (US) (6GK5763-1AL00-3AB0)
|
6GK5763-1AL00-3AB0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
|
SCALANCE WUM763-1 (US) (6GK5763-1AL00-3DB0)
Siemens / SCALANCE WUM763-1 (US) (6GK5763-1AL00-3DB0)
|
6GK5763-1AL00-3DB0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
|
SCALANCE WUM766-1 (6GK5766-1GE00-3DA0)
Siemens / SCALANCE WUM766-1 (6GK5766-1GE00-3DA0)
|
6GK5766-1GE00-3DA0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
|
SCALANCE WUM766-1 (ME) (6GK5766-1GE00-3DC0)
Siemens / SCALANCE WUM766-1 (ME) (6GK5766-1GE00-3DC0)
|
6GK5766-1GE00-3DC0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
|
SCALANCE WUM766-1 (USA) (6GK5766-1GE00-3DB0)
Siemens / SCALANCE WUM766-1 (USA) (6GK5766-1GE00-3DB0)
|
6GK5766-1GE00-3DB0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
SCALANCE WAB762-1 (6GK5762-1AJ00-6AA0)
Siemens / SCALANCE WAB762-1 (6GK5762-1AJ00-6AA0)
|
6GK5762-1AJ00-6AA0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
|
SCALANCE WAM763-1 (6GK5763-1AL00-7DA0)
Siemens / SCALANCE WAM763-1 (6GK5763-1AL00-7DA0)
|
6GK5763-1AL00-7DA0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
|
SCALANCE WAM763-1 (ME) (6GK5763-1AL00-7DC0)
Siemens / SCALANCE WAM763-1 (ME) (6GK5763-1AL00-7DC0)
|
6GK5763-1AL00-7DC0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
|
SCALANCE WAM763-1 (US) (6GK5763-1AL00-7DB0)
Siemens / SCALANCE WAM763-1 (US) (6GK5763-1AL00-7DB0)
|
6GK5763-1AL00-7DB0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
|
SCALANCE WAM766-1 (6GK5766-1GE00-7DA0)
Siemens / SCALANCE WAM766-1 (6GK5766-1GE00-7DA0)
|
6GK5766-1GE00-7DA0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
|
SCALANCE WAM766-1 (ME) (6GK5766-1GE00-7DC0)
Siemens / SCALANCE WAM766-1 (ME) (6GK5766-1GE00-7DC0)
|
6GK5766-1GE00-7DC0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
|
SCALANCE WAM766-1 (US) (6GK5766-1GE00-7DB0)
Siemens / SCALANCE WAM766-1 (US) (6GK5766-1GE00-7DB0)
|
6GK5766-1GE00-7DB0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
|
SCALANCE WAM766-1 EEC (6GK5766-1GE00-7TA0)
Siemens / SCALANCE WAM766-1 EEC (6GK5766-1GE00-7TA0)
|
6GK5766-1GE00-7TA0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
|
SCALANCE WAM766-1 EEC (ME) (6GK5766-1GE00-7TC0)
Siemens / SCALANCE WAM766-1 EEC (ME) (6GK5766-1GE00-7TC0)
|
6GK5766-1GE00-7TC0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
|
SCALANCE WAM766-1 EEC (US) (6GK5766-1GE00-7TB0)
Siemens / SCALANCE WAM766-1 EEC (US) (6GK5766-1GE00-7TB0)
|
6GK5766-1GE00-7TB0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
|
SCALANCE WUB762-1 (6GK5762-1AJ00-1AA0)
Siemens / SCALANCE WUB762-1 (6GK5762-1AJ00-1AA0)
|
6GK5762-1AJ00-1AA0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
|
SCALANCE WUB762-1 iFeatures (6GK5762-1AJ00-2AA0)
Siemens / SCALANCE WUB762-1 iFeatures (6GK5762-1AJ00-2AA0)
|
6GK5762-1AJ00-2AA0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
|
SCALANCE WUM763-1 (6GK5763-1AL00-3AA0)
Siemens / SCALANCE WUM763-1 (6GK5763-1AL00-3AA0)
|
6GK5763-1AL00-3AA0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
|
SCALANCE WUM763-1 (6GK5763-1AL00-3DA0)
Siemens / SCALANCE WUM763-1 (6GK5763-1AL00-3DA0)
|
6GK5763-1AL00-3DA0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
|
SCALANCE WUM763-1 (US) (6GK5763-1AL00-3AB0)
Siemens / SCALANCE WUM763-1 (US) (6GK5763-1AL00-3AB0)
|
6GK5763-1AL00-3AB0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
|
SCALANCE WUM763-1 (US) (6GK5763-1AL00-3DB0)
Siemens / SCALANCE WUM763-1 (US) (6GK5763-1AL00-3DB0)
|
6GK5763-1AL00-3DB0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
|
SCALANCE WUM766-1 (6GK5766-1GE00-3DA0)
Siemens / SCALANCE WUM766-1 (6GK5766-1GE00-3DA0)
|
6GK5766-1GE00-3DA0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
|
SCALANCE WUM766-1 (ME) (6GK5766-1GE00-3DC0)
Siemens / SCALANCE WUM766-1 (ME) (6GK5766-1GE00-3DC0)
|
6GK5766-1GE00-3DC0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
|
SCALANCE WUM766-1 (USA) (6GK5766-1GE00-3DB0)
Siemens / SCALANCE WUM766-1 (USA) (6GK5766-1GE00-3DB0)
|
6GK5766-1GE00-3DB0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
SCALANCE WAB762-1 (6GK5762-1AJ00-6AA0)
Siemens / SCALANCE WAB762-1 (6GK5762-1AJ00-6AA0)
|
6GK5762-1AJ00-6AA0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
|
SCALANCE WAM763-1 (6GK5763-1AL00-7DA0)
Siemens / SCALANCE WAM763-1 (6GK5763-1AL00-7DA0)
|
6GK5763-1AL00-7DA0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
|
SCALANCE WAM763-1 (ME) (6GK5763-1AL00-7DC0)
Siemens / SCALANCE WAM763-1 (ME) (6GK5763-1AL00-7DC0)
|
6GK5763-1AL00-7DC0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
|
SCALANCE WAM763-1 (US) (6GK5763-1AL00-7DB0)
Siemens / SCALANCE WAM763-1 (US) (6GK5763-1AL00-7DB0)
|
6GK5763-1AL00-7DB0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
|
SCALANCE WAM766-1 (6GK5766-1GE00-7DA0)
Siemens / SCALANCE WAM766-1 (6GK5766-1GE00-7DA0)
|
6GK5766-1GE00-7DA0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
|
SCALANCE WAM766-1 (ME) (6GK5766-1GE00-7DC0)
Siemens / SCALANCE WAM766-1 (ME) (6GK5766-1GE00-7DC0)
|
6GK5766-1GE00-7DC0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
|
SCALANCE WAM766-1 (US) (6GK5766-1GE00-7DB0)
Siemens / SCALANCE WAM766-1 (US) (6GK5766-1GE00-7DB0)
|
6GK5766-1GE00-7DB0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
|
SCALANCE WAM766-1 EEC (6GK5766-1GE00-7TA0)
Siemens / SCALANCE WAM766-1 EEC (6GK5766-1GE00-7TA0)
|
6GK5766-1GE00-7TA0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
|
SCALANCE WAM766-1 EEC (ME) (6GK5766-1GE00-7TC0)
Siemens / SCALANCE WAM766-1 EEC (ME) (6GK5766-1GE00-7TC0)
|
6GK5766-1GE00-7TC0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
|
SCALANCE WAM766-1 EEC (US) (6GK5766-1GE00-7TB0)
Siemens / SCALANCE WAM766-1 EEC (US) (6GK5766-1GE00-7TB0)
|
6GK5766-1GE00-7TB0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
|
SCALANCE WUB762-1 (6GK5762-1AJ00-1AA0)
Siemens / SCALANCE WUB762-1 (6GK5762-1AJ00-1AA0)
|
6GK5762-1AJ00-1AA0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
|
SCALANCE WUB762-1 iFeatures (6GK5762-1AJ00-2AA0)
Siemens / SCALANCE WUB762-1 iFeatures (6GK5762-1AJ00-2AA0)
|
6GK5762-1AJ00-2AA0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
|
SCALANCE WUM763-1 (6GK5763-1AL00-3AA0)
Siemens / SCALANCE WUM763-1 (6GK5763-1AL00-3AA0)
|
6GK5763-1AL00-3AA0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
|
SCALANCE WUM763-1 (6GK5763-1AL00-3DA0)
Siemens / SCALANCE WUM763-1 (6GK5763-1AL00-3DA0)
|
6GK5763-1AL00-3DA0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
|
SCALANCE WUM763-1 (US) (6GK5763-1AL00-3AB0)
Siemens / SCALANCE WUM763-1 (US) (6GK5763-1AL00-3AB0)
|
6GK5763-1AL00-3AB0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
|
SCALANCE WUM763-1 (US) (6GK5763-1AL00-3DB0)
Siemens / SCALANCE WUM763-1 (US) (6GK5763-1AL00-3DB0)
|
6GK5763-1AL00-3DB0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
|
SCALANCE WUM766-1 (6GK5766-1GE00-3DA0)
Siemens / SCALANCE WUM766-1 (6GK5766-1GE00-3DA0)
|
6GK5766-1GE00-3DA0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
|
SCALANCE WUM766-1 (ME) (6GK5766-1GE00-3DC0)
Siemens / SCALANCE WUM766-1 (ME) (6GK5766-1GE00-3DC0)
|
6GK5766-1GE00-3DC0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
|
SCALANCE WUM766-1 (USA) (6GK5766-1GE00-3DB0)
Siemens / SCALANCE WUM766-1 (USA) (6GK5766-1GE00-3DB0)
|
6GK5766-1GE00-3DB0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
SCALANCE WAB762-1 (6GK5762-1AJ00-6AA0)
Siemens / SCALANCE WAB762-1 (6GK5762-1AJ00-6AA0)
|
6GK5762-1AJ00-6AA0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
|
SCALANCE WAM763-1 (6GK5763-1AL00-7DA0)
Siemens / SCALANCE WAM763-1 (6GK5763-1AL00-7DA0)
|
6GK5763-1AL00-7DA0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
|
SCALANCE WAM763-1 (ME) (6GK5763-1AL00-7DC0)
Siemens / SCALANCE WAM763-1 (ME) (6GK5763-1AL00-7DC0)
|
6GK5763-1AL00-7DC0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
|
SCALANCE WAM763-1 (US) (6GK5763-1AL00-7DB0)
Siemens / SCALANCE WAM763-1 (US) (6GK5763-1AL00-7DB0)
|
6GK5763-1AL00-7DB0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
|
SCALANCE WAM766-1 (6GK5766-1GE00-7DA0)
Siemens / SCALANCE WAM766-1 (6GK5766-1GE00-7DA0)
|
6GK5766-1GE00-7DA0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
|
SCALANCE WAM766-1 (ME) (6GK5766-1GE00-7DC0)
Siemens / SCALANCE WAM766-1 (ME) (6GK5766-1GE00-7DC0)
|
6GK5766-1GE00-7DC0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
|
SCALANCE WAM766-1 (US) (6GK5766-1GE00-7DB0)
Siemens / SCALANCE WAM766-1 (US) (6GK5766-1GE00-7DB0)
|
6GK5766-1GE00-7DB0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
|
SCALANCE WAM766-1 EEC (6GK5766-1GE00-7TA0)
Siemens / SCALANCE WAM766-1 EEC (6GK5766-1GE00-7TA0)
|
6GK5766-1GE00-7TA0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
|
SCALANCE WAM766-1 EEC (ME) (6GK5766-1GE00-7TC0)
Siemens / SCALANCE WAM766-1 EEC (ME) (6GK5766-1GE00-7TC0)
|
6GK5766-1GE00-7TC0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
|
SCALANCE WAM766-1 EEC (US) (6GK5766-1GE00-7TB0)
Siemens / SCALANCE WAM766-1 EEC (US) (6GK5766-1GE00-7TB0)
|
6GK5766-1GE00-7TB0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
|
SCALANCE WUB762-1 (6GK5762-1AJ00-1AA0)
Siemens / SCALANCE WUB762-1 (6GK5762-1AJ00-1AA0)
|
6GK5762-1AJ00-1AA0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
|
SCALANCE WUB762-1 iFeatures (6GK5762-1AJ00-2AA0)
Siemens / SCALANCE WUB762-1 iFeatures (6GK5762-1AJ00-2AA0)
|
6GK5762-1AJ00-2AA0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
|
SCALANCE WUM763-1 (6GK5763-1AL00-3AA0)
Siemens / SCALANCE WUM763-1 (6GK5763-1AL00-3AA0)
|
6GK5763-1AL00-3AA0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
|
SCALANCE WUM763-1 (6GK5763-1AL00-3DA0)
Siemens / SCALANCE WUM763-1 (6GK5763-1AL00-3DA0)
|
6GK5763-1AL00-3DA0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
|
SCALANCE WUM763-1 (US) (6GK5763-1AL00-3AB0)
Siemens / SCALANCE WUM763-1 (US) (6GK5763-1AL00-3AB0)
|
6GK5763-1AL00-3AB0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
|
SCALANCE WUM763-1 (US) (6GK5763-1AL00-3DB0)
Siemens / SCALANCE WUM763-1 (US) (6GK5763-1AL00-3DB0)
|
6GK5763-1AL00-3DB0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
|
SCALANCE WUM766-1 (6GK5766-1GE00-3DA0)
Siemens / SCALANCE WUM766-1 (6GK5766-1GE00-3DA0)
|
6GK5766-1GE00-3DA0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
|
SCALANCE WUM766-1 (ME) (6GK5766-1GE00-3DC0)
Siemens / SCALANCE WUM766-1 (ME) (6GK5766-1GE00-3DC0)
|
6GK5766-1GE00-3DC0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
|
SCALANCE WUM766-1 (USA) (6GK5766-1GE00-3DB0)
Siemens / SCALANCE WUM766-1 (USA) (6GK5766-1GE00-3DB0)
|
6GK5766-1GE00-3DB0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
SCALANCE WAB762-1 (6GK5762-1AJ00-6AA0)
Siemens / SCALANCE WAB762-1 (6GK5762-1AJ00-6AA0)
|
6GK5762-1AJ00-6AA0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
|
SCALANCE WAM763-1 (6GK5763-1AL00-7DA0)
Siemens / SCALANCE WAM763-1 (6GK5763-1AL00-7DA0)
|
6GK5763-1AL00-7DA0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
|
SCALANCE WAM763-1 (ME) (6GK5763-1AL00-7DC0)
Siemens / SCALANCE WAM763-1 (ME) (6GK5763-1AL00-7DC0)
|
6GK5763-1AL00-7DC0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
|
SCALANCE WAM763-1 (US) (6GK5763-1AL00-7DB0)
Siemens / SCALANCE WAM763-1 (US) (6GK5763-1AL00-7DB0)
|
6GK5763-1AL00-7DB0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
|
SCALANCE WAM766-1 (6GK5766-1GE00-7DA0)
Siemens / SCALANCE WAM766-1 (6GK5766-1GE00-7DA0)
|
6GK5766-1GE00-7DA0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
|
SCALANCE WAM766-1 (ME) (6GK5766-1GE00-7DC0)
Siemens / SCALANCE WAM766-1 (ME) (6GK5766-1GE00-7DC0)
|
6GK5766-1GE00-7DC0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
|
SCALANCE WAM766-1 (US) (6GK5766-1GE00-7DB0)
Siemens / SCALANCE WAM766-1 (US) (6GK5766-1GE00-7DB0)
|
6GK5766-1GE00-7DB0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
|
SCALANCE WAM766-1 EEC (6GK5766-1GE00-7TA0)
Siemens / SCALANCE WAM766-1 EEC (6GK5766-1GE00-7TA0)
|
6GK5766-1GE00-7TA0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
|
SCALANCE WAM766-1 EEC (ME) (6GK5766-1GE00-7TC0)
Siemens / SCALANCE WAM766-1 EEC (ME) (6GK5766-1GE00-7TC0)
|
6GK5766-1GE00-7TC0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
|
SCALANCE WAM766-1 EEC (US) (6GK5766-1GE00-7TB0)
Siemens / SCALANCE WAM766-1 EEC (US) (6GK5766-1GE00-7TB0)
|
6GK5766-1GE00-7TB0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
|
SCALANCE WUB762-1 (6GK5762-1AJ00-1AA0)
Siemens / SCALANCE WUB762-1 (6GK5762-1AJ00-1AA0)
|
6GK5762-1AJ00-1AA0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
|
SCALANCE WUB762-1 iFeatures (6GK5762-1AJ00-2AA0)
Siemens / SCALANCE WUB762-1 iFeatures (6GK5762-1AJ00-2AA0)
|
6GK5762-1AJ00-2AA0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
|
SCALANCE WUM763-1 (6GK5763-1AL00-3AA0)
Siemens / SCALANCE WUM763-1 (6GK5763-1AL00-3AA0)
|
6GK5763-1AL00-3AA0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
|
SCALANCE WUM763-1 (6GK5763-1AL00-3DA0)
Siemens / SCALANCE WUM763-1 (6GK5763-1AL00-3DA0)
|
6GK5763-1AL00-3DA0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
|
SCALANCE WUM763-1 (US) (6GK5763-1AL00-3AB0)
Siemens / SCALANCE WUM763-1 (US) (6GK5763-1AL00-3AB0)
|
6GK5763-1AL00-3AB0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
|
SCALANCE WUM763-1 (US) (6GK5763-1AL00-3DB0)
Siemens / SCALANCE WUM763-1 (US) (6GK5763-1AL00-3DB0)
|
6GK5763-1AL00-3DB0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
|
SCALANCE WUM766-1 (6GK5766-1GE00-3DA0)
Siemens / SCALANCE WUM766-1 (6GK5766-1GE00-3DA0)
|
6GK5766-1GE00-3DA0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
|
SCALANCE WUM766-1 (ME) (6GK5766-1GE00-3DC0)
Siemens / SCALANCE WUM766-1 (ME) (6GK5766-1GE00-3DC0)
|
6GK5766-1GE00-3DC0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
|
SCALANCE WUM766-1 (USA) (6GK5766-1GE00-3DB0)
Siemens / SCALANCE WUM766-1 (USA) (6GK5766-1GE00-3DB0)
|
6GK5766-1GE00-3DB0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
SCALANCE WAB762-1 (6GK5762-1AJ00-6AA0)
Siemens / SCALANCE WAB762-1 (6GK5762-1AJ00-6AA0)
|
6GK5762-1AJ00-6AA0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
|
SCALANCE WAM763-1 (6GK5763-1AL00-7DA0)
Siemens / SCALANCE WAM763-1 (6GK5763-1AL00-7DA0)
|
6GK5763-1AL00-7DA0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
|
SCALANCE WAM763-1 (ME) (6GK5763-1AL00-7DC0)
Siemens / SCALANCE WAM763-1 (ME) (6GK5763-1AL00-7DC0)
|
6GK5763-1AL00-7DC0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
|
SCALANCE WAM763-1 (US) (6GK5763-1AL00-7DB0)
Siemens / SCALANCE WAM763-1 (US) (6GK5763-1AL00-7DB0)
|
6GK5763-1AL00-7DB0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
|
SCALANCE WAM766-1 (6GK5766-1GE00-7DA0)
Siemens / SCALANCE WAM766-1 (6GK5766-1GE00-7DA0)
|
6GK5766-1GE00-7DA0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
|
SCALANCE WAM766-1 (ME) (6GK5766-1GE00-7DC0)
Siemens / SCALANCE WAM766-1 (ME) (6GK5766-1GE00-7DC0)
|
6GK5766-1GE00-7DC0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
|
SCALANCE WAM766-1 (US) (6GK5766-1GE00-7DB0)
Siemens / SCALANCE WAM766-1 (US) (6GK5766-1GE00-7DB0)
|
6GK5766-1GE00-7DB0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
|
SCALANCE WAM766-1 EEC (6GK5766-1GE00-7TA0)
Siemens / SCALANCE WAM766-1 EEC (6GK5766-1GE00-7TA0)
|
6GK5766-1GE00-7TA0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
|
SCALANCE WAM766-1 EEC (ME) (6GK5766-1GE00-7TC0)
Siemens / SCALANCE WAM766-1 EEC (ME) (6GK5766-1GE00-7TC0)
|
6GK5766-1GE00-7TC0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
|
SCALANCE WAM766-1 EEC (US) (6GK5766-1GE00-7TB0)
Siemens / SCALANCE WAM766-1 EEC (US) (6GK5766-1GE00-7TB0)
|
6GK5766-1GE00-7TB0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
|
SCALANCE WUB762-1 (6GK5762-1AJ00-1AA0)
Siemens / SCALANCE WUB762-1 (6GK5762-1AJ00-1AA0)
|
6GK5762-1AJ00-1AA0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
|
SCALANCE WUB762-1 iFeatures (6GK5762-1AJ00-2AA0)
Siemens / SCALANCE WUB762-1 iFeatures (6GK5762-1AJ00-2AA0)
|
6GK5762-1AJ00-2AA0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
|
SCALANCE WUM763-1 (6GK5763-1AL00-3AA0)
Siemens / SCALANCE WUM763-1 (6GK5763-1AL00-3AA0)
|
6GK5763-1AL00-3AA0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
|
SCALANCE WUM763-1 (6GK5763-1AL00-3DA0)
Siemens / SCALANCE WUM763-1 (6GK5763-1AL00-3DA0)
|
6GK5763-1AL00-3DA0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
|
SCALANCE WUM763-1 (US) (6GK5763-1AL00-3AB0)
Siemens / SCALANCE WUM763-1 (US) (6GK5763-1AL00-3AB0)
|
6GK5763-1AL00-3AB0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
|
SCALANCE WUM763-1 (US) (6GK5763-1AL00-3DB0)
Siemens / SCALANCE WUM763-1 (US) (6GK5763-1AL00-3DB0)
|
6GK5763-1AL00-3DB0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
|
SCALANCE WUM766-1 (6GK5766-1GE00-3DA0)
Siemens / SCALANCE WUM766-1 (6GK5766-1GE00-3DA0)
|
6GK5766-1GE00-3DA0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
|
SCALANCE WUM766-1 (ME) (6GK5766-1GE00-3DC0)
Siemens / SCALANCE WUM766-1 (ME) (6GK5766-1GE00-3DC0)
|
6GK5766-1GE00-3DC0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
|
SCALANCE WUM766-1 (USA) (6GK5766-1GE00-3DB0)
Siemens / SCALANCE WUM766-1 (USA) (6GK5766-1GE00-3DB0)
|
6GK5766-1GE00-3DB0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
SCALANCE WAB762-1 (6GK5762-1AJ00-6AA0)
Siemens / SCALANCE WAB762-1 (6GK5762-1AJ00-6AA0)
|
6GK5762-1AJ00-6AA0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
|
SCALANCE WAM763-1 (6GK5763-1AL00-7DA0)
Siemens / SCALANCE WAM763-1 (6GK5763-1AL00-7DA0)
|
6GK5763-1AL00-7DA0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
|
SCALANCE WAM763-1 (ME) (6GK5763-1AL00-7DC0)
Siemens / SCALANCE WAM763-1 (ME) (6GK5763-1AL00-7DC0)
|
6GK5763-1AL00-7DC0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
|
SCALANCE WAM763-1 (US) (6GK5763-1AL00-7DB0)
Siemens / SCALANCE WAM763-1 (US) (6GK5763-1AL00-7DB0)
|
6GK5763-1AL00-7DB0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
|
SCALANCE WAM766-1 (6GK5766-1GE00-7DA0)
Siemens / SCALANCE WAM766-1 (6GK5766-1GE00-7DA0)
|
6GK5766-1GE00-7DA0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
|
SCALANCE WAM766-1 (ME) (6GK5766-1GE00-7DC0)
Siemens / SCALANCE WAM766-1 (ME) (6GK5766-1GE00-7DC0)
|
6GK5766-1GE00-7DC0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
|
SCALANCE WAM766-1 (US) (6GK5766-1GE00-7DB0)
Siemens / SCALANCE WAM766-1 (US) (6GK5766-1GE00-7DB0)
|
6GK5766-1GE00-7DB0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
|
SCALANCE WAM766-1 EEC (6GK5766-1GE00-7TA0)
Siemens / SCALANCE WAM766-1 EEC (6GK5766-1GE00-7TA0)
|
6GK5766-1GE00-7TA0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
|
SCALANCE WAM766-1 EEC (ME) (6GK5766-1GE00-7TC0)
Siemens / SCALANCE WAM766-1 EEC (ME) (6GK5766-1GE00-7TC0)
|
6GK5766-1GE00-7TC0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
|
SCALANCE WAM766-1 EEC (US) (6GK5766-1GE00-7TB0)
Siemens / SCALANCE WAM766-1 EEC (US) (6GK5766-1GE00-7TB0)
|
6GK5766-1GE00-7TB0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
|
SCALANCE WUB762-1 (6GK5762-1AJ00-1AA0)
Siemens / SCALANCE WUB762-1 (6GK5762-1AJ00-1AA0)
|
6GK5762-1AJ00-1AA0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
|
SCALANCE WUB762-1 iFeatures (6GK5762-1AJ00-2AA0)
Siemens / SCALANCE WUB762-1 iFeatures (6GK5762-1AJ00-2AA0)
|
6GK5762-1AJ00-2AA0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
|
SCALANCE WUM763-1 (6GK5763-1AL00-3AA0)
Siemens / SCALANCE WUM763-1 (6GK5763-1AL00-3AA0)
|
6GK5763-1AL00-3AA0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
|
SCALANCE WUM763-1 (6GK5763-1AL00-3DA0)
Siemens / SCALANCE WUM763-1 (6GK5763-1AL00-3DA0)
|
6GK5763-1AL00-3DA0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
|
SCALANCE WUM763-1 (US) (6GK5763-1AL00-3AB0)
Siemens / SCALANCE WUM763-1 (US) (6GK5763-1AL00-3AB0)
|
6GK5763-1AL00-3AB0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
|
SCALANCE WUM763-1 (US) (6GK5763-1AL00-3DB0)
Siemens / SCALANCE WUM763-1 (US) (6GK5763-1AL00-3DB0)
|
6GK5763-1AL00-3DB0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
|
SCALANCE WUM766-1 (6GK5766-1GE00-3DA0)
Siemens / SCALANCE WUM766-1 (6GK5766-1GE00-3DA0)
|
6GK5766-1GE00-3DA0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
|
SCALANCE WUM766-1 (ME) (6GK5766-1GE00-3DC0)
Siemens / SCALANCE WUM766-1 (ME) (6GK5766-1GE00-3DC0)
|
6GK5766-1GE00-3DC0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
|
SCALANCE WUM766-1 (USA) (6GK5766-1GE00-3DB0)
Siemens / SCALANCE WUM766-1 (USA) (6GK5766-1GE00-3DB0)
|
6GK5766-1GE00-3DB0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
SCALANCE WAB762-1 (6GK5762-1AJ00-6AA0)
Siemens / SCALANCE WAB762-1 (6GK5762-1AJ00-6AA0)
|
6GK5762-1AJ00-6AA0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
|
SCALANCE WAM763-1 (6GK5763-1AL00-7DA0)
Siemens / SCALANCE WAM763-1 (6GK5763-1AL00-7DA0)
|
6GK5763-1AL00-7DA0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
|
SCALANCE WAM763-1 (ME) (6GK5763-1AL00-7DC0)
Siemens / SCALANCE WAM763-1 (ME) (6GK5763-1AL00-7DC0)
|
6GK5763-1AL00-7DC0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
|
SCALANCE WAM763-1 (US) (6GK5763-1AL00-7DB0)
Siemens / SCALANCE WAM763-1 (US) (6GK5763-1AL00-7DB0)
|
6GK5763-1AL00-7DB0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
|
SCALANCE WAM766-1 (6GK5766-1GE00-7DA0)
Siemens / SCALANCE WAM766-1 (6GK5766-1GE00-7DA0)
|
6GK5766-1GE00-7DA0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
|
SCALANCE WAM766-1 (ME) (6GK5766-1GE00-7DC0)
Siemens / SCALANCE WAM766-1 (ME) (6GK5766-1GE00-7DC0)
|
6GK5766-1GE00-7DC0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
|
SCALANCE WAM766-1 (US) (6GK5766-1GE00-7DB0)
Siemens / SCALANCE WAM766-1 (US) (6GK5766-1GE00-7DB0)
|
6GK5766-1GE00-7DB0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
|
SCALANCE WAM766-1 EEC (6GK5766-1GE00-7TA0)
Siemens / SCALANCE WAM766-1 EEC (6GK5766-1GE00-7TA0)
|
6GK5766-1GE00-7TA0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
|
SCALANCE WAM766-1 EEC (ME) (6GK5766-1GE00-7TC0)
Siemens / SCALANCE WAM766-1 EEC (ME) (6GK5766-1GE00-7TC0)
|
6GK5766-1GE00-7TC0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
|
SCALANCE WAM766-1 EEC (US) (6GK5766-1GE00-7TB0)
Siemens / SCALANCE WAM766-1 EEC (US) (6GK5766-1GE00-7TB0)
|
6GK5766-1GE00-7TB0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
|
SCALANCE WUB762-1 (6GK5762-1AJ00-1AA0)
Siemens / SCALANCE WUB762-1 (6GK5762-1AJ00-1AA0)
|
6GK5762-1AJ00-1AA0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
|
SCALANCE WUB762-1 iFeatures (6GK5762-1AJ00-2AA0)
Siemens / SCALANCE WUB762-1 iFeatures (6GK5762-1AJ00-2AA0)
|
6GK5762-1AJ00-2AA0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
|
SCALANCE WUM763-1 (6GK5763-1AL00-3AA0)
Siemens / SCALANCE WUM763-1 (6GK5763-1AL00-3AA0)
|
6GK5763-1AL00-3AA0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
|
SCALANCE WUM763-1 (6GK5763-1AL00-3DA0)
Siemens / SCALANCE WUM763-1 (6GK5763-1AL00-3DA0)
|
6GK5763-1AL00-3DA0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
|
SCALANCE WUM763-1 (US) (6GK5763-1AL00-3AB0)
Siemens / SCALANCE WUM763-1 (US) (6GK5763-1AL00-3AB0)
|
6GK5763-1AL00-3AB0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
|
SCALANCE WUM763-1 (US) (6GK5763-1AL00-3DB0)
Siemens / SCALANCE WUM763-1 (US) (6GK5763-1AL00-3DB0)
|
6GK5763-1AL00-3DB0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
|
SCALANCE WUM766-1 (6GK5766-1GE00-3DA0)
Siemens / SCALANCE WUM766-1 (6GK5766-1GE00-3DA0)
|
6GK5766-1GE00-3DA0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
|
SCALANCE WUM766-1 (ME) (6GK5766-1GE00-3DC0)
Siemens / SCALANCE WUM766-1 (ME) (6GK5766-1GE00-3DC0)
|
6GK5766-1GE00-3DC0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
|
SCALANCE WUM766-1 (USA) (6GK5766-1GE00-3DB0)
Siemens / SCALANCE WUM766-1 (USA) (6GK5766-1GE00-3DB0)
|
6GK5766-1GE00-3DB0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
SCALANCE WAB762-1 (6GK5762-1AJ00-6AA0)
Siemens / SCALANCE WAB762-1 (6GK5762-1AJ00-6AA0)
|
6GK5762-1AJ00-6AA0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
|
SCALANCE WAM763-1 (6GK5763-1AL00-7DA0)
Siemens / SCALANCE WAM763-1 (6GK5763-1AL00-7DA0)
|
6GK5763-1AL00-7DA0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
|
SCALANCE WAM763-1 (ME) (6GK5763-1AL00-7DC0)
Siemens / SCALANCE WAM763-1 (ME) (6GK5763-1AL00-7DC0)
|
6GK5763-1AL00-7DC0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
|
SCALANCE WAM763-1 (US) (6GK5763-1AL00-7DB0)
Siemens / SCALANCE WAM763-1 (US) (6GK5763-1AL00-7DB0)
|
6GK5763-1AL00-7DB0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
|
SCALANCE WAM766-1 (6GK5766-1GE00-7DA0)
Siemens / SCALANCE WAM766-1 (6GK5766-1GE00-7DA0)
|
6GK5766-1GE00-7DA0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
|
SCALANCE WAM766-1 (ME) (6GK5766-1GE00-7DC0)
Siemens / SCALANCE WAM766-1 (ME) (6GK5766-1GE00-7DC0)
|
6GK5766-1GE00-7DC0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
|
SCALANCE WAM766-1 (US) (6GK5766-1GE00-7DB0)
Siemens / SCALANCE WAM766-1 (US) (6GK5766-1GE00-7DB0)
|
6GK5766-1GE00-7DB0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
|
SCALANCE WAM766-1 EEC (6GK5766-1GE00-7TA0)
Siemens / SCALANCE WAM766-1 EEC (6GK5766-1GE00-7TA0)
|
6GK5766-1GE00-7TA0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
|
SCALANCE WAM766-1 EEC (ME) (6GK5766-1GE00-7TC0)
Siemens / SCALANCE WAM766-1 EEC (ME) (6GK5766-1GE00-7TC0)
|
6GK5766-1GE00-7TC0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
|
SCALANCE WAM766-1 EEC (US) (6GK5766-1GE00-7TB0)
Siemens / SCALANCE WAM766-1 EEC (US) (6GK5766-1GE00-7TB0)
|
6GK5766-1GE00-7TB0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
|
SCALANCE WUB762-1 (6GK5762-1AJ00-1AA0)
Siemens / SCALANCE WUB762-1 (6GK5762-1AJ00-1AA0)
|
6GK5762-1AJ00-1AA0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
|
SCALANCE WUB762-1 iFeatures (6GK5762-1AJ00-2AA0)
Siemens / SCALANCE WUB762-1 iFeatures (6GK5762-1AJ00-2AA0)
|
6GK5762-1AJ00-2AA0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
|
SCALANCE WUM763-1 (6GK5763-1AL00-3AA0)
Siemens / SCALANCE WUM763-1 (6GK5763-1AL00-3AA0)
|
6GK5763-1AL00-3AA0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
|
SCALANCE WUM763-1 (6GK5763-1AL00-3DA0)
Siemens / SCALANCE WUM763-1 (6GK5763-1AL00-3DA0)
|
6GK5763-1AL00-3DA0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
|
SCALANCE WUM763-1 (US) (6GK5763-1AL00-3AB0)
Siemens / SCALANCE WUM763-1 (US) (6GK5763-1AL00-3AB0)
|
6GK5763-1AL00-3AB0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
|
SCALANCE WUM763-1 (US) (6GK5763-1AL00-3DB0)
Siemens / SCALANCE WUM763-1 (US) (6GK5763-1AL00-3DB0)
|
6GK5763-1AL00-3DB0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
|
SCALANCE WUM766-1 (6GK5766-1GE00-3DA0)
Siemens / SCALANCE WUM766-1 (6GK5766-1GE00-3DA0)
|
6GK5766-1GE00-3DA0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
|
SCALANCE WUM766-1 (ME) (6GK5766-1GE00-3DC0)
Siemens / SCALANCE WUM766-1 (ME) (6GK5766-1GE00-3DC0)
|
6GK5766-1GE00-3DC0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
|
SCALANCE WUM766-1 (USA) (6GK5766-1GE00-3DB0)
Siemens / SCALANCE WUM766-1 (USA) (6GK5766-1GE00-3DB0)
|
6GK5766-1GE00-3DB0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
SCALANCE WAB762-1 (6GK5762-1AJ00-6AA0)
Siemens / SCALANCE WAB762-1 (6GK5762-1AJ00-6AA0)
|
6GK5762-1AJ00-6AA0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
|
SCALANCE WAM763-1 (6GK5763-1AL00-7DA0)
Siemens / SCALANCE WAM763-1 (6GK5763-1AL00-7DA0)
|
6GK5763-1AL00-7DA0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
|
SCALANCE WAM763-1 (ME) (6GK5763-1AL00-7DC0)
Siemens / SCALANCE WAM763-1 (ME) (6GK5763-1AL00-7DC0)
|
6GK5763-1AL00-7DC0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
|
SCALANCE WAM763-1 (US) (6GK5763-1AL00-7DB0)
Siemens / SCALANCE WAM763-1 (US) (6GK5763-1AL00-7DB0)
|
6GK5763-1AL00-7DB0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
|
SCALANCE WAM766-1 (6GK5766-1GE00-7DA0)
Siemens / SCALANCE WAM766-1 (6GK5766-1GE00-7DA0)
|
6GK5766-1GE00-7DA0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
|
SCALANCE WAM766-1 (ME) (6GK5766-1GE00-7DC0)
Siemens / SCALANCE WAM766-1 (ME) (6GK5766-1GE00-7DC0)
|
6GK5766-1GE00-7DC0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
|
SCALANCE WAM766-1 (US) (6GK5766-1GE00-7DB0)
Siemens / SCALANCE WAM766-1 (US) (6GK5766-1GE00-7DB0)
|
6GK5766-1GE00-7DB0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
|
SCALANCE WAM766-1 EEC (6GK5766-1GE00-7TA0)
Siemens / SCALANCE WAM766-1 EEC (6GK5766-1GE00-7TA0)
|
6GK5766-1GE00-7TA0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
|
SCALANCE WAM766-1 EEC (ME) (6GK5766-1GE00-7TC0)
Siemens / SCALANCE WAM766-1 EEC (ME) (6GK5766-1GE00-7TC0)
|
6GK5766-1GE00-7TC0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
|
SCALANCE WAM766-1 EEC (US) (6GK5766-1GE00-7TB0)
Siemens / SCALANCE WAM766-1 EEC (US) (6GK5766-1GE00-7TB0)
|
6GK5766-1GE00-7TB0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
|
SCALANCE WUB762-1 (6GK5762-1AJ00-1AA0)
Siemens / SCALANCE WUB762-1 (6GK5762-1AJ00-1AA0)
|
6GK5762-1AJ00-1AA0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
|
SCALANCE WUB762-1 iFeatures (6GK5762-1AJ00-2AA0)
Siemens / SCALANCE WUB762-1 iFeatures (6GK5762-1AJ00-2AA0)
|
6GK5762-1AJ00-2AA0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
|
SCALANCE WUM763-1 (6GK5763-1AL00-3AA0)
Siemens / SCALANCE WUM763-1 (6GK5763-1AL00-3AA0)
|
6GK5763-1AL00-3AA0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
|
SCALANCE WUM763-1 (6GK5763-1AL00-3DA0)
Siemens / SCALANCE WUM763-1 (6GK5763-1AL00-3DA0)
|
6GK5763-1AL00-3DA0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
|
SCALANCE WUM763-1 (US) (6GK5763-1AL00-3AB0)
Siemens / SCALANCE WUM763-1 (US) (6GK5763-1AL00-3AB0)
|
6GK5763-1AL00-3AB0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
|
SCALANCE WUM763-1 (US) (6GK5763-1AL00-3DB0)
Siemens / SCALANCE WUM763-1 (US) (6GK5763-1AL00-3DB0)
|
6GK5763-1AL00-3DB0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
|
SCALANCE WUM766-1 (6GK5766-1GE00-3DA0)
Siemens / SCALANCE WUM766-1 (6GK5766-1GE00-3DA0)
|
6GK5766-1GE00-3DA0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
|
SCALANCE WUM766-1 (ME) (6GK5766-1GE00-3DC0)
Siemens / SCALANCE WUM766-1 (ME) (6GK5766-1GE00-3DC0)
|
6GK5766-1GE00-3DC0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
|
SCALANCE WUM766-1 (USA) (6GK5766-1GE00-3DB0)
Siemens / SCALANCE WUM766-1 (USA) (6GK5766-1GE00-3DB0)
|
6GK5766-1GE00-3DB0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
SCALANCE WAB762-1 (6GK5762-1AJ00-6AA0)
Siemens / SCALANCE WAB762-1 (6GK5762-1AJ00-6AA0)
|
6GK5762-1AJ00-6AA0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
|
SCALANCE WAM763-1 (6GK5763-1AL00-7DA0)
Siemens / SCALANCE WAM763-1 (6GK5763-1AL00-7DA0)
|
6GK5763-1AL00-7DA0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
|
SCALANCE WAM763-1 (ME) (6GK5763-1AL00-7DC0)
Siemens / SCALANCE WAM763-1 (ME) (6GK5763-1AL00-7DC0)
|
6GK5763-1AL00-7DC0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
|
SCALANCE WAM763-1 (US) (6GK5763-1AL00-7DB0)
Siemens / SCALANCE WAM763-1 (US) (6GK5763-1AL00-7DB0)
|
6GK5763-1AL00-7DB0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
|
SCALANCE WAM766-1 (6GK5766-1GE00-7DA0)
Siemens / SCALANCE WAM766-1 (6GK5766-1GE00-7DA0)
|
6GK5766-1GE00-7DA0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
|
SCALANCE WAM766-1 (ME) (6GK5766-1GE00-7DC0)
Siemens / SCALANCE WAM766-1 (ME) (6GK5766-1GE00-7DC0)
|
6GK5766-1GE00-7DC0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
|
SCALANCE WAM766-1 (US) (6GK5766-1GE00-7DB0)
Siemens / SCALANCE WAM766-1 (US) (6GK5766-1GE00-7DB0)
|
6GK5766-1GE00-7DB0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
|
SCALANCE WAM766-1 EEC (6GK5766-1GE00-7TA0)
Siemens / SCALANCE WAM766-1 EEC (6GK5766-1GE00-7TA0)
|
6GK5766-1GE00-7TA0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
|
SCALANCE WAM766-1 EEC (ME) (6GK5766-1GE00-7TC0)
Siemens / SCALANCE WAM766-1 EEC (ME) (6GK5766-1GE00-7TC0)
|
6GK5766-1GE00-7TC0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
|
SCALANCE WAM766-1 EEC (US) (6GK5766-1GE00-7TB0)
Siemens / SCALANCE WAM766-1 EEC (US) (6GK5766-1GE00-7TB0)
|
6GK5766-1GE00-7TB0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
|
SCALANCE WUB762-1 (6GK5762-1AJ00-1AA0)
Siemens / SCALANCE WUB762-1 (6GK5762-1AJ00-1AA0)
|
6GK5762-1AJ00-1AA0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
|
SCALANCE WUB762-1 iFeatures (6GK5762-1AJ00-2AA0)
Siemens / SCALANCE WUB762-1 iFeatures (6GK5762-1AJ00-2AA0)
|
6GK5762-1AJ00-2AA0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
|
SCALANCE WUM763-1 (6GK5763-1AL00-3AA0)
Siemens / SCALANCE WUM763-1 (6GK5763-1AL00-3AA0)
|
6GK5763-1AL00-3AA0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
|
SCALANCE WUM763-1 (6GK5763-1AL00-3DA0)
Siemens / SCALANCE WUM763-1 (6GK5763-1AL00-3DA0)
|
6GK5763-1AL00-3DA0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
|
SCALANCE WUM763-1 (US) (6GK5763-1AL00-3AB0)
Siemens / SCALANCE WUM763-1 (US) (6GK5763-1AL00-3AB0)
|
6GK5763-1AL00-3AB0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
|
SCALANCE WUM763-1 (US) (6GK5763-1AL00-3DB0)
Siemens / SCALANCE WUM763-1 (US) (6GK5763-1AL00-3DB0)
|
6GK5763-1AL00-3DB0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
|
SCALANCE WUM766-1 (6GK5766-1GE00-3DA0)
Siemens / SCALANCE WUM766-1 (6GK5766-1GE00-3DA0)
|
6GK5766-1GE00-3DA0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
|
SCALANCE WUM766-1 (ME) (6GK5766-1GE00-3DC0)
Siemens / SCALANCE WUM766-1 (ME) (6GK5766-1GE00-3DC0)
|
6GK5766-1GE00-3DC0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
|
SCALANCE WUM766-1 (USA) (6GK5766-1GE00-3DB0)
Siemens / SCALANCE WUM766-1 (USA) (6GK5766-1GE00-3DB0)
|
6GK5766-1GE00-3DB0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
SCALANCE WAB762-1 (6GK5762-1AJ00-6AA0)
Siemens / SCALANCE WAB762-1 (6GK5762-1AJ00-6AA0)
|
6GK5762-1AJ00-6AA0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
|
SCALANCE WAM763-1 (6GK5763-1AL00-7DA0)
Siemens / SCALANCE WAM763-1 (6GK5763-1AL00-7DA0)
|
6GK5763-1AL00-7DA0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
|
SCALANCE WAM763-1 (ME) (6GK5763-1AL00-7DC0)
Siemens / SCALANCE WAM763-1 (ME) (6GK5763-1AL00-7DC0)
|
6GK5763-1AL00-7DC0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
|
SCALANCE WAM763-1 (US) (6GK5763-1AL00-7DB0)
Siemens / SCALANCE WAM763-1 (US) (6GK5763-1AL00-7DB0)
|
6GK5763-1AL00-7DB0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
|
SCALANCE WAM766-1 (6GK5766-1GE00-7DA0)
Siemens / SCALANCE WAM766-1 (6GK5766-1GE00-7DA0)
|
6GK5766-1GE00-7DA0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
|
SCALANCE WAM766-1 (ME) (6GK5766-1GE00-7DC0)
Siemens / SCALANCE WAM766-1 (ME) (6GK5766-1GE00-7DC0)
|
6GK5766-1GE00-7DC0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
|
SCALANCE WAM766-1 (US) (6GK5766-1GE00-7DB0)
Siemens / SCALANCE WAM766-1 (US) (6GK5766-1GE00-7DB0)
|
6GK5766-1GE00-7DB0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
|
SCALANCE WAM766-1 EEC (6GK5766-1GE00-7TA0)
Siemens / SCALANCE WAM766-1 EEC (6GK5766-1GE00-7TA0)
|
6GK5766-1GE00-7TA0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
|
SCALANCE WAM766-1 EEC (ME) (6GK5766-1GE00-7TC0)
Siemens / SCALANCE WAM766-1 EEC (ME) (6GK5766-1GE00-7TC0)
|
6GK5766-1GE00-7TC0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
|
SCALANCE WAM766-1 EEC (US) (6GK5766-1GE00-7TB0)
Siemens / SCALANCE WAM766-1 EEC (US) (6GK5766-1GE00-7TB0)
|
6GK5766-1GE00-7TB0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
|
SCALANCE WUB762-1 (6GK5762-1AJ00-1AA0)
Siemens / SCALANCE WUB762-1 (6GK5762-1AJ00-1AA0)
|
6GK5762-1AJ00-1AA0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
|
SCALANCE WUB762-1 iFeatures (6GK5762-1AJ00-2AA0)
Siemens / SCALANCE WUB762-1 iFeatures (6GK5762-1AJ00-2AA0)
|
6GK5762-1AJ00-2AA0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
|
SCALANCE WUM763-1 (6GK5763-1AL00-3AA0)
Siemens / SCALANCE WUM763-1 (6GK5763-1AL00-3AA0)
|
6GK5763-1AL00-3AA0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
|
SCALANCE WUM763-1 (6GK5763-1AL00-3DA0)
Siemens / SCALANCE WUM763-1 (6GK5763-1AL00-3DA0)
|
6GK5763-1AL00-3DA0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
|
SCALANCE WUM763-1 (US) (6GK5763-1AL00-3AB0)
Siemens / SCALANCE WUM763-1 (US) (6GK5763-1AL00-3AB0)
|
6GK5763-1AL00-3AB0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
|
SCALANCE WUM763-1 (US) (6GK5763-1AL00-3DB0)
Siemens / SCALANCE WUM763-1 (US) (6GK5763-1AL00-3DB0)
|
6GK5763-1AL00-3DB0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
|
SCALANCE WUM766-1 (6GK5766-1GE00-3DA0)
Siemens / SCALANCE WUM766-1 (6GK5766-1GE00-3DA0)
|
6GK5766-1GE00-3DA0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
|
SCALANCE WUM766-1 (ME) (6GK5766-1GE00-3DC0)
Siemens / SCALANCE WUM766-1 (ME) (6GK5766-1GE00-3DC0)
|
6GK5766-1GE00-3DC0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
|
SCALANCE WUM766-1 (USA) (6GK5766-1GE00-3DB0)
Siemens / SCALANCE WUM766-1 (USA) (6GK5766-1GE00-3DB0)
|
6GK5766-1GE00-3DB0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
SCALANCE WAB762-1 (6GK5762-1AJ00-6AA0)
Siemens / SCALANCE WAB762-1 (6GK5762-1AJ00-6AA0)
|
6GK5762-1AJ00-6AA0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
|
SCALANCE WAM763-1 (6GK5763-1AL00-7DA0)
Siemens / SCALANCE WAM763-1 (6GK5763-1AL00-7DA0)
|
6GK5763-1AL00-7DA0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
|
SCALANCE WAM763-1 (ME) (6GK5763-1AL00-7DC0)
Siemens / SCALANCE WAM763-1 (ME) (6GK5763-1AL00-7DC0)
|
6GK5763-1AL00-7DC0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
|
SCALANCE WAM763-1 (US) (6GK5763-1AL00-7DB0)
Siemens / SCALANCE WAM763-1 (US) (6GK5763-1AL00-7DB0)
|
6GK5763-1AL00-7DB0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
|
SCALANCE WAM766-1 (6GK5766-1GE00-7DA0)
Siemens / SCALANCE WAM766-1 (6GK5766-1GE00-7DA0)
|
6GK5766-1GE00-7DA0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
|
SCALANCE WAM766-1 (ME) (6GK5766-1GE00-7DC0)
Siemens / SCALANCE WAM766-1 (ME) (6GK5766-1GE00-7DC0)
|
6GK5766-1GE00-7DC0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
|
SCALANCE WAM766-1 (US) (6GK5766-1GE00-7DB0)
Siemens / SCALANCE WAM766-1 (US) (6GK5766-1GE00-7DB0)
|
6GK5766-1GE00-7DB0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
|
SCALANCE WAM766-1 EEC (6GK5766-1GE00-7TA0)
Siemens / SCALANCE WAM766-1 EEC (6GK5766-1GE00-7TA0)
|
6GK5766-1GE00-7TA0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
|
SCALANCE WAM766-1 EEC (ME) (6GK5766-1GE00-7TC0)
Siemens / SCALANCE WAM766-1 EEC (ME) (6GK5766-1GE00-7TC0)
|
6GK5766-1GE00-7TC0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
|
SCALANCE WAM766-1 EEC (US) (6GK5766-1GE00-7TB0)
Siemens / SCALANCE WAM766-1 EEC (US) (6GK5766-1GE00-7TB0)
|
6GK5766-1GE00-7TB0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
|
SCALANCE WUB762-1 (6GK5762-1AJ00-1AA0)
Siemens / SCALANCE WUB762-1 (6GK5762-1AJ00-1AA0)
|
6GK5762-1AJ00-1AA0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
|
SCALANCE WUB762-1 iFeatures (6GK5762-1AJ00-2AA0)
Siemens / SCALANCE WUB762-1 iFeatures (6GK5762-1AJ00-2AA0)
|
6GK5762-1AJ00-2AA0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
|
SCALANCE WUM763-1 (6GK5763-1AL00-3AA0)
Siemens / SCALANCE WUM763-1 (6GK5763-1AL00-3AA0)
|
6GK5763-1AL00-3AA0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
|
SCALANCE WUM763-1 (6GK5763-1AL00-3DA0)
Siemens / SCALANCE WUM763-1 (6GK5763-1AL00-3DA0)
|
6GK5763-1AL00-3DA0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
|
SCALANCE WUM763-1 (US) (6GK5763-1AL00-3AB0)
Siemens / SCALANCE WUM763-1 (US) (6GK5763-1AL00-3AB0)
|
6GK5763-1AL00-3AB0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
|
SCALANCE WUM763-1 (US) (6GK5763-1AL00-3DB0)
Siemens / SCALANCE WUM763-1 (US) (6GK5763-1AL00-3DB0)
|
6GK5763-1AL00-3DB0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
|
SCALANCE WUM766-1 (6GK5766-1GE00-3DA0)
Siemens / SCALANCE WUM766-1 (6GK5766-1GE00-3DA0)
|
6GK5766-1GE00-3DA0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
|
SCALANCE WUM766-1 (ME) (6GK5766-1GE00-3DC0)
Siemens / SCALANCE WUM766-1 (ME) (6GK5766-1GE00-3DC0)
|
6GK5766-1GE00-3DC0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
|
SCALANCE WUM766-1 (USA) (6GK5766-1GE00-3DB0)
Siemens / SCALANCE WUM766-1 (USA) (6GK5766-1GE00-3DB0)
|
6GK5766-1GE00-3DB0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
SCALANCE WAB762-1 (6GK5762-1AJ00-6AA0)
Siemens / SCALANCE WAB762-1 (6GK5762-1AJ00-6AA0)
|
6GK5762-1AJ00-6AA0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
|
SCALANCE WAM763-1 (6GK5763-1AL00-7DA0)
Siemens / SCALANCE WAM763-1 (6GK5763-1AL00-7DA0)
|
6GK5763-1AL00-7DA0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
|
SCALANCE WAM763-1 (ME) (6GK5763-1AL00-7DC0)
Siemens / SCALANCE WAM763-1 (ME) (6GK5763-1AL00-7DC0)
|
6GK5763-1AL00-7DC0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
|
SCALANCE WAM763-1 (US) (6GK5763-1AL00-7DB0)
Siemens / SCALANCE WAM763-1 (US) (6GK5763-1AL00-7DB0)
|
6GK5763-1AL00-7DB0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
|
SCALANCE WAM766-1 (6GK5766-1GE00-7DA0)
Siemens / SCALANCE WAM766-1 (6GK5766-1GE00-7DA0)
|
6GK5766-1GE00-7DA0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
|
SCALANCE WAM766-1 (ME) (6GK5766-1GE00-7DC0)
Siemens / SCALANCE WAM766-1 (ME) (6GK5766-1GE00-7DC0)
|
6GK5766-1GE00-7DC0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
|
SCALANCE WAM766-1 (US) (6GK5766-1GE00-7DB0)
Siemens / SCALANCE WAM766-1 (US) (6GK5766-1GE00-7DB0)
|
6GK5766-1GE00-7DB0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
|
SCALANCE WAM766-1 EEC (6GK5766-1GE00-7TA0)
Siemens / SCALANCE WAM766-1 EEC (6GK5766-1GE00-7TA0)
|
6GK5766-1GE00-7TA0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
|
SCALANCE WAM766-1 EEC (ME) (6GK5766-1GE00-7TC0)
Siemens / SCALANCE WAM766-1 EEC (ME) (6GK5766-1GE00-7TC0)
|
6GK5766-1GE00-7TC0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
|
SCALANCE WAM766-1 EEC (US) (6GK5766-1GE00-7TB0)
Siemens / SCALANCE WAM766-1 EEC (US) (6GK5766-1GE00-7TB0)
|
6GK5766-1GE00-7TB0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
|
SCALANCE WUB762-1 (6GK5762-1AJ00-1AA0)
Siemens / SCALANCE WUB762-1 (6GK5762-1AJ00-1AA0)
|
6GK5762-1AJ00-1AA0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
|
SCALANCE WUB762-1 iFeatures (6GK5762-1AJ00-2AA0)
Siemens / SCALANCE WUB762-1 iFeatures (6GK5762-1AJ00-2AA0)
|
6GK5762-1AJ00-2AA0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
|
SCALANCE WUM763-1 (6GK5763-1AL00-3AA0)
Siemens / SCALANCE WUM763-1 (6GK5763-1AL00-3AA0)
|
6GK5763-1AL00-3AA0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
|
SCALANCE WUM763-1 (6GK5763-1AL00-3DA0)
Siemens / SCALANCE WUM763-1 (6GK5763-1AL00-3DA0)
|
6GK5763-1AL00-3DA0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
|
SCALANCE WUM763-1 (US) (6GK5763-1AL00-3AB0)
Siemens / SCALANCE WUM763-1 (US) (6GK5763-1AL00-3AB0)
|
6GK5763-1AL00-3AB0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
|
SCALANCE WUM763-1 (US) (6GK5763-1AL00-3DB0)
Siemens / SCALANCE WUM763-1 (US) (6GK5763-1AL00-3DB0)
|
6GK5763-1AL00-3DB0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
|
SCALANCE WUM766-1 (6GK5766-1GE00-3DA0)
Siemens / SCALANCE WUM766-1 (6GK5766-1GE00-3DA0)
|
6GK5766-1GE00-3DA0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
|
SCALANCE WUM766-1 (ME) (6GK5766-1GE00-3DC0)
Siemens / SCALANCE WUM766-1 (ME) (6GK5766-1GE00-3DC0)
|
6GK5766-1GE00-3DC0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
|
SCALANCE WUM766-1 (USA) (6GK5766-1GE00-3DB0)
Siemens / SCALANCE WUM766-1 (USA) (6GK5766-1GE00-3DB0)
|
6GK5766-1GE00-3DB0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
SCALANCE WAB762-1 (6GK5762-1AJ00-6AA0)
Siemens / SCALANCE WAB762-1 (6GK5762-1AJ00-6AA0)
|
6GK5762-1AJ00-6AA0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
|
SCALANCE WAM763-1 (6GK5763-1AL00-7DA0)
Siemens / SCALANCE WAM763-1 (6GK5763-1AL00-7DA0)
|
6GK5763-1AL00-7DA0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
|
SCALANCE WAM763-1 (ME) (6GK5763-1AL00-7DC0)
Siemens / SCALANCE WAM763-1 (ME) (6GK5763-1AL00-7DC0)
|
6GK5763-1AL00-7DC0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
|
SCALANCE WAM763-1 (US) (6GK5763-1AL00-7DB0)
Siemens / SCALANCE WAM763-1 (US) (6GK5763-1AL00-7DB0)
|
6GK5763-1AL00-7DB0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
|
SCALANCE WAM766-1 (6GK5766-1GE00-7DA0)
Siemens / SCALANCE WAM766-1 (6GK5766-1GE00-7DA0)
|
6GK5766-1GE00-7DA0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
|
SCALANCE WAM766-1 (ME) (6GK5766-1GE00-7DC0)
Siemens / SCALANCE WAM766-1 (ME) (6GK5766-1GE00-7DC0)
|
6GK5766-1GE00-7DC0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
|
SCALANCE WAM766-1 (US) (6GK5766-1GE00-7DB0)
Siemens / SCALANCE WAM766-1 (US) (6GK5766-1GE00-7DB0)
|
6GK5766-1GE00-7DB0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
|
SCALANCE WAM766-1 EEC (6GK5766-1GE00-7TA0)
Siemens / SCALANCE WAM766-1 EEC (6GK5766-1GE00-7TA0)
|
6GK5766-1GE00-7TA0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
|
SCALANCE WAM766-1 EEC (ME) (6GK5766-1GE00-7TC0)
Siemens / SCALANCE WAM766-1 EEC (ME) (6GK5766-1GE00-7TC0)
|
6GK5766-1GE00-7TC0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
|
SCALANCE WAM766-1 EEC (US) (6GK5766-1GE00-7TB0)
Siemens / SCALANCE WAM766-1 EEC (US) (6GK5766-1GE00-7TB0)
|
6GK5766-1GE00-7TB0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
|
SCALANCE WUB762-1 (6GK5762-1AJ00-1AA0)
Siemens / SCALANCE WUB762-1 (6GK5762-1AJ00-1AA0)
|
6GK5762-1AJ00-1AA0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
|
SCALANCE WUB762-1 iFeatures (6GK5762-1AJ00-2AA0)
Siemens / SCALANCE WUB762-1 iFeatures (6GK5762-1AJ00-2AA0)
|
6GK5762-1AJ00-2AA0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
|
SCALANCE WUM763-1 (6GK5763-1AL00-3AA0)
Siemens / SCALANCE WUM763-1 (6GK5763-1AL00-3AA0)
|
6GK5763-1AL00-3AA0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
|
SCALANCE WUM763-1 (6GK5763-1AL00-3DA0)
Siemens / SCALANCE WUM763-1 (6GK5763-1AL00-3DA0)
|
6GK5763-1AL00-3DA0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
|
SCALANCE WUM763-1 (US) (6GK5763-1AL00-3AB0)
Siemens / SCALANCE WUM763-1 (US) (6GK5763-1AL00-3AB0)
|
6GK5763-1AL00-3AB0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
|
SCALANCE WUM763-1 (US) (6GK5763-1AL00-3DB0)
Siemens / SCALANCE WUM763-1 (US) (6GK5763-1AL00-3DB0)
|
6GK5763-1AL00-3DB0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
|
SCALANCE WUM766-1 (6GK5766-1GE00-3DA0)
Siemens / SCALANCE WUM766-1 (6GK5766-1GE00-3DA0)
|
6GK5766-1GE00-3DA0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
|
SCALANCE WUM766-1 (ME) (6GK5766-1GE00-3DC0)
Siemens / SCALANCE WUM766-1 (ME) (6GK5766-1GE00-3DC0)
|
6GK5766-1GE00-3DC0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
|
SCALANCE WUM766-1 (USA) (6GK5766-1GE00-3DB0)
Siemens / SCALANCE WUM766-1 (USA) (6GK5766-1GE00-3DB0)
|
6GK5766-1GE00-3DB0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
SCALANCE WAB762-1 (6GK5762-1AJ00-6AA0)
Siemens / SCALANCE WAB762-1 (6GK5762-1AJ00-6AA0)
|
6GK5762-1AJ00-6AA0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
|
SCALANCE WAM763-1 (6GK5763-1AL00-7DA0)
Siemens / SCALANCE WAM763-1 (6GK5763-1AL00-7DA0)
|
6GK5763-1AL00-7DA0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
|
SCALANCE WAM763-1 (ME) (6GK5763-1AL00-7DC0)
Siemens / SCALANCE WAM763-1 (ME) (6GK5763-1AL00-7DC0)
|
6GK5763-1AL00-7DC0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
|
SCALANCE WAM763-1 (US) (6GK5763-1AL00-7DB0)
Siemens / SCALANCE WAM763-1 (US) (6GK5763-1AL00-7DB0)
|
6GK5763-1AL00-7DB0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
|
SCALANCE WAM766-1 (6GK5766-1GE00-7DA0)
Siemens / SCALANCE WAM766-1 (6GK5766-1GE00-7DA0)
|
6GK5766-1GE00-7DA0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
|
SCALANCE WAM766-1 (ME) (6GK5766-1GE00-7DC0)
Siemens / SCALANCE WAM766-1 (ME) (6GK5766-1GE00-7DC0)
|
6GK5766-1GE00-7DC0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
|
SCALANCE WAM766-1 (US) (6GK5766-1GE00-7DB0)
Siemens / SCALANCE WAM766-1 (US) (6GK5766-1GE00-7DB0)
|
6GK5766-1GE00-7DB0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
|
SCALANCE WAM766-1 EEC (6GK5766-1GE00-7TA0)
Siemens / SCALANCE WAM766-1 EEC (6GK5766-1GE00-7TA0)
|
6GK5766-1GE00-7TA0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
|
SCALANCE WAM766-1 EEC (ME) (6GK5766-1GE00-7TC0)
Siemens / SCALANCE WAM766-1 EEC (ME) (6GK5766-1GE00-7TC0)
|
6GK5766-1GE00-7TC0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
|
SCALANCE WAM766-1 EEC (US) (6GK5766-1GE00-7TB0)
Siemens / SCALANCE WAM766-1 EEC (US) (6GK5766-1GE00-7TB0)
|
6GK5766-1GE00-7TB0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
|
SCALANCE WUB762-1 (6GK5762-1AJ00-1AA0)
Siemens / SCALANCE WUB762-1 (6GK5762-1AJ00-1AA0)
|
6GK5762-1AJ00-1AA0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
|
SCALANCE WUB762-1 iFeatures (6GK5762-1AJ00-2AA0)
Siemens / SCALANCE WUB762-1 iFeatures (6GK5762-1AJ00-2AA0)
|
6GK5762-1AJ00-2AA0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
|
SCALANCE WUM763-1 (6GK5763-1AL00-3AA0)
Siemens / SCALANCE WUM763-1 (6GK5763-1AL00-3AA0)
|
6GK5763-1AL00-3AA0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
|
SCALANCE WUM763-1 (6GK5763-1AL00-3DA0)
Siemens / SCALANCE WUM763-1 (6GK5763-1AL00-3DA0)
|
6GK5763-1AL00-3DA0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
|
SCALANCE WUM763-1 (US) (6GK5763-1AL00-3AB0)
Siemens / SCALANCE WUM763-1 (US) (6GK5763-1AL00-3AB0)
|
6GK5763-1AL00-3AB0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
|
SCALANCE WUM763-1 (US) (6GK5763-1AL00-3DB0)
Siemens / SCALANCE WUM763-1 (US) (6GK5763-1AL00-3DB0)
|
6GK5763-1AL00-3DB0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
|
SCALANCE WUM766-1 (6GK5766-1GE00-3DA0)
Siemens / SCALANCE WUM766-1 (6GK5766-1GE00-3DA0)
|
6GK5766-1GE00-3DA0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
|
SCALANCE WUM766-1 (ME) (6GK5766-1GE00-3DC0)
Siemens / SCALANCE WUM766-1 (ME) (6GK5766-1GE00-3DC0)
|
6GK5766-1GE00-3DC0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
|
SCALANCE WUM766-1 (USA) (6GK5766-1GE00-3DB0)
Siemens / SCALANCE WUM766-1 (USA) (6GK5766-1GE00-3DB0)
|
6GK5766-1GE00-3DB0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
SCALANCE WAB762-1 (6GK5762-1AJ00-6AA0)
Siemens / SCALANCE WAB762-1 (6GK5762-1AJ00-6AA0)
|
6GK5762-1AJ00-6AA0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
|
SCALANCE WAM763-1 (6GK5763-1AL00-7DA0)
Siemens / SCALANCE WAM763-1 (6GK5763-1AL00-7DA0)
|
6GK5763-1AL00-7DA0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
|
SCALANCE WAM763-1 (ME) (6GK5763-1AL00-7DC0)
Siemens / SCALANCE WAM763-1 (ME) (6GK5763-1AL00-7DC0)
|
6GK5763-1AL00-7DC0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
|
SCALANCE WAM763-1 (US) (6GK5763-1AL00-7DB0)
Siemens / SCALANCE WAM763-1 (US) (6GK5763-1AL00-7DB0)
|
6GK5763-1AL00-7DB0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
|
SCALANCE WAM766-1 (6GK5766-1GE00-7DA0)
Siemens / SCALANCE WAM766-1 (6GK5766-1GE00-7DA0)
|
6GK5766-1GE00-7DA0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
|
SCALANCE WAM766-1 (ME) (6GK5766-1GE00-7DC0)
Siemens / SCALANCE WAM766-1 (ME) (6GK5766-1GE00-7DC0)
|
6GK5766-1GE00-7DC0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
|
SCALANCE WAM766-1 (US) (6GK5766-1GE00-7DB0)
Siemens / SCALANCE WAM766-1 (US) (6GK5766-1GE00-7DB0)
|
6GK5766-1GE00-7DB0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
|
SCALANCE WAM766-1 EEC (6GK5766-1GE00-7TA0)
Siemens / SCALANCE WAM766-1 EEC (6GK5766-1GE00-7TA0)
|
6GK5766-1GE00-7TA0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
|
SCALANCE WAM766-1 EEC (ME) (6GK5766-1GE00-7TC0)
Siemens / SCALANCE WAM766-1 EEC (ME) (6GK5766-1GE00-7TC0)
|
6GK5766-1GE00-7TC0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
|
SCALANCE WAM766-1 EEC (US) (6GK5766-1GE00-7TB0)
Siemens / SCALANCE WAM766-1 EEC (US) (6GK5766-1GE00-7TB0)
|
6GK5766-1GE00-7TB0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
|
SCALANCE WUB762-1 (6GK5762-1AJ00-1AA0)
Siemens / SCALANCE WUB762-1 (6GK5762-1AJ00-1AA0)
|
6GK5762-1AJ00-1AA0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
|
SCALANCE WUB762-1 iFeatures (6GK5762-1AJ00-2AA0)
Siemens / SCALANCE WUB762-1 iFeatures (6GK5762-1AJ00-2AA0)
|
6GK5762-1AJ00-2AA0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
|
SCALANCE WUM763-1 (6GK5763-1AL00-3AA0)
Siemens / SCALANCE WUM763-1 (6GK5763-1AL00-3AA0)
|
6GK5763-1AL00-3AA0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
|
SCALANCE WUM763-1 (6GK5763-1AL00-3DA0)
Siemens / SCALANCE WUM763-1 (6GK5763-1AL00-3DA0)
|
6GK5763-1AL00-3DA0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
|
SCALANCE WUM763-1 (US) (6GK5763-1AL00-3AB0)
Siemens / SCALANCE WUM763-1 (US) (6GK5763-1AL00-3AB0)
|
6GK5763-1AL00-3AB0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
|
SCALANCE WUM763-1 (US) (6GK5763-1AL00-3DB0)
Siemens / SCALANCE WUM763-1 (US) (6GK5763-1AL00-3DB0)
|
6GK5763-1AL00-3DB0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
|
SCALANCE WUM766-1 (6GK5766-1GE00-3DA0)
Siemens / SCALANCE WUM766-1 (6GK5766-1GE00-3DA0)
|
6GK5766-1GE00-3DA0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
|
SCALANCE WUM766-1 (ME) (6GK5766-1GE00-3DC0)
Siemens / SCALANCE WUM766-1 (ME) (6GK5766-1GE00-3DC0)
|
6GK5766-1GE00-3DC0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
|
SCALANCE WUM766-1 (USA) (6GK5766-1GE00-3DB0)
Siemens / SCALANCE WUM766-1 (USA) (6GK5766-1GE00-3DB0)
|
6GK5766-1GE00-3DB0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
SCALANCE WAB762-1 (6GK5762-1AJ00-6AA0)
Siemens / SCALANCE WAB762-1 (6GK5762-1AJ00-6AA0)
|
6GK5762-1AJ00-6AA0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
|
SCALANCE WAM763-1 (6GK5763-1AL00-7DA0)
Siemens / SCALANCE WAM763-1 (6GK5763-1AL00-7DA0)
|
6GK5763-1AL00-7DA0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
|
SCALANCE WAM763-1 (ME) (6GK5763-1AL00-7DC0)
Siemens / SCALANCE WAM763-1 (ME) (6GK5763-1AL00-7DC0)
|
6GK5763-1AL00-7DC0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
|
SCALANCE WAM763-1 (US) (6GK5763-1AL00-7DB0)
Siemens / SCALANCE WAM763-1 (US) (6GK5763-1AL00-7DB0)
|
6GK5763-1AL00-7DB0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
|
SCALANCE WAM766-1 (6GK5766-1GE00-7DA0)
Siemens / SCALANCE WAM766-1 (6GK5766-1GE00-7DA0)
|
6GK5766-1GE00-7DA0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
|
SCALANCE WAM766-1 (ME) (6GK5766-1GE00-7DC0)
Siemens / SCALANCE WAM766-1 (ME) (6GK5766-1GE00-7DC0)
|
6GK5766-1GE00-7DC0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
|
SCALANCE WAM766-1 (US) (6GK5766-1GE00-7DB0)
Siemens / SCALANCE WAM766-1 (US) (6GK5766-1GE00-7DB0)
|
6GK5766-1GE00-7DB0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
|
SCALANCE WAM766-1 EEC (6GK5766-1GE00-7TA0)
Siemens / SCALANCE WAM766-1 EEC (6GK5766-1GE00-7TA0)
|
6GK5766-1GE00-7TA0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
|
SCALANCE WAM766-1 EEC (ME) (6GK5766-1GE00-7TC0)
Siemens / SCALANCE WAM766-1 EEC (ME) (6GK5766-1GE00-7TC0)
|
6GK5766-1GE00-7TC0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
|
SCALANCE WAM766-1 EEC (US) (6GK5766-1GE00-7TB0)
Siemens / SCALANCE WAM766-1 EEC (US) (6GK5766-1GE00-7TB0)
|
6GK5766-1GE00-7TB0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
|
SCALANCE WUB762-1 (6GK5762-1AJ00-1AA0)
Siemens / SCALANCE WUB762-1 (6GK5762-1AJ00-1AA0)
|
6GK5762-1AJ00-1AA0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
|
SCALANCE WUB762-1 iFeatures (6GK5762-1AJ00-2AA0)
Siemens / SCALANCE WUB762-1 iFeatures (6GK5762-1AJ00-2AA0)
|
6GK5762-1AJ00-2AA0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
|
SCALANCE WUM763-1 (6GK5763-1AL00-3AA0)
Siemens / SCALANCE WUM763-1 (6GK5763-1AL00-3AA0)
|
6GK5763-1AL00-3AA0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
|
SCALANCE WUM763-1 (6GK5763-1AL00-3DA0)
Siemens / SCALANCE WUM763-1 (6GK5763-1AL00-3DA0)
|
6GK5763-1AL00-3DA0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
|
SCALANCE WUM763-1 (US) (6GK5763-1AL00-3AB0)
Siemens / SCALANCE WUM763-1 (US) (6GK5763-1AL00-3AB0)
|
6GK5763-1AL00-3AB0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
|
SCALANCE WUM763-1 (US) (6GK5763-1AL00-3DB0)
Siemens / SCALANCE WUM763-1 (US) (6GK5763-1AL00-3DB0)
|
6GK5763-1AL00-3DB0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
|
SCALANCE WUM766-1 (6GK5766-1GE00-3DA0)
Siemens / SCALANCE WUM766-1 (6GK5766-1GE00-3DA0)
|
6GK5766-1GE00-3DA0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
|
SCALANCE WUM766-1 (ME) (6GK5766-1GE00-3DC0)
Siemens / SCALANCE WUM766-1 (ME) (6GK5766-1GE00-3DC0)
|
6GK5766-1GE00-3DC0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
|
SCALANCE WUM766-1 (USA) (6GK5766-1GE00-3DB0)
Siemens / SCALANCE WUM766-1 (USA) (6GK5766-1GE00-3DB0)
|
6GK5766-1GE00-3DB0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
SCALANCE WAB762-1 (6GK5762-1AJ00-6AA0)
Siemens / SCALANCE WAB762-1 (6GK5762-1AJ00-6AA0)
|
6GK5762-1AJ00-6AA0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
|
SCALANCE WAM763-1 (6GK5763-1AL00-7DA0)
Siemens / SCALANCE WAM763-1 (6GK5763-1AL00-7DA0)
|
6GK5763-1AL00-7DA0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
|
SCALANCE WAM763-1 (ME) (6GK5763-1AL00-7DC0)
Siemens / SCALANCE WAM763-1 (ME) (6GK5763-1AL00-7DC0)
|
6GK5763-1AL00-7DC0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
|
SCALANCE WAM763-1 (US) (6GK5763-1AL00-7DB0)
Siemens / SCALANCE WAM763-1 (US) (6GK5763-1AL00-7DB0)
|
6GK5763-1AL00-7DB0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
|
SCALANCE WAM766-1 (6GK5766-1GE00-7DA0)
Siemens / SCALANCE WAM766-1 (6GK5766-1GE00-7DA0)
|
6GK5766-1GE00-7DA0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
|
SCALANCE WAM766-1 (ME) (6GK5766-1GE00-7DC0)
Siemens / SCALANCE WAM766-1 (ME) (6GK5766-1GE00-7DC0)
|
6GK5766-1GE00-7DC0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
|
SCALANCE WAM766-1 (US) (6GK5766-1GE00-7DB0)
Siemens / SCALANCE WAM766-1 (US) (6GK5766-1GE00-7DB0)
|
6GK5766-1GE00-7DB0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
|
SCALANCE WAM766-1 EEC (6GK5766-1GE00-7TA0)
Siemens / SCALANCE WAM766-1 EEC (6GK5766-1GE00-7TA0)
|
6GK5766-1GE00-7TA0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
|
SCALANCE WAM766-1 EEC (ME) (6GK5766-1GE00-7TC0)
Siemens / SCALANCE WAM766-1 EEC (ME) (6GK5766-1GE00-7TC0)
|
6GK5766-1GE00-7TC0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
|
SCALANCE WAM766-1 EEC (US) (6GK5766-1GE00-7TB0)
Siemens / SCALANCE WAM766-1 EEC (US) (6GK5766-1GE00-7TB0)
|
6GK5766-1GE00-7TB0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
|
SCALANCE WUB762-1 (6GK5762-1AJ00-1AA0)
Siemens / SCALANCE WUB762-1 (6GK5762-1AJ00-1AA0)
|
6GK5762-1AJ00-1AA0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
|
SCALANCE WUB762-1 iFeatures (6GK5762-1AJ00-2AA0)
Siemens / SCALANCE WUB762-1 iFeatures (6GK5762-1AJ00-2AA0)
|
6GK5762-1AJ00-2AA0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
|
SCALANCE WUM763-1 (6GK5763-1AL00-3AA0)
Siemens / SCALANCE WUM763-1 (6GK5763-1AL00-3AA0)
|
6GK5763-1AL00-3AA0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
|
SCALANCE WUM763-1 (6GK5763-1AL00-3DA0)
Siemens / SCALANCE WUM763-1 (6GK5763-1AL00-3DA0)
|
6GK5763-1AL00-3DA0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
|
SCALANCE WUM763-1 (US) (6GK5763-1AL00-3AB0)
Siemens / SCALANCE WUM763-1 (US) (6GK5763-1AL00-3AB0)
|
6GK5763-1AL00-3AB0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
|
SCALANCE WUM763-1 (US) (6GK5763-1AL00-3DB0)
Siemens / SCALANCE WUM763-1 (US) (6GK5763-1AL00-3DB0)
|
6GK5763-1AL00-3DB0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
|
SCALANCE WUM766-1 (6GK5766-1GE00-3DA0)
Siemens / SCALANCE WUM766-1 (6GK5766-1GE00-3DA0)
|
6GK5766-1GE00-3DA0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
|
SCALANCE WUM766-1 (ME) (6GK5766-1GE00-3DC0)
Siemens / SCALANCE WUM766-1 (ME) (6GK5766-1GE00-3DC0)
|
6GK5766-1GE00-3DC0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
|
SCALANCE WUM766-1 (USA) (6GK5766-1GE00-3DB0)
Siemens / SCALANCE WUM766-1 (USA) (6GK5766-1GE00-3DB0)
|
6GK5766-1GE00-3DB0
|
vers:all/<V3.0.0 |
Vendor Fix
fix
|
{
"document": {
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Disclosure is not limited. (TLPv2: TLP:CLEAR)",
"tlp": {
"label": "WHITE"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "SCALANCE W-700 IEEE 802.11ax family devices are affected by multiple vulnerabilities.\n\nSiemens has released new versions for the affected products and recommends to update to the latest versions.",
"title": "Summary"
},
{
"category": "general",
"text": "As a general security measure, Siemens strongly recommends to protect network access to devices with appropriate mechanisms. In order to operate the devices in a protected IT environment, Siemens recommends to configure the environment according to Siemens\u0027 operational guidelines for Industrial Security (Download: \nhttps://www.siemens.com/cert/operational-guidelines-industrial-security), and to follow the recommendations in the product manuals.\nAdditional information on Industrial Security by Siemens can be found at: https://www.siemens.com/industrialsecurity",
"title": "General Recommendations"
},
{
"category": "general",
"text": "For further inquiries on security vulnerabilities in Siemens products and solutions, please contact the Siemens ProductCERT: https://www.siemens.com/cert/advisories",
"title": "Additional Resources"
},
{
"category": "legal_disclaimer",
"text": "The use of Siemens Security Advisories is subject to the terms and conditions listed on: https://www.siemens.com/productcert/terms-of-use.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "productcert@siemens.com",
"name": "Siemens ProductCERT",
"namespace": "https://www.siemens.com"
},
"references": [
{
"category": "self",
"summary": "SSA-769027: Multiple Vulnerabilities fixed in SCALANCE W700 IEEE 802.11ax devices before V3.0.0 - HTML Version",
"url": "https://cert-portal.siemens.com/productcert/html/ssa-769027.html"
},
{
"category": "self",
"summary": "SSA-769027: Multiple Vulnerabilities fixed in SCALANCE W700 IEEE 802.11ax devices before V3.0.0 - CSAF Version",
"url": "https://cert-portal.siemens.com/productcert/csaf/ssa-769027.json"
}
],
"title": "SSA-769027: Multiple Vulnerabilities fixed in SCALANCE W700 IEEE 802.11ax devices before V3.0.0",
"tracking": {
"current_release_date": "2025-02-11T00:00:00Z",
"generator": {
"engine": {
"name": "Siemens ProductCERT CSAF Generator",
"version": "1"
}
},
"id": "SSA-769027",
"initial_release_date": "2025-02-11T00:00:00Z",
"revision_history": [
{
"date": "2025-02-11T00:00:00Z",
"legacy_version": "1.0",
"number": "1",
"summary": "Publication Date"
}
],
"status": "interim",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version_range",
"name": "vers:all/\u003cV3.0.0",
"product": {
"name": "SCALANCE WAB762-1 (6GK5762-1AJ00-6AA0)",
"product_id": "1",
"product_identification_helper": {
"model_numbers": [
"6GK5762-1AJ00-6AA0"
]
}
}
}
],
"category": "product_name",
"name": "SCALANCE WAB762-1 (6GK5762-1AJ00-6AA0)"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:all/\u003cV3.0.0",
"product": {
"name": "SCALANCE WAM763-1 (6GK5763-1AL00-7DA0)",
"product_id": "2",
"product_identification_helper": {
"model_numbers": [
"6GK5763-1AL00-7DA0"
]
}
}
}
],
"category": "product_name",
"name": "SCALANCE WAM763-1 (6GK5763-1AL00-7DA0)"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:all/\u003cV3.0.0",
"product": {
"name": "SCALANCE WAM763-1 (ME) (6GK5763-1AL00-7DC0)",
"product_id": "3",
"product_identification_helper": {
"model_numbers": [
"6GK5763-1AL00-7DC0"
]
}
}
}
],
"category": "product_name",
"name": "SCALANCE WAM763-1 (ME) (6GK5763-1AL00-7DC0)"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:all/\u003cV3.0.0",
"product": {
"name": "SCALANCE WAM763-1 (US) (6GK5763-1AL00-7DB0)",
"product_id": "4",
"product_identification_helper": {
"model_numbers": [
"6GK5763-1AL00-7DB0"
]
}
}
}
],
"category": "product_name",
"name": "SCALANCE WAM763-1 (US) (6GK5763-1AL00-7DB0)"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:all/\u003cV3.0.0",
"product": {
"name": "SCALANCE WAM766-1 (6GK5766-1GE00-7DA0)",
"product_id": "5",
"product_identification_helper": {
"model_numbers": [
"6GK5766-1GE00-7DA0"
]
}
}
}
],
"category": "product_name",
"name": "SCALANCE WAM766-1 (6GK5766-1GE00-7DA0)"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:all/\u003cV3.0.0",
"product": {
"name": "SCALANCE WAM766-1 (ME) (6GK5766-1GE00-7DC0)",
"product_id": "6",
"product_identification_helper": {
"model_numbers": [
"6GK5766-1GE00-7DC0"
]
}
}
}
],
"category": "product_name",
"name": "SCALANCE WAM766-1 (ME) (6GK5766-1GE00-7DC0)"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:all/\u003cV3.0.0",
"product": {
"name": "SCALANCE WAM766-1 (US) (6GK5766-1GE00-7DB0)",
"product_id": "7",
"product_identification_helper": {
"model_numbers": [
"6GK5766-1GE00-7DB0"
]
}
}
}
],
"category": "product_name",
"name": "SCALANCE WAM766-1 (US) (6GK5766-1GE00-7DB0)"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:all/\u003cV3.0.0",
"product": {
"name": "SCALANCE WAM766-1 EEC (6GK5766-1GE00-7TA0)",
"product_id": "8",
"product_identification_helper": {
"model_numbers": [
"6GK5766-1GE00-7TA0"
]
}
}
}
],
"category": "product_name",
"name": "SCALANCE WAM766-1 EEC (6GK5766-1GE00-7TA0)"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:all/\u003cV3.0.0",
"product": {
"name": "SCALANCE WAM766-1 EEC (ME) (6GK5766-1GE00-7TC0)",
"product_id": "9",
"product_identification_helper": {
"model_numbers": [
"6GK5766-1GE00-7TC0"
]
}
}
}
],
"category": "product_name",
"name": "SCALANCE WAM766-1 EEC (ME) (6GK5766-1GE00-7TC0)"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:all/\u003cV3.0.0",
"product": {
"name": "SCALANCE WAM766-1 EEC (US) (6GK5766-1GE00-7TB0)",
"product_id": "10",
"product_identification_helper": {
"model_numbers": [
"6GK5766-1GE00-7TB0"
]
}
}
}
],
"category": "product_name",
"name": "SCALANCE WAM766-1 EEC (US) (6GK5766-1GE00-7TB0)"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:all/\u003cV3.0.0",
"product": {
"name": "SCALANCE WUB762-1 (6GK5762-1AJ00-1AA0)",
"product_id": "11",
"product_identification_helper": {
"model_numbers": [
"6GK5762-1AJ00-1AA0"
]
}
}
}
],
"category": "product_name",
"name": "SCALANCE WUB762-1 (6GK5762-1AJ00-1AA0)"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:all/\u003cV3.0.0",
"product": {
"name": "SCALANCE WUB762-1 iFeatures (6GK5762-1AJ00-2AA0)",
"product_id": "12",
"product_identification_helper": {
"model_numbers": [
"6GK5762-1AJ00-2AA0"
]
}
}
}
],
"category": "product_name",
"name": "SCALANCE WUB762-1 iFeatures (6GK5762-1AJ00-2AA0)"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:all/\u003cV3.0.0",
"product": {
"name": "SCALANCE WUM763-1 (6GK5763-1AL00-3AA0)",
"product_id": "13",
"product_identification_helper": {
"model_numbers": [
"6GK5763-1AL00-3AA0"
]
}
}
}
],
"category": "product_name",
"name": "SCALANCE WUM763-1 (6GK5763-1AL00-3AA0)"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:all/\u003cV3.0.0",
"product": {
"name": "SCALANCE WUM763-1 (6GK5763-1AL00-3DA0)",
"product_id": "14",
"product_identification_helper": {
"model_numbers": [
"6GK5763-1AL00-3DA0"
]
}
}
}
],
"category": "product_name",
"name": "SCALANCE WUM763-1 (6GK5763-1AL00-3DA0)"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:all/\u003cV3.0.0",
"product": {
"name": "SCALANCE WUM763-1 (US) (6GK5763-1AL00-3AB0)",
"product_id": "15",
"product_identification_helper": {
"model_numbers": [
"6GK5763-1AL00-3AB0"
]
}
}
}
],
"category": "product_name",
"name": "SCALANCE WUM763-1 (US) (6GK5763-1AL00-3AB0)"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:all/\u003cV3.0.0",
"product": {
"name": "SCALANCE WUM763-1 (US) (6GK5763-1AL00-3DB0)",
"product_id": "16",
"product_identification_helper": {
"model_numbers": [
"6GK5763-1AL00-3DB0"
]
}
}
}
],
"category": "product_name",
"name": "SCALANCE WUM763-1 (US) (6GK5763-1AL00-3DB0)"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:all/\u003cV3.0.0",
"product": {
"name": "SCALANCE WUM766-1 (6GK5766-1GE00-3DA0)",
"product_id": "17",
"product_identification_helper": {
"model_numbers": [
"6GK5766-1GE00-3DA0"
]
}
}
}
],
"category": "product_name",
"name": "SCALANCE WUM766-1 (6GK5766-1GE00-3DA0)"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:all/\u003cV3.0.0",
"product": {
"name": "SCALANCE WUM766-1 (ME) (6GK5766-1GE00-3DC0)",
"product_id": "18",
"product_identification_helper": {
"model_numbers": [
"6GK5766-1GE00-3DC0"
]
}
}
}
],
"category": "product_name",
"name": "SCALANCE WUM766-1 (ME) (6GK5766-1GE00-3DC0)"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:all/\u003cV3.0.0",
"product": {
"name": "SCALANCE WUM766-1 (USA) (6GK5766-1GE00-3DB0)",
"product_id": "19",
"product_identification_helper": {
"model_numbers": [
"6GK5766-1GE00-3DB0"
]
}
}
}
],
"category": "product_name",
"name": "SCALANCE WUM766-1 (USA) (6GK5766-1GE00-3DB0)"
}
],
"category": "vendor",
"name": "Siemens"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2022-2588",
"cwe": {
"id": "CWE-415",
"name": "Double Free"
},
"notes": [
{
"category": "summary",
"text": "Zhenpeng Lin discovered that the network packet scheduler implementation in the Linux kernel did not properly remove all references to a route filter before freeing it in some situations. A local attacker could use this to cause a denial of service (system crash) or execute arbitrary code.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"1",
"2",
"3",
"4",
"5",
"6",
"7",
"8",
"9",
"10",
"11",
"12",
"13",
"14",
"15",
"16",
"17",
"18",
"19"
]
},
"remediations": [
{
"category": "vendor_fix",
"details": "Update to V3.0.0 or later version",
"product_ids": [
"1",
"2",
"3",
"4",
"5",
"6",
"7",
"8",
"9",
"10",
"11",
"12",
"13",
"14",
"15",
"16",
"17",
"18",
"19"
],
"url": "https://support.industry.siemens.com/cs/ww/en/view/109977720/"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"1",
"2",
"3",
"4",
"5",
"6",
"7",
"8",
"9",
"10",
"11",
"12",
"13",
"14",
"15",
"16",
"17",
"18",
"19"
]
}
],
"title": "CVE-2022-2588"
},
{
"cve": "CVE-2022-2663",
"cwe": {
"id": "CWE-923",
"name": "Improper Restriction of Communication Channel to Intended Endpoints"
},
"notes": [
{
"category": "summary",
"text": "An issue was found in the Linux kernel in nf_conntrack_irc where the message handling can be confused and incorrectly matches the message. A firewall may be able to be bypassed when users are using unencrypted IRC with nf_conntrack_irc configured.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"1",
"2",
"3",
"4",
"5",
"6",
"7",
"8",
"9",
"10",
"11",
"12",
"13",
"14",
"15",
"16",
"17",
"18",
"19"
]
},
"remediations": [
{
"category": "vendor_fix",
"details": "Update to V3.0.0 or later version",
"product_ids": [
"1",
"2",
"3",
"4",
"5",
"6",
"7",
"8",
"9",
"10",
"11",
"12",
"13",
"14",
"15",
"16",
"17",
"18",
"19"
],
"url": "https://support.industry.siemens.com/cs/ww/en/view/109977720/"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N",
"version": "3.1"
},
"products": [
"1",
"2",
"3",
"4",
"5",
"6",
"7",
"8",
"9",
"10",
"11",
"12",
"13",
"14",
"15",
"16",
"17",
"18",
"19"
]
}
],
"title": "CVE-2022-2663"
},
{
"cve": "CVE-2022-3524",
"cwe": {
"id": "CWE-404",
"name": "Improper Resource Shutdown or Release"
},
"notes": [
{
"category": "summary",
"text": "A vulnerability was found in Linux Kernel. It has been declared as problematic. Affected by this vulnerability is the function ipv6_renew_options of the component IPv6 Handler. The manipulation leads to memory leak. The attack can be launched remotely. It is recommended to apply a patch to fix this issue. The identifier VDB-211021 was assigned to this vulnerability.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"1",
"2",
"3",
"4",
"5",
"6",
"7",
"8",
"9",
"10",
"11",
"12",
"13",
"14",
"15",
"16",
"17",
"18",
"19"
]
},
"remediations": [
{
"category": "vendor_fix",
"details": "Update to V3.0.0 or later version",
"product_ids": [
"1",
"2",
"3",
"4",
"5",
"6",
"7",
"8",
"9",
"10",
"11",
"12",
"13",
"14",
"15",
"16",
"17",
"18",
"19"
],
"url": "https://support.industry.siemens.com/cs/ww/en/view/109977720/"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
"version": "3.1"
},
"products": [
"1",
"2",
"3",
"4",
"5",
"6",
"7",
"8",
"9",
"10",
"11",
"12",
"13",
"14",
"15",
"16",
"17",
"18",
"19"
]
}
],
"title": "CVE-2022-3524"
},
{
"cve": "CVE-2022-4304",
"cwe": {
"id": "CWE-326",
"name": "Inadequate Encryption Strength"
},
"notes": [
{
"category": "summary",
"text": "A timing based side channel exists in the OpenSSL RSA Decryption implementation which could be sufficient to recover a plaintext across a network in a Bleichenbacher style attack. To achieve a successful decryption an attacker would have to be able to send a very large number of trial messages for decryption. The vulnerability affects all RSA padding modes: PKCS#1 v1.5, RSA-OEAP and RSASVE. For example, in a TLS connection, RSA is commonly used by a client to send an encrypted pre-master secret to the server. An attacker that had observed a genuine connection between a client and a server could use this flaw to send trial messages to the server and record the time taken to process them. After a sufficiently large number of messages the attacker could recover the pre-master secret used for the original connection and thus be able to decrypt the application data sent over that connection.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"1",
"2",
"3",
"4",
"5",
"6",
"7",
"8",
"9",
"10",
"11",
"12",
"13",
"14",
"15",
"16",
"17",
"18",
"19"
]
},
"remediations": [
{
"category": "vendor_fix",
"details": "Update to V3.0.0 or later version",
"product_ids": [
"1",
"2",
"3",
"4",
"5",
"6",
"7",
"8",
"9",
"10",
"11",
"12",
"13",
"14",
"15",
"16",
"17",
"18",
"19"
],
"url": "https://support.industry.siemens.com/cs/ww/en/view/109977720/"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N",
"version": "3.1"
},
"products": [
"1",
"2",
"3",
"4",
"5",
"6",
"7",
"8",
"9",
"10",
"11",
"12",
"13",
"14",
"15",
"16",
"17",
"18",
"19"
]
}
],
"title": "CVE-2022-4304"
},
{
"cve": "CVE-2022-4450",
"cwe": {
"id": "CWE-415",
"name": "Double Free"
},
"notes": [
{
"category": "summary",
"text": "The function PEM_read_bio_ex() reads a PEM file from a BIO and parses and decodes the \"name\" (e.g. \"CERTIFICATE\"), any header data and the payload data. If the function succeeds then the \"name_out\", \"header\" and \"data\" arguments are populated with pointers to buffers containing the relevant decoded data. The caller is responsible for freeing those buffers. It is possible to construct a PEM file that results in 0 bytes of payload data. In this case PEM_read_bio_ex() will return a failure code but will populate the header argument with a pointer to a buffer that has already been freed. If the caller also frees this buffer then a double free will occur. This will most likely lead to a crash. This could be exploited by an attacker who has the ability to supply malicious PEM files for parsing to achieve a denial of service attack. The functions PEM_read_bio() and PEM_read() are simple wrappers around PEM_read_bio_ex() and therefore these functions are also directly affected. These functions are also called indirectly by a number of other OpenSSL functions including PEM_X509_INFO_read_bio_ex() and SSL_CTX_use_serverinfo_file() which are also vulnerable. Some OpenSSL internal uses of these functions are not vulnerable because the caller does not free the header argument if PEM_read_bio_ex() returns a failure code. These locations include the PEM_read_bio_TYPE() functions as well as the decoders introduced in OpenSSL 3.0. The OpenSSL asn1parse command line application is also impacted by this issue.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"1",
"2",
"3",
"4",
"5",
"6",
"7",
"8",
"9",
"10",
"11",
"12",
"13",
"14",
"15",
"16",
"17",
"18",
"19"
]
},
"remediations": [
{
"category": "vendor_fix",
"details": "Update to V3.0.0 or later version",
"product_ids": [
"1",
"2",
"3",
"4",
"5",
"6",
"7",
"8",
"9",
"10",
"11",
"12",
"13",
"14",
"15",
"16",
"17",
"18",
"19"
],
"url": "https://support.industry.siemens.com/cs/ww/en/view/109977720/"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"1",
"2",
"3",
"4",
"5",
"6",
"7",
"8",
"9",
"10",
"11",
"12",
"13",
"14",
"15",
"16",
"17",
"18",
"19"
]
}
],
"title": "CVE-2022-4450"
},
{
"cve": "CVE-2022-39188",
"cwe": {
"id": "CWE-362",
"name": "Concurrent Execution using Shared Resource with Improper Synchronization (\u0027Race Condition\u0027)"
},
"notes": [
{
"category": "summary",
"text": "An issue was discovered in include/asm-generic/tlb.h in the Linux kernel before 5.19. Because of a race condition (unmap_mapping_range versus munmap), a device driver can free a page while it still has stale TLB entries. This only occurs in situations with VM_PFNMAP VMAs.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"1",
"2",
"3",
"4",
"5",
"6",
"7",
"8",
"9",
"10",
"11",
"12",
"13",
"14",
"15",
"16",
"17",
"18",
"19"
]
},
"remediations": [
{
"category": "vendor_fix",
"details": "Update to V3.0.0 or later version",
"product_ids": [
"1",
"2",
"3",
"4",
"5",
"6",
"7",
"8",
"9",
"10",
"11",
"12",
"13",
"14",
"15",
"16",
"17",
"18",
"19"
],
"url": "https://support.industry.siemens.com/cs/ww/en/view/109977720/"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.7,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"1",
"2",
"3",
"4",
"5",
"6",
"7",
"8",
"9",
"10",
"11",
"12",
"13",
"14",
"15",
"16",
"17",
"18",
"19"
]
}
],
"title": "CVE-2022-39188"
},
{
"cve": "CVE-2022-39842",
"cwe": {
"id": "CWE-190",
"name": "Integer Overflow or Wraparound"
},
"notes": [
{
"category": "summary",
"text": "An issue was discovered in the Linux kernel before 5.19. In pxa3xx_gcu_write in drivers/video/fbdev/pxa3xx-gcu.c, the count parameter has a type conflict of size_t versus int, causing an integer overflow and bypassing the size check. After that, because it is used as the third argument to copy_from_user(), a heap overflow may occur. NOTE: the original discoverer disputes that the overflow can actually happen.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"1",
"2",
"3",
"4",
"5",
"6",
"7",
"8",
"9",
"10",
"11",
"12",
"13",
"14",
"15",
"16",
"17",
"18",
"19"
]
},
"remediations": [
{
"category": "vendor_fix",
"details": "Update to V3.0.0 or later version",
"product_ids": [
"1",
"2",
"3",
"4",
"5",
"6",
"7",
"8",
"9",
"10",
"11",
"12",
"13",
"14",
"15",
"16",
"17",
"18",
"19"
],
"url": "https://support.industry.siemens.com/cs/ww/en/view/109977720/"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:H",
"version": "3.1"
},
"products": [
"1",
"2",
"3",
"4",
"5",
"6",
"7",
"8",
"9",
"10",
"11",
"12",
"13",
"14",
"15",
"16",
"17",
"18",
"19"
]
}
],
"title": "CVE-2022-39842"
},
{
"cve": "CVE-2022-40303",
"cwe": {
"id": "CWE-190",
"name": "Integer Overflow or Wraparound"
},
"notes": [
{
"category": "summary",
"text": "An issue was discovered in libxml2 before 2.10.3. When parsing a multi-gigabyte XML document with the XML_PARSE_HUGE parser option enabled, several integer counters can overflow. This results in an attempt to access an array at a negative 2GB offset, typically leading to a segmentation fault.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"1",
"2",
"3",
"4",
"5",
"6",
"7",
"8",
"9",
"10",
"11",
"12",
"13",
"14",
"15",
"16",
"17",
"18",
"19"
]
},
"remediations": [
{
"category": "vendor_fix",
"details": "Update to V3.0.0 or later version",
"product_ids": [
"1",
"2",
"3",
"4",
"5",
"6",
"7",
"8",
"9",
"10",
"11",
"12",
"13",
"14",
"15",
"16",
"17",
"18",
"19"
],
"url": "https://support.industry.siemens.com/cs/ww/en/view/109977720/"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"1",
"2",
"3",
"4",
"5",
"6",
"7",
"8",
"9",
"10",
"11",
"12",
"13",
"14",
"15",
"16",
"17",
"18",
"19"
]
}
],
"title": "CVE-2022-40303"
},
{
"cve": "CVE-2022-40304",
"cwe": {
"id": "CWE-415",
"name": "Double Free"
},
"notes": [
{
"category": "summary",
"text": "An issue was discovered in libxml2 before 2.10.3. Certain invalid XML entity definitions can corrupt a hash table key, potentially leading to subsequent logic errors. In one case, a double-free can be provoked.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"1",
"2",
"3",
"4",
"5",
"6",
"7",
"8",
"9",
"10",
"11",
"12",
"13",
"14",
"15",
"16",
"17",
"18",
"19"
]
},
"remediations": [
{
"category": "vendor_fix",
"details": "Update to V3.0.0 or later version",
"product_ids": [
"1",
"2",
"3",
"4",
"5",
"6",
"7",
"8",
"9",
"10",
"11",
"12",
"13",
"14",
"15",
"16",
"17",
"18",
"19"
],
"url": "https://support.industry.siemens.com/cs/ww/en/view/109977720/"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"1",
"2",
"3",
"4",
"5",
"6",
"7",
"8",
"9",
"10",
"11",
"12",
"13",
"14",
"15",
"16",
"17",
"18",
"19"
]
}
],
"title": "CVE-2022-40304"
},
{
"cve": "CVE-2022-43750",
"cwe": {
"id": "CWE-787",
"name": "Out-of-bounds Write"
},
"notes": [
{
"category": "summary",
"text": "drivers/usb/mon/mon_bin.c in usbmon in the Linux kernel before 5.19.15 and 6.x before 6.0.1 allows a user-space client to corrupt the monitor\u0027s internal memory.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"1",
"2",
"3",
"4",
"5",
"6",
"7",
"8",
"9",
"10",
"11",
"12",
"13",
"14",
"15",
"16",
"17",
"18",
"19"
]
},
"remediations": [
{
"category": "vendor_fix",
"details": "Update to V3.0.0 or later version",
"product_ids": [
"1",
"2",
"3",
"4",
"5",
"6",
"7",
"8",
"9",
"10",
"11",
"12",
"13",
"14",
"15",
"16",
"17",
"18",
"19"
],
"url": "https://support.industry.siemens.com/cs/ww/en/view/109977720/"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.7,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"1",
"2",
"3",
"4",
"5",
"6",
"7",
"8",
"9",
"10",
"11",
"12",
"13",
"14",
"15",
"16",
"17",
"18",
"19"
]
}
],
"title": "CVE-2022-43750"
},
{
"cve": "CVE-2022-47069",
"cwe": {
"id": "CWE-787",
"name": "Out-of-bounds Write"
},
"notes": [
{
"category": "summary",
"text": "p7zip 16.02 was discovered to contain a heap-buffer-overflow vulnerability via the function NArchive::NZip::CInArchive::FindCd(bool) at CPP/7zip/Archive/Zip/ZipIn.cpp.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"1",
"2",
"3",
"4",
"5",
"6",
"7",
"8",
"9",
"10",
"11",
"12",
"13",
"14",
"15",
"16",
"17",
"18",
"19"
]
},
"remediations": [
{
"category": "vendor_fix",
"details": "Update to V3.0.0 or later version",
"product_ids": [
"1",
"2",
"3",
"4",
"5",
"6",
"7",
"8",
"9",
"10",
"11",
"12",
"13",
"14",
"15",
"16",
"17",
"18",
"19"
],
"url": "https://support.industry.siemens.com/cs/ww/en/view/109977720/"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"1",
"2",
"3",
"4",
"5",
"6",
"7",
"8",
"9",
"10",
"11",
"12",
"13",
"14",
"15",
"16",
"17",
"18",
"19"
]
}
],
"title": "CVE-2022-47069"
},
{
"cve": "CVE-2022-47929",
"cwe": {
"id": "CWE-476",
"name": "NULL Pointer Dereference"
},
"notes": [
{
"category": "summary",
"text": "In the Linux kernel before 6.1.6, a NULL pointer dereference bug in the traffic control subsystem allows an unprivileged user to trigger a denial of service (system crash) via a crafted traffic control configuration that is set up with \"tc qdisc\" and \"tc class\" commands. This affects qdisc_graft in net/sched/sch_api.c.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"1",
"2",
"3",
"4",
"5",
"6",
"7",
"8",
"9",
"10",
"11",
"12",
"13",
"14",
"15",
"16",
"17",
"18",
"19"
]
},
"remediations": [
{
"category": "vendor_fix",
"details": "Update to V3.0.0 or later version",
"product_ids": [
"1",
"2",
"3",
"4",
"5",
"6",
"7",
"8",
"9",
"10",
"11",
"12",
"13",
"14",
"15",
"16",
"17",
"18",
"19"
],
"url": "https://support.industry.siemens.com/cs/ww/en/view/109977720/"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"1",
"2",
"3",
"4",
"5",
"6",
"7",
"8",
"9",
"10",
"11",
"12",
"13",
"14",
"15",
"16",
"17",
"18",
"19"
]
}
],
"title": "CVE-2022-47929"
},
{
"cve": "CVE-2023-0045",
"cwe": {
"id": "CWE-610",
"name": "Externally Controlled Reference to a Resource in Another Sphere"
},
"notes": [
{
"category": "summary",
"text": "The current implementation of the prctl syscall does not issue an IBPB immediately during the syscall. The ib_prctl_set \u00a0function updates the Thread Information Flags (TIFs) for the task and updates the SPEC_CTRL MSR on the function __speculation_ctrl_update, but the IBPB is only issued on the next schedule, when the TIF bits are checked. This leaves the victim vulnerable to values already injected on the BTB, prior to the prctl syscall. \u00a0The patch that added the support for the conditional mitigation via prctl (ib_prctl_set) dates back to the kernel 4.9.176.\n\nWe recommend upgrading past commit\u00a0a664ec9158eeddd75121d39c9a0758016097fa96",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"1",
"2",
"3",
"4",
"5",
"6",
"7",
"8",
"9",
"10",
"11",
"12",
"13",
"14",
"15",
"16",
"17",
"18",
"19"
]
},
"remediations": [
{
"category": "vendor_fix",
"details": "Update to V3.0.0 or later version",
"product_ids": [
"1",
"2",
"3",
"4",
"5",
"6",
"7",
"8",
"9",
"10",
"11",
"12",
"13",
"14",
"15",
"16",
"17",
"18",
"19"
],
"url": "https://support.industry.siemens.com/cs/ww/en/view/109977720/"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.7,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"1",
"2",
"3",
"4",
"5",
"6",
"7",
"8",
"9",
"10",
"11",
"12",
"13",
"14",
"15",
"16",
"17",
"18",
"19"
]
}
],
"title": "CVE-2023-0045"
},
{
"cve": "CVE-2023-0215",
"cwe": {
"id": "CWE-416",
"name": "Use After Free"
},
"notes": [
{
"category": "summary",
"text": "The public API function BIO_new_NDEF is a helper function used for streaming ASN.1 data via a BIO. It is primarily used internally to OpenSSL to support the SMIME, CMS and PKCS7 streaming capabilities, but may also be called directly by end user applications. The function receives a BIO from the caller, prepends a new BIO_f_asn1 filter BIO onto the front of it to form a BIO chain, and then returns the new head of the BIO chain to the caller. Under certain conditions, for example if a CMS recipient public key is invalid, the new filter BIO is freed and the function returns a NULL result indicating a failure. However, in this case, the BIO chain is not properly cleaned up and the BIO passed by the caller still retains internal pointers to the previously freed filter BIO. If the caller then goes on to call BIO_pop() on the BIO then a use-after-free will occur. This will most likely result in a crash. This scenario occurs directly in the internal function B64_write_ASN1() which may cause BIO_new_NDEF() to be called and will subsequently call BIO_pop() on the BIO. This internal function is in turn called by the public API functions PEM_write_bio_ASN1_stream, PEM_write_bio_CMS_stream, PEM_write_bio_PKCS7_stream, SMIME_write_ASN1, SMIME_write_CMS and SMIME_write_PKCS7. Other public API functions that may be impacted by this include i2d_ASN1_bio_stream, BIO_new_CMS, BIO_new_PKCS7, i2d_CMS_bio_stream and i2d_PKCS7_bio_stream. The OpenSSL cms and smime command line applications are similarly affected.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"1",
"2",
"3",
"4",
"5",
"6",
"7",
"8",
"9",
"10",
"11",
"12",
"13",
"14",
"15",
"16",
"17",
"18",
"19"
]
},
"remediations": [
{
"category": "vendor_fix",
"details": "Update to V3.0.0 or later version",
"product_ids": [
"1",
"2",
"3",
"4",
"5",
"6",
"7",
"8",
"9",
"10",
"11",
"12",
"13",
"14",
"15",
"16",
"17",
"18",
"19"
],
"url": "https://support.industry.siemens.com/cs/ww/en/view/109977720/"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"1",
"2",
"3",
"4",
"5",
"6",
"7",
"8",
"9",
"10",
"11",
"12",
"13",
"14",
"15",
"16",
"17",
"18",
"19"
]
}
],
"title": "CVE-2023-0215"
},
{
"cve": "CVE-2023-0286",
"cwe": {
"id": "CWE-843",
"name": "Access of Resource Using Incompatible Type (\u0027Type Confusion\u0027)"
},
"notes": [
{
"category": "summary",
"text": "There is a type confusion vulnerability relating to X.400 address processing inside an X.509 GeneralName. X.400 addresses were parsed as an ASN1_STRING but the public structure definition for GENERAL_NAME incorrectly specified the type of the x400Address field as ASN1_TYPE. This field is subsequently interpreted by the OpenSSL function GENERAL_NAME_cmp as an ASN1_TYPE rather than an ASN1_STRING. When CRL checking is enabled (i.e. the application sets the X509_V_FLAG_CRL_CHECK flag), this vulnerability may allow an attacker to pass arbitrary pointers to a memcmp call, enabling them to read memory contents or enact a denial of service. In most cases, the attack requires the attacker to provide both the certificate chain and CRL, neither of which need to have a valid signature. If the attacker only controls one of these inputs, the other input must already contain an X.400 address as a CRL distribution point, which is uncommon. As such, this vulnerability is most likely to only affect applications which have implemented their own functionality for retrieving CRLs over a network.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"1",
"2",
"3",
"4",
"5",
"6",
"7",
"8",
"9",
"10",
"11",
"12",
"13",
"14",
"15",
"16",
"17",
"18",
"19"
]
},
"remediations": [
{
"category": "vendor_fix",
"details": "Update to V3.0.0 or later version",
"product_ids": [
"1",
"2",
"3",
"4",
"5",
"6",
"7",
"8",
"9",
"10",
"11",
"12",
"13",
"14",
"15",
"16",
"17",
"18",
"19"
],
"url": "https://support.industry.siemens.com/cs/ww/en/view/109977720/"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.4,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:H",
"version": "3.1"
},
"products": [
"1",
"2",
"3",
"4",
"5",
"6",
"7",
"8",
"9",
"10",
"11",
"12",
"13",
"14",
"15",
"16",
"17",
"18",
"19"
]
}
],
"title": "CVE-2023-0286"
},
{
"cve": "CVE-2023-0464",
"cwe": {
"id": "CWE-295",
"name": "Improper Certificate Validation"
},
"notes": [
{
"category": "summary",
"text": "A security vulnerability has been identified in all supported versions of OpenSSL related to the verification of X.509 certificate chains that include policy constraints. Attackers may be able to exploit this vulnerability by creating a malicious certificate chain that triggers exponential use of computational resources, leading to a denial-of-service (DoS) attack on affected systems.\r\n\r\nPolicy processing is disabled by default but can be enabled by passing the `-policy` argument to the command line utilities or by calling the `X509_VERIFY_PARAM_set1_policies()` function.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"1",
"2",
"3",
"4",
"5",
"6",
"7",
"8",
"9",
"10",
"11",
"12",
"13",
"14",
"15",
"16",
"17",
"18",
"19"
]
},
"remediations": [
{
"category": "vendor_fix",
"details": "Update to V3.0.0 or later version",
"product_ids": [
"1",
"2",
"3",
"4",
"5",
"6",
"7",
"8",
"9",
"10",
"11",
"12",
"13",
"14",
"15",
"16",
"17",
"18",
"19"
],
"url": "https://support.industry.siemens.com/cs/ww/en/view/109977720/"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"1",
"2",
"3",
"4",
"5",
"6",
"7",
"8",
"9",
"10",
"11",
"12",
"13",
"14",
"15",
"16",
"17",
"18",
"19"
]
}
],
"title": "CVE-2023-0464"
},
{
"cve": "CVE-2023-0465",
"cwe": {
"id": "CWE-295",
"name": "Improper Certificate Validation"
},
"notes": [
{
"category": "summary",
"text": "Applications that use a non-default option when verifying certificates may be\r\nvulnerable to an attack from a malicious CA to circumvent certain checks.\r\n\r\nInvalid certificate policies in leaf certificates are silently ignored by\r\nOpenSSL and other certificate policy checks are skipped for that certificate.\r\nA malicious CA could use this to deliberately assert invalid certificate policies\r\nin order to circumvent policy checking on the certificate altogether.\r\n\r\nPolicy processing is disabled by default but can be enabled by passing\r\nthe `-policy` argument to the command line utilities or by calling the\r\n`X509_VERIFY_PARAM_set1_policies()` function.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"1",
"2",
"3",
"4",
"5",
"6",
"7",
"8",
"9",
"10",
"11",
"12",
"13",
"14",
"15",
"16",
"17",
"18",
"19"
]
},
"remediations": [
{
"category": "vendor_fix",
"details": "Update to V3.0.0 or later version",
"product_ids": [
"1",
"2",
"3",
"4",
"5",
"6",
"7",
"8",
"9",
"10",
"11",
"12",
"13",
"14",
"15",
"16",
"17",
"18",
"19"
],
"url": "https://support.industry.siemens.com/cs/ww/en/view/109977720/"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N",
"version": "3.1"
},
"products": [
"1",
"2",
"3",
"4",
"5",
"6",
"7",
"8",
"9",
"10",
"11",
"12",
"13",
"14",
"15",
"16",
"17",
"18",
"19"
]
}
],
"title": "CVE-2023-0465"
},
{
"cve": "CVE-2023-0466",
"cwe": {
"id": "CWE-295",
"name": "Improper Certificate Validation"
},
"notes": [
{
"category": "summary",
"text": "The function X509_VERIFY_PARAM_add0_policy() is documented to\r\nimplicitly enable the certificate policy check when doing certificate\r\nverification. However the implementation of the function does not\r\nenable the check which allows certificates with invalid or incorrect\r\npolicies to pass the certificate verification.\r\n\r\nAs suddenly enabling the policy check could break existing deployments it was\r\ndecided to keep the existing behavior of the X509_VERIFY_PARAM_add0_policy()\r\nfunction.\r\n\r\nInstead the applications that require OpenSSL to perform certificate\r\npolicy check need to use X509_VERIFY_PARAM_set1_policies() or explicitly\r\nenable the policy check by calling X509_VERIFY_PARAM_set_flags() with\r\nthe X509_V_FLAG_POLICY_CHECK flag argument.\r\n\r\nCertificate policy checks are disabled by default in OpenSSL and are not\r\ncommonly used by applications.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"1",
"2",
"3",
"4",
"5",
"6",
"7",
"8",
"9",
"10",
"11",
"12",
"13",
"14",
"15",
"16",
"17",
"18",
"19"
]
},
"remediations": [
{
"category": "vendor_fix",
"details": "Update to V3.0.0 or later version",
"product_ids": [
"1",
"2",
"3",
"4",
"5",
"6",
"7",
"8",
"9",
"10",
"11",
"12",
"13",
"14",
"15",
"16",
"17",
"18",
"19"
],
"url": "https://support.industry.siemens.com/cs/ww/en/view/109977720/"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N",
"version": "3.1"
},
"products": [
"1",
"2",
"3",
"4",
"5",
"6",
"7",
"8",
"9",
"10",
"11",
"12",
"13",
"14",
"15",
"16",
"17",
"18",
"19"
]
}
],
"title": "CVE-2023-0466"
},
{
"cve": "CVE-2023-0590",
"cwe": {
"id": "CWE-416",
"name": "Use After Free"
},
"notes": [
{
"category": "summary",
"text": "A use-after-free flaw was found in qdisc_graft in net/sched/sch_api.c in the Linux Kernel due to a race problem. This flaw leads to a denial of service issue. If patch ebda44da44f6 (\"net: sched: fix race condition in qdisc_graft()\") not applied yet, then kernel could be affected.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"1",
"2",
"3",
"4",
"5",
"6",
"7",
"8",
"9",
"10",
"11",
"12",
"13",
"14",
"15",
"16",
"17",
"18",
"19"
]
},
"remediations": [
{
"category": "vendor_fix",
"details": "Update to V3.0.0 or later version",
"product_ids": [
"1",
"2",
"3",
"4",
"5",
"6",
"7",
"8",
"9",
"10",
"11",
"12",
"13",
"14",
"15",
"16",
"17",
"18",
"19"
],
"url": "https://support.industry.siemens.com/cs/ww/en/view/109977720/"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.7,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"1",
"2",
"3",
"4",
"5",
"6",
"7",
"8",
"9",
"10",
"11",
"12",
"13",
"14",
"15",
"16",
"17",
"18",
"19"
]
}
],
"title": "CVE-2023-0590"
},
{
"cve": "CVE-2023-1073",
"cwe": {
"id": "CWE-787",
"name": "Out-of-bounds Write"
},
"notes": [
{
"category": "summary",
"text": "A memory corruption flaw was found in the Linux kernel\u2019s human interface device (HID) subsystem in how a user inserts a malicious USB device. This flaw allows a local user to crash or potentially escalate their privileges on the system.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"1",
"2",
"3",
"4",
"5",
"6",
"7",
"8",
"9",
"10",
"11",
"12",
"13",
"14",
"15",
"16",
"17",
"18",
"19"
]
},
"remediations": [
{
"category": "vendor_fix",
"details": "Update to V3.0.0 or later version",
"product_ids": [
"1",
"2",
"3",
"4",
"5",
"6",
"7",
"8",
"9",
"10",
"11",
"12",
"13",
"14",
"15",
"16",
"17",
"18",
"19"
],
"url": "https://support.industry.siemens.com/cs/ww/en/view/109977720/"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.6,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:P/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"1",
"2",
"3",
"4",
"5",
"6",
"7",
"8",
"9",
"10",
"11",
"12",
"13",
"14",
"15",
"16",
"17",
"18",
"19"
]
}
],
"title": "CVE-2023-1073"
},
{
"cve": "CVE-2023-1074",
"cwe": {
"id": "CWE-401",
"name": "Missing Release of Memory after Effective Lifetime"
},
"notes": [
{
"category": "summary",
"text": "A memory leak flaw was found in the Linux kernel\u0027s Stream Control Transmission Protocol. This issue may occur when a user starts a malicious networking service and someone connects to this service. This could allow a local user to starve resources, causing a denial of service.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"1",
"2",
"3",
"4",
"5",
"6",
"7",
"8",
"9",
"10",
"11",
"12",
"13",
"14",
"15",
"16",
"17",
"18",
"19"
]
},
"remediations": [
{
"category": "vendor_fix",
"details": "Update to V3.0.0 or later version",
"product_ids": [
"1",
"2",
"3",
"4",
"5",
"6",
"7",
"8",
"9",
"10",
"11",
"12",
"13",
"14",
"15",
"16",
"17",
"18",
"19"
],
"url": "https://support.industry.siemens.com/cs/ww/en/view/109977720/"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"1",
"2",
"3",
"4",
"5",
"6",
"7",
"8",
"9",
"10",
"11",
"12",
"13",
"14",
"15",
"16",
"17",
"18",
"19"
]
}
],
"title": "CVE-2023-1074"
},
{
"cve": "CVE-2023-1118",
"cwe": {
"id": "CWE-416",
"name": "Use After Free"
},
"notes": [
{
"category": "summary",
"text": "A flaw use after free in the Linux kernel integrated infrared receiver/transceiver driver was found in the way user detaching rc device. A local user could use this flaw to crash the system or potentially escalate their privileges on the system.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"1",
"2",
"3",
"4",
"5",
"6",
"7",
"8",
"9",
"10",
"11",
"12",
"13",
"14",
"15",
"16",
"17",
"18",
"19"
]
},
"remediations": [
{
"category": "vendor_fix",
"details": "Update to V3.0.0 or later version",
"product_ids": [
"1",
"2",
"3",
"4",
"5",
"6",
"7",
"8",
"9",
"10",
"11",
"12",
"13",
"14",
"15",
"16",
"17",
"18",
"19"
],
"url": "https://support.industry.siemens.com/cs/ww/en/view/109977720/"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"1",
"2",
"3",
"4",
"5",
"6",
"7",
"8",
"9",
"10",
"11",
"12",
"13",
"14",
"15",
"16",
"17",
"18",
"19"
]
}
],
"title": "CVE-2023-1118"
},
{
"cve": "CVE-2023-1206",
"cwe": {
"id": "CWE-400",
"name": "Uncontrolled Resource Consumption"
},
"notes": [
{
"category": "summary",
"text": "A hash collision flaw was found in the IPv6 connection lookup table in the Linux kernel\u2019s IPv6 functionality when a user makes a new kind of SYN flood attack. A user located in the local network or with a high bandwidth connection can increase the CPU usage of the server that accepts IPV6 connections up to 95%.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"1",
"2",
"3",
"4",
"5",
"6",
"7",
"8",
"9",
"10",
"11",
"12",
"13",
"14",
"15",
"16",
"17",
"18",
"19"
]
},
"remediations": [
{
"category": "vendor_fix",
"details": "Update to V3.0.0 or later version",
"product_ids": [
"1",
"2",
"3",
"4",
"5",
"6",
"7",
"8",
"9",
"10",
"11",
"12",
"13",
"14",
"15",
"16",
"17",
"18",
"19"
],
"url": "https://support.industry.siemens.com/cs/ww/en/view/109977720/"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.7,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"1",
"2",
"3",
"4",
"5",
"6",
"7",
"8",
"9",
"10",
"11",
"12",
"13",
"14",
"15",
"16",
"17",
"18",
"19"
]
}
],
"title": "CVE-2023-1206"
},
{
"cve": "CVE-2023-1380",
"cwe": {
"id": "CWE-125",
"name": "Out-of-bounds Read"
},
"notes": [
{
"category": "summary",
"text": "A slab-out-of-bound read problem was found in brcmf_get_assoc_ies in drivers/net/wireless/broadcom/brcm80211/brcmfmac/cfg80211.c in the Linux Kernel. This issue could occur when assoc_info-\u003ereq_len data is bigger than the size of the buffer, defined as WL_EXTRA_BUF_MAX, leading to a denial of service.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"1",
"2",
"3",
"4",
"5",
"6",
"7",
"8",
"9",
"10",
"11",
"12",
"13",
"14",
"15",
"16",
"17",
"18",
"19"
]
},
"remediations": [
{
"category": "vendor_fix",
"details": "Update to V3.0.0 or later version",
"product_ids": [
"1",
"2",
"3",
"4",
"5",
"6",
"7",
"8",
"9",
"10",
"11",
"12",
"13",
"14",
"15",
"16",
"17",
"18",
"19"
],
"url": "https://support.industry.siemens.com/cs/ww/en/view/109977720/"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.1,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H",
"version": "3.1"
},
"products": [
"1",
"2",
"3",
"4",
"5",
"6",
"7",
"8",
"9",
"10",
"11",
"12",
"13",
"14",
"15",
"16",
"17",
"18",
"19"
]
}
],
"title": "CVE-2023-1380"
},
{
"cve": "CVE-2023-1670",
"cwe": {
"id": "CWE-416",
"name": "Use After Free"
},
"notes": [
{
"category": "summary",
"text": "A flaw use after free in the Linux kernel Xircom 16-bit PCMCIA (PC-card) Ethernet driver was found.A local user could use this flaw to crash the system or potentially escalate their privileges on the system.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"1",
"2",
"3",
"4",
"5",
"6",
"7",
"8",
"9",
"10",
"11",
"12",
"13",
"14",
"15",
"16",
"17",
"18",
"19"
]
},
"remediations": [
{
"category": "vendor_fix",
"details": "Update to V3.0.0 or later version",
"product_ids": [
"1",
"2",
"3",
"4",
"5",
"6",
"7",
"8",
"9",
"10",
"11",
"12",
"13",
"14",
"15",
"16",
"17",
"18",
"19"
],
"url": "https://support.industry.siemens.com/cs/ww/en/view/109977720/"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"1",
"2",
"3",
"4",
"5",
"6",
"7",
"8",
"9",
"10",
"11",
"12",
"13",
"14",
"15",
"16",
"17",
"18",
"19"
]
}
],
"title": "CVE-2023-1670"
},
{
"cve": "CVE-2023-2194",
"cwe": {
"id": "CWE-787",
"name": "Out-of-bounds Write"
},
"notes": [
{
"category": "summary",
"text": "An out-of-bounds write vulnerability was found in the Linux kernel\u0027s SLIMpro I2C device driver. The userspace \"data-\u003eblock[0]\" variable was not capped to a number between 0-255 and was used as the size of a memcpy, possibly writing beyond the end of dma_buffer. This flaw could allow a local privileged user to crash the system or potentially achieve code execution.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"1",
"2",
"3",
"4",
"5",
"6",
"7",
"8",
"9",
"10",
"11",
"12",
"13",
"14",
"15",
"16",
"17",
"18",
"19"
]
},
"remediations": [
{
"category": "vendor_fix",
"details": "Update to V3.0.0 or later version",
"product_ids": [
"1",
"2",
"3",
"4",
"5",
"6",
"7",
"8",
"9",
"10",
"11",
"12",
"13",
"14",
"15",
"16",
"17",
"18",
"19"
],
"url": "https://support.industry.siemens.com/cs/ww/en/view/109977720/"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.7,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"1",
"2",
"3",
"4",
"5",
"6",
"7",
"8",
"9",
"10",
"11",
"12",
"13",
"14",
"15",
"16",
"17",
"18",
"19"
]
}
],
"title": "CVE-2023-2194"
},
{
"cve": "CVE-2023-3446",
"cwe": {
"id": "CWE-1333",
"name": "Inefficient Regular Expression Complexity"
},
"notes": [
{
"category": "summary",
"text": "Checking excessively long DH keys or parameters may be very slow. Applications that use the functions DH_check(), DH_check_ex() or EVP_PKEY_param_check() to check a DH key or DH parameters may experience long delays. Where the key or parameters that are being checked have been obtained from an untrusted source this may lead to a Denial of Service. The function DH_check() performs various checks on DH parameters. One of those checks confirms that the modulus (\u0027p\u0027 parameter) is not too large. Trying to use a very large modulus is slow and OpenSSL will not normally use a modulus which is over 10,000 bits in length. However the DH_check() function checks numerous aspects of the key or parameters that have been supplied. Some of those checks use the supplied modulus value even if it has already been found to be too large. An application that calls DH_check() and supplies a key or parameters obtained from an untrusted source could be vulernable to a Denial of Service attack. The function DH_check() is itself called by a number of other OpenSSL functions. An application calling any of those other functions may similarly be affected. The other functions affected by this are DH_check_ex() and EVP_PKEY_param_check(). Also vulnerable are the OpenSSL dhparam and pkeyparam command line applications when using the \u0027-check\u0027 option. The OpenSSL SSL/TLS implementation is not affected by this issue. The OpenSSL 3.0 and 3.1 FIPS providers are not affected by this issue.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"1",
"2",
"3",
"4",
"5",
"6",
"7",
"8",
"9",
"10",
"11",
"12",
"13",
"14",
"15",
"16",
"17",
"18",
"19"
]
},
"remediations": [
{
"category": "vendor_fix",
"details": "Update to V3.0.0 or later version",
"product_ids": [
"1",
"2",
"3",
"4",
"5",
"6",
"7",
"8",
"9",
"10",
"11",
"12",
"13",
"14",
"15",
"16",
"17",
"18",
"19"
],
"url": "https://support.industry.siemens.com/cs/ww/en/view/109977720/"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"1",
"2",
"3",
"4",
"5",
"6",
"7",
"8",
"9",
"10",
"11",
"12",
"13",
"14",
"15",
"16",
"17",
"18",
"19"
]
}
],
"title": "CVE-2023-3446"
},
{
"cve": "CVE-2023-3611",
"cwe": {
"id": "CWE-787",
"name": "Out-of-bounds Write"
},
"notes": [
{
"category": "summary",
"text": "An out-of-bounds write vulnerability in the Linux kernel\u0027s net/sched: sch_qfq component can be exploited to achieve local privilege escalation.\r\n\r\nThe qfq_change_agg() function in net/sched/sch_qfq.c allows an out-of-bounds write because lmax is updated according to packet sizes without bounds checks.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"1",
"2",
"3",
"4",
"5",
"6",
"7",
"8",
"9",
"10",
"11",
"12",
"13",
"14",
"15",
"16",
"17",
"18",
"19"
]
},
"remediations": [
{
"category": "vendor_fix",
"details": "Update to V3.0.0 or later version",
"product_ids": [
"1",
"2",
"3",
"4",
"5",
"6",
"7",
"8",
"9",
"10",
"11",
"12",
"13",
"14",
"15",
"16",
"17",
"18",
"19"
],
"url": "https://support.industry.siemens.com/cs/ww/en/view/109977720/"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"1",
"2",
"3",
"4",
"5",
"6",
"7",
"8",
"9",
"10",
"11",
"12",
"13",
"14",
"15",
"16",
"17",
"18",
"19"
]
}
],
"title": "CVE-2023-3611"
},
{
"cve": "CVE-2023-4623",
"cwe": {
"id": "CWE-416",
"name": "Use After Free"
},
"notes": [
{
"category": "summary",
"text": "A use-after-free vulnerability in the Linux kernel\u0027s net/sched: sch_hfsc (HFSC qdisc traffic control) component can be exploited to achieve local privilege escalation.\n\nIf a class with a link-sharing curve (i.e. with the HFSC_FSC flag set) has a parent without a link-sharing curve, then init_vf() will call vttree_insert() on the parent, but vttree_remove() will be skipped in update_vf(). This leaves a dangling pointer that can cause a use-after-free.\n\nWe recommend upgrading past commit b3d26c5702c7d6c45456326e56d2ccf3f103e60f.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"1",
"2",
"3",
"4",
"5",
"6",
"7",
"8",
"9",
"10",
"11",
"12",
"13",
"14",
"15",
"16",
"17",
"18",
"19"
]
},
"remediations": [
{
"category": "vendor_fix",
"details": "Update to V3.0.0 or later version",
"product_ids": [
"1",
"2",
"3",
"4",
"5",
"6",
"7",
"8",
"9",
"10",
"11",
"12",
"13",
"14",
"15",
"16",
"17",
"18",
"19"
],
"url": "https://support.industry.siemens.com/cs/ww/en/view/109977720/"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"1",
"2",
"3",
"4",
"5",
"6",
"7",
"8",
"9",
"10",
"11",
"12",
"13",
"14",
"15",
"16",
"17",
"18",
"19"
]
}
],
"title": "CVE-2023-4623"
},
{
"cve": "CVE-2023-4921",
"cwe": {
"id": "CWE-416",
"name": "Use After Free"
},
"notes": [
{
"category": "summary",
"text": "A use-after-free vulnerability in the Linux kernel\u0027s net/sched: sch_qfq component can be exploited to achieve local privilege escalation.\n\nWhen the plug qdisc is used as a class of the qfq qdisc, sending network packets triggers use-after-free in qfq_dequeue() due to the incorrect .peek handler of sch_plug and lack of error checking in agg_dequeue().\n\nWe recommend upgrading past commit 8fc134fee27f2263988ae38920bc03da416b03d8.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"1",
"2",
"3",
"4",
"5",
"6",
"7",
"8",
"9",
"10",
"11",
"12",
"13",
"14",
"15",
"16",
"17",
"18",
"19"
]
},
"remediations": [
{
"category": "vendor_fix",
"details": "Update to V3.0.0 or later version",
"product_ids": [
"1",
"2",
"3",
"4",
"5",
"6",
"7",
"8",
"9",
"10",
"11",
"12",
"13",
"14",
"15",
"16",
"17",
"18",
"19"
],
"url": "https://support.industry.siemens.com/cs/ww/en/view/109977720/"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"1",
"2",
"3",
"4",
"5",
"6",
"7",
"8",
"9",
"10",
"11",
"12",
"13",
"14",
"15",
"16",
"17",
"18",
"19"
]
}
],
"title": "CVE-2023-4921"
},
{
"cve": "CVE-2023-5363",
"cwe": {
"id": "CWE-684",
"name": "Incorrect Provision of Specified Functionality"
},
"notes": [
{
"category": "summary",
"text": "A bug has been identified in the processing of key and initialisation vector (IV) lengths. This can lead to potential truncation or overruns during the initialisation of some symmetric ciphers. A truncation in the IV can result in non-uniqueness, which could result in loss of confidentiality for some cipher modes.\r\n\r\nWhen calling EVP_EncryptInit_ex2(), EVP_DecryptInit_ex2() or EVP_CipherInit_ex2() the provided OSSL_PARAM array is processed after the key and IV have been established. Any alterations to the key length, via the \"keylen\" parameter or the IV length, via the \"ivlen\" parameter, within the OSSL_PARAM array will not take effect as intended, potentially causing truncation or overreading of these values. The following ciphers and cipher modes are impacted: RC2, RC4, RC5, CCM, GCM and OCB.\r\n\r\nFor the CCM, GCM and OCB cipher modes, truncation of the IV can result in loss of confidentiality. For example, when following NIST\u0027s SP 800-38D section 8.2.1 guidance for constructing a deterministic IV for AES in GCM mode, truncation of the counter portion could lead to IV reuse.\r\n\r\nBoth truncations and overruns of the key and overruns of the IV will produce incorrect results and could, in some cases, trigger a memory exception. However, these issues are not currently assessed as security critical.\r\n\r\nChanging the key and/or IV lengths is not considered to be a common operation and the vulnerable API was recently introduced. Furthermore it is likely that application developers will have spotted this problem during testing since decryption would fail unless both peers in the communication were similarly vulnerable. For these reasons we expect the probability of an application being vulnerable to this to be quite low. However if an application is vulnerable then this issue is considered very serious. For these reasons we have assessed this issue as Moderate severity overall.\r\n\r\nThe OpenSSL SSL/TLS implementation is not affected by this issue.\r\n\r\nThe OpenSSL 3.0 and 3.1 FIPS providers are not affected by this because the issue lies outside of the FIPS provider boundary.\r\n\r\nOpenSSL 3.1 and 3.0 are vulnerable to this issue.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"1",
"2",
"3",
"4",
"5",
"6",
"7",
"8",
"9",
"10",
"11",
"12",
"13",
"14",
"15",
"16",
"17",
"18",
"19"
]
},
"remediations": [
{
"category": "vendor_fix",
"details": "Update to V3.0.0 or later version",
"product_ids": [
"1",
"2",
"3",
"4",
"5",
"6",
"7",
"8",
"9",
"10",
"11",
"12",
"13",
"14",
"15",
"16",
"17",
"18",
"19"
],
"url": "https://support.industry.siemens.com/cs/ww/en/view/109977720/"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"1",
"2",
"3",
"4",
"5",
"6",
"7",
"8",
"9",
"10",
"11",
"12",
"13",
"14",
"15",
"16",
"17",
"18",
"19"
]
}
],
"title": "CVE-2023-5363"
},
{
"cve": "CVE-2023-5678",
"cwe": {
"id": "CWE-754",
"name": "Improper Check for Unusual or Exceptional Conditions"
},
"notes": [
{
"category": "summary",
"text": "Generating excessively long X9.42 DH keys or checking excessively long X9.42 DH keys or parameters may be very slow. Applications that use the functions DH_generate_key() to generate an X9.42 DH key may experience long delays. Likewise, applications that use DH_check_pub_key(), DH_check_pub_key_ex() or EVP_PKEY_public_check() to check an X9.42 DH key or X9.42 DH parameters may experience long delays. Where the key or parameters that are being checked have been obtained from an untrusted source this may lead to a Denial of Service. While DH_check() performs all the necessary checks (as of CVE-2023-3817), DH_check_pub_key() doesn\u0027t make any of these checks, and is therefore vulnerable for excessively large P and Q parameters. Likewise, while DH_generate_key() performs a check for an excessively large P, it doesn\u0027t check for an excessively large Q. An application that calls DH_generate_key() or DH_check_pub_key() and supplies a key or parameters obtained from an untrusted source could be vulnerable to a Denial of Service attack. DH_generate_key() and DH_check_pub_key() are also called by a number of other OpenSSL functions. An application calling any of those other functions may similarly be affected. The other functions affected by this are DH_check_pub_key_ex(), EVP_PKEY_public_check(), and EVP_PKEY_generate(). Also vulnerable are the OpenSSL pkey command line application when using the \"-pubcheck\" option, as well as the OpenSSL genpkey command line application. The OpenSSL SSL/TLS implementation is not affected by this issue. The OpenSSL 3.0 and 3.1 FIPS providers are not affected by this issue.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"1",
"2",
"3",
"4",
"5",
"6",
"7",
"8",
"9",
"10",
"11",
"12",
"13",
"14",
"15",
"16",
"17",
"18",
"19"
]
},
"remediations": [
{
"category": "vendor_fix",
"details": "Update to V3.0.0 or later version",
"product_ids": [
"1",
"2",
"3",
"4",
"5",
"6",
"7",
"8",
"9",
"10",
"11",
"12",
"13",
"14",
"15",
"16",
"17",
"18",
"19"
],
"url": "https://support.industry.siemens.com/cs/ww/en/view/109977720/"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"1",
"2",
"3",
"4",
"5",
"6",
"7",
"8",
"9",
"10",
"11",
"12",
"13",
"14",
"15",
"16",
"17",
"18",
"19"
]
}
],
"title": "CVE-2023-5678"
},
{
"cve": "CVE-2023-5717",
"cwe": {
"id": "CWE-787",
"name": "Out-of-bounds Write"
},
"notes": [
{
"category": "summary",
"text": "A heap out-of-bounds write vulnerability in the Linux kernel\u0027s Linux Kernel Performance Events (perf) component can be exploited to achieve local privilege escalation.\r\n\r\nIf perf_read_group() is called while an event\u0027s sibling_list is smaller than its child\u0027s sibling_list, it can increment or write to memory locations outside of the allocated buffer.\r\n\r\nWe recommend upgrading past commit 32671e3799ca2e4590773fd0e63aaa4229e50c06.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"1",
"2",
"3",
"4",
"5",
"6",
"7",
"8",
"9",
"10",
"11",
"12",
"13",
"14",
"15",
"16",
"17",
"18",
"19"
]
},
"remediations": [
{
"category": "vendor_fix",
"details": "Update to V3.0.0 or later version",
"product_ids": [
"1",
"2",
"3",
"4",
"5",
"6",
"7",
"8",
"9",
"10",
"11",
"12",
"13",
"14",
"15",
"16",
"17",
"18",
"19"
],
"url": "https://support.industry.siemens.com/cs/ww/en/view/109977720/"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"1",
"2",
"3",
"4",
"5",
"6",
"7",
"8",
"9",
"10",
"11",
"12",
"13",
"14",
"15",
"16",
"17",
"18",
"19"
]
}
],
"title": "CVE-2023-5717"
},
{
"cve": "CVE-2023-6129",
"cwe": {
"id": "CWE-787",
"name": "Out-of-bounds Write"
},
"notes": [
{
"category": "summary",
"text": "The POLY1305 MAC (message authentication code) implementation\r\ncontains a bug that might corrupt the internal state of applications running\r\non PowerPC CPU based platforms if the CPU provides vector instructions.\r\n\r\nIf an attacker can influence whether the POLY1305 MAC\r\nalgorithm is used, the application state might be corrupted with various\r\napplication dependent consequences.\r\n\r\nThe POLY1305 MAC (message authentication code) implementation in OpenSSL for\r\nPowerPC CPUs restores the contents of vector registers in a different order\r\nthan they are saved. Thus the contents of some of these vector registers\r\nare corrupted when returning to the caller. The vulnerable code is used only\r\non newer PowerPC processors supporting the PowerISA 2.07 instructions.\r\n\r\nThe consequences of this kind of internal application state corruption can\r\nbe various - from no consequences, if the calling application does not\r\ndepend on the contents of non-volatile XMM registers at all, to the worst\r\nconsequences, where the attacker could get complete control of the application\r\nprocess. However unless the compiler uses the vector registers for storing\r\npointers, the most likely consequence, if any, would be an incorrect result\r\nof some application dependent calculations or a crash leading to a denial of\r\nservice.\r\n\r\nThe POLY1305 MAC algorithm is most frequently used as part of the\r\nCHACHA20-POLY1305 AEAD (authenticated encryption with associated data)\r\nalgorithm. The most common usage of this AEAD cipher is with TLS protocol\r\nversions 1.2 and 1.3. If this cipher is enabled on the server a malicious\r\nclient can influence whether this AEAD cipher is used. This implies that\r\nTLS server applications using OpenSSL can be potentially impacted. However\r\nwe are currently not aware of any concrete application that would be affected\r\nby this issue therefore we consider this a Low severity security issue.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"1",
"2",
"3",
"4",
"5",
"6",
"7",
"8",
"9",
"10",
"11",
"12",
"13",
"14",
"15",
"16",
"17",
"18",
"19"
]
},
"remediations": [
{
"category": "vendor_fix",
"details": "Update to V3.0.0 or later version",
"product_ids": [
"1",
"2",
"3",
"4",
"5",
"6",
"7",
"8",
"9",
"10",
"11",
"12",
"13",
"14",
"15",
"16",
"17",
"18",
"19"
],
"url": "https://support.industry.siemens.com/cs/ww/en/view/109977720/"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:H",
"version": "3.1"
},
"products": [
"1",
"2",
"3",
"4",
"5",
"6",
"7",
"8",
"9",
"10",
"11",
"12",
"13",
"14",
"15",
"16",
"17",
"18",
"19"
]
}
],
"title": "CVE-2023-6129"
},
{
"cve": "CVE-2023-6237",
"cwe": {
"id": "CWE-400",
"name": "Uncontrolled Resource Consumption"
},
"notes": [
{
"category": "summary",
"text": "Checking excessively long invalid RSA public keys may take a long time. Applications that use the function EVP_PKEY_public_check() to check RSA public keys may experience long delays. Where the key that is being checked has been obtained from an untrusted source this may lead to a Denial of Service. When function EVP_PKEY_public_check() is called on RSA public keys, a computation is done to confirm that the RSA modulus, n, is composite. For valid RSA keys, n is a product of two or more large primes and this computation completes quickly. However, if n is an overly large prime, then this computation would take a long time. An application that calls EVP_PKEY_public_check() and supplies an RSA key obtained from an untrusted source could be vulnerable to a Denial of Service attack. The function EVP_PKEY_public_check() is not called from other OpenSSL functions however it is called from the OpenSSL pkey command line application. For that reason that application is also vulnerable if used with the \u0027-pubin\u0027 and \u0027-check\u0027 options on untrusted data. The OpenSSL SSL/TLS implementation is not affected by this issue. The OpenSSL 3.0 and 3.1 FIPS providers are affected by this issue.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"1",
"2",
"3",
"4",
"5",
"6",
"7",
"8",
"9",
"10",
"11",
"12",
"13",
"14",
"15",
"16",
"17",
"18",
"19"
]
},
"remediations": [
{
"category": "vendor_fix",
"details": "Update to V3.0.0 or later version",
"product_ids": [
"1",
"2",
"3",
"4",
"5",
"6",
"7",
"8",
"9",
"10",
"11",
"12",
"13",
"14",
"15",
"16",
"17",
"18",
"19"
],
"url": "https://support.industry.siemens.com/cs/ww/en/view/109977720/"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"1",
"2",
"3",
"4",
"5",
"6",
"7",
"8",
"9",
"10",
"11",
"12",
"13",
"14",
"15",
"16",
"17",
"18",
"19"
]
}
],
"title": "CVE-2023-6237"
},
{
"cve": "CVE-2023-7250",
"cwe": {
"id": "CWE-183",
"name": "Permissive List of Allowed Inputs"
},
"notes": [
{
"category": "summary",
"text": "A flaw was found in iperf, a utility for testing network performance using TCP, UDP, and SCTP. A malicious or malfunctioning client can send less than the expected amount of data to the iperf server, which can cause the server to hang indefinitely waiting for the remainder or until the connection gets closed. This will prevent other connections to the server, leading to a denial of service.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"1",
"2",
"3",
"4",
"5",
"6",
"7",
"8",
"9",
"10",
"11",
"12",
"13",
"14",
"15",
"16",
"17",
"18",
"19"
]
},
"remediations": [
{
"category": "vendor_fix",
"details": "Update to V3.0.0 or later version",
"product_ids": [
"1",
"2",
"3",
"4",
"5",
"6",
"7",
"8",
"9",
"10",
"11",
"12",
"13",
"14",
"15",
"16",
"17",
"18",
"19"
],
"url": "https://support.industry.siemens.com/cs/ww/en/view/109977720/"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"1",
"2",
"3",
"4",
"5",
"6",
"7",
"8",
"9",
"10",
"11",
"12",
"13",
"14",
"15",
"16",
"17",
"18",
"19"
]
}
],
"title": "CVE-2023-7250"
},
{
"cve": "CVE-2023-23454",
"cwe": {
"id": "CWE-843",
"name": "Access of Resource Using Incompatible Type (\u0027Type Confusion\u0027)"
},
"notes": [
{
"category": "summary",
"text": "cbq_classify in net/sched/sch_cbq.c in the Linux kernel through 6.1.4 allows attackers to cause a denial of service (slab-out-of-bounds read) because of type confusion (non-negative numbers can sometimes indicate a TC_ACT_SHOT condition rather than valid classification results).",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"1",
"2",
"3",
"4",
"5",
"6",
"7",
"8",
"9",
"10",
"11",
"12",
"13",
"14",
"15",
"16",
"17",
"18",
"19"
]
},
"remediations": [
{
"category": "vendor_fix",
"details": "Update to V3.0.0 or later version",
"product_ids": [
"1",
"2",
"3",
"4",
"5",
"6",
"7",
"8",
"9",
"10",
"11",
"12",
"13",
"14",
"15",
"16",
"17",
"18",
"19"
],
"url": "https://support.industry.siemens.com/cs/ww/en/view/109977720/"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"1",
"2",
"3",
"4",
"5",
"6",
"7",
"8",
"9",
"10",
"11",
"12",
"13",
"14",
"15",
"16",
"17",
"18",
"19"
]
}
],
"title": "CVE-2023-23454"
},
{
"cve": "CVE-2023-23455",
"cwe": {
"id": "CWE-843",
"name": "Access of Resource Using Incompatible Type (\u0027Type Confusion\u0027)"
},
"notes": [
{
"category": "summary",
"text": "atm_tc_enqueue in net/sched/sch_atm.c in the Linux kernel through 6.1.4 allows attackers to cause a denial of service because of type confusion (non-negative numbers can sometimes indicate a TC_ACT_SHOT condition rather than valid classification results).",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"1",
"2",
"3",
"4",
"5",
"6",
"7",
"8",
"9",
"10",
"11",
"12",
"13",
"14",
"15",
"16",
"17",
"18",
"19"
]
},
"remediations": [
{
"category": "vendor_fix",
"details": "Update to V3.0.0 or later version",
"product_ids": [
"1",
"2",
"3",
"4",
"5",
"6",
"7",
"8",
"9",
"10",
"11",
"12",
"13",
"14",
"15",
"16",
"17",
"18",
"19"
],
"url": "https://support.industry.siemens.com/cs/ww/en/view/109977720/"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"1",
"2",
"3",
"4",
"5",
"6",
"7",
"8",
"9",
"10",
"11",
"12",
"13",
"14",
"15",
"16",
"17",
"18",
"19"
]
}
],
"title": "CVE-2023-23455"
},
{
"cve": "CVE-2023-23559",
"cwe": {
"id": "CWE-190",
"name": "Integer Overflow or Wraparound"
},
"notes": [
{
"category": "summary",
"text": "In rndis_query_oid in drivers/net/wireless/rndis_wlan.c in the Linux kernel through 6.1.5, there is an integer overflow in an addition.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"1",
"2",
"3",
"4",
"5",
"6",
"7",
"8",
"9",
"10",
"11",
"12",
"13",
"14",
"15",
"16",
"17",
"18",
"19"
]
},
"remediations": [
{
"category": "vendor_fix",
"details": "Update to V3.0.0 or later version",
"product_ids": [
"1",
"2",
"3",
"4",
"5",
"6",
"7",
"8",
"9",
"10",
"11",
"12",
"13",
"14",
"15",
"16",
"17",
"18",
"19"
],
"url": "https://support.industry.siemens.com/cs/ww/en/view/109977720/"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"1",
"2",
"3",
"4",
"5",
"6",
"7",
"8",
"9",
"10",
"11",
"12",
"13",
"14",
"15",
"16",
"17",
"18",
"19"
]
}
],
"title": "CVE-2023-23559"
},
{
"cve": "CVE-2023-26545",
"cwe": {
"id": "CWE-415",
"name": "Double Free"
},
"notes": [
{
"category": "summary",
"text": "In the Linux kernel before 6.1.13, there is a double free in net/mpls/af_mpls.c upon an allocation failure (for registering the sysctl table under a new location) during the renaming of a device.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"1",
"2",
"3",
"4",
"5",
"6",
"7",
"8",
"9",
"10",
"11",
"12",
"13",
"14",
"15",
"16",
"17",
"18",
"19"
]
},
"remediations": [
{
"category": "vendor_fix",
"details": "Update to V3.0.0 or later version",
"product_ids": [
"1",
"2",
"3",
"4",
"5",
"6",
"7",
"8",
"9",
"10",
"11",
"12",
"13",
"14",
"15",
"16",
"17",
"18",
"19"
],
"url": "https://support.industry.siemens.com/cs/ww/en/view/109977720/"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.7,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"1",
"2",
"3",
"4",
"5",
"6",
"7",
"8",
"9",
"10",
"11",
"12",
"13",
"14",
"15",
"16",
"17",
"18",
"19"
]
}
],
"title": "CVE-2023-26545"
},
{
"cve": "CVE-2023-28484",
"cwe": {
"id": "CWE-476",
"name": "NULL Pointer Dereference"
},
"notes": [
{
"category": "summary",
"text": "In libxml2 before 2.10.4, parsing of certain invalid XSD schemas can lead to a NULL pointer dereference and subsequently a segfault. This occurs in xmlSchemaFixupComplexType in xmlschemas.c.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"1",
"2",
"3",
"4",
"5",
"6",
"7",
"8",
"9",
"10",
"11",
"12",
"13",
"14",
"15",
"16",
"17",
"18",
"19"
]
},
"remediations": [
{
"category": "vendor_fix",
"details": "Update to V3.0.0 or later version",
"product_ids": [
"1",
"2",
"3",
"4",
"5",
"6",
"7",
"8",
"9",
"10",
"11",
"12",
"13",
"14",
"15",
"16",
"17",
"18",
"19"
],
"url": "https://support.industry.siemens.com/cs/ww/en/view/109977720/"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"1",
"2",
"3",
"4",
"5",
"6",
"7",
"8",
"9",
"10",
"11",
"12",
"13",
"14",
"15",
"16",
"17",
"18",
"19"
]
}
],
"title": "CVE-2023-28484"
},
{
"cve": "CVE-2023-28578",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"notes": [
{
"category": "summary",
"text": "Memory corruption in Core Services while executing the command for removing a single event listener.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"1",
"2",
"3",
"4",
"5",
"6",
"7",
"8",
"9",
"10",
"11",
"12",
"13",
"14",
"15",
"16",
"17",
"18",
"19"
]
},
"remediations": [
{
"category": "vendor_fix",
"details": "Update to V3.0.0 or later version",
"product_ids": [
"1",
"2",
"3",
"4",
"5",
"6",
"7",
"8",
"9",
"10",
"11",
"12",
"13",
"14",
"15",
"16",
"17",
"18",
"19"
],
"url": "https://support.industry.siemens.com/cs/ww/en/view/109977720/"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 9.3,
"baseSeverity": "CRITICAL",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"1",
"2",
"3",
"4",
"5",
"6",
"7",
"8",
"9",
"10",
"11",
"12",
"13",
"14",
"15",
"16",
"17",
"18",
"19"
]
}
],
"title": "CVE-2023-28578"
},
{
"cve": "CVE-2023-29469",
"cwe": {
"id": "CWE-415",
"name": "Double Free"
},
"notes": [
{
"category": "summary",
"text": "An issue was discovered in libxml2 before 2.10.4. When hashing empty dict strings in a crafted XML document, xmlDictComputeFastKey in dict.c can produce non-deterministic values, leading to various logic and memory errors, such as a double free. This behavior occurs because there is an attempt to use the first byte of an empty string, and any value is possible (not solely the \u0027\\0\u0027 value).",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"1",
"2",
"3",
"4",
"5",
"6",
"7",
"8",
"9",
"10",
"11",
"12",
"13",
"14",
"15",
"16",
"17",
"18",
"19"
]
},
"remediations": [
{
"category": "vendor_fix",
"details": "Update to V3.0.0 or later version",
"product_ids": [
"1",
"2",
"3",
"4",
"5",
"6",
"7",
"8",
"9",
"10",
"11",
"12",
"13",
"14",
"15",
"16",
"17",
"18",
"19"
],
"url": "https://support.industry.siemens.com/cs/ww/en/view/109977720/"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"1",
"2",
"3",
"4",
"5",
"6",
"7",
"8",
"9",
"10",
"11",
"12",
"13",
"14",
"15",
"16",
"17",
"18",
"19"
]
}
],
"title": "CVE-2023-29469"
},
{
"cve": "CVE-2023-31085",
"cwe": {
"id": "CWE-369",
"name": "Divide By Zero"
},
"notes": [
{
"category": "summary",
"text": "An issue was discovered in drivers/mtd/ubi/cdev.c in the Linux kernel 6.2. There is a divide-by-zero error in do_div(sz,mtd-\u003eerasesize), used indirectly by ctrl_cdev_ioctl, when mtd-\u003eerasesize is 0.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"1",
"2",
"3",
"4",
"5",
"6",
"7",
"8",
"9",
"10",
"11",
"12",
"13",
"14",
"15",
"16",
"17",
"18",
"19"
]
},
"remediations": [
{
"category": "vendor_fix",
"details": "Update to V3.0.0 or later version",
"product_ids": [
"1",
"2",
"3",
"4",
"5",
"6",
"7",
"8",
"9",
"10",
"11",
"12",
"13",
"14",
"15",
"16",
"17",
"18",
"19"
],
"url": "https://support.industry.siemens.com/cs/ww/en/view/109977720/"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"1",
"2",
"3",
"4",
"5",
"6",
"7",
"8",
"9",
"10",
"11",
"12",
"13",
"14",
"15",
"16",
"17",
"18",
"19"
]
}
],
"title": "CVE-2023-31085"
},
{
"cve": "CVE-2023-31315",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"notes": [
{
"category": "summary",
"text": "Improper validation in a model specific register (MSR) could allow a malicious program with ring0 access to modify SMM configuration while SMI lock is enabled, potentially leading to arbitrary code execution.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"1",
"2",
"3",
"4",
"5",
"6",
"7",
"8",
"9",
"10",
"11",
"12",
"13",
"14",
"15",
"16",
"17",
"18",
"19"
]
},
"remediations": [
{
"category": "vendor_fix",
"details": "Update to V3.0.0 or later version",
"product_ids": [
"1",
"2",
"3",
"4",
"5",
"6",
"7",
"8",
"9",
"10",
"11",
"12",
"13",
"14",
"15",
"16",
"17",
"18",
"19"
],
"url": "https://support.industry.siemens.com/cs/ww/en/view/109977720/"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"1",
"2",
"3",
"4",
"5",
"6",
"7",
"8",
"9",
"10",
"11",
"12",
"13",
"14",
"15",
"16",
"17",
"18",
"19"
]
}
],
"title": "CVE-2023-31315"
},
{
"cve": "CVE-2023-35001",
"cwe": {
"id": "CWE-787",
"name": "Out-of-bounds Write"
},
"notes": [
{
"category": "summary",
"text": "Linux Kernel nftables Out-Of-Bounds Read/Write Vulnerability; nft_byteorder poorly handled vm register contents when CAP_NET_ADMIN is in any user or network namespace",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"1",
"2",
"3",
"4",
"5",
"6",
"7",
"8",
"9",
"10",
"11",
"12",
"13",
"14",
"15",
"16",
"17",
"18",
"19"
]
},
"remediations": [
{
"category": "vendor_fix",
"details": "Update to V3.0.0 or later version",
"product_ids": [
"1",
"2",
"3",
"4",
"5",
"6",
"7",
"8",
"9",
"10",
"11",
"12",
"13",
"14",
"15",
"16",
"17",
"18",
"19"
],
"url": "https://support.industry.siemens.com/cs/ww/en/view/109977720/"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"1",
"2",
"3",
"4",
"5",
"6",
"7",
"8",
"9",
"10",
"11",
"12",
"13",
"14",
"15",
"16",
"17",
"18",
"19"
]
}
],
"title": "CVE-2023-35001"
},
{
"cve": "CVE-2023-39192",
"cwe": {
"id": "CWE-125",
"name": "Out-of-bounds Read"
},
"notes": [
{
"category": "summary",
"text": "A flaw was found in the Netfilter subsystem in the Linux kernel. The xt_u32 module did not validate the fields in the xt_u32 structure. This flaw allows a local privileged attacker to trigger an out-of-bounds read by setting the size fields with a value beyond the array boundaries, leading to a crash or information disclosure.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"1",
"2",
"3",
"4",
"5",
"6",
"7",
"8",
"9",
"10",
"11",
"12",
"13",
"14",
"15",
"16",
"17",
"18",
"19"
]
},
"remediations": [
{
"category": "vendor_fix",
"details": "Update to V3.0.0 or later version",
"product_ids": [
"1",
"2",
"3",
"4",
"5",
"6",
"7",
"8",
"9",
"10",
"11",
"12",
"13",
"14",
"15",
"16",
"17",
"18",
"19"
],
"url": "https://support.industry.siemens.com/cs/ww/en/view/109977720/"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.7,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:N/A:L",
"version": "3.1"
},
"products": [
"1",
"2",
"3",
"4",
"5",
"6",
"7",
"8",
"9",
"10",
"11",
"12",
"13",
"14",
"15",
"16",
"17",
"18",
"19"
]
}
],
"title": "CVE-2023-39192"
},
{
"cve": "CVE-2023-39193",
"cwe": {
"id": "CWE-125",
"name": "Out-of-bounds Read"
},
"notes": [
{
"category": "summary",
"text": "A flaw was found in the Netfilter subsystem in the Linux kernel. The sctp_mt_check did not validate the flag_count field. This flaw allows a local privileged (CAP_NET_ADMIN) attacker to trigger an out-of-bounds read, leading to a crash or information disclosure.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"1",
"2",
"3",
"4",
"5",
"6",
"7",
"8",
"9",
"10",
"11",
"12",
"13",
"14",
"15",
"16",
"17",
"18",
"19"
]
},
"remediations": [
{
"category": "vendor_fix",
"details": "Update to V3.0.0 or later version",
"product_ids": [
"1",
"2",
"3",
"4",
"5",
"6",
"7",
"8",
"9",
"10",
"11",
"12",
"13",
"14",
"15",
"16",
"17",
"18",
"19"
],
"url": "https://support.industry.siemens.com/cs/ww/en/view/109977720/"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:L",
"version": "3.1"
},
"products": [
"1",
"2",
"3",
"4",
"5",
"6",
"7",
"8",
"9",
"10",
"11",
"12",
"13",
"14",
"15",
"16",
"17",
"18",
"19"
]
}
],
"title": "CVE-2023-39193"
},
{
"cve": "CVE-2023-42754",
"cwe": {
"id": "CWE-476",
"name": "NULL Pointer Dereference"
},
"notes": [
{
"category": "summary",
"text": "A NULL pointer dereference flaw was found in the Linux kernel ipv4 stack. The socket buffer (skb) was assumed to be associated with a device before calling __ip_options_compile, which is not always the case if the skb is re-routed by ipvs. This issue may allow a local user with CAP_NET_ADMIN privileges to crash the system.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"1",
"2",
"3",
"4",
"5",
"6",
"7",
"8",
"9",
"10",
"11",
"12",
"13",
"14",
"15",
"16",
"17",
"18",
"19"
]
},
"remediations": [
{
"category": "vendor_fix",
"details": "Update to V3.0.0 or later version",
"product_ids": [
"1",
"2",
"3",
"4",
"5",
"6",
"7",
"8",
"9",
"10",
"11",
"12",
"13",
"14",
"15",
"16",
"17",
"18",
"19"
],
"url": "https://support.industry.siemens.com/cs/ww/en/view/109977720/"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"1",
"2",
"3",
"4",
"5",
"6",
"7",
"8",
"9",
"10",
"11",
"12",
"13",
"14",
"15",
"16",
"17",
"18",
"19"
]
}
],
"title": "CVE-2023-42754"
},
{
"cve": "CVE-2023-43522",
"cwe": {
"id": "CWE-476",
"name": "NULL Pointer Dereference"
},
"notes": [
{
"category": "summary",
"text": "Transient DOS while key unwrapping process, when the given encrypted key is empty or NULL.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"1",
"2",
"3",
"4",
"5",
"6",
"7",
"8",
"9",
"10",
"11",
"12",
"13",
"14",
"15",
"16",
"17",
"18",
"19"
]
},
"remediations": [
{
"category": "vendor_fix",
"details": "Update to V3.0.0 or later version",
"product_ids": [
"1",
"2",
"3",
"4",
"5",
"6",
"7",
"8",
"9",
"10",
"11",
"12",
"13",
"14",
"15",
"16",
"17",
"18",
"19"
],
"url": "https://support.industry.siemens.com/cs/ww/en/view/109977720/"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"1",
"2",
"3",
"4",
"5",
"6",
"7",
"8",
"9",
"10",
"11",
"12",
"13",
"14",
"15",
"16",
"17",
"18",
"19"
]
}
],
"title": "CVE-2023-43522"
},
{
"cve": "CVE-2023-44320",
"cwe": {
"id": "CWE-425",
"name": "Direct Request (\u0027Forced Browsing\u0027)"
},
"notes": [
{
"category": "summary",
"text": "Affected devices do not properly validate the authentication when performing certain modifications in the web interface allowing an authenticated attacker to influence the user interface configured by an administrator.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"1",
"2",
"3",
"4",
"5",
"6",
"7",
"8",
"9",
"10",
"11",
"12",
"13",
"14",
"15",
"16",
"17",
"18",
"19"
]
},
"remediations": [
{
"category": "vendor_fix",
"details": "Update to V3.0.0 or later version",
"product_ids": [
"1",
"2",
"3",
"4",
"5",
"6",
"7",
"8",
"9",
"10",
"11",
"12",
"13",
"14",
"15",
"16",
"17",
"18",
"19"
],
"url": "https://support.industry.siemens.com/cs/ww/en/view/109977720/"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N/E:P/RL:O/RC:C",
"version": "3.1"
},
"products": [
"1",
"2",
"3",
"4",
"5",
"6",
"7",
"8",
"9",
"10",
"11",
"12",
"13",
"14",
"15",
"16",
"17",
"18",
"19"
]
}
],
"title": "CVE-2023-44320"
},
{
"cve": "CVE-2023-44322",
"cwe": {
"id": "CWE-252",
"name": "Unchecked Return Value"
},
"notes": [
{
"category": "summary",
"text": "Affected devices can be configured to send emails when certain events occur on the device. When presented with an invalid response from the SMTP server, the device triggers an error that disrupts email sending. An attacker with access to the network can use this to do disable notification of users when certain events occur.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"1",
"2",
"3",
"4",
"5",
"6",
"7",
"8",
"9",
"10",
"11",
"12",
"13",
"14",
"15",
"16",
"17",
"18",
"19"
]
},
"remediations": [
{
"category": "vendor_fix",
"details": "Update to V3.0.0 or later version",
"product_ids": [
"1",
"2",
"3",
"4",
"5",
"6",
"7",
"8",
"9",
"10",
"11",
"12",
"13",
"14",
"15",
"16",
"17",
"18",
"19"
],
"url": "https://support.industry.siemens.com/cs/ww/en/view/109977720/"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 3.7,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L/E:P/RL:O/RC:C",
"version": "3.1"
},
"products": [
"1",
"2",
"3",
"4",
"5",
"6",
"7",
"8",
"9",
"10",
"11",
"12",
"13",
"14",
"15",
"16",
"17",
"18",
"19"
]
}
],
"title": "CVE-2023-44322"
},
{
"cve": "CVE-2023-45853",
"cwe": {
"id": "CWE-190",
"name": "Integer Overflow or Wraparound"
},
"notes": [
{
"category": "summary",
"text": "MiniZip in zlib through 1.3 has an integer overflow and resultant heap-based buffer overflow in zipOpenNewFileInZip4_64 via a long filename, comment, or extra field. NOTE: MiniZip is not a supported part of the zlib product.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"1",
"2",
"3",
"4",
"5",
"6",
"7",
"8",
"9",
"10",
"11",
"12",
"13",
"14",
"15",
"16",
"17",
"18",
"19"
]
},
"remediations": [
{
"category": "vendor_fix",
"details": "Update to V3.0.0 or later version",
"product_ids": [
"1",
"2",
"3",
"4",
"5",
"6",
"7",
"8",
"9",
"10",
"11",
"12",
"13",
"14",
"15",
"16",
"17",
"18",
"19"
],
"url": "https://support.industry.siemens.com/cs/ww/en/view/109977720/"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"1",
"2",
"3",
"4",
"5",
"6",
"7",
"8",
"9",
"10",
"11",
"12",
"13",
"14",
"15",
"16",
"17",
"18",
"19"
]
}
],
"title": "CVE-2023-45853"
},
{
"cve": "CVE-2023-45863",
"cwe": {
"id": "CWE-787",
"name": "Out-of-bounds Write"
},
"notes": [
{
"category": "summary",
"text": "An issue was discovered in lib/kobject.c in the Linux kernel before 6.2.3. With root access, an attacker can trigger a race condition that results in a fill_kobj_path out-of-bounds write.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"1",
"2",
"3",
"4",
"5",
"6",
"7",
"8",
"9",
"10",
"11",
"12",
"13",
"14",
"15",
"16",
"17",
"18",
"19"
]
},
"remediations": [
{
"category": "vendor_fix",
"details": "Update to V3.0.0 or later version",
"product_ids": [
"1",
"2",
"3",
"4",
"5",
"6",
"7",
"8",
"9",
"10",
"11",
"12",
"13",
"14",
"15",
"16",
"17",
"18",
"19"
],
"url": "https://support.industry.siemens.com/cs/ww/en/view/109977720/"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.4,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"1",
"2",
"3",
"4",
"5",
"6",
"7",
"8",
"9",
"10",
"11",
"12",
"13",
"14",
"15",
"16",
"17",
"18",
"19"
]
}
],
"title": "CVE-2023-45863"
},
{
"cve": "CVE-2023-48795",
"cwe": {
"id": "CWE-222",
"name": "Truncation of Security-relevant Information"
},
"notes": [
{
"category": "summary",
"text": "The SSH transport protocol with certain OpenSSH extensions, found in OpenSSH before 9.6 and other products, allows remote attackers to bypass integrity checks such that some packets are omitted (from the extension negotiation message), and a client and server may consequently end up with a connection for which some security features have been downgraded or disabled, aka a Terrapin attack. This occurs because the SSH Binary Packet Protocol (BPP), implemented by these extensions, mishandles the handshake phase and mishandles use of sequence numbers. For example, there is an effective attack against SSH\u0027s use of ChaCha20-Poly1305 (and CBC with Encrypt-then-MAC). The bypass occurs in chacha20-poly1305@openssh.com and (if CBC is used) the -etm@openssh.com MAC algorithms. This also affects Maverick Synergy Java SSH API before 3.1.0-SNAPSHOT, Dropbear through 2022.83, Ssh before 5.1.1 in Erlang/OTP, PuTTY before 0.80, AsyncSSH before 2.14.2, golang.org/x/crypto before 0.17.0, libssh before 0.10.6, libssh2 through 1.11.0, Thorn Tech SFTP Gateway before 3.4.6, Tera Term before 5.1, Paramiko before 3.4.0, jsch before 0.2.15, SFTPGo before 2.5.6, Netgate pfSense Plus through 23.09.1, Netgate pfSense CE through 2.7.2, HPN-SSH through 18.2.0, ProFTPD before 1.3.8b (and before1.3.9rc2), ORYX CycloneSSH before 2.3.4, NetSarang XShell 7 before Build 0144, CrushFTP before 10.6.0, ConnectBot SSH library before 2.2.22, Apache MINA sshd through 2.11.0, sshj through 0.37.0, TinySSH through 20230101, trilead-ssh2 6401, the net-ssh gem 7.2.0 for Ruby, the mscdex ssh2 module before 1.15.0 for Node.js, the thrussh library before 0.35.1 for Rust, and the Russh crate before 0.40.2 for Rust; and there could be effects on Bitvise SSH through 9.31.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"1",
"2",
"3",
"4",
"5",
"6",
"7",
"8",
"9",
"10",
"11",
"12",
"13",
"14",
"15",
"16",
"17",
"18",
"19"
]
},
"remediations": [
{
"category": "vendor_fix",
"details": "Update to V3.0.0 or later version",
"product_ids": [
"1",
"2",
"3",
"4",
"5",
"6",
"7",
"8",
"9",
"10",
"11",
"12",
"13",
"14",
"15",
"16",
"17",
"18",
"19"
],
"url": "https://support.industry.siemens.com/cs/ww/en/view/109977720/"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N",
"version": "3.1"
},
"products": [
"1",
"2",
"3",
"4",
"5",
"6",
"7",
"8",
"9",
"10",
"11",
"12",
"13",
"14",
"15",
"16",
"17",
"18",
"19"
]
}
],
"title": "CVE-2023-48795"
},
{
"cve": "CVE-2023-51384",
"cwe": {
"id": "CWE-304",
"name": "Missing Critical Step in Authentication"
},
"notes": [
{
"category": "summary",
"text": "In ssh-agent in OpenSSH before 9.6, certain destination constraints can be incompletely applied. When destination constraints are specified during addition of PKCS#11-hosted private keys, these constraints are only applied to the first key, even if a PKCS#11 token returns multiple keys.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"1",
"2",
"3",
"4",
"5",
"6",
"7",
"8",
"9",
"10",
"11",
"12",
"13",
"14",
"15",
"16",
"17",
"18",
"19"
]
},
"remediations": [
{
"category": "vendor_fix",
"details": "Update to V3.0.0 or later version",
"product_ids": [
"1",
"2",
"3",
"4",
"5",
"6",
"7",
"8",
"9",
"10",
"11",
"12",
"13",
"14",
"15",
"16",
"17",
"18",
"19"
],
"url": "https://support.industry.siemens.com/cs/ww/en/view/109977720/"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"1",
"2",
"3",
"4",
"5",
"6",
"7",
"8",
"9",
"10",
"11",
"12",
"13",
"14",
"15",
"16",
"17",
"18",
"19"
]
}
],
"title": "CVE-2023-51384"
},
{
"cve": "CVE-2023-51385",
"cwe": {
"id": "CWE-78",
"name": "Improper Neutralization of Special Elements used in an OS Command (\u0027OS Command Injection\u0027)"
},
"notes": [
{
"category": "summary",
"text": "In ssh in OpenSSH before 9.6, OS command injection might occur if a user name or host name has shell metacharacters, and this name is referenced by an expansion token in certain situations. For example, an untrusted Git repository can have a submodule with shell metacharacters in a user name or host name.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"1",
"2",
"3",
"4",
"5",
"6",
"7",
"8",
"9",
"10",
"11",
"12",
"13",
"14",
"15",
"16",
"17",
"18",
"19"
]
},
"remediations": [
{
"category": "vendor_fix",
"details": "Update to V3.0.0 or later version",
"product_ids": [
"1",
"2",
"3",
"4",
"5",
"6",
"7",
"8",
"9",
"10",
"11",
"12",
"13",
"14",
"15",
"16",
"17",
"18",
"19"
],
"url": "https://support.industry.siemens.com/cs/ww/en/view/109977720/"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N",
"version": "3.1"
},
"products": [
"1",
"2",
"3",
"4",
"5",
"6",
"7",
"8",
"9",
"10",
"11",
"12",
"13",
"14",
"15",
"16",
"17",
"18",
"19"
]
}
],
"title": "CVE-2023-51385"
},
{
"cve": "CVE-2024-0727",
"cwe": {
"id": "CWE-476",
"name": "NULL Pointer Dereference"
},
"notes": [
{
"category": "summary",
"text": "Processing a maliciously formatted PKCS12 file may lead OpenSSL to crash leading to a potential Denial of Service attack",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"1",
"2",
"3",
"4",
"5",
"6",
"7",
"8",
"9",
"10",
"11",
"12",
"13",
"14",
"15",
"16",
"17",
"18",
"19"
]
},
"remediations": [
{
"category": "vendor_fix",
"details": "Update to V3.0.0 or later version",
"product_ids": [
"1",
"2",
"3",
"4",
"5",
"6",
"7",
"8",
"9",
"10",
"11",
"12",
"13",
"14",
"15",
"16",
"17",
"18",
"19"
],
"url": "https://support.industry.siemens.com/cs/ww/en/view/109977720/"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"1",
"2",
"3",
"4",
"5",
"6",
"7",
"8",
"9",
"10",
"11",
"12",
"13",
"14",
"15",
"16",
"17",
"18",
"19"
]
}
],
"title": "CVE-2024-0727"
},
{
"cve": "CVE-2024-2511",
"cwe": {
"id": "CWE-400",
"name": "Uncontrolled Resource Consumption"
},
"notes": [
{
"category": "summary",
"text": "Some non-default TLS server configurations can cause unbounded memory growth when processing TLSv1.3 sessions. An attacker may exploit certain server configurations to trigger unbounded memory growth that would lead to a Denial of Service This problem can occur in TLSv1.3 if the non-default SSL_OP_NO_TICKET option is being used (but not if early_data support is also configured and the default anti-replay protection is in use). In this case, under certain conditions, the session cache can get into an incorrect state and it will fail to flush properly as it fills. The session cache will continue to grow in an unbounded manner. A malicious client could deliberately create the scenario for this failure to force a Denial of Service. It may also happen by accident in normal operation. This issue only affects TLS servers supporting TLSv1.3. It does not affect TLS clients. The FIPS modules in 3.2, 3.1 and 3.0 are not affected by this issue. OpenSSL 1.0.2 is also not affected by this issue.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"1",
"2",
"3",
"4",
"5",
"6",
"7",
"8",
"9",
"10",
"11",
"12",
"13",
"14",
"15",
"16",
"17",
"18",
"19"
]
},
"remediations": [
{
"category": "vendor_fix",
"details": "Update to V3.0.0 or later version",
"product_ids": [
"1",
"2",
"3",
"4",
"5",
"6",
"7",
"8",
"9",
"10",
"11",
"12",
"13",
"14",
"15",
"16",
"17",
"18",
"19"
],
"url": "https://support.industry.siemens.com/cs/ww/en/view/109977720/"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 3.7,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"1",
"2",
"3",
"4",
"5",
"6",
"7",
"8",
"9",
"10",
"11",
"12",
"13",
"14",
"15",
"16",
"17",
"18",
"19"
]
}
],
"title": "CVE-2024-2511"
},
{
"cve": "CVE-2024-4603",
"cwe": {
"id": "CWE-834",
"name": "Excessive Iteration"
},
"notes": [
{
"category": "summary",
"text": "Checking excessively long DSA keys or parameters may be very slow. Applications that use the functions EVP_PKEY_param_check() or EVP_PKEY_public_check() to check a DSA public key or DSA parameters may experience long delays. Where the key or parameters that are being checked have been obtained from an untrusted source this may lead to a Denial of Service. The functions EVP_PKEY_param_check() or EVP_PKEY_public_check() perform various checks on DSA parameters. Some of those computations take a long time if the modulus (`p` parameter) is too large. Trying to use a very large modulus is slow and OpenSSL will not allow using public keys with a modulus which is over 10,000 bits in length for signature verification. However the key and parameter check functions do not limit the modulus size when performing the checks. An application that calls EVP_PKEY_param_check() or EVP_PKEY_public_check() and supplies a key or parameters obtained from an untrusted source could be vulnerable to a Denial of Service attack. These functions are not called by OpenSSL itself on untrusted DSA keys so only applications that directly call these functions may be vulnerable. Also vulnerable are the OpenSSL pkey and pkeyparam command line applications when using the `-check` option. The OpenSSL SSL/TLS implementation is not affected by this issue. The OpenSSL 3.0 and 3.1 FIPS providers are affected by this issue.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"1",
"2",
"3",
"4",
"5",
"6",
"7",
"8",
"9",
"10",
"11",
"12",
"13",
"14",
"15",
"16",
"17",
"18",
"19"
]
},
"remediations": [
{
"category": "vendor_fix",
"details": "Update to V3.0.0 or later version",
"product_ids": [
"1",
"2",
"3",
"4",
"5",
"6",
"7",
"8",
"9",
"10",
"11",
"12",
"13",
"14",
"15",
"16",
"17",
"18",
"19"
],
"url": "https://support.industry.siemens.com/cs/ww/en/view/109977720/"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"1",
"2",
"3",
"4",
"5",
"6",
"7",
"8",
"9",
"10",
"11",
"12",
"13",
"14",
"15",
"16",
"17",
"18",
"19"
]
}
],
"title": "CVE-2024-4603"
},
{
"cve": "CVE-2024-4741",
"cwe": {
"id": "CWE-416",
"name": "Use After Free"
},
"notes": [
{
"category": "summary",
"text": "Calling the OpenSSL API function SSL_free_buffers may cause memory to be accessed that was previously freed in some situations",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"1",
"2",
"3",
"4",
"5",
"6",
"7",
"8",
"9",
"10",
"11",
"12",
"13",
"14",
"15",
"16",
"17",
"18",
"19"
]
},
"remediations": [
{
"category": "vendor_fix",
"details": "Update to V3.0.0 or later version",
"product_ids": [
"1",
"2",
"3",
"4",
"5",
"6",
"7",
"8",
"9",
"10",
"11",
"12",
"13",
"14",
"15",
"16",
"17",
"18",
"19"
],
"url": "https://support.industry.siemens.com/cs/ww/en/view/109977720/"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"1",
"2",
"3",
"4",
"5",
"6",
"7",
"8",
"9",
"10",
"11",
"12",
"13",
"14",
"15",
"16",
"17",
"18",
"19"
]
}
],
"title": "CVE-2024-4741"
},
{
"cve": "CVE-2024-5535",
"cwe": {
"id": "CWE-200",
"name": "Exposure of Sensitive Information to an Unauthorized Actor"
},
"notes": [
{
"category": "summary",
"text": "Calling the OpenSSL API function SSL_select_next_proto with an empty supported client protocols buffer may cause a crash or memory contents to be sent to the peer. A buffer overread can have a range of potential consequences such as unexpected application beahviour or a crash. In particular this issue could result in up to 255 bytes of arbitrary private data from memory being sent to the peer leading to a loss of confidentiality. However, only applications that directly call the SSL_select_next_proto function with a 0 length list of supported client protocols are affected by this issue. This would normally never be a valid scenario and is typically not under attacker control but may occur by accident in the case of a configuration or programming error in the calling application. The OpenSSL API function SSL_select_next_proto is typically used by TLS applications that support ALPN (Application Layer Protocol Negotiation) or NPN (Next Protocol Negotiation). NPN is older, was never standardised and is deprecated in favour of ALPN. We believe that ALPN is significantly more widely deployed than NPN. The SSL_select_next_proto function accepts a list of protocols from the server and a list of protocols from the client and returns the first protocol that appears in the server list that also appears in the client list. In the case of no overlap between the two lists it returns the first item in the client list. In either case it will signal whether an overlap between the two lists was found. In the case where SSL_select_next_proto is called with a zero length client list it fails to notice this condition and returns the memory immediately following the client list pointer (and reports that there was no overlap in the lists). This function is typically called from a server side application callback for ALPN or a client side application callback for NPN. In the case of ALPN the list of protocols supplied by the client is guaranteed by libssl to never be zero in length. The list of server protocols comes from the application and should never normally be expected to be of zero length. In this case if the SSL_select_next_proto function has been called as expected (with the list supplied by the client passed in the client/client_len parameters), then the application will not be vulnerable to this issue. If the application has accidentally been configured with a zero length server list, and has accidentally passed that zero length server list in the client/client_len parameters, and has additionally failed to correctly handle a \"no overlap\" response (which would normally result in a handshake failure in ALPN) then it will be vulnerable to this problem. In the case of NPN, the protocol permits the client to opportunistically select a protocol when there is no overlap. OpenSSL returns the first client protocol in the no overlap case in support of this. The list of client protocols comes from the application and should never normally be expected to be of zero length. However if the SSL_select_next_proto function is accidentally called with a client_len of 0 then an invalid memory pointer will be returned instead. If the application uses this output as the opportunistic protocol then the loss of confidentiality will occur. This issue has been assessed as Low severity because applications are most likely to be vulnerable if they are using NPN instead of ALPN - but NPN is not widely used. It also requires an application configuration or programming error. Finally, this issue would not typically be under attacker control making active exploitation unlikely. The FIPS modules in 3.3, 3.2, 3.1 and 3.0 are not affected by this issue. Due to the low severity of this issue we are not issuing new releases of OpenSSL at this time. The fix will be included in the next releases when they become available.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"1",
"2",
"3",
"4",
"5",
"6",
"7",
"8",
"9",
"10",
"11",
"12",
"13",
"14",
"15",
"16",
"17",
"18",
"19"
]
},
"remediations": [
{
"category": "vendor_fix",
"details": "Update to V3.0.0 or later version",
"product_ids": [
"1",
"2",
"3",
"4",
"5",
"6",
"7",
"8",
"9",
"10",
"11",
"12",
"13",
"14",
"15",
"16",
"17",
"18",
"19"
],
"url": "https://support.industry.siemens.com/cs/ww/en/view/109977720/"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"1",
"2",
"3",
"4",
"5",
"6",
"7",
"8",
"9",
"10",
"11",
"12",
"13",
"14",
"15",
"16",
"17",
"18",
"19"
]
}
],
"title": "CVE-2024-5535"
},
{
"cve": "CVE-2024-6119",
"cwe": {
"id": "CWE-843",
"name": "Access of Resource Using Incompatible Type (\u0027Type Confusion\u0027)"
},
"notes": [
{
"category": "summary",
"text": "Applications performing certificate name checks (e.g., TLS clients checking server certificates) may attempt to read an invalid memory address resulting in abnormal termination of the application process. Impact summary: Abnormal termination of an application can a cause a denial of service. Applications performing certificate name checks (e.g., TLS clients checking server certificates) may attempt to read an invalid memory address when comparing the expected name with an `otherName` subject alternative name of an X.509 certificate. This may result in an exception that terminates the application program. Note that basic certificate chain validation (signatures, dates, ...) is not affected, the denial of service can occur only when the application also specifies an expected DNS name, Email address or IP address. TLS servers rarely solicit client certificates, and even when they do, they generally don\u0027t perform a name check against a reference identifier (expected identity), but rather extract the presented identity after checking the certificate chain. So TLS servers are generally not affected and the severity of the issue is Moderate. The FIPS modules in 3.3, 3.2, 3.1 and 3.0 are not affected by this issue.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"1",
"2",
"3",
"4",
"5",
"6",
"7",
"8",
"9",
"10",
"11",
"12",
"13",
"14",
"15",
"16",
"17",
"18",
"19"
]
},
"remediations": [
{
"category": "vendor_fix",
"details": "Update to V3.0.0 or later version",
"product_ids": [
"1",
"2",
"3",
"4",
"5",
"6",
"7",
"8",
"9",
"10",
"11",
"12",
"13",
"14",
"15",
"16",
"17",
"18",
"19"
],
"url": "https://support.industry.siemens.com/cs/ww/en/view/109977720/"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"1",
"2",
"3",
"4",
"5",
"6",
"7",
"8",
"9",
"10",
"11",
"12",
"13",
"14",
"15",
"16",
"17",
"18",
"19"
]
}
],
"title": "CVE-2024-6119"
},
{
"cve": "CVE-2024-9143",
"cwe": {
"id": "CWE-787",
"name": "Out-of-bounds Write"
},
"notes": [
{
"category": "summary",
"text": "Use of the low-level GF(2m) elliptic curve APIs with untrusted explicit values for the field polynomial can lead to out-of-bounds memory reads or writes. Impact summary: Out of bound memory writes can lead to an application crash or even a possibility of a remote code execution, however, in all the protocols involving Elliptic Curve Cryptography that we\u0027re aware of, either only \"named curves\" are supported, or, if explicit curve parameters are supported, they specify an X9.62 encoding of binary (GF(2m)) curves that can\u0027t represent problematic input values. Thus the likelihood of existence of a vulnerable application is low. In particular, the X9.62 encoding is used for ECC keys in X.509 certificates, so problematic inputs cannot occur in the context of processing X.509 certificates. Any problematic use-cases would have to be using an \"exotic\" curve encoding. The affected APIs include: EC_GROUP_new_curve_GF2m(), EC_GROUP_new_from_params(), and various supporting BN_GF2m_*() functions. Applications working with \"exotic\" explicit binary (GF(2m)) curve parameters, that make it possible to represent invalid field polynomials with a zero constant term, via the above or similar APIs, may terminate abruptly as a result of reading or writing outside of array bounds. Remote code execution cannot easily be ruled out. The FIPS modules in 3.3, 3.2, 3.1 and 3.0 are not affected by this issue.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"1",
"2",
"3",
"4",
"5",
"6",
"7",
"8",
"9",
"10",
"11",
"12",
"13",
"14",
"15",
"16",
"17",
"18",
"19"
]
},
"remediations": [
{
"category": "vendor_fix",
"details": "Update to V3.0.0 or later version",
"product_ids": [
"1",
"2",
"3",
"4",
"5",
"6",
"7",
"8",
"9",
"10",
"11",
"12",
"13",
"14",
"15",
"16",
"17",
"18",
"19"
],
"url": "https://support.industry.siemens.com/cs/ww/en/view/109977720/"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N",
"version": "3.1"
},
"products": [
"1",
"2",
"3",
"4",
"5",
"6",
"7",
"8",
"9",
"10",
"11",
"12",
"13",
"14",
"15",
"16",
"17",
"18",
"19"
]
}
],
"title": "CVE-2024-9143"
},
{
"cve": "CVE-2024-23814",
"cwe": {
"id": "CWE-400",
"name": "Uncontrolled Resource Consumption"
},
"notes": [
{
"category": "summary",
"text": "The integrated ICMP service of the network stack of affected devices can be forced to exhaust its available memory resources when receiving specially crafted messages targeting IP fragment re-assembly. This could allow an unauthenticated remote attacker to cause a temporary denial of service condition of the ICMP service, other communication services are not affected. Affected devices will resume normal operation after the attack terminates.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"1",
"2",
"3",
"4",
"5",
"6",
"7",
"8",
"9",
"10",
"11",
"12",
"13",
"14",
"15",
"16",
"17",
"18",
"19"
]
},
"remediations": [
{
"category": "vendor_fix",
"details": "Update to V3.0.0 or later version",
"product_ids": [
"1",
"2",
"3",
"4",
"5",
"6",
"7",
"8",
"9",
"10",
"11",
"12",
"13",
"14",
"15",
"16",
"17",
"18",
"19"
],
"url": "https://support.industry.siemens.com/cs/ww/en/view/109977720/"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:P/RL:O/RC:C",
"version": "3.1"
},
"products": [
"1",
"2",
"3",
"4",
"5",
"6",
"7",
"8",
"9",
"10",
"11",
"12",
"13",
"14",
"15",
"16",
"17",
"18",
"19"
]
}
],
"title": "CVE-2024-23814"
},
{
"cve": "CVE-2024-26306",
"cwe": {
"id": "CWE-203",
"name": "Observable Discrepancy"
},
"notes": [
{
"category": "summary",
"text": "iPerf3 before 3.17, when used with OpenSSL before 3.2.0 as a server with RSA authentication, allows a timing side channel in RSA decryption operations. This side channel could be sufficient for an attacker to recover credential plaintext. It requires the attacker to send a large number of messages for decryption, as described in \"Everlasting ROBOT: the Marvin Attack\" by Hubert Kario.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"1",
"2",
"3",
"4",
"5",
"6",
"7",
"8",
"9",
"10",
"11",
"12",
"13",
"14",
"15",
"16",
"17",
"18",
"19"
]
},
"remediations": [
{
"category": "vendor_fix",
"details": "Update to V3.0.0 or later version",
"product_ids": [
"1",
"2",
"3",
"4",
"5",
"6",
"7",
"8",
"9",
"10",
"11",
"12",
"13",
"14",
"15",
"16",
"17",
"18",
"19"
],
"url": "https://support.industry.siemens.com/cs/ww/en/view/109977720/"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"1",
"2",
"3",
"4",
"5",
"6",
"7",
"8",
"9",
"10",
"11",
"12",
"13",
"14",
"15",
"16",
"17",
"18",
"19"
]
}
],
"title": "CVE-2024-26306"
},
{
"cve": "CVE-2024-33016",
"cwe": {
"id": "CWE-119",
"name": "Improper Restriction of Operations within the Bounds of a Memory Buffer"
},
"notes": [
{
"category": "summary",
"text": "memory corruption when an invalid firehose patch command is invoked.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"1",
"2",
"3",
"4",
"5",
"6",
"7",
"8",
"9",
"10",
"11",
"12",
"13",
"14",
"15",
"16",
"17",
"18",
"19"
]
},
"remediations": [
{
"category": "vendor_fix",
"details": "Update to V3.0.0 or later version",
"product_ids": [
"1",
"2",
"3",
"4",
"5",
"6",
"7",
"8",
"9",
"10",
"11",
"12",
"13",
"14",
"15",
"16",
"17",
"18",
"19"
],
"url": "https://support.industry.siemens.com/cs/ww/en/view/109977720/"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.8,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"1",
"2",
"3",
"4",
"5",
"6",
"7",
"8",
"9",
"10",
"11",
"12",
"13",
"14",
"15",
"16",
"17",
"18",
"19"
]
}
],
"title": "CVE-2024-33016"
},
{
"cve": "CVE-2024-50560",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"notes": [
{
"category": "summary",
"text": "Affected devices truncates usernames longer than 15 characters when accessed via SSH or Telnet. This could allow an attacker to compromise system integrity.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"1",
"2",
"3",
"4",
"5",
"6",
"7",
"8",
"9",
"10",
"11",
"12",
"13",
"14",
"15",
"16",
"17",
"18",
"19"
]
},
"remediations": [
{
"category": "vendor_fix",
"details": "Update to V3.0.0 or later version",
"product_ids": [
"1",
"2",
"3",
"4",
"5",
"6",
"7",
"8",
"9",
"10",
"11",
"12",
"13",
"14",
"15",
"16",
"17",
"18",
"19"
],
"url": "https://support.industry.siemens.com/cs/ww/en/view/109977720/"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 3.1,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:N/I:L/A:N",
"version": "3.1"
},
"products": [
"1",
"2",
"3",
"4",
"5",
"6",
"7",
"8",
"9",
"10",
"11",
"12",
"13",
"14",
"15",
"16",
"17",
"18",
"19"
]
}
],
"title": "CVE-2024-50560"
},
{
"cve": "CVE-2024-50561",
"cwe": {
"id": "CWE-79",
"name": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)"
},
"notes": [
{
"category": "summary",
"text": "Affected devices do not properly sanitize the filenames before uploading. This could allow an authenticated remote attacker to compromise of integrity of the system.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"1",
"2",
"3",
"4",
"5",
"6",
"7",
"8",
"9",
"10",
"11",
"12",
"13",
"14",
"15",
"16",
"17",
"18",
"19"
]
},
"remediations": [
{
"category": "vendor_fix",
"details": "Update to V3.0.0 or later version",
"product_ids": [
"1",
"2",
"3",
"4",
"5",
"6",
"7",
"8",
"9",
"10",
"11",
"12",
"13",
"14",
"15",
"16",
"17",
"18",
"19"
],
"url": "https://support.industry.siemens.com/cs/ww/en/view/109977720/"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N",
"version": "3.1"
},
"products": [
"1",
"2",
"3",
"4",
"5",
"6",
"7",
"8",
"9",
"10",
"11",
"12",
"13",
"14",
"15",
"16",
"17",
"18",
"19"
]
}
],
"title": "CVE-2024-50561"
},
{
"cve": "CVE-2024-50572",
"cwe": {
"id": "CWE-74",
"name": "Improper Neutralization of Special Elements in Output Used by a Downstream Component (\u0027Injection\u0027)"
},
"notes": [
{
"category": "summary",
"text": "Affected devices do not properly sanitize an input field. This could allow an authenticated remote attacker with administrative privileges to inject code or spawn a system root shell.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"1",
"2",
"3",
"4",
"5",
"6",
"7",
"8",
"9",
"10",
"11",
"12",
"13",
"14",
"15",
"16",
"17",
"18",
"19"
]
},
"remediations": [
{
"category": "vendor_fix",
"details": "Update to V3.0.0 or later version",
"product_ids": [
"1",
"2",
"3",
"4",
"5",
"6",
"7",
"8",
"9",
"10",
"11",
"12",
"13",
"14",
"15",
"16",
"17",
"18",
"19"
],
"url": "https://support.industry.siemens.com/cs/ww/en/view/109977720/"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.2,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"1",
"2",
"3",
"4",
"5",
"6",
"7",
"8",
"9",
"10",
"11",
"12",
"13",
"14",
"15",
"16",
"17",
"18",
"19"
]
}
],
"title": "CVE-2024-50572"
},
{
"cve": "CVE-2025-24499",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"notes": [
{
"category": "summary",
"text": "Affected devices do not properly validate input while loading the configuration files. This could allow an authenticated remote attacker to execute arbitrary shell commands on the device.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"1",
"2",
"3",
"4",
"5",
"6",
"7",
"8",
"9",
"10",
"11",
"12",
"13",
"14",
"15",
"16",
"17",
"18",
"19"
]
},
"remediations": [
{
"category": "vendor_fix",
"details": "Update to V3.0.0 or later version",
"product_ids": [
"1",
"2",
"3",
"4",
"5",
"6",
"7",
"8",
"9",
"10",
"11",
"12",
"13",
"14",
"15",
"16",
"17",
"18",
"19"
],
"url": "https://support.industry.siemens.com/cs/ww/en/view/109977720/"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.2,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C",
"version": "3.1"
},
"products": [
"1",
"2",
"3",
"4",
"5",
"6",
"7",
"8",
"9",
"10",
"11",
"12",
"13",
"14",
"15",
"16",
"17",
"18",
"19"
]
}
],
"title": "CVE-2025-24499"
},
{
"cve": "CVE-2025-24532",
"cwe": {
"id": "CWE-284",
"name": "Improper Access Control"
},
"notes": [
{
"category": "summary",
"text": "Affected devices with role `user` is affected by incorrect authorization in SNMPv3 View configuration. This could allow an attacker to change the View Type of SNMPv3 Views.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"1",
"2",
"3",
"4",
"5",
"6",
"7",
"8",
"9",
"10",
"11",
"12",
"13",
"14",
"15",
"16",
"17",
"18",
"19"
]
},
"remediations": [
{
"category": "vendor_fix",
"details": "Update to V3.0.0 or later version",
"product_ids": [
"1",
"2",
"3",
"4",
"5",
"6",
"7",
"8",
"9",
"10",
"11",
"12",
"13",
"14",
"15",
"16",
"17",
"18",
"19"
],
"url": "https://support.industry.siemens.com/cs/ww/en/view/109977720/"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N/E:P/RL:O/RC:C",
"version": "3.1"
},
"products": [
"1",
"2",
"3",
"4",
"5",
"6",
"7",
"8",
"9",
"10",
"11",
"12",
"13",
"14",
"15",
"16",
"17",
"18",
"19"
]
}
],
"title": "CVE-2025-24532"
}
]
}
SUSE-SU-2024:3105-1
Vulnerability from csaf_suse - Published: 2024-09-03 15:00 - Updated: 2024-09-03 15:00| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Module for Basesystem 15 SP5:libopenssl-3-devel-3.0.8-150500.5.42.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Basesystem 15 SP5:libopenssl-3-devel-3.0.8-150500.5.42.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Basesystem 15 SP5:libopenssl-3-devel-3.0.8-150500.5.42.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Basesystem 15 SP5:libopenssl-3-devel-3.0.8-150500.5.42.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Basesystem 15 SP5:libopenssl3-3.0.8-150500.5.42.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Basesystem 15 SP5:libopenssl3-3.0.8-150500.5.42.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Basesystem 15 SP5:libopenssl3-3.0.8-150500.5.42.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Basesystem 15 SP5:libopenssl3-3.0.8-150500.5.42.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Basesystem 15 SP5:openssl-3-3.0.8-150500.5.42.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Basesystem 15 SP5:openssl-3-3.0.8-150500.5.42.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Basesystem 15 SP5:openssl-3-3.0.8-150500.5.42.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Basesystem 15 SP5:openssl-3-3.0.8-150500.5.42.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.5:libopenssl-3-devel-3.0.8-150500.5.42.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.5:libopenssl-3-devel-3.0.8-150500.5.42.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.5:libopenssl-3-devel-3.0.8-150500.5.42.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.5:libopenssl-3-devel-3.0.8-150500.5.42.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.5:libopenssl-3-devel-32bit-3.0.8-150500.5.42.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.5:libopenssl3-3.0.8-150500.5.42.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.5:libopenssl3-3.0.8-150500.5.42.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.5:libopenssl3-3.0.8-150500.5.42.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.5:libopenssl3-3.0.8-150500.5.42.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.5:libopenssl3-32bit-3.0.8-150500.5.42.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.5:openssl-3-3.0.8-150500.5.42.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.5:openssl-3-3.0.8-150500.5.42.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.5:openssl-3-3.0.8-150500.5.42.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.5:openssl-3-3.0.8-150500.5.42.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.5:openssl-3-doc-3.0.8-150500.5.42.1.noarch | — |
Vendor Fix
|
{
"document": {
"aggregate_severity": {
"namespace": "https://www.suse.com/support/security/rating/",
"text": "moderate"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright 2024 SUSE LLC. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Security update for openssl-3",
"title": "Title of the patch"
},
{
"category": "description",
"text": "This update for openssl-3 fixes the following issues:\n\n- CVE-2024-6119: Fixed denial of service in X.509 name checks (bsc#1229465)\n",
"title": "Description of the patch"
},
{
"category": "details",
"text": "SUSE-2024-3105,SUSE-SLE-Module-Basesystem-15-SP5-2024-3105,openSUSE-SLE-15.5-2024-3105",
"title": "Patchnames"
},
{
"category": "legal_disclaimer",
"text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
"title": "Terms of use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://www.suse.com/support/security/contact/",
"name": "SUSE Product Security Team",
"namespace": "https://www.suse.com/"
},
"references": [
{
"category": "external",
"summary": "SUSE ratings",
"url": "https://www.suse.com/support/security/rating/"
},
{
"category": "self",
"summary": "URL of this CSAF notice",
"url": "https://ftp.suse.com/pub/projects/security/csaf/suse-su-2024_3105-1.json"
},
{
"category": "self",
"summary": "URL for SUSE-SU-2024:3105-1",
"url": "https://www.suse.com/support/update/announcement/2024/suse-su-20243105-1/"
},
{
"category": "self",
"summary": "E-Mail link for SUSE-SU-2024:3105-1",
"url": "https://lists.suse.com/pipermail/sle-updates/2024-September/036767.html"
},
{
"category": "self",
"summary": "SUSE Bug 1229465",
"url": "https://bugzilla.suse.com/1229465"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-6119 page",
"url": "https://www.suse.com/security/cve/CVE-2024-6119/"
}
],
"title": "Security update for openssl-3",
"tracking": {
"current_release_date": "2024-09-03T15:00:24Z",
"generator": {
"date": "2024-09-03T15:00:24Z",
"engine": {
"name": "cve-database.git:bin/generate-csaf.pl",
"version": "1"
}
},
"id": "SUSE-SU-2024:3105-1",
"initial_release_date": "2024-09-03T15:00:24Z",
"revision_history": [
{
"date": "2024-09-03T15:00:24Z",
"number": "1",
"summary": "Current version"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "libopenssl-3-devel-3.0.8-150500.5.42.1.aarch64",
"product": {
"name": "libopenssl-3-devel-3.0.8-150500.5.42.1.aarch64",
"product_id": "libopenssl-3-devel-3.0.8-150500.5.42.1.aarch64"
}
},
{
"category": "product_version",
"name": "libopenssl3-3.0.8-150500.5.42.1.aarch64",
"product": {
"name": "libopenssl3-3.0.8-150500.5.42.1.aarch64",
"product_id": "libopenssl3-3.0.8-150500.5.42.1.aarch64"
}
},
{
"category": "product_version",
"name": "openssl-3-3.0.8-150500.5.42.1.aarch64",
"product": {
"name": "openssl-3-3.0.8-150500.5.42.1.aarch64",
"product_id": "openssl-3-3.0.8-150500.5.42.1.aarch64"
}
}
],
"category": "architecture",
"name": "aarch64"
},
{
"branches": [
{
"category": "product_version",
"name": "libopenssl-3-devel-64bit-3.0.8-150500.5.42.1.aarch64_ilp32",
"product": {
"name": "libopenssl-3-devel-64bit-3.0.8-150500.5.42.1.aarch64_ilp32",
"product_id": "libopenssl-3-devel-64bit-3.0.8-150500.5.42.1.aarch64_ilp32"
}
},
{
"category": "product_version",
"name": "libopenssl3-64bit-3.0.8-150500.5.42.1.aarch64_ilp32",
"product": {
"name": "libopenssl3-64bit-3.0.8-150500.5.42.1.aarch64_ilp32",
"product_id": "libopenssl3-64bit-3.0.8-150500.5.42.1.aarch64_ilp32"
}
}
],
"category": "architecture",
"name": "aarch64_ilp32"
},
{
"branches": [
{
"category": "product_version",
"name": "libopenssl-3-devel-3.0.8-150500.5.42.1.i586",
"product": {
"name": "libopenssl-3-devel-3.0.8-150500.5.42.1.i586",
"product_id": "libopenssl-3-devel-3.0.8-150500.5.42.1.i586"
}
},
{
"category": "product_version",
"name": "libopenssl3-3.0.8-150500.5.42.1.i586",
"product": {
"name": "libopenssl3-3.0.8-150500.5.42.1.i586",
"product_id": "libopenssl3-3.0.8-150500.5.42.1.i586"
}
},
{
"category": "product_version",
"name": "openssl-3-3.0.8-150500.5.42.1.i586",
"product": {
"name": "openssl-3-3.0.8-150500.5.42.1.i586",
"product_id": "openssl-3-3.0.8-150500.5.42.1.i586"
}
}
],
"category": "architecture",
"name": "i586"
},
{
"branches": [
{
"category": "product_version",
"name": "openssl-3-doc-3.0.8-150500.5.42.1.noarch",
"product": {
"name": "openssl-3-doc-3.0.8-150500.5.42.1.noarch",
"product_id": "openssl-3-doc-3.0.8-150500.5.42.1.noarch"
}
}
],
"category": "architecture",
"name": "noarch"
},
{
"branches": [
{
"category": "product_version",
"name": "libopenssl-3-devel-3.0.8-150500.5.42.1.ppc64le",
"product": {
"name": "libopenssl-3-devel-3.0.8-150500.5.42.1.ppc64le",
"product_id": "libopenssl-3-devel-3.0.8-150500.5.42.1.ppc64le"
}
},
{
"category": "product_version",
"name": "libopenssl3-3.0.8-150500.5.42.1.ppc64le",
"product": {
"name": "libopenssl3-3.0.8-150500.5.42.1.ppc64le",
"product_id": "libopenssl3-3.0.8-150500.5.42.1.ppc64le"
}
},
{
"category": "product_version",
"name": "openssl-3-3.0.8-150500.5.42.1.ppc64le",
"product": {
"name": "openssl-3-3.0.8-150500.5.42.1.ppc64le",
"product_id": "openssl-3-3.0.8-150500.5.42.1.ppc64le"
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "libopenssl-3-devel-3.0.8-150500.5.42.1.s390x",
"product": {
"name": "libopenssl-3-devel-3.0.8-150500.5.42.1.s390x",
"product_id": "libopenssl-3-devel-3.0.8-150500.5.42.1.s390x"
}
},
{
"category": "product_version",
"name": "libopenssl3-3.0.8-150500.5.42.1.s390x",
"product": {
"name": "libopenssl3-3.0.8-150500.5.42.1.s390x",
"product_id": "libopenssl3-3.0.8-150500.5.42.1.s390x"
}
},
{
"category": "product_version",
"name": "openssl-3-3.0.8-150500.5.42.1.s390x",
"product": {
"name": "openssl-3-3.0.8-150500.5.42.1.s390x",
"product_id": "openssl-3-3.0.8-150500.5.42.1.s390x"
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "libopenssl-3-devel-3.0.8-150500.5.42.1.x86_64",
"product": {
"name": "libopenssl-3-devel-3.0.8-150500.5.42.1.x86_64",
"product_id": "libopenssl-3-devel-3.0.8-150500.5.42.1.x86_64"
}
},
{
"category": "product_version",
"name": "libopenssl-3-devel-32bit-3.0.8-150500.5.42.1.x86_64",
"product": {
"name": "libopenssl-3-devel-32bit-3.0.8-150500.5.42.1.x86_64",
"product_id": "libopenssl-3-devel-32bit-3.0.8-150500.5.42.1.x86_64"
}
},
{
"category": "product_version",
"name": "libopenssl3-3.0.8-150500.5.42.1.x86_64",
"product": {
"name": "libopenssl3-3.0.8-150500.5.42.1.x86_64",
"product_id": "libopenssl3-3.0.8-150500.5.42.1.x86_64"
}
},
{
"category": "product_version",
"name": "libopenssl3-32bit-3.0.8-150500.5.42.1.x86_64",
"product": {
"name": "libopenssl3-32bit-3.0.8-150500.5.42.1.x86_64",
"product_id": "libopenssl3-32bit-3.0.8-150500.5.42.1.x86_64"
}
},
{
"category": "product_version",
"name": "openssl-3-3.0.8-150500.5.42.1.x86_64",
"product": {
"name": "openssl-3-3.0.8-150500.5.42.1.x86_64",
"product_id": "openssl-3-3.0.8-150500.5.42.1.x86_64"
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_name",
"name": "SUSE Linux Enterprise Module for Basesystem 15 SP5",
"product": {
"name": "SUSE Linux Enterprise Module for Basesystem 15 SP5",
"product_id": "SUSE Linux Enterprise Module for Basesystem 15 SP5",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sle-module-basesystem:15:sp5"
}
}
},
{
"category": "product_name",
"name": "openSUSE Leap 15.5",
"product": {
"name": "openSUSE Leap 15.5",
"product_id": "openSUSE Leap 15.5",
"product_identification_helper": {
"cpe": "cpe:/o:opensuse:leap:15.5"
}
}
}
],
"category": "product_family",
"name": "SUSE Linux Enterprise"
}
],
"category": "vendor",
"name": "SUSE"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "libopenssl-3-devel-3.0.8-150500.5.42.1.aarch64 as component of SUSE Linux Enterprise Module for Basesystem 15 SP5",
"product_id": "SUSE Linux Enterprise Module for Basesystem 15 SP5:libopenssl-3-devel-3.0.8-150500.5.42.1.aarch64"
},
"product_reference": "libopenssl-3-devel-3.0.8-150500.5.42.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Basesystem 15 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libopenssl-3-devel-3.0.8-150500.5.42.1.ppc64le as component of SUSE Linux Enterprise Module for Basesystem 15 SP5",
"product_id": "SUSE Linux Enterprise Module for Basesystem 15 SP5:libopenssl-3-devel-3.0.8-150500.5.42.1.ppc64le"
},
"product_reference": "libopenssl-3-devel-3.0.8-150500.5.42.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Basesystem 15 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libopenssl-3-devel-3.0.8-150500.5.42.1.s390x as component of SUSE Linux Enterprise Module for Basesystem 15 SP5",
"product_id": "SUSE Linux Enterprise Module for Basesystem 15 SP5:libopenssl-3-devel-3.0.8-150500.5.42.1.s390x"
},
"product_reference": "libopenssl-3-devel-3.0.8-150500.5.42.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Basesystem 15 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libopenssl-3-devel-3.0.8-150500.5.42.1.x86_64 as component of SUSE Linux Enterprise Module for Basesystem 15 SP5",
"product_id": "SUSE Linux Enterprise Module for Basesystem 15 SP5:libopenssl-3-devel-3.0.8-150500.5.42.1.x86_64"
},
"product_reference": "libopenssl-3-devel-3.0.8-150500.5.42.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Basesystem 15 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libopenssl3-3.0.8-150500.5.42.1.aarch64 as component of SUSE Linux Enterprise Module for Basesystem 15 SP5",
"product_id": "SUSE Linux Enterprise Module for Basesystem 15 SP5:libopenssl3-3.0.8-150500.5.42.1.aarch64"
},
"product_reference": "libopenssl3-3.0.8-150500.5.42.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Basesystem 15 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libopenssl3-3.0.8-150500.5.42.1.ppc64le as component of SUSE Linux Enterprise Module for Basesystem 15 SP5",
"product_id": "SUSE Linux Enterprise Module for Basesystem 15 SP5:libopenssl3-3.0.8-150500.5.42.1.ppc64le"
},
"product_reference": "libopenssl3-3.0.8-150500.5.42.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Basesystem 15 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libopenssl3-3.0.8-150500.5.42.1.s390x as component of SUSE Linux Enterprise Module for Basesystem 15 SP5",
"product_id": "SUSE Linux Enterprise Module for Basesystem 15 SP5:libopenssl3-3.0.8-150500.5.42.1.s390x"
},
"product_reference": "libopenssl3-3.0.8-150500.5.42.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Basesystem 15 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libopenssl3-3.0.8-150500.5.42.1.x86_64 as component of SUSE Linux Enterprise Module for Basesystem 15 SP5",
"product_id": "SUSE Linux Enterprise Module for Basesystem 15 SP5:libopenssl3-3.0.8-150500.5.42.1.x86_64"
},
"product_reference": "libopenssl3-3.0.8-150500.5.42.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Basesystem 15 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-3-3.0.8-150500.5.42.1.aarch64 as component of SUSE Linux Enterprise Module for Basesystem 15 SP5",
"product_id": "SUSE Linux Enterprise Module for Basesystem 15 SP5:openssl-3-3.0.8-150500.5.42.1.aarch64"
},
"product_reference": "openssl-3-3.0.8-150500.5.42.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Basesystem 15 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-3-3.0.8-150500.5.42.1.ppc64le as component of SUSE Linux Enterprise Module for Basesystem 15 SP5",
"product_id": "SUSE Linux Enterprise Module for Basesystem 15 SP5:openssl-3-3.0.8-150500.5.42.1.ppc64le"
},
"product_reference": "openssl-3-3.0.8-150500.5.42.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Basesystem 15 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-3-3.0.8-150500.5.42.1.s390x as component of SUSE Linux Enterprise Module for Basesystem 15 SP5",
"product_id": "SUSE Linux Enterprise Module for Basesystem 15 SP5:openssl-3-3.0.8-150500.5.42.1.s390x"
},
"product_reference": "openssl-3-3.0.8-150500.5.42.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Basesystem 15 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-3-3.0.8-150500.5.42.1.x86_64 as component of SUSE Linux Enterprise Module for Basesystem 15 SP5",
"product_id": "SUSE Linux Enterprise Module for Basesystem 15 SP5:openssl-3-3.0.8-150500.5.42.1.x86_64"
},
"product_reference": "openssl-3-3.0.8-150500.5.42.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Basesystem 15 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libopenssl-3-devel-3.0.8-150500.5.42.1.aarch64 as component of openSUSE Leap 15.5",
"product_id": "openSUSE Leap 15.5:libopenssl-3-devel-3.0.8-150500.5.42.1.aarch64"
},
"product_reference": "libopenssl-3-devel-3.0.8-150500.5.42.1.aarch64",
"relates_to_product_reference": "openSUSE Leap 15.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libopenssl-3-devel-3.0.8-150500.5.42.1.ppc64le as component of openSUSE Leap 15.5",
"product_id": "openSUSE Leap 15.5:libopenssl-3-devel-3.0.8-150500.5.42.1.ppc64le"
},
"product_reference": "libopenssl-3-devel-3.0.8-150500.5.42.1.ppc64le",
"relates_to_product_reference": "openSUSE Leap 15.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libopenssl-3-devel-3.0.8-150500.5.42.1.s390x as component of openSUSE Leap 15.5",
"product_id": "openSUSE Leap 15.5:libopenssl-3-devel-3.0.8-150500.5.42.1.s390x"
},
"product_reference": "libopenssl-3-devel-3.0.8-150500.5.42.1.s390x",
"relates_to_product_reference": "openSUSE Leap 15.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libopenssl-3-devel-3.0.8-150500.5.42.1.x86_64 as component of openSUSE Leap 15.5",
"product_id": "openSUSE Leap 15.5:libopenssl-3-devel-3.0.8-150500.5.42.1.x86_64"
},
"product_reference": "libopenssl-3-devel-3.0.8-150500.5.42.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libopenssl-3-devel-32bit-3.0.8-150500.5.42.1.x86_64 as component of openSUSE Leap 15.5",
"product_id": "openSUSE Leap 15.5:libopenssl-3-devel-32bit-3.0.8-150500.5.42.1.x86_64"
},
"product_reference": "libopenssl-3-devel-32bit-3.0.8-150500.5.42.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libopenssl3-3.0.8-150500.5.42.1.aarch64 as component of openSUSE Leap 15.5",
"product_id": "openSUSE Leap 15.5:libopenssl3-3.0.8-150500.5.42.1.aarch64"
},
"product_reference": "libopenssl3-3.0.8-150500.5.42.1.aarch64",
"relates_to_product_reference": "openSUSE Leap 15.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libopenssl3-3.0.8-150500.5.42.1.ppc64le as component of openSUSE Leap 15.5",
"product_id": "openSUSE Leap 15.5:libopenssl3-3.0.8-150500.5.42.1.ppc64le"
},
"product_reference": "libopenssl3-3.0.8-150500.5.42.1.ppc64le",
"relates_to_product_reference": "openSUSE Leap 15.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libopenssl3-3.0.8-150500.5.42.1.s390x as component of openSUSE Leap 15.5",
"product_id": "openSUSE Leap 15.5:libopenssl3-3.0.8-150500.5.42.1.s390x"
},
"product_reference": "libopenssl3-3.0.8-150500.5.42.1.s390x",
"relates_to_product_reference": "openSUSE Leap 15.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libopenssl3-3.0.8-150500.5.42.1.x86_64 as component of openSUSE Leap 15.5",
"product_id": "openSUSE Leap 15.5:libopenssl3-3.0.8-150500.5.42.1.x86_64"
},
"product_reference": "libopenssl3-3.0.8-150500.5.42.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libopenssl3-32bit-3.0.8-150500.5.42.1.x86_64 as component of openSUSE Leap 15.5",
"product_id": "openSUSE Leap 15.5:libopenssl3-32bit-3.0.8-150500.5.42.1.x86_64"
},
"product_reference": "libopenssl3-32bit-3.0.8-150500.5.42.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-3-3.0.8-150500.5.42.1.aarch64 as component of openSUSE Leap 15.5",
"product_id": "openSUSE Leap 15.5:openssl-3-3.0.8-150500.5.42.1.aarch64"
},
"product_reference": "openssl-3-3.0.8-150500.5.42.1.aarch64",
"relates_to_product_reference": "openSUSE Leap 15.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-3-3.0.8-150500.5.42.1.ppc64le as component of openSUSE Leap 15.5",
"product_id": "openSUSE Leap 15.5:openssl-3-3.0.8-150500.5.42.1.ppc64le"
},
"product_reference": "openssl-3-3.0.8-150500.5.42.1.ppc64le",
"relates_to_product_reference": "openSUSE Leap 15.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-3-3.0.8-150500.5.42.1.s390x as component of openSUSE Leap 15.5",
"product_id": "openSUSE Leap 15.5:openssl-3-3.0.8-150500.5.42.1.s390x"
},
"product_reference": "openssl-3-3.0.8-150500.5.42.1.s390x",
"relates_to_product_reference": "openSUSE Leap 15.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-3-3.0.8-150500.5.42.1.x86_64 as component of openSUSE Leap 15.5",
"product_id": "openSUSE Leap 15.5:openssl-3-3.0.8-150500.5.42.1.x86_64"
},
"product_reference": "openssl-3-3.0.8-150500.5.42.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-3-doc-3.0.8-150500.5.42.1.noarch as component of openSUSE Leap 15.5",
"product_id": "openSUSE Leap 15.5:openssl-3-doc-3.0.8-150500.5.42.1.noarch"
},
"product_reference": "openssl-3-doc-3.0.8-150500.5.42.1.noarch",
"relates_to_product_reference": "openSUSE Leap 15.5"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2024-6119",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-6119"
}
],
"notes": [
{
"category": "general",
"text": "Issue summary: Applications performing certificate name checks (e.g., TLS\nclients checking server certificates) may attempt to read an invalid memory\naddress resulting in abnormal termination of the application process.\n\nImpact summary: Abnormal termination of an application can a cause a denial of\nservice.\n\nApplications performing certificate name checks (e.g., TLS clients checking\nserver certificates) may attempt to read an invalid memory address when\ncomparing the expected name with an `otherName` subject alternative name of an\nX.509 certificate. This may result in an exception that terminates the\napplication program.\n\nNote that basic certificate chain validation (signatures, dates, ...) is not\naffected, the denial of service can occur only when the application also\nspecifies an expected DNS name, Email address or IP address.\n\nTLS servers rarely solicit client certificates, and even when they do, they\ngenerally don\u0027t perform a name check against a reference identifier (expected\nidentity), but rather extract the presented identity after checking the\ncertificate chain. So TLS servers are generally not affected and the severity\nof the issue is Moderate.\n\nThe FIPS modules in 3.3, 3.2, 3.1 and 3.0 are not affected by this issue.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Basesystem 15 SP5:libopenssl-3-devel-3.0.8-150500.5.42.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP5:libopenssl-3-devel-3.0.8-150500.5.42.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP5:libopenssl-3-devel-3.0.8-150500.5.42.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP5:libopenssl-3-devel-3.0.8-150500.5.42.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP5:libopenssl3-3.0.8-150500.5.42.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP5:libopenssl3-3.0.8-150500.5.42.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP5:libopenssl3-3.0.8-150500.5.42.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP5:libopenssl3-3.0.8-150500.5.42.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP5:openssl-3-3.0.8-150500.5.42.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP5:openssl-3-3.0.8-150500.5.42.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP5:openssl-3-3.0.8-150500.5.42.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP5:openssl-3-3.0.8-150500.5.42.1.x86_64",
"openSUSE Leap 15.5:libopenssl-3-devel-3.0.8-150500.5.42.1.aarch64",
"openSUSE Leap 15.5:libopenssl-3-devel-3.0.8-150500.5.42.1.ppc64le",
"openSUSE Leap 15.5:libopenssl-3-devel-3.0.8-150500.5.42.1.s390x",
"openSUSE Leap 15.5:libopenssl-3-devel-3.0.8-150500.5.42.1.x86_64",
"openSUSE Leap 15.5:libopenssl-3-devel-32bit-3.0.8-150500.5.42.1.x86_64",
"openSUSE Leap 15.5:libopenssl3-3.0.8-150500.5.42.1.aarch64",
"openSUSE Leap 15.5:libopenssl3-3.0.8-150500.5.42.1.ppc64le",
"openSUSE Leap 15.5:libopenssl3-3.0.8-150500.5.42.1.s390x",
"openSUSE Leap 15.5:libopenssl3-3.0.8-150500.5.42.1.x86_64",
"openSUSE Leap 15.5:libopenssl3-32bit-3.0.8-150500.5.42.1.x86_64",
"openSUSE Leap 15.5:openssl-3-3.0.8-150500.5.42.1.aarch64",
"openSUSE Leap 15.5:openssl-3-3.0.8-150500.5.42.1.ppc64le",
"openSUSE Leap 15.5:openssl-3-3.0.8-150500.5.42.1.s390x",
"openSUSE Leap 15.5:openssl-3-3.0.8-150500.5.42.1.x86_64",
"openSUSE Leap 15.5:openssl-3-doc-3.0.8-150500.5.42.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-6119",
"url": "https://www.suse.com/security/cve/CVE-2024-6119"
},
{
"category": "external",
"summary": "SUSE Bug 1229465 for CVE-2024-6119",
"url": "https://bugzilla.suse.com/1229465"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Basesystem 15 SP5:libopenssl-3-devel-3.0.8-150500.5.42.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP5:libopenssl-3-devel-3.0.8-150500.5.42.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP5:libopenssl-3-devel-3.0.8-150500.5.42.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP5:libopenssl-3-devel-3.0.8-150500.5.42.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP5:libopenssl3-3.0.8-150500.5.42.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP5:libopenssl3-3.0.8-150500.5.42.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP5:libopenssl3-3.0.8-150500.5.42.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP5:libopenssl3-3.0.8-150500.5.42.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP5:openssl-3-3.0.8-150500.5.42.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP5:openssl-3-3.0.8-150500.5.42.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP5:openssl-3-3.0.8-150500.5.42.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP5:openssl-3-3.0.8-150500.5.42.1.x86_64",
"openSUSE Leap 15.5:libopenssl-3-devel-3.0.8-150500.5.42.1.aarch64",
"openSUSE Leap 15.5:libopenssl-3-devel-3.0.8-150500.5.42.1.ppc64le",
"openSUSE Leap 15.5:libopenssl-3-devel-3.0.8-150500.5.42.1.s390x",
"openSUSE Leap 15.5:libopenssl-3-devel-3.0.8-150500.5.42.1.x86_64",
"openSUSE Leap 15.5:libopenssl-3-devel-32bit-3.0.8-150500.5.42.1.x86_64",
"openSUSE Leap 15.5:libopenssl3-3.0.8-150500.5.42.1.aarch64",
"openSUSE Leap 15.5:libopenssl3-3.0.8-150500.5.42.1.ppc64le",
"openSUSE Leap 15.5:libopenssl3-3.0.8-150500.5.42.1.s390x",
"openSUSE Leap 15.5:libopenssl3-3.0.8-150500.5.42.1.x86_64",
"openSUSE Leap 15.5:libopenssl3-32bit-3.0.8-150500.5.42.1.x86_64",
"openSUSE Leap 15.5:openssl-3-3.0.8-150500.5.42.1.aarch64",
"openSUSE Leap 15.5:openssl-3-3.0.8-150500.5.42.1.ppc64le",
"openSUSE Leap 15.5:openssl-3-3.0.8-150500.5.42.1.s390x",
"openSUSE Leap 15.5:openssl-3-3.0.8-150500.5.42.1.x86_64",
"openSUSE Leap 15.5:openssl-3-doc-3.0.8-150500.5.42.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Basesystem 15 SP5:libopenssl-3-devel-3.0.8-150500.5.42.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP5:libopenssl-3-devel-3.0.8-150500.5.42.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP5:libopenssl-3-devel-3.0.8-150500.5.42.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP5:libopenssl-3-devel-3.0.8-150500.5.42.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP5:libopenssl3-3.0.8-150500.5.42.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP5:libopenssl3-3.0.8-150500.5.42.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP5:libopenssl3-3.0.8-150500.5.42.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP5:libopenssl3-3.0.8-150500.5.42.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP5:openssl-3-3.0.8-150500.5.42.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP5:openssl-3-3.0.8-150500.5.42.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP5:openssl-3-3.0.8-150500.5.42.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP5:openssl-3-3.0.8-150500.5.42.1.x86_64",
"openSUSE Leap 15.5:libopenssl-3-devel-3.0.8-150500.5.42.1.aarch64",
"openSUSE Leap 15.5:libopenssl-3-devel-3.0.8-150500.5.42.1.ppc64le",
"openSUSE Leap 15.5:libopenssl-3-devel-3.0.8-150500.5.42.1.s390x",
"openSUSE Leap 15.5:libopenssl-3-devel-3.0.8-150500.5.42.1.x86_64",
"openSUSE Leap 15.5:libopenssl-3-devel-32bit-3.0.8-150500.5.42.1.x86_64",
"openSUSE Leap 15.5:libopenssl3-3.0.8-150500.5.42.1.aarch64",
"openSUSE Leap 15.5:libopenssl3-3.0.8-150500.5.42.1.ppc64le",
"openSUSE Leap 15.5:libopenssl3-3.0.8-150500.5.42.1.s390x",
"openSUSE Leap 15.5:libopenssl3-3.0.8-150500.5.42.1.x86_64",
"openSUSE Leap 15.5:libopenssl3-32bit-3.0.8-150500.5.42.1.x86_64",
"openSUSE Leap 15.5:openssl-3-3.0.8-150500.5.42.1.aarch64",
"openSUSE Leap 15.5:openssl-3-3.0.8-150500.5.42.1.ppc64le",
"openSUSE Leap 15.5:openssl-3-3.0.8-150500.5.42.1.s390x",
"openSUSE Leap 15.5:openssl-3-3.0.8-150500.5.42.1.x86_64",
"openSUSE Leap 15.5:openssl-3-doc-3.0.8-150500.5.42.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-09-03T15:00:24Z",
"details": "moderate"
}
],
"title": "CVE-2024-6119"
}
]
}
SUSE-SU-2024:3106-1
Vulnerability from csaf_suse - Published: 2024-09-03 15:00 - Updated: 2024-09-03 15:00| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Module for Basesystem 15 SP6:libopenssl-3-devel-3.1.4-150600.5.15.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Basesystem 15 SP6:libopenssl-3-devel-3.1.4-150600.5.15.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Basesystem 15 SP6:libopenssl-3-devel-3.1.4-150600.5.15.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Basesystem 15 SP6:libopenssl-3-devel-3.1.4-150600.5.15.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Basesystem 15 SP6:libopenssl-3-fips-provider-3.1.4-150600.5.15.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Basesystem 15 SP6:libopenssl-3-fips-provider-3.1.4-150600.5.15.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Basesystem 15 SP6:libopenssl-3-fips-provider-3.1.4-150600.5.15.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Basesystem 15 SP6:libopenssl-3-fips-provider-3.1.4-150600.5.15.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Basesystem 15 SP6:libopenssl-3-fips-provider-32bit-3.1.4-150600.5.15.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Basesystem 15 SP6:libopenssl3-3.1.4-150600.5.15.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Basesystem 15 SP6:libopenssl3-3.1.4-150600.5.15.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Basesystem 15 SP6:libopenssl3-3.1.4-150600.5.15.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Basesystem 15 SP6:libopenssl3-3.1.4-150600.5.15.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Basesystem 15 SP6:libopenssl3-32bit-3.1.4-150600.5.15.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Basesystem 15 SP6:openssl-3-3.1.4-150600.5.15.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Basesystem 15 SP6:openssl-3-3.1.4-150600.5.15.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Basesystem 15 SP6:openssl-3-3.1.4-150600.5.15.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Basesystem 15 SP6:openssl-3-3.1.4-150600.5.15.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.6:libopenssl-3-devel-3.1.4-150600.5.15.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.6:libopenssl-3-devel-3.1.4-150600.5.15.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.6:libopenssl-3-devel-3.1.4-150600.5.15.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.6:libopenssl-3-devel-3.1.4-150600.5.15.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.6:libopenssl-3-devel-32bit-3.1.4-150600.5.15.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.6:libopenssl-3-fips-provider-3.1.4-150600.5.15.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.6:libopenssl-3-fips-provider-3.1.4-150600.5.15.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.6:libopenssl-3-fips-provider-3.1.4-150600.5.15.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.6:libopenssl-3-fips-provider-3.1.4-150600.5.15.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.6:libopenssl-3-fips-provider-32bit-3.1.4-150600.5.15.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.6:libopenssl3-3.1.4-150600.5.15.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.6:libopenssl3-3.1.4-150600.5.15.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.6:libopenssl3-3.1.4-150600.5.15.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.6:libopenssl3-3.1.4-150600.5.15.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.6:libopenssl3-32bit-3.1.4-150600.5.15.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.6:openssl-3-3.1.4-150600.5.15.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.6:openssl-3-3.1.4-150600.5.15.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.6:openssl-3-3.1.4-150600.5.15.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.6:openssl-3-3.1.4-150600.5.15.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.6:openssl-3-doc-3.1.4-150600.5.15.1.noarch | — |
Vendor Fix
|
{
"document": {
"aggregate_severity": {
"namespace": "https://www.suse.com/support/security/rating/",
"text": "moderate"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright 2024 SUSE LLC. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Security update for openssl-3",
"title": "Title of the patch"
},
{
"category": "description",
"text": "This update for openssl-3 fixes the following issues:\n\n- CVE-2024-6119: Fixed denial of service in X.509 name checks (bsc#1229465)\n\nOther fixes: \n \n- FIPS: Deny SHA-1 signature verification in FIPS provider (bsc#1221365).\n- FIPS: RSA keygen PCT requirements.\n- FIPS: Check that the fips provider is available before setting\n it as the default provider in FIPS mode (bsc#1220523).\n- FIPS: Port openssl to use jitterentropy (bsc#1220523).\n- FIPS: Block non-Approved Elliptic Curves (bsc#1221786).\n- FIPS: Service Level Indicator (bsc#1221365).\n- FIPS: Output the FIPS-validation name and module version which uniquely\n identify the FIPS validated module (bsc#1221751).\n- FIPS: Add required selftests: (bsc#1221760).\n- FIPS: DH: Disable FIPS 186-4 Domain Parameters (bsc#1221821).\n- FIPS: Recommendation for Password-Based Key Derivation (bsc#1221827).\n- FIPS: Zero initialization required (bsc#1221752).\n- FIPS: Reseed DRBG (bsc#1220690, bsc#1220693, bsc#1220696).\n- FIPS: NIST SP 800-56Brev2 (bsc#1221824).\n- FIPS: Approved Modulus Sizes for RSA Digital Signature for FIPS 186-4 (bsc#1221787).\n- FIPS: Port openssl to use jitterentropy (bsc#1220523).\n- FIPS: NIST SP 800-56Arev3 (bsc#1221822).\n- FIPS: Error state has to be enforced (bsc#1221753).\n",
"title": "Description of the patch"
},
{
"category": "details",
"text": "SUSE-2024-3106,SUSE-SLE-Module-Basesystem-15-SP6-2024-3106,openSUSE-SLE-15.6-2024-3106",
"title": "Patchnames"
},
{
"category": "legal_disclaimer",
"text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
"title": "Terms of use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://www.suse.com/support/security/contact/",
"name": "SUSE Product Security Team",
"namespace": "https://www.suse.com/"
},
"references": [
{
"category": "external",
"summary": "SUSE ratings",
"url": "https://www.suse.com/support/security/rating/"
},
{
"category": "self",
"summary": "URL of this CSAF notice",
"url": "https://ftp.suse.com/pub/projects/security/csaf/suse-su-2024_3106-1.json"
},
{
"category": "self",
"summary": "URL for SUSE-SU-2024:3106-1",
"url": "https://www.suse.com/support/update/announcement/2024/suse-su-20243106-1/"
},
{
"category": "self",
"summary": "E-Mail link for SUSE-SU-2024:3106-1",
"url": "https://lists.suse.com/pipermail/sle-updates/2024-September/036766.html"
},
{
"category": "self",
"summary": "SUSE Bug 1220523",
"url": "https://bugzilla.suse.com/1220523"
},
{
"category": "self",
"summary": "SUSE Bug 1220690",
"url": "https://bugzilla.suse.com/1220690"
},
{
"category": "self",
"summary": "SUSE Bug 1220693",
"url": "https://bugzilla.suse.com/1220693"
},
{
"category": "self",
"summary": "SUSE Bug 1220696",
"url": "https://bugzilla.suse.com/1220696"
},
{
"category": "self",
"summary": "SUSE Bug 1221365",
"url": "https://bugzilla.suse.com/1221365"
},
{
"category": "self",
"summary": "SUSE Bug 1221751",
"url": "https://bugzilla.suse.com/1221751"
},
{
"category": "self",
"summary": "SUSE Bug 1221752",
"url": "https://bugzilla.suse.com/1221752"
},
{
"category": "self",
"summary": "SUSE Bug 1221753",
"url": "https://bugzilla.suse.com/1221753"
},
{
"category": "self",
"summary": "SUSE Bug 1221760",
"url": "https://bugzilla.suse.com/1221760"
},
{
"category": "self",
"summary": "SUSE Bug 1221786",
"url": "https://bugzilla.suse.com/1221786"
},
{
"category": "self",
"summary": "SUSE Bug 1221787",
"url": "https://bugzilla.suse.com/1221787"
},
{
"category": "self",
"summary": "SUSE Bug 1221821",
"url": "https://bugzilla.suse.com/1221821"
},
{
"category": "self",
"summary": "SUSE Bug 1221822",
"url": "https://bugzilla.suse.com/1221822"
},
{
"category": "self",
"summary": "SUSE Bug 1221824",
"url": "https://bugzilla.suse.com/1221824"
},
{
"category": "self",
"summary": "SUSE Bug 1221827",
"url": "https://bugzilla.suse.com/1221827"
},
{
"category": "self",
"summary": "SUSE Bug 1229465",
"url": "https://bugzilla.suse.com/1229465"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-6119 page",
"url": "https://www.suse.com/security/cve/CVE-2024-6119/"
}
],
"title": "Security update for openssl-3",
"tracking": {
"current_release_date": "2024-09-03T15:00:41Z",
"generator": {
"date": "2024-09-03T15:00:41Z",
"engine": {
"name": "cve-database.git:bin/generate-csaf.pl",
"version": "1"
}
},
"id": "SUSE-SU-2024:3106-1",
"initial_release_date": "2024-09-03T15:00:41Z",
"revision_history": [
{
"date": "2024-09-03T15:00:41Z",
"number": "1",
"summary": "Current version"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "libopenssl-3-devel-3.1.4-150600.5.15.1.aarch64",
"product": {
"name": "libopenssl-3-devel-3.1.4-150600.5.15.1.aarch64",
"product_id": "libopenssl-3-devel-3.1.4-150600.5.15.1.aarch64"
}
},
{
"category": "product_version",
"name": "libopenssl-3-fips-provider-3.1.4-150600.5.15.1.aarch64",
"product": {
"name": "libopenssl-3-fips-provider-3.1.4-150600.5.15.1.aarch64",
"product_id": "libopenssl-3-fips-provider-3.1.4-150600.5.15.1.aarch64"
}
},
{
"category": "product_version",
"name": "libopenssl3-3.1.4-150600.5.15.1.aarch64",
"product": {
"name": "libopenssl3-3.1.4-150600.5.15.1.aarch64",
"product_id": "libopenssl3-3.1.4-150600.5.15.1.aarch64"
}
},
{
"category": "product_version",
"name": "openssl-3-3.1.4-150600.5.15.1.aarch64",
"product": {
"name": "openssl-3-3.1.4-150600.5.15.1.aarch64",
"product_id": "openssl-3-3.1.4-150600.5.15.1.aarch64"
}
}
],
"category": "architecture",
"name": "aarch64"
},
{
"branches": [
{
"category": "product_version",
"name": "libopenssl-3-devel-64bit-3.1.4-150600.5.15.1.aarch64_ilp32",
"product": {
"name": "libopenssl-3-devel-64bit-3.1.4-150600.5.15.1.aarch64_ilp32",
"product_id": "libopenssl-3-devel-64bit-3.1.4-150600.5.15.1.aarch64_ilp32"
}
},
{
"category": "product_version",
"name": "libopenssl-3-fips-provider-64bit-3.1.4-150600.5.15.1.aarch64_ilp32",
"product": {
"name": "libopenssl-3-fips-provider-64bit-3.1.4-150600.5.15.1.aarch64_ilp32",
"product_id": "libopenssl-3-fips-provider-64bit-3.1.4-150600.5.15.1.aarch64_ilp32"
}
},
{
"category": "product_version",
"name": "libopenssl3-64bit-3.1.4-150600.5.15.1.aarch64_ilp32",
"product": {
"name": "libopenssl3-64bit-3.1.4-150600.5.15.1.aarch64_ilp32",
"product_id": "libopenssl3-64bit-3.1.4-150600.5.15.1.aarch64_ilp32"
}
}
],
"category": "architecture",
"name": "aarch64_ilp32"
},
{
"branches": [
{
"category": "product_version",
"name": "libopenssl-3-devel-3.1.4-150600.5.15.1.i586",
"product": {
"name": "libopenssl-3-devel-3.1.4-150600.5.15.1.i586",
"product_id": "libopenssl-3-devel-3.1.4-150600.5.15.1.i586"
}
},
{
"category": "product_version",
"name": "libopenssl-3-fips-provider-3.1.4-150600.5.15.1.i586",
"product": {
"name": "libopenssl-3-fips-provider-3.1.4-150600.5.15.1.i586",
"product_id": "libopenssl-3-fips-provider-3.1.4-150600.5.15.1.i586"
}
},
{
"category": "product_version",
"name": "libopenssl3-3.1.4-150600.5.15.1.i586",
"product": {
"name": "libopenssl3-3.1.4-150600.5.15.1.i586",
"product_id": "libopenssl3-3.1.4-150600.5.15.1.i586"
}
},
{
"category": "product_version",
"name": "openssl-3-3.1.4-150600.5.15.1.i586",
"product": {
"name": "openssl-3-3.1.4-150600.5.15.1.i586",
"product_id": "openssl-3-3.1.4-150600.5.15.1.i586"
}
}
],
"category": "architecture",
"name": "i586"
},
{
"branches": [
{
"category": "product_version",
"name": "openssl-3-doc-3.1.4-150600.5.15.1.noarch",
"product": {
"name": "openssl-3-doc-3.1.4-150600.5.15.1.noarch",
"product_id": "openssl-3-doc-3.1.4-150600.5.15.1.noarch"
}
}
],
"category": "architecture",
"name": "noarch"
},
{
"branches": [
{
"category": "product_version",
"name": "libopenssl-3-devel-3.1.4-150600.5.15.1.ppc64le",
"product": {
"name": "libopenssl-3-devel-3.1.4-150600.5.15.1.ppc64le",
"product_id": "libopenssl-3-devel-3.1.4-150600.5.15.1.ppc64le"
}
},
{
"category": "product_version",
"name": "libopenssl-3-fips-provider-3.1.4-150600.5.15.1.ppc64le",
"product": {
"name": "libopenssl-3-fips-provider-3.1.4-150600.5.15.1.ppc64le",
"product_id": "libopenssl-3-fips-provider-3.1.4-150600.5.15.1.ppc64le"
}
},
{
"category": "product_version",
"name": "libopenssl3-3.1.4-150600.5.15.1.ppc64le",
"product": {
"name": "libopenssl3-3.1.4-150600.5.15.1.ppc64le",
"product_id": "libopenssl3-3.1.4-150600.5.15.1.ppc64le"
}
},
{
"category": "product_version",
"name": "openssl-3-3.1.4-150600.5.15.1.ppc64le",
"product": {
"name": "openssl-3-3.1.4-150600.5.15.1.ppc64le",
"product_id": "openssl-3-3.1.4-150600.5.15.1.ppc64le"
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "libopenssl-3-devel-3.1.4-150600.5.15.1.s390x",
"product": {
"name": "libopenssl-3-devel-3.1.4-150600.5.15.1.s390x",
"product_id": "libopenssl-3-devel-3.1.4-150600.5.15.1.s390x"
}
},
{
"category": "product_version",
"name": "libopenssl-3-fips-provider-3.1.4-150600.5.15.1.s390x",
"product": {
"name": "libopenssl-3-fips-provider-3.1.4-150600.5.15.1.s390x",
"product_id": "libopenssl-3-fips-provider-3.1.4-150600.5.15.1.s390x"
}
},
{
"category": "product_version",
"name": "libopenssl3-3.1.4-150600.5.15.1.s390x",
"product": {
"name": "libopenssl3-3.1.4-150600.5.15.1.s390x",
"product_id": "libopenssl3-3.1.4-150600.5.15.1.s390x"
}
},
{
"category": "product_version",
"name": "openssl-3-3.1.4-150600.5.15.1.s390x",
"product": {
"name": "openssl-3-3.1.4-150600.5.15.1.s390x",
"product_id": "openssl-3-3.1.4-150600.5.15.1.s390x"
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "libopenssl-3-devel-3.1.4-150600.5.15.1.x86_64",
"product": {
"name": "libopenssl-3-devel-3.1.4-150600.5.15.1.x86_64",
"product_id": "libopenssl-3-devel-3.1.4-150600.5.15.1.x86_64"
}
},
{
"category": "product_version",
"name": "libopenssl-3-devel-32bit-3.1.4-150600.5.15.1.x86_64",
"product": {
"name": "libopenssl-3-devel-32bit-3.1.4-150600.5.15.1.x86_64",
"product_id": "libopenssl-3-devel-32bit-3.1.4-150600.5.15.1.x86_64"
}
},
{
"category": "product_version",
"name": "libopenssl-3-fips-provider-3.1.4-150600.5.15.1.x86_64",
"product": {
"name": "libopenssl-3-fips-provider-3.1.4-150600.5.15.1.x86_64",
"product_id": "libopenssl-3-fips-provider-3.1.4-150600.5.15.1.x86_64"
}
},
{
"category": "product_version",
"name": "libopenssl-3-fips-provider-32bit-3.1.4-150600.5.15.1.x86_64",
"product": {
"name": "libopenssl-3-fips-provider-32bit-3.1.4-150600.5.15.1.x86_64",
"product_id": "libopenssl-3-fips-provider-32bit-3.1.4-150600.5.15.1.x86_64"
}
},
{
"category": "product_version",
"name": "libopenssl3-3.1.4-150600.5.15.1.x86_64",
"product": {
"name": "libopenssl3-3.1.4-150600.5.15.1.x86_64",
"product_id": "libopenssl3-3.1.4-150600.5.15.1.x86_64"
}
},
{
"category": "product_version",
"name": "libopenssl3-32bit-3.1.4-150600.5.15.1.x86_64",
"product": {
"name": "libopenssl3-32bit-3.1.4-150600.5.15.1.x86_64",
"product_id": "libopenssl3-32bit-3.1.4-150600.5.15.1.x86_64"
}
},
{
"category": "product_version",
"name": "openssl-3-3.1.4-150600.5.15.1.x86_64",
"product": {
"name": "openssl-3-3.1.4-150600.5.15.1.x86_64",
"product_id": "openssl-3-3.1.4-150600.5.15.1.x86_64"
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_name",
"name": "SUSE Linux Enterprise Module for Basesystem 15 SP6",
"product": {
"name": "SUSE Linux Enterprise Module for Basesystem 15 SP6",
"product_id": "SUSE Linux Enterprise Module for Basesystem 15 SP6",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sle-module-basesystem:15:sp6"
}
}
},
{
"category": "product_name",
"name": "openSUSE Leap 15.6",
"product": {
"name": "openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6",
"product_identification_helper": {
"cpe": "cpe:/o:opensuse:leap:15.6"
}
}
}
],
"category": "product_family",
"name": "SUSE Linux Enterprise"
}
],
"category": "vendor",
"name": "SUSE"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "libopenssl-3-devel-3.1.4-150600.5.15.1.aarch64 as component of SUSE Linux Enterprise Module for Basesystem 15 SP6",
"product_id": "SUSE Linux Enterprise Module for Basesystem 15 SP6:libopenssl-3-devel-3.1.4-150600.5.15.1.aarch64"
},
"product_reference": "libopenssl-3-devel-3.1.4-150600.5.15.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Basesystem 15 SP6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libopenssl-3-devel-3.1.4-150600.5.15.1.ppc64le as component of SUSE Linux Enterprise Module for Basesystem 15 SP6",
"product_id": "SUSE Linux Enterprise Module for Basesystem 15 SP6:libopenssl-3-devel-3.1.4-150600.5.15.1.ppc64le"
},
"product_reference": "libopenssl-3-devel-3.1.4-150600.5.15.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Basesystem 15 SP6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libopenssl-3-devel-3.1.4-150600.5.15.1.s390x as component of SUSE Linux Enterprise Module for Basesystem 15 SP6",
"product_id": "SUSE Linux Enterprise Module for Basesystem 15 SP6:libopenssl-3-devel-3.1.4-150600.5.15.1.s390x"
},
"product_reference": "libopenssl-3-devel-3.1.4-150600.5.15.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Basesystem 15 SP6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libopenssl-3-devel-3.1.4-150600.5.15.1.x86_64 as component of SUSE Linux Enterprise Module for Basesystem 15 SP6",
"product_id": "SUSE Linux Enterprise Module for Basesystem 15 SP6:libopenssl-3-devel-3.1.4-150600.5.15.1.x86_64"
},
"product_reference": "libopenssl-3-devel-3.1.4-150600.5.15.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Basesystem 15 SP6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libopenssl-3-fips-provider-3.1.4-150600.5.15.1.aarch64 as component of SUSE Linux Enterprise Module for Basesystem 15 SP6",
"product_id": "SUSE Linux Enterprise Module for Basesystem 15 SP6:libopenssl-3-fips-provider-3.1.4-150600.5.15.1.aarch64"
},
"product_reference": "libopenssl-3-fips-provider-3.1.4-150600.5.15.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Basesystem 15 SP6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libopenssl-3-fips-provider-3.1.4-150600.5.15.1.ppc64le as component of SUSE Linux Enterprise Module for Basesystem 15 SP6",
"product_id": "SUSE Linux Enterprise Module for Basesystem 15 SP6:libopenssl-3-fips-provider-3.1.4-150600.5.15.1.ppc64le"
},
"product_reference": "libopenssl-3-fips-provider-3.1.4-150600.5.15.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Basesystem 15 SP6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libopenssl-3-fips-provider-3.1.4-150600.5.15.1.s390x as component of SUSE Linux Enterprise Module for Basesystem 15 SP6",
"product_id": "SUSE Linux Enterprise Module for Basesystem 15 SP6:libopenssl-3-fips-provider-3.1.4-150600.5.15.1.s390x"
},
"product_reference": "libopenssl-3-fips-provider-3.1.4-150600.5.15.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Basesystem 15 SP6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libopenssl-3-fips-provider-3.1.4-150600.5.15.1.x86_64 as component of SUSE Linux Enterprise Module for Basesystem 15 SP6",
"product_id": "SUSE Linux Enterprise Module for Basesystem 15 SP6:libopenssl-3-fips-provider-3.1.4-150600.5.15.1.x86_64"
},
"product_reference": "libopenssl-3-fips-provider-3.1.4-150600.5.15.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Basesystem 15 SP6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libopenssl-3-fips-provider-32bit-3.1.4-150600.5.15.1.x86_64 as component of SUSE Linux Enterprise Module for Basesystem 15 SP6",
"product_id": "SUSE Linux Enterprise Module for Basesystem 15 SP6:libopenssl-3-fips-provider-32bit-3.1.4-150600.5.15.1.x86_64"
},
"product_reference": "libopenssl-3-fips-provider-32bit-3.1.4-150600.5.15.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Basesystem 15 SP6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libopenssl3-3.1.4-150600.5.15.1.aarch64 as component of SUSE Linux Enterprise Module for Basesystem 15 SP6",
"product_id": "SUSE Linux Enterprise Module for Basesystem 15 SP6:libopenssl3-3.1.4-150600.5.15.1.aarch64"
},
"product_reference": "libopenssl3-3.1.4-150600.5.15.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Basesystem 15 SP6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libopenssl3-3.1.4-150600.5.15.1.ppc64le as component of SUSE Linux Enterprise Module for Basesystem 15 SP6",
"product_id": "SUSE Linux Enterprise Module for Basesystem 15 SP6:libopenssl3-3.1.4-150600.5.15.1.ppc64le"
},
"product_reference": "libopenssl3-3.1.4-150600.5.15.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Basesystem 15 SP6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libopenssl3-3.1.4-150600.5.15.1.s390x as component of SUSE Linux Enterprise Module for Basesystem 15 SP6",
"product_id": "SUSE Linux Enterprise Module for Basesystem 15 SP6:libopenssl3-3.1.4-150600.5.15.1.s390x"
},
"product_reference": "libopenssl3-3.1.4-150600.5.15.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Basesystem 15 SP6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libopenssl3-3.1.4-150600.5.15.1.x86_64 as component of SUSE Linux Enterprise Module for Basesystem 15 SP6",
"product_id": "SUSE Linux Enterprise Module for Basesystem 15 SP6:libopenssl3-3.1.4-150600.5.15.1.x86_64"
},
"product_reference": "libopenssl3-3.1.4-150600.5.15.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Basesystem 15 SP6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libopenssl3-32bit-3.1.4-150600.5.15.1.x86_64 as component of SUSE Linux Enterprise Module for Basesystem 15 SP6",
"product_id": "SUSE Linux Enterprise Module for Basesystem 15 SP6:libopenssl3-32bit-3.1.4-150600.5.15.1.x86_64"
},
"product_reference": "libopenssl3-32bit-3.1.4-150600.5.15.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Basesystem 15 SP6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-3-3.1.4-150600.5.15.1.aarch64 as component of SUSE Linux Enterprise Module for Basesystem 15 SP6",
"product_id": "SUSE Linux Enterprise Module for Basesystem 15 SP6:openssl-3-3.1.4-150600.5.15.1.aarch64"
},
"product_reference": "openssl-3-3.1.4-150600.5.15.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Basesystem 15 SP6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-3-3.1.4-150600.5.15.1.ppc64le as component of SUSE Linux Enterprise Module for Basesystem 15 SP6",
"product_id": "SUSE Linux Enterprise Module for Basesystem 15 SP6:openssl-3-3.1.4-150600.5.15.1.ppc64le"
},
"product_reference": "openssl-3-3.1.4-150600.5.15.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Basesystem 15 SP6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-3-3.1.4-150600.5.15.1.s390x as component of SUSE Linux Enterprise Module for Basesystem 15 SP6",
"product_id": "SUSE Linux Enterprise Module for Basesystem 15 SP6:openssl-3-3.1.4-150600.5.15.1.s390x"
},
"product_reference": "openssl-3-3.1.4-150600.5.15.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Basesystem 15 SP6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-3-3.1.4-150600.5.15.1.x86_64 as component of SUSE Linux Enterprise Module for Basesystem 15 SP6",
"product_id": "SUSE Linux Enterprise Module for Basesystem 15 SP6:openssl-3-3.1.4-150600.5.15.1.x86_64"
},
"product_reference": "openssl-3-3.1.4-150600.5.15.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Basesystem 15 SP6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libopenssl-3-devel-3.1.4-150600.5.15.1.aarch64 as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:libopenssl-3-devel-3.1.4-150600.5.15.1.aarch64"
},
"product_reference": "libopenssl-3-devel-3.1.4-150600.5.15.1.aarch64",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libopenssl-3-devel-3.1.4-150600.5.15.1.ppc64le as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:libopenssl-3-devel-3.1.4-150600.5.15.1.ppc64le"
},
"product_reference": "libopenssl-3-devel-3.1.4-150600.5.15.1.ppc64le",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libopenssl-3-devel-3.1.4-150600.5.15.1.s390x as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:libopenssl-3-devel-3.1.4-150600.5.15.1.s390x"
},
"product_reference": "libopenssl-3-devel-3.1.4-150600.5.15.1.s390x",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libopenssl-3-devel-3.1.4-150600.5.15.1.x86_64 as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:libopenssl-3-devel-3.1.4-150600.5.15.1.x86_64"
},
"product_reference": "libopenssl-3-devel-3.1.4-150600.5.15.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libopenssl-3-devel-32bit-3.1.4-150600.5.15.1.x86_64 as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:libopenssl-3-devel-32bit-3.1.4-150600.5.15.1.x86_64"
},
"product_reference": "libopenssl-3-devel-32bit-3.1.4-150600.5.15.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libopenssl-3-fips-provider-3.1.4-150600.5.15.1.aarch64 as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:libopenssl-3-fips-provider-3.1.4-150600.5.15.1.aarch64"
},
"product_reference": "libopenssl-3-fips-provider-3.1.4-150600.5.15.1.aarch64",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libopenssl-3-fips-provider-3.1.4-150600.5.15.1.ppc64le as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:libopenssl-3-fips-provider-3.1.4-150600.5.15.1.ppc64le"
},
"product_reference": "libopenssl-3-fips-provider-3.1.4-150600.5.15.1.ppc64le",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libopenssl-3-fips-provider-3.1.4-150600.5.15.1.s390x as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:libopenssl-3-fips-provider-3.1.4-150600.5.15.1.s390x"
},
"product_reference": "libopenssl-3-fips-provider-3.1.4-150600.5.15.1.s390x",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libopenssl-3-fips-provider-3.1.4-150600.5.15.1.x86_64 as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:libopenssl-3-fips-provider-3.1.4-150600.5.15.1.x86_64"
},
"product_reference": "libopenssl-3-fips-provider-3.1.4-150600.5.15.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libopenssl-3-fips-provider-32bit-3.1.4-150600.5.15.1.x86_64 as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:libopenssl-3-fips-provider-32bit-3.1.4-150600.5.15.1.x86_64"
},
"product_reference": "libopenssl-3-fips-provider-32bit-3.1.4-150600.5.15.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libopenssl3-3.1.4-150600.5.15.1.aarch64 as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:libopenssl3-3.1.4-150600.5.15.1.aarch64"
},
"product_reference": "libopenssl3-3.1.4-150600.5.15.1.aarch64",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libopenssl3-3.1.4-150600.5.15.1.ppc64le as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:libopenssl3-3.1.4-150600.5.15.1.ppc64le"
},
"product_reference": "libopenssl3-3.1.4-150600.5.15.1.ppc64le",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libopenssl3-3.1.4-150600.5.15.1.s390x as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:libopenssl3-3.1.4-150600.5.15.1.s390x"
},
"product_reference": "libopenssl3-3.1.4-150600.5.15.1.s390x",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libopenssl3-3.1.4-150600.5.15.1.x86_64 as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:libopenssl3-3.1.4-150600.5.15.1.x86_64"
},
"product_reference": "libopenssl3-3.1.4-150600.5.15.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libopenssl3-32bit-3.1.4-150600.5.15.1.x86_64 as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:libopenssl3-32bit-3.1.4-150600.5.15.1.x86_64"
},
"product_reference": "libopenssl3-32bit-3.1.4-150600.5.15.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-3-3.1.4-150600.5.15.1.aarch64 as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:openssl-3-3.1.4-150600.5.15.1.aarch64"
},
"product_reference": "openssl-3-3.1.4-150600.5.15.1.aarch64",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-3-3.1.4-150600.5.15.1.ppc64le as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:openssl-3-3.1.4-150600.5.15.1.ppc64le"
},
"product_reference": "openssl-3-3.1.4-150600.5.15.1.ppc64le",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-3-3.1.4-150600.5.15.1.s390x as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:openssl-3-3.1.4-150600.5.15.1.s390x"
},
"product_reference": "openssl-3-3.1.4-150600.5.15.1.s390x",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-3-3.1.4-150600.5.15.1.x86_64 as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:openssl-3-3.1.4-150600.5.15.1.x86_64"
},
"product_reference": "openssl-3-3.1.4-150600.5.15.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-3-doc-3.1.4-150600.5.15.1.noarch as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:openssl-3-doc-3.1.4-150600.5.15.1.noarch"
},
"product_reference": "openssl-3-doc-3.1.4-150600.5.15.1.noarch",
"relates_to_product_reference": "openSUSE Leap 15.6"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2024-6119",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-6119"
}
],
"notes": [
{
"category": "general",
"text": "Issue summary: Applications performing certificate name checks (e.g., TLS\nclients checking server certificates) may attempt to read an invalid memory\naddress resulting in abnormal termination of the application process.\n\nImpact summary: Abnormal termination of an application can a cause a denial of\nservice.\n\nApplications performing certificate name checks (e.g., TLS clients checking\nserver certificates) may attempt to read an invalid memory address when\ncomparing the expected name with an `otherName` subject alternative name of an\nX.509 certificate. This may result in an exception that terminates the\napplication program.\n\nNote that basic certificate chain validation (signatures, dates, ...) is not\naffected, the denial of service can occur only when the application also\nspecifies an expected DNS name, Email address or IP address.\n\nTLS servers rarely solicit client certificates, and even when they do, they\ngenerally don\u0027t perform a name check against a reference identifier (expected\nidentity), but rather extract the presented identity after checking the\ncertificate chain. So TLS servers are generally not affected and the severity\nof the issue is Moderate.\n\nThe FIPS modules in 3.3, 3.2, 3.1 and 3.0 are not affected by this issue.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Basesystem 15 SP6:libopenssl-3-devel-3.1.4-150600.5.15.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:libopenssl-3-devel-3.1.4-150600.5.15.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:libopenssl-3-devel-3.1.4-150600.5.15.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:libopenssl-3-devel-3.1.4-150600.5.15.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:libopenssl-3-fips-provider-3.1.4-150600.5.15.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:libopenssl-3-fips-provider-3.1.4-150600.5.15.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:libopenssl-3-fips-provider-3.1.4-150600.5.15.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:libopenssl-3-fips-provider-3.1.4-150600.5.15.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:libopenssl-3-fips-provider-32bit-3.1.4-150600.5.15.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:libopenssl3-3.1.4-150600.5.15.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:libopenssl3-3.1.4-150600.5.15.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:libopenssl3-3.1.4-150600.5.15.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:libopenssl3-3.1.4-150600.5.15.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:libopenssl3-32bit-3.1.4-150600.5.15.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:openssl-3-3.1.4-150600.5.15.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:openssl-3-3.1.4-150600.5.15.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:openssl-3-3.1.4-150600.5.15.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:openssl-3-3.1.4-150600.5.15.1.x86_64",
"openSUSE Leap 15.6:libopenssl-3-devel-3.1.4-150600.5.15.1.aarch64",
"openSUSE Leap 15.6:libopenssl-3-devel-3.1.4-150600.5.15.1.ppc64le",
"openSUSE Leap 15.6:libopenssl-3-devel-3.1.4-150600.5.15.1.s390x",
"openSUSE Leap 15.6:libopenssl-3-devel-3.1.4-150600.5.15.1.x86_64",
"openSUSE Leap 15.6:libopenssl-3-devel-32bit-3.1.4-150600.5.15.1.x86_64",
"openSUSE Leap 15.6:libopenssl-3-fips-provider-3.1.4-150600.5.15.1.aarch64",
"openSUSE Leap 15.6:libopenssl-3-fips-provider-3.1.4-150600.5.15.1.ppc64le",
"openSUSE Leap 15.6:libopenssl-3-fips-provider-3.1.4-150600.5.15.1.s390x",
"openSUSE Leap 15.6:libopenssl-3-fips-provider-3.1.4-150600.5.15.1.x86_64",
"openSUSE Leap 15.6:libopenssl-3-fips-provider-32bit-3.1.4-150600.5.15.1.x86_64",
"openSUSE Leap 15.6:libopenssl3-3.1.4-150600.5.15.1.aarch64",
"openSUSE Leap 15.6:libopenssl3-3.1.4-150600.5.15.1.ppc64le",
"openSUSE Leap 15.6:libopenssl3-3.1.4-150600.5.15.1.s390x",
"openSUSE Leap 15.6:libopenssl3-3.1.4-150600.5.15.1.x86_64",
"openSUSE Leap 15.6:libopenssl3-32bit-3.1.4-150600.5.15.1.x86_64",
"openSUSE Leap 15.6:openssl-3-3.1.4-150600.5.15.1.aarch64",
"openSUSE Leap 15.6:openssl-3-3.1.4-150600.5.15.1.ppc64le",
"openSUSE Leap 15.6:openssl-3-3.1.4-150600.5.15.1.s390x",
"openSUSE Leap 15.6:openssl-3-3.1.4-150600.5.15.1.x86_64",
"openSUSE Leap 15.6:openssl-3-doc-3.1.4-150600.5.15.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-6119",
"url": "https://www.suse.com/security/cve/CVE-2024-6119"
},
{
"category": "external",
"summary": "SUSE Bug 1229465 for CVE-2024-6119",
"url": "https://bugzilla.suse.com/1229465"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Basesystem 15 SP6:libopenssl-3-devel-3.1.4-150600.5.15.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:libopenssl-3-devel-3.1.4-150600.5.15.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:libopenssl-3-devel-3.1.4-150600.5.15.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:libopenssl-3-devel-3.1.4-150600.5.15.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:libopenssl-3-fips-provider-3.1.4-150600.5.15.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:libopenssl-3-fips-provider-3.1.4-150600.5.15.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:libopenssl-3-fips-provider-3.1.4-150600.5.15.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:libopenssl-3-fips-provider-3.1.4-150600.5.15.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:libopenssl-3-fips-provider-32bit-3.1.4-150600.5.15.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:libopenssl3-3.1.4-150600.5.15.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:libopenssl3-3.1.4-150600.5.15.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:libopenssl3-3.1.4-150600.5.15.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:libopenssl3-3.1.4-150600.5.15.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:libopenssl3-32bit-3.1.4-150600.5.15.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:openssl-3-3.1.4-150600.5.15.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:openssl-3-3.1.4-150600.5.15.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:openssl-3-3.1.4-150600.5.15.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:openssl-3-3.1.4-150600.5.15.1.x86_64",
"openSUSE Leap 15.6:libopenssl-3-devel-3.1.4-150600.5.15.1.aarch64",
"openSUSE Leap 15.6:libopenssl-3-devel-3.1.4-150600.5.15.1.ppc64le",
"openSUSE Leap 15.6:libopenssl-3-devel-3.1.4-150600.5.15.1.s390x",
"openSUSE Leap 15.6:libopenssl-3-devel-3.1.4-150600.5.15.1.x86_64",
"openSUSE Leap 15.6:libopenssl-3-devel-32bit-3.1.4-150600.5.15.1.x86_64",
"openSUSE Leap 15.6:libopenssl-3-fips-provider-3.1.4-150600.5.15.1.aarch64",
"openSUSE Leap 15.6:libopenssl-3-fips-provider-3.1.4-150600.5.15.1.ppc64le",
"openSUSE Leap 15.6:libopenssl-3-fips-provider-3.1.4-150600.5.15.1.s390x",
"openSUSE Leap 15.6:libopenssl-3-fips-provider-3.1.4-150600.5.15.1.x86_64",
"openSUSE Leap 15.6:libopenssl-3-fips-provider-32bit-3.1.4-150600.5.15.1.x86_64",
"openSUSE Leap 15.6:libopenssl3-3.1.4-150600.5.15.1.aarch64",
"openSUSE Leap 15.6:libopenssl3-3.1.4-150600.5.15.1.ppc64le",
"openSUSE Leap 15.6:libopenssl3-3.1.4-150600.5.15.1.s390x",
"openSUSE Leap 15.6:libopenssl3-3.1.4-150600.5.15.1.x86_64",
"openSUSE Leap 15.6:libopenssl3-32bit-3.1.4-150600.5.15.1.x86_64",
"openSUSE Leap 15.6:openssl-3-3.1.4-150600.5.15.1.aarch64",
"openSUSE Leap 15.6:openssl-3-3.1.4-150600.5.15.1.ppc64le",
"openSUSE Leap 15.6:openssl-3-3.1.4-150600.5.15.1.s390x",
"openSUSE Leap 15.6:openssl-3-3.1.4-150600.5.15.1.x86_64",
"openSUSE Leap 15.6:openssl-3-doc-3.1.4-150600.5.15.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Basesystem 15 SP6:libopenssl-3-devel-3.1.4-150600.5.15.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:libopenssl-3-devel-3.1.4-150600.5.15.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:libopenssl-3-devel-3.1.4-150600.5.15.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:libopenssl-3-devel-3.1.4-150600.5.15.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:libopenssl-3-fips-provider-3.1.4-150600.5.15.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:libopenssl-3-fips-provider-3.1.4-150600.5.15.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:libopenssl-3-fips-provider-3.1.4-150600.5.15.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:libopenssl-3-fips-provider-3.1.4-150600.5.15.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:libopenssl-3-fips-provider-32bit-3.1.4-150600.5.15.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:libopenssl3-3.1.4-150600.5.15.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:libopenssl3-3.1.4-150600.5.15.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:libopenssl3-3.1.4-150600.5.15.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:libopenssl3-3.1.4-150600.5.15.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:libopenssl3-32bit-3.1.4-150600.5.15.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:openssl-3-3.1.4-150600.5.15.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:openssl-3-3.1.4-150600.5.15.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:openssl-3-3.1.4-150600.5.15.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:openssl-3-3.1.4-150600.5.15.1.x86_64",
"openSUSE Leap 15.6:libopenssl-3-devel-3.1.4-150600.5.15.1.aarch64",
"openSUSE Leap 15.6:libopenssl-3-devel-3.1.4-150600.5.15.1.ppc64le",
"openSUSE Leap 15.6:libopenssl-3-devel-3.1.4-150600.5.15.1.s390x",
"openSUSE Leap 15.6:libopenssl-3-devel-3.1.4-150600.5.15.1.x86_64",
"openSUSE Leap 15.6:libopenssl-3-devel-32bit-3.1.4-150600.5.15.1.x86_64",
"openSUSE Leap 15.6:libopenssl-3-fips-provider-3.1.4-150600.5.15.1.aarch64",
"openSUSE Leap 15.6:libopenssl-3-fips-provider-3.1.4-150600.5.15.1.ppc64le",
"openSUSE Leap 15.6:libopenssl-3-fips-provider-3.1.4-150600.5.15.1.s390x",
"openSUSE Leap 15.6:libopenssl-3-fips-provider-3.1.4-150600.5.15.1.x86_64",
"openSUSE Leap 15.6:libopenssl-3-fips-provider-32bit-3.1.4-150600.5.15.1.x86_64",
"openSUSE Leap 15.6:libopenssl3-3.1.4-150600.5.15.1.aarch64",
"openSUSE Leap 15.6:libopenssl3-3.1.4-150600.5.15.1.ppc64le",
"openSUSE Leap 15.6:libopenssl3-3.1.4-150600.5.15.1.s390x",
"openSUSE Leap 15.6:libopenssl3-3.1.4-150600.5.15.1.x86_64",
"openSUSE Leap 15.6:libopenssl3-32bit-3.1.4-150600.5.15.1.x86_64",
"openSUSE Leap 15.6:openssl-3-3.1.4-150600.5.15.1.aarch64",
"openSUSE Leap 15.6:openssl-3-3.1.4-150600.5.15.1.ppc64le",
"openSUSE Leap 15.6:openssl-3-3.1.4-150600.5.15.1.s390x",
"openSUSE Leap 15.6:openssl-3-3.1.4-150600.5.15.1.x86_64",
"openSUSE Leap 15.6:openssl-3-doc-3.1.4-150600.5.15.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-09-03T15:00:41Z",
"details": "moderate"
}
],
"title": "CVE-2024-6119"
}
]
}
SUSE-SU-2024:3107-1
Vulnerability from csaf_suse - Published: 2024-09-03 15:01 - Updated: 2024-09-03 15:01| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:libopenssl-3-devel-3.0.8-150400.4.63.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:libopenssl-3-devel-3.0.8-150400.4.63.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:libopenssl3-3.0.8-150400.4.63.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:libopenssl3-3.0.8-150400.4.63.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:openssl-3-3.0.8-150400.4.63.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:openssl-3-3.0.8-150400.4.63.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:libopenssl-3-devel-3.0.8-150400.4.63.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:libopenssl-3-devel-3.0.8-150400.4.63.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:libopenssl3-3.0.8-150400.4.63.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:libopenssl3-3.0.8-150400.4.63.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:openssl-3-3.0.8-150400.4.63.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:openssl-3-3.0.8-150400.4.63.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.3:libopenssl3-3.0.8-150400.4.63.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.3:libopenssl3-3.0.8-150400.4.63.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.3:libopenssl3-3.0.8-150400.4.63.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.4:libopenssl3-3.0.8-150400.4.63.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.4:libopenssl3-3.0.8-150400.4.63.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.4:libopenssl3-3.0.8-150400.4.63.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP4-LTSS:libopenssl-3-devel-3.0.8-150400.4.63.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP4-LTSS:libopenssl-3-devel-3.0.8-150400.4.63.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP4-LTSS:libopenssl-3-devel-3.0.8-150400.4.63.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP4-LTSS:libopenssl-3-devel-3.0.8-150400.4.63.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP4-LTSS:libopenssl3-3.0.8-150400.4.63.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP4-LTSS:libopenssl3-3.0.8-150400.4.63.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP4-LTSS:libopenssl3-3.0.8-150400.4.63.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP4-LTSS:libopenssl3-3.0.8-150400.4.63.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP4-LTSS:openssl-3-3.0.8-150400.4.63.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP4-LTSS:openssl-3-3.0.8-150400.4.63.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP4-LTSS:openssl-3-3.0.8-150400.4.63.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP4-LTSS:openssl-3-3.0.8-150400.4.63.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP4:libopenssl-3-devel-3.0.8-150400.4.63.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP4:libopenssl-3-devel-3.0.8-150400.4.63.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP4:libopenssl3-3.0.8-150400.4.63.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP4:libopenssl3-3.0.8-150400.4.63.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP4:openssl-3-3.0.8-150400.4.63.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP4:openssl-3-3.0.8-150400.4.63.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Proxy 4.3:libopenssl-3-devel-3.0.8-150400.4.63.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Proxy 4.3:libopenssl3-3.0.8-150400.4.63.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Proxy 4.3:openssl-3-3.0.8-150400.4.63.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Server 4.3:libopenssl-3-devel-3.0.8-150400.4.63.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Server 4.3:libopenssl-3-devel-3.0.8-150400.4.63.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Server 4.3:libopenssl-3-devel-3.0.8-150400.4.63.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Server 4.3:libopenssl3-3.0.8-150400.4.63.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Server 4.3:libopenssl3-3.0.8-150400.4.63.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Server 4.3:libopenssl3-3.0.8-150400.4.63.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Server 4.3:openssl-3-3.0.8-150400.4.63.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Server 4.3:openssl-3-3.0.8-150400.4.63.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Server 4.3:openssl-3-3.0.8-150400.4.63.1.x86_64 | — |
Vendor Fix
|
{
"document": {
"aggregate_severity": {
"namespace": "https://www.suse.com/support/security/rating/",
"text": "moderate"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright 2024 SUSE LLC. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Security update for openssl-3",
"title": "Title of the patch"
},
{
"category": "description",
"text": "This update for openssl-3 fixes the following issues:\n\n- CVE-2024-6119: Fixed denial of service in X.509 name checks (bsc#1229465)\n",
"title": "Description of the patch"
},
{
"category": "details",
"text": "SUSE-2024-3107,SUSE-SLE-Micro-5.3-2024-3107,SUSE-SLE-Micro-5.4-2024-3107,SUSE-SLE-Product-HPC-15-SP4-ESPOS-2024-3107,SUSE-SLE-Product-HPC-15-SP4-LTSS-2024-3107,SUSE-SLE-Product-SLED-15-SP4-LTSS-2024-3107,SUSE-SLE-Product-SLES-15-SP4-LTSS-2024-3107,SUSE-SLE-Product-SLES_SAP-15-SP4-2024-3107,SUSE-SLE-Product-SUSE-Manager-Proxy-4.3-2024-3107,SUSE-SLE-Product-SUSE-Manager-Server-4.3-2024-3107",
"title": "Patchnames"
},
{
"category": "legal_disclaimer",
"text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
"title": "Terms of use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://www.suse.com/support/security/contact/",
"name": "SUSE Product Security Team",
"namespace": "https://www.suse.com/"
},
"references": [
{
"category": "external",
"summary": "SUSE ratings",
"url": "https://www.suse.com/support/security/rating/"
},
{
"category": "self",
"summary": "URL of this CSAF notice",
"url": "https://ftp.suse.com/pub/projects/security/csaf/suse-su-2024_3107-1.json"
},
{
"category": "self",
"summary": "URL for SUSE-SU-2024:3107-1",
"url": "https://www.suse.com/support/update/announcement/2024/suse-su-20243107-1/"
},
{
"category": "self",
"summary": "E-Mail link for SUSE-SU-2024:3107-1",
"url": "https://lists.suse.com/pipermail/sle-updates/2024-September/036765.html"
},
{
"category": "self",
"summary": "SUSE Bug 1229465",
"url": "https://bugzilla.suse.com/1229465"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-6119 page",
"url": "https://www.suse.com/security/cve/CVE-2024-6119/"
}
],
"title": "Security update for openssl-3",
"tracking": {
"current_release_date": "2024-09-03T15:01:25Z",
"generator": {
"date": "2024-09-03T15:01:25Z",
"engine": {
"name": "cve-database.git:bin/generate-csaf.pl",
"version": "1"
}
},
"id": "SUSE-SU-2024:3107-1",
"initial_release_date": "2024-09-03T15:01:25Z",
"revision_history": [
{
"date": "2024-09-03T15:01:25Z",
"number": "1",
"summary": "Current version"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "libopenssl-3-devel-3.0.8-150400.4.63.1.aarch64",
"product": {
"name": "libopenssl-3-devel-3.0.8-150400.4.63.1.aarch64",
"product_id": "libopenssl-3-devel-3.0.8-150400.4.63.1.aarch64"
}
},
{
"category": "product_version",
"name": "libopenssl3-3.0.8-150400.4.63.1.aarch64",
"product": {
"name": "libopenssl3-3.0.8-150400.4.63.1.aarch64",
"product_id": "libopenssl3-3.0.8-150400.4.63.1.aarch64"
}
},
{
"category": "product_version",
"name": "openssl-3-3.0.8-150400.4.63.1.aarch64",
"product": {
"name": "openssl-3-3.0.8-150400.4.63.1.aarch64",
"product_id": "openssl-3-3.0.8-150400.4.63.1.aarch64"
}
}
],
"category": "architecture",
"name": "aarch64"
},
{
"branches": [
{
"category": "product_version",
"name": "libopenssl-3-devel-64bit-3.0.8-150400.4.63.1.aarch64_ilp32",
"product": {
"name": "libopenssl-3-devel-64bit-3.0.8-150400.4.63.1.aarch64_ilp32",
"product_id": "libopenssl-3-devel-64bit-3.0.8-150400.4.63.1.aarch64_ilp32"
}
},
{
"category": "product_version",
"name": "libopenssl3-64bit-3.0.8-150400.4.63.1.aarch64_ilp32",
"product": {
"name": "libopenssl3-64bit-3.0.8-150400.4.63.1.aarch64_ilp32",
"product_id": "libopenssl3-64bit-3.0.8-150400.4.63.1.aarch64_ilp32"
}
}
],
"category": "architecture",
"name": "aarch64_ilp32"
},
{
"branches": [
{
"category": "product_version",
"name": "libopenssl-3-devel-3.0.8-150400.4.63.1.i586",
"product": {
"name": "libopenssl-3-devel-3.0.8-150400.4.63.1.i586",
"product_id": "libopenssl-3-devel-3.0.8-150400.4.63.1.i586"
}
},
{
"category": "product_version",
"name": "libopenssl3-3.0.8-150400.4.63.1.i586",
"product": {
"name": "libopenssl3-3.0.8-150400.4.63.1.i586",
"product_id": "libopenssl3-3.0.8-150400.4.63.1.i586"
}
},
{
"category": "product_version",
"name": "openssl-3-3.0.8-150400.4.63.1.i586",
"product": {
"name": "openssl-3-3.0.8-150400.4.63.1.i586",
"product_id": "openssl-3-3.0.8-150400.4.63.1.i586"
}
}
],
"category": "architecture",
"name": "i586"
},
{
"branches": [
{
"category": "product_version",
"name": "openssl-3-doc-3.0.8-150400.4.63.1.noarch",
"product": {
"name": "openssl-3-doc-3.0.8-150400.4.63.1.noarch",
"product_id": "openssl-3-doc-3.0.8-150400.4.63.1.noarch"
}
}
],
"category": "architecture",
"name": "noarch"
},
{
"branches": [
{
"category": "product_version",
"name": "libopenssl-3-devel-3.0.8-150400.4.63.1.ppc64le",
"product": {
"name": "libopenssl-3-devel-3.0.8-150400.4.63.1.ppc64le",
"product_id": "libopenssl-3-devel-3.0.8-150400.4.63.1.ppc64le"
}
},
{
"category": "product_version",
"name": "libopenssl3-3.0.8-150400.4.63.1.ppc64le",
"product": {
"name": "libopenssl3-3.0.8-150400.4.63.1.ppc64le",
"product_id": "libopenssl3-3.0.8-150400.4.63.1.ppc64le"
}
},
{
"category": "product_version",
"name": "openssl-3-3.0.8-150400.4.63.1.ppc64le",
"product": {
"name": "openssl-3-3.0.8-150400.4.63.1.ppc64le",
"product_id": "openssl-3-3.0.8-150400.4.63.1.ppc64le"
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "libopenssl-3-devel-3.0.8-150400.4.63.1.s390x",
"product": {
"name": "libopenssl-3-devel-3.0.8-150400.4.63.1.s390x",
"product_id": "libopenssl-3-devel-3.0.8-150400.4.63.1.s390x"
}
},
{
"category": "product_version",
"name": "libopenssl3-3.0.8-150400.4.63.1.s390x",
"product": {
"name": "libopenssl3-3.0.8-150400.4.63.1.s390x",
"product_id": "libopenssl3-3.0.8-150400.4.63.1.s390x"
}
},
{
"category": "product_version",
"name": "openssl-3-3.0.8-150400.4.63.1.s390x",
"product": {
"name": "openssl-3-3.0.8-150400.4.63.1.s390x",
"product_id": "openssl-3-3.0.8-150400.4.63.1.s390x"
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "libopenssl-3-devel-3.0.8-150400.4.63.1.x86_64",
"product": {
"name": "libopenssl-3-devel-3.0.8-150400.4.63.1.x86_64",
"product_id": "libopenssl-3-devel-3.0.8-150400.4.63.1.x86_64"
}
},
{
"category": "product_version",
"name": "libopenssl-3-devel-32bit-3.0.8-150400.4.63.1.x86_64",
"product": {
"name": "libopenssl-3-devel-32bit-3.0.8-150400.4.63.1.x86_64",
"product_id": "libopenssl-3-devel-32bit-3.0.8-150400.4.63.1.x86_64"
}
},
{
"category": "product_version",
"name": "libopenssl3-3.0.8-150400.4.63.1.x86_64",
"product": {
"name": "libopenssl3-3.0.8-150400.4.63.1.x86_64",
"product_id": "libopenssl3-3.0.8-150400.4.63.1.x86_64"
}
},
{
"category": "product_version",
"name": "libopenssl3-32bit-3.0.8-150400.4.63.1.x86_64",
"product": {
"name": "libopenssl3-32bit-3.0.8-150400.4.63.1.x86_64",
"product_id": "libopenssl3-32bit-3.0.8-150400.4.63.1.x86_64"
}
},
{
"category": "product_version",
"name": "openssl-3-3.0.8-150400.4.63.1.x86_64",
"product": {
"name": "openssl-3-3.0.8-150400.4.63.1.x86_64",
"product_id": "openssl-3-3.0.8-150400.4.63.1.x86_64"
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_name",
"name": "SUSE Linux Enterprise Micro 5.3",
"product": {
"name": "SUSE Linux Enterprise Micro 5.3",
"product_id": "SUSE Linux Enterprise Micro 5.3",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sle-micro:5.3"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise Micro 5.4",
"product": {
"name": "SUSE Linux Enterprise Micro 5.4",
"product_id": "SUSE Linux Enterprise Micro 5.4",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sle-micro:5.4"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS",
"product": {
"name": "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sle_hpc-espos:15:sp4"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS",
"product": {
"name": "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sle_hpc-ltss:15:sp4"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise Server 15 SP4-LTSS",
"product": {
"name": "SUSE Linux Enterprise Server 15 SP4-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP4-LTSS",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sles-ltss:15:sp4"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise Server for SAP Applications 15 SP4",
"product": {
"name": "SUSE Linux Enterprise Server for SAP Applications 15 SP4",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP4",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sles_sap:15:sp4"
}
}
},
{
"category": "product_name",
"name": "SUSE Manager Proxy 4.3",
"product": {
"name": "SUSE Manager Proxy 4.3",
"product_id": "SUSE Manager Proxy 4.3",
"product_identification_helper": {
"cpe": "cpe:/o:suse:suse-manager-proxy:4.3"
}
}
},
{
"category": "product_name",
"name": "SUSE Manager Server 4.3",
"product": {
"name": "SUSE Manager Server 4.3",
"product_id": "SUSE Manager Server 4.3",
"product_identification_helper": {
"cpe": "cpe:/o:suse:suse-manager-server:4.3"
}
}
}
],
"category": "product_family",
"name": "SUSE Linux Enterprise"
}
],
"category": "vendor",
"name": "SUSE"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "libopenssl3-3.0.8-150400.4.63.1.aarch64 as component of SUSE Linux Enterprise Micro 5.3",
"product_id": "SUSE Linux Enterprise Micro 5.3:libopenssl3-3.0.8-150400.4.63.1.aarch64"
},
"product_reference": "libopenssl3-3.0.8-150400.4.63.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Micro 5.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libopenssl3-3.0.8-150400.4.63.1.s390x as component of SUSE Linux Enterprise Micro 5.3",
"product_id": "SUSE Linux Enterprise Micro 5.3:libopenssl3-3.0.8-150400.4.63.1.s390x"
},
"product_reference": "libopenssl3-3.0.8-150400.4.63.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Micro 5.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libopenssl3-3.0.8-150400.4.63.1.x86_64 as component of SUSE Linux Enterprise Micro 5.3",
"product_id": "SUSE Linux Enterprise Micro 5.3:libopenssl3-3.0.8-150400.4.63.1.x86_64"
},
"product_reference": "libopenssl3-3.0.8-150400.4.63.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Micro 5.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libopenssl3-3.0.8-150400.4.63.1.aarch64 as component of SUSE Linux Enterprise Micro 5.4",
"product_id": "SUSE Linux Enterprise Micro 5.4:libopenssl3-3.0.8-150400.4.63.1.aarch64"
},
"product_reference": "libopenssl3-3.0.8-150400.4.63.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Micro 5.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libopenssl3-3.0.8-150400.4.63.1.s390x as component of SUSE Linux Enterprise Micro 5.4",
"product_id": "SUSE Linux Enterprise Micro 5.4:libopenssl3-3.0.8-150400.4.63.1.s390x"
},
"product_reference": "libopenssl3-3.0.8-150400.4.63.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Micro 5.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libopenssl3-3.0.8-150400.4.63.1.x86_64 as component of SUSE Linux Enterprise Micro 5.4",
"product_id": "SUSE Linux Enterprise Micro 5.4:libopenssl3-3.0.8-150400.4.63.1.x86_64"
},
"product_reference": "libopenssl3-3.0.8-150400.4.63.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Micro 5.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libopenssl-3-devel-3.0.8-150400.4.63.1.aarch64 as component of SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:libopenssl-3-devel-3.0.8-150400.4.63.1.aarch64"
},
"product_reference": "libopenssl-3-devel-3.0.8-150400.4.63.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libopenssl-3-devel-3.0.8-150400.4.63.1.x86_64 as component of SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:libopenssl-3-devel-3.0.8-150400.4.63.1.x86_64"
},
"product_reference": "libopenssl-3-devel-3.0.8-150400.4.63.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libopenssl3-3.0.8-150400.4.63.1.aarch64 as component of SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:libopenssl3-3.0.8-150400.4.63.1.aarch64"
},
"product_reference": "libopenssl3-3.0.8-150400.4.63.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libopenssl3-3.0.8-150400.4.63.1.x86_64 as component of SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:libopenssl3-3.0.8-150400.4.63.1.x86_64"
},
"product_reference": "libopenssl3-3.0.8-150400.4.63.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-3-3.0.8-150400.4.63.1.aarch64 as component of SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:openssl-3-3.0.8-150400.4.63.1.aarch64"
},
"product_reference": "openssl-3-3.0.8-150400.4.63.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-3-3.0.8-150400.4.63.1.x86_64 as component of SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:openssl-3-3.0.8-150400.4.63.1.x86_64"
},
"product_reference": "openssl-3-3.0.8-150400.4.63.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libopenssl-3-devel-3.0.8-150400.4.63.1.aarch64 as component of SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:libopenssl-3-devel-3.0.8-150400.4.63.1.aarch64"
},
"product_reference": "libopenssl-3-devel-3.0.8-150400.4.63.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libopenssl-3-devel-3.0.8-150400.4.63.1.x86_64 as component of SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:libopenssl-3-devel-3.0.8-150400.4.63.1.x86_64"
},
"product_reference": "libopenssl-3-devel-3.0.8-150400.4.63.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libopenssl3-3.0.8-150400.4.63.1.aarch64 as component of SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:libopenssl3-3.0.8-150400.4.63.1.aarch64"
},
"product_reference": "libopenssl3-3.0.8-150400.4.63.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libopenssl3-3.0.8-150400.4.63.1.x86_64 as component of SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:libopenssl3-3.0.8-150400.4.63.1.x86_64"
},
"product_reference": "libopenssl3-3.0.8-150400.4.63.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-3-3.0.8-150400.4.63.1.aarch64 as component of SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:openssl-3-3.0.8-150400.4.63.1.aarch64"
},
"product_reference": "openssl-3-3.0.8-150400.4.63.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-3-3.0.8-150400.4.63.1.x86_64 as component of SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:openssl-3-3.0.8-150400.4.63.1.x86_64"
},
"product_reference": "openssl-3-3.0.8-150400.4.63.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libopenssl-3-devel-3.0.8-150400.4.63.1.aarch64 as component of SUSE Linux Enterprise Server 15 SP4-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP4-LTSS:libopenssl-3-devel-3.0.8-150400.4.63.1.aarch64"
},
"product_reference": "libopenssl-3-devel-3.0.8-150400.4.63.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP4-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libopenssl-3-devel-3.0.8-150400.4.63.1.ppc64le as component of SUSE Linux Enterprise Server 15 SP4-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP4-LTSS:libopenssl-3-devel-3.0.8-150400.4.63.1.ppc64le"
},
"product_reference": "libopenssl-3-devel-3.0.8-150400.4.63.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP4-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libopenssl-3-devel-3.0.8-150400.4.63.1.s390x as component of SUSE Linux Enterprise Server 15 SP4-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP4-LTSS:libopenssl-3-devel-3.0.8-150400.4.63.1.s390x"
},
"product_reference": "libopenssl-3-devel-3.0.8-150400.4.63.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP4-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libopenssl-3-devel-3.0.8-150400.4.63.1.x86_64 as component of SUSE Linux Enterprise Server 15 SP4-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP4-LTSS:libopenssl-3-devel-3.0.8-150400.4.63.1.x86_64"
},
"product_reference": "libopenssl-3-devel-3.0.8-150400.4.63.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP4-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libopenssl3-3.0.8-150400.4.63.1.aarch64 as component of SUSE Linux Enterprise Server 15 SP4-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP4-LTSS:libopenssl3-3.0.8-150400.4.63.1.aarch64"
},
"product_reference": "libopenssl3-3.0.8-150400.4.63.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP4-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libopenssl3-3.0.8-150400.4.63.1.ppc64le as component of SUSE Linux Enterprise Server 15 SP4-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP4-LTSS:libopenssl3-3.0.8-150400.4.63.1.ppc64le"
},
"product_reference": "libopenssl3-3.0.8-150400.4.63.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP4-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libopenssl3-3.0.8-150400.4.63.1.s390x as component of SUSE Linux Enterprise Server 15 SP4-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP4-LTSS:libopenssl3-3.0.8-150400.4.63.1.s390x"
},
"product_reference": "libopenssl3-3.0.8-150400.4.63.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP4-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libopenssl3-3.0.8-150400.4.63.1.x86_64 as component of SUSE Linux Enterprise Server 15 SP4-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP4-LTSS:libopenssl3-3.0.8-150400.4.63.1.x86_64"
},
"product_reference": "libopenssl3-3.0.8-150400.4.63.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP4-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-3-3.0.8-150400.4.63.1.aarch64 as component of SUSE Linux Enterprise Server 15 SP4-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP4-LTSS:openssl-3-3.0.8-150400.4.63.1.aarch64"
},
"product_reference": "openssl-3-3.0.8-150400.4.63.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP4-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-3-3.0.8-150400.4.63.1.ppc64le as component of SUSE Linux Enterprise Server 15 SP4-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP4-LTSS:openssl-3-3.0.8-150400.4.63.1.ppc64le"
},
"product_reference": "openssl-3-3.0.8-150400.4.63.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP4-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-3-3.0.8-150400.4.63.1.s390x as component of SUSE Linux Enterprise Server 15 SP4-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP4-LTSS:openssl-3-3.0.8-150400.4.63.1.s390x"
},
"product_reference": "openssl-3-3.0.8-150400.4.63.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP4-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-3-3.0.8-150400.4.63.1.x86_64 as component of SUSE Linux Enterprise Server 15 SP4-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP4-LTSS:openssl-3-3.0.8-150400.4.63.1.x86_64"
},
"product_reference": "openssl-3-3.0.8-150400.4.63.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP4-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libopenssl-3-devel-3.0.8-150400.4.63.1.ppc64le as component of SUSE Linux Enterprise Server for SAP Applications 15 SP4",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP4:libopenssl-3-devel-3.0.8-150400.4.63.1.ppc64le"
},
"product_reference": "libopenssl-3-devel-3.0.8-150400.4.63.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 15 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libopenssl-3-devel-3.0.8-150400.4.63.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 15 SP4",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP4:libopenssl-3-devel-3.0.8-150400.4.63.1.x86_64"
},
"product_reference": "libopenssl-3-devel-3.0.8-150400.4.63.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 15 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libopenssl3-3.0.8-150400.4.63.1.ppc64le as component of SUSE Linux Enterprise Server for SAP Applications 15 SP4",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP4:libopenssl3-3.0.8-150400.4.63.1.ppc64le"
},
"product_reference": "libopenssl3-3.0.8-150400.4.63.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 15 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libopenssl3-3.0.8-150400.4.63.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 15 SP4",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP4:libopenssl3-3.0.8-150400.4.63.1.x86_64"
},
"product_reference": "libopenssl3-3.0.8-150400.4.63.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 15 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-3-3.0.8-150400.4.63.1.ppc64le as component of SUSE Linux Enterprise Server for SAP Applications 15 SP4",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP4:openssl-3-3.0.8-150400.4.63.1.ppc64le"
},
"product_reference": "openssl-3-3.0.8-150400.4.63.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 15 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-3-3.0.8-150400.4.63.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 15 SP4",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP4:openssl-3-3.0.8-150400.4.63.1.x86_64"
},
"product_reference": "openssl-3-3.0.8-150400.4.63.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 15 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libopenssl-3-devel-3.0.8-150400.4.63.1.x86_64 as component of SUSE Manager Proxy 4.3",
"product_id": "SUSE Manager Proxy 4.3:libopenssl-3-devel-3.0.8-150400.4.63.1.x86_64"
},
"product_reference": "libopenssl-3-devel-3.0.8-150400.4.63.1.x86_64",
"relates_to_product_reference": "SUSE Manager Proxy 4.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libopenssl3-3.0.8-150400.4.63.1.x86_64 as component of SUSE Manager Proxy 4.3",
"product_id": "SUSE Manager Proxy 4.3:libopenssl3-3.0.8-150400.4.63.1.x86_64"
},
"product_reference": "libopenssl3-3.0.8-150400.4.63.1.x86_64",
"relates_to_product_reference": "SUSE Manager Proxy 4.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-3-3.0.8-150400.4.63.1.x86_64 as component of SUSE Manager Proxy 4.3",
"product_id": "SUSE Manager Proxy 4.3:openssl-3-3.0.8-150400.4.63.1.x86_64"
},
"product_reference": "openssl-3-3.0.8-150400.4.63.1.x86_64",
"relates_to_product_reference": "SUSE Manager Proxy 4.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libopenssl-3-devel-3.0.8-150400.4.63.1.ppc64le as component of SUSE Manager Server 4.3",
"product_id": "SUSE Manager Server 4.3:libopenssl-3-devel-3.0.8-150400.4.63.1.ppc64le"
},
"product_reference": "libopenssl-3-devel-3.0.8-150400.4.63.1.ppc64le",
"relates_to_product_reference": "SUSE Manager Server 4.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libopenssl-3-devel-3.0.8-150400.4.63.1.s390x as component of SUSE Manager Server 4.3",
"product_id": "SUSE Manager Server 4.3:libopenssl-3-devel-3.0.8-150400.4.63.1.s390x"
},
"product_reference": "libopenssl-3-devel-3.0.8-150400.4.63.1.s390x",
"relates_to_product_reference": "SUSE Manager Server 4.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libopenssl-3-devel-3.0.8-150400.4.63.1.x86_64 as component of SUSE Manager Server 4.3",
"product_id": "SUSE Manager Server 4.3:libopenssl-3-devel-3.0.8-150400.4.63.1.x86_64"
},
"product_reference": "libopenssl-3-devel-3.0.8-150400.4.63.1.x86_64",
"relates_to_product_reference": "SUSE Manager Server 4.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libopenssl3-3.0.8-150400.4.63.1.ppc64le as component of SUSE Manager Server 4.3",
"product_id": "SUSE Manager Server 4.3:libopenssl3-3.0.8-150400.4.63.1.ppc64le"
},
"product_reference": "libopenssl3-3.0.8-150400.4.63.1.ppc64le",
"relates_to_product_reference": "SUSE Manager Server 4.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libopenssl3-3.0.8-150400.4.63.1.s390x as component of SUSE Manager Server 4.3",
"product_id": "SUSE Manager Server 4.3:libopenssl3-3.0.8-150400.4.63.1.s390x"
},
"product_reference": "libopenssl3-3.0.8-150400.4.63.1.s390x",
"relates_to_product_reference": "SUSE Manager Server 4.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libopenssl3-3.0.8-150400.4.63.1.x86_64 as component of SUSE Manager Server 4.3",
"product_id": "SUSE Manager Server 4.3:libopenssl3-3.0.8-150400.4.63.1.x86_64"
},
"product_reference": "libopenssl3-3.0.8-150400.4.63.1.x86_64",
"relates_to_product_reference": "SUSE Manager Server 4.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-3-3.0.8-150400.4.63.1.ppc64le as component of SUSE Manager Server 4.3",
"product_id": "SUSE Manager Server 4.3:openssl-3-3.0.8-150400.4.63.1.ppc64le"
},
"product_reference": "openssl-3-3.0.8-150400.4.63.1.ppc64le",
"relates_to_product_reference": "SUSE Manager Server 4.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-3-3.0.8-150400.4.63.1.s390x as component of SUSE Manager Server 4.3",
"product_id": "SUSE Manager Server 4.3:openssl-3-3.0.8-150400.4.63.1.s390x"
},
"product_reference": "openssl-3-3.0.8-150400.4.63.1.s390x",
"relates_to_product_reference": "SUSE Manager Server 4.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-3-3.0.8-150400.4.63.1.x86_64 as component of SUSE Manager Server 4.3",
"product_id": "SUSE Manager Server 4.3:openssl-3-3.0.8-150400.4.63.1.x86_64"
},
"product_reference": "openssl-3-3.0.8-150400.4.63.1.x86_64",
"relates_to_product_reference": "SUSE Manager Server 4.3"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2024-6119",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-6119"
}
],
"notes": [
{
"category": "general",
"text": "Issue summary: Applications performing certificate name checks (e.g., TLS\nclients checking server certificates) may attempt to read an invalid memory\naddress resulting in abnormal termination of the application process.\n\nImpact summary: Abnormal termination of an application can a cause a denial of\nservice.\n\nApplications performing certificate name checks (e.g., TLS clients checking\nserver certificates) may attempt to read an invalid memory address when\ncomparing the expected name with an `otherName` subject alternative name of an\nX.509 certificate. This may result in an exception that terminates the\napplication program.\n\nNote that basic certificate chain validation (signatures, dates, ...) is not\naffected, the denial of service can occur only when the application also\nspecifies an expected DNS name, Email address or IP address.\n\nTLS servers rarely solicit client certificates, and even when they do, they\ngenerally don\u0027t perform a name check against a reference identifier (expected\nidentity), but rather extract the presented identity after checking the\ncertificate chain. So TLS servers are generally not affected and the severity\nof the issue is Moderate.\n\nThe FIPS modules in 3.3, 3.2, 3.1 and 3.0 are not affected by this issue.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:libopenssl-3-devel-3.0.8-150400.4.63.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:libopenssl-3-devel-3.0.8-150400.4.63.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:libopenssl3-3.0.8-150400.4.63.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:libopenssl3-3.0.8-150400.4.63.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:openssl-3-3.0.8-150400.4.63.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:openssl-3-3.0.8-150400.4.63.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:libopenssl-3-devel-3.0.8-150400.4.63.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:libopenssl-3-devel-3.0.8-150400.4.63.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:libopenssl3-3.0.8-150400.4.63.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:libopenssl3-3.0.8-150400.4.63.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:openssl-3-3.0.8-150400.4.63.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:openssl-3-3.0.8-150400.4.63.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:libopenssl3-3.0.8-150400.4.63.1.aarch64",
"SUSE Linux Enterprise Micro 5.3:libopenssl3-3.0.8-150400.4.63.1.s390x",
"SUSE Linux Enterprise Micro 5.3:libopenssl3-3.0.8-150400.4.63.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:libopenssl3-3.0.8-150400.4.63.1.aarch64",
"SUSE Linux Enterprise Micro 5.4:libopenssl3-3.0.8-150400.4.63.1.s390x",
"SUSE Linux Enterprise Micro 5.4:libopenssl3-3.0.8-150400.4.63.1.x86_64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:libopenssl-3-devel-3.0.8-150400.4.63.1.aarch64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:libopenssl-3-devel-3.0.8-150400.4.63.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP4-LTSS:libopenssl-3-devel-3.0.8-150400.4.63.1.s390x",
"SUSE Linux Enterprise Server 15 SP4-LTSS:libopenssl-3-devel-3.0.8-150400.4.63.1.x86_64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:libopenssl3-3.0.8-150400.4.63.1.aarch64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:libopenssl3-3.0.8-150400.4.63.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP4-LTSS:libopenssl3-3.0.8-150400.4.63.1.s390x",
"SUSE Linux Enterprise Server 15 SP4-LTSS:libopenssl3-3.0.8-150400.4.63.1.x86_64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:openssl-3-3.0.8-150400.4.63.1.aarch64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:openssl-3-3.0.8-150400.4.63.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP4-LTSS:openssl-3-3.0.8-150400.4.63.1.s390x",
"SUSE Linux Enterprise Server 15 SP4-LTSS:openssl-3-3.0.8-150400.4.63.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:libopenssl-3-devel-3.0.8-150400.4.63.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:libopenssl-3-devel-3.0.8-150400.4.63.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:libopenssl3-3.0.8-150400.4.63.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:libopenssl3-3.0.8-150400.4.63.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:openssl-3-3.0.8-150400.4.63.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:openssl-3-3.0.8-150400.4.63.1.x86_64",
"SUSE Manager Proxy 4.3:libopenssl-3-devel-3.0.8-150400.4.63.1.x86_64",
"SUSE Manager Proxy 4.3:libopenssl3-3.0.8-150400.4.63.1.x86_64",
"SUSE Manager Proxy 4.3:openssl-3-3.0.8-150400.4.63.1.x86_64",
"SUSE Manager Server 4.3:libopenssl-3-devel-3.0.8-150400.4.63.1.ppc64le",
"SUSE Manager Server 4.3:libopenssl-3-devel-3.0.8-150400.4.63.1.s390x",
"SUSE Manager Server 4.3:libopenssl-3-devel-3.0.8-150400.4.63.1.x86_64",
"SUSE Manager Server 4.3:libopenssl3-3.0.8-150400.4.63.1.ppc64le",
"SUSE Manager Server 4.3:libopenssl3-3.0.8-150400.4.63.1.s390x",
"SUSE Manager Server 4.3:libopenssl3-3.0.8-150400.4.63.1.x86_64",
"SUSE Manager Server 4.3:openssl-3-3.0.8-150400.4.63.1.ppc64le",
"SUSE Manager Server 4.3:openssl-3-3.0.8-150400.4.63.1.s390x",
"SUSE Manager Server 4.3:openssl-3-3.0.8-150400.4.63.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-6119",
"url": "https://www.suse.com/security/cve/CVE-2024-6119"
},
{
"category": "external",
"summary": "SUSE Bug 1229465 for CVE-2024-6119",
"url": "https://bugzilla.suse.com/1229465"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:libopenssl-3-devel-3.0.8-150400.4.63.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:libopenssl-3-devel-3.0.8-150400.4.63.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:libopenssl3-3.0.8-150400.4.63.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:libopenssl3-3.0.8-150400.4.63.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:openssl-3-3.0.8-150400.4.63.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:openssl-3-3.0.8-150400.4.63.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:libopenssl-3-devel-3.0.8-150400.4.63.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:libopenssl-3-devel-3.0.8-150400.4.63.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:libopenssl3-3.0.8-150400.4.63.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:libopenssl3-3.0.8-150400.4.63.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:openssl-3-3.0.8-150400.4.63.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:openssl-3-3.0.8-150400.4.63.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:libopenssl3-3.0.8-150400.4.63.1.aarch64",
"SUSE Linux Enterprise Micro 5.3:libopenssl3-3.0.8-150400.4.63.1.s390x",
"SUSE Linux Enterprise Micro 5.3:libopenssl3-3.0.8-150400.4.63.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:libopenssl3-3.0.8-150400.4.63.1.aarch64",
"SUSE Linux Enterprise Micro 5.4:libopenssl3-3.0.8-150400.4.63.1.s390x",
"SUSE Linux Enterprise Micro 5.4:libopenssl3-3.0.8-150400.4.63.1.x86_64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:libopenssl-3-devel-3.0.8-150400.4.63.1.aarch64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:libopenssl-3-devel-3.0.8-150400.4.63.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP4-LTSS:libopenssl-3-devel-3.0.8-150400.4.63.1.s390x",
"SUSE Linux Enterprise Server 15 SP4-LTSS:libopenssl-3-devel-3.0.8-150400.4.63.1.x86_64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:libopenssl3-3.0.8-150400.4.63.1.aarch64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:libopenssl3-3.0.8-150400.4.63.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP4-LTSS:libopenssl3-3.0.8-150400.4.63.1.s390x",
"SUSE Linux Enterprise Server 15 SP4-LTSS:libopenssl3-3.0.8-150400.4.63.1.x86_64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:openssl-3-3.0.8-150400.4.63.1.aarch64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:openssl-3-3.0.8-150400.4.63.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP4-LTSS:openssl-3-3.0.8-150400.4.63.1.s390x",
"SUSE Linux Enterprise Server 15 SP4-LTSS:openssl-3-3.0.8-150400.4.63.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:libopenssl-3-devel-3.0.8-150400.4.63.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:libopenssl-3-devel-3.0.8-150400.4.63.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:libopenssl3-3.0.8-150400.4.63.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:libopenssl3-3.0.8-150400.4.63.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:openssl-3-3.0.8-150400.4.63.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:openssl-3-3.0.8-150400.4.63.1.x86_64",
"SUSE Manager Proxy 4.3:libopenssl-3-devel-3.0.8-150400.4.63.1.x86_64",
"SUSE Manager Proxy 4.3:libopenssl3-3.0.8-150400.4.63.1.x86_64",
"SUSE Manager Proxy 4.3:openssl-3-3.0.8-150400.4.63.1.x86_64",
"SUSE Manager Server 4.3:libopenssl-3-devel-3.0.8-150400.4.63.1.ppc64le",
"SUSE Manager Server 4.3:libopenssl-3-devel-3.0.8-150400.4.63.1.s390x",
"SUSE Manager Server 4.3:libopenssl-3-devel-3.0.8-150400.4.63.1.x86_64",
"SUSE Manager Server 4.3:libopenssl3-3.0.8-150400.4.63.1.ppc64le",
"SUSE Manager Server 4.3:libopenssl3-3.0.8-150400.4.63.1.s390x",
"SUSE Manager Server 4.3:libopenssl3-3.0.8-150400.4.63.1.x86_64",
"SUSE Manager Server 4.3:openssl-3-3.0.8-150400.4.63.1.ppc64le",
"SUSE Manager Server 4.3:openssl-3-3.0.8-150400.4.63.1.s390x",
"SUSE Manager Server 4.3:openssl-3-3.0.8-150400.4.63.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:libopenssl-3-devel-3.0.8-150400.4.63.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:libopenssl-3-devel-3.0.8-150400.4.63.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:libopenssl3-3.0.8-150400.4.63.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:libopenssl3-3.0.8-150400.4.63.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:openssl-3-3.0.8-150400.4.63.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:openssl-3-3.0.8-150400.4.63.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:libopenssl-3-devel-3.0.8-150400.4.63.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:libopenssl-3-devel-3.0.8-150400.4.63.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:libopenssl3-3.0.8-150400.4.63.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:libopenssl3-3.0.8-150400.4.63.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:openssl-3-3.0.8-150400.4.63.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:openssl-3-3.0.8-150400.4.63.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:libopenssl3-3.0.8-150400.4.63.1.aarch64",
"SUSE Linux Enterprise Micro 5.3:libopenssl3-3.0.8-150400.4.63.1.s390x",
"SUSE Linux Enterprise Micro 5.3:libopenssl3-3.0.8-150400.4.63.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:libopenssl3-3.0.8-150400.4.63.1.aarch64",
"SUSE Linux Enterprise Micro 5.4:libopenssl3-3.0.8-150400.4.63.1.s390x",
"SUSE Linux Enterprise Micro 5.4:libopenssl3-3.0.8-150400.4.63.1.x86_64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:libopenssl-3-devel-3.0.8-150400.4.63.1.aarch64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:libopenssl-3-devel-3.0.8-150400.4.63.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP4-LTSS:libopenssl-3-devel-3.0.8-150400.4.63.1.s390x",
"SUSE Linux Enterprise Server 15 SP4-LTSS:libopenssl-3-devel-3.0.8-150400.4.63.1.x86_64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:libopenssl3-3.0.8-150400.4.63.1.aarch64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:libopenssl3-3.0.8-150400.4.63.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP4-LTSS:libopenssl3-3.0.8-150400.4.63.1.s390x",
"SUSE Linux Enterprise Server 15 SP4-LTSS:libopenssl3-3.0.8-150400.4.63.1.x86_64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:openssl-3-3.0.8-150400.4.63.1.aarch64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:openssl-3-3.0.8-150400.4.63.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP4-LTSS:openssl-3-3.0.8-150400.4.63.1.s390x",
"SUSE Linux Enterprise Server 15 SP4-LTSS:openssl-3-3.0.8-150400.4.63.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:libopenssl-3-devel-3.0.8-150400.4.63.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:libopenssl-3-devel-3.0.8-150400.4.63.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:libopenssl3-3.0.8-150400.4.63.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:libopenssl3-3.0.8-150400.4.63.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:openssl-3-3.0.8-150400.4.63.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:openssl-3-3.0.8-150400.4.63.1.x86_64",
"SUSE Manager Proxy 4.3:libopenssl-3-devel-3.0.8-150400.4.63.1.x86_64",
"SUSE Manager Proxy 4.3:libopenssl3-3.0.8-150400.4.63.1.x86_64",
"SUSE Manager Proxy 4.3:openssl-3-3.0.8-150400.4.63.1.x86_64",
"SUSE Manager Server 4.3:libopenssl-3-devel-3.0.8-150400.4.63.1.ppc64le",
"SUSE Manager Server 4.3:libopenssl-3-devel-3.0.8-150400.4.63.1.s390x",
"SUSE Manager Server 4.3:libopenssl-3-devel-3.0.8-150400.4.63.1.x86_64",
"SUSE Manager Server 4.3:libopenssl3-3.0.8-150400.4.63.1.ppc64le",
"SUSE Manager Server 4.3:libopenssl3-3.0.8-150400.4.63.1.s390x",
"SUSE Manager Server 4.3:libopenssl3-3.0.8-150400.4.63.1.x86_64",
"SUSE Manager Server 4.3:openssl-3-3.0.8-150400.4.63.1.ppc64le",
"SUSE Manager Server 4.3:openssl-3-3.0.8-150400.4.63.1.s390x",
"SUSE Manager Server 4.3:openssl-3-3.0.8-150400.4.63.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-09-03T15:01:25Z",
"details": "moderate"
}
],
"title": "CVE-2024-6119"
}
]
}
SUSE-SU-2025:1516-1
Vulnerability from csaf_suse - Published: 2025-05-08 13:17 - Updated: 2025-05-08 13:17| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Module for Certifications 15 SP7:libopenssl-3-fips-provider-3.1.4-150600.5.15.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Certifications 15 SP7:libopenssl-3-fips-provider-3.1.4-150600.5.15.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Certifications 15 SP7:libopenssl-3-fips-provider-3.1.4-150600.5.15.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Certifications 15 SP7:libopenssl-3-fips-provider-3.1.4-150600.5.15.1.x86_64 | — |
Vendor Fix
|
{
"document": {
"aggregate_severity": {
"namespace": "https://www.suse.com/support/security/rating/",
"text": "moderate"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright 2024 SUSE LLC. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Security update for openssl-3",
"title": "Title of the patch"
},
{
"category": "description",
"text": "This update for openssl-3 fixes the following issues:\n\n- CVE-2024-6119: Fixed denial of service in X.509 name checks (bsc#1229465)\n\nOther fixes: \n \n- FIPS: Deny SHA-1 signature verification in FIPS provider (bsc#1221365).\n- FIPS: RSA keygen PCT requirements.\n- FIPS: Check that the fips provider is available before setting\n it as the default provider in FIPS mode (bsc#1220523).\n- FIPS: Port openssl to use jitterentropy (bsc#1220523).\n- FIPS: Block non-Approved Elliptic Curves (bsc#1221786).\n- FIPS: Service Level Indicator (bsc#1221365).\n- FIPS: Output the FIPS-validation name and module version which uniquely\n identify the FIPS validated module (bsc#1221751).\n- FIPS: Add required selftests: (bsc#1221760).\n- FIPS: DH: Disable FIPS 186-4 Domain Parameters (bsc#1221821).\n- FIPS: Recommendation for Password-Based Key Derivation (bsc#1221827).\n- FIPS: Zero initialization required (bsc#1221752).\n- FIPS: Reseed DRBG (bsc#1220690, bsc#1220693, bsc#1220696).\n- FIPS: NIST SP 800-56Brev2 (bsc#1221824).\n- FIPS: Approved Modulus Sizes for RSA Digital Signature for FIPS 186-4 (bsc#1221787).\n- FIPS: Port openssl to use jitterentropy (bsc#1220523).\n- FIPS: NIST SP 800-56Arev3 (bsc#1221822).\n- FIPS: Error state has to be enforced (bsc#1221753).\n",
"title": "Description of the patch"
},
{
"category": "details",
"text": "SUSE-2025-1516,SUSE-SLE-Module-Certifications-15-SP7-2025-1516",
"title": "Patchnames"
},
{
"category": "legal_disclaimer",
"text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
"title": "Terms of use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://www.suse.com/support/security/contact/",
"name": "SUSE Product Security Team",
"namespace": "https://www.suse.com/"
},
"references": [
{
"category": "external",
"summary": "SUSE ratings",
"url": "https://www.suse.com/support/security/rating/"
},
{
"category": "self",
"summary": "URL of this CSAF notice",
"url": "https://ftp.suse.com/pub/projects/security/csaf/suse-su-2025_1516-1.json"
},
{
"category": "self",
"summary": "URL for SUSE-SU-2025:1516-1",
"url": "https://www.suse.com/support/update/announcement/2025/suse-su-20251516-1/"
},
{
"category": "self",
"summary": "E-Mail link for SUSE-SU-2025:1516-1",
"url": "https://lists.suse.com/pipermail/sle-updates/2025-May/039185.html"
},
{
"category": "self",
"summary": "SUSE Bug 1220523",
"url": "https://bugzilla.suse.com/1220523"
},
{
"category": "self",
"summary": "SUSE Bug 1220690",
"url": "https://bugzilla.suse.com/1220690"
},
{
"category": "self",
"summary": "SUSE Bug 1220693",
"url": "https://bugzilla.suse.com/1220693"
},
{
"category": "self",
"summary": "SUSE Bug 1220696",
"url": "https://bugzilla.suse.com/1220696"
},
{
"category": "self",
"summary": "SUSE Bug 1221365",
"url": "https://bugzilla.suse.com/1221365"
},
{
"category": "self",
"summary": "SUSE Bug 1221751",
"url": "https://bugzilla.suse.com/1221751"
},
{
"category": "self",
"summary": "SUSE Bug 1221752",
"url": "https://bugzilla.suse.com/1221752"
},
{
"category": "self",
"summary": "SUSE Bug 1221753",
"url": "https://bugzilla.suse.com/1221753"
},
{
"category": "self",
"summary": "SUSE Bug 1221760",
"url": "https://bugzilla.suse.com/1221760"
},
{
"category": "self",
"summary": "SUSE Bug 1221786",
"url": "https://bugzilla.suse.com/1221786"
},
{
"category": "self",
"summary": "SUSE Bug 1221787",
"url": "https://bugzilla.suse.com/1221787"
},
{
"category": "self",
"summary": "SUSE Bug 1221821",
"url": "https://bugzilla.suse.com/1221821"
},
{
"category": "self",
"summary": "SUSE Bug 1221822",
"url": "https://bugzilla.suse.com/1221822"
},
{
"category": "self",
"summary": "SUSE Bug 1221824",
"url": "https://bugzilla.suse.com/1221824"
},
{
"category": "self",
"summary": "SUSE Bug 1221827",
"url": "https://bugzilla.suse.com/1221827"
},
{
"category": "self",
"summary": "SUSE Bug 1229465",
"url": "https://bugzilla.suse.com/1229465"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-6119 page",
"url": "https://www.suse.com/security/cve/CVE-2024-6119/"
}
],
"title": "Security update for openssl-3",
"tracking": {
"current_release_date": "2025-05-08T13:17:46Z",
"generator": {
"date": "2025-05-08T13:17:46Z",
"engine": {
"name": "cve-database.git:bin/generate-csaf.pl",
"version": "1"
}
},
"id": "SUSE-SU-2025:1516-1",
"initial_release_date": "2025-05-08T13:17:46Z",
"revision_history": [
{
"date": "2025-05-08T13:17:46Z",
"number": "1",
"summary": "Current version"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "libopenssl-3-fips-provider-3.1.4-150600.5.15.1.aarch64",
"product": {
"name": "libopenssl-3-fips-provider-3.1.4-150600.5.15.1.aarch64",
"product_id": "libopenssl-3-fips-provider-3.1.4-150600.5.15.1.aarch64"
}
}
],
"category": "architecture",
"name": "aarch64"
},
{
"branches": [
{
"category": "product_version",
"name": "libopenssl-3-fips-provider-3.1.4-150600.5.15.1.ppc64le",
"product": {
"name": "libopenssl-3-fips-provider-3.1.4-150600.5.15.1.ppc64le",
"product_id": "libopenssl-3-fips-provider-3.1.4-150600.5.15.1.ppc64le"
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "libopenssl-3-fips-provider-3.1.4-150600.5.15.1.s390x",
"product": {
"name": "libopenssl-3-fips-provider-3.1.4-150600.5.15.1.s390x",
"product_id": "libopenssl-3-fips-provider-3.1.4-150600.5.15.1.s390x"
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "libopenssl-3-fips-provider-3.1.4-150600.5.15.1.x86_64",
"product": {
"name": "libopenssl-3-fips-provider-3.1.4-150600.5.15.1.x86_64",
"product_id": "libopenssl-3-fips-provider-3.1.4-150600.5.15.1.x86_64"
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_name",
"name": "SUSE Linux Enterprise Module for Certifications 15 SP7",
"product": {
"name": "SUSE Linux Enterprise Module for Certifications 15 SP7",
"product_id": "SUSE Linux Enterprise Module for Certifications 15 SP7",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sle-module-certifications:15:sp7"
}
}
}
],
"category": "product_family",
"name": "SUSE Linux Enterprise"
}
],
"category": "vendor",
"name": "SUSE"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "libopenssl-3-fips-provider-3.1.4-150600.5.15.1.aarch64 as component of SUSE Linux Enterprise Module for Certifications 15 SP7",
"product_id": "SUSE Linux Enterprise Module for Certifications 15 SP7:libopenssl-3-fips-provider-3.1.4-150600.5.15.1.aarch64"
},
"product_reference": "libopenssl-3-fips-provider-3.1.4-150600.5.15.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Certifications 15 SP7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libopenssl-3-fips-provider-3.1.4-150600.5.15.1.ppc64le as component of SUSE Linux Enterprise Module for Certifications 15 SP7",
"product_id": "SUSE Linux Enterprise Module for Certifications 15 SP7:libopenssl-3-fips-provider-3.1.4-150600.5.15.1.ppc64le"
},
"product_reference": "libopenssl-3-fips-provider-3.1.4-150600.5.15.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Certifications 15 SP7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libopenssl-3-fips-provider-3.1.4-150600.5.15.1.s390x as component of SUSE Linux Enterprise Module for Certifications 15 SP7",
"product_id": "SUSE Linux Enterprise Module for Certifications 15 SP7:libopenssl-3-fips-provider-3.1.4-150600.5.15.1.s390x"
},
"product_reference": "libopenssl-3-fips-provider-3.1.4-150600.5.15.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Certifications 15 SP7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libopenssl-3-fips-provider-3.1.4-150600.5.15.1.x86_64 as component of SUSE Linux Enterprise Module for Certifications 15 SP7",
"product_id": "SUSE Linux Enterprise Module for Certifications 15 SP7:libopenssl-3-fips-provider-3.1.4-150600.5.15.1.x86_64"
},
"product_reference": "libopenssl-3-fips-provider-3.1.4-150600.5.15.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Certifications 15 SP7"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2024-6119",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-6119"
}
],
"notes": [
{
"category": "general",
"text": "Issue summary: Applications performing certificate name checks (e.g., TLS\nclients checking server certificates) may attempt to read an invalid memory\naddress resulting in abnormal termination of the application process.\n\nImpact summary: Abnormal termination of an application can a cause a denial of\nservice.\n\nApplications performing certificate name checks (e.g., TLS clients checking\nserver certificates) may attempt to read an invalid memory address when\ncomparing the expected name with an `otherName` subject alternative name of an\nX.509 certificate. This may result in an exception that terminates the\napplication program.\n\nNote that basic certificate chain validation (signatures, dates, ...) is not\naffected, the denial of service can occur only when the application also\nspecifies an expected DNS name, Email address or IP address.\n\nTLS servers rarely solicit client certificates, and even when they do, they\ngenerally don\u0027t perform a name check against a reference identifier (expected\nidentity), but rather extract the presented identity after checking the\ncertificate chain. So TLS servers are generally not affected and the severity\nof the issue is Moderate.\n\nThe FIPS modules in 3.3, 3.2, 3.1 and 3.0 are not affected by this issue.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Certifications 15 SP7:libopenssl-3-fips-provider-3.1.4-150600.5.15.1.aarch64",
"SUSE Linux Enterprise Module for Certifications 15 SP7:libopenssl-3-fips-provider-3.1.4-150600.5.15.1.ppc64le",
"SUSE Linux Enterprise Module for Certifications 15 SP7:libopenssl-3-fips-provider-3.1.4-150600.5.15.1.s390x",
"SUSE Linux Enterprise Module for Certifications 15 SP7:libopenssl-3-fips-provider-3.1.4-150600.5.15.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-6119",
"url": "https://www.suse.com/security/cve/CVE-2024-6119"
},
{
"category": "external",
"summary": "SUSE Bug 1229465 for CVE-2024-6119",
"url": "https://bugzilla.suse.com/1229465"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Certifications 15 SP7:libopenssl-3-fips-provider-3.1.4-150600.5.15.1.aarch64",
"SUSE Linux Enterprise Module for Certifications 15 SP7:libopenssl-3-fips-provider-3.1.4-150600.5.15.1.ppc64le",
"SUSE Linux Enterprise Module for Certifications 15 SP7:libopenssl-3-fips-provider-3.1.4-150600.5.15.1.s390x",
"SUSE Linux Enterprise Module for Certifications 15 SP7:libopenssl-3-fips-provider-3.1.4-150600.5.15.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Certifications 15 SP7:libopenssl-3-fips-provider-3.1.4-150600.5.15.1.aarch64",
"SUSE Linux Enterprise Module for Certifications 15 SP7:libopenssl-3-fips-provider-3.1.4-150600.5.15.1.ppc64le",
"SUSE Linux Enterprise Module for Certifications 15 SP7:libopenssl-3-fips-provider-3.1.4-150600.5.15.1.s390x",
"SUSE Linux Enterprise Module for Certifications 15 SP7:libopenssl-3-fips-provider-3.1.4-150600.5.15.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-05-08T13:17:46Z",
"details": "moderate"
}
],
"title": "CVE-2024-6119"
}
]
}
SUSE-SU-2025:20014-1
Vulnerability from csaf_suse - Published: 2025-02-03 08:48 - Updated: 2025-02-03 08:48| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Micro 6.0:jitterentropy-devel-3.4.1-3.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:jitterentropy-devel-3.4.1-3.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:jitterentropy-devel-3.4.1-3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:libjitterentropy3-3.4.1-3.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:libjitterentropy3-3.4.1-3.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:libjitterentropy3-3.4.1-3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:libopenssl-3-devel-3.1.4-6.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:libopenssl-3-devel-3.1.4-6.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:libopenssl-3-devel-3.1.4-6.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:libopenssl-3-fips-provider-3.1.4-6.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:libopenssl-3-fips-provider-3.1.4-6.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:libopenssl-3-fips-provider-3.1.4-6.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:libopenssl3-3.1.4-6.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:libopenssl3-3.1.4-6.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:libopenssl3-3.1.4-6.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:libpulp-tools-0.3.5-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:libpulp0-0.3.5-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:openssl-3-3.1.4-6.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:openssl-3-3.1.4-6.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:openssl-3-3.1.4-6.1.x86_64 | — |
Vendor Fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Micro 6.0:jitterentropy-devel-3.4.1-3.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:jitterentropy-devel-3.4.1-3.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:jitterentropy-devel-3.4.1-3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:libjitterentropy3-3.4.1-3.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:libjitterentropy3-3.4.1-3.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:libjitterentropy3-3.4.1-3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:libopenssl-3-devel-3.1.4-6.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:libopenssl-3-devel-3.1.4-6.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:libopenssl-3-devel-3.1.4-6.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:libopenssl-3-fips-provider-3.1.4-6.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:libopenssl-3-fips-provider-3.1.4-6.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:libopenssl-3-fips-provider-3.1.4-6.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:libopenssl3-3.1.4-6.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:libopenssl3-3.1.4-6.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:libopenssl3-3.1.4-6.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:libpulp-tools-0.3.5-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:libpulp0-0.3.5-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:openssl-3-3.1.4-6.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:openssl-3-3.1.4-6.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:openssl-3-3.1.4-6.1.x86_64 | — |
Vendor Fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Micro 6.0:jitterentropy-devel-3.4.1-3.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:jitterentropy-devel-3.4.1-3.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:jitterentropy-devel-3.4.1-3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:libjitterentropy3-3.4.1-3.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:libjitterentropy3-3.4.1-3.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:libjitterentropy3-3.4.1-3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:libopenssl-3-devel-3.1.4-6.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:libopenssl-3-devel-3.1.4-6.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:libopenssl-3-devel-3.1.4-6.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:libopenssl-3-fips-provider-3.1.4-6.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:libopenssl-3-fips-provider-3.1.4-6.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:libopenssl-3-fips-provider-3.1.4-6.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:libopenssl3-3.1.4-6.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:libopenssl3-3.1.4-6.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:libopenssl3-3.1.4-6.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:libpulp-tools-0.3.5-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:libpulp0-0.3.5-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:openssl-3-3.1.4-6.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:openssl-3-3.1.4-6.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:openssl-3-3.1.4-6.1.x86_64 | — |
Vendor Fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Micro 6.0:jitterentropy-devel-3.4.1-3.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:jitterentropy-devel-3.4.1-3.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:jitterentropy-devel-3.4.1-3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:libjitterentropy3-3.4.1-3.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:libjitterentropy3-3.4.1-3.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:libjitterentropy3-3.4.1-3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:libopenssl-3-devel-3.1.4-6.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:libopenssl-3-devel-3.1.4-6.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:libopenssl-3-devel-3.1.4-6.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:libopenssl-3-fips-provider-3.1.4-6.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:libopenssl-3-fips-provider-3.1.4-6.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:libopenssl-3-fips-provider-3.1.4-6.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:libopenssl3-3.1.4-6.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:libopenssl3-3.1.4-6.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:libopenssl3-3.1.4-6.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:libpulp-tools-0.3.5-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:libpulp0-0.3.5-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:openssl-3-3.1.4-6.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:openssl-3-3.1.4-6.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:openssl-3-3.1.4-6.1.x86_64 | — |
Vendor Fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Micro 6.0:jitterentropy-devel-3.4.1-3.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:jitterentropy-devel-3.4.1-3.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:jitterentropy-devel-3.4.1-3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:libjitterentropy3-3.4.1-3.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:libjitterentropy3-3.4.1-3.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:libjitterentropy3-3.4.1-3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:libopenssl-3-devel-3.1.4-6.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:libopenssl-3-devel-3.1.4-6.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:libopenssl-3-devel-3.1.4-6.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:libopenssl-3-fips-provider-3.1.4-6.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:libopenssl-3-fips-provider-3.1.4-6.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:libopenssl-3-fips-provider-3.1.4-6.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:libopenssl3-3.1.4-6.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:libopenssl3-3.1.4-6.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:libopenssl3-3.1.4-6.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:libpulp-tools-0.3.5-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:libpulp0-0.3.5-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:openssl-3-3.1.4-6.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:openssl-3-3.1.4-6.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:openssl-3-3.1.4-6.1.x86_64 | — |
Vendor Fix
|
{
"document": {
"aggregate_severity": {
"namespace": "https://www.suse.com/support/security/rating/",
"text": "important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright 2024 SUSE LLC. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Security update for openssl-3, libpulp, ulp-macros",
"title": "Title of the patch"
},
{
"category": "description",
"text": "This update for openssl-3, libpulp, ulp-macros fixes the following issues:\n\nopenssl-3:\n - CVE-2024-6119: possible denial of service in X.509 name checks (bsc#1229465)\n - CVE-2024-5535: SSL_select_next_proto buffer overread (bsc#1227138)\n - CVE-2024-4741: Fixed a use-after-free with SSL_free_buffers (bsc#1225551)\n - CVE-2024-4603: Check DSA parameters for excessive sizes before validating (bsc#1224388)\n - CVE-2024-2511: Fix unconstrained session cache growth in TLSv1.3 (bsc#1222548)\n - FIPS: Deny SHA-1 signature verification in FIPS provider (bsc#1221365)\n - FIPS: RSA keygen PCT requirements. (bsc#1221760, bsc#1221753)\n - FIPS: Check that the fips provider is available before setting it as the default provider in FIPS mode. (bsc#1220523)\n - FIPS: Port openssl to use jitterentropy (bsc#1220523)\n - FIPS: Block non-Approved Elliptic Curves (bsc#1221786)\n - FIPS: Service Level Indicator (bsc#1221365)\n - FIPS: Output the FIPS-validation name and module version which uniquely identify the FIPS validated module. (bsc#1221751)\n - FIPS: Add required selftests (bsc#1221760)\n - FIPS: DH: Disable FIPS 186-4 Domain Parameters (bsc#1221821)\n - FIPS: Recommendation for Password-Based Key Derivation (bsc#1221827)\n - FIPS: Zeroization is required (bsc#1221752)\n - FIPS: Reseed DRBG (bsc#1220690, bsc#1220693, bsc#1220696)\n - FIPS: NIST SP 800-56Brev2 (bsc#1221824)\n - FIPS: Approved Modulus Sizes for RSA Digital Signature for FIPS 186-4 (bsc#1221787)\n - FIPS: Port openssl to use jitterentropy (bsc#1220523)\n - FIPS: NIST SP 800-56Arev3 (bsc#1221822)\n - FIPS: Error state has to be enforced (bsc#1221753)\n - Build with enabled sm2 and sm4 support (bsc#1222899)\n - fix non-reproducible build issue\n - Fix HDKF key derivation (bsc#1225291)\n - Enable livepatching support (bsc#1223428)\n\nlibpulp:\n - Update package with libpulp-0.3.5\n * Change .so load policy from lazy to eager.\n * Fix patch of references when mprotect is enabled.\n * Fix tramposed calloc arguments.\n * Fix crash of ulp packer on empty lines.\n\n - Disabled ptrace_scope through aaa_base-enable-ptrace package (bsc#1221763).\n - Update package with libpulp-0.3.4:\n * Add debuginfo into ulp extract.\n\n - Disabled ptrace_scope when building the package (bsc#1221763).\n - Update package with libpulp-0.3.3:\n * Fixed a race condition when process list is empty.\n * Removed \"Unable to get section data\" error message (bsc#1223306).\n * Bumped asunsafe_conversion attempts from 100 to 2000.\n * Fixed banner test on clang-18.\n * Check if ptrace_scope is enabled when attempting a ptrace operation (bsc#1221763).\n\n - Update package with libpulp-0.3.1:\n * Add timestamp information on `ulp patches`.\n\nulp-macros:\n - Initial release.\n",
"title": "Description of the patch"
},
{
"category": "details",
"text": "SUSE-SLE-Micro-6.0-58",
"title": "Patchnames"
},
{
"category": "legal_disclaimer",
"text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
"title": "Terms of use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://www.suse.com/support/security/contact/",
"name": "SUSE Product Security Team",
"namespace": "https://www.suse.com/"
},
"references": [
{
"category": "external",
"summary": "SUSE ratings",
"url": "https://www.suse.com/support/security/rating/"
},
{
"category": "self",
"summary": "URL of this CSAF notice",
"url": "https://ftp.suse.com/pub/projects/security/csaf/suse-su-2025_20014-1.json"
},
{
"category": "self",
"summary": "URL for SUSE-SU-2025:20014-1",
"url": "https://www.suse.com/support/update/announcement/2025/suse-su-202520014-1/"
},
{
"category": "self",
"summary": "E-Mail link for SUSE-SU-2025:20014-1",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2025-June/021360.html"
},
{
"category": "self",
"summary": "SUSE Bug 1220523",
"url": "https://bugzilla.suse.com/1220523"
},
{
"category": "self",
"summary": "SUSE Bug 1220690",
"url": "https://bugzilla.suse.com/1220690"
},
{
"category": "self",
"summary": "SUSE Bug 1220693",
"url": "https://bugzilla.suse.com/1220693"
},
{
"category": "self",
"summary": "SUSE Bug 1220696",
"url": "https://bugzilla.suse.com/1220696"
},
{
"category": "self",
"summary": "SUSE Bug 1221365",
"url": "https://bugzilla.suse.com/1221365"
},
{
"category": "self",
"summary": "SUSE Bug 1221751",
"url": "https://bugzilla.suse.com/1221751"
},
{
"category": "self",
"summary": "SUSE Bug 1221752",
"url": "https://bugzilla.suse.com/1221752"
},
{
"category": "self",
"summary": "SUSE Bug 1221753",
"url": "https://bugzilla.suse.com/1221753"
},
{
"category": "self",
"summary": "SUSE Bug 1221760",
"url": "https://bugzilla.suse.com/1221760"
},
{
"category": "self",
"summary": "SUSE Bug 1221763",
"url": "https://bugzilla.suse.com/1221763"
},
{
"category": "self",
"summary": "SUSE Bug 1221786",
"url": "https://bugzilla.suse.com/1221786"
},
{
"category": "self",
"summary": "SUSE Bug 1221787",
"url": "https://bugzilla.suse.com/1221787"
},
{
"category": "self",
"summary": "SUSE Bug 1221821",
"url": "https://bugzilla.suse.com/1221821"
},
{
"category": "self",
"summary": "SUSE Bug 1221822",
"url": "https://bugzilla.suse.com/1221822"
},
{
"category": "self",
"summary": "SUSE Bug 1221824",
"url": "https://bugzilla.suse.com/1221824"
},
{
"category": "self",
"summary": "SUSE Bug 1221827",
"url": "https://bugzilla.suse.com/1221827"
},
{
"category": "self",
"summary": "SUSE Bug 1222548",
"url": "https://bugzilla.suse.com/1222548"
},
{
"category": "self",
"summary": "SUSE Bug 1222899",
"url": "https://bugzilla.suse.com/1222899"
},
{
"category": "self",
"summary": "SUSE Bug 1223306",
"url": "https://bugzilla.suse.com/1223306"
},
{
"category": "self",
"summary": "SUSE Bug 1223336",
"url": "https://bugzilla.suse.com/1223336"
},
{
"category": "self",
"summary": "SUSE Bug 1223428",
"url": "https://bugzilla.suse.com/1223428"
},
{
"category": "self",
"summary": "SUSE Bug 1224388",
"url": "https://bugzilla.suse.com/1224388"
},
{
"category": "self",
"summary": "SUSE Bug 1225291",
"url": "https://bugzilla.suse.com/1225291"
},
{
"category": "self",
"summary": "SUSE Bug 1225551",
"url": "https://bugzilla.suse.com/1225551"
},
{
"category": "self",
"summary": "SUSE Bug 1226463",
"url": "https://bugzilla.suse.com/1226463"
},
{
"category": "self",
"summary": "SUSE Bug 1227138",
"url": "https://bugzilla.suse.com/1227138"
},
{
"category": "self",
"summary": "SUSE Bug 1229465",
"url": "https://bugzilla.suse.com/1229465"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-2511 page",
"url": "https://www.suse.com/security/cve/CVE-2024-2511/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-4603 page",
"url": "https://www.suse.com/security/cve/CVE-2024-4603/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-4741 page",
"url": "https://www.suse.com/security/cve/CVE-2024-4741/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-5535 page",
"url": "https://www.suse.com/security/cve/CVE-2024-5535/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-6119 page",
"url": "https://www.suse.com/security/cve/CVE-2024-6119/"
}
],
"title": "Security update for openssl-3, libpulp, ulp-macros",
"tracking": {
"current_release_date": "2025-02-03T08:48:16Z",
"generator": {
"date": "2025-02-03T08:48:16Z",
"engine": {
"name": "cve-database.git:bin/generate-csaf.pl",
"version": "1"
}
},
"id": "SUSE-SU-2025:20014-1",
"initial_release_date": "2025-02-03T08:48:16Z",
"revision_history": [
{
"date": "2025-02-03T08:48:16Z",
"number": "1",
"summary": "Current version"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "jitterentropy-devel-3.4.1-3.1.aarch64",
"product": {
"name": "jitterentropy-devel-3.4.1-3.1.aarch64",
"product_id": "jitterentropy-devel-3.4.1-3.1.aarch64"
}
},
{
"category": "product_version",
"name": "libjitterentropy3-3.4.1-3.1.aarch64",
"product": {
"name": "libjitterentropy3-3.4.1-3.1.aarch64",
"product_id": "libjitterentropy3-3.4.1-3.1.aarch64"
}
},
{
"category": "product_version",
"name": "libopenssl-3-devel-3.1.4-6.1.aarch64",
"product": {
"name": "libopenssl-3-devel-3.1.4-6.1.aarch64",
"product_id": "libopenssl-3-devel-3.1.4-6.1.aarch64"
}
},
{
"category": "product_version",
"name": "libopenssl-3-fips-provider-3.1.4-6.1.aarch64",
"product": {
"name": "libopenssl-3-fips-provider-3.1.4-6.1.aarch64",
"product_id": "libopenssl-3-fips-provider-3.1.4-6.1.aarch64"
}
},
{
"category": "product_version",
"name": "libopenssl3-3.1.4-6.1.aarch64",
"product": {
"name": "libopenssl3-3.1.4-6.1.aarch64",
"product_id": "libopenssl3-3.1.4-6.1.aarch64"
}
},
{
"category": "product_version",
"name": "openssl-3-3.1.4-6.1.aarch64",
"product": {
"name": "openssl-3-3.1.4-6.1.aarch64",
"product_id": "openssl-3-3.1.4-6.1.aarch64"
}
}
],
"category": "architecture",
"name": "aarch64"
},
{
"branches": [
{
"category": "product_version",
"name": "jitterentropy-devel-3.4.1-3.1.s390x",
"product": {
"name": "jitterentropy-devel-3.4.1-3.1.s390x",
"product_id": "jitterentropy-devel-3.4.1-3.1.s390x"
}
},
{
"category": "product_version",
"name": "libjitterentropy3-3.4.1-3.1.s390x",
"product": {
"name": "libjitterentropy3-3.4.1-3.1.s390x",
"product_id": "libjitterentropy3-3.4.1-3.1.s390x"
}
},
{
"category": "product_version",
"name": "libopenssl-3-devel-3.1.4-6.1.s390x",
"product": {
"name": "libopenssl-3-devel-3.1.4-6.1.s390x",
"product_id": "libopenssl-3-devel-3.1.4-6.1.s390x"
}
},
{
"category": "product_version",
"name": "libopenssl-3-fips-provider-3.1.4-6.1.s390x",
"product": {
"name": "libopenssl-3-fips-provider-3.1.4-6.1.s390x",
"product_id": "libopenssl-3-fips-provider-3.1.4-6.1.s390x"
}
},
{
"category": "product_version",
"name": "libopenssl3-3.1.4-6.1.s390x",
"product": {
"name": "libopenssl3-3.1.4-6.1.s390x",
"product_id": "libopenssl3-3.1.4-6.1.s390x"
}
},
{
"category": "product_version",
"name": "openssl-3-3.1.4-6.1.s390x",
"product": {
"name": "openssl-3-3.1.4-6.1.s390x",
"product_id": "openssl-3-3.1.4-6.1.s390x"
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "jitterentropy-devel-3.4.1-3.1.x86_64",
"product": {
"name": "jitterentropy-devel-3.4.1-3.1.x86_64",
"product_id": "jitterentropy-devel-3.4.1-3.1.x86_64"
}
},
{
"category": "product_version",
"name": "libjitterentropy3-3.4.1-3.1.x86_64",
"product": {
"name": "libjitterentropy3-3.4.1-3.1.x86_64",
"product_id": "libjitterentropy3-3.4.1-3.1.x86_64"
}
},
{
"category": "product_version",
"name": "libopenssl-3-devel-3.1.4-6.1.x86_64",
"product": {
"name": "libopenssl-3-devel-3.1.4-6.1.x86_64",
"product_id": "libopenssl-3-devel-3.1.4-6.1.x86_64"
}
},
{
"category": "product_version",
"name": "libopenssl-3-fips-provider-3.1.4-6.1.x86_64",
"product": {
"name": "libopenssl-3-fips-provider-3.1.4-6.1.x86_64",
"product_id": "libopenssl-3-fips-provider-3.1.4-6.1.x86_64"
}
},
{
"category": "product_version",
"name": "libopenssl3-3.1.4-6.1.x86_64",
"product": {
"name": "libopenssl3-3.1.4-6.1.x86_64",
"product_id": "libopenssl3-3.1.4-6.1.x86_64"
}
},
{
"category": "product_version",
"name": "libpulp-tools-0.3.5-1.1.x86_64",
"product": {
"name": "libpulp-tools-0.3.5-1.1.x86_64",
"product_id": "libpulp-tools-0.3.5-1.1.x86_64"
}
},
{
"category": "product_version",
"name": "libpulp0-0.3.5-1.1.x86_64",
"product": {
"name": "libpulp0-0.3.5-1.1.x86_64",
"product_id": "libpulp0-0.3.5-1.1.x86_64"
}
},
{
"category": "product_version",
"name": "openssl-3-3.1.4-6.1.x86_64",
"product": {
"name": "openssl-3-3.1.4-6.1.x86_64",
"product_id": "openssl-3-3.1.4-6.1.x86_64"
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_name",
"name": "SUSE Linux Micro 6.0",
"product": {
"name": "SUSE Linux Micro 6.0",
"product_id": "SUSE Linux Micro 6.0",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sl-micro:6.0"
}
}
}
],
"category": "product_family",
"name": "SUSE Linux Enterprise"
}
],
"category": "vendor",
"name": "SUSE"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "jitterentropy-devel-3.4.1-3.1.aarch64 as component of SUSE Linux Micro 6.0",
"product_id": "SUSE Linux Micro 6.0:jitterentropy-devel-3.4.1-3.1.aarch64"
},
"product_reference": "jitterentropy-devel-3.4.1-3.1.aarch64",
"relates_to_product_reference": "SUSE Linux Micro 6.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jitterentropy-devel-3.4.1-3.1.s390x as component of SUSE Linux Micro 6.0",
"product_id": "SUSE Linux Micro 6.0:jitterentropy-devel-3.4.1-3.1.s390x"
},
"product_reference": "jitterentropy-devel-3.4.1-3.1.s390x",
"relates_to_product_reference": "SUSE Linux Micro 6.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jitterentropy-devel-3.4.1-3.1.x86_64 as component of SUSE Linux Micro 6.0",
"product_id": "SUSE Linux Micro 6.0:jitterentropy-devel-3.4.1-3.1.x86_64"
},
"product_reference": "jitterentropy-devel-3.4.1-3.1.x86_64",
"relates_to_product_reference": "SUSE Linux Micro 6.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libjitterentropy3-3.4.1-3.1.aarch64 as component of SUSE Linux Micro 6.0",
"product_id": "SUSE Linux Micro 6.0:libjitterentropy3-3.4.1-3.1.aarch64"
},
"product_reference": "libjitterentropy3-3.4.1-3.1.aarch64",
"relates_to_product_reference": "SUSE Linux Micro 6.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libjitterentropy3-3.4.1-3.1.s390x as component of SUSE Linux Micro 6.0",
"product_id": "SUSE Linux Micro 6.0:libjitterentropy3-3.4.1-3.1.s390x"
},
"product_reference": "libjitterentropy3-3.4.1-3.1.s390x",
"relates_to_product_reference": "SUSE Linux Micro 6.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libjitterentropy3-3.4.1-3.1.x86_64 as component of SUSE Linux Micro 6.0",
"product_id": "SUSE Linux Micro 6.0:libjitterentropy3-3.4.1-3.1.x86_64"
},
"product_reference": "libjitterentropy3-3.4.1-3.1.x86_64",
"relates_to_product_reference": "SUSE Linux Micro 6.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libopenssl-3-devel-3.1.4-6.1.aarch64 as component of SUSE Linux Micro 6.0",
"product_id": "SUSE Linux Micro 6.0:libopenssl-3-devel-3.1.4-6.1.aarch64"
},
"product_reference": "libopenssl-3-devel-3.1.4-6.1.aarch64",
"relates_to_product_reference": "SUSE Linux Micro 6.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libopenssl-3-devel-3.1.4-6.1.s390x as component of SUSE Linux Micro 6.0",
"product_id": "SUSE Linux Micro 6.0:libopenssl-3-devel-3.1.4-6.1.s390x"
},
"product_reference": "libopenssl-3-devel-3.1.4-6.1.s390x",
"relates_to_product_reference": "SUSE Linux Micro 6.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libopenssl-3-devel-3.1.4-6.1.x86_64 as component of SUSE Linux Micro 6.0",
"product_id": "SUSE Linux Micro 6.0:libopenssl-3-devel-3.1.4-6.1.x86_64"
},
"product_reference": "libopenssl-3-devel-3.1.4-6.1.x86_64",
"relates_to_product_reference": "SUSE Linux Micro 6.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libopenssl-3-fips-provider-3.1.4-6.1.aarch64 as component of SUSE Linux Micro 6.0",
"product_id": "SUSE Linux Micro 6.0:libopenssl-3-fips-provider-3.1.4-6.1.aarch64"
},
"product_reference": "libopenssl-3-fips-provider-3.1.4-6.1.aarch64",
"relates_to_product_reference": "SUSE Linux Micro 6.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libopenssl-3-fips-provider-3.1.4-6.1.s390x as component of SUSE Linux Micro 6.0",
"product_id": "SUSE Linux Micro 6.0:libopenssl-3-fips-provider-3.1.4-6.1.s390x"
},
"product_reference": "libopenssl-3-fips-provider-3.1.4-6.1.s390x",
"relates_to_product_reference": "SUSE Linux Micro 6.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libopenssl-3-fips-provider-3.1.4-6.1.x86_64 as component of SUSE Linux Micro 6.0",
"product_id": "SUSE Linux Micro 6.0:libopenssl-3-fips-provider-3.1.4-6.1.x86_64"
},
"product_reference": "libopenssl-3-fips-provider-3.1.4-6.1.x86_64",
"relates_to_product_reference": "SUSE Linux Micro 6.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libopenssl3-3.1.4-6.1.aarch64 as component of SUSE Linux Micro 6.0",
"product_id": "SUSE Linux Micro 6.0:libopenssl3-3.1.4-6.1.aarch64"
},
"product_reference": "libopenssl3-3.1.4-6.1.aarch64",
"relates_to_product_reference": "SUSE Linux Micro 6.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libopenssl3-3.1.4-6.1.s390x as component of SUSE Linux Micro 6.0",
"product_id": "SUSE Linux Micro 6.0:libopenssl3-3.1.4-6.1.s390x"
},
"product_reference": "libopenssl3-3.1.4-6.1.s390x",
"relates_to_product_reference": "SUSE Linux Micro 6.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libopenssl3-3.1.4-6.1.x86_64 as component of SUSE Linux Micro 6.0",
"product_id": "SUSE Linux Micro 6.0:libopenssl3-3.1.4-6.1.x86_64"
},
"product_reference": "libopenssl3-3.1.4-6.1.x86_64",
"relates_to_product_reference": "SUSE Linux Micro 6.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libpulp-tools-0.3.5-1.1.x86_64 as component of SUSE Linux Micro 6.0",
"product_id": "SUSE Linux Micro 6.0:libpulp-tools-0.3.5-1.1.x86_64"
},
"product_reference": "libpulp-tools-0.3.5-1.1.x86_64",
"relates_to_product_reference": "SUSE Linux Micro 6.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libpulp0-0.3.5-1.1.x86_64 as component of SUSE Linux Micro 6.0",
"product_id": "SUSE Linux Micro 6.0:libpulp0-0.3.5-1.1.x86_64"
},
"product_reference": "libpulp0-0.3.5-1.1.x86_64",
"relates_to_product_reference": "SUSE Linux Micro 6.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-3-3.1.4-6.1.aarch64 as component of SUSE Linux Micro 6.0",
"product_id": "SUSE Linux Micro 6.0:openssl-3-3.1.4-6.1.aarch64"
},
"product_reference": "openssl-3-3.1.4-6.1.aarch64",
"relates_to_product_reference": "SUSE Linux Micro 6.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-3-3.1.4-6.1.s390x as component of SUSE Linux Micro 6.0",
"product_id": "SUSE Linux Micro 6.0:openssl-3-3.1.4-6.1.s390x"
},
"product_reference": "openssl-3-3.1.4-6.1.s390x",
"relates_to_product_reference": "SUSE Linux Micro 6.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-3-3.1.4-6.1.x86_64 as component of SUSE Linux Micro 6.0",
"product_id": "SUSE Linux Micro 6.0:openssl-3-3.1.4-6.1.x86_64"
},
"product_reference": "openssl-3-3.1.4-6.1.x86_64",
"relates_to_product_reference": "SUSE Linux Micro 6.0"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2024-2511",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-2511"
}
],
"notes": [
{
"category": "general",
"text": "Issue summary: Some non-default TLS server configurations can cause unbounded\nmemory growth when processing TLSv1.3 sessions\n\nImpact summary: An attacker may exploit certain server configurations to trigger\nunbounded memory growth that would lead to a Denial of Service\n\nThis problem can occur in TLSv1.3 if the non-default SSL_OP_NO_TICKET option is\nbeing used (but not if early_data support is also configured and the default\nanti-replay protection is in use). In this case, under certain conditions, the\nsession cache can get into an incorrect state and it will fail to flush properly\nas it fills. The session cache will continue to grow in an unbounded manner. A\nmalicious client could deliberately create the scenario for this failure to\nforce a Denial of Service. It may also happen by accident in normal operation.\n\nThis issue only affects TLS servers supporting TLSv1.3. It does not affect TLS\nclients.\n\nThe FIPS modules in 3.2, 3.1 and 3.0 are not affected by this issue. OpenSSL\n1.0.2 is also not affected by this issue.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:jitterentropy-devel-3.4.1-3.1.aarch64",
"SUSE Linux Micro 6.0:jitterentropy-devel-3.4.1-3.1.s390x",
"SUSE Linux Micro 6.0:jitterentropy-devel-3.4.1-3.1.x86_64",
"SUSE Linux Micro 6.0:libjitterentropy3-3.4.1-3.1.aarch64",
"SUSE Linux Micro 6.0:libjitterentropy3-3.4.1-3.1.s390x",
"SUSE Linux Micro 6.0:libjitterentropy3-3.4.1-3.1.x86_64",
"SUSE Linux Micro 6.0:libopenssl-3-devel-3.1.4-6.1.aarch64",
"SUSE Linux Micro 6.0:libopenssl-3-devel-3.1.4-6.1.s390x",
"SUSE Linux Micro 6.0:libopenssl-3-devel-3.1.4-6.1.x86_64",
"SUSE Linux Micro 6.0:libopenssl-3-fips-provider-3.1.4-6.1.aarch64",
"SUSE Linux Micro 6.0:libopenssl-3-fips-provider-3.1.4-6.1.s390x",
"SUSE Linux Micro 6.0:libopenssl-3-fips-provider-3.1.4-6.1.x86_64",
"SUSE Linux Micro 6.0:libopenssl3-3.1.4-6.1.aarch64",
"SUSE Linux Micro 6.0:libopenssl3-3.1.4-6.1.s390x",
"SUSE Linux Micro 6.0:libopenssl3-3.1.4-6.1.x86_64",
"SUSE Linux Micro 6.0:libpulp-tools-0.3.5-1.1.x86_64",
"SUSE Linux Micro 6.0:libpulp0-0.3.5-1.1.x86_64",
"SUSE Linux Micro 6.0:openssl-3-3.1.4-6.1.aarch64",
"SUSE Linux Micro 6.0:openssl-3-3.1.4-6.1.s390x",
"SUSE Linux Micro 6.0:openssl-3-3.1.4-6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-2511",
"url": "https://www.suse.com/security/cve/CVE-2024-2511"
},
{
"category": "external",
"summary": "SUSE Bug 1222548 for CVE-2024-2511",
"url": "https://bugzilla.suse.com/1222548"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:jitterentropy-devel-3.4.1-3.1.aarch64",
"SUSE Linux Micro 6.0:jitterentropy-devel-3.4.1-3.1.s390x",
"SUSE Linux Micro 6.0:jitterentropy-devel-3.4.1-3.1.x86_64",
"SUSE Linux Micro 6.0:libjitterentropy3-3.4.1-3.1.aarch64",
"SUSE Linux Micro 6.0:libjitterentropy3-3.4.1-3.1.s390x",
"SUSE Linux Micro 6.0:libjitterentropy3-3.4.1-3.1.x86_64",
"SUSE Linux Micro 6.0:libopenssl-3-devel-3.1.4-6.1.aarch64",
"SUSE Linux Micro 6.0:libopenssl-3-devel-3.1.4-6.1.s390x",
"SUSE Linux Micro 6.0:libopenssl-3-devel-3.1.4-6.1.x86_64",
"SUSE Linux Micro 6.0:libopenssl-3-fips-provider-3.1.4-6.1.aarch64",
"SUSE Linux Micro 6.0:libopenssl-3-fips-provider-3.1.4-6.1.s390x",
"SUSE Linux Micro 6.0:libopenssl-3-fips-provider-3.1.4-6.1.x86_64",
"SUSE Linux Micro 6.0:libopenssl3-3.1.4-6.1.aarch64",
"SUSE Linux Micro 6.0:libopenssl3-3.1.4-6.1.s390x",
"SUSE Linux Micro 6.0:libopenssl3-3.1.4-6.1.x86_64",
"SUSE Linux Micro 6.0:libpulp-tools-0.3.5-1.1.x86_64",
"SUSE Linux Micro 6.0:libpulp0-0.3.5-1.1.x86_64",
"SUSE Linux Micro 6.0:openssl-3-3.1.4-6.1.aarch64",
"SUSE Linux Micro 6.0:openssl-3-3.1.4-6.1.s390x",
"SUSE Linux Micro 6.0:openssl-3-3.1.4-6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:jitterentropy-devel-3.4.1-3.1.aarch64",
"SUSE Linux Micro 6.0:jitterentropy-devel-3.4.1-3.1.s390x",
"SUSE Linux Micro 6.0:jitterentropy-devel-3.4.1-3.1.x86_64",
"SUSE Linux Micro 6.0:libjitterentropy3-3.4.1-3.1.aarch64",
"SUSE Linux Micro 6.0:libjitterentropy3-3.4.1-3.1.s390x",
"SUSE Linux Micro 6.0:libjitterentropy3-3.4.1-3.1.x86_64",
"SUSE Linux Micro 6.0:libopenssl-3-devel-3.1.4-6.1.aarch64",
"SUSE Linux Micro 6.0:libopenssl-3-devel-3.1.4-6.1.s390x",
"SUSE Linux Micro 6.0:libopenssl-3-devel-3.1.4-6.1.x86_64",
"SUSE Linux Micro 6.0:libopenssl-3-fips-provider-3.1.4-6.1.aarch64",
"SUSE Linux Micro 6.0:libopenssl-3-fips-provider-3.1.4-6.1.s390x",
"SUSE Linux Micro 6.0:libopenssl-3-fips-provider-3.1.4-6.1.x86_64",
"SUSE Linux Micro 6.0:libopenssl3-3.1.4-6.1.aarch64",
"SUSE Linux Micro 6.0:libopenssl3-3.1.4-6.1.s390x",
"SUSE Linux Micro 6.0:libopenssl3-3.1.4-6.1.x86_64",
"SUSE Linux Micro 6.0:libpulp-tools-0.3.5-1.1.x86_64",
"SUSE Linux Micro 6.0:libpulp0-0.3.5-1.1.x86_64",
"SUSE Linux Micro 6.0:openssl-3-3.1.4-6.1.aarch64",
"SUSE Linux Micro 6.0:openssl-3-3.1.4-6.1.s390x",
"SUSE Linux Micro 6.0:openssl-3-3.1.4-6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-02-03T08:48:16Z",
"details": "moderate"
}
],
"title": "CVE-2024-2511"
},
{
"cve": "CVE-2024-4603",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-4603"
}
],
"notes": [
{
"category": "general",
"text": "Issue summary: Checking excessively long DSA keys or parameters may be very\nslow.\n\nImpact summary: Applications that use the functions EVP_PKEY_param_check()\nor EVP_PKEY_public_check() to check a DSA public key or DSA parameters may\nexperience long delays. Where the key or parameters that are being checked\nhave been obtained from an untrusted source this may lead to a Denial of\nService.\n\nThe functions EVP_PKEY_param_check() or EVP_PKEY_public_check() perform\nvarious checks on DSA parameters. Some of those computations take a long time\nif the modulus (`p` parameter) is too large.\n\nTrying to use a very large modulus is slow and OpenSSL will not allow using\npublic keys with a modulus which is over 10,000 bits in length for signature\nverification. However the key and parameter check functions do not limit\nthe modulus size when performing the checks.\n\nAn application that calls EVP_PKEY_param_check() or EVP_PKEY_public_check()\nand supplies a key or parameters obtained from an untrusted source could be\nvulnerable to a Denial of Service attack.\n\nThese functions are not called by OpenSSL itself on untrusted DSA keys so\nonly applications that directly call these functions may be vulnerable.\n\nAlso vulnerable are the OpenSSL pkey and pkeyparam command line applications\nwhen using the `-check` option.\n\nThe OpenSSL SSL/TLS implementation is not affected by this issue.\n\nThe OpenSSL 3.0 and 3.1 FIPS providers are affected by this issue.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:jitterentropy-devel-3.4.1-3.1.aarch64",
"SUSE Linux Micro 6.0:jitterentropy-devel-3.4.1-3.1.s390x",
"SUSE Linux Micro 6.0:jitterentropy-devel-3.4.1-3.1.x86_64",
"SUSE Linux Micro 6.0:libjitterentropy3-3.4.1-3.1.aarch64",
"SUSE Linux Micro 6.0:libjitterentropy3-3.4.1-3.1.s390x",
"SUSE Linux Micro 6.0:libjitterentropy3-3.4.1-3.1.x86_64",
"SUSE Linux Micro 6.0:libopenssl-3-devel-3.1.4-6.1.aarch64",
"SUSE Linux Micro 6.0:libopenssl-3-devel-3.1.4-6.1.s390x",
"SUSE Linux Micro 6.0:libopenssl-3-devel-3.1.4-6.1.x86_64",
"SUSE Linux Micro 6.0:libopenssl-3-fips-provider-3.1.4-6.1.aarch64",
"SUSE Linux Micro 6.0:libopenssl-3-fips-provider-3.1.4-6.1.s390x",
"SUSE Linux Micro 6.0:libopenssl-3-fips-provider-3.1.4-6.1.x86_64",
"SUSE Linux Micro 6.0:libopenssl3-3.1.4-6.1.aarch64",
"SUSE Linux Micro 6.0:libopenssl3-3.1.4-6.1.s390x",
"SUSE Linux Micro 6.0:libopenssl3-3.1.4-6.1.x86_64",
"SUSE Linux Micro 6.0:libpulp-tools-0.3.5-1.1.x86_64",
"SUSE Linux Micro 6.0:libpulp0-0.3.5-1.1.x86_64",
"SUSE Linux Micro 6.0:openssl-3-3.1.4-6.1.aarch64",
"SUSE Linux Micro 6.0:openssl-3-3.1.4-6.1.s390x",
"SUSE Linux Micro 6.0:openssl-3-3.1.4-6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-4603",
"url": "https://www.suse.com/security/cve/CVE-2024-4603"
},
{
"category": "external",
"summary": "SUSE Bug 1224388 for CVE-2024-4603",
"url": "https://bugzilla.suse.com/1224388"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:jitterentropy-devel-3.4.1-3.1.aarch64",
"SUSE Linux Micro 6.0:jitterentropy-devel-3.4.1-3.1.s390x",
"SUSE Linux Micro 6.0:jitterentropy-devel-3.4.1-3.1.x86_64",
"SUSE Linux Micro 6.0:libjitterentropy3-3.4.1-3.1.aarch64",
"SUSE Linux Micro 6.0:libjitterentropy3-3.4.1-3.1.s390x",
"SUSE Linux Micro 6.0:libjitterentropy3-3.4.1-3.1.x86_64",
"SUSE Linux Micro 6.0:libopenssl-3-devel-3.1.4-6.1.aarch64",
"SUSE Linux Micro 6.0:libopenssl-3-devel-3.1.4-6.1.s390x",
"SUSE Linux Micro 6.0:libopenssl-3-devel-3.1.4-6.1.x86_64",
"SUSE Linux Micro 6.0:libopenssl-3-fips-provider-3.1.4-6.1.aarch64",
"SUSE Linux Micro 6.0:libopenssl-3-fips-provider-3.1.4-6.1.s390x",
"SUSE Linux Micro 6.0:libopenssl-3-fips-provider-3.1.4-6.1.x86_64",
"SUSE Linux Micro 6.0:libopenssl3-3.1.4-6.1.aarch64",
"SUSE Linux Micro 6.0:libopenssl3-3.1.4-6.1.s390x",
"SUSE Linux Micro 6.0:libopenssl3-3.1.4-6.1.x86_64",
"SUSE Linux Micro 6.0:libpulp-tools-0.3.5-1.1.x86_64",
"SUSE Linux Micro 6.0:libpulp0-0.3.5-1.1.x86_64",
"SUSE Linux Micro 6.0:openssl-3-3.1.4-6.1.aarch64",
"SUSE Linux Micro 6.0:openssl-3-3.1.4-6.1.s390x",
"SUSE Linux Micro 6.0:openssl-3-3.1.4-6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:jitterentropy-devel-3.4.1-3.1.aarch64",
"SUSE Linux Micro 6.0:jitterentropy-devel-3.4.1-3.1.s390x",
"SUSE Linux Micro 6.0:jitterentropy-devel-3.4.1-3.1.x86_64",
"SUSE Linux Micro 6.0:libjitterentropy3-3.4.1-3.1.aarch64",
"SUSE Linux Micro 6.0:libjitterentropy3-3.4.1-3.1.s390x",
"SUSE Linux Micro 6.0:libjitterentropy3-3.4.1-3.1.x86_64",
"SUSE Linux Micro 6.0:libopenssl-3-devel-3.1.4-6.1.aarch64",
"SUSE Linux Micro 6.0:libopenssl-3-devel-3.1.4-6.1.s390x",
"SUSE Linux Micro 6.0:libopenssl-3-devel-3.1.4-6.1.x86_64",
"SUSE Linux Micro 6.0:libopenssl-3-fips-provider-3.1.4-6.1.aarch64",
"SUSE Linux Micro 6.0:libopenssl-3-fips-provider-3.1.4-6.1.s390x",
"SUSE Linux Micro 6.0:libopenssl-3-fips-provider-3.1.4-6.1.x86_64",
"SUSE Linux Micro 6.0:libopenssl3-3.1.4-6.1.aarch64",
"SUSE Linux Micro 6.0:libopenssl3-3.1.4-6.1.s390x",
"SUSE Linux Micro 6.0:libopenssl3-3.1.4-6.1.x86_64",
"SUSE Linux Micro 6.0:libpulp-tools-0.3.5-1.1.x86_64",
"SUSE Linux Micro 6.0:libpulp0-0.3.5-1.1.x86_64",
"SUSE Linux Micro 6.0:openssl-3-3.1.4-6.1.aarch64",
"SUSE Linux Micro 6.0:openssl-3-3.1.4-6.1.s390x",
"SUSE Linux Micro 6.0:openssl-3-3.1.4-6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-02-03T08:48:16Z",
"details": "moderate"
}
],
"title": "CVE-2024-4603"
},
{
"cve": "CVE-2024-4741",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-4741"
}
],
"notes": [
{
"category": "general",
"text": "Issue summary: Calling the OpenSSL API function SSL_free_buffers may cause\nmemory to be accessed that was previously freed in some situations\n\nImpact summary: A use after free can have a range of potential consequences such\nas the corruption of valid data, crashes or execution of arbitrary code.\nHowever, only applications that directly call the SSL_free_buffers function are\naffected by this issue. Applications that do not call this function are not\nvulnerable. Our investigations indicate that this function is rarely used by\napplications.\n\nThe SSL_free_buffers function is used to free the internal OpenSSL buffer used\nwhen processing an incoming record from the network. The call is only expected\nto succeed if the buffer is not currently in use. However, two scenarios have\nbeen identified where the buffer is freed even when still in use.\n\nThe first scenario occurs where a record header has been received from the\nnetwork and processed by OpenSSL, but the full record body has not yet arrived.\nIn this case calling SSL_free_buffers will succeed even though a record has only\nbeen partially processed and the buffer is still in use.\n\nThe second scenario occurs where a full record containing application data has\nbeen received and processed by OpenSSL but the application has only read part of\nthis data. Again a call to SSL_free_buffers will succeed even though the buffer\nis still in use.\n\nWhile these scenarios could occur accidentally during normal operation a\nmalicious attacker could attempt to engineer a stituation where this occurs.\nWe are not aware of this issue being actively exploited.\n\nThe FIPS modules in 3.3, 3.2, 3.1 and 3.0 are not affected by this issue.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:jitterentropy-devel-3.4.1-3.1.aarch64",
"SUSE Linux Micro 6.0:jitterentropy-devel-3.4.1-3.1.s390x",
"SUSE Linux Micro 6.0:jitterentropy-devel-3.4.1-3.1.x86_64",
"SUSE Linux Micro 6.0:libjitterentropy3-3.4.1-3.1.aarch64",
"SUSE Linux Micro 6.0:libjitterentropy3-3.4.1-3.1.s390x",
"SUSE Linux Micro 6.0:libjitterentropy3-3.4.1-3.1.x86_64",
"SUSE Linux Micro 6.0:libopenssl-3-devel-3.1.4-6.1.aarch64",
"SUSE Linux Micro 6.0:libopenssl-3-devel-3.1.4-6.1.s390x",
"SUSE Linux Micro 6.0:libopenssl-3-devel-3.1.4-6.1.x86_64",
"SUSE Linux Micro 6.0:libopenssl-3-fips-provider-3.1.4-6.1.aarch64",
"SUSE Linux Micro 6.0:libopenssl-3-fips-provider-3.1.4-6.1.s390x",
"SUSE Linux Micro 6.0:libopenssl-3-fips-provider-3.1.4-6.1.x86_64",
"SUSE Linux Micro 6.0:libopenssl3-3.1.4-6.1.aarch64",
"SUSE Linux Micro 6.0:libopenssl3-3.1.4-6.1.s390x",
"SUSE Linux Micro 6.0:libopenssl3-3.1.4-6.1.x86_64",
"SUSE Linux Micro 6.0:libpulp-tools-0.3.5-1.1.x86_64",
"SUSE Linux Micro 6.0:libpulp0-0.3.5-1.1.x86_64",
"SUSE Linux Micro 6.0:openssl-3-3.1.4-6.1.aarch64",
"SUSE Linux Micro 6.0:openssl-3-3.1.4-6.1.s390x",
"SUSE Linux Micro 6.0:openssl-3-3.1.4-6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-4741",
"url": "https://www.suse.com/security/cve/CVE-2024-4741"
},
{
"category": "external",
"summary": "SUSE Bug 1225551 for CVE-2024-4741",
"url": "https://bugzilla.suse.com/1225551"
},
{
"category": "external",
"summary": "SUSE Bug 1225552 for CVE-2024-4741",
"url": "https://bugzilla.suse.com/1225552"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:jitterentropy-devel-3.4.1-3.1.aarch64",
"SUSE Linux Micro 6.0:jitterentropy-devel-3.4.1-3.1.s390x",
"SUSE Linux Micro 6.0:jitterentropy-devel-3.4.1-3.1.x86_64",
"SUSE Linux Micro 6.0:libjitterentropy3-3.4.1-3.1.aarch64",
"SUSE Linux Micro 6.0:libjitterentropy3-3.4.1-3.1.s390x",
"SUSE Linux Micro 6.0:libjitterentropy3-3.4.1-3.1.x86_64",
"SUSE Linux Micro 6.0:libopenssl-3-devel-3.1.4-6.1.aarch64",
"SUSE Linux Micro 6.0:libopenssl-3-devel-3.1.4-6.1.s390x",
"SUSE Linux Micro 6.0:libopenssl-3-devel-3.1.4-6.1.x86_64",
"SUSE Linux Micro 6.0:libopenssl-3-fips-provider-3.1.4-6.1.aarch64",
"SUSE Linux Micro 6.0:libopenssl-3-fips-provider-3.1.4-6.1.s390x",
"SUSE Linux Micro 6.0:libopenssl-3-fips-provider-3.1.4-6.1.x86_64",
"SUSE Linux Micro 6.0:libopenssl3-3.1.4-6.1.aarch64",
"SUSE Linux Micro 6.0:libopenssl3-3.1.4-6.1.s390x",
"SUSE Linux Micro 6.0:libopenssl3-3.1.4-6.1.x86_64",
"SUSE Linux Micro 6.0:libpulp-tools-0.3.5-1.1.x86_64",
"SUSE Linux Micro 6.0:libpulp0-0.3.5-1.1.x86_64",
"SUSE Linux Micro 6.0:openssl-3-3.1.4-6.1.aarch64",
"SUSE Linux Micro 6.0:openssl-3-3.1.4-6.1.s390x",
"SUSE Linux Micro 6.0:openssl-3-3.1.4-6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.1,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:jitterentropy-devel-3.4.1-3.1.aarch64",
"SUSE Linux Micro 6.0:jitterentropy-devel-3.4.1-3.1.s390x",
"SUSE Linux Micro 6.0:jitterentropy-devel-3.4.1-3.1.x86_64",
"SUSE Linux Micro 6.0:libjitterentropy3-3.4.1-3.1.aarch64",
"SUSE Linux Micro 6.0:libjitterentropy3-3.4.1-3.1.s390x",
"SUSE Linux Micro 6.0:libjitterentropy3-3.4.1-3.1.x86_64",
"SUSE Linux Micro 6.0:libopenssl-3-devel-3.1.4-6.1.aarch64",
"SUSE Linux Micro 6.0:libopenssl-3-devel-3.1.4-6.1.s390x",
"SUSE Linux Micro 6.0:libopenssl-3-devel-3.1.4-6.1.x86_64",
"SUSE Linux Micro 6.0:libopenssl-3-fips-provider-3.1.4-6.1.aarch64",
"SUSE Linux Micro 6.0:libopenssl-3-fips-provider-3.1.4-6.1.s390x",
"SUSE Linux Micro 6.0:libopenssl-3-fips-provider-3.1.4-6.1.x86_64",
"SUSE Linux Micro 6.0:libopenssl3-3.1.4-6.1.aarch64",
"SUSE Linux Micro 6.0:libopenssl3-3.1.4-6.1.s390x",
"SUSE Linux Micro 6.0:libopenssl3-3.1.4-6.1.x86_64",
"SUSE Linux Micro 6.0:libpulp-tools-0.3.5-1.1.x86_64",
"SUSE Linux Micro 6.0:libpulp0-0.3.5-1.1.x86_64",
"SUSE Linux Micro 6.0:openssl-3-3.1.4-6.1.aarch64",
"SUSE Linux Micro 6.0:openssl-3-3.1.4-6.1.s390x",
"SUSE Linux Micro 6.0:openssl-3-3.1.4-6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-02-03T08:48:16Z",
"details": "important"
}
],
"title": "CVE-2024-4741"
},
{
"cve": "CVE-2024-5535",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-5535"
}
],
"notes": [
{
"category": "general",
"text": "Issue summary: Calling the OpenSSL API function SSL_select_next_proto with an\nempty supported client protocols buffer may cause a crash or memory contents to\nbe sent to the peer.\n\nImpact summary: A buffer overread can have a range of potential consequences\nsuch as unexpected application beahviour or a crash. In particular this issue\ncould result in up to 255 bytes of arbitrary private data from memory being sent\nto the peer leading to a loss of confidentiality. However, only applications\nthat directly call the SSL_select_next_proto function with a 0 length list of\nsupported client protocols are affected by this issue. This would normally never\nbe a valid scenario and is typically not under attacker control but may occur by\naccident in the case of a configuration or programming error in the calling\napplication.\n\nThe OpenSSL API function SSL_select_next_proto is typically used by TLS\napplications that support ALPN (Application Layer Protocol Negotiation) or NPN\n(Next Protocol Negotiation). NPN is older, was never standardised and\nis deprecated in favour of ALPN. We believe that ALPN is significantly more\nwidely deployed than NPN. The SSL_select_next_proto function accepts a list of\nprotocols from the server and a list of protocols from the client and returns\nthe first protocol that appears in the server list that also appears in the\nclient list. In the case of no overlap between the two lists it returns the\nfirst item in the client list. In either case it will signal whether an overlap\nbetween the two lists was found. In the case where SSL_select_next_proto is\ncalled with a zero length client list it fails to notice this condition and\nreturns the memory immediately following the client list pointer (and reports\nthat there was no overlap in the lists).\n\nThis function is typically called from a server side application callback for\nALPN or a client side application callback for NPN. In the case of ALPN the list\nof protocols supplied by the client is guaranteed by libssl to never be zero in\nlength. The list of server protocols comes from the application and should never\nnormally be expected to be of zero length. In this case if the\nSSL_select_next_proto function has been called as expected (with the list\nsupplied by the client passed in the client/client_len parameters), then the\napplication will not be vulnerable to this issue. If the application has\naccidentally been configured with a zero length server list, and has\naccidentally passed that zero length server list in the client/client_len\nparameters, and has additionally failed to correctly handle a \"no overlap\"\nresponse (which would normally result in a handshake failure in ALPN) then it\nwill be vulnerable to this problem.\n\nIn the case of NPN, the protocol permits the client to opportunistically select\na protocol when there is no overlap. OpenSSL returns the first client protocol\nin the no overlap case in support of this. The list of client protocols comes\nfrom the application and should never normally be expected to be of zero length.\nHowever if the SSL_select_next_proto function is accidentally called with a\nclient_len of 0 then an invalid memory pointer will be returned instead. If the\napplication uses this output as the opportunistic protocol then the loss of\nconfidentiality will occur.\n\nThis issue has been assessed as Low severity because applications are most\nlikely to be vulnerable if they are using NPN instead of ALPN - but NPN is not\nwidely used. It also requires an application configuration or programming error.\nFinally, this issue would not typically be under attacker control making active\nexploitation unlikely.\n\nThe FIPS modules in 3.3, 3.2, 3.1 and 3.0 are not affected by this issue.\n\nDue to the low severity of this issue we are not issuing new releases of\nOpenSSL at this time. The fix will be included in the next releases when they\nbecome available.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:jitterentropy-devel-3.4.1-3.1.aarch64",
"SUSE Linux Micro 6.0:jitterentropy-devel-3.4.1-3.1.s390x",
"SUSE Linux Micro 6.0:jitterentropy-devel-3.4.1-3.1.x86_64",
"SUSE Linux Micro 6.0:libjitterentropy3-3.4.1-3.1.aarch64",
"SUSE Linux Micro 6.0:libjitterentropy3-3.4.1-3.1.s390x",
"SUSE Linux Micro 6.0:libjitterentropy3-3.4.1-3.1.x86_64",
"SUSE Linux Micro 6.0:libopenssl-3-devel-3.1.4-6.1.aarch64",
"SUSE Linux Micro 6.0:libopenssl-3-devel-3.1.4-6.1.s390x",
"SUSE Linux Micro 6.0:libopenssl-3-devel-3.1.4-6.1.x86_64",
"SUSE Linux Micro 6.0:libopenssl-3-fips-provider-3.1.4-6.1.aarch64",
"SUSE Linux Micro 6.0:libopenssl-3-fips-provider-3.1.4-6.1.s390x",
"SUSE Linux Micro 6.0:libopenssl-3-fips-provider-3.1.4-6.1.x86_64",
"SUSE Linux Micro 6.0:libopenssl3-3.1.4-6.1.aarch64",
"SUSE Linux Micro 6.0:libopenssl3-3.1.4-6.1.s390x",
"SUSE Linux Micro 6.0:libopenssl3-3.1.4-6.1.x86_64",
"SUSE Linux Micro 6.0:libpulp-tools-0.3.5-1.1.x86_64",
"SUSE Linux Micro 6.0:libpulp0-0.3.5-1.1.x86_64",
"SUSE Linux Micro 6.0:openssl-3-3.1.4-6.1.aarch64",
"SUSE Linux Micro 6.0:openssl-3-3.1.4-6.1.s390x",
"SUSE Linux Micro 6.0:openssl-3-3.1.4-6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-5535",
"url": "https://www.suse.com/security/cve/CVE-2024-5535"
},
{
"category": "external",
"summary": "SUSE Bug 1227138 for CVE-2024-5535",
"url": "https://bugzilla.suse.com/1227138"
},
{
"category": "external",
"summary": "SUSE Bug 1227147 for CVE-2024-5535",
"url": "https://bugzilla.suse.com/1227147"
},
{
"category": "external",
"summary": "SUSE Bug 1227233 for CVE-2024-5535",
"url": "https://bugzilla.suse.com/1227233"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:jitterentropy-devel-3.4.1-3.1.aarch64",
"SUSE Linux Micro 6.0:jitterentropy-devel-3.4.1-3.1.s390x",
"SUSE Linux Micro 6.0:jitterentropy-devel-3.4.1-3.1.x86_64",
"SUSE Linux Micro 6.0:libjitterentropy3-3.4.1-3.1.aarch64",
"SUSE Linux Micro 6.0:libjitterentropy3-3.4.1-3.1.s390x",
"SUSE Linux Micro 6.0:libjitterentropy3-3.4.1-3.1.x86_64",
"SUSE Linux Micro 6.0:libopenssl-3-devel-3.1.4-6.1.aarch64",
"SUSE Linux Micro 6.0:libopenssl-3-devel-3.1.4-6.1.s390x",
"SUSE Linux Micro 6.0:libopenssl-3-devel-3.1.4-6.1.x86_64",
"SUSE Linux Micro 6.0:libopenssl-3-fips-provider-3.1.4-6.1.aarch64",
"SUSE Linux Micro 6.0:libopenssl-3-fips-provider-3.1.4-6.1.s390x",
"SUSE Linux Micro 6.0:libopenssl-3-fips-provider-3.1.4-6.1.x86_64",
"SUSE Linux Micro 6.0:libopenssl3-3.1.4-6.1.aarch64",
"SUSE Linux Micro 6.0:libopenssl3-3.1.4-6.1.s390x",
"SUSE Linux Micro 6.0:libopenssl3-3.1.4-6.1.x86_64",
"SUSE Linux Micro 6.0:libpulp-tools-0.3.5-1.1.x86_64",
"SUSE Linux Micro 6.0:libpulp0-0.3.5-1.1.x86_64",
"SUSE Linux Micro 6.0:openssl-3-3.1.4-6.1.aarch64",
"SUSE Linux Micro 6.0:openssl-3-3.1.4-6.1.s390x",
"SUSE Linux Micro 6.0:openssl-3-3.1.4-6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:jitterentropy-devel-3.4.1-3.1.aarch64",
"SUSE Linux Micro 6.0:jitterentropy-devel-3.4.1-3.1.s390x",
"SUSE Linux Micro 6.0:jitterentropy-devel-3.4.1-3.1.x86_64",
"SUSE Linux Micro 6.0:libjitterentropy3-3.4.1-3.1.aarch64",
"SUSE Linux Micro 6.0:libjitterentropy3-3.4.1-3.1.s390x",
"SUSE Linux Micro 6.0:libjitterentropy3-3.4.1-3.1.x86_64",
"SUSE Linux Micro 6.0:libopenssl-3-devel-3.1.4-6.1.aarch64",
"SUSE Linux Micro 6.0:libopenssl-3-devel-3.1.4-6.1.s390x",
"SUSE Linux Micro 6.0:libopenssl-3-devel-3.1.4-6.1.x86_64",
"SUSE Linux Micro 6.0:libopenssl-3-fips-provider-3.1.4-6.1.aarch64",
"SUSE Linux Micro 6.0:libopenssl-3-fips-provider-3.1.4-6.1.s390x",
"SUSE Linux Micro 6.0:libopenssl-3-fips-provider-3.1.4-6.1.x86_64",
"SUSE Linux Micro 6.0:libopenssl3-3.1.4-6.1.aarch64",
"SUSE Linux Micro 6.0:libopenssl3-3.1.4-6.1.s390x",
"SUSE Linux Micro 6.0:libopenssl3-3.1.4-6.1.x86_64",
"SUSE Linux Micro 6.0:libpulp-tools-0.3.5-1.1.x86_64",
"SUSE Linux Micro 6.0:libpulp0-0.3.5-1.1.x86_64",
"SUSE Linux Micro 6.0:openssl-3-3.1.4-6.1.aarch64",
"SUSE Linux Micro 6.0:openssl-3-3.1.4-6.1.s390x",
"SUSE Linux Micro 6.0:openssl-3-3.1.4-6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-02-03T08:48:16Z",
"details": "moderate"
}
],
"title": "CVE-2024-5535"
},
{
"cve": "CVE-2024-6119",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-6119"
}
],
"notes": [
{
"category": "general",
"text": "Issue summary: Applications performing certificate name checks (e.g., TLS\nclients checking server certificates) may attempt to read an invalid memory\naddress resulting in abnormal termination of the application process.\n\nImpact summary: Abnormal termination of an application can a cause a denial of\nservice.\n\nApplications performing certificate name checks (e.g., TLS clients checking\nserver certificates) may attempt to read an invalid memory address when\ncomparing the expected name with an `otherName` subject alternative name of an\nX.509 certificate. This may result in an exception that terminates the\napplication program.\n\nNote that basic certificate chain validation (signatures, dates, ...) is not\naffected, the denial of service can occur only when the application also\nspecifies an expected DNS name, Email address or IP address.\n\nTLS servers rarely solicit client certificates, and even when they do, they\ngenerally don\u0027t perform a name check against a reference identifier (expected\nidentity), but rather extract the presented identity after checking the\ncertificate chain. So TLS servers are generally not affected and the severity\nof the issue is Moderate.\n\nThe FIPS modules in 3.3, 3.2, 3.1 and 3.0 are not affected by this issue.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:jitterentropy-devel-3.4.1-3.1.aarch64",
"SUSE Linux Micro 6.0:jitterentropy-devel-3.4.1-3.1.s390x",
"SUSE Linux Micro 6.0:jitterentropy-devel-3.4.1-3.1.x86_64",
"SUSE Linux Micro 6.0:libjitterentropy3-3.4.1-3.1.aarch64",
"SUSE Linux Micro 6.0:libjitterentropy3-3.4.1-3.1.s390x",
"SUSE Linux Micro 6.0:libjitterentropy3-3.4.1-3.1.x86_64",
"SUSE Linux Micro 6.0:libopenssl-3-devel-3.1.4-6.1.aarch64",
"SUSE Linux Micro 6.0:libopenssl-3-devel-3.1.4-6.1.s390x",
"SUSE Linux Micro 6.0:libopenssl-3-devel-3.1.4-6.1.x86_64",
"SUSE Linux Micro 6.0:libopenssl-3-fips-provider-3.1.4-6.1.aarch64",
"SUSE Linux Micro 6.0:libopenssl-3-fips-provider-3.1.4-6.1.s390x",
"SUSE Linux Micro 6.0:libopenssl-3-fips-provider-3.1.4-6.1.x86_64",
"SUSE Linux Micro 6.0:libopenssl3-3.1.4-6.1.aarch64",
"SUSE Linux Micro 6.0:libopenssl3-3.1.4-6.1.s390x",
"SUSE Linux Micro 6.0:libopenssl3-3.1.4-6.1.x86_64",
"SUSE Linux Micro 6.0:libpulp-tools-0.3.5-1.1.x86_64",
"SUSE Linux Micro 6.0:libpulp0-0.3.5-1.1.x86_64",
"SUSE Linux Micro 6.0:openssl-3-3.1.4-6.1.aarch64",
"SUSE Linux Micro 6.0:openssl-3-3.1.4-6.1.s390x",
"SUSE Linux Micro 6.0:openssl-3-3.1.4-6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-6119",
"url": "https://www.suse.com/security/cve/CVE-2024-6119"
},
{
"category": "external",
"summary": "SUSE Bug 1229465 for CVE-2024-6119",
"url": "https://bugzilla.suse.com/1229465"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:jitterentropy-devel-3.4.1-3.1.aarch64",
"SUSE Linux Micro 6.0:jitterentropy-devel-3.4.1-3.1.s390x",
"SUSE Linux Micro 6.0:jitterentropy-devel-3.4.1-3.1.x86_64",
"SUSE Linux Micro 6.0:libjitterentropy3-3.4.1-3.1.aarch64",
"SUSE Linux Micro 6.0:libjitterentropy3-3.4.1-3.1.s390x",
"SUSE Linux Micro 6.0:libjitterentropy3-3.4.1-3.1.x86_64",
"SUSE Linux Micro 6.0:libopenssl-3-devel-3.1.4-6.1.aarch64",
"SUSE Linux Micro 6.0:libopenssl-3-devel-3.1.4-6.1.s390x",
"SUSE Linux Micro 6.0:libopenssl-3-devel-3.1.4-6.1.x86_64",
"SUSE Linux Micro 6.0:libopenssl-3-fips-provider-3.1.4-6.1.aarch64",
"SUSE Linux Micro 6.0:libopenssl-3-fips-provider-3.1.4-6.1.s390x",
"SUSE Linux Micro 6.0:libopenssl-3-fips-provider-3.1.4-6.1.x86_64",
"SUSE Linux Micro 6.0:libopenssl3-3.1.4-6.1.aarch64",
"SUSE Linux Micro 6.0:libopenssl3-3.1.4-6.1.s390x",
"SUSE Linux Micro 6.0:libopenssl3-3.1.4-6.1.x86_64",
"SUSE Linux Micro 6.0:libpulp-tools-0.3.5-1.1.x86_64",
"SUSE Linux Micro 6.0:libpulp0-0.3.5-1.1.x86_64",
"SUSE Linux Micro 6.0:openssl-3-3.1.4-6.1.aarch64",
"SUSE Linux Micro 6.0:openssl-3-3.1.4-6.1.s390x",
"SUSE Linux Micro 6.0:openssl-3-3.1.4-6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:jitterentropy-devel-3.4.1-3.1.aarch64",
"SUSE Linux Micro 6.0:jitterentropy-devel-3.4.1-3.1.s390x",
"SUSE Linux Micro 6.0:jitterentropy-devel-3.4.1-3.1.x86_64",
"SUSE Linux Micro 6.0:libjitterentropy3-3.4.1-3.1.aarch64",
"SUSE Linux Micro 6.0:libjitterentropy3-3.4.1-3.1.s390x",
"SUSE Linux Micro 6.0:libjitterentropy3-3.4.1-3.1.x86_64",
"SUSE Linux Micro 6.0:libopenssl-3-devel-3.1.4-6.1.aarch64",
"SUSE Linux Micro 6.0:libopenssl-3-devel-3.1.4-6.1.s390x",
"SUSE Linux Micro 6.0:libopenssl-3-devel-3.1.4-6.1.x86_64",
"SUSE Linux Micro 6.0:libopenssl-3-fips-provider-3.1.4-6.1.aarch64",
"SUSE Linux Micro 6.0:libopenssl-3-fips-provider-3.1.4-6.1.s390x",
"SUSE Linux Micro 6.0:libopenssl-3-fips-provider-3.1.4-6.1.x86_64",
"SUSE Linux Micro 6.0:libopenssl3-3.1.4-6.1.aarch64",
"SUSE Linux Micro 6.0:libopenssl3-3.1.4-6.1.s390x",
"SUSE Linux Micro 6.0:libopenssl3-3.1.4-6.1.x86_64",
"SUSE Linux Micro 6.0:libpulp-tools-0.3.5-1.1.x86_64",
"SUSE Linux Micro 6.0:libpulp0-0.3.5-1.1.x86_64",
"SUSE Linux Micro 6.0:openssl-3-3.1.4-6.1.aarch64",
"SUSE Linux Micro 6.0:openssl-3-3.1.4-6.1.s390x",
"SUSE Linux Micro 6.0:openssl-3-3.1.4-6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-02-03T08:48:16Z",
"details": "moderate"
}
],
"title": "CVE-2024-6119"
}
]
}
VDE-2025-053
Vulnerability from csaf_phoenixcontactgmbhcokg - Published: 2025-07-08 10:00 - Updated: 2025-07-08 10:00Clients using DNS-over-HTTPS (DoH) can exhaust a DNS resolver's CPU and/or memory by flooding it with crafted valid or invalid HTTP/2 traffic. This issue affects BIND 9 versions 9.18.0 through 9.18.32, 9.20.0 through 9.20.4, 9.21.0 through 9.21.3, and 9.18.11-S1 through 9.18.32-S1.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: CSAFPID-32001 | — | ||
| Unresolved product id: CSAFPID-32002 | — | ||
| Unresolved product id: CSAFPID-32004 | — | ||
| Unresolved product id: CSAFPID-32005 | — | ||
| Unresolved product id: CSAFPID-32007 | — |
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: CSAFPID-31001 | — |
Vendor Fix
|
|
| Unresolved product id: CSAFPID-31002 | — |
Vendor Fix
|
|
| Unresolved product id: CSAFPID-31004 | — |
Vendor Fix
|
|
| Unresolved product id: CSAFPID-31005 | — |
Vendor Fix
|
|
| Unresolved product id: CSAFPID-31007 | — |
Vendor Fix
|
crun is an open source OCI Container Runtime fully written in C. In affected versions A malicious container image could trick the krun handler into escaping the root filesystem, allowing file creation or modification on the host. No special permissions are needed, only the ability for the current user to write to the target file. The problem is fixed in crun 1.20 and all users are advised to upgrade. There are no known workarounds for this vulnerability.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: CSAFPID-32001 | — | ||
| Unresolved product id: CSAFPID-32002 | — | ||
| Unresolved product id: CSAFPID-32004 | — | ||
| Unresolved product id: CSAFPID-32005 | — | ||
| Unresolved product id: CSAFPID-32007 | — |
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: CSAFPID-31001 | — |
Vendor Fix
|
|
| Unresolved product id: CSAFPID-31002 | — |
Vendor Fix
|
|
| Unresolved product id: CSAFPID-31004 | — |
Vendor Fix
|
|
| Unresolved product id: CSAFPID-31005 | — |
Vendor Fix
|
|
| Unresolved product id: CSAFPID-31007 | — |
Vendor Fix
|
libcurl would wrongly close the same eventfd file descriptor twice when taking down a connection channel after having completed a threaded name resolve.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: CSAFPID-32001 | — | ||
| Unresolved product id: CSAFPID-32002 | — | ||
| Unresolved product id: CSAFPID-32004 | — | ||
| Unresolved product id: CSAFPID-32005 | — | ||
| Unresolved product id: CSAFPID-32007 | — |
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: CSAFPID-31001 | — |
Vendor Fix
|
|
| Unresolved product id: CSAFPID-31002 | — |
Vendor Fix
|
|
| Unresolved product id: CSAFPID-31004 | — |
Vendor Fix
|
|
| Unresolved product id: CSAFPID-31005 | — |
Vendor Fix
|
|
| Unresolved product id: CSAFPID-31007 | — |
Vendor Fix
|
When asked to use a `.netrc` file for credentials **and** to follow HTTP redirects, curl could leak the password used for the first host to the followed-to host under certain circumstances. This flaw only manifests itself if the netrc file has a `default` entry that omits both login and password. A rare circumstance.
CWE-200 - Exposure of Sensitive Information to an Unauthorized Actor| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: CSAFPID-32001 | — | ||
| Unresolved product id: CSAFPID-32002 | — | ||
| Unresolved product id: CSAFPID-32004 | — | ||
| Unresolved product id: CSAFPID-32005 | — | ||
| Unresolved product id: CSAFPID-32007 | — |
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: CSAFPID-31001 | — |
Vendor Fix
|
|
| Unresolved product id: CSAFPID-31002 | — |
Vendor Fix
|
|
| Unresolved product id: CSAFPID-31004 | — |
Vendor Fix
|
|
| Unresolved product id: CSAFPID-31005 | — |
Vendor Fix
|
|
| Unresolved product id: CSAFPID-31007 | — |
Vendor Fix
|
When asked to both use a `.netrc` file for credentials and to follow HTTP redirects, curl could leak the password used for the first host to the followed-to host under certain circumstances. This flaw only manifests itself if the netrc file has an entry that matches the redirect target hostname but the entry either omits just the password or omits both login and password.
CWE-200 - Exposure of Sensitive Information to an Unauthorized Actor| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: CSAFPID-32001 | — | ||
| Unresolved product id: CSAFPID-32002 | — | ||
| Unresolved product id: CSAFPID-32004 | — | ||
| Unresolved product id: CSAFPID-32005 | — | ||
| Unresolved product id: CSAFPID-32007 | — |
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: CSAFPID-31001 | — |
Vendor Fix
|
|
| Unresolved product id: CSAFPID-31002 | — |
Vendor Fix
|
|
| Unresolved product id: CSAFPID-31004 | — |
Vendor Fix
|
|
| Unresolved product id: CSAFPID-31005 | — |
Vendor Fix
|
|
| Unresolved product id: CSAFPID-31007 | — |
Vendor Fix
|
When curl is asked to use HSTS, the expiry time for a subdomain might overwrite a parent domain's cache entry, making it end sooner or later than otherwise intended. This affects curl using applications that enable HSTS and use URLs with the insecure `HTTP://` scheme and perform transfers with hosts like `x.example.com` as well as `example.com` where the first host is a subdomain of the second host. (The HSTS cache either needs to have been populated manually or there needs to have been previous HTTPS accesses done as the cache needs to have entries for the domains involved to trigger this problem.) When `x.example.com` responds with `Strict-Transport-Security:` headers, this bug can make the subdomain's expiry timeout *bleed over* and get set for the parent domain `example.com` in curl's HSTS cache. The result of a triggered bug is that HTTP accesses to `example.com` get converted to HTTPS for a different period of time than what was asked for by the origin server. If `example.com` for example stops supporting HTTPS at its expiry time, curl might then fail to access `http://example.com` until the (wrongly set) timeout expires. This bug can also expire the parent's entry *earlier*, thus making curl inadvertently switch back to insecure HTTP earlier than otherwise intended.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: CSAFPID-32001 | — | ||
| Unresolved product id: CSAFPID-32002 | — | ||
| Unresolved product id: CSAFPID-32004 | — | ||
| Unresolved product id: CSAFPID-32005 | — | ||
| Unresolved product id: CSAFPID-32007 | — |
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: CSAFPID-31001 | — |
Vendor Fix
|
|
| Unresolved product id: CSAFPID-31002 | — |
Vendor Fix
|
|
| Unresolved product id: CSAFPID-31004 | — |
Vendor Fix
|
|
| Unresolved product id: CSAFPID-31005 | — |
Vendor Fix
|
|
| Unresolved product id: CSAFPID-31007 | — |
Vendor Fix
|
A flaw was found in the GNU coreutils "split" program. A heap overflow with user-controlled data of multiple hundred bytes in length could occur in the line_bytes_split() function, potentially leading to an application crash and denial of service.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: CSAFPID-32001 | — | ||
| Unresolved product id: CSAFPID-32002 | — | ||
| Unresolved product id: CSAFPID-32004 | — | ||
| Unresolved product id: CSAFPID-32005 | — | ||
| Unresolved product id: CSAFPID-32007 | — |
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: CSAFPID-31001 | — |
Vendor Fix
|
|
| Unresolved product id: CSAFPID-31002 | — |
Vendor Fix
|
|
| Unresolved product id: CSAFPID-31004 | — |
Vendor Fix
|
|
| Unresolved product id: CSAFPID-31005 | — |
Vendor Fix
|
|
| Unresolved product id: CSAFPID-31007 | — |
Vendor Fix
|
gio/gsocks4aproxy.c in GNOME GLib before 2.82.1 has an off-by-one error and resultant buffer overflow because SOCKS4_CONN_MSG_LEN is not sufficient for a trailing '\0' character.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: CSAFPID-32001 | — | ||
| Unresolved product id: CSAFPID-32002 | — | ||
| Unresolved product id: CSAFPID-32004 | — | ||
| Unresolved product id: CSAFPID-32005 | — | ||
| Unresolved product id: CSAFPID-32007 | — |
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: CSAFPID-31001 | — |
Vendor Fix
|
|
| Unresolved product id: CSAFPID-31002 | — |
Vendor Fix
|
|
| Unresolved product id: CSAFPID-31004 | — |
Vendor Fix
|
|
| Unresolved product id: CSAFPID-31005 | — |
Vendor Fix
|
|
| Unresolved product id: CSAFPID-31007 | — |
Vendor Fix
|
Overlayfs did not properly perform permission checking when copying up files in an overlayfs and could be exploited from within a user namespace, if, for example, unprivileged user namespaces were allowed. It was possible to have a file not readable by an unprivileged user to be copied to a mountpoint controlled by the user, like a removable device. This was introduced in kernel version 4.19 by commit d1d04ef ("ovl: stack file ops"). This was fixed in kernel version 5.8 by commits 56230d9 ("ovl: verify permissions in ovl_path_open()"), 48bd024 ("ovl: switch to mounter creds in readdir") and 05acefb ("ovl: check permission to open real file"). Additionally, commits 130fdbc ("ovl: pass correct flags for opening real directory") and 292f902 ("ovl: call secutiry hook in ovl_real_ioctl()") in kernel 5.8 might also be desired or necessary. These additional commits introduced a regression in overlay mounts within user namespaces which prevented access to files with ownership outside of the user namespace. This regression was mitigated by subsequent commit b6650da ("ovl: do not fail because of O_NOATIMEi") in kernel 5.11.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: CSAFPID-32001 | — | ||
| Unresolved product id: CSAFPID-32002 | — | ||
| Unresolved product id: CSAFPID-32004 | — | ||
| Unresolved product id: CSAFPID-32005 | — | ||
| Unresolved product id: CSAFPID-32007 | — |
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: CSAFPID-31001 | — |
Vendor Fix
|
|
| Unresolved product id: CSAFPID-31002 | — |
Vendor Fix
|
|
| Unresolved product id: CSAFPID-31004 | — |
Vendor Fix
|
|
| Unresolved product id: CSAFPID-31005 | — |
Vendor Fix
|
|
| Unresolved product id: CSAFPID-31007 | — |
Vendor Fix
|
In affected libpcap versions during the setup of a remote packet capture the internal function sock_initaddress() calls getaddrinfo() and possibly freeaddrinfo(), but does not clearly indicate to the caller function whether freeaddrinfo() still remains to be called after the function returns. This makes it possible in some scenarios that both the function and its caller call freeaddrinfo() for the same allocated memory block. A similar problem was reported in Apple libpcap, to which Apple assigned CVE-2023-40400.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: CSAFPID-32001 | — | ||
| Unresolved product id: CSAFPID-32002 | — | ||
| Unresolved product id: CSAFPID-32004 | — | ||
| Unresolved product id: CSAFPID-32005 | — | ||
| Unresolved product id: CSAFPID-32007 | — |
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: CSAFPID-31001 | — |
Vendor Fix
|
|
| Unresolved product id: CSAFPID-31002 | — |
Vendor Fix
|
|
| Unresolved product id: CSAFPID-31004 | — |
Vendor Fix
|
|
| Unresolved product id: CSAFPID-31005 | — |
Vendor Fix
|
|
| Unresolved product id: CSAFPID-31007 | — |
Vendor Fix
|
Remote packet capture support is disabled by default in libpcap. When a user builds libpcap with remote packet capture support enabled, one of the functions that become available is pcap_findalldevs_ex(). One of the function arguments can be a filesystem path, which normally means a directory with input data files. When the specified path cannot be used as a directory, the function receives NULL from opendir(), but does not check the return value and passes the NULL value to readdir(), which causes a NULL pointer derefence.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: CSAFPID-32001 | — | ||
| Unresolved product id: CSAFPID-32002 | — | ||
| Unresolved product id: CSAFPID-32004 | — | ||
| Unresolved product id: CSAFPID-32005 | — | ||
| Unresolved product id: CSAFPID-32007 | — |
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: CSAFPID-31001 | — |
Vendor Fix
|
|
| Unresolved product id: CSAFPID-31002 | — |
Vendor Fix
|
|
| Unresolved product id: CSAFPID-31004 | — |
Vendor Fix
|
|
| Unresolved product id: CSAFPID-31005 | — |
Vendor Fix
|
|
| Unresolved product id: CSAFPID-31007 | — |
Vendor Fix
|
A stack overflow vulnerability exists in the libexpat library due to the way it handles recursive entity expansion in XML documents. When parsing an XML document with deeply nested entity references, libexpat can be forced to recurse indefinitely, exhausting the stack space and causing a crash. This issue could lead to denial of service (DoS) or, in some cases, exploitable memory corruption, depending on the environment and library usage.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: CSAFPID-32001 | — | ||
| Unresolved product id: CSAFPID-32002 | — | ||
| Unresolved product id: CSAFPID-32004 | — | ||
| Unresolved product id: CSAFPID-32005 | — | ||
| Unresolved product id: CSAFPID-32007 | — |
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: CSAFPID-31001 | — |
Vendor Fix
|
|
| Unresolved product id: CSAFPID-31002 | — |
Vendor Fix
|
|
| Unresolved product id: CSAFPID-31004 | — |
Vendor Fix
|
|
| Unresolved product id: CSAFPID-31005 | — |
Vendor Fix
|
|
| Unresolved product id: CSAFPID-31007 | — |
Vendor Fix
|
An issue was discovered in libexpat before 2.6.4. There is a crash within the XML_ResumeParser function because XML_StopParser can stop/suspend an unstarted parser.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: CSAFPID-32001 | — | ||
| Unresolved product id: CSAFPID-32002 | — | ||
| Unresolved product id: CSAFPID-32004 | — | ||
| Unresolved product id: CSAFPID-32005 | — | ||
| Unresolved product id: CSAFPID-32007 | — |
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: CSAFPID-31001 | — |
Vendor Fix
|
|
| Unresolved product id: CSAFPID-31002 | — |
Vendor Fix
|
|
| Unresolved product id: CSAFPID-31004 | — |
Vendor Fix
|
|
| Unresolved product id: CSAFPID-31005 | — |
Vendor Fix
|
|
| Unresolved product id: CSAFPID-31007 | — |
Vendor Fix
|
Stack-based Buffer Overflow vulnerability in libmodbus v3.1.10 allows to overflow the buffer allocated for the Modbus response if the function tries to reply to a Modbus request with an unexpected length.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: CSAFPID-32001 | — | ||
| Unresolved product id: CSAFPID-32002 | — | ||
| Unresolved product id: CSAFPID-32004 | — | ||
| Unresolved product id: CSAFPID-32005 | — | ||
| Unresolved product id: CSAFPID-32007 | — |
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: CSAFPID-31001 | — |
Vendor Fix
|
|
| Unresolved product id: CSAFPID-31002 | — |
Vendor Fix
|
|
| Unresolved product id: CSAFPID-31004 | — |
Vendor Fix
|
|
| Unresolved product id: CSAFPID-31005 | — |
Vendor Fix
|
|
| Unresolved product id: CSAFPID-31007 | — |
Vendor Fix
|
A flaw in libtasn1 causes inefficient handling of specific certificate data. When processing a large number of elements in a certificate, libtasn1 takes much longer than expected, which can slow down or even crash the system. This flaw allows an attacker to send a specially crafted certificate, causing a denial of service attack.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: CSAFPID-32001 | — | ||
| Unresolved product id: CSAFPID-32002 | — | ||
| Unresolved product id: CSAFPID-32004 | — | ||
| Unresolved product id: CSAFPID-32005 | — | ||
| Unresolved product id: CSAFPID-32007 | — |
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: CSAFPID-31001 | — |
Vendor Fix
|
|
| Unresolved product id: CSAFPID-31002 | — |
Vendor Fix
|
|
| Unresolved product id: CSAFPID-31004 | — |
Vendor Fix
|
|
| Unresolved product id: CSAFPID-31005 | — |
Vendor Fix
|
|
| Unresolved product id: CSAFPID-31007 | — |
Vendor Fix
|
libxml2 before 2.12.10 and 2.13.x before 2.13.6 has a NULL pointer dereference in xmlPatMatch in pattern.c.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: CSAFPID-32001 | — | ||
| Unresolved product id: CSAFPID-32002 | — | ||
| Unresolved product id: CSAFPID-32004 | — | ||
| Unresolved product id: CSAFPID-32005 | — | ||
| Unresolved product id: CSAFPID-32007 | — |
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: CSAFPID-31001 | — |
Vendor Fix
|
|
| Unresolved product id: CSAFPID-31002 | — |
Vendor Fix
|
|
| Unresolved product id: CSAFPID-31004 | — |
Vendor Fix
|
|
| Unresolved product id: CSAFPID-31005 | — |
Vendor Fix
|
|
| Unresolved product id: CSAFPID-31007 | — |
Vendor Fix
|
An issue was discovered in libxml2 before 2.11.7 and 2.12.x before 2.12.5. When using the XML Reader interface with DTD validation and XInclude expansion enabled, processing crafted XML documents can lead to an xmlValidatePopElement use-after-free.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: CSAFPID-32001 | — | ||
| Unresolved product id: CSAFPID-32002 | — | ||
| Unresolved product id: CSAFPID-32004 | — | ||
| Unresolved product id: CSAFPID-32005 | — | ||
| Unresolved product id: CSAFPID-32007 | — |
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: CSAFPID-31001 | — |
Vendor Fix
|
|
| Unresolved product id: CSAFPID-31002 | — |
Vendor Fix
|
|
| Unresolved product id: CSAFPID-31004 | — |
Vendor Fix
|
|
| Unresolved product id: CSAFPID-31005 | — |
Vendor Fix
|
|
| Unresolved product id: CSAFPID-31007 | — |
Vendor Fix
|
A vulnerability was found in GNU Nano that allows a possible privilege escalation through an insecure temporary file. If Nano is killed while editing, a file it saves to an emergency file with the permissions of the running user provides a window of opportunity for attackers to escalate privileges through a malicious symlink.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: CSAFPID-32001 | — | ||
| Unresolved product id: CSAFPID-32002 | — | ||
| Unresolved product id: CSAFPID-32004 | — | ||
| Unresolved product id: CSAFPID-32005 | — | ||
| Unresolved product id: CSAFPID-32007 | — |
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: CSAFPID-31001 | — |
Vendor Fix
|
|
| Unresolved product id: CSAFPID-31002 | — |
Vendor Fix
|
|
| Unresolved product id: CSAFPID-31004 | — |
Vendor Fix
|
|
| Unresolved product id: CSAFPID-31005 | — |
Vendor Fix
|
|
| Unresolved product id: CSAFPID-31007 | — |
Vendor Fix
|
A flaw was found in the OpenSSH package. For each ping packet the SSH server receives, a pong packet is allocated in a memory buffer and stored in a queue of packages. It is only freed when the server/client key exchange has finished. A malicious client may keep sending such packages, leading to an uncontrolled increase in memory consumption on the server side. Consequently, the server may become unavailable, resulting in a denial of service attack.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: CSAFPID-32001 | — | ||
| Unresolved product id: CSAFPID-32002 | — | ||
| Unresolved product id: CSAFPID-32004 | — | ||
| Unresolved product id: CSAFPID-32005 | — | ||
| Unresolved product id: CSAFPID-32007 | — |
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: CSAFPID-31001 | — |
Vendor Fix
|
|
| Unresolved product id: CSAFPID-31002 | — |
Vendor Fix
|
|
| Unresolved product id: CSAFPID-31004 | — |
Vendor Fix
|
|
| Unresolved product id: CSAFPID-31005 | — |
Vendor Fix
|
|
| Unresolved product id: CSAFPID-31007 | — |
Vendor Fix
|
A vulnerability was found in OpenSSH when the VerifyHostKeyDNS option is enabled. A machine-in-the-middle attack can be performed by a malicious machine impersonating a legit server. This issue occurs due to how OpenSSH mishandles error codes in specific conditions when verifying the host key. For an attack to be considered successful, the attacker needs to manage to exhaust the client's memory resource first, turning the attack complexity high.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: CSAFPID-32001 | — | ||
| Unresolved product id: CSAFPID-32002 | — | ||
| Unresolved product id: CSAFPID-32004 | — | ||
| Unresolved product id: CSAFPID-32005 | — | ||
| Unresolved product id: CSAFPID-32007 | — |
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: CSAFPID-31001 | — |
Vendor Fix
|
|
| Unresolved product id: CSAFPID-31002 | — |
Vendor Fix
|
|
| Unresolved product id: CSAFPID-31004 | — |
Vendor Fix
|
|
| Unresolved product id: CSAFPID-31005 | — |
Vendor Fix
|
|
| Unresolved product id: CSAFPID-31007 | — |
Vendor Fix
|
Issue summary: Applications performing certificate name checks (e.g., TLS clients checking server certificates) may attempt to read an invalid memory address resulting in abnormal termination of the application process. Impact summary: Abnormal termination of an application can a cause a denial of service. Applications performing certificate name checks (e.g., TLS clients checking server certificates) may attempt to read an invalid memory address when comparing the expected name with an `otherName` subject alternative name of an X.509 certificate. This may result in an exception that terminates the application program. Note that basic certificate chain validation (signatures, dates, ...) is not affected, the denial of service can occur only when the application also specifies an expected DNS name, Email address or IP address. TLS servers rarely solicit client certificates, and even when they do, they generally don't perform a name check against a reference identifier (expected identity), but rather extract the presented identity after checking the certificate chain. So TLS servers are generally not affected and the severity of the issue is Moderate. The FIPS modules in 3.3, 3.2, 3.1 and 3.0 are not affected by this issue.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: CSAFPID-32001 | — | ||
| Unresolved product id: CSAFPID-32002 | — | ||
| Unresolved product id: CSAFPID-32004 | — | ||
| Unresolved product id: CSAFPID-32005 | — | ||
| Unresolved product id: CSAFPID-32007 | — |
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: CSAFPID-31001 | — |
Vendor Fix
|
|
| Unresolved product id: CSAFPID-31002 | — |
Vendor Fix
|
|
| Unresolved product id: CSAFPID-31004 | — |
Vendor Fix
|
|
| Unresolved product id: CSAFPID-31005 | — |
Vendor Fix
|
|
| Unresolved product id: CSAFPID-31007 | — |
Vendor Fix
|
Issue summary: Use of the low-level GF(2^m) elliptic curve APIs with untrusted explicit values for the field polynomial can lead to out-of-bounds memory reads or writes. Impact summary: Out of bound memory writes can lead to an application crash or even a possibility of a remote code execution, however, in all the protocols involving Elliptic Curve Cryptography that we're aware of, either only "named curves" are supported, or, if explicit curve parameters are supported, they specify an X9.62 encoding of binary (GF(2^m)) curves that can't represent problematic input values. Thus the likelihood of existence of a vulnerable application is low. In particular, the X9.62 encoding is used for ECC keys in X.509 certificates, so problematic inputs cannot occur in the context of processing X.509 certificates. Any problematic use-cases would have to be using an "exotic" curve encoding. The affected APIs include: EC_GROUP_new_curve_GF2m(), EC_GROUP_new_from_params(), and various supporting BN_GF2m_*() functions. Applications working with "exotic" explicit binary (GF(2^m)) curve parameters, that make it possible to represent invalid field polynomials with a zero constant term, via the above or similar APIs, may terminate abruptly as a result of reading or writing outside of array bounds. Remote code execution cannot easily be ruled out. The FIPS modules in 3.3, 3.2, 3.1 and 3.0 are not affected by this issue.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: CSAFPID-32001 | — | ||
| Unresolved product id: CSAFPID-32002 | — | ||
| Unresolved product id: CSAFPID-32004 | — | ||
| Unresolved product id: CSAFPID-32005 | — | ||
| Unresolved product id: CSAFPID-32007 | — |
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: CSAFPID-31001 | — |
Vendor Fix
|
|
| Unresolved product id: CSAFPID-31002 | — |
Vendor Fix
|
|
| Unresolved product id: CSAFPID-31004 | — |
Vendor Fix
|
|
| Unresolved product id: CSAFPID-31005 | — |
Vendor Fix
|
|
| Unresolved product id: CSAFPID-31007 | — |
Vendor Fix
|
Issue summary: Calling the OpenSSL API function SSL_select_next_proto with an empty supported client protocols buffer may cause a crash or memory contents to be sent to the peer. Impact summary: A buffer overread can have a range of potential consequences such as unexpected application beahviour or a crash. In particular this issue could result in up to 255 bytes of arbitrary private data from memory being sent to the peer leading to a loss of confidentiality. However, only applications that directly call the SSL_select_next_proto function with a 0 length list of supported client protocols are affected by this issue. This would normally never be a valid scenario and is typically not under attacker control but may occur by accident in the case of a configuration or programming error in the calling application. The OpenSSL API function SSL_select_next_proto is typically used by TLS applications that support ALPN (Application Layer Protocol Negotiation) or NPN (Next Protocol Negotiation). NPN is older, was never standardised and is deprecated in favour of ALPN. We believe that ALPN is significantly more widely deployed than NPN. The SSL_select_next_proto function accepts a list of protocols from the server and a list of protocols from the client and returns the first protocol that appears in the server list that also appears in the client list. In the case of no overlap between the two lists it returns the first item in the client list. In either case it will signal whether an overlap between the two lists was found. In the case where SSL_select_next_proto is called with a zero length client list it fails to notice this condition and returns the memory immediately following the client list pointer (and reports that there was no overlap in the lists). This function is typically called from a server side application callback for ALPN or a client side application callback for NPN. In the case of ALPN the list of protocols supplied by the client is guaranteed by libssl to never be zero in length. The list of server protocols comes from the application and should never normally be expected to be of zero length. In this case if the SSL_select_next_proto function has been called as expected (with the list supplied by the client passed in the client/client_len parameters), then the application will not be vulnerable to this issue. If the application has accidentally been configured with a zero length server list, and has accidentally passed that zero length server list in the client/client_len parameters, and has additionally failed to correctly handle a "no overlap" response (which would normally result in a handshake failure in ALPN) then it will be vulnerable to this problem. In the case of NPN, the protocol permits the client to opportunistically select a protocol when there is no overlap. OpenSSL returns the first client protocol in the no overlap case in support of this. The list of client protocols comes from the application and should never normally be expected to be of zero length. However if the SSL_select_next_proto function is accidentally called with a client_len of 0 then an invalid memory pointer will be returned instead. If the application uses this output as the opportunistic protocol then the loss of confidentiality will occur. This issue has been assessed as Low severity because applications are most likely to be vulnerable if they are using NPN instead of ALPN - but NPN is not widely used. It also requires an application configuration or programming error. Finally, this issue would not typically be under attacker control making active exploitation unlikely. The FIPS modules in 3.3, 3.2, 3.1 and 3.0 are not affected by this issue. Due to the low severity of this issue we are not issuing new releases of OpenSSL at this time. The fix will be included in the next releases when they become available.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: CSAFPID-32001 | — | ||
| Unresolved product id: CSAFPID-32002 | — | ||
| Unresolved product id: CSAFPID-32004 | — | ||
| Unresolved product id: CSAFPID-32005 | — | ||
| Unresolved product id: CSAFPID-32007 | — |
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: CSAFPID-31001 | — |
Vendor Fix
|
|
| Unresolved product id: CSAFPID-31002 | — |
Vendor Fix
|
|
| Unresolved product id: CSAFPID-31004 | — |
Vendor Fix
|
|
| Unresolved product id: CSAFPID-31005 | — |
Vendor Fix
|
|
| Unresolved product id: CSAFPID-31007 | — |
Vendor Fix
|
OpenVPN from 2.6.0 through 2.6.10 in a server role accepts multiple exit notifications from authenticated clients which will extend the validity of a closing session
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: CSAFPID-32001 | — | ||
| Unresolved product id: CSAFPID-32002 | — | ||
| Unresolved product id: CSAFPID-32004 | — | ||
| Unresolved product id: CSAFPID-32005 | — | ||
| Unresolved product id: CSAFPID-32007 | — |
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: CSAFPID-31001 | — |
Vendor Fix
|
|
| Unresolved product id: CSAFPID-31002 | — |
Vendor Fix
|
|
| Unresolved product id: CSAFPID-31004 | — |
Vendor Fix
|
|
| Unresolved product id: CSAFPID-31005 | — |
Vendor Fix
|
|
| Unresolved product id: CSAFPID-31007 | — |
Vendor Fix
|
OpenVPN before 2.6.11 does not santize PUSH_REPLY messages properly which an attacker controlling the server can use to inject unexpected arbitrary data ending up in client logs.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: CSAFPID-32001 | — | ||
| Unresolved product id: CSAFPID-32002 | — | ||
| Unresolved product id: CSAFPID-32004 | — | ||
| Unresolved product id: CSAFPID-32005 | — | ||
| Unresolved product id: CSAFPID-32007 | — |
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: CSAFPID-31001 | — |
Vendor Fix
|
|
| Unresolved product id: CSAFPID-31002 | — |
Vendor Fix
|
|
| Unresolved product id: CSAFPID-31004 | — |
Vendor Fix
|
|
| Unresolved product id: CSAFPID-31005 | — |
Vendor Fix
|
|
| Unresolved product id: CSAFPID-31007 | — |
Vendor Fix
|
GNU patch through 2.7.6 contains a free(p_line[p_end]) Double Free vulnerability in the function another_hunk in pch.c that can cause a denial of service via a crafted patch file. NOTE: this issue exists because of an incomplete fix for CVE-2018-6952.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: CSAFPID-32001 | — | ||
| Unresolved product id: CSAFPID-32002 | — | ||
| Unresolved product id: CSAFPID-32004 | — | ||
| Unresolved product id: CSAFPID-32005 | — | ||
| Unresolved product id: CSAFPID-32007 | — |
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: CSAFPID-31001 | — |
Vendor Fix
|
|
| Unresolved product id: CSAFPID-31002 | — |
Vendor Fix
|
|
| Unresolved product id: CSAFPID-31004 | — |
Vendor Fix
|
|
| Unresolved product id: CSAFPID-31005 | — |
Vendor Fix
|
|
| Unresolved product id: CSAFPID-31007 | — |
Vendor Fix
|
GNU patch through 2.7.6 is vulnerable to OS shell command injection that can be exploited by opening a crafted patch file that contains an ed style diff payload with shell metacharacters. The ed editor does not need to be present on the vulnerable system. This is different from CVE-2018-1000156.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: CSAFPID-32001 | — | ||
| Unresolved product id: CSAFPID-32002 | — | ||
| Unresolved product id: CSAFPID-32004 | — | ||
| Unresolved product id: CSAFPID-32005 | — | ||
| Unresolved product id: CSAFPID-32007 | — |
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: CSAFPID-31001 | — |
Vendor Fix
|
|
| Unresolved product id: CSAFPID-31002 | — |
Vendor Fix
|
|
| Unresolved product id: CSAFPID-31004 | — |
Vendor Fix
|
|
| Unresolved product id: CSAFPID-31005 | — |
Vendor Fix
|
|
| Unresolved product id: CSAFPID-31007 | — |
Vendor Fix
|
In GNU patch through 2.7.6, the following of symlinks is mishandled in certain cases other than input files. This affects inp.c and util.c.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: CSAFPID-32001 | — | ||
| Unresolved product id: CSAFPID-32002 | — | ||
| Unresolved product id: CSAFPID-32004 | — | ||
| Unresolved product id: CSAFPID-32005 | — | ||
| Unresolved product id: CSAFPID-32007 | — |
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: CSAFPID-31001 | — |
Vendor Fix
|
|
| Unresolved product id: CSAFPID-31002 | — |
Vendor Fix
|
|
| Unresolved product id: CSAFPID-31004 | — |
Vendor Fix
|
|
| Unresolved product id: CSAFPID-31005 | — |
Vendor Fix
|
|
| Unresolved product id: CSAFPID-31007 | — |
Vendor Fix
|
GNU Patch version 2.7.6 contains an input validation vulnerability when processing patch files, specifically the EDITOR_PROGRAM invocation (using ed) can result in code execution. This attack appear to be exploitable via a patch file processed via the patch utility. This is similar to FreeBSD's CVE-2015-1418 however although they share a common ancestry the code bases have diverged over time.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: CSAFPID-32001 | — | ||
| Unresolved product id: CSAFPID-32002 | — | ||
| Unresolved product id: CSAFPID-32004 | — | ||
| Unresolved product id: CSAFPID-32005 | — | ||
| Unresolved product id: CSAFPID-32007 | — |
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: CSAFPID-31001 | — |
Vendor Fix
|
|
| Unresolved product id: CSAFPID-31002 | — |
Vendor Fix
|
|
| Unresolved product id: CSAFPID-31004 | — |
Vendor Fix
|
|
| Unresolved product id: CSAFPID-31005 | — |
Vendor Fix
|
|
| Unresolved product id: CSAFPID-31007 | — |
Vendor Fix
|
do_ed_script in pch.c in GNU patch through 2.7.6 does not block strings beginning with a ! character. NOTE: this is the same commit as for CVE-2019-13638, but the ! syntax is specific to ed, and is unrelated to a shell metacharacter.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: CSAFPID-32001 | — | ||
| Unresolved product id: CSAFPID-32002 | — | ||
| Unresolved product id: CSAFPID-32004 | — | ||
| Unresolved product id: CSAFPID-32005 | — | ||
| Unresolved product id: CSAFPID-32007 | — |
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: CSAFPID-31001 | — |
Vendor Fix
|
|
| Unresolved product id: CSAFPID-31002 | — |
Vendor Fix
|
|
| Unresolved product id: CSAFPID-31004 | — |
Vendor Fix
|
|
| Unresolved product id: CSAFPID-31005 | — |
Vendor Fix
|
|
| Unresolved product id: CSAFPID-31007 | — |
Vendor Fix
|
An issue was discovered in GNU patch through 2.7.6. There is a segmentation fault, associated with a NULL pointer dereference, leading to a denial of service in the intuit_diff_type function in pch.c, aka a "mangled rename" issue.
CWE-476 - NULL Pointer Dereference| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: CSAFPID-32001 | — | ||
| Unresolved product id: CSAFPID-32002 | — | ||
| Unresolved product id: CSAFPID-32004 | — | ||
| Unresolved product id: CSAFPID-32005 | — | ||
| Unresolved product id: CSAFPID-32007 | — |
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: CSAFPID-31001 | — |
Vendor Fix
|
|
| Unresolved product id: CSAFPID-31002 | — |
Vendor Fix
|
|
| Unresolved product id: CSAFPID-31004 | — |
Vendor Fix
|
|
| Unresolved product id: CSAFPID-31005 | — |
Vendor Fix
|
|
| Unresolved product id: CSAFPID-31007 | — |
Vendor Fix
|
A double free exists in the another_hunk function in pch.c in GNU patch through 2.7.6.
CWE-415 - Double Free| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: CSAFPID-32001 | — | ||
| Unresolved product id: CSAFPID-32002 | — | ||
| Unresolved product id: CSAFPID-32004 | — | ||
| Unresolved product id: CSAFPID-32005 | — | ||
| Unresolved product id: CSAFPID-32007 | — |
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: CSAFPID-31001 | — |
Vendor Fix
|
|
| Unresolved product id: CSAFPID-31002 | — |
Vendor Fix
|
|
| Unresolved product id: CSAFPID-31004 | — |
Vendor Fix
|
|
| Unresolved product id: CSAFPID-31005 | — |
Vendor Fix
|
|
| Unresolved product id: CSAFPID-31007 | — |
Vendor Fix
|
A flaw was found in Go. When FIPS mode is enabled on a system, container runtimes may incorrectly handle certain file paths due to improper validation in the containers/common Go library. This flaw allows an attacker to exploit symbolic links and trick the system into mounting sensitive host directories inside a container. This issue also allows attackers to access critical host files, bypassing the intended isolation between containers and the host system.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: CSAFPID-32001 | — | ||
| Unresolved product id: CSAFPID-32002 | — | ||
| Unresolved product id: CSAFPID-32004 | — | ||
| Unresolved product id: CSAFPID-32005 | — | ||
| Unresolved product id: CSAFPID-32007 | — |
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: CSAFPID-31001 | — |
Vendor Fix
|
|
| Unresolved product id: CSAFPID-31002 | — |
Vendor Fix
|
|
| Unresolved product id: CSAFPID-31004 | — |
Vendor Fix
|
|
| Unresolved product id: CSAFPID-31005 | — |
Vendor Fix
|
|
| Unresolved product id: CSAFPID-31007 | — |
Vendor Fix
|
The email module of Python through 3.11.3 incorrectly parses e-mail addresses that contain a special character. The wrong portion of an RFC2822 header is identified as the value of the addr-spec. In some applications, an attacker can bypass a protection mechanism in which application access is granted only after verifying receipt of e-mail to a specific domain (e.g., only @company.example.com addresses may be used for signup). This occurs in email/_parseaddr.py in recent versions of Python.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: CSAFPID-32001 | — | ||
| Unresolved product id: CSAFPID-32002 | — | ||
| Unresolved product id: CSAFPID-32004 | — | ||
| Unresolved product id: CSAFPID-32005 | — | ||
| Unresolved product id: CSAFPID-32007 | — |
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: CSAFPID-31001 | — |
Vendor Fix
|
|
| Unresolved product id: CSAFPID-31002 | — |
Vendor Fix
|
|
| Unresolved product id: CSAFPID-31004 | — |
Vendor Fix
|
|
| Unresolved product id: CSAFPID-31005 | — |
Vendor Fix
|
|
| Unresolved product id: CSAFPID-31007 | — |
Vendor Fix
|
A vulnerability has been found in the CPython `venv` module and CLI where path names provided when creating a virtual environment were not quoted properly, allowing the creator to inject commands into virtual environment "activation" scripts (ie "source venv/bin/activate"). This means that attacker-controlled virtual environments are able to run commands when the virtual environment is activated. Virtual environments which are not created by an attacker or which aren't activated before being used (ie "./venv/bin/python") are not affected.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: CSAFPID-32001 | — | ||
| Unresolved product id: CSAFPID-32002 | — | ||
| Unresolved product id: CSAFPID-32004 | — | ||
| Unresolved product id: CSAFPID-32005 | — | ||
| Unresolved product id: CSAFPID-32007 | — |
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: CSAFPID-31001 | — |
Vendor Fix
|
|
| Unresolved product id: CSAFPID-31002 | — |
Vendor Fix
|
|
| Unresolved product id: CSAFPID-31004 | — |
Vendor Fix
|
|
| Unresolved product id: CSAFPID-31005 | — |
Vendor Fix
|
|
| Unresolved product id: CSAFPID-31007 | — |
Vendor Fix
|
There is a MEDIUM severity vulnerability affecting CPython. Regular expressions that allowed excessive backtracking during tarfile.TarFile header parsing are vulnerable to ReDoS via specifically-crafted tar archives.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: CSAFPID-32001 | — | ||
| Unresolved product id: CSAFPID-32002 | — | ||
| Unresolved product id: CSAFPID-32004 | — | ||
| Unresolved product id: CSAFPID-32005 | — | ||
| Unresolved product id: CSAFPID-32007 | — |
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: CSAFPID-31001 | — |
Vendor Fix
|
|
| Unresolved product id: CSAFPID-31002 | — |
Vendor Fix
|
|
| Unresolved product id: CSAFPID-31004 | — |
Vendor Fix
|
|
| Unresolved product id: CSAFPID-31005 | — |
Vendor Fix
|
|
| Unresolved product id: CSAFPID-31007 | — |
Vendor Fix
|
A vulnerability in the package_index module of pypa/setuptools versions up to 69.1.1 allows for remote code execution via its download functions. These functions, which are used to download packages from URLs provided by users or retrieved from package index servers, are susceptible to code injection. If these functions are exposed to user-controlled inputs, such as package URLs, they can execute arbitrary commands on the system. The issue is fixed in version 70.0.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: CSAFPID-32001 | — | ||
| Unresolved product id: CSAFPID-32002 | — | ||
| Unresolved product id: CSAFPID-32004 | — | ||
| Unresolved product id: CSAFPID-32005 | — | ||
| Unresolved product id: CSAFPID-32007 | — |
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: CSAFPID-31001 | — |
Vendor Fix
|
|
| Unresolved product id: CSAFPID-31002 | — |
Vendor Fix
|
|
| Unresolved product id: CSAFPID-31004 | — |
Vendor Fix
|
|
| Unresolved product id: CSAFPID-31005 | — |
Vendor Fix
|
|
| Unresolved product id: CSAFPID-31007 | — |
Vendor Fix
|
A heap-based buffer overflow flaw was found in the rsync daemon. This issue is due to improper handling of attacker-controlled checksum lengths (s2length) in the code. When MAX_DIGEST_LEN exceeds the fixed SUM_LENGTH (16 bytes), an attacker can write out of bounds in the sum2 buffer.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: CSAFPID-32001 | — | ||
| Unresolved product id: CSAFPID-32002 | — | ||
| Unresolved product id: CSAFPID-32004 | — | ||
| Unresolved product id: CSAFPID-32005 | — | ||
| Unresolved product id: CSAFPID-32007 | — |
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: CSAFPID-31001 | — |
Vendor Fix
|
|
| Unresolved product id: CSAFPID-31002 | — |
Vendor Fix
|
|
| Unresolved product id: CSAFPID-31004 | — |
Vendor Fix
|
|
| Unresolved product id: CSAFPID-31005 | — |
Vendor Fix
|
|
| Unresolved product id: CSAFPID-31007 | — |
Vendor Fix
|
A flaw was found in rsync which could be triggered when rsync compares file checksums. This flaw allows an attacker to manipulate the checksum length (s2length) to cause a comparison between a checksum and uninitialized memory and leak one byte of uninitialized stack data at a time.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: CSAFPID-32001 | — | ||
| Unresolved product id: CSAFPID-32002 | — | ||
| Unresolved product id: CSAFPID-32004 | — | ||
| Unresolved product id: CSAFPID-32005 | — | ||
| Unresolved product id: CSAFPID-32007 | — |
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: CSAFPID-31001 | — |
Vendor Fix
|
|
| Unresolved product id: CSAFPID-31002 | — |
Vendor Fix
|
|
| Unresolved product id: CSAFPID-31004 | — |
Vendor Fix
|
|
| Unresolved product id: CSAFPID-31005 | — |
Vendor Fix
|
|
| Unresolved product id: CSAFPID-31007 | — |
Vendor Fix
|
A flaw was found in rsync. It could allow a server to enumerate the contents of an arbitrary file from the client's machine. This issue occurs when files are being copied from a client to a server. During this process, the rsync server will send checksums of local data to the client to compare with in order to determine what data needs to be sent to the server. By sending specially constructed checksum values for arbitrary files, an attacker may be able to reconstruct the data of those files byte-by-byte based on the responses from the client.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: CSAFPID-32001 | — | ||
| Unresolved product id: CSAFPID-32002 | — | ||
| Unresolved product id: CSAFPID-32004 | — | ||
| Unresolved product id: CSAFPID-32005 | — | ||
| Unresolved product id: CSAFPID-32007 | — |
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: CSAFPID-31001 | — |
Vendor Fix
|
|
| Unresolved product id: CSAFPID-31002 | — |
Vendor Fix
|
|
| Unresolved product id: CSAFPID-31004 | — |
Vendor Fix
|
|
| Unresolved product id: CSAFPID-31005 | — |
Vendor Fix
|
|
| Unresolved product id: CSAFPID-31007 | — |
Vendor Fix
|
A path traversal vulnerability exists in rsync. It stems from behavior enabled by the `--inc-recursive` option, a default-enabled option for many client options and can be enabled by the server even if not explicitly enabled by the client. When using the `--inc-recursive` option, a lack of proper symlink verification coupled with deduplication checks occurring on a per-file-list basis could allow a server to write files outside of the client's intended destination directory. A malicious server could write malicious files to arbitrary locations named after valid directories/paths on the client.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: CSAFPID-32001 | — | ||
| Unresolved product id: CSAFPID-32002 | — | ||
| Unresolved product id: CSAFPID-32004 | — | ||
| Unresolved product id: CSAFPID-32005 | — | ||
| Unresolved product id: CSAFPID-32007 | — |
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: CSAFPID-31001 | — |
Vendor Fix
|
|
| Unresolved product id: CSAFPID-31002 | — |
Vendor Fix
|
|
| Unresolved product id: CSAFPID-31004 | — |
Vendor Fix
|
|
| Unresolved product id: CSAFPID-31005 | — |
Vendor Fix
|
|
| Unresolved product id: CSAFPID-31007 | — |
Vendor Fix
|
A flaw was found in rsync. When using the `--safe-links` option, the rsync client fails to properly verify if a symbolic link destination sent from the server contains another symbolic link within it. This results in a path traversal vulnerability, which may lead to arbitrary file write outside the desired directory.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: CSAFPID-32001 | — | ||
| Unresolved product id: CSAFPID-32002 | — | ||
| Unresolved product id: CSAFPID-32004 | — | ||
| Unresolved product id: CSAFPID-32005 | — | ||
| Unresolved product id: CSAFPID-32007 | — |
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: CSAFPID-31001 | — |
Vendor Fix
|
|
| Unresolved product id: CSAFPID-31002 | — |
Vendor Fix
|
|
| Unresolved product id: CSAFPID-31004 | — |
Vendor Fix
|
|
| Unresolved product id: CSAFPID-31005 | — |
Vendor Fix
|
|
| Unresolved product id: CSAFPID-31007 | — |
Vendor Fix
|
A flaw was found in rsync. This vulnerability arises from a race condition during rsync's handling of symbolic links. Rsync's default behavior when encountering symbolic links is to skip them. If an attacker replaced a regular file with a symbolic link at the right time, it was possible to bypass the default behavior and traverse symbolic links. Depending on the privileges of the rsync process, an attacker could leak sensitive information, potentially leading to privilege escalation.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: CSAFPID-32001 | — | ||
| Unresolved product id: CSAFPID-32002 | — | ||
| Unresolved product id: CSAFPID-32004 | — | ||
| Unresolved product id: CSAFPID-32005 | — | ||
| Unresolved product id: CSAFPID-32007 | — |
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: CSAFPID-31001 | — |
Vendor Fix
|
|
| Unresolved product id: CSAFPID-31002 | — |
Vendor Fix
|
|
| Unresolved product id: CSAFPID-31004 | — |
Vendor Fix
|
|
| Unresolved product id: CSAFPID-31005 | — |
Vendor Fix
|
|
| Unresolved product id: CSAFPID-31007 | — |
Vendor Fix
|
A flaw was found in Unzip. The vulnerability occurs during the conversion of a wide string to a local string that leads to a heap of out-of-bound write. This flaw allows an attacker to input a specially crafted zip file, leading to a crash or code execution.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: CSAFPID-32001 | — | ||
| Unresolved product id: CSAFPID-32002 | — | ||
| Unresolved product id: CSAFPID-32004 | — | ||
| Unresolved product id: CSAFPID-32005 | — | ||
| Unresolved product id: CSAFPID-32007 | — |
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: CSAFPID-31001 | — |
Vendor Fix
|
|
| Unresolved product id: CSAFPID-31002 | — |
Vendor Fix
|
|
| Unresolved product id: CSAFPID-31004 | — |
Vendor Fix
|
|
| Unresolved product id: CSAFPID-31005 | — |
Vendor Fix
|
|
| Unresolved product id: CSAFPID-31007 | — |
Vendor Fix
|
A flaw was found in Unzip. The vulnerability occurs during the conversion of a wide string to a local string that leads to a heap of out-of-bound write. This flaw allows an attacker to input a specially crafted zip file, leading to a crash or code execution.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: CSAFPID-32001 | — | ||
| Unresolved product id: CSAFPID-32002 | — | ||
| Unresolved product id: CSAFPID-32004 | — | ||
| Unresolved product id: CSAFPID-32005 | — | ||
| Unresolved product id: CSAFPID-32007 | — |
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: CSAFPID-31001 | — |
Vendor Fix
|
|
| Unresolved product id: CSAFPID-31002 | — |
Vendor Fix
|
|
| Unresolved product id: CSAFPID-31004 | — |
Vendor Fix
|
|
| Unresolved product id: CSAFPID-31005 | — |
Vendor Fix
|
|
| Unresolved product id: CSAFPID-31007 | — |
Vendor Fix
|
A flaw was found in unzip. The vulnerability occurs due to improper handling of Unicode strings, which can lead to a null pointer dereference. This flaw allows an attacker to input a specially crafted zip file, leading to a crash or code execution.
CWE-476 - NULL Pointer Dereference| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: CSAFPID-32001 | — | ||
| Unresolved product id: CSAFPID-32002 | — | ||
| Unresolved product id: CSAFPID-32004 | — | ||
| Unresolved product id: CSAFPID-32005 | — | ||
| Unresolved product id: CSAFPID-32007 | — |
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: CSAFPID-31001 | — |
Vendor Fix
|
|
| Unresolved product id: CSAFPID-31002 | — |
Vendor Fix
|
|
| Unresolved product id: CSAFPID-31004 | — |
Vendor Fix
|
|
| Unresolved product id: CSAFPID-31005 | — |
Vendor Fix
|
|
| Unresolved product id: CSAFPID-31007 | — |
Vendor Fix
|
A heap-based buffer overflow exists in Info-Zip UnZip version <= 6.00 in the processing of password-protected archives that allows an attacker to perform a denial of service or to possibly achieve code execution.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: CSAFPID-32001 | — | ||
| Unresolved product id: CSAFPID-32002 | — | ||
| Unresolved product id: CSAFPID-32004 | — | ||
| Unresolved product id: CSAFPID-32005 | — | ||
| Unresolved product id: CSAFPID-32007 | — |
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: CSAFPID-31001 | — |
Vendor Fix
|
|
| Unresolved product id: CSAFPID-31002 | — |
Vendor Fix
|
|
| Unresolved product id: CSAFPID-31004 | — |
Vendor Fix
|
|
| Unresolved product id: CSAFPID-31005 | — |
Vendor Fix
|
|
| Unresolved product id: CSAFPID-31007 | — |
Vendor Fix
|
Info-ZIP UnZip 6.0 has a buffer overflow in list.c, when a ZIP archive has a crafted relationship between the compressed-size value and the uncompressed-size value, because a buffer size is 10 and is supposed to be 12.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: CSAFPID-32001 | — | ||
| Unresolved product id: CSAFPID-32002 | — | ||
| Unresolved product id: CSAFPID-32004 | — | ||
| Unresolved product id: CSAFPID-32005 | — | ||
| Unresolved product id: CSAFPID-32007 | — |
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: CSAFPID-31001 | — |
Vendor Fix
|
|
| Unresolved product id: CSAFPID-31002 | — |
Vendor Fix
|
|
| Unresolved product id: CSAFPID-31004 | — |
Vendor Fix
|
|
| Unresolved product id: CSAFPID-31005 | — |
Vendor Fix
|
|
| Unresolved product id: CSAFPID-31007 | — |
Vendor Fix
|
Buffer overflow in the zi_short function in zipinfo.c in Info-Zip UnZip 6.0 allows remote attackers to cause a denial of service (crash) via a large compression method value in the central directory file header.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: CSAFPID-32001 | — | ||
| Unresolved product id: CSAFPID-32002 | — | ||
| Unresolved product id: CSAFPID-32004 | — | ||
| Unresolved product id: CSAFPID-32005 | — | ||
| Unresolved product id: CSAFPID-32007 | — |
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: CSAFPID-31001 | — |
Vendor Fix
|
|
| Unresolved product id: CSAFPID-31002 | — |
Vendor Fix
|
|
| Unresolved product id: CSAFPID-31004 | — |
Vendor Fix
|
|
| Unresolved product id: CSAFPID-31005 | — |
Vendor Fix
|
|
| Unresolved product id: CSAFPID-31007 | — |
Vendor Fix
|
Info-ZIP UnZip 6.0 mishandles the overlapping of files inside a ZIP container, leading to denial of service (resource consumption), aka a "better zip bomb" issue.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: CSAFPID-32001 | — | ||
| Unresolved product id: CSAFPID-32002 | — | ||
| Unresolved product id: CSAFPID-32004 | — | ||
| Unresolved product id: CSAFPID-32005 | — | ||
| Unresolved product id: CSAFPID-32007 | — |
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: CSAFPID-31001 | — |
Vendor Fix
|
|
| Unresolved product id: CSAFPID-31002 | — |
Vendor Fix
|
|
| Unresolved product id: CSAFPID-31004 | — |
Vendor Fix
|
|
| Unresolved product id: CSAFPID-31005 | — |
Vendor Fix
|
|
| Unresolved product id: CSAFPID-31007 | — |
Vendor Fix
|
Info-ZIP UnZip 6.0 allows remote attackers to cause a denial of service (heap-based buffer over-read and application crash) or possibly execute arbitrary code via a crafted password-protected ZIP archive, possibly related to an Extra-Field size value.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: CSAFPID-32001 | — | ||
| Unresolved product id: CSAFPID-32002 | — | ||
| Unresolved product id: CSAFPID-32004 | — | ||
| Unresolved product id: CSAFPID-32005 | — | ||
| Unresolved product id: CSAFPID-32007 | — |
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: CSAFPID-31001 | — |
Vendor Fix
|
|
| Unresolved product id: CSAFPID-31002 | — |
Vendor Fix
|
|
| Unresolved product id: CSAFPID-31004 | — |
Vendor Fix
|
|
| Unresolved product id: CSAFPID-31005 | — |
Vendor Fix
|
|
| Unresolved product id: CSAFPID-31007 | — |
Vendor Fix
|
Info-ZIP UnZip 6.0 allows remote attackers to cause a denial of service (infinite loop) via empty bzip2 data in a ZIP archive.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: CSAFPID-32001 | — | ||
| Unresolved product id: CSAFPID-32002 | — | ||
| Unresolved product id: CSAFPID-32004 | — | ||
| Unresolved product id: CSAFPID-32005 | — | ||
| Unresolved product id: CSAFPID-32007 | — |
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: CSAFPID-31001 | — |
Vendor Fix
|
|
| Unresolved product id: CSAFPID-31002 | — |
Vendor Fix
|
|
| Unresolved product id: CSAFPID-31004 | — |
Vendor Fix
|
|
| Unresolved product id: CSAFPID-31005 | — |
Vendor Fix
|
|
| Unresolved product id: CSAFPID-31007 | — |
Vendor Fix
|
url.c in GNU Wget through 1.24.5 mishandles semicolons in the userinfo subcomponent of a URI, and thus there may be insecure behavior in which data that was supposed to be in the userinfo subcomponent is misinterpreted to be part of the host subcomponent.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: CSAFPID-32001 | — | ||
| Unresolved product id: CSAFPID-32002 | — | ||
| Unresolved product id: CSAFPID-32004 | — | ||
| Unresolved product id: CSAFPID-32005 | — | ||
| Unresolved product id: CSAFPID-32007 | — |
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: CSAFPID-31001 | — |
Vendor Fix
|
|
| Unresolved product id: CSAFPID-31002 | — |
Vendor Fix
|
|
| Unresolved product id: CSAFPID-31004 | — |
Vendor Fix
|
|
| Unresolved product id: CSAFPID-31005 | — |
Vendor Fix
|
|
| Unresolved product id: CSAFPID-31007 | — |
Vendor Fix
|
Applications that use Wget to access a remote resource using shorthand URLs and pass arbitrary user credentials in the URL are vulnerable. In these cases attackers can enter crafted credentials which will cause Wget to access an arbitrary host.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: CSAFPID-32001 | — | ||
| Unresolved product id: CSAFPID-32002 | — | ||
| Unresolved product id: CSAFPID-32004 | — | ||
| Unresolved product id: CSAFPID-32005 | — | ||
| Unresolved product id: CSAFPID-32007 | — |
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: CSAFPID-31001 | — |
Vendor Fix
|
|
| Unresolved product id: CSAFPID-31002 | — |
Vendor Fix
|
|
| Unresolved product id: CSAFPID-31004 | — |
Vendor Fix
|
|
| Unresolved product id: CSAFPID-31005 | — |
Vendor Fix
|
|
| Unresolved product id: CSAFPID-31007 | — |
Vendor Fix
|
{
"document": {
"acknowledgments": [
{
"organization": "CERT@VDE",
"summary": "coordination.",
"urls": [
"https://certvde.com"
]
}
],
"aggregate_severity": {
"namespace": "https://www.first.org/cvss/v3.1/specification-document#Qualitative-Severity-Rating-Scale",
"text": "Critical"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en-GB",
"notes": [
{
"category": "summary",
"text": "Multiple Linux component vulnerabilities fixed in latest PLCnext Firmware release 2025.0.2",
"title": "Summary"
},
{
"category": "description",
"text": "Availability, integrity, or confidentiality of the PLCnext Control might be compromised by attacks using these vulnerabilities.",
"title": "Impact"
},
{
"category": "description",
"text": "Update to the latest 2025.0.2 Firmware Release. PHOENIX CONTACT recommends to always use an up-to-date version of the PLCnext Engineer.",
"title": "Remediation"
},
{
"category": "general",
"text": "Phoenix Contact recommends operating network-capable devices in closed networks or protected with a suitable firewall. For detailed information on our recommendations for measures to protect network-capable devices, please refer to our [application note](https://dam-mdc.phoenixcontact.com/asset/156443151564/0a870ae433c19148b80bd760f3a1c1f2/107913_en_03.pdf).",
"title": "General Recommendation"
}
],
"publisher": {
"category": "vendor",
"contact_details": "psirt@phoenixcontact.com",
"name": "Phoenix Contact GmbH \u0026 Co. KG",
"namespace": "https://phoenixcontact.com/psirt"
},
"references": [
{
"category": "external",
"summary": "PCSA-2025/00008",
"url": "https://phoenixcontact.com/psirt"
},
{
"category": "external",
"summary": "Phoenix Contact advisory overview at CERT@VDE",
"url": "https://certvde.com/de/advisories/vendor/phoenixcontact/"
},
{
"category": "external",
"summary": "Phoenix Contact application note",
"url": "https://dam-mdc.phoenixcontact.com/asset/156443151564/0a870ae433c19148b80bd760f3a1c1f2/107913_en_03.pdf"
},
{
"category": "self",
"summary": "VDE-2025-053: Phoenix Contact: Multiple Vulnerabilities in PLCnext Firmware - HTML",
"url": "https://certvde.com/en/advisories/VDE-2025-053"
},
{
"category": "self",
"summary": "VDE-2025-053: Phoenix Contact: Multiple Vulnerabilities in PLCnext Firmware - CSAF",
"url": "https://phoenixcontact.csaf-tp.certvde.com/.well-known/csaf/white/2025/vde-2025-053.json"
}
],
"title": "Phoenix Contact: Multiple Vulnerabilities in PLCnext Firmware",
"tracking": {
"aliases": [
"VDE-2025-053",
"PCSA-2025/00008"
],
"current_release_date": "2025-07-08T10:00:00.000Z",
"generator": {
"date": "2025-06-26T10:14:28.625Z",
"engine": {
"name": "Secvisogram",
"version": "2.5.27"
}
},
"id": "VDE-2025-053",
"initial_release_date": "2025-07-08T10:00:00.000Z",
"revision_history": [
{
"date": "2025-07-08T10:00:00.000Z",
"number": "1",
"summary": "Initial"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "AXC F 1152",
"product": {
"name": "AXC F 1152",
"product_id": "CSAFPID-11001",
"product_identification_helper": {
"model_numbers": [
"1151412"
]
}
}
},
{
"category": "product_name",
"name": "AXC F 2152",
"product": {
"name": "AXC F 2152",
"product_id": "CSAFPID-11002",
"product_identification_helper": {
"model_numbers": [
"2404267"
]
}
}
},
{
"category": "product_name",
"name": "AXC F 3152",
"product": {
"name": "AXC F 3152",
"product_id": "CSAFPID-11003",
"product_identification_helper": {
"model_numbers": [
"1069208"
]
}
}
},
{
"category": "product_name",
"name": "RFC 4072S",
"product": {
"name": "RFC 4072S",
"product_id": "CSAFPID-11004",
"product_identification_helper": {
"model_numbers": [
"1051328"
]
}
}
},
{
"category": "product_name",
"name": "BPC 9102S",
"product": {
"name": "BPC 9102S",
"product_id": "CSAFPID-11011",
"product_identification_helper": {
"model_numbers": [
"1246285"
]
}
}
}
],
"category": "product_family",
"name": "Hardware"
},
{
"branches": [
{
"category": "product_version_range",
"name": "\u003c2025.0.2",
"product": {
"name": "Firmware \u003c 2025.0.2",
"product_id": "CSAFPID-21001"
}
},
{
"category": "product_version",
"name": "2025.0.2",
"product": {
"name": "Firmware 2025.0.2",
"product_id": "CSAFPID-22001"
}
}
],
"category": "product_family",
"name": "Firmware"
}
],
"category": "vendor",
"name": "Phoenix Contact GmbH \u0026 Co. KG"
}
],
"product_groups": [
{
"group_id": "CSAFGID-61001",
"product_ids": [
"CSAFPID-31001",
"CSAFPID-31002",
"CSAFPID-31004",
"CSAFPID-31005",
"CSAFPID-31007"
],
"summary": "Affected Products."
},
{
"group_id": "CSAFGID-62001",
"product_ids": [
"CSAFPID-32001",
"CSAFPID-32002",
"CSAFPID-32004",
"CSAFPID-32005",
"CSAFPID-32007"
],
"summary": "Fixed Product."
}
],
"relationships": [
{
"category": "installed_on",
"full_product_name": {
"name": "Firmware \u003c 2025.0.2 installed on AXC F 1152",
"product_id": "CSAFPID-31001",
"product_identification_helper": {
"model_numbers": [
"1151412"
]
}
},
"product_reference": "CSAFPID-21001",
"relates_to_product_reference": "CSAFPID-11001"
},
{
"category": "installed_on",
"full_product_name": {
"name": "Firmware 2025.0.2 installed on AXC F 1152",
"product_id": "CSAFPID-32001",
"product_identification_helper": {
"model_numbers": [
"1151412"
]
}
},
"product_reference": "CSAFPID-22001",
"relates_to_product_reference": "CSAFPID-11001"
},
{
"category": "installed_on",
"full_product_name": {
"name": "Firmware \u003c 2025.0.2 installed on AXC F 2152",
"product_id": "CSAFPID-31002",
"product_identification_helper": {
"model_numbers": [
"2404267"
]
}
},
"product_reference": "CSAFPID-21001",
"relates_to_product_reference": "CSAFPID-11002"
},
{
"category": "installed_on",
"full_product_name": {
"name": "Firmware 2025.0.2 installed on AXC F 2152",
"product_id": "CSAFPID-32002",
"product_identification_helper": {
"model_numbers": [
"2404267"
]
}
},
"product_reference": "CSAFPID-22001",
"relates_to_product_reference": "CSAFPID-11002"
},
{
"category": "installed_on",
"full_product_name": {
"name": "Firmware \u003c 2025.0.2 installed on AXC F 3152",
"product_id": "CSAFPID-31004",
"product_identification_helper": {
"model_numbers": [
"1069208"
]
}
},
"product_reference": "CSAFPID-21001",
"relates_to_product_reference": "CSAFPID-11003"
},
{
"category": "installed_on",
"full_product_name": {
"name": "Firmware 2025.0.2 installed on AXC F 3152",
"product_id": "CSAFPID-32004",
"product_identification_helper": {
"model_numbers": [
"1069208"
]
}
},
"product_reference": "CSAFPID-22001",
"relates_to_product_reference": "CSAFPID-11003"
},
{
"category": "installed_on",
"full_product_name": {
"name": "Firmware \u003c 2025.0.2 installed on RFC 4072S",
"product_id": "CSAFPID-31005",
"product_identification_helper": {
"model_numbers": [
"1051328"
]
}
},
"product_reference": "CSAFPID-21001",
"relates_to_product_reference": "CSAFPID-11004"
},
{
"category": "installed_on",
"full_product_name": {
"name": "Firmware 2025.0.2 installed on RFC 4072S",
"product_id": "CSAFPID-32005",
"product_identification_helper": {
"model_numbers": [
"1051328"
]
}
},
"product_reference": "CSAFPID-22001",
"relates_to_product_reference": "CSAFPID-11004"
},
{
"category": "installed_on",
"full_product_name": {
"name": "Firmware \u003c 2025.0.2 installed on BPC 9102S",
"product_id": "CSAFPID-31007",
"product_identification_helper": {
"model_numbers": [
"1246285"
]
}
},
"product_reference": "CSAFPID-21001",
"relates_to_product_reference": "CSAFPID-11011"
},
{
"category": "installed_on",
"full_product_name": {
"name": "Firmware 2025.0.2 installed on BPC 9102S",
"product_id": "CSAFPID-32007",
"product_identification_helper": {
"model_numbers": [
"1246285"
]
}
},
"product_reference": "CSAFPID-22001",
"relates_to_product_reference": "CSAFPID-11011"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2024-12705",
"cwe": {
"id": "CWE-770",
"name": "Allocation of Resources Without Limits or Throttling"
},
"notes": [
{
"category": "details",
"text": "[https://nvd.nist.gov/vuln/detail/CVE-2024-12705](https://nvd.nist.gov/vuln/detail/CVE-2024-12705)",
"title": "Details"
},
{
"category": "description",
"text": "Clients using DNS-over-HTTPS (DoH) can exhaust a DNS resolver\u0027s CPU and/or memory by flooding it with crafted valid or invalid HTTP/2 traffic.\nThis issue affects BIND 9 versions 9.18.0 through 9.18.32, 9.20.0 through 9.20.4, 9.21.0 through 9.21.3, and 9.18.11-S1 through 9.18.32-S1.",
"title": "Vulnerability Description"
}
],
"product_status": {
"fixed": [
"CSAFPID-32001",
"CSAFPID-32002",
"CSAFPID-32004",
"CSAFPID-32005",
"CSAFPID-32007"
],
"known_affected": [
"CSAFPID-31001",
"CSAFPID-31002",
"CSAFPID-31004",
"CSAFPID-31005",
"CSAFPID-31007"
]
},
"remediations": [
{
"category": "vendor_fix",
"details": "Update to the latest 2025.0.2 Firmware Release. PHOENIX CONTACT recommends to always use an up-to-date version of the PLCnext Engineer.",
"product_ids": [
"CSAFPID-31001",
"CSAFPID-31002",
"CSAFPID-31004",
"CSAFPID-31005",
"CSAFPID-31007"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"environmentalScore": 7.5,
"environmentalSeverity": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"temporalScore": 7.5,
"temporalSeverity": "HIGH",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-31001",
"CSAFPID-31002",
"CSAFPID-31004",
"CSAFPID-31005",
"CSAFPID-31007"
]
}
],
"title": "CVE-2024-12705"
},
{
"cve": "CVE-2025-24965",
"cwe": {
"id": "CWE-22",
"name": "Improper Limitation of a Pathname to a Restricted Directory (\u0027Path Traversal\u0027)"
},
"notes": [
{
"category": "details",
"text": "[https://nvd.nist.gov/vuln/detail/CVE-2025-24965](https://nvd.nist.gov/vuln/detail/CVE-2025-24965)",
"title": "Details"
},
{
"category": "description",
"text": "crun is an open source OCI Container Runtime fully written in C. In affected versions A malicious container image could trick the krun handler into escaping the root filesystem, allowing file creation or modification on the host. No special permissions are needed, only the ability for the current user to write to the target file. The problem is fixed in crun 1.20 and all users are advised to upgrade. There are no known workarounds for this vulnerability.",
"title": "Vulnerability Description"
}
],
"product_status": {
"fixed": [
"CSAFPID-32001",
"CSAFPID-32002",
"CSAFPID-32004",
"CSAFPID-32005",
"CSAFPID-32007"
],
"known_affected": [
"CSAFPID-31001",
"CSAFPID-31002",
"CSAFPID-31004",
"CSAFPID-31005",
"CSAFPID-31007"
]
},
"remediations": [
{
"category": "vendor_fix",
"details": "Update to the latest 2025.0.2 Firmware Release. PHOENIX CONTACT recommends to always use an up-to-date version of the PLCnext Engineer.",
"product_ids": [
"CSAFPID-31001",
"CSAFPID-31002",
"CSAFPID-31004",
"CSAFPID-31005",
"CSAFPID-31007"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 8.7,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"environmentalScore": 8.7,
"environmentalSeverity": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"temporalScore": 8.7,
"temporalSeverity": "HIGH",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:H/I:H/A:N",
"version": "3.1"
},
"products": [
"CSAFPID-31001",
"CSAFPID-31002",
"CSAFPID-31004",
"CSAFPID-31005",
"CSAFPID-31007"
]
}
],
"title": "CVE-2025-24965"
},
{
"cve": "CVE-2025-0665",
"cwe": {
"id": "CWE-1341",
"name": "Multiple Releases of Same Resource or Handle"
},
"notes": [
{
"category": "details",
"text": "[https://nvd.nist.gov/vuln/detail/CVE-2025-0665](https://nvd.nist.gov/vuln/detail/CVE-2025-0665)",
"title": "Details"
},
{
"category": "description",
"text": "libcurl would wrongly close the same eventfd file descriptor twice when taking\ndown a connection channel after having completed a threaded name resolve.",
"title": "Vulnerability Description"
}
],
"product_status": {
"fixed": [
"CSAFPID-32001",
"CSAFPID-32002",
"CSAFPID-32004",
"CSAFPID-32005",
"CSAFPID-32007"
],
"known_affected": [
"CSAFPID-31001",
"CSAFPID-31002",
"CSAFPID-31004",
"CSAFPID-31005",
"CSAFPID-31007"
]
},
"remediations": [
{
"category": "vendor_fix",
"details": "Update to the latest 2025.0.2 Firmware Release. PHOENIX CONTACT recommends to always use an up-to-date version of the PLCnext Engineer.",
"product_ids": [
"CSAFPID-31001",
"CSAFPID-31002",
"CSAFPID-31004",
"CSAFPID-31005",
"CSAFPID-31007"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"environmentalScore": 9.8,
"environmentalSeverity": "CRITICAL",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"temporalScore": 9.8,
"temporalSeverity": "CRITICAL",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-31001",
"CSAFPID-31002",
"CSAFPID-31004",
"CSAFPID-31005",
"CSAFPID-31007"
]
}
],
"title": "CVE-2025-0665"
},
{
"cve": "CVE-2025-0167",
"cwe": {
"id": "CWE-200",
"name": "Exposure of Sensitive Information to an Unauthorized Actor"
},
"notes": [
{
"category": "details",
"text": "[https://nvd.nist.gov/vuln/detail/CVE-2025-0167](https://nvd.nist.gov/vuln/detail/CVE-2025-0167)",
"title": "Details"
},
{
"category": "description",
"text": "When asked to use a `.netrc` file for credentials **and** to follow HTTP\nredirects, curl could leak the password used for the first host to the\nfollowed-to host under certain circumstances.\n\nThis flaw only manifests itself if the netrc file has a `default` entry that\nomits both login and password. A rare circumstance.",
"title": "Vulnerability Description"
}
],
"product_status": {
"fixed": [
"CSAFPID-32001",
"CSAFPID-32002",
"CSAFPID-32004",
"CSAFPID-32005",
"CSAFPID-32007"
],
"known_affected": [
"CSAFPID-31001",
"CSAFPID-31002",
"CSAFPID-31004",
"CSAFPID-31005",
"CSAFPID-31007"
]
},
"remediations": [
{
"category": "vendor_fix",
"details": "Update to the latest 2025.0.2 Firmware Release. PHOENIX CONTACT recommends to always use an up-to-date version of the PLCnext Engineer.",
"product_ids": [
"CSAFPID-31001",
"CSAFPID-31002",
"CSAFPID-31004",
"CSAFPID-31005",
"CSAFPID-31007"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 3.4,
"baseSeverity": "LOW",
"confidentialityImpact": "LOW",
"environmentalScore": 3.4,
"environmentalSeverity": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"temporalScore": 3.4,
"temporalSeverity": "LOW",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N",
"version": "3.1"
},
"products": [
"CSAFPID-31001",
"CSAFPID-31002",
"CSAFPID-31004",
"CSAFPID-31005",
"CSAFPID-31007"
]
}
],
"title": "CVE-2025-0167"
},
{
"cve": "CVE-2024-11053",
"cwe": {
"id": "CWE-200",
"name": "Exposure of Sensitive Information to an Unauthorized Actor"
},
"notes": [
{
"category": "details",
"text": "[https://nvd.nist.gov/vuln/detail/CVE-2024-11053](https://nvd.nist.gov/vuln/detail/CVE-2024-11053)",
"title": "Details"
},
{
"category": "description",
"text": "When asked to both use a `.netrc` file for credentials and to follow HTTP\nredirects, curl could leak the password used for the first host to the\nfollowed-to host under certain circumstances.\n\nThis flaw only manifests itself if the netrc file has an entry that matches\nthe redirect target hostname but the entry either omits just the password or\nomits both login and password.",
"title": "Vulnerability Description"
}
],
"product_status": {
"fixed": [
"CSAFPID-32001",
"CSAFPID-32002",
"CSAFPID-32004",
"CSAFPID-32005",
"CSAFPID-32007"
],
"known_affected": [
"CSAFPID-31001",
"CSAFPID-31002",
"CSAFPID-31004",
"CSAFPID-31005",
"CSAFPID-31007"
]
},
"remediations": [
{
"category": "vendor_fix",
"details": "Update to the latest 2025.0.2 Firmware Release. PHOENIX CONTACT recommends to always use an up-to-date version of the PLCnext Engineer.",
"product_ids": [
"CSAFPID-31001",
"CSAFPID-31002",
"CSAFPID-31004",
"CSAFPID-31005",
"CSAFPID-31007"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 3.4,
"baseSeverity": "LOW",
"confidentialityImpact": "LOW",
"environmentalScore": 3.4,
"environmentalSeverity": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"temporalScore": 3.4,
"temporalSeverity": "LOW",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N",
"version": "3.1"
},
"products": [
"CSAFPID-31001",
"CSAFPID-31002",
"CSAFPID-31004",
"CSAFPID-31005",
"CSAFPID-31007"
]
}
],
"title": "CVE-2024-11053"
},
{
"cve": "CVE-2024-9681",
"cwe": {
"id": "CWE-697",
"name": "Incorrect Comparison"
},
"notes": [
{
"category": "details",
"text": "[https://nvd.nist.gov/vuln/detail/CVE-2024-9681](https://nvd.nist.gov/vuln/detail/CVE-2024-9681)",
"title": "Details"
},
{
"category": "description",
"text": "When curl is asked to use HSTS, the expiry time for a subdomain might\noverwrite a parent domain\u0027s cache entry, making it end sooner or later than\notherwise intended.\n\nThis affects curl using applications that enable HSTS and use URLs with the\ninsecure `HTTP://` scheme and perform transfers with hosts like\n`x.example.com` as well as `example.com` where the first host is a subdomain\nof the second host.\n\n(The HSTS cache either needs to have been populated manually or there needs to\nhave been previous HTTPS accesses done as the cache needs to have entries for\nthe domains involved to trigger this problem.)\n\nWhen `x.example.com` responds with `Strict-Transport-Security:` headers, this\nbug can make the subdomain\u0027s expiry timeout *bleed over* and get set for the\nparent domain `example.com` in curl\u0027s HSTS cache.\n\nThe result of a triggered bug is that HTTP accesses to `example.com` get\nconverted to HTTPS for a different period of time than what was asked for by\nthe origin server. If `example.com` for example stops supporting HTTPS at its\nexpiry time, curl might then fail to access `http://example.com` until the\n(wrongly set) timeout expires. This bug can also expire the parent\u0027s entry\n*earlier*, thus making curl inadvertently switch back to insecure HTTP earlier\nthan otherwise intended.",
"title": "Vulnerability Description"
}
],
"product_status": {
"fixed": [
"CSAFPID-32001",
"CSAFPID-32002",
"CSAFPID-32004",
"CSAFPID-32005",
"CSAFPID-32007"
],
"known_affected": [
"CSAFPID-31001",
"CSAFPID-31002",
"CSAFPID-31004",
"CSAFPID-31005",
"CSAFPID-31007"
]
},
"remediations": [
{
"category": "vendor_fix",
"details": "Update to the latest 2025.0.2 Firmware Release. PHOENIX CONTACT recommends to always use an up-to-date version of the PLCnext Engineer.",
"product_ids": [
"CSAFPID-31001",
"CSAFPID-31002",
"CSAFPID-31004",
"CSAFPID-31005",
"CSAFPID-31007"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"environmentalScore": 6.5,
"environmentalSeverity": "MEDIUM",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"temporalScore": 6.5,
"temporalSeverity": "MEDIUM",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:L",
"version": "3.1"
},
"products": [
"CSAFPID-31001",
"CSAFPID-31002",
"CSAFPID-31004",
"CSAFPID-31005",
"CSAFPID-31007"
]
}
],
"title": "CVE-2024-9681"
},
{
"cve": "CVE-2024-0684",
"cwe": {
"id": "CWE-122",
"name": "Heap-based Buffer Overflow"
},
"notes": [
{
"category": "summary",
"text": "Coreutils: heap overflow in split --line-bytes with very long lines"
},
{
"category": "details",
"text": "[https://nvd.nist.gov/vuln/detail/CVE-2024-0684](https://nvd.nist.gov/vuln/detail/CVE-2024-0684)",
"title": "Details"
},
{
"category": "description",
"text": "A flaw was found in the GNU coreutils \"split\" program. A heap overflow with user-controlled data of multiple hundred bytes in length could occur in the line_bytes_split() function, potentially leading to an application crash and denial of service.",
"title": "Vulnerability Description"
}
],
"product_status": {
"fixed": [
"CSAFPID-32001",
"CSAFPID-32002",
"CSAFPID-32004",
"CSAFPID-32005",
"CSAFPID-32007"
],
"known_affected": [
"CSAFPID-31001",
"CSAFPID-31002",
"CSAFPID-31004",
"CSAFPID-31005",
"CSAFPID-31007"
]
},
"remediations": [
{
"category": "vendor_fix",
"details": "Update to the latest 2025.0.2 Firmware Release. PHOENIX CONTACT recommends to always use an up-to-date version of the PLCnext Engineer.",
"product_ids": [
"CSAFPID-31001",
"CSAFPID-31002",
"CSAFPID-31004",
"CSAFPID-31005",
"CSAFPID-31007"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"environmentalScore": 5.5,
"environmentalSeverity": "MEDIUM",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"temporalScore": 5.5,
"temporalSeverity": "MEDIUM",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-31001",
"CSAFPID-31002",
"CSAFPID-31004",
"CSAFPID-31005",
"CSAFPID-31007"
]
}
],
"title": "CVE-2024-0684"
},
{
"cve": "CVE-2024-52533",
"cwe": {
"id": "CWE-120",
"name": "Buffer Copy without Checking Size of Input (\u0027Classic Buffer Overflow\u0027)"
},
"notes": [
{
"category": "details",
"text": "[https://nvd.nist.gov/vuln/detail/CVE-2024-52533](https://nvd.nist.gov/vuln/detail/CVE-2024-52533)",
"title": "Details"
},
{
"category": "description",
"text": "gio/gsocks4aproxy.c in GNOME GLib before 2.82.1 has an off-by-one error and resultant buffer overflow because SOCKS4_CONN_MSG_LEN is not sufficient for a trailing \u0027\\0\u0027 character.",
"title": "Vulnerability Description"
}
],
"product_status": {
"fixed": [
"CSAFPID-32001",
"CSAFPID-32002",
"CSAFPID-32004",
"CSAFPID-32005",
"CSAFPID-32007"
],
"known_affected": [
"CSAFPID-31001",
"CSAFPID-31002",
"CSAFPID-31004",
"CSAFPID-31005",
"CSAFPID-31007"
]
},
"remediations": [
{
"category": "vendor_fix",
"details": "Update to the latest 2025.0.2 Firmware Release. PHOENIX CONTACT recommends to always use an up-to-date version of the PLCnext Engineer.",
"product_ids": [
"CSAFPID-31001",
"CSAFPID-31002",
"CSAFPID-31004",
"CSAFPID-31005",
"CSAFPID-31007"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"environmentalScore": 9.8,
"environmentalSeverity": "CRITICAL",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"temporalScore": 9.8,
"temporalSeverity": "CRITICAL",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-31001",
"CSAFPID-31002",
"CSAFPID-31004",
"CSAFPID-31005",
"CSAFPID-31007"
]
}
],
"title": "CVE-2024-52533"
},
{
"cve": "CVE-2020-16120",
"cwe": {
"id": "CWE-266",
"name": "Incorrect Privilege Assignment"
},
"notes": [
{
"category": "summary",
"text": "Unprivileged overlay + shiftfs read access"
},
{
"category": "details",
"text": "[https://nvd.nist.gov/vuln/detail/CVE-2020-16120](https://nvd.nist.gov/vuln/detail/CVE-2020-16120)",
"title": "Details"
},
{
"category": "description",
"text": "Overlayfs did not properly perform permission checking when copying up files in an overlayfs and could be exploited from within a user namespace, if, for example, unprivileged user namespaces were allowed. It was possible to have a file not readable by an unprivileged user to be copied to a mountpoint controlled by the user, like a removable device. This was introduced in kernel version 4.19 by commit d1d04ef (\"ovl: stack file ops\"). This was fixed in kernel version 5.8 by commits 56230d9 (\"ovl: verify permissions in ovl_path_open()\"), 48bd024 (\"ovl: switch to mounter creds in readdir\") and 05acefb (\"ovl: check permission to open real file\"). Additionally, commits 130fdbc (\"ovl: pass correct flags for opening real directory\") and 292f902 (\"ovl: call secutiry hook in ovl_real_ioctl()\") in kernel 5.8 might also be desired or necessary. These additional commits introduced a regression in overlay mounts within user namespaces which prevented access to files with ownership outside of the user namespace. This regression was mitigated by subsequent commit b6650da (\"ovl: do not fail because of O_NOATIMEi\") in kernel 5.11.",
"title": "Vulnerability Description"
}
],
"product_status": {
"fixed": [
"CSAFPID-32001",
"CSAFPID-32002",
"CSAFPID-32004",
"CSAFPID-32005",
"CSAFPID-32007"
],
"known_affected": [
"CSAFPID-31001",
"CSAFPID-31002",
"CSAFPID-31004",
"CSAFPID-31005",
"CSAFPID-31007"
]
},
"remediations": [
{
"category": "vendor_fix",
"details": "Update to the latest 2025.0.2 Firmware Release. PHOENIX CONTACT recommends to always use an up-to-date version of the PLCnext Engineer.",
"product_ids": [
"CSAFPID-31001",
"CSAFPID-31002",
"CSAFPID-31004",
"CSAFPID-31005",
"CSAFPID-31007"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 5.1,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"environmentalScore": 5.1,
"environmentalSeverity": "MEDIUM",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"temporalScore": 5.1,
"temporalSeverity": "MEDIUM",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"CSAFPID-31001",
"CSAFPID-31002",
"CSAFPID-31004",
"CSAFPID-31005",
"CSAFPID-31007"
]
}
],
"title": "CVE-2020-16120"
},
{
"cve": "CVE-2023-7256",
"cwe": {
"id": "CWE-415",
"name": "Double Free"
},
"notes": [
{
"category": "details",
"text": "[https://nvd.nist.gov/vuln/detail/CVE-2023-7256](https://nvd.nist.gov/vuln/detail/CVE-2023-7256)",
"title": "Details"
},
{
"category": "description",
"text": "In affected libpcap versions during the setup of a remote packet capture the internal function sock_initaddress() calls getaddrinfo() and possibly freeaddrinfo(), but does not clearly indicate to the caller function whether freeaddrinfo() still remains to be called after the function returns. This makes it possible in some scenarios that both the function and its caller call freeaddrinfo() for the same allocated memory block. A similar problem was reported in Apple libpcap, to which Apple assigned CVE-2023-40400.",
"title": "Vulnerability Description"
}
],
"product_status": {
"fixed": [
"CSAFPID-32001",
"CSAFPID-32002",
"CSAFPID-32004",
"CSAFPID-32005",
"CSAFPID-32007"
],
"known_affected": [
"CSAFPID-31001",
"CSAFPID-31002",
"CSAFPID-31004",
"CSAFPID-31005",
"CSAFPID-31007"
]
},
"remediations": [
{
"category": "vendor_fix",
"details": "Update to the latest 2025.0.2 Firmware Release. PHOENIX CONTACT recommends to always use an up-to-date version of the PLCnext Engineer.",
"product_ids": [
"CSAFPID-31001",
"CSAFPID-31002",
"CSAFPID-31004",
"CSAFPID-31005",
"CSAFPID-31007"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 4.4,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"environmentalScore": 4.4,
"environmentalSeverity": "MEDIUM",
"integrityImpact": "NONE",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"temporalScore": 4.4,
"temporalSeverity": "MEDIUM",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-31001",
"CSAFPID-31002",
"CSAFPID-31004",
"CSAFPID-31005",
"CSAFPID-31007"
]
}
],
"title": "CVE-2023-7256"
},
{
"cve": "CVE-2024-8006",
"cwe": {
"id": "CWE-476",
"name": "NULL Pointer Dereference"
},
"notes": [
{
"category": "details",
"text": "[https://nvd.nist.gov/vuln/detail/CVE-2024-8006](https://nvd.nist.gov/vuln/detail/CVE-2024-8006)",
"title": "Details"
},
{
"category": "description",
"text": "Remote packet capture support is disabled by default in libpcap. When a user builds libpcap with remote packet capture support enabled, one of the functions that become available is pcap_findalldevs_ex(). One of the function arguments can be a filesystem path, which normally means a directory with input data files. When the specified path cannot be used as a directory, the function receives NULL from opendir(), but does not check the return value and passes the NULL value to readdir(), which causes a NULL pointer derefence.",
"title": "Vulnerability Description"
}
],
"product_status": {
"fixed": [
"CSAFPID-32001",
"CSAFPID-32002",
"CSAFPID-32004",
"CSAFPID-32005",
"CSAFPID-32007"
],
"known_affected": [
"CSAFPID-31001",
"CSAFPID-31002",
"CSAFPID-31004",
"CSAFPID-31005",
"CSAFPID-31007"
]
},
"remediations": [
{
"category": "vendor_fix",
"details": "Update to the latest 2025.0.2 Firmware Release. PHOENIX CONTACT recommends to always use an up-to-date version of the PLCnext Engineer.",
"product_ids": [
"CSAFPID-31001",
"CSAFPID-31002",
"CSAFPID-31004",
"CSAFPID-31005",
"CSAFPID-31007"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 4.4,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"environmentalScore": 4.4,
"environmentalSeverity": "MEDIUM",
"integrityImpact": "NONE",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"temporalScore": 4.4,
"temporalSeverity": "MEDIUM",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-31001",
"CSAFPID-31002",
"CSAFPID-31004",
"CSAFPID-31005",
"CSAFPID-31007"
]
}
],
"title": "CVE-2024-8006"
},
{
"cve": "CVE-2024-8176",
"cwe": {
"id": "CWE-674",
"name": "Uncontrolled Recursion"
},
"notes": [
{
"category": "details",
"text": "[https://nvd.nist.gov/vuln/detail/CVE-2024-8176](https://nvd.nist.gov/vuln/detail/CVE-2024-8176)",
"title": "Details"
},
{
"category": "description",
"text": "A stack overflow vulnerability exists in the libexpat library due to the way it handles recursive entity expansion in XML documents. When parsing an XML document with deeply nested entity references, libexpat can be forced to recurse indefinitely, exhausting the stack space and causing a crash. This issue could lead to denial of service (DoS) or, in some cases, exploitable memory corruption, depending on the environment and library usage.",
"title": "Vulnerability Description"
}
],
"product_status": {
"fixed": [
"CSAFPID-32001",
"CSAFPID-32002",
"CSAFPID-32004",
"CSAFPID-32005",
"CSAFPID-32007"
],
"known_affected": [
"CSAFPID-31001",
"CSAFPID-31002",
"CSAFPID-31004",
"CSAFPID-31005",
"CSAFPID-31007"
]
},
"remediations": [
{
"category": "vendor_fix",
"details": "Update to the latest 2025.0.2 Firmware Release. PHOENIX CONTACT recommends to always use an up-to-date version of the PLCnext Engineer.",
"product_ids": [
"CSAFPID-31001",
"CSAFPID-31002",
"CSAFPID-31004",
"CSAFPID-31005",
"CSAFPID-31007"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"environmentalScore": 7.5,
"environmentalSeverity": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"temporalScore": 7.5,
"temporalSeverity": "HIGH",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-31001",
"CSAFPID-31002",
"CSAFPID-31004",
"CSAFPID-31005",
"CSAFPID-31007"
]
}
],
"title": "CVE-2024-8176"
},
{
"cve": "CVE-2024-50602",
"cwe": {
"id": "CWE-754",
"name": "Improper Check for Unusual or Exceptional Conditions"
},
"notes": [
{
"category": "details",
"text": "[https://nvd.nist.gov/vuln/detail/CVE-2024-50602](https://nvd.nist.gov/vuln/detail/CVE-2024-50602)",
"title": "Details"
},
{
"category": "description",
"text": "An issue was discovered in libexpat before 2.6.4. There is a crash within the XML_ResumeParser function because XML_StopParser can stop/suspend an unstarted parser.",
"title": "Vulnerability Description"
}
],
"product_status": {
"fixed": [
"CSAFPID-32001",
"CSAFPID-32002",
"CSAFPID-32004",
"CSAFPID-32005",
"CSAFPID-32007"
],
"known_affected": [
"CSAFPID-31001",
"CSAFPID-31002",
"CSAFPID-31004",
"CSAFPID-31005",
"CSAFPID-31007"
]
},
"remediations": [
{
"category": "vendor_fix",
"details": "Update to the latest 2025.0.2 Firmware Release. PHOENIX CONTACT recommends to always use an up-to-date version of the PLCnext Engineer.",
"product_ids": [
"CSAFPID-31001",
"CSAFPID-31002",
"CSAFPID-31004",
"CSAFPID-31005",
"CSAFPID-31007"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"environmentalScore": 5.9,
"environmentalSeverity": "MEDIUM",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"temporalScore": 5.9,
"temporalSeverity": "MEDIUM",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-31001",
"CSAFPID-31002",
"CSAFPID-31004",
"CSAFPID-31005",
"CSAFPID-31007"
]
}
],
"title": "CVE-2024-50602"
},
{
"cve": "CVE-2024-10918",
"cwe": {
"id": "CWE-787",
"name": "Out-of-bounds Write"
},
"notes": [
{
"category": "details",
"text": "[https://nvd.nist.gov/vuln/detail/CVE-2024-10918](https://nvd.nist.gov/vuln/detail/CVE-2024-10918)",
"title": "Details"
},
{
"category": "description",
"text": "Stack-based Buffer Overflow vulnerability in libmodbus v3.1.10 allows to overflow the buffer allocated for the Modbus response if the function tries to reply to a Modbus request with an\nunexpected length.",
"title": "Vulnerability Description"
}
],
"product_status": {
"fixed": [
"CSAFPID-32001",
"CSAFPID-32002",
"CSAFPID-32004",
"CSAFPID-32005",
"CSAFPID-32007"
],
"known_affected": [
"CSAFPID-31001",
"CSAFPID-31002",
"CSAFPID-31004",
"CSAFPID-31005",
"CSAFPID-31007"
]
},
"remediations": [
{
"category": "vendor_fix",
"details": "Update to the latest 2025.0.2 Firmware Release. PHOENIX CONTACT recommends to always use an up-to-date version of the PLCnext Engineer.",
"product_ids": [
"CSAFPID-31001",
"CSAFPID-31002",
"CSAFPID-31004",
"CSAFPID-31005",
"CSAFPID-31007"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"environmentalScore": 9.8,
"environmentalSeverity": "CRITICAL",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"temporalScore": 9.8,
"temporalSeverity": "CRITICAL",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-31001",
"CSAFPID-31002",
"CSAFPID-31004",
"CSAFPID-31005",
"CSAFPID-31007"
]
}
],
"title": "CVE-2024-10918"
},
{
"cve": "CVE-2024-12133",
"cwe": {
"id": "CWE-407",
"name": "Inefficient Algorithmic Complexity"
},
"notes": [
{
"category": "details",
"text": "[https://nvd.nist.gov/vuln/detail/CVE-2024-12133](https://nvd.nist.gov/vuln/detail/CVE-2024-12133)",
"title": "Details"
},
{
"category": "description",
"text": "A flaw in libtasn1 causes inefficient handling of specific certificate data. When processing a large number of elements in a certificate, libtasn1 takes much longer than expected, which can slow down or even crash the system. This flaw allows an attacker to send a specially crafted certificate, causing a denial of service attack.",
"title": "Vulnerability Description"
}
],
"product_status": {
"fixed": [
"CSAFPID-32001",
"CSAFPID-32002",
"CSAFPID-32004",
"CSAFPID-32005",
"CSAFPID-32007"
],
"known_affected": [
"CSAFPID-31001",
"CSAFPID-31002",
"CSAFPID-31004",
"CSAFPID-31005",
"CSAFPID-31007"
]
},
"remediations": [
{
"category": "vendor_fix",
"details": "Update to the latest 2025.0.2 Firmware Release. PHOENIX CONTACT recommends to always use an up-to-date version of the PLCnext Engineer.",
"product_ids": [
"CSAFPID-31001",
"CSAFPID-31002",
"CSAFPID-31004",
"CSAFPID-31005",
"CSAFPID-31007"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"environmentalScore": 5.3,
"environmentalSeverity": "MEDIUM",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"temporalScore": 5.3,
"temporalSeverity": "MEDIUM",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"CSAFPID-31001",
"CSAFPID-31002",
"CSAFPID-31004",
"CSAFPID-31005",
"CSAFPID-31007"
]
}
],
"title": "CVE-2024-12133"
},
{
"cve": "CVE-2025-27113",
"cwe": {
"id": "CWE-476",
"name": "NULL Pointer Dereference"
},
"notes": [
{
"category": "details",
"text": "[https://nvd.nist.gov/vuln/detail/CVE-2025-27113](https://nvd.nist.gov/vuln/detail/CVE-2025-27113)",
"title": "Details"
},
{
"category": "description",
"text": "libxml2 before 2.12.10 and 2.13.x before 2.13.6 has a NULL pointer dereference in xmlPatMatch in pattern.c.",
"title": "Vulnerability Description"
}
],
"product_status": {
"fixed": [
"CSAFPID-32001",
"CSAFPID-32002",
"CSAFPID-32004",
"CSAFPID-32005",
"CSAFPID-32007"
],
"known_affected": [
"CSAFPID-31001",
"CSAFPID-31002",
"CSAFPID-31004",
"CSAFPID-31005",
"CSAFPID-31007"
]
},
"remediations": [
{
"category": "vendor_fix",
"details": "Update to the latest 2025.0.2 Firmware Release. PHOENIX CONTACT recommends to always use an up-to-date version of the PLCnext Engineer.",
"product_ids": [
"CSAFPID-31001",
"CSAFPID-31002",
"CSAFPID-31004",
"CSAFPID-31005",
"CSAFPID-31007"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"environmentalScore": 7.5,
"environmentalSeverity": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"temporalScore": 7.5,
"temporalSeverity": "HIGH",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-31001",
"CSAFPID-31002",
"CSAFPID-31004",
"CSAFPID-31005",
"CSAFPID-31007"
]
}
],
"title": "CVE-2025-27113"
},
{
"cve": "CVE-2024-25062",
"cwe": {
"id": "CWE-416",
"name": "Use After Free"
},
"notes": [
{
"category": "details",
"text": "[https://nvd.nist.gov/vuln/detail/CVE-2024-25062](https://nvd.nist.gov/vuln/detail/CVE-2024-25062)",
"title": "Details"
},
{
"category": "description",
"text": "An issue was discovered in libxml2 before 2.11.7 and 2.12.x before 2.12.5. When using the XML Reader interface with DTD validation and XInclude expansion enabled, processing crafted XML documents can lead to an xmlValidatePopElement use-after-free.",
"title": "Vulnerability Description"
}
],
"product_status": {
"fixed": [
"CSAFPID-32001",
"CSAFPID-32002",
"CSAFPID-32004",
"CSAFPID-32005",
"CSAFPID-32007"
],
"known_affected": [
"CSAFPID-31001",
"CSAFPID-31002",
"CSAFPID-31004",
"CSAFPID-31005",
"CSAFPID-31007"
]
},
"remediations": [
{
"category": "vendor_fix",
"details": "Update to the latest 2025.0.2 Firmware Release. PHOENIX CONTACT recommends to always use an up-to-date version of the PLCnext Engineer.",
"product_ids": [
"CSAFPID-31001",
"CSAFPID-31002",
"CSAFPID-31004",
"CSAFPID-31005",
"CSAFPID-31007"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"environmentalScore": 7.5,
"environmentalSeverity": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"temporalScore": 7.5,
"temporalSeverity": "HIGH",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-31001",
"CSAFPID-31002",
"CSAFPID-31004",
"CSAFPID-31005",
"CSAFPID-31007"
]
}
],
"title": "CVE-2024-25062"
},
{
"cve": "CVE-2024-5742",
"cwe": {
"id": "CWE-377",
"name": "Insecure Temporary File"
},
"notes": [
{
"category": "summary",
"text": "Nano: running `chmod` and `chown` on the filename allows malicious user to replace the emergency file with a malicious symlink to a root-owned file"
},
{
"category": "details",
"text": "[https://nvd.nist.gov/vuln/detail/CVE-2024-5742](https://nvd.nist.gov/vuln/detail/CVE-2024-5742)",
"title": "Details"
},
{
"category": "description",
"text": "A vulnerability was found in GNU Nano that allows a possible privilege escalation through an insecure temporary file. If Nano is killed while editing, a file it saves to an emergency file with the permissions of the running user provides a window of opportunity for attackers to escalate privileges through a malicious symlink.",
"title": "Vulnerability Description"
}
],
"product_status": {
"fixed": [
"CSAFPID-32001",
"CSAFPID-32002",
"CSAFPID-32004",
"CSAFPID-32005",
"CSAFPID-32007"
],
"known_affected": [
"CSAFPID-31001",
"CSAFPID-31002",
"CSAFPID-31004",
"CSAFPID-31005",
"CSAFPID-31007"
]
},
"remediations": [
{
"category": "vendor_fix",
"details": "Update to the latest 2025.0.2 Firmware Release. PHOENIX CONTACT recommends to always use an up-to-date version of the PLCnext Engineer.",
"product_ids": [
"CSAFPID-31001",
"CSAFPID-31002",
"CSAFPID-31004",
"CSAFPID-31005",
"CSAFPID-31007"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 4.7,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"environmentalScore": 4.7,
"environmentalSeverity": "MEDIUM",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"temporalScore": 4.7,
"temporalSeverity": "MEDIUM",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:H/A:N",
"version": "3.1"
},
"products": [
"CSAFPID-31001",
"CSAFPID-31002",
"CSAFPID-31004",
"CSAFPID-31005",
"CSAFPID-31007"
]
}
],
"title": "CVE-2024-5742"
},
{
"cve": "CVE-2025-26466",
"cwe": {
"id": "CWE-770",
"name": "Allocation of Resources Without Limits or Throttling"
},
"notes": [
{
"category": "details",
"text": "[https://nvd.nist.gov/vuln/detail/CVE-2025-26466](https://nvd.nist.gov/vuln/detail/CVE-2025-26466)",
"title": "Details"
},
{
"category": "description",
"text": "A flaw was found in the OpenSSH package. For each ping packet the SSH server receives, a pong packet is allocated in a memory buffer and stored in a queue of packages. It is only freed when the server/client key exchange has finished. A malicious client may keep sending such packages, leading to an uncontrolled increase in memory consumption on the server side. Consequently, the server may become unavailable, resulting in a denial of service attack.",
"title": "Vulnerability Description"
}
],
"product_status": {
"fixed": [
"CSAFPID-32001",
"CSAFPID-32002",
"CSAFPID-32004",
"CSAFPID-32005",
"CSAFPID-32007"
],
"known_affected": [
"CSAFPID-31001",
"CSAFPID-31002",
"CSAFPID-31004",
"CSAFPID-31005",
"CSAFPID-31007"
]
},
"remediations": [
{
"category": "vendor_fix",
"details": "Update to the latest 2025.0.2 Firmware Release. PHOENIX CONTACT recommends to always use an up-to-date version of the PLCnext Engineer.",
"product_ids": [
"CSAFPID-31001",
"CSAFPID-31002",
"CSAFPID-31004",
"CSAFPID-31005",
"CSAFPID-31007"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"environmentalScore": 5.9,
"environmentalSeverity": "MEDIUM",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"temporalScore": 5.9,
"temporalSeverity": "MEDIUM",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-31001",
"CSAFPID-31002",
"CSAFPID-31004",
"CSAFPID-31005",
"CSAFPID-31007"
]
}
],
"title": "CVE-2025-26466"
},
{
"cve": "CVE-2025-26465",
"cwe": {
"id": "CWE-390",
"name": "Detection of Error Condition Without Action"
},
"notes": [
{
"category": "details",
"text": "[https://nvd.nist.gov/vuln/detail/CVE-2025-26465](https://nvd.nist.gov/vuln/detail/CVE-2025-26465)",
"title": "Details"
},
{
"category": "description",
"text": "A vulnerability was found in OpenSSH when the VerifyHostKeyDNS option is enabled. A machine-in-the-middle attack can be performed by a malicious machine impersonating a legit server. This issue occurs due to how OpenSSH mishandles error codes in specific conditions when verifying the host key. For an attack to be considered successful, the attacker needs to manage to exhaust the client\u0027s memory resource first, turning the attack complexity high.",
"title": "Vulnerability Description"
}
],
"product_status": {
"fixed": [
"CSAFPID-32001",
"CSAFPID-32002",
"CSAFPID-32004",
"CSAFPID-32005",
"CSAFPID-32007"
],
"known_affected": [
"CSAFPID-31001",
"CSAFPID-31002",
"CSAFPID-31004",
"CSAFPID-31005",
"CSAFPID-31007"
]
},
"remediations": [
{
"category": "vendor_fix",
"details": "Update to the latest 2025.0.2 Firmware Release. PHOENIX CONTACT recommends to always use an up-to-date version of the PLCnext Engineer.",
"product_ids": [
"CSAFPID-31001",
"CSAFPID-31002",
"CSAFPID-31004",
"CSAFPID-31005",
"CSAFPID-31007"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.8,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"environmentalScore": 6.8,
"environmentalSeverity": "MEDIUM",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"temporalScore": 6.8,
"temporalSeverity": "MEDIUM",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:N",
"version": "3.1"
},
"products": [
"CSAFPID-31001",
"CSAFPID-31002",
"CSAFPID-31004",
"CSAFPID-31005",
"CSAFPID-31007"
]
}
],
"title": "CVE-2025-26465"
},
{
"cve": "CVE-2024-6119",
"cwe": {
"id": "CWE-843",
"name": "Access of Resource Using Incompatible Type (\u0027Type Confusion\u0027)"
},
"notes": [
{
"category": "details",
"text": "[https://nvd.nist.gov/vuln/detail/CVE-2024-6119](https://nvd.nist.gov/vuln/detail/CVE-2024-6119)",
"title": "Details"
},
{
"category": "description",
"text": "Issue summary: Applications performing certificate name checks (e.g., TLS\nclients checking server certificates) may attempt to read an invalid memory\naddress resulting in abnormal termination of the application process.\n\nImpact summary: Abnormal termination of an application can a cause a denial of\nservice.\n\nApplications performing certificate name checks (e.g., TLS clients checking\nserver certificates) may attempt to read an invalid memory address when\ncomparing the expected name with an `otherName` subject alternative name of an\nX.509 certificate. This may result in an exception that terminates the\napplication program.\n\nNote that basic certificate chain validation (signatures, dates, ...) is not\naffected, the denial of service can occur only when the application also\nspecifies an expected DNS name, Email address or IP address.\n\nTLS servers rarely solicit client certificates, and even when they do, they\ngenerally don\u0027t perform a name check against a reference identifier (expected\nidentity), but rather extract the presented identity after checking the\ncertificate chain. So TLS servers are generally not affected and the severity\nof the issue is Moderate.\n\nThe FIPS modules in 3.3, 3.2, 3.1 and 3.0 are not affected by this issue.",
"title": "Vulnerability Description"
}
],
"product_status": {
"fixed": [
"CSAFPID-32001",
"CSAFPID-32002",
"CSAFPID-32004",
"CSAFPID-32005",
"CSAFPID-32007"
],
"known_affected": [
"CSAFPID-31001",
"CSAFPID-31002",
"CSAFPID-31004",
"CSAFPID-31005",
"CSAFPID-31007"
]
},
"remediations": [
{
"category": "vendor_fix",
"details": "Update to the latest 2025.0.2 Firmware Release. PHOENIX CONTACT recommends to always use an up-to-date version of the PLCnext Engineer.",
"product_ids": [
"CSAFPID-31001",
"CSAFPID-31002",
"CSAFPID-31004",
"CSAFPID-31005",
"CSAFPID-31007"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"environmentalScore": 7.5,
"environmentalSeverity": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"temporalScore": 7.5,
"temporalSeverity": "HIGH",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"CSAFPID-31001",
"CSAFPID-31002",
"CSAFPID-31004",
"CSAFPID-31005",
"CSAFPID-31007"
]
}
],
"title": "CVE-2024-6119"
},
{
"cve": "CVE-2024-9143",
"cwe": {
"id": "CWE-787",
"name": "Out-of-bounds Write"
},
"notes": [
{
"category": "details",
"text": "[https://nvd.nist.gov/vuln/detail/CVE-2024-9143](https://nvd.nist.gov/vuln/detail/CVE-2024-9143)",
"title": "Details"
},
{
"category": "description",
"text": "Issue summary: Use of the low-level GF(2^m) elliptic curve APIs with untrusted\nexplicit values for the field polynomial can lead to out-of-bounds memory reads\nor writes.\n\nImpact summary: Out of bound memory writes can lead to an application crash or\neven a possibility of a remote code execution, however, in all the protocols\ninvolving Elliptic Curve Cryptography that we\u0027re aware of, either only \"named\ncurves\" are supported, or, if explicit curve parameters are supported, they\nspecify an X9.62 encoding of binary (GF(2^m)) curves that can\u0027t represent\nproblematic input values. Thus the likelihood of existence of a vulnerable\napplication is low.\n\nIn particular, the X9.62 encoding is used for ECC keys in X.509 certificates,\nso problematic inputs cannot occur in the context of processing X.509\ncertificates. Any problematic use-cases would have to be using an \"exotic\"\ncurve encoding.\n\nThe affected APIs include: EC_GROUP_new_curve_GF2m(), EC_GROUP_new_from_params(),\nand various supporting BN_GF2m_*() functions.\n\nApplications working with \"exotic\" explicit binary (GF(2^m)) curve parameters,\nthat make it possible to represent invalid field polynomials with a zero\nconstant term, via the above or similar APIs, may terminate abruptly as a\nresult of reading or writing outside of array bounds. Remote code execution\ncannot easily be ruled out.\n\nThe FIPS modules in 3.3, 3.2, 3.1 and 3.0 are not affected by this issue.",
"title": "Vulnerability Description"
}
],
"product_status": {
"fixed": [
"CSAFPID-32001",
"CSAFPID-32002",
"CSAFPID-32004",
"CSAFPID-32005",
"CSAFPID-32007"
],
"known_affected": [
"CSAFPID-31001",
"CSAFPID-31002",
"CSAFPID-31004",
"CSAFPID-31005",
"CSAFPID-31007"
]
},
"remediations": [
{
"category": "vendor_fix",
"details": "Update to the latest 2025.0.2 Firmware Release. PHOENIX CONTACT recommends to always use an up-to-date version of the PLCnext Engineer.",
"product_ids": [
"CSAFPID-31001",
"CSAFPID-31002",
"CSAFPID-31004",
"CSAFPID-31005",
"CSAFPID-31007"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"environmentalScore": 4.3,
"environmentalSeverity": "MEDIUM",
"integrityImpact": "LOW",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"temporalScore": 4.3,
"temporalSeverity": "MEDIUM",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N",
"version": "3.1"
},
"products": [
"CSAFPID-31001",
"CSAFPID-31002",
"CSAFPID-31004",
"CSAFPID-31005",
"CSAFPID-31007"
]
}
],
"title": "CVE-2024-9143"
},
{
"cve": "CVE-2024-5535",
"cwe": {
"id": "CWE-200",
"name": "Exposure of Sensitive Information to an Unauthorized Actor"
},
"notes": [
{
"category": "summary",
"text": "SSL_select_next_proto buffer overread"
},
{
"category": "details",
"text": "[https://nvd.nist.gov/vuln/detail/CVE-2024-5535](https://nvd.nist.gov/vuln/detail/CVE-2024-5535)",
"title": "Details"
},
{
"category": "description",
"text": "Issue summary: Calling the OpenSSL API function SSL_select_next_proto with an\nempty supported client protocols buffer may cause a crash or memory contents to\nbe sent to the peer.\n\nImpact summary: A buffer overread can have a range of potential consequences\nsuch as unexpected application beahviour or a crash. In particular this issue\ncould result in up to 255 bytes of arbitrary private data from memory being sent\nto the peer leading to a loss of confidentiality. However, only applications\nthat directly call the SSL_select_next_proto function with a 0 length list of\nsupported client protocols are affected by this issue. This would normally never\nbe a valid scenario and is typically not under attacker control but may occur by\naccident in the case of a configuration or programming error in the calling\napplication.\n\nThe OpenSSL API function SSL_select_next_proto is typically used by TLS\napplications that support ALPN (Application Layer Protocol Negotiation) or NPN\n(Next Protocol Negotiation). NPN is older, was never standardised and\nis deprecated in favour of ALPN. We believe that ALPN is significantly more\nwidely deployed than NPN. The SSL_select_next_proto function accepts a list of\nprotocols from the server and a list of protocols from the client and returns\nthe first protocol that appears in the server list that also appears in the\nclient list. In the case of no overlap between the two lists it returns the\nfirst item in the client list. In either case it will signal whether an overlap\nbetween the two lists was found. In the case where SSL_select_next_proto is\ncalled with a zero length client list it fails to notice this condition and\nreturns the memory immediately following the client list pointer (and reports\nthat there was no overlap in the lists).\n\nThis function is typically called from a server side application callback for\nALPN or a client side application callback for NPN. In the case of ALPN the list\nof protocols supplied by the client is guaranteed by libssl to never be zero in\nlength. The list of server protocols comes from the application and should never\nnormally be expected to be of zero length. In this case if the\nSSL_select_next_proto function has been called as expected (with the list\nsupplied by the client passed in the client/client_len parameters), then the\napplication will not be vulnerable to this issue. If the application has\naccidentally been configured with a zero length server list, and has\naccidentally passed that zero length server list in the client/client_len\nparameters, and has additionally failed to correctly handle a \"no overlap\"\nresponse (which would normally result in a handshake failure in ALPN) then it\nwill be vulnerable to this problem.\n\nIn the case of NPN, the protocol permits the client to opportunistically select\na protocol when there is no overlap. OpenSSL returns the first client protocol\nin the no overlap case in support of this. The list of client protocols comes\nfrom the application and should never normally be expected to be of zero length.\nHowever if the SSL_select_next_proto function is accidentally called with a\nclient_len of 0 then an invalid memory pointer will be returned instead. If the\napplication uses this output as the opportunistic protocol then the loss of\nconfidentiality will occur.\n\nThis issue has been assessed as Low severity because applications are most\nlikely to be vulnerable if they are using NPN instead of ALPN - but NPN is not\nwidely used. It also requires an application configuration or programming error.\nFinally, this issue would not typically be under attacker control making active\nexploitation unlikely.\n\nThe FIPS modules in 3.3, 3.2, 3.1 and 3.0 are not affected by this issue.\n\nDue to the low severity of this issue we are not issuing new releases of\nOpenSSL at this time. The fix will be included in the next releases when they\nbecome available.",
"title": "Vulnerability Description"
}
],
"product_status": {
"fixed": [
"CSAFPID-32001",
"CSAFPID-32002",
"CSAFPID-32004",
"CSAFPID-32005",
"CSAFPID-32007"
],
"known_affected": [
"CSAFPID-31001",
"CSAFPID-31002",
"CSAFPID-31004",
"CSAFPID-31005",
"CSAFPID-31007"
]
},
"remediations": [
{
"category": "vendor_fix",
"details": "Update to the latest 2025.0.2 Firmware Release. PHOENIX CONTACT recommends to always use an up-to-date version of the PLCnext Engineer.",
"product_ids": [
"CSAFPID-31001",
"CSAFPID-31002",
"CSAFPID-31004",
"CSAFPID-31005",
"CSAFPID-31007"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.1,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"environmentalScore": 9.1,
"environmentalSeverity": "CRITICAL",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"temporalScore": 9.1,
"temporalSeverity": "CRITICAL",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-31001",
"CSAFPID-31002",
"CSAFPID-31004",
"CSAFPID-31005",
"CSAFPID-31007"
]
}
],
"title": "CVE-2024-5535"
},
{
"cve": "CVE-2024-28882",
"cwe": {
"id": "CWE-772",
"name": "Missing Release of Resource after Effective Lifetime"
},
"notes": [
{
"category": "details",
"text": "[https://nvd.nist.gov/vuln/detail/CVE-2024-28882](https://nvd.nist.gov/vuln/detail/CVE-2024-28882)",
"title": "Details"
},
{
"category": "description",
"text": "OpenVPN from 2.6.0 through 2.6.10 in a server role accepts multiple exit notifications from authenticated clients which will extend the validity of a closing session",
"title": "Vulnerability Description"
}
],
"product_status": {
"fixed": [
"CSAFPID-32001",
"CSAFPID-32002",
"CSAFPID-32004",
"CSAFPID-32005",
"CSAFPID-32007"
],
"known_affected": [
"CSAFPID-31001",
"CSAFPID-31002",
"CSAFPID-31004",
"CSAFPID-31005",
"CSAFPID-31007"
]
},
"remediations": [
{
"category": "vendor_fix",
"details": "Update to the latest 2025.0.2 Firmware Release. PHOENIX CONTACT recommends to always use an up-to-date version of the PLCnext Engineer.",
"product_ids": [
"CSAFPID-31001",
"CSAFPID-31002",
"CSAFPID-31004",
"CSAFPID-31005",
"CSAFPID-31007"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 4.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"environmentalScore": 4.3,
"environmentalSeverity": "MEDIUM",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"temporalScore": 4.3,
"temporalSeverity": "MEDIUM",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"CSAFPID-31001",
"CSAFPID-31002",
"CSAFPID-31004",
"CSAFPID-31005",
"CSAFPID-31007"
]
}
],
"title": "CVE-2024-28882"
},
{
"cve": "CVE-2024-5594",
"cwe": {
"id": "CWE-1287",
"name": "Improper Validation of Specified Type of Input"
},
"notes": [
{
"category": "details",
"text": "[https://nvd.nist.gov/vuln/detail/CVE-2024-5594](https://nvd.nist.gov/vuln/detail/CVE-2024-5594)",
"title": "Details"
},
{
"category": "description",
"text": "OpenVPN before 2.6.11 does not santize PUSH_REPLY messages properly which an attacker controlling the server can use to inject unexpected arbitrary data ending up in client logs.",
"title": "Vulnerability Description"
}
],
"product_status": {
"fixed": [
"CSAFPID-32001",
"CSAFPID-32002",
"CSAFPID-32004",
"CSAFPID-32005",
"CSAFPID-32007"
],
"known_affected": [
"CSAFPID-31001",
"CSAFPID-31002",
"CSAFPID-31004",
"CSAFPID-31005",
"CSAFPID-31007"
]
},
"remediations": [
{
"category": "vendor_fix",
"details": "Update to the latest 2025.0.2 Firmware Release. PHOENIX CONTACT recommends to always use an up-to-date version of the PLCnext Engineer.",
"product_ids": [
"CSAFPID-31001",
"CSAFPID-31002",
"CSAFPID-31004",
"CSAFPID-31005",
"CSAFPID-31007"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 9.1,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"environmentalScore": 9.1,
"environmentalSeverity": "CRITICAL",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"temporalScore": 9.1,
"temporalSeverity": "CRITICAL",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N",
"version": "3.1"
},
"products": [
"CSAFPID-31001",
"CSAFPID-31002",
"CSAFPID-31004",
"CSAFPID-31005",
"CSAFPID-31007"
]
}
],
"title": "CVE-2024-5594"
},
{
"cve": "CVE-2019-20633",
"cwe": {
"id": "CWE-415",
"name": "Double Free"
},
"notes": [
{
"category": "details",
"text": "[https://nvd.nist.gov/vuln/detail/CVE-2019-20633](https://nvd.nist.gov/vuln/detail/CVE-2019-20633)",
"title": "Details"
},
{
"category": "description",
"text": "GNU patch through 2.7.6 contains a free(p_line[p_end]) Double Free vulnerability in the function another_hunk in pch.c that can cause a denial of service via a crafted patch file. NOTE: this issue exists because of an incomplete fix for CVE-2018-6952.",
"title": "Vulnerability Description"
}
],
"product_status": {
"fixed": [
"CSAFPID-32001",
"CSAFPID-32002",
"CSAFPID-32004",
"CSAFPID-32005",
"CSAFPID-32007"
],
"known_affected": [
"CSAFPID-31001",
"CSAFPID-31002",
"CSAFPID-31004",
"CSAFPID-31005",
"CSAFPID-31007"
]
},
"remediations": [
{
"category": "vendor_fix",
"details": "Update to the latest 2025.0.2 Firmware Release. PHOENIX CONTACT recommends to always use an up-to-date version of the PLCnext Engineer.",
"product_ids": [
"CSAFPID-31001",
"CSAFPID-31002",
"CSAFPID-31004",
"CSAFPID-31005",
"CSAFPID-31007"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"environmentalScore": 5.5,
"environmentalSeverity": "MEDIUM",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"temporalScore": 5.5,
"temporalSeverity": "MEDIUM",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-31001",
"CSAFPID-31002",
"CSAFPID-31004",
"CSAFPID-31005",
"CSAFPID-31007"
]
},
{
"cvss_v2": {
"baseScore": 4.3,
"vectorString": "AV:N/AC:M/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
"products": [
"CSAFPID-31001",
"CSAFPID-31002",
"CSAFPID-31004",
"CSAFPID-31005",
"CSAFPID-31007"
]
}
],
"title": "CVE-2019-20633"
},
{
"cve": "CVE-2019-13638",
"cwe": {
"id": "CWE-78",
"name": "Improper Neutralization of Special Elements used in an OS Command (\u0027OS Command Injection\u0027)"
},
"notes": [
{
"category": "details",
"text": "[https://nvd.nist.gov/vuln/detail/CVE-2019-13638](https://nvd.nist.gov/vuln/detail/CVE-2019-13638)",
"title": "Details"
},
{
"category": "description",
"text": "GNU patch through 2.7.6 is vulnerable to OS shell command injection that can be exploited by opening a crafted patch file that contains an ed style diff payload with shell metacharacters. The ed editor does not need to be present on the vulnerable system. This is different from CVE-2018-1000156.",
"title": "Vulnerability Description"
}
],
"product_status": {
"fixed": [
"CSAFPID-32001",
"CSAFPID-32002",
"CSAFPID-32004",
"CSAFPID-32005",
"CSAFPID-32007"
],
"known_affected": [
"CSAFPID-31001",
"CSAFPID-31002",
"CSAFPID-31004",
"CSAFPID-31005",
"CSAFPID-31007"
]
},
"remediations": [
{
"category": "vendor_fix",
"details": "Update to the latest 2025.0.2 Firmware Release. PHOENIX CONTACT recommends to always use an up-to-date version of the PLCnext Engineer.",
"product_ids": [
"CSAFPID-31001",
"CSAFPID-31002",
"CSAFPID-31004",
"CSAFPID-31005",
"CSAFPID-31007"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"environmentalScore": 7.8,
"environmentalSeverity": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"temporalScore": 7.8,
"temporalSeverity": "HIGH",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"products": [
"CSAFPID-31001",
"CSAFPID-31002",
"CSAFPID-31004",
"CSAFPID-31005",
"CSAFPID-31007"
]
},
{
"cvss_v2": {
"baseScore": 9.3,
"vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"products": [
"CSAFPID-31001",
"CSAFPID-31002",
"CSAFPID-31004",
"CSAFPID-31005",
"CSAFPID-31007"
]
}
],
"title": "CVE-2019-13638"
},
{
"cve": "CVE-2019-13636",
"cwe": {
"id": "CWE-59",
"name": "Improper Link Resolution Before File Access (\u0027Link Following\u0027)"
},
"notes": [
{
"category": "details",
"text": "[https://nvd.nist.gov/vuln/detail/CVE-2019-13636](https://nvd.nist.gov/vuln/detail/CVE-2019-13636)",
"title": "Details"
},
{
"category": "description",
"text": "In GNU patch through 2.7.6, the following of symlinks is mishandled in certain cases other than input files. This affects inp.c and util.c.",
"title": "Vulnerability Description"
}
],
"product_status": {
"fixed": [
"CSAFPID-32001",
"CSAFPID-32002",
"CSAFPID-32004",
"CSAFPID-32005",
"CSAFPID-32007"
],
"known_affected": [
"CSAFPID-31001",
"CSAFPID-31002",
"CSAFPID-31004",
"CSAFPID-31005",
"CSAFPID-31007"
]
},
"remediations": [
{
"category": "vendor_fix",
"details": "Update to the latest 2025.0.2 Firmware Release. PHOENIX CONTACT recommends to always use an up-to-date version of the PLCnext Engineer.",
"product_ids": [
"CSAFPID-31001",
"CSAFPID-31002",
"CSAFPID-31004",
"CSAFPID-31005",
"CSAFPID-31007"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"environmentalScore": 5.9,
"environmentalSeverity": "MEDIUM",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"temporalScore": 5.9,
"temporalSeverity": "MEDIUM",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N",
"version": "3.0"
},
"products": [
"CSAFPID-31001",
"CSAFPID-31002",
"CSAFPID-31004",
"CSAFPID-31005",
"CSAFPID-31007"
]
},
{
"cvss_v2": {
"baseScore": 5.8,
"vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:P",
"version": "2.0"
},
"products": [
"CSAFPID-31001",
"CSAFPID-31002",
"CSAFPID-31004",
"CSAFPID-31005",
"CSAFPID-31007"
]
}
],
"title": "CVE-2019-13636"
},
{
"cve": "CVE-2018-1000156",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"notes": [
{
"category": "details",
"text": "[https://nvd.nist.gov/vuln/detail/CVE-2018-1000156](https://nvd.nist.gov/vuln/detail/CVE-2018-1000156)",
"title": "Details"
},
{
"category": "description",
"text": "GNU Patch version 2.7.6 contains an input validation vulnerability when processing patch files, specifically the EDITOR_PROGRAM invocation (using ed) can result in code execution. This attack appear to be exploitable via a patch file processed via the patch utility. This is similar to FreeBSD\u0027s CVE-2015-1418 however although they share a common ancestry the code bases have diverged over time.",
"title": "Vulnerability Description"
}
],
"product_status": {
"fixed": [
"CSAFPID-32001",
"CSAFPID-32002",
"CSAFPID-32004",
"CSAFPID-32005",
"CSAFPID-32007"
],
"known_affected": [
"CSAFPID-31001",
"CSAFPID-31002",
"CSAFPID-31004",
"CSAFPID-31005",
"CSAFPID-31007"
]
},
"remediations": [
{
"category": "vendor_fix",
"details": "Update to the latest 2025.0.2 Firmware Release. PHOENIX CONTACT recommends to always use an up-to-date version of the PLCnext Engineer.",
"product_ids": [
"CSAFPID-31001",
"CSAFPID-31002",
"CSAFPID-31004",
"CSAFPID-31005",
"CSAFPID-31007"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"environmentalScore": 7.8,
"environmentalSeverity": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"temporalScore": 7.8,
"temporalSeverity": "HIGH",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"products": [
"CSAFPID-31001",
"CSAFPID-31002",
"CSAFPID-31004",
"CSAFPID-31005",
"CSAFPID-31007"
]
},
{
"cvss_v2": {
"baseScore": 6.8,
"vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"products": [
"CSAFPID-31001",
"CSAFPID-31002",
"CSAFPID-31004",
"CSAFPID-31005",
"CSAFPID-31007"
]
}
],
"title": "CVE-2018-1000156"
},
{
"cve": "CVE-2018-20969",
"cwe": {
"id": "CWE-78",
"name": "Improper Neutralization of Special Elements used in an OS Command (\u0027OS Command Injection\u0027)"
},
"notes": [
{
"category": "details",
"text": "[https://nvd.nist.gov/vuln/detail/CVE-2018-20969](https://nvd.nist.gov/vuln/detail/CVE-2018-20969)",
"title": "Details"
},
{
"category": "description",
"text": "do_ed_script in pch.c in GNU patch through 2.7.6 does not block strings beginning with a ! character. NOTE: this is the same commit as for CVE-2019-13638, but the ! syntax is specific to ed, and is unrelated to a shell metacharacter.",
"title": "Vulnerability Description"
}
],
"product_status": {
"fixed": [
"CSAFPID-32001",
"CSAFPID-32002",
"CSAFPID-32004",
"CSAFPID-32005",
"CSAFPID-32007"
],
"known_affected": [
"CSAFPID-31001",
"CSAFPID-31002",
"CSAFPID-31004",
"CSAFPID-31005",
"CSAFPID-31007"
]
},
"remediations": [
{
"category": "vendor_fix",
"details": "Update to the latest 2025.0.2 Firmware Release. PHOENIX CONTACT recommends to always use an up-to-date version of the PLCnext Engineer.",
"product_ids": [
"CSAFPID-31001",
"CSAFPID-31002",
"CSAFPID-31004",
"CSAFPID-31005",
"CSAFPID-31007"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"environmentalScore": 7.8,
"environmentalSeverity": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"temporalScore": 7.8,
"temporalSeverity": "HIGH",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"products": [
"CSAFPID-31001",
"CSAFPID-31002",
"CSAFPID-31004",
"CSAFPID-31005",
"CSAFPID-31007"
]
},
{
"cvss_v2": {
"baseScore": 9.3,
"vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"products": [
"CSAFPID-31001",
"CSAFPID-31002",
"CSAFPID-31004",
"CSAFPID-31005",
"CSAFPID-31007"
]
}
],
"title": "CVE-2018-20969"
},
{
"cve": "CVE-2018-6951",
"cwe": {
"id": "CWE-476",
"name": "NULL Pointer Dereference"
},
"notes": [
{
"category": "details",
"text": "[https://nvd.nist.gov/vuln/detail/CVE-2018-6951](https://nvd.nist.gov/vuln/detail/CVE-2018-6951)",
"title": "Details"
},
{
"category": "description",
"text": "An issue was discovered in GNU patch through 2.7.6. There is a segmentation fault, associated with a NULL pointer dereference, leading to a denial of service in the intuit_diff_type function in pch.c, aka a \"mangled rename\" issue.",
"title": "Vulnerability Description"
}
],
"product_status": {
"fixed": [
"CSAFPID-32001",
"CSAFPID-32002",
"CSAFPID-32004",
"CSAFPID-32005",
"CSAFPID-32007"
],
"known_affected": [
"CSAFPID-31001",
"CSAFPID-31002",
"CSAFPID-31004",
"CSAFPID-31005",
"CSAFPID-31007"
]
},
"remediations": [
{
"category": "vendor_fix",
"details": "Update to the latest 2025.0.2 Firmware Release. PHOENIX CONTACT recommends to always use an up-to-date version of the PLCnext Engineer.",
"product_ids": [
"CSAFPID-31001",
"CSAFPID-31002",
"CSAFPID-31004",
"CSAFPID-31005",
"CSAFPID-31007"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"environmentalScore": 7.5,
"environmentalSeverity": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"temporalScore": 7.5,
"temporalSeverity": "HIGH",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.0"
},
"products": [
"CSAFPID-31001",
"CSAFPID-31002",
"CSAFPID-31004",
"CSAFPID-31005",
"CSAFPID-31007"
]
},
{
"cvss_v2": {
"baseScore": 5,
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
"products": [
"CSAFPID-31001",
"CSAFPID-31002",
"CSAFPID-31004",
"CSAFPID-31005",
"CSAFPID-31007"
]
}
],
"title": "CVE-2018-6951"
},
{
"cve": "CVE-2018-6952",
"cwe": {
"id": "CWE-415",
"name": "Double Free"
},
"notes": [
{
"category": "details",
"text": "[https://nvd.nist.gov/vuln/detail/CVE-2018-6952](https://nvd.nist.gov/vuln/detail/CVE-2018-6952)",
"title": "Details"
},
{
"category": "description",
"text": "A double free exists in the another_hunk function in pch.c in GNU patch through 2.7.6.",
"title": "Vulnerability Description"
}
],
"product_status": {
"fixed": [
"CSAFPID-32001",
"CSAFPID-32002",
"CSAFPID-32004",
"CSAFPID-32005",
"CSAFPID-32007"
],
"known_affected": [
"CSAFPID-31001",
"CSAFPID-31002",
"CSAFPID-31004",
"CSAFPID-31005",
"CSAFPID-31007"
]
},
"remediations": [
{
"category": "vendor_fix",
"details": "Update to the latest 2025.0.2 Firmware Release. PHOENIX CONTACT recommends to always use an up-to-date version of the PLCnext Engineer.",
"product_ids": [
"CSAFPID-31001",
"CSAFPID-31002",
"CSAFPID-31004",
"CSAFPID-31005",
"CSAFPID-31007"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"environmentalScore": 7.5,
"environmentalSeverity": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"temporalScore": 7.5,
"temporalSeverity": "HIGH",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.0"
},
"products": [
"CSAFPID-31001",
"CSAFPID-31002",
"CSAFPID-31004",
"CSAFPID-31005",
"CSAFPID-31007"
]
},
{
"cvss_v2": {
"baseScore": 5,
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
"products": [
"CSAFPID-31001",
"CSAFPID-31002",
"CSAFPID-31004",
"CSAFPID-31005",
"CSAFPID-31007"
]
}
],
"title": "CVE-2018-6952"
},
{
"cve": "CVE-2024-9341",
"cwe": {
"id": "CWE-59",
"name": "Improper Link Resolution Before File Access (\u0027Link Following\u0027)"
},
"notes": [
{
"category": "details",
"text": "[https://nvd.nist.gov/vuln/detail/CVE-2024-9341](https://nvd.nist.gov/vuln/detail/CVE-2024-9341)",
"title": "Details"
},
{
"category": "description",
"text": "A flaw was found in Go. When FIPS mode is enabled on a system, container runtimes may incorrectly handle certain file paths due to improper validation in the containers/common Go library. This flaw allows an attacker to exploit symbolic links and trick the system into mounting sensitive host directories inside a container. This issue also allows attackers to access critical host files, bypassing the intended isolation between containers and the host system.",
"title": "Vulnerability Description"
}
],
"product_status": {
"fixed": [
"CSAFPID-32001",
"CSAFPID-32002",
"CSAFPID-32004",
"CSAFPID-32005",
"CSAFPID-32007"
],
"known_affected": [
"CSAFPID-31001",
"CSAFPID-31002",
"CSAFPID-31004",
"CSAFPID-31005",
"CSAFPID-31007"
]
},
"remediations": [
{
"category": "vendor_fix",
"details": "Update to the latest 2025.0.2 Firmware Release. PHOENIX CONTACT recommends to always use an up-to-date version of the PLCnext Engineer.",
"product_ids": [
"CSAFPID-31001",
"CSAFPID-31002",
"CSAFPID-31004",
"CSAFPID-31005",
"CSAFPID-31007"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 8.2,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"environmentalScore": 8.2,
"environmentalSeverity": "HIGH",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"temporalScore": 8.2,
"temporalSeverity": "HIGH",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:L/A:N",
"version": "3.1"
},
"products": [
"CSAFPID-31001",
"CSAFPID-31002",
"CSAFPID-31004",
"CSAFPID-31005",
"CSAFPID-31007"
]
}
],
"title": "CVE-2024-9341"
},
{
"cve": "CVE-2023-27043",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"notes": [
{
"category": "details",
"text": "[https://nvd.nist.gov/vuln/detail/CVE-2023-27043](https://nvd.nist.gov/vuln/detail/CVE-2023-27043)",
"title": "Details"
},
{
"category": "description",
"text": "The email module of Python through 3.11.3 incorrectly parses e-mail addresses that contain a special character. The wrong portion of an RFC2822 header is identified as the value of the addr-spec. In some applications, an attacker can bypass a protection mechanism in which application access is granted only after verifying receipt of e-mail to a specific domain (e.g., only @company.example.com addresses may be used for signup). This occurs in email/_parseaddr.py in recent versions of Python.",
"title": "Vulnerability Description"
}
],
"product_status": {
"fixed": [
"CSAFPID-32001",
"CSAFPID-32002",
"CSAFPID-32004",
"CSAFPID-32005",
"CSAFPID-32007"
],
"known_affected": [
"CSAFPID-31001",
"CSAFPID-31002",
"CSAFPID-31004",
"CSAFPID-31005",
"CSAFPID-31007"
]
},
"remediations": [
{
"category": "vendor_fix",
"details": "Update to the latest 2025.0.2 Firmware Release. PHOENIX CONTACT recommends to always use an up-to-date version of the PLCnext Engineer.",
"product_ids": [
"CSAFPID-31001",
"CSAFPID-31002",
"CSAFPID-31004",
"CSAFPID-31005",
"CSAFPID-31007"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"environmentalScore": 5.3,
"environmentalSeverity": "MEDIUM",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"temporalScore": 5.3,
"temporalSeverity": "MEDIUM",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N",
"version": "3.1"
},
"products": [
"CSAFPID-31001",
"CSAFPID-31002",
"CSAFPID-31004",
"CSAFPID-31005",
"CSAFPID-31007"
]
}
],
"title": "CVE-2023-27043"
},
{
"cve": "CVE-2024-9287",
"cwe": {
"id": "CWE-77",
"name": "Improper Neutralization of Special Elements used in a Command (\u0027Command Injection\u0027)"
},
"notes": [
{
"category": "details",
"text": "[https://nvd.nist.gov/vuln/detail/CVE-2024-9287](https://nvd.nist.gov/vuln/detail/CVE-2024-9287)",
"title": "Details"
},
{
"category": "description",
"text": "A vulnerability has been found in the CPython `venv` module and CLI where path names provided when creating a virtual environment were not quoted properly, allowing the creator to inject commands into virtual environment \"activation\" scripts (ie \"source venv/bin/activate\"). This means that attacker-controlled virtual environments are able to run commands when the virtual environment is activated. Virtual environments which are not created by an attacker or which aren\u0027t activated before being used (ie \"./venv/bin/python\") are not affected.",
"title": "Vulnerability Description"
}
],
"product_status": {
"fixed": [
"CSAFPID-32001",
"CSAFPID-32002",
"CSAFPID-32004",
"CSAFPID-32005",
"CSAFPID-32007"
],
"known_affected": [
"CSAFPID-31001",
"CSAFPID-31002",
"CSAFPID-31004",
"CSAFPID-31005",
"CSAFPID-31007"
]
},
"remediations": [
{
"category": "vendor_fix",
"details": "Update to the latest 2025.0.2 Firmware Release. PHOENIX CONTACT recommends to always use an up-to-date version of the PLCnext Engineer.",
"product_ids": [
"CSAFPID-31001",
"CSAFPID-31002",
"CSAFPID-31004",
"CSAFPID-31005",
"CSAFPID-31007"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"environmentalScore": 7.8,
"environmentalSeverity": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"temporalScore": 7.8,
"temporalSeverity": "HIGH",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-31001",
"CSAFPID-31002",
"CSAFPID-31004",
"CSAFPID-31005",
"CSAFPID-31007"
]
}
],
"title": "CVE-2024-9287"
},
{
"cve": "CVE-2024-6232",
"cwe": {
"id": "CWE-1333",
"name": "Inefficient Regular Expression Complexity"
},
"notes": [
{
"category": "details",
"text": "[https://nvd.nist.gov/vuln/detail/CVE-2024-6232](https://nvd.nist.gov/vuln/detail/CVE-2024-6232)",
"title": "Details"
},
{
"category": "description",
"text": "There is a MEDIUM severity vulnerability affecting CPython.\n\n\n\n\n\nRegular expressions that allowed excessive backtracking during tarfile.TarFile header parsing are vulnerable to ReDoS via specifically-crafted tar archives.",
"title": "Vulnerability Description"
}
],
"product_status": {
"fixed": [
"CSAFPID-32001",
"CSAFPID-32002",
"CSAFPID-32004",
"CSAFPID-32005",
"CSAFPID-32007"
],
"known_affected": [
"CSAFPID-31001",
"CSAFPID-31002",
"CSAFPID-31004",
"CSAFPID-31005",
"CSAFPID-31007"
]
},
"remediations": [
{
"category": "vendor_fix",
"details": "Update to the latest 2025.0.2 Firmware Release. PHOENIX CONTACT recommends to always use an up-to-date version of the PLCnext Engineer.",
"product_ids": [
"CSAFPID-31001",
"CSAFPID-31002",
"CSAFPID-31004",
"CSAFPID-31005",
"CSAFPID-31007"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"environmentalScore": 7.5,
"environmentalSeverity": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"temporalScore": 7.5,
"temporalSeverity": "HIGH",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-31001",
"CSAFPID-31002",
"CSAFPID-31004",
"CSAFPID-31005",
"CSAFPID-31007"
]
}
],
"title": "CVE-2024-6232"
},
{
"cve": "CVE-2024-6345",
"cwe": {
"id": "CWE-94",
"name": "Improper Control of Generation of Code (\u0027Code Injection\u0027)"
},
"notes": [
{
"category": "summary",
"text": "Remote Code Execution in pypa/setuptools"
},
{
"category": "details",
"text": "[https://nvd.nist.gov/vuln/detail/CVE-2024-6345](https://nvd.nist.gov/vuln/detail/CVE-2024-6345)",
"title": "Details"
},
{
"category": "description",
"text": "A vulnerability in the package_index module of pypa/setuptools versions up to 69.1.1 allows for remote code execution via its download functions. These functions, which are used to download packages from URLs provided by users or retrieved from package index servers, are susceptible to code injection. If these functions are exposed to user-controlled inputs, such as package URLs, they can execute arbitrary commands on the system. The issue is fixed in version 70.0.",
"title": "Vulnerability Description"
}
],
"product_status": {
"fixed": [
"CSAFPID-32001",
"CSAFPID-32002",
"CSAFPID-32004",
"CSAFPID-32005",
"CSAFPID-32007"
],
"known_affected": [
"CSAFPID-31001",
"CSAFPID-31002",
"CSAFPID-31004",
"CSAFPID-31005",
"CSAFPID-31007"
]
},
"remediations": [
{
"category": "vendor_fix",
"details": "Update to the latest 2025.0.2 Firmware Release. PHOENIX CONTACT recommends to always use an up-to-date version of the PLCnext Engineer.",
"product_ids": [
"CSAFPID-31001",
"CSAFPID-31002",
"CSAFPID-31004",
"CSAFPID-31005",
"CSAFPID-31007"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"environmentalScore": 8.8,
"environmentalSeverity": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"temporalScore": 8.8,
"temporalSeverity": "HIGH",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"products": [
"CSAFPID-31001",
"CSAFPID-31002",
"CSAFPID-31004",
"CSAFPID-31005",
"CSAFPID-31007"
]
}
],
"title": "CVE-2024-6345"
},
{
"cve": "CVE-2024-12084",
"cwe": {
"id": "CWE-122",
"name": "Heap-based Buffer Overflow"
},
"notes": [
{
"category": "details",
"text": "[https://nvd.nist.gov/vuln/detail/CVE-2024-12084](https://nvd.nist.gov/vuln/detail/CVE-2024-12084)",
"title": "Details"
},
{
"category": "description",
"text": "A heap-based buffer overflow flaw was found in the rsync daemon. This issue is due to improper handling of attacker-controlled checksum lengths (s2length) in the code. When MAX_DIGEST_LEN exceeds the fixed SUM_LENGTH (16 bytes), an attacker can write out of bounds in the sum2 buffer.",
"title": "Vulnerability Description"
}
],
"product_status": {
"fixed": [
"CSAFPID-32001",
"CSAFPID-32002",
"CSAFPID-32004",
"CSAFPID-32005",
"CSAFPID-32007"
],
"known_affected": [
"CSAFPID-31001",
"CSAFPID-31002",
"CSAFPID-31004",
"CSAFPID-31005",
"CSAFPID-31007"
]
},
"remediations": [
{
"category": "vendor_fix",
"details": "Update to the latest 2025.0.2 Firmware Release. PHOENIX CONTACT recommends to always use an up-to-date version of the PLCnext Engineer.",
"product_ids": [
"CSAFPID-31001",
"CSAFPID-31002",
"CSAFPID-31004",
"CSAFPID-31005",
"CSAFPID-31007"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"environmentalScore": 9.8,
"environmentalSeverity": "CRITICAL",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"temporalScore": 9.8,
"temporalSeverity": "CRITICAL",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-31001",
"CSAFPID-31002",
"CSAFPID-31004",
"CSAFPID-31005",
"CSAFPID-31007"
]
}
],
"title": "CVE-2024-12084"
},
{
"cve": "CVE-2024-12085",
"cwe": {
"id": "CWE-119",
"name": "Improper Restriction of Operations within the Bounds of a Memory Buffer"
},
"notes": [
{
"category": "details",
"text": "[https://nvd.nist.gov/vuln/detail/CVE-2024-12085](https://nvd.nist.gov/vuln/detail/CVE-2024-12085)",
"title": "Details"
},
{
"category": "description",
"text": "A flaw was found in rsync which could be triggered when rsync compares file checksums. This flaw allows an attacker to manipulate the checksum length (s2length) to cause a comparison between a checksum and uninitialized memory and leak one byte of uninitialized stack data at a time.",
"title": "Vulnerability Description"
}
],
"product_status": {
"fixed": [
"CSAFPID-32001",
"CSAFPID-32002",
"CSAFPID-32004",
"CSAFPID-32005",
"CSAFPID-32007"
],
"known_affected": [
"CSAFPID-31001",
"CSAFPID-31002",
"CSAFPID-31004",
"CSAFPID-31005",
"CSAFPID-31007"
]
},
"remediations": [
{
"category": "vendor_fix",
"details": "Update to the latest 2025.0.2 Firmware Release. PHOENIX CONTACT recommends to always use an up-to-date version of the PLCnext Engineer.",
"product_ids": [
"CSAFPID-31001",
"CSAFPID-31002",
"CSAFPID-31004",
"CSAFPID-31005",
"CSAFPID-31007"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"environmentalScore": 7.5,
"environmentalSeverity": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"temporalScore": 7.5,
"temporalSeverity": "HIGH",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"CSAFPID-31001",
"CSAFPID-31002",
"CSAFPID-31004",
"CSAFPID-31005",
"CSAFPID-31007"
]
}
],
"title": "CVE-2024-12085"
},
{
"cve": "CVE-2024-12086",
"cwe": {
"id": "CWE-390",
"name": "Detection of Error Condition Without Action"
},
"notes": [
{
"category": "details",
"text": "[https://nvd.nist.gov/vuln/detail/CVE-2024-12086](https://nvd.nist.gov/vuln/detail/CVE-2024-12086)",
"title": "Details"
},
{
"category": "description",
"text": "A flaw was found in rsync. It could allow a server to enumerate the contents of an arbitrary file from the client\u0027s machine. This issue occurs when files are being copied from a client to a server. During this process, the rsync server will send checksums of local data to the client to compare with in order to determine what data needs to be sent to the server. By sending specially constructed checksum values for arbitrary files, an attacker may be able to reconstruct the data of those files byte-by-byte based on the responses from the client.",
"title": "Vulnerability Description"
}
],
"product_status": {
"fixed": [
"CSAFPID-32001",
"CSAFPID-32002",
"CSAFPID-32004",
"CSAFPID-32005",
"CSAFPID-32007"
],
"known_affected": [
"CSAFPID-31001",
"CSAFPID-31002",
"CSAFPID-31004",
"CSAFPID-31005",
"CSAFPID-31007"
]
},
"remediations": [
{
"category": "vendor_fix",
"details": "Update to the latest 2025.0.2 Firmware Release. PHOENIX CONTACT recommends to always use an up-to-date version of the PLCnext Engineer.",
"product_ids": [
"CSAFPID-31001",
"CSAFPID-31002",
"CSAFPID-31004",
"CSAFPID-31005",
"CSAFPID-31007"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"environmentalScore": 6.1,
"environmentalSeverity": "MEDIUM",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"temporalScore": 6.1,
"temporalSeverity": "MEDIUM",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"CSAFPID-31001",
"CSAFPID-31002",
"CSAFPID-31004",
"CSAFPID-31005",
"CSAFPID-31007"
]
}
],
"title": "CVE-2024-12086"
},
{
"cve": "CVE-2024-12087",
"cwe": {
"id": "CWE-35",
"name": "Path Traversal: \u0027.../...//\u0027"
},
"notes": [
{
"category": "details",
"text": "[https://nvd.nist.gov/vuln/detail/CVE-2024-12087](https://nvd.nist.gov/vuln/detail/CVE-2024-12087)",
"title": "Details"
},
{
"category": "description",
"text": "A path traversal vulnerability exists in rsync. It stems from behavior enabled by the `--inc-recursive` option, a default-enabled option for many client options and can be enabled by the server even if not explicitly enabled by the client. When using the `--inc-recursive` option, a lack of proper symlink verification coupled with deduplication checks occurring on a per-file-list basis could allow a server to write files outside of the client\u0027s intended destination directory. A malicious server could write malicious files to arbitrary locations named after valid directories/paths on the client.",
"title": "Vulnerability Description"
}
],
"product_status": {
"fixed": [
"CSAFPID-32001",
"CSAFPID-32002",
"CSAFPID-32004",
"CSAFPID-32005",
"CSAFPID-32007"
],
"known_affected": [
"CSAFPID-31001",
"CSAFPID-31002",
"CSAFPID-31004",
"CSAFPID-31005",
"CSAFPID-31007"
]
},
"remediations": [
{
"category": "vendor_fix",
"details": "Update to the latest 2025.0.2 Firmware Release. PHOENIX CONTACT recommends to always use an up-to-date version of the PLCnext Engineer.",
"product_ids": [
"CSAFPID-31001",
"CSAFPID-31002",
"CSAFPID-31004",
"CSAFPID-31005",
"CSAFPID-31007"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"environmentalScore": 6.5,
"environmentalSeverity": "MEDIUM",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"temporalScore": 6.5,
"temporalSeverity": "MEDIUM",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N",
"version": "3.1"
},
"products": [
"CSAFPID-31001",
"CSAFPID-31002",
"CSAFPID-31004",
"CSAFPID-31005",
"CSAFPID-31007"
]
}
],
"title": "CVE-2024-12087"
},
{
"cve": "CVE-2024-12088",
"cwe": {
"id": "CWE-35",
"name": "Path Traversal: \u0027.../...//\u0027"
},
"notes": [
{
"category": "details",
"text": "[https://nvd.nist.gov/vuln/detail/CVE-2024-12088](https://nvd.nist.gov/vuln/detail/CVE-2024-12088)",
"title": "Details"
},
{
"category": "description",
"text": "A flaw was found in rsync. When using the `--safe-links` option, the rsync client fails to properly verify if a symbolic link destination sent from the server contains another symbolic link within it. This results in a path traversal vulnerability, which may lead to arbitrary file write outside the desired directory.",
"title": "Vulnerability Description"
}
],
"product_status": {
"fixed": [
"CSAFPID-32001",
"CSAFPID-32002",
"CSAFPID-32004",
"CSAFPID-32005",
"CSAFPID-32007"
],
"known_affected": [
"CSAFPID-31001",
"CSAFPID-31002",
"CSAFPID-31004",
"CSAFPID-31005",
"CSAFPID-31007"
]
},
"remediations": [
{
"category": "vendor_fix",
"details": "Update to the latest 2025.0.2 Firmware Release. PHOENIX CONTACT recommends to always use an up-to-date version of the PLCnext Engineer.",
"product_ids": [
"CSAFPID-31001",
"CSAFPID-31002",
"CSAFPID-31004",
"CSAFPID-31005",
"CSAFPID-31007"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"environmentalScore": 6.5,
"environmentalSeverity": "MEDIUM",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"temporalScore": 6.5,
"temporalSeverity": "MEDIUM",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N",
"version": "3.1"
},
"products": [
"CSAFPID-31001",
"CSAFPID-31002",
"CSAFPID-31004",
"CSAFPID-31005",
"CSAFPID-31007"
]
}
],
"title": "CVE-2024-12088"
},
{
"cve": "CVE-2024-12747",
"cwe": {
"id": "CWE-362",
"name": "Concurrent Execution using Shared Resource with Improper Synchronization (\u0027Race Condition\u0027)"
},
"notes": [
{
"category": "details",
"text": "[https://nvd.nist.gov/vuln/detail/CVE-2024-12747](https://nvd.nist.gov/vuln/detail/CVE-2024-12747)",
"title": "Details"
},
{
"category": "description",
"text": "A flaw was found in rsync. This vulnerability arises from a race condition during rsync\u0027s handling of symbolic links. Rsync\u0027s default behavior when encountering symbolic links is to skip them. If an attacker replaced a regular file with a symbolic link at the right time, it was possible to bypass the default behavior and traverse symbolic links. Depending on the privileges of the rsync process, an attacker could leak sensitive information, potentially leading to privilege escalation.",
"title": "Vulnerability Description"
}
],
"product_status": {
"fixed": [
"CSAFPID-32001",
"CSAFPID-32002",
"CSAFPID-32004",
"CSAFPID-32005",
"CSAFPID-32007"
],
"known_affected": [
"CSAFPID-31001",
"CSAFPID-31002",
"CSAFPID-31004",
"CSAFPID-31005",
"CSAFPID-31007"
]
},
"remediations": [
{
"category": "vendor_fix",
"details": "Update to the latest 2025.0.2 Firmware Release. PHOENIX CONTACT recommends to always use an up-to-date version of the PLCnext Engineer.",
"product_ids": [
"CSAFPID-31001",
"CSAFPID-31002",
"CSAFPID-31004",
"CSAFPID-31005",
"CSAFPID-31007"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 5.6,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"environmentalScore": 5.6,
"environmentalSeverity": "MEDIUM",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"temporalScore": 5.6,
"temporalSeverity": "MEDIUM",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"CSAFPID-31001",
"CSAFPID-31002",
"CSAFPID-31004",
"CSAFPID-31005",
"CSAFPID-31007"
]
}
],
"title": "CVE-2024-12747"
},
{
"cve": "CVE-2022-0530",
"cwe": {
"id": "CWE-787",
"name": "Out-of-bounds Write"
},
"notes": [
{
"category": "details",
"text": "[https://nvd.nist.gov/vuln/detail/CVE-2022-0530](https://nvd.nist.gov/vuln/detail/CVE-2022-0530)",
"title": "Details"
},
{
"category": "description",
"text": "A flaw was found in Unzip. The vulnerability occurs during the conversion of a wide string to a local string that leads to a heap of out-of-bound write. This flaw allows an attacker to input a specially crafted zip file, leading to a crash or code execution.",
"title": "Vulnerability Description"
}
],
"product_status": {
"fixed": [
"CSAFPID-32001",
"CSAFPID-32002",
"CSAFPID-32004",
"CSAFPID-32005",
"CSAFPID-32007"
],
"known_affected": [
"CSAFPID-31001",
"CSAFPID-31002",
"CSAFPID-31004",
"CSAFPID-31005",
"CSAFPID-31007"
]
},
"remediations": [
{
"category": "vendor_fix",
"details": "Update to the latest 2025.0.2 Firmware Release. PHOENIX CONTACT recommends to always use an up-to-date version of the PLCnext Engineer.",
"product_ids": [
"CSAFPID-31001",
"CSAFPID-31002",
"CSAFPID-31004",
"CSAFPID-31005",
"CSAFPID-31007"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"environmentalScore": 5.5,
"environmentalSeverity": "MEDIUM",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"temporalScore": 5.5,
"temporalSeverity": "MEDIUM",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-31001",
"CSAFPID-31002",
"CSAFPID-31004",
"CSAFPID-31005",
"CSAFPID-31007"
]
},
{
"cvss_v2": {
"baseScore": 4.3,
"vectorString": "AV:N/AC:M/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
"products": [
"CSAFPID-31001",
"CSAFPID-31002",
"CSAFPID-31004",
"CSAFPID-31005",
"CSAFPID-31007"
]
}
],
"title": "CVE-2022-0530"
},
{
"cve": "CVE-2022-0529",
"cwe": {
"id": "CWE-787",
"name": "Out-of-bounds Write"
},
"notes": [
{
"category": "details",
"text": "[https://nvd.nist.gov/vuln/detail/CVE-2022-0529](https://nvd.nist.gov/vuln/detail/CVE-2022-0529)",
"title": "Details"
},
{
"category": "description",
"text": "A flaw was found in Unzip. The vulnerability occurs during the conversion of a wide string to a local string that leads to a heap of out-of-bound write. This flaw allows an attacker to input a specially crafted zip file, leading to a crash or code execution.",
"title": "Vulnerability Description"
}
],
"product_status": {
"fixed": [
"CSAFPID-32001",
"CSAFPID-32002",
"CSAFPID-32004",
"CSAFPID-32005",
"CSAFPID-32007"
],
"known_affected": [
"CSAFPID-31001",
"CSAFPID-31002",
"CSAFPID-31004",
"CSAFPID-31005",
"CSAFPID-31007"
]
},
"remediations": [
{
"category": "vendor_fix",
"details": "Update to the latest 2025.0.2 Firmware Release. PHOENIX CONTACT recommends to always use an up-to-date version of the PLCnext Engineer.",
"product_ids": [
"CSAFPID-31001",
"CSAFPID-31002",
"CSAFPID-31004",
"CSAFPID-31005",
"CSAFPID-31007"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"environmentalScore": 5.5,
"environmentalSeverity": "MEDIUM",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"temporalScore": 5.5,
"temporalSeverity": "MEDIUM",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-31001",
"CSAFPID-31002",
"CSAFPID-31004",
"CSAFPID-31005",
"CSAFPID-31007"
]
},
{
"cvss_v2": {
"baseScore": 4.3,
"vectorString": "AV:N/AC:M/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
"products": [
"CSAFPID-31001",
"CSAFPID-31002",
"CSAFPID-31004",
"CSAFPID-31005",
"CSAFPID-31007"
]
}
],
"title": "CVE-2022-0529"
},
{
"cve": "CVE-2021-4217",
"cwe": {
"id": "CWE-476",
"name": "NULL Pointer Dereference"
},
"notes": [
{
"category": "details",
"text": "[https://nvd.nist.gov/vuln/detail/CVE-2021-4217](https://nvd.nist.gov/vuln/detail/CVE-2021-4217)",
"title": "Details"
},
{
"category": "description",
"text": "A flaw was found in unzip. The vulnerability occurs due to improper handling of Unicode strings, which can lead to a null pointer dereference. This flaw allows an attacker to input a specially crafted zip file, leading to a crash or code execution.",
"title": "Vulnerability Description"
}
],
"product_status": {
"fixed": [
"CSAFPID-32001",
"CSAFPID-32002",
"CSAFPID-32004",
"CSAFPID-32005",
"CSAFPID-32007"
],
"known_affected": [
"CSAFPID-31001",
"CSAFPID-31002",
"CSAFPID-31004",
"CSAFPID-31005",
"CSAFPID-31007"
]
},
"remediations": [
{
"category": "vendor_fix",
"details": "Update to the latest 2025.0.2 Firmware Release. PHOENIX CONTACT recommends to always use an up-to-date version of the PLCnext Engineer.",
"product_ids": [
"CSAFPID-31001",
"CSAFPID-31002",
"CSAFPID-31004",
"CSAFPID-31005",
"CSAFPID-31007"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "LOW",
"baseScore": 3.3,
"baseSeverity": "LOW",
"confidentialityImpact": "NONE",
"environmentalScore": 3.3,
"environmentalSeverity": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"temporalScore": 3.3,
"temporalSeverity": "LOW",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"CSAFPID-31001",
"CSAFPID-31002",
"CSAFPID-31004",
"CSAFPID-31005",
"CSAFPID-31007"
]
}
],
"title": "CVE-2021-4217"
},
{
"cve": "CVE-2018-1000035",
"cwe": {
"id": "CWE-787",
"name": "Out-of-bounds Write"
},
"notes": [
{
"category": "details",
"text": "[https://nvd.nist.gov/vuln/detail/CVE-2018-1000035](https://nvd.nist.gov/vuln/detail/CVE-2018-1000035)",
"title": "Details"
},
{
"category": "description",
"text": "A heap-based buffer overflow exists in Info-Zip UnZip version \u003c= 6.00 in the processing of password-protected archives that allows an attacker to perform a denial of service or to possibly achieve code execution.",
"title": "Vulnerability Description"
}
],
"product_status": {
"fixed": [
"CSAFPID-32001",
"CSAFPID-32002",
"CSAFPID-32004",
"CSAFPID-32005",
"CSAFPID-32007"
],
"known_affected": [
"CSAFPID-31001",
"CSAFPID-31002",
"CSAFPID-31004",
"CSAFPID-31005",
"CSAFPID-31007"
]
},
"remediations": [
{
"category": "vendor_fix",
"details": "Update to the latest 2025.0.2 Firmware Release. PHOENIX CONTACT recommends to always use an up-to-date version of the PLCnext Engineer.",
"product_ids": [
"CSAFPID-31001",
"CSAFPID-31002",
"CSAFPID-31004",
"CSAFPID-31005",
"CSAFPID-31007"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"environmentalScore": 7.8,
"environmentalSeverity": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"temporalScore": 7.8,
"temporalSeverity": "HIGH",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"products": [
"CSAFPID-31001",
"CSAFPID-31002",
"CSAFPID-31004",
"CSAFPID-31005",
"CSAFPID-31007"
]
},
{
"cvss_v2": {
"baseScore": 6.8,
"vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"products": [
"CSAFPID-31001",
"CSAFPID-31002",
"CSAFPID-31004",
"CSAFPID-31005",
"CSAFPID-31007"
]
}
],
"title": "CVE-2018-1000035"
},
{
"cve": "CVE-2018-18384",
"cwe": {
"id": "CWE-119",
"name": "Improper Restriction of Operations within the Bounds of a Memory Buffer"
},
"notes": [
{
"category": "details",
"text": "[https://nvd.nist.gov/vuln/detail/CVE-2018-18384](https://nvd.nist.gov/vuln/detail/CVE-2018-18384)",
"title": "Details"
},
{
"category": "description",
"text": "Info-ZIP UnZip 6.0 has a buffer overflow in list.c, when a ZIP archive has a crafted relationship between the compressed-size value and the uncompressed-size value, because a buffer size is 10 and is supposed to be 12.",
"title": "Vulnerability Description"
}
],
"product_status": {
"fixed": [
"CSAFPID-32001",
"CSAFPID-32002",
"CSAFPID-32004",
"CSAFPID-32005",
"CSAFPID-32007"
],
"known_affected": [
"CSAFPID-31001",
"CSAFPID-31002",
"CSAFPID-31004",
"CSAFPID-31005",
"CSAFPID-31007"
]
},
"remediations": [
{
"category": "vendor_fix",
"details": "Update to the latest 2025.0.2 Firmware Release. PHOENIX CONTACT recommends to always use an up-to-date version of the PLCnext Engineer.",
"product_ids": [
"CSAFPID-31001",
"CSAFPID-31002",
"CSAFPID-31004",
"CSAFPID-31005",
"CSAFPID-31007"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"environmentalScore": 5.5,
"environmentalSeverity": "MEDIUM",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"temporalScore": 5.5,
"temporalSeverity": "MEDIUM",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
"version": "3.0"
},
"products": [
"CSAFPID-31001",
"CSAFPID-31002",
"CSAFPID-31004",
"CSAFPID-31005",
"CSAFPID-31007"
]
},
{
"cvss_v2": {
"baseScore": 4.3,
"vectorString": "AV:N/AC:M/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
"products": [
"CSAFPID-31001",
"CSAFPID-31002",
"CSAFPID-31004",
"CSAFPID-31005",
"CSAFPID-31007"
]
}
],
"title": "CVE-2018-18384"
},
{
"cve": "CVE-2016-9844",
"cwe": {
"id": "CWE-119",
"name": "Improper Restriction of Operations within the Bounds of a Memory Buffer"
},
"notes": [
{
"category": "details",
"text": "[https://nvd.nist.gov/vuln/detail/CVE-2016-9844](https://nvd.nist.gov/vuln/detail/CVE-2016-9844)",
"title": "Details"
},
{
"category": "description",
"text": "Buffer overflow in the zi_short function in zipinfo.c in Info-Zip UnZip 6.0 allows remote attackers to cause a denial of service (crash) via a large compression method value in the central directory file header.",
"title": "Vulnerability Description"
}
],
"product_status": {
"fixed": [
"CSAFPID-32001",
"CSAFPID-32002",
"CSAFPID-32004",
"CSAFPID-32005",
"CSAFPID-32007"
],
"known_affected": [
"CSAFPID-31001",
"CSAFPID-31002",
"CSAFPID-31004",
"CSAFPID-31005",
"CSAFPID-31007"
]
},
"remediations": [
{
"category": "vendor_fix",
"details": "Update to the latest 2025.0.2 Firmware Release. PHOENIX CONTACT recommends to always use an up-to-date version of the PLCnext Engineer.",
"product_ids": [
"CSAFPID-31001",
"CSAFPID-31002",
"CSAFPID-31004",
"CSAFPID-31005",
"CSAFPID-31007"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "LOW",
"baseScore": 4,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"environmentalScore": 4,
"environmentalSeverity": "MEDIUM",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"temporalScore": 4,
"temporalSeverity": "MEDIUM",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.0"
},
"products": [
"CSAFPID-31001",
"CSAFPID-31002",
"CSAFPID-31004",
"CSAFPID-31005",
"CSAFPID-31007"
]
},
{
"cvss_v2": {
"baseScore": 2.1,
"vectorString": "AV:L/AC:L/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
"products": [
"CSAFPID-31001",
"CSAFPID-31002",
"CSAFPID-31004",
"CSAFPID-31005",
"CSAFPID-31007"
]
}
],
"title": "CVE-2016-9844"
},
{
"cve": "CVE-2019-13232",
"cwe": {
"id": "CWE-400",
"name": "Uncontrolled Resource Consumption"
},
"notes": [
{
"category": "details",
"text": "[https://nvd.nist.gov/vuln/detail/CVE-2019-13232](https://nvd.nist.gov/vuln/detail/CVE-2019-13232)",
"title": "Details"
},
{
"category": "description",
"text": "Info-ZIP UnZip 6.0 mishandles the overlapping of files inside a ZIP container, leading to denial of service (resource consumption), aka a \"better zip bomb\" issue.",
"title": "Vulnerability Description"
}
],
"product_status": {
"fixed": [
"CSAFPID-32001",
"CSAFPID-32002",
"CSAFPID-32004",
"CSAFPID-32005",
"CSAFPID-32007"
],
"known_affected": [
"CSAFPID-31001",
"CSAFPID-31002",
"CSAFPID-31004",
"CSAFPID-31005",
"CSAFPID-31007"
]
},
"remediations": [
{
"category": "vendor_fix",
"details": "Update to the latest 2025.0.2 Firmware Release. PHOENIX CONTACT recommends to always use an up-to-date version of the PLCnext Engineer.",
"product_ids": [
"CSAFPID-31001",
"CSAFPID-31002",
"CSAFPID-31004",
"CSAFPID-31005",
"CSAFPID-31007"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "LOW",
"baseScore": 3.3,
"baseSeverity": "LOW",
"confidentialityImpact": "NONE",
"environmentalScore": 3.3,
"environmentalSeverity": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"temporalScore": 3.3,
"temporalSeverity": "LOW",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"CSAFPID-31001",
"CSAFPID-31002",
"CSAFPID-31004",
"CSAFPID-31005",
"CSAFPID-31007"
]
},
{
"cvss_v2": {
"baseScore": 2.1,
"vectorString": "AV:L/AC:L/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
"products": [
"CSAFPID-31001",
"CSAFPID-31002",
"CSAFPID-31004",
"CSAFPID-31005",
"CSAFPID-31007"
]
}
],
"title": "CVE-2019-13232"
},
{
"cve": "CVE-2015-7696",
"cwe": {
"id": "CWE-119",
"name": "Improper Restriction of Operations within the Bounds of a Memory Buffer"
},
"notes": [
{
"category": "details",
"text": "[https://nvd.nist.gov/vuln/detail/CVE-2015-7696](https://nvd.nist.gov/vuln/detail/CVE-2015-7696)",
"title": "Details"
},
{
"category": "description",
"text": "Info-ZIP UnZip 6.0 allows remote attackers to cause a denial of service (heap-based buffer over-read and application crash) or possibly execute arbitrary code via a crafted password-protected ZIP archive, possibly related to an Extra-Field size value.",
"title": "Vulnerability Description"
}
],
"product_status": {
"fixed": [
"CSAFPID-32001",
"CSAFPID-32002",
"CSAFPID-32004",
"CSAFPID-32005",
"CSAFPID-32007"
],
"known_affected": [
"CSAFPID-31001",
"CSAFPID-31002",
"CSAFPID-31004",
"CSAFPID-31005",
"CSAFPID-31007"
]
},
"remediations": [
{
"category": "vendor_fix",
"details": "Update to the latest 2025.0.2 Firmware Release. PHOENIX CONTACT recommends to always use an up-to-date version of the PLCnext Engineer.",
"product_ids": [
"CSAFPID-31001",
"CSAFPID-31002",
"CSAFPID-31004",
"CSAFPID-31005",
"CSAFPID-31007"
]
}
],
"scores": [
{
"cvss_v2": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 6.8,
"confidentialityImpact": "PARTIAL",
"environmentalScore": 6.8,
"integrityImpact": "PARTIAL",
"temporalScore": 6.8,
"vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"products": [
"CSAFPID-31001",
"CSAFPID-31002",
"CSAFPID-31004",
"CSAFPID-31005",
"CSAFPID-31007"
]
}
],
"title": "CVE-2015-7696"
},
{
"cve": "CVE-2015-7697",
"cwe": {
"id": "CWE-835",
"name": "Loop with Unreachable Exit Condition (\u0027Infinite Loop\u0027)"
},
"notes": [
{
"category": "details",
"text": "[https://nvd.nist.gov/vuln/detail/CVE-2015-7697](https://nvd.nist.gov/vuln/detail/CVE-2015-7697)",
"title": "Details"
},
{
"category": "description",
"text": "Info-ZIP UnZip 6.0 allows remote attackers to cause a denial of service (infinite loop) via empty bzip2 data in a ZIP archive.",
"title": "Vulnerability Description"
}
],
"product_status": {
"fixed": [
"CSAFPID-32001",
"CSAFPID-32002",
"CSAFPID-32004",
"CSAFPID-32005",
"CSAFPID-32007"
],
"known_affected": [
"CSAFPID-31001",
"CSAFPID-31002",
"CSAFPID-31004",
"CSAFPID-31005",
"CSAFPID-31007"
]
},
"remediations": [
{
"category": "vendor_fix",
"details": "Update to the latest 2025.0.2 Firmware Release. PHOENIX CONTACT recommends to always use an up-to-date version of the PLCnext Engineer.",
"product_ids": [
"CSAFPID-31001",
"CSAFPID-31002",
"CSAFPID-31004",
"CSAFPID-31005",
"CSAFPID-31007"
]
}
],
"scores": [
{
"cvss_v2": {
"baseScore": 4.3,
"vectorString": "AV:N/AC:M/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
"products": [
"CSAFPID-31001",
"CSAFPID-31002",
"CSAFPID-31004",
"CSAFPID-31005",
"CSAFPID-31007"
]
}
],
"title": "CVE-2015-7697"
},
{
"cve": "CVE-2024-38428",
"cwe": {
"id": "CWE-436",
"name": "Interpretation Conflict"
},
"notes": [
{
"category": "details",
"text": "[https://nvd.nist.gov/vuln/detail/CVE-2024-38428](https://nvd.nist.gov/vuln/detail/CVE-2024-38428)",
"title": "Details"
},
{
"category": "description",
"text": "url.c in GNU Wget through 1.24.5 mishandles semicolons in the userinfo subcomponent of a URI, and thus there may be insecure behavior in which data that was supposed to be in the userinfo subcomponent is misinterpreted to be part of the host subcomponent.",
"title": "Vulnerability Description"
}
],
"product_status": {
"fixed": [
"CSAFPID-32001",
"CSAFPID-32002",
"CSAFPID-32004",
"CSAFPID-32005",
"CSAFPID-32007"
],
"known_affected": [
"CSAFPID-31001",
"CSAFPID-31002",
"CSAFPID-31004",
"CSAFPID-31005",
"CSAFPID-31007"
]
},
"remediations": [
{
"category": "vendor_fix",
"details": "Update to the latest 2025.0.2 Firmware Release. PHOENIX CONTACT recommends to always use an up-to-date version of the PLCnext Engineer.",
"product_ids": [
"CSAFPID-31001",
"CSAFPID-31002",
"CSAFPID-31004",
"CSAFPID-31005",
"CSAFPID-31007"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 9.1,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"environmentalScore": 9.1,
"environmentalSeverity": "CRITICAL",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"temporalScore": 9.1,
"temporalSeverity": "CRITICAL",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N",
"version": "3.1"
},
"products": [
"CSAFPID-31001",
"CSAFPID-31002",
"CSAFPID-31004",
"CSAFPID-31005",
"CSAFPID-31007"
]
}
],
"title": "CVE-2024-38428"
},
{
"cve": "CVE-2024-10524",
"cwe": {
"id": "CWE-918",
"name": "Server-Side Request Forgery (SSRF)"
},
"notes": [
{
"category": "details",
"text": "[https://nvd.nist.gov/vuln/detail/CVE-2024-10524](https://nvd.nist.gov/vuln/detail/CVE-2024-10524)",
"title": "Details"
},
{
"category": "description",
"text": "Applications that use Wget to access a remote resource using shorthand URLs and pass arbitrary user credentials in the URL are vulnerable. In these cases attackers can enter crafted credentials which will cause Wget to access an arbitrary host.",
"title": "Vulnerability Description"
}
],
"product_status": {
"fixed": [
"CSAFPID-32001",
"CSAFPID-32002",
"CSAFPID-32004",
"CSAFPID-32005",
"CSAFPID-32007"
],
"known_affected": [
"CSAFPID-31001",
"CSAFPID-31002",
"CSAFPID-31004",
"CSAFPID-31005",
"CSAFPID-31007"
]
},
"remediations": [
{
"category": "vendor_fix",
"details": "Update to the latest 2025.0.2 Firmware Release. PHOENIX CONTACT recommends to always use an up-to-date version of the PLCnext Engineer.",
"product_ids": [
"CSAFPID-31001",
"CSAFPID-31002",
"CSAFPID-31004",
"CSAFPID-31005",
"CSAFPID-31007"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"environmentalScore": 6.5,
"environmentalSeverity": "MEDIUM",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"temporalScore": 6.5,
"temporalSeverity": "MEDIUM",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:L/I:L/A:L",
"version": "3.1"
},
"products": [
"CSAFPID-31001",
"CSAFPID-31002",
"CSAFPID-31004",
"CSAFPID-31005",
"CSAFPID-31007"
]
}
],
"title": "CVE-2024-10524"
}
]
}
WID-SEC-W-2024-2040
Vulnerability from csaf_certbund - Published: 2024-09-03 22:00 - Updated: 2026-05-05 22:00| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Open Source OpenSSL <3.0
Open Source / OpenSSL
|
<3.0 | ||
|
Open Source OpenSSL <3.3
Open Source / OpenSSL
|
<3.3 | ||
|
Open Source OpenSSL <3.2
Open Source / OpenSSL
|
<3.2 | ||
|
Open Source OpenSSL <3.1
Open Source / OpenSSL
|
<3.1 | ||
|
Oracle Linux
Oracle
|
cpe:/o:oracle:linux:-
|
— | |
|
Tenable Security Nessus <10.8.3
Tenable Security / Nessus
|
<10.8.3 | ||
|
Hitachi Ops Center
Hitachi
|
cpe:/a:hitachi:ops_center:-
|
— | |
|
IBM Integration Bus for zos
IBM / Integration Bus
|
cpe:/a:ibm:integration_bus:for_zos
|
for zos | |
|
IBM Storage Scale <6.2.2.0
IBM / Storage Scale
|
<6.2.2.0 | ||
|
IBM Storage Scale <6.1.9.5
IBM / Storage Scale
|
<6.1.9.5 | ||
|
IBM AIX 7.3
IBM / AIX
|
cpe:/o:ibm:aix:7.3
|
7.3 | |
|
IBM SAN Volume Controller
IBM
|
cpe:/a:ibm:san_volume_controller:-
|
— | |
|
Progress Software WS_FTP Server <2025 (10.0)
Progress Software / WS_FTP
|
Server <2025 (10.0) | ||
|
IBM Rational Build Forge <8.0.0.27
IBM / Rational Build Forge
|
<8.0.0.27 | ||
|
Red Hat OpenShift Container Platform <4.17.8
Red Hat / OpenShift
|
Container Platform <4.17.8 | ||
|
Siemens SIMATIC S7 1500 CPU
Siemens / SIMATIC S7
|
cpe:/h:siemens:simatic_s7:1500_cpu
|
1500 CPU | |
|
NetApp Data ONTAP 9
NetApp / Data ONTAP
|
cpe:/a:netapp:data_ontap:9
|
9 | |
|
Tenable Security Nessus Network Monitor <6.5.0
Tenable Security / Nessus Network Monitor
|
<6.5.0 | ||
|
IBM AIX 7.2
IBM / AIX
|
cpe:/o:ibm:aix:7.2
|
7.2 | |
|
IBM VIOS 3.1
IBM / VIOS
|
cpe:/a:ibm:vios:3.1
|
3.1 | |
|
Open Source OpenSSL <0.9.7
Open Source / OpenSSL
|
<0.9.7 | ||
|
IBM VIOS 4.1
IBM / VIOS
|
cpe:/a:ibm:vios:4.1
|
4.1 | |
|
Open Source OpenSSL <0.9.6
Open Source / OpenSSL
|
<0.9.6 | ||
|
Securepoint UTM <12.7.3
Securepoint / UTM
|
<12.7.3 | ||
|
Open Source OpenSSL <1.0.2
Open Source / OpenSSL
|
<1.0.2 | ||
|
Open Source OpenSSL <1.0.0
Open Source / OpenSSL
|
<1.0.0 | ||
|
Open Source OpenSSL <1.0.1
Open Source / OpenSSL
|
<1.0.1 | ||
|
Open Source OpenSSL <0.9.8
Open Source / OpenSSL
|
<0.9.8 | ||
|
Open Source OpenSSL <1.1.1
Open Source / OpenSSL
|
<1.1.1 | ||
|
Open Source OpenSSL <1.1.0
Open Source / OpenSSL
|
<1.1.0 | ||
|
Debian Linux
Debian
|
cpe:/o:debian:debian_linux:-
|
— | |
|
SUSE Linux
SUSE
|
cpe:/o:suse:suse_linux:-
|
— | |
|
IBM InfoSphere Information Server 11.7
IBM / InfoSphere Information Server
|
cpe:/a:ibm:infosphere_information_server:11.7
|
11.7 | |
|
IBM Spectrum Protect Plus
IBM
|
cpe:/a:ibm:spectrum_protect_plus:-
|
— | |
|
SUSE openSUSE
SUSE
|
cpe:/o:suse:opensuse:-
|
— | |
|
IBM Rational ClearCase <11.0.0.3
IBM / Rational ClearCase
|
<11.0.0.3 | ||
|
IBM Rational ClearCase <10.0.1.3
IBM / Rational ClearCase
|
<10.0.1.3 | ||
|
IBM Rational ClearQuest <Fix Pack 8 (9.1.0.8) for 9.1
IBM / Rational ClearQuest
|
<Fix Pack 8 (9.1.0.8) for 9.1 | ||
|
IBM Rational ClearCase <9.1.0.8
IBM / Rational ClearCase
|
<9.1.0.8 | ||
|
IBM Rational ClearQuest <10.0.7
IBM / Rational ClearQuest
|
<10.0.7 | ||
|
IBM Security Verify Access <10.0.9.1
IBM / Security Verify Access
|
<10.0.9.1 | ||
|
Red Hat OpenShift Logging Subsystem 5.9.7
Red Hat / OpenShift
|
cpe:/a:redhat:openshift:logging_subsystem_5.9.7
|
Logging Subsystem 5.9.7 | |
|
Red Hat Enterprise Linux
Red Hat
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
FreeBSD Project FreeBSD OS
FreeBSD Project
|
cpe:/o:freebsd:freebsd:-
|
— | |
|
IBM DB2 on Cloud Pak for Data
IBM / DB2
|
cpe:/a:ibm:db2:on_cloud_pak_for_data
|
on Cloud Pak for Data | |
|
Juniper Junos Space <24.1R2
Juniper / Junos Space
|
<24.1R2 | ||
|
HPE HP-UX OpenSSL Software <A.03.00.15.001
HPE / HP-UX
|
OpenSSL Software <A.03.00.15.001 | ||
|
F5 BIG-IP
F5
|
cpe:/a:f5:big-ip:-
|
— | |
|
SolarWinds Platform <2025.1
SolarWinds / Platform
|
<2025.1 | ||
|
IBM FlashSystem
IBM
|
cpe:/a:ibm:flashsystem:-
|
— | |
|
Dell PowerScale OneFS <13.2.3
Dell / PowerScale OneFS
|
<13.2.3 | ||
|
Tenable Security Nessus Agent <10.7.2
Tenable Security / Nessus
|
Agent <10.7.2 | ||
|
Tenable Security Nessus <10.7.6
Tenable Security / Nessus
|
<10.7.6 | ||
|
RESF Rocky Linux
RESF
|
cpe:/o:resf:rocky_linux:-
|
— | |
|
Fedora Linux
Fedora
|
cpe:/o:fedoraproject:fedora:-
|
— | |
|
Insyde UEFI Firmware <RV23.08.1
Insyde / UEFI Firmware
|
<RV23.08.1 | ||
|
IBM App Connect Enterprise
IBM
|
cpe:/a:ibm:app_connect_enterprise:-
|
— | |
|
Insyde UEFI Firmware <RV24.06.3
Insyde / UEFI Firmware
|
<RV24.06.3 | ||
|
HPE NonStop Server
HPE
|
cpe:/h:hp:nonstop_server:-
|
— | |
|
Ubuntu Linux
Ubuntu
|
cpe:/o:canonical:ubuntu_linux:-
|
— |
{
"document": {
"aggregate_severity": {
"text": "mittel"
},
"category": "csaf_base",
"csaf_version": "2.0",
"distribution": {
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "de-DE",
"notes": [
{
"category": "legal_disclaimer",
"text": "Das BSI ist als Anbieter f\u00fcr die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch daf\u00fcr verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgf\u00e4ltig im Einzelfall zu pr\u00fcfen."
},
{
"category": "description",
"text": "OpenSSL ist eine im Quelltext frei verf\u00fcgbare Bibliothek, die Secure Sockets Layer (SSL) und Transport Layer Security (TLS) implementiert.",
"title": "Produktbeschreibung"
},
{
"category": "summary",
"text": "Ein entfernter, anonymer Angreifer kann eine Schwachstelle in OpenSSL ausnutzen, um einen Denial of Service Angriff durchzuf\u00fchren.",
"title": "Angriff"
},
{
"category": "general",
"text": "- Linux\n- Sonstiges\n- Windows",
"title": "Betroffene Betriebssysteme"
}
],
"publisher": {
"category": "other",
"contact_details": "csaf-provider@cert-bund.de",
"name": "Bundesamt f\u00fcr Sicherheit in der Informationstechnik",
"namespace": "https://www.bsi.bund.de"
},
"references": [
{
"category": "self",
"summary": "WID-SEC-W-2024-2040 - CSAF Version",
"url": "https://wid.cert-bund.de/.well-known/csaf/white/2024/wid-sec-w-2024-2040.json"
},
{
"category": "self",
"summary": "WID-SEC-2024-2040 - Portal Version",
"url": "https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2024-2040"
},
{
"category": "external",
"summary": "OpenSSL Vulnerabilities Library vom 2024-09-03",
"url": "https://openssl-library.org/news/vulnerabilities/"
},
{
"category": "external",
"summary": "OSS Security Mailing List vom 2024-09-03",
"url": "https://seclists.org/oss-sec/2024/q3/240"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2024:3105-1 vom 2024-09-03",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2024-September/019361.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2024:3106-1 vom 2024-09-03",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2024-September/019360.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2024:3107-1 vom 2024-09-03",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2024-September/019359.html"
},
{
"category": "external",
"summary": "Debian Security Advisory DSA-5764 vom 2024-09-03",
"url": "https://lists.debian.org/debian-security-announce/2024/msg00177.html"
},
{
"category": "external",
"summary": "Ubuntu Security Notice USN-6986-1 vom 2024-09-03",
"url": "https://ubuntu.com/security/notices/USN-6986-1"
},
{
"category": "external",
"summary": "FreeBSD Security Advisory FREEBSD-SA-24:13.OPENSSL vom 2024-09-05",
"url": "https://security.FreeBSD.org/advisories/FreeBSD-SA-24:13.openssl.asc"
},
{
"category": "external",
"summary": "Fedora Security Advisory FEDORA-2024-5CD6011CF7 vom 2024-09-08",
"url": "https://bodhi.fedoraproject.org/updates/FEDORA-2024-5cd6011cf7"
},
{
"category": "external",
"summary": "Tenable Security Advisory TNS-2024-16 vom 2024-09-11",
"url": "https://de.tenable.com/security/tns-2024-16"
},
{
"category": "external",
"summary": "Tenable Security Advisory TNS-2024-15 vom 2024-09-11",
"url": "https://de.tenable.com/security/tns-2024-15"
},
{
"category": "external",
"summary": "Tenable Security Advisory TNS-2024-14 vom 2024-09-11",
"url": "https://de.tenable.com/security/tns-2024-14"
},
{
"category": "external",
"summary": "SecurePoint UTM Changelog vom 2024-09-12",
"url": "https://wiki.securepoint.de/UTM/Changelog"
},
{
"category": "external",
"summary": "NetApp Security Advisory NTAP-20240912-0001 vom 2024-09-12",
"url": "https://security.netapp.com/advisory/ntap-20240912-0001/"
},
{
"category": "external",
"summary": "openSUSE Security Update OPENSUSE-SU-2024:14317-1 vom 2024-09-17",
"url": "https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/72HQXYTYRYSUESQTFLZVCSPGKFEDEBGR/"
},
{
"category": "external",
"summary": "openSUSE Security Update OPENSUSE-SU-2024:14317-1 vom 2024-09-17",
"url": "https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/message/72HQXYTYRYSUESQTFLZVCSPGKFEDEBGR/"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2024:6783 vom 2024-09-18",
"url": "https://access.redhat.com/errata/RHSA-2024:6783"
},
{
"category": "external",
"summary": "Oracle Linux Security Advisory ELSA-2024-6783 vom 2024-09-19",
"url": "https://linux.oracle.com/errata/ELSA-2024-6783.html"
},
{
"category": "external",
"summary": "Oracle Linux Security Advisory ELSA-2024-12675 vom 2024-09-20",
"url": "https://linux.oracle.com/errata/ELSA-2024-12675.html"
},
{
"category": "external",
"summary": "Oracle Linux Security Advisory ELSA-2024-12683 vom 2024-09-23",
"url": "https://linux.oracle.com/errata/ELSA-2024-12683.html"
},
{
"category": "external",
"summary": "Tenable Security Advisory TNS-2024-17 vom 2024-09-24",
"url": "https://de.tenable.com/security/tns-2024-17"
},
{
"category": "external",
"summary": "Rocky Linux Security Advisory RLSA-2024:6783 vom 2024-09-30",
"url": "https://errata.build.resf.org/RLSA-2024:6783"
},
{
"category": "external",
"summary": "IBM Security Bulletin 7171811 vom 2024-09-30",
"url": "https://aix.software.ibm.com/aix/efixes/security/openssl_advisory43.asc"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2024:7324 vom 2024-10-02",
"url": "https://access.redhat.com/errata/RHSA-2024:7324"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2024:7744 vom 2024-10-07",
"url": "https://access.redhat.com/errata/RHSA-2024:7744"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2024:7599 vom 2024-10-09",
"url": "https://access.redhat.com/errata/RHSA-2024:7599"
},
{
"category": "external",
"summary": "IBM Security Bulletin 7173018 vom 2024-10-14",
"url": "https://www.ibm.com/support/pages/node/7173018"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2024:8113 vom 2024-10-15",
"url": "https://access.redhat.com/errata/RHSA-2024:8113"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2024:8315 vom 2024-10-23",
"url": "https://access.redhat.com/errata/RHSA-2024:8315"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2024:8317 vom 2024-10-23",
"url": "https://access.redhat.com/errata/RHSA-2024:8317"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2024:8314 vom 2024-10-23",
"url": "https://access.redhat.com/errata/RHSA-2024:8314"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2024:8935 vom 2024-11-06",
"url": "https://access.redhat.com/errata/RHSA-2024:8935"
},
{
"category": "external",
"summary": "Oracle Linux Security Advisory ELSA-2024-8935 vom 2024-11-06",
"url": "https://linux.oracle.com/errata/ELSA-2024-8935.html"
},
{
"category": "external",
"summary": "Rocky Linux Security Advisory RLSA-2024:8935 vom 2024-11-08",
"url": "https://errata.build.resf.org/RLSA-2024:8935"
},
{
"category": "external",
"summary": "Insyde Security Advisory INSYDE-SA-2024012 vom 2024-11-12",
"url": "https://www.insyde.com/security-pledge/SA-2024012"
},
{
"category": "external",
"summary": "HPE Security Bulletin vom 2024-11-14",
"url": "https://support.hpe.com/hpesc/public/docDisplay?docId=hpesbux04744en_us\u0026docLocale=en_US"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2024:10135 vom 2024-11-21",
"url": "https://access.redhat.com/errata/RHSA-2024:10135"
},
{
"category": "external",
"summary": "IBM Security Bulletin 7176905 vom 2024-12-04",
"url": "https://www.ibm.com/support/pages/node/7176905"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2024:10857 vom 2024-12-05",
"url": "https://access.redhat.com/errata/RHSA-2024:10857"
},
{
"category": "external",
"summary": "IBM Security Bulletin 7178242 vom 2024-12-09",
"url": "https://www.ibm.com/support/pages/node/7178242"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2024:10818 vom 2024-12-11",
"url": "https://access.redhat.com/errata/RHSA-2024:10818"
},
{
"category": "external",
"summary": "IBM Security Bulletin 7179045 vom 2024-12-16",
"url": "https://www.ibm.com/support/pages/node/7179045"
},
{
"category": "external",
"summary": "Hitachi Vulnerability Information HITACHI-SEC-2024-150 vom 2024-12-17",
"url": "https://www.hitachi.com/products/it/software/security/info/vuls/hitachi-sec-2024-150/index.html"
},
{
"category": "external",
"summary": "Juniper Security Advisory JSA92874 vom 2024-01-09",
"url": "https://supportportal.juniper.net/s/article/2025-01-Security-Bulletin-Junos-Space-Multiple-vulnerabilities-resolved-in-24-1R2-release"
},
{
"category": "external",
"summary": "SolarWinds Platform 2025.1 release notes vom 2025-02-11",
"url": "https://documentation.solarwinds.com/en/success_center/orionplatform/content/release_notes/solarwinds_platform_2025-1_release_notes.htm"
},
{
"category": "external",
"summary": "F5 Security Advisory K000149304 vom 2025-02-19",
"url": "https://my.f5.com/manage/s/article/K000149304"
},
{
"category": "external",
"summary": "IBM Security Bulletin 7182395 vom 2025-03-04",
"url": "https://www.ibm.com/support/pages/node/7182395"
},
{
"category": "external",
"summary": "IBM Security Bulletin 7185261 vom 2025-03-10",
"url": "https://www.ibm.com/support/pages/node/7185261"
},
{
"category": "external",
"summary": "IBM Security Bulletin 7229443 vom 2025-03-28",
"url": "https://www.ibm.com/support/pages/node/7229443"
},
{
"category": "external",
"summary": "Juniper Security Bulletin",
"url": "https://supportportal.juniper.net/s/article/2025-01-Security-Bulletin-Junos-Space-Multiple-vulnerabilities-resolved-in-24-1R2-release?language=en_US"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2025:1516-1 vom 2025-05-08",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2025-May/020811.html"
},
{
"category": "external",
"summary": "HPE Security Advisory vom 2025-05-22",
"url": "https://support.hpe.com/hpesc/public/docDisplay?docId=hpesbns04859en_us\u0026docLocale=en_US"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2025:20014-1 vom 2025-06-04",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2025-June/021360.html"
},
{
"category": "external",
"summary": "Siemens Security Advisory SSA-082556 vom 2025-06-10",
"url": "https://cert-portal.siemens.com/productcert/html/ssa-082556.html"
},
{
"category": "external",
"summary": "IBM Security Bulletin 7237440 vom 2025-06-21",
"url": "https://www.ibm.com/support/pages/node/7237440"
},
{
"category": "external",
"summary": "IBM Security Bulletin 7237155 vom 2025-06-26",
"url": "https://www.ibm.com/support/pages/node/7237155"
},
{
"category": "external",
"summary": "Progress Article vom 2024-12-23",
"url": "https://community.progress.com/s/article/ka7Pb000001NOYvIAO"
},
{
"category": "external",
"summary": "IBM Security Bulletin 7256201 vom 2026-01-05",
"url": "https://www.ibm.com/support/pages/node/7256201"
},
{
"category": "external",
"summary": "Dell Security Advisory DSA-2026-127 vom 2026-05-06",
"url": "https://www.dell.com/support/kbdoc/de-de/000461405/dsa-2026-127-security-update-for-dell-powerscale-onefs-multiple-third-party-component-vulnerabilities"
}
],
"source_lang": "en-US",
"title": "OpenSSL: Schwachstelle erm\u00f6glicht Denial of Service",
"tracking": {
"current_release_date": "2026-05-05T22:00:00.000+00:00",
"generator": {
"date": "2026-05-06T09:11:37.073+00:00",
"engine": {
"name": "BSI-WID",
"version": "1.5.0"
}
},
"id": "WID-SEC-W-2024-2040",
"initial_release_date": "2024-09-03T22:00:00.000+00:00",
"revision_history": [
{
"date": "2024-09-03T22:00:00.000+00:00",
"number": "1",
"summary": "Initiale Fassung"
},
{
"date": "2024-09-04T22:00:00.000+00:00",
"number": "2",
"summary": "Neue Updates von FreeBSD aufgenommen"
},
{
"date": "2024-09-08T22:00:00.000+00:00",
"number": "3",
"summary": "Neue Updates von Fedora aufgenommen"
},
{
"date": "2024-09-11T22:00:00.000+00:00",
"number": "4",
"summary": "Neue Updates von Tenable aufgenommen"
},
{
"date": "2024-09-12T22:00:00.000+00:00",
"number": "5",
"summary": "Neue Updates von NetApp aufgenommen"
},
{
"date": "2024-09-17T22:00:00.000+00:00",
"number": "6",
"summary": "Neue Updates von openSUSE aufgenommen"
},
{
"date": "2024-09-18T22:00:00.000+00:00",
"number": "7",
"summary": "Neue Updates von Red Hat aufgenommen"
},
{
"date": "2024-09-19T22:00:00.000+00:00",
"number": "8",
"summary": "Neue Updates von Oracle Linux aufgenommen"
},
{
"date": "2024-09-23T22:00:00.000+00:00",
"number": "9",
"summary": "Neue Updates von Oracle Linux aufgenommen"
},
{
"date": "2024-09-24T22:00:00.000+00:00",
"number": "10",
"summary": "Neue Updates von Tenable aufgenommen"
},
{
"date": "2024-09-30T22:00:00.000+00:00",
"number": "11",
"summary": "Neue Updates von Rocky Enterprise Software Foundation und IBM aufgenommen"
},
{
"date": "2024-10-03T22:00:00.000+00:00",
"number": "12",
"summary": "Neue Updates von Red Hat aufgenommen"
},
{
"date": "2024-10-07T22:00:00.000+00:00",
"number": "13",
"summary": "Neue Updates von Red Hat aufgenommen"
},
{
"date": "2024-10-08T22:00:00.000+00:00",
"number": "14",
"summary": "Neue Updates von Red Hat aufgenommen"
},
{
"date": "2024-10-13T22:00:00.000+00:00",
"number": "15",
"summary": "Neue Updates von IBM aufgenommen"
},
{
"date": "2024-10-14T22:00:00.000+00:00",
"number": "16",
"summary": "Neue Updates von Red Hat aufgenommen"
},
{
"date": "2024-10-23T22:00:00.000+00:00",
"number": "17",
"summary": "Neue Updates von Red Hat aufgenommen"
},
{
"date": "2024-11-05T23:00:00.000+00:00",
"number": "18",
"summary": "Neue Updates von Red Hat aufgenommen"
},
{
"date": "2024-11-06T23:00:00.000+00:00",
"number": "19",
"summary": "Neue Updates von Oracle Linux aufgenommen"
},
{
"date": "2024-11-10T23:00:00.000+00:00",
"number": "20",
"summary": "Neue Updates von Rocky Enterprise Software Foundation aufgenommen"
},
{
"date": "2024-11-12T23:00:00.000+00:00",
"number": "21",
"summary": "Neue Updates von Insyde aufgenommen"
},
{
"date": "2024-11-14T23:00:00.000+00:00",
"number": "22",
"summary": "Neue Updates von HP aufgenommen"
},
{
"date": "2024-11-20T23:00:00.000+00:00",
"number": "23",
"summary": "Neue Updates von Red Hat aufgenommen"
},
{
"date": "2024-12-04T23:00:00.000+00:00",
"number": "24",
"summary": "Neue Updates von IBM aufgenommen"
},
{
"date": "2024-12-05T23:00:00.000+00:00",
"number": "25",
"summary": "Neue Updates von Red Hat aufgenommen"
},
{
"date": "2024-12-09T23:00:00.000+00:00",
"number": "26",
"summary": "Neue Updates von IBM aufgenommen"
},
{
"date": "2024-12-10T23:00:00.000+00:00",
"number": "27",
"summary": "Neue Updates von Red Hat aufgenommen"
},
{
"date": "2024-12-16T23:00:00.000+00:00",
"number": "28",
"summary": "Neue Updates von IBM aufgenommen"
},
{
"date": "2024-12-17T23:00:00.000+00:00",
"number": "29",
"summary": "Neue Updates von HITACHI aufgenommen"
},
{
"date": "2025-01-08T23:00:00.000+00:00",
"number": "30",
"summary": "Neue Updates von Juniper aufgenommen"
},
{
"date": "2025-02-10T23:00:00.000+00:00",
"number": "31",
"summary": "Neue Updates aufgenommen"
},
{
"date": "2025-02-19T23:00:00.000+00:00",
"number": "32",
"summary": "Neue Updates von F5 aufgenommen"
},
{
"date": "2025-03-04T23:00:00.000+00:00",
"number": "33",
"summary": "Neue Updates von IBM aufgenommen"
},
{
"date": "2025-03-10T23:00:00.000+00:00",
"number": "34",
"summary": "Neue Updates von IBM aufgenommen"
},
{
"date": "2025-03-30T22:00:00.000+00:00",
"number": "35",
"summary": "Neue Updates von IBM aufgenommen"
},
{
"date": "2025-04-10T22:00:00.000+00:00",
"number": "36",
"summary": "Neue Updates aufgenommen"
},
{
"date": "2025-05-08T22:00:00.000+00:00",
"number": "37",
"summary": "Neue Updates von SUSE aufgenommen"
},
{
"date": "2025-05-22T22:00:00.000+00:00",
"number": "38",
"summary": "Neue Updates von HP aufgenommen"
},
{
"date": "2025-06-04T22:00:00.000+00:00",
"number": "39",
"summary": "Neue Updates von SUSE aufgenommen"
},
{
"date": "2025-06-10T22:00:00.000+00:00",
"number": "40",
"summary": "Neue Updates von Siemens aufgenommen"
},
{
"date": "2025-06-22T22:00:00.000+00:00",
"number": "41",
"summary": "Neue Updates von IBM aufgenommen"
},
{
"date": "2025-06-26T22:00:00.000+00:00",
"number": "42",
"summary": "Neue Updates von IBM aufgenommen"
},
{
"date": "2025-12-22T23:00:00.000+00:00",
"number": "43",
"summary": "Neue Updates aufgenommen"
},
{
"date": "2026-01-04T23:00:00.000+00:00",
"number": "44",
"summary": "Neue Updates von IBM aufgenommen"
},
{
"date": "2026-05-05T22:00:00.000+00:00",
"number": "45",
"summary": "Neue Updates von Dell aufgenommen"
}
],
"status": "final",
"version": "45"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Debian Linux",
"product": {
"name": "Debian Linux",
"product_id": "2951",
"product_identification_helper": {
"cpe": "cpe:/o:debian:debian_linux:-"
}
}
}
],
"category": "vendor",
"name": "Debian"
},
{
"branches": [
{
"branches": [
{
"category": "product_version_range",
"name": "\u003c13.2.3",
"product": {
"name": "Dell PowerScale OneFS \u003c13.2.3",
"product_id": "T053573"
}
},
{
"category": "product_version",
"name": "13.2.3",
"product": {
"name": "Dell PowerScale OneFS 13.2.3",
"product_id": "T053573-fixed",
"product_identification_helper": {
"cpe": "cpe:/a:dell:powerscale_onefs:13.2.3"
}
}
}
],
"category": "product_name",
"name": "PowerScale OneFS"
}
],
"category": "vendor",
"name": "Dell"
},
{
"branches": [
{
"category": "product_name",
"name": "F5 BIG-IP",
"product": {
"name": "F5 BIG-IP",
"product_id": "T001663",
"product_identification_helper": {
"cpe": "cpe:/a:f5:big-ip:-"
}
}
}
],
"category": "vendor",
"name": "F5"
},
{
"branches": [
{
"category": "product_name",
"name": "Fedora Linux",
"product": {
"name": "Fedora Linux",
"product_id": "74185",
"product_identification_helper": {
"cpe": "cpe:/o:fedoraproject:fedora:-"
}
}
}
],
"category": "vendor",
"name": "Fedora"
},
{
"branches": [
{
"category": "product_name",
"name": "FreeBSD Project FreeBSD OS",
"product": {
"name": "FreeBSD Project FreeBSD OS",
"product_id": "4035",
"product_identification_helper": {
"cpe": "cpe:/o:freebsd:freebsd:-"
}
}
}
],
"category": "vendor",
"name": "FreeBSD Project"
},
{
"branches": [
{
"branches": [
{
"category": "product_version_range",
"name": "OpenSSL Software \u003cA.03.00.15.001",
"product": {
"name": "HPE HP-UX OpenSSL Software \u003cA.03.00.15.001",
"product_id": "T039192"
}
},
{
"category": "product_version",
"name": "OpenSSL Software A.03.00.15.001",
"product": {
"name": "HPE HP-UX OpenSSL Software A.03.00.15.001",
"product_id": "T039192-fixed",
"product_identification_helper": {
"cpe": "cpe:/o:hp:hp-ux:openssl_software__a.03.00.15.001"
}
}
}
],
"category": "product_name",
"name": "HP-UX"
},
{
"category": "product_name",
"name": "HPE NonStop Server",
"product": {
"name": "HPE NonStop Server",
"product_id": "4918",
"product_identification_helper": {
"cpe": "cpe:/h:hp:nonstop_server:-"
}
}
}
],
"category": "vendor",
"name": "HPE"
},
{
"branches": [
{
"category": "product_name",
"name": "Hitachi Ops Center",
"product": {
"name": "Hitachi Ops Center",
"product_id": "T038840",
"product_identification_helper": {
"cpe": "cpe:/a:hitachi:ops_center:-"
}
}
}
],
"category": "vendor",
"name": "Hitachi"
},
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "7.3",
"product": {
"name": "IBM AIX 7.3",
"product_id": "1139691",
"product_identification_helper": {
"cpe": "cpe:/o:ibm:aix:7.3"
}
}
},
{
"category": "product_version",
"name": "7.2",
"product": {
"name": "IBM AIX 7.2",
"product_id": "434967",
"product_identification_helper": {
"cpe": "cpe:/o:ibm:aix:7.2"
}
}
}
],
"category": "product_name",
"name": "AIX"
},
{
"category": "product_name",
"name": "IBM App Connect Enterprise",
"product": {
"name": "IBM App Connect Enterprise",
"product_id": "T032495",
"product_identification_helper": {
"cpe": "cpe:/a:ibm:app_connect_enterprise:-"
}
}
},
{
"branches": [
{
"category": "product_version",
"name": "on Cloud Pak for Data",
"product": {
"name": "IBM DB2 on Cloud Pak for Data",
"product_id": "T042208",
"product_identification_helper": {
"cpe": "cpe:/a:ibm:db2:on_cloud_pak_for_data"
}
}
}
],
"category": "product_name",
"name": "DB2"
},
{
"category": "product_name",
"name": "IBM FlashSystem",
"product": {
"name": "IBM FlashSystem",
"product_id": "T025159",
"product_identification_helper": {
"cpe": "cpe:/a:ibm:flashsystem:-"
}
}
},
{
"branches": [
{
"category": "product_version",
"name": "11.7",
"product": {
"name": "IBM InfoSphere Information Server 11.7",
"product_id": "444803",
"product_identification_helper": {
"cpe": "cpe:/a:ibm:infosphere_information_server:11.7"
}
}
}
],
"category": "product_name",
"name": "InfoSphere Information Server"
},
{
"branches": [
{
"category": "product_version",
"name": "for zos",
"product": {
"name": "IBM Integration Bus for zos",
"product_id": "T039654",
"product_identification_helper": {
"cpe": "cpe:/a:ibm:integration_bus:for_zos"
}
}
}
],
"category": "product_name",
"name": "Integration Bus"
},
{
"branches": [
{
"category": "product_version_range",
"name": "\u003c8.0.0.27",
"product": {
"name": "IBM Rational Build Forge \u003c8.0.0.27",
"product_id": "T038286"
}
},
{
"category": "product_version",
"name": "8.0.0.27",
"product": {
"name": "IBM Rational Build Forge 8.0.0.27",
"product_id": "T038286-fixed",
"product_identification_helper": {
"cpe": "cpe:/a:ibm:rational_build_forge:8.0.0.27"
}
}
}
],
"category": "product_name",
"name": "Rational Build Forge"
},
{
"branches": [
{
"category": "product_version_range",
"name": "\u003c9.1.0.8",
"product": {
"name": "IBM Rational ClearCase \u003c9.1.0.8",
"product_id": "T041577"
}
},
{
"category": "product_version",
"name": "9.1.0.8",
"product": {
"name": "IBM Rational ClearCase 9.1.0.8",
"product_id": "T041577-fixed",
"product_identification_helper": {
"cpe": "cpe:/a:ibm:rational_clearcase:9.1.0.8"
}
}
},
{
"category": "product_version_range",
"name": "\u003c10.0.1.3",
"product": {
"name": "IBM Rational ClearCase \u003c10.0.1.3",
"product_id": "T041578"
}
},
{
"category": "product_version",
"name": "10.0.1.3",
"product": {
"name": "IBM Rational ClearCase 10.0.1.3",
"product_id": "T041578-fixed",
"product_identification_helper": {
"cpe": "cpe:/a:ibm:rational_clearcase:10.0.1.3"
}
}
},
{
"category": "product_version_range",
"name": "\u003c11.0.0.3",
"product": {
"name": "IBM Rational ClearCase \u003c11.0.0.3",
"product_id": "T041579"
}
},
{
"category": "product_version",
"name": "11.0.0.3",
"product": {
"name": "IBM Rational ClearCase 11.0.0.3",
"product_id": "T041579-fixed",
"product_identification_helper": {
"cpe": "cpe:/a:ibm:rational_clearcase:11.0.0.3"
}
}
}
],
"category": "product_name",
"name": "Rational ClearCase"
},
{
"branches": [
{
"category": "product_version_range",
"name": "\u003c10.0.7",
"product": {
"name": "IBM Rational ClearQuest \u003c10.0.7",
"product_id": "T041698"
}
},
{
"category": "product_version",
"name": "10.0.7",
"product": {
"name": "IBM Rational ClearQuest 10.0.7",
"product_id": "T041698-fixed",
"product_identification_helper": {
"cpe": "cpe:/a:ibm:rational_clearquest:10.0.7"
}
}
},
{
"category": "product_version_range",
"name": "\u003cFix Pack 8 (9.1.0.8) for 9.1",
"product": {
"name": "IBM Rational ClearQuest \u003cFix Pack 8 (9.1.0.8) for 9.1",
"product_id": "T041699"
}
},
{
"category": "product_version",
"name": "Fix Pack 8 (9.1.0.8) for 9.1",
"product": {
"name": "IBM Rational ClearQuest Fix Pack 8 (9.1.0.8) for 9.1",
"product_id": "T041699-fixed",
"product_identification_helper": {
"cpe": "cpe:/a:ibm:rational_clearquest:fix_pack_8_%289.1.0.8%29_for_9.1"
}
}
}
],
"category": "product_name",
"name": "Rational ClearQuest"
},
{
"category": "product_name",
"name": "IBM SAN Volume Controller",
"product": {
"name": "IBM SAN Volume Controller",
"product_id": "T020642",
"product_identification_helper": {
"cpe": "cpe:/a:ibm:san_volume_controller:-"
}
}
},
{
"branches": [
{
"category": "product_version_range",
"name": "\u003c10.0.9.1",
"product": {
"name": "IBM Security Verify Access \u003c10.0.9.1",
"product_id": "T049459"
}
},
{
"category": "product_version",
"name": "10.0.9.1",
"product": {
"name": "IBM Security Verify Access 10.0.9.1",
"product_id": "T049459-fixed",
"product_identification_helper": {
"cpe": "cpe:/a:ibm:security_verify_access:v10.0.9.1"
}
}
}
],
"category": "product_name",
"name": "Security Verify Access"
},
{
"category": "product_name",
"name": "IBM Spectrum Protect Plus",
"product": {
"name": "IBM Spectrum Protect Plus",
"product_id": "T044769",
"product_identification_helper": {
"cpe": "cpe:/a:ibm:spectrum_protect_plus:-"
}
}
},
{
"branches": [
{
"category": "product_version_range",
"name": "\u003c6.1.9.5",
"product": {
"name": "IBM Storage Scale \u003c6.1.9.5",
"product_id": "T039851"
}
},
{
"category": "product_version",
"name": "6.1.9.5",
"product": {
"name": "IBM Storage Scale 6.1.9.5",
"product_id": "T039851-fixed",
"product_identification_helper": {
"cpe": "cpe:/a:ibm:spectrum_scale:6.1.9.5"
}
}
},
{
"category": "product_version_range",
"name": "\u003c6.2.2.0",
"product": {
"name": "IBM Storage Scale \u003c6.2.2.0",
"product_id": "T039852"
}
},
{
"category": "product_version",
"name": "6.2.2.0",
"product": {
"name": "IBM Storage Scale 6.2.2.0",
"product_id": "T039852-fixed",
"product_identification_helper": {
"cpe": "cpe:/a:ibm:spectrum_scale:6.2.2.0"
}
}
}
],
"category": "product_name",
"name": "Storage Scale"
},
{
"branches": [
{
"category": "product_version",
"name": "3.1",
"product": {
"name": "IBM VIOS 3.1",
"product_id": "1039165",
"product_identification_helper": {
"cpe": "cpe:/a:ibm:vios:3.1"
}
}
},
{
"category": "product_version",
"name": "4.1",
"product": {
"name": "IBM VIOS 4.1",
"product_id": "1522854",
"product_identification_helper": {
"cpe": "cpe:/a:ibm:vios:4.1"
}
}
}
],
"category": "product_name",
"name": "VIOS"
}
],
"category": "vendor",
"name": "IBM"
},
{
"branches": [
{
"branches": [
{
"category": "product_version_range",
"name": "\u003cRV24.06.3",
"product": {
"name": "Insyde UEFI Firmware \u003cRV24.06.3",
"product_id": "T038993"
}
},
{
"category": "product_version",
"name": "RV24.06.3",
"product": {
"name": "Insyde UEFI Firmware RV24.06.3",
"product_id": "T038993-fixed",
"product_identification_helper": {
"cpe": "cpe:/h:insyde:uefi:rv24.06.3"
}
}
},
{
"category": "product_version_range",
"name": "\u003cRV23.08.1",
"product": {
"name": "Insyde UEFI Firmware \u003cRV23.08.1",
"product_id": "T038994"
}
},
{
"category": "product_version",
"name": "RV23.08.1",
"product": {
"name": "Insyde UEFI Firmware RV23.08.1",
"product_id": "T038994-fixed",
"product_identification_helper": {
"cpe": "cpe:/h:insyde:uefi:rv23.08.1"
}
}
}
],
"category": "product_name",
"name": "UEFI Firmware"
}
],
"category": "vendor",
"name": "Insyde"
},
{
"branches": [
{
"branches": [
{
"category": "product_version_range",
"name": "\u003c24.1R2",
"product": {
"name": "Juniper Junos Space \u003c24.1R2",
"product_id": "T040074"
}
},
{
"category": "product_version",
"name": "24.1R2",
"product": {
"name": "Juniper Junos Space 24.1R2",
"product_id": "T040074-fixed",
"product_identification_helper": {
"cpe": "cpe:/a:juniper:junos_space:24.1r2"
}
}
}
],
"category": "product_name",
"name": "Junos Space"
}
],
"category": "vendor",
"name": "Juniper"
},
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "9",
"product": {
"name": "NetApp Data ONTAP 9",
"product_id": "T027038",
"product_identification_helper": {
"cpe": "cpe:/a:netapp:data_ontap:9"
}
}
}
],
"category": "product_name",
"name": "Data ONTAP"
}
],
"category": "vendor",
"name": "NetApp"
},
{
"branches": [
{
"branches": [
{
"category": "product_version_range",
"name": "\u003c3.3",
"product": {
"name": "Open Source OpenSSL \u003c3.3",
"product_id": "T037236"
}
},
{
"category": "product_version",
"name": "3.3",
"product": {
"name": "Open Source OpenSSL 3.3",
"product_id": "T037236-fixed",
"product_identification_helper": {
"cpe": "cpe:/a:openssl:openssl:3.3"
}
}
},
{
"category": "product_version_range",
"name": "\u003c3.2",
"product": {
"name": "Open Source OpenSSL \u003c3.2",
"product_id": "T037237"
}
},
{
"category": "product_version",
"name": "3.2",
"product": {
"name": "Open Source OpenSSL 3.2",
"product_id": "T037237-fixed",
"product_identification_helper": {
"cpe": "cpe:/a:openssl:openssl:3.2"
}
}
},
{
"category": "product_version_range",
"name": "\u003c3.1",
"product": {
"name": "Open Source OpenSSL \u003c3.1",
"product_id": "T037238"
}
},
{
"category": "product_version",
"name": "3.1",
"product": {
"name": "Open Source OpenSSL 3.1",
"product_id": "T037238-fixed",
"product_identification_helper": {
"cpe": "cpe:/a:openssl:openssl:3.1"
}
}
},
{
"category": "product_version_range",
"name": "\u003c3.0",
"product": {
"name": "Open Source OpenSSL \u003c3.0",
"product_id": "T037239"
}
},
{
"category": "product_version",
"name": "3",
"product": {
"name": "Open Source OpenSSL 3.0",
"product_id": "T037239-fixed",
"product_identification_helper": {
"cpe": "cpe:/a:openssl:openssl:3.0"
}
}
},
{
"category": "product_version_range",
"name": "\u003c1.1.1",
"product": {
"name": "Open Source OpenSSL \u003c1.1.1",
"product_id": "T037240"
}
},
{
"category": "product_version",
"name": "1.1.1",
"product": {
"name": "Open Source OpenSSL 1.1.1",
"product_id": "T037240-fixed",
"product_identification_helper": {
"cpe": "cpe:/a:openssl:openssl:1.1.1"
}
}
},
{
"category": "product_version_range",
"name": "\u003c1.1.0",
"product": {
"name": "Open Source OpenSSL \u003c1.1.0",
"product_id": "T037241"
}
},
{
"category": "product_version",
"name": "1.1.0",
"product": {
"name": "Open Source OpenSSL 1.1.0",
"product_id": "T037241-fixed",
"product_identification_helper": {
"cpe": "cpe:/a:openssl:openssl:1.1.0"
}
}
},
{
"category": "product_version_range",
"name": "\u003c1.0.2",
"product": {
"name": "Open Source OpenSSL \u003c1.0.2",
"product_id": "T037242"
}
},
{
"category": "product_version",
"name": "1.0.2",
"product": {
"name": "Open Source OpenSSL 1.0.2",
"product_id": "T037242-fixed",
"product_identification_helper": {
"cpe": "cpe:/a:openssl:openssl:1.0.2"
}
}
},
{
"category": "product_version_range",
"name": "\u003c1.0.0",
"product": {
"name": "Open Source OpenSSL \u003c1.0.0",
"product_id": "T037243"
}
},
{
"category": "product_version",
"name": "1.0.0",
"product": {
"name": "Open Source OpenSSL 1.0.0",
"product_id": "T037243-fixed",
"product_identification_helper": {
"cpe": "cpe:/a:openssl:openssl:1.0.0"
}
}
},
{
"category": "product_version_range",
"name": "\u003c1.0.1",
"product": {
"name": "Open Source OpenSSL \u003c1.0.1",
"product_id": "T037244"
}
},
{
"category": "product_version",
"name": "1.0.1",
"product": {
"name": "Open Source OpenSSL 1.0.1",
"product_id": "T037244-fixed",
"product_identification_helper": {
"cpe": "cpe:/a:openssl:openssl:1.0.1"
}
}
},
{
"category": "product_version_range",
"name": "\u003c0.9.8",
"product": {
"name": "Open Source OpenSSL \u003c0.9.8",
"product_id": "T037245"
}
},
{
"category": "product_version",
"name": "0.9.8",
"product": {
"name": "Open Source OpenSSL 0.9.8",
"product_id": "T037245-fixed",
"product_identification_helper": {
"cpe": "cpe:/a:openssl:openssl:0.9.8"
}
}
},
{
"category": "product_version_range",
"name": "\u003c0.9.7",
"product": {
"name": "Open Source OpenSSL \u003c0.9.7",
"product_id": "T037246"
}
},
{
"category": "product_version",
"name": "0.9.7",
"product": {
"name": "Open Source OpenSSL 0.9.7",
"product_id": "T037246-fixed",
"product_identification_helper": {
"cpe": "cpe:/a:openssl:openssl:0.9.7"
}
}
},
{
"category": "product_version_range",
"name": "\u003c0.9.6",
"product": {
"name": "Open Source OpenSSL \u003c0.9.6",
"product_id": "T037247"
}
},
{
"category": "product_version",
"name": "0.9.6",
"product": {
"name": "Open Source OpenSSL 0.9.6",
"product_id": "T037247-fixed",
"product_identification_helper": {
"cpe": "cpe:/a:openssl:openssl:0.9.6"
}
}
}
],
"category": "product_name",
"name": "OpenSSL"
}
],
"category": "vendor",
"name": "Open Source"
},
{
"branches": [
{
"category": "product_name",
"name": "Oracle Linux",
"product": {
"name": "Oracle Linux",
"product_id": "T004914",
"product_identification_helper": {
"cpe": "cpe:/o:oracle:linux:-"
}
}
}
],
"category": "vendor",
"name": "Oracle"
},
{
"branches": [
{
"branches": [
{
"category": "product_version_range",
"name": "Server \u003c2025 (10.0)",
"product": {
"name": "Progress Software WS_FTP Server \u003c2025 (10.0)",
"product_id": "T049627"
}
},
{
"category": "product_version",
"name": "Server 2025 (10.0)",
"product": {
"name": "Progress Software WS_FTP Server 2025 (10.0)",
"product_id": "T049627-fixed",
"product_identification_helper": {
"cpe": "cpe:/a:progress:ws_ftp:server__2025_%2810.0%29"
}
}
}
],
"category": "product_name",
"name": "WS_FTP"
}
],
"category": "vendor",
"name": "Progress Software"
},
{
"branches": [
{
"category": "product_name",
"name": "RESF Rocky Linux",
"product": {
"name": "RESF Rocky Linux",
"product_id": "T032255",
"product_identification_helper": {
"cpe": "cpe:/o:resf:rocky_linux:-"
}
}
}
],
"category": "vendor",
"name": "RESF"
},
{
"branches": [
{
"category": "product_name",
"name": "Red Hat Enterprise Linux",
"product": {
"name": "Red Hat Enterprise Linux",
"product_id": "67646",
"product_identification_helper": {
"cpe": "cpe:/o:redhat:enterprise_linux:-"
}
}
},
{
"branches": [
{
"category": "product_version",
"name": "Logging Subsystem 5.9.7",
"product": {
"name": "Red Hat OpenShift Logging Subsystem 5.9.7",
"product_id": "T037939",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:openshift:logging_subsystem_5.9.7"
}
}
},
{
"category": "product_version_range",
"name": "Container Platform \u003c4.17.8",
"product": {
"name": "Red Hat OpenShift Container Platform \u003c4.17.8",
"product_id": "T039690"
}
},
{
"category": "product_version",
"name": "Container Platform 4.17.8",
"product": {
"name": "Red Hat OpenShift Container Platform 4.17.8",
"product_id": "T039690-fixed",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:openshift:container_platform__4.17.8"
}
}
}
],
"category": "product_name",
"name": "OpenShift"
}
],
"category": "vendor",
"name": "Red Hat"
},
{
"branches": [
{
"category": "product_name",
"name": "SUSE Linux",
"product": {
"name": "SUSE Linux",
"product_id": "T002207",
"product_identification_helper": {
"cpe": "cpe:/o:suse:suse_linux:-"
}
}
},
{
"category": "product_name",
"name": "SUSE openSUSE",
"product": {
"name": "SUSE openSUSE",
"product_id": "T027843",
"product_identification_helper": {
"cpe": "cpe:/o:suse:opensuse:-"
}
}
}
],
"category": "vendor",
"name": "SUSE"
},
{
"branches": [
{
"branches": [
{
"category": "product_version_range",
"name": "\u003c12.7.3",
"product": {
"name": "Securepoint UTM \u003c12.7.3",
"product_id": "T037600"
}
},
{
"category": "product_version",
"name": "12.7.3",
"product": {
"name": "Securepoint UTM 12.7.3",
"product_id": "T037600-fixed",
"product_identification_helper": {
"cpe": "cpe:/o:securepoint:unified_threat_management:12.7.3"
}
}
}
],
"category": "product_name",
"name": "UTM"
}
],
"category": "vendor",
"name": "Securepoint"
},
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "1500 CPU",
"product": {
"name": "Siemens SIMATIC S7 1500 CPU",
"product_id": "T025776",
"product_identification_helper": {
"cpe": "cpe:/h:siemens:simatic_s7:1500_cpu"
}
}
}
],
"category": "product_name",
"name": "SIMATIC S7"
}
],
"category": "vendor",
"name": "Siemens"
},
{
"branches": [
{
"branches": [
{
"category": "product_version_range",
"name": "\u003c2025.1",
"product": {
"name": "SolarWinds Platform \u003c2025.1",
"product_id": "T040952"
}
},
{
"category": "product_version",
"name": "2025.1",
"product": {
"name": "SolarWinds Platform 2025.1",
"product_id": "T040952-fixed",
"product_identification_helper": {
"cpe": "cpe:/a:solarwinds:orion_platform:2025.1"
}
}
}
],
"category": "product_name",
"name": "Platform"
}
],
"category": "vendor",
"name": "SolarWinds"
},
{
"branches": [
{
"branches": [
{
"category": "product_version_range",
"name": "Agent \u003c10.7.2",
"product": {
"name": "Tenable Security Nessus Agent \u003c10.7.2",
"product_id": "T037548"
}
},
{
"category": "product_version",
"name": "Agent 10.7.2",
"product": {
"name": "Tenable Security Nessus Agent 10.7.2",
"product_id": "T037548-fixed",
"product_identification_helper": {
"cpe": "cpe:/a:tenable:nessus:agent__10.7.2"
}
}
},
{
"category": "product_version_range",
"name": "\u003c10.7.6",
"product": {
"name": "Tenable Security Nessus \u003c10.7.6",
"product_id": "T037549"
}
},
{
"category": "product_version",
"name": "10.7.6",
"product": {
"name": "Tenable Security Nessus 10.7.6",
"product_id": "T037549-fixed",
"product_identification_helper": {
"cpe": "cpe:/a:tenable:nessus:10.7.6"
}
}
},
{
"category": "product_version_range",
"name": "\u003c10.8.3",
"product": {
"name": "Tenable Security Nessus \u003c10.8.3",
"product_id": "T037550"
}
},
{
"category": "product_version",
"name": "10.8.3",
"product": {
"name": "Tenable Security Nessus 10.8.3",
"product_id": "T037550-fixed",
"product_identification_helper": {
"cpe": "cpe:/a:tenable:nessus:10.8.3"
}
}
}
],
"category": "product_name",
"name": "Nessus"
},
{
"branches": [
{
"category": "product_version_range",
"name": "\u003c6.5.0",
"product": {
"name": "Tenable Security Nessus Network Monitor \u003c6.5.0",
"product_id": "T037807"
}
},
{
"category": "product_version",
"name": "6.5.0",
"product": {
"name": "Tenable Security Nessus Network Monitor 6.5.0",
"product_id": "T037807-fixed",
"product_identification_helper": {
"cpe": "cpe:/a:tenable:nessus_network_monitor:6.5.0"
}
}
}
],
"category": "product_name",
"name": "Nessus Network Monitor"
}
],
"category": "vendor",
"name": "Tenable Security"
},
{
"branches": [
{
"category": "product_name",
"name": "Ubuntu Linux",
"product": {
"name": "Ubuntu Linux",
"product_id": "T000126",
"product_identification_helper": {
"cpe": "cpe:/o:canonical:ubuntu_linux:-"
}
}
}
],
"category": "vendor",
"name": "Ubuntu"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2024-6119",
"product_status": {
"known_affected": [
"T037239",
"T037236",
"T037237",
"T037238",
"T004914",
"T037550",
"T038840",
"T039654",
"T039852",
"T039851",
"1139691",
"T020642",
"T049627",
"T038286",
"T039690",
"T025776",
"T027038",
"T037807",
"434967",
"1039165",
"T037246",
"1522854",
"T037247",
"T037600",
"T037242",
"T037243",
"T037244",
"T037245",
"T037240",
"T037241",
"2951",
"T002207",
"444803",
"T044769",
"T027843",
"T041579",
"T041578",
"T041699",
"T041577",
"T041698",
"T049459",
"T037939",
"67646",
"4035",
"T042208",
"T040074",
"T039192",
"T001663",
"T040952",
"T025159",
"T053573",
"T037548",
"T037549",
"T032255",
"74185",
"T038994",
"T032495",
"T038993",
"4918",
"T000126"
]
},
"release_date": "2024-09-03T22:00:00.000+00:00",
"title": "CVE-2024-6119"
}
]
}
WID-SEC-W-2024-3201
Vulnerability from csaf_certbund - Published: 2024-10-15 22:00 - Updated: 2024-11-06 23:00In Oracle Database Server existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein entfernter, anonymer oder authentisierter Angreifer die Integrität und Verfügbarkeit gefährden. Für die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion notwendig. Oracle veröffentlicht keine weiteren Details zu diesen Schwachstellen (außer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadenshöhe ausschließlich auf Basis der CVSS Impact Matrix. Der Maximalwert für diese Produkte ist "LOW" für "Integrity", sowie "HIGH" für "Availability" über alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert "MITTEL" für die Schadenshöhe.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Oracle Linux
Oracle
|
cpe:/o:oracle:linux:-
|
— |
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Oracle Database Server <=23.5
Oracle / Database Server
|
<=23.5 | ||
|
Oracle Database Server <=19.24
Oracle / Database Server
|
<=19.24 | ||
|
Oracle Database Server <=21.15
Oracle / Database Server
|
<=21.15 |
In Oracle Database Server existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein entfernter, anonymer oder authentisierter Angreifer die Integrität und Verfügbarkeit gefährden. Für die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion notwendig. Oracle veröffentlicht keine weiteren Details zu diesen Schwachstellen (außer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadenshöhe ausschließlich auf Basis der CVSS Impact Matrix. Der Maximalwert für diese Produkte ist "LOW" für "Integrity", sowie "HIGH" für "Availability" über alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert "MITTEL" für die Schadenshöhe.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Oracle Linux
Oracle
|
cpe:/o:oracle:linux:-
|
— |
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Oracle Database Server <=23.5
Oracle / Database Server
|
<=23.5 | ||
|
Oracle Database Server <=19.24
Oracle / Database Server
|
<=19.24 | ||
|
Oracle Database Server <=21.15
Oracle / Database Server
|
<=21.15 |
In Oracle Database Server existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein entfernter, anonymer oder authentisierter Angreifer die Integrität und Verfügbarkeit gefährden. Für die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion notwendig. Oracle veröffentlicht keine weiteren Details zu diesen Schwachstellen (außer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadenshöhe ausschließlich auf Basis der CVSS Impact Matrix. Der Maximalwert für diese Produkte ist "LOW" für "Integrity", sowie "HIGH" für "Availability" über alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert "MITTEL" für die Schadenshöhe.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Oracle Linux
Oracle
|
cpe:/o:oracle:linux:-
|
— |
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Oracle Database Server <=23.5
Oracle / Database Server
|
<=23.5 | ||
|
Oracle Database Server <=19.24
Oracle / Database Server
|
<=19.24 | ||
|
Oracle Database Server <=21.15
Oracle / Database Server
|
<=21.15 |
In Oracle Database Server existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein entfernter, anonymer oder authentisierter Angreifer die Integrität und Verfügbarkeit gefährden. Für die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion notwendig. Oracle veröffentlicht keine weiteren Details zu diesen Schwachstellen (außer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadenshöhe ausschließlich auf Basis der CVSS Impact Matrix. Der Maximalwert für diese Produkte ist "LOW" für "Integrity", sowie "HIGH" für "Availability" über alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert "MITTEL" für die Schadenshöhe.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Oracle Linux
Oracle
|
cpe:/o:oracle:linux:-
|
— |
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Oracle Database Server <=23.5
Oracle / Database Server
|
<=23.5 | ||
|
Oracle Database Server <=19.24
Oracle / Database Server
|
<=19.24 | ||
|
Oracle Database Server <=21.15
Oracle / Database Server
|
<=21.15 |
In Oracle Database Server existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein entfernter, anonymer oder authentisierter Angreifer die Integrität und Verfügbarkeit gefährden. Für die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion notwendig. Oracle veröffentlicht keine weiteren Details zu diesen Schwachstellen (außer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadenshöhe ausschließlich auf Basis der CVSS Impact Matrix. Der Maximalwert für diese Produkte ist "LOW" für "Integrity", sowie "HIGH" für "Availability" über alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert "MITTEL" für die Schadenshöhe.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Oracle Linux
Oracle
|
cpe:/o:oracle:linux:-
|
— |
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Oracle Database Server <=23.5
Oracle / Database Server
|
<=23.5 | ||
|
Oracle Database Server <=19.24
Oracle / Database Server
|
<=19.24 | ||
|
Oracle Database Server <=21.15
Oracle / Database Server
|
<=21.15 |
In Oracle Database Server existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein entfernter, anonymer oder authentisierter Angreifer die Integrität und Verfügbarkeit gefährden. Für die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion notwendig. Oracle veröffentlicht keine weiteren Details zu diesen Schwachstellen (außer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadenshöhe ausschließlich auf Basis der CVSS Impact Matrix. Der Maximalwert für diese Produkte ist "LOW" für "Integrity", sowie "HIGH" für "Availability" über alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert "MITTEL" für die Schadenshöhe.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Oracle Linux
Oracle
|
cpe:/o:oracle:linux:-
|
— |
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Oracle Database Server <=23.5
Oracle / Database Server
|
<=23.5 | ||
|
Oracle Database Server <=19.24
Oracle / Database Server
|
<=19.24 | ||
|
Oracle Database Server <=21.15
Oracle / Database Server
|
<=21.15 |
{
"document": {
"aggregate_severity": {
"text": "mittel"
},
"category": "csaf_base",
"csaf_version": "2.0",
"distribution": {
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "de-DE",
"notes": [
{
"category": "legal_disclaimer",
"text": "Das BSI ist als Anbieter f\u00fcr die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch daf\u00fcr verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgf\u00e4ltig im Einzelfall zu pr\u00fcfen."
},
{
"category": "description",
"text": "Die Oracle Datenbank ist ein weit verbreitetes relationales Datenbanksystem.",
"title": "Produktbeschreibung"
},
{
"category": "summary",
"text": "Ein entfernter, anonymer oder authentisierter Angreifer kann mehrere Schwachstellen in Oracle Database Server ausnutzen, um die Integrit\u00e4t und Verf\u00fcgbarkeit zu gef\u00e4hrden.",
"title": "Angriff"
},
{
"category": "general",
"text": "- Appliance\n- Windows",
"title": "Betroffene Betriebssysteme"
}
],
"publisher": {
"category": "other",
"contact_details": "csaf-provider@cert-bund.de",
"name": "Bundesamt f\u00fcr Sicherheit in der Informationstechnik",
"namespace": "https://www.bsi.bund.de"
},
"references": [
{
"category": "self",
"summary": "WID-SEC-W-2024-3201 - CSAF Version",
"url": "https://wid.cert-bund.de/.well-known/csaf/white/2024/wid-sec-w-2024-3201.json"
},
{
"category": "self",
"summary": "WID-SEC-2024-3201 - Portal Version",
"url": "https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2024-3201"
},
{
"category": "external",
"summary": "Oracle Critical Patch Update Advisory - October 2024 - Appendix Oracle Database Server vom 2024-10-15",
"url": "https://www.oracle.com/security-alerts/cpuoct2024.html#AppendixDB"
},
{
"category": "external",
"summary": "Oracle Linux Security Advisory ELSA-2024-8935 vom 2024-11-06",
"url": "https://linux.oracle.com/errata/ELSA-2024-8935.html"
}
],
"source_lang": "en-US",
"title": "Oracle Database Server: Mehrere Schwachstellen",
"tracking": {
"current_release_date": "2024-11-06T23:00:00.000+00:00",
"generator": {
"date": "2024-11-07T10:38:42.834+00:00",
"engine": {
"name": "BSI-WID",
"version": "1.3.8"
}
},
"id": "WID-SEC-W-2024-3201",
"initial_release_date": "2024-10-15T22:00:00.000+00:00",
"revision_history": [
{
"date": "2024-10-15T22:00:00.000+00:00",
"number": "1",
"summary": "Initiale Fassung"
},
{
"date": "2024-11-06T23:00:00.000+00:00",
"number": "2",
"summary": "Neue Updates von Oracle Linux aufgenommen"
}
],
"status": "final",
"version": "2"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version_range",
"name": "\u003c=23.5",
"product": {
"name": "Oracle Database Server \u003c=23.5",
"product_id": "T038362"
}
},
{
"category": "product_version_range",
"name": "\u003c=23.5",
"product": {
"name": "Oracle Database Server \u003c=23.5",
"product_id": "T038362-fixed"
}
},
{
"category": "product_version_range",
"name": "\u003c=19.24",
"product": {
"name": "Oracle Database Server \u003c=19.24",
"product_id": "T038363"
}
},
{
"category": "product_version_range",
"name": "\u003c=19.24",
"product": {
"name": "Oracle Database Server \u003c=19.24",
"product_id": "T038363-fixed"
}
},
{
"category": "product_version_range",
"name": "\u003c=21.15",
"product": {
"name": "Oracle Database Server \u003c=21.15",
"product_id": "T038364"
}
},
{
"category": "product_version_range",
"name": "\u003c=21.15",
"product": {
"name": "Oracle Database Server \u003c=21.15",
"product_id": "T038364-fixed"
}
}
],
"category": "product_name",
"name": "Database Server"
},
{
"category": "product_name",
"name": "Oracle Linux",
"product": {
"name": "Oracle Linux",
"product_id": "T004914",
"product_identification_helper": {
"cpe": "cpe:/o:oracle:linux:-"
}
}
}
],
"category": "vendor",
"name": "Oracle"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2024-21233",
"notes": [
{
"category": "description",
"text": "In Oracle Database Server existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein entfernter, anonymer oder authentisierter Angreifer die Integrit\u00e4t und Verf\u00fcgbarkeit gef\u00e4hrden. F\u00fcr die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion notwendig. Oracle ver\u00f6ffentlicht keine weiteren Details zu diesen Schwachstellen (au\u00dfer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadensh\u00f6he ausschlie\u00dflich auf Basis der CVSS Impact Matrix. Der Maximalwert f\u00fcr diese Produkte ist \"LOW\" f\u00fcr \"Integrity\", sowie \"HIGH\" f\u00fcr \"Availability\" \u00fcber alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert \"MITTEL\" f\u00fcr die Schadensh\u00f6he."
}
],
"product_status": {
"known_affected": [
"T004914"
],
"last_affected": [
"T038362",
"T038363",
"T038364"
]
},
"release_date": "2024-10-15T22:00:00.000+00:00",
"title": "CVE-2024-21233"
},
{
"cve": "CVE-2024-21242",
"notes": [
{
"category": "description",
"text": "In Oracle Database Server existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein entfernter, anonymer oder authentisierter Angreifer die Integrit\u00e4t und Verf\u00fcgbarkeit gef\u00e4hrden. F\u00fcr die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion notwendig. Oracle ver\u00f6ffentlicht keine weiteren Details zu diesen Schwachstellen (au\u00dfer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadensh\u00f6he ausschlie\u00dflich auf Basis der CVSS Impact Matrix. Der Maximalwert f\u00fcr diese Produkte ist \"LOW\" f\u00fcr \"Integrity\", sowie \"HIGH\" f\u00fcr \"Availability\" \u00fcber alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert \"MITTEL\" f\u00fcr die Schadensh\u00f6he."
}
],
"product_status": {
"known_affected": [
"T004914"
],
"last_affected": [
"T038362",
"T038363",
"T038364"
]
},
"release_date": "2024-10-15T22:00:00.000+00:00",
"title": "CVE-2024-21242"
},
{
"cve": "CVE-2024-21251",
"notes": [
{
"category": "description",
"text": "In Oracle Database Server existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein entfernter, anonymer oder authentisierter Angreifer die Integrit\u00e4t und Verf\u00fcgbarkeit gef\u00e4hrden. F\u00fcr die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion notwendig. Oracle ver\u00f6ffentlicht keine weiteren Details zu diesen Schwachstellen (au\u00dfer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadensh\u00f6he ausschlie\u00dflich auf Basis der CVSS Impact Matrix. Der Maximalwert f\u00fcr diese Produkte ist \"LOW\" f\u00fcr \"Integrity\", sowie \"HIGH\" f\u00fcr \"Availability\" \u00fcber alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert \"MITTEL\" f\u00fcr die Schadensh\u00f6he."
}
],
"product_status": {
"known_affected": [
"T004914"
],
"last_affected": [
"T038362",
"T038363",
"T038364"
]
},
"release_date": "2024-10-15T22:00:00.000+00:00",
"title": "CVE-2024-21251"
},
{
"cve": "CVE-2024-29025",
"notes": [
{
"category": "description",
"text": "In Oracle Database Server existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein entfernter, anonymer oder authentisierter Angreifer die Integrit\u00e4t und Verf\u00fcgbarkeit gef\u00e4hrden. F\u00fcr die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion notwendig. Oracle ver\u00f6ffentlicht keine weiteren Details zu diesen Schwachstellen (au\u00dfer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadensh\u00f6he ausschlie\u00dflich auf Basis der CVSS Impact Matrix. Der Maximalwert f\u00fcr diese Produkte ist \"LOW\" f\u00fcr \"Integrity\", sowie \"HIGH\" f\u00fcr \"Availability\" \u00fcber alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert \"MITTEL\" f\u00fcr die Schadensh\u00f6he."
}
],
"product_status": {
"known_affected": [
"T004914"
],
"last_affected": [
"T038362",
"T038363",
"T038364"
]
},
"release_date": "2024-10-15T22:00:00.000+00:00",
"title": "CVE-2024-29025"
},
{
"cve": "CVE-2024-6119",
"notes": [
{
"category": "description",
"text": "In Oracle Database Server existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein entfernter, anonymer oder authentisierter Angreifer die Integrit\u00e4t und Verf\u00fcgbarkeit gef\u00e4hrden. F\u00fcr die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion notwendig. Oracle ver\u00f6ffentlicht keine weiteren Details zu diesen Schwachstellen (au\u00dfer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadensh\u00f6he ausschlie\u00dflich auf Basis der CVSS Impact Matrix. Der Maximalwert f\u00fcr diese Produkte ist \"LOW\" f\u00fcr \"Integrity\", sowie \"HIGH\" f\u00fcr \"Availability\" \u00fcber alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert \"MITTEL\" f\u00fcr die Schadensh\u00f6he."
}
],
"product_status": {
"known_affected": [
"T004914"
],
"last_affected": [
"T038362",
"T038363",
"T038364"
]
},
"release_date": "2024-10-15T22:00:00.000+00:00",
"title": "CVE-2024-6119"
},
{
"cve": "CVE-2024-7264",
"notes": [
{
"category": "description",
"text": "In Oracle Database Server existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein entfernter, anonymer oder authentisierter Angreifer die Integrit\u00e4t und Verf\u00fcgbarkeit gef\u00e4hrden. F\u00fcr die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion notwendig. Oracle ver\u00f6ffentlicht keine weiteren Details zu diesen Schwachstellen (au\u00dfer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadensh\u00f6he ausschlie\u00dflich auf Basis der CVSS Impact Matrix. Der Maximalwert f\u00fcr diese Produkte ist \"LOW\" f\u00fcr \"Integrity\", sowie \"HIGH\" f\u00fcr \"Availability\" \u00fcber alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert \"MITTEL\" f\u00fcr die Schadensh\u00f6he."
}
],
"product_status": {
"known_affected": [
"T004914"
],
"last_affected": [
"T038362",
"T038363",
"T038364"
]
},
"release_date": "2024-10-15T22:00:00.000+00:00",
"title": "CVE-2024-7264"
}
]
}
Sightings
| Author | Source | Type | Date | Other |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.