Action not permitted
Modal body text goes here.
Modal Title
Modal Body
CVE-2014-3577 (GCVE-0-2014-3577)
Vulnerability from cvelistv5 – Published: 2014-08-21 00:00 – Updated: 2024-08-06 10:50- n/a
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T10:50:17.592Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "RHSA-2014:1891",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "http://rhn.redhat.com/errata/RHSA-2014-1891.html"
},
{
"name": "RHSA-2015:0765",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "http://rhn.redhat.com/errata/RHSA-2015-0765.html"
},
{
"tags": [
"x_transferred"
],
"url": "https://access.redhat.com/solutions/1165533"
},
{
"name": "110143",
"tags": [
"vdb-entry",
"x_transferred"
],
"url": "http://www.osvdb.org/110143"
},
{
"tags": [
"x_transferred"
],
"url": "http://www.oracle.com/technetwork/security-advisory/cpujul2018-4258247.html"
},
{
"name": "RHSA-2015:0675",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "http://rhn.redhat.com/errata/RHSA-2015-0675.html"
},
{
"name": "60713",
"tags": [
"third-party-advisory",
"x_transferred"
],
"url": "http://secunia.com/advisories/60713"
},
{
"tags": [
"x_transferred"
],
"url": "http://packetstormsecurity.com/files/127913/Apache-HttpComponents-Man-In-The-Middle.html"
},
{
"name": "RHSA-2015:0720",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "http://rhn.redhat.com/errata/RHSA-2015-0720.html"
},
{
"name": "RHSA-2014:1166",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "http://rhn.redhat.com/errata/RHSA-2014-1166.html"
},
{
"name": "RHSA-2015:1888",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "http://rhn.redhat.com/errata/RHSA-2015-1888.html"
},
{
"name": "RHSA-2014:1833",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "http://rhn.redhat.com/errata/RHSA-2014-1833.html"
},
{
"name": "RHSA-2015:0850",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "http://rhn.redhat.com/errata/RHSA-2015-0850.html"
},
{
"name": "RHSA-2015:0158",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "http://rhn.redhat.com/errata/RHSA-2015-0158.html"
},
{
"name": "RHSA-2014:1834",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "http://rhn.redhat.com/errata/RHSA-2014-1834.html"
},
{
"name": "60466",
"tags": [
"third-party-advisory",
"x_transferred"
],
"url": "http://secunia.com/advisories/60466"
},
{
"name": "RHSA-2015:0125",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "http://rhn.redhat.com/errata/RHSA-2015-0125.html"
},
{
"name": "RHSA-2015:1176",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "http://rhn.redhat.com/errata/RHSA-2015-1176.html"
},
{
"name": "RHSA-2016:1931",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "http://rhn.redhat.com/errata/RHSA-2016-1931.html"
},
{
"name": "RHSA-2014:1146",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "http://rhn.redhat.com/errata/RHSA-2014-1146.html"
},
{
"name": "RHSA-2015:1177",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "http://rhn.redhat.com/errata/RHSA-2015-1177.html"
},
{
"name": "69258",
"tags": [
"vdb-entry",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/69258"
},
{
"name": "RHSA-2014:1892",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "http://rhn.redhat.com/errata/RHSA-2014-1892.html"
},
{
"name": "RHSA-2015:0851",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "http://rhn.redhat.com/errata/RHSA-2015-0851.html"
},
{
"tags": [
"x_transferred"
],
"url": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05103564"
},
{
"name": "RHSA-2014:1835",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "http://rhn.redhat.com/errata/RHSA-2014-1835.html"
},
{
"name": "1030812",
"tags": [
"vdb-entry",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1030812"
},
{
"tags": [
"x_transferred"
],
"url": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05363782"
},
{
"name": "USN-2769-1",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "http://www.ubuntu.com/usn/USN-2769-1"
},
{
"name": "60589",
"tags": [
"third-party-advisory",
"x_transferred"
],
"url": "http://secunia.com/advisories/60589"
},
{
"name": "RHSA-2014:1836",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "http://rhn.redhat.com/errata/RHSA-2014-1836.html"
},
{
"name": "apache-cve20143577-spoofing(95327)",
"tags": [
"vdb-entry",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/95327"
},
{
"name": "20140818 CVE-2014-3577: Apache HttpComponents client: Hostname verification susceptible to MITM attack",
"tags": [
"mailing-list",
"x_transferred"
],
"url": "http://seclists.org/fulldisclosure/2014/Aug/48"
},
{
"name": "RHSA-2016:1773",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "http://rhn.redhat.com/errata/RHSA-2016-1773.html"
},
{
"name": "[drill-dev] 20191017 Dependencies used by Drill contain known vulnerabilities",
"tags": [
"mailing-list",
"x_transferred"
],
"url": "https://lists.apache.org/thread.html/b0656d359c7d40ec9f39c8cc61bca66802ef9a2a12ee199f5b0c1442%40%3Cdev.drill.apache.org%3E"
},
{
"name": "[drill-dev] 20191021 [jira] [Created] (DRILL-7416) Updates required to dependencies to resolve potential security vulnerabilities",
"tags": [
"mailing-list",
"x_transferred"
],
"url": "https://lists.apache.org/thread.html/519eb0fd45642dcecd9ff74cb3e71c20a4753f7d82e2f07864b5108f%40%3Cdev.drill.apache.org%3E"
},
{
"name": "[drill-issues] 20191021 [jira] [Created] (DRILL-7416) Updates required to dependencies to resolve potential security vulnerabilities",
"tags": [
"mailing-list",
"x_transferred"
],
"url": "https://lists.apache.org/thread.html/f9bc3e55f4e28d1dcd1a69aae6d53e609a758e34d2869b4d798e13cc%40%3Cissues.drill.apache.org%3E"
},
{
"name": "[cxf-commits] 20200116 svn commit: r1055336 - in /websites/production/cxf/content: cache/main.pageCache security-advisories.data/CVE-2019-12423.txt.asc security-advisories.data/CVE-2019-17573.txt.asc security-advisories.html",
"tags": [
"mailing-list",
"x_transferred"
],
"url": "https://lists.apache.org/thread.html/rc774278135816e7afc943dc9fc78eb0764f2c84a2b96470a0187315c%40%3Ccommits.cxf.apache.org%3E"
},
{
"name": "[cxf-commits] 20200319 svn commit: r1058035 - in /websites/production/cxf/content: cache/main.pageCache security-advisories.data/CVE-2019-17573.txt.asc security-advisories.html",
"tags": [
"mailing-list",
"x_transferred"
],
"url": "https://lists.apache.org/thread.html/r36e44ffc1a9b365327df62cdfaabe85b9a5637de102cea07d79b2dbf%40%3Ccommits.cxf.apache.org%3E"
},
{
"name": "[cxf-commits] 20200401 svn commit: r1058573 - in /websites/production/cxf/content: cache/main.pageCache index.html security-advisories.data/CVE-2020-1954.txt.asc security-advisories.html",
"tags": [
"mailing-list",
"x_transferred"
],
"url": "https://lists.apache.org/thread.html/rff42cfa5e7d75b7c1af0e37589140a8f1999e578a75738740b244bd4%40%3Ccommits.cxf.apache.org%3E"
},
{
"name": "openSUSE-SU-2020:1873",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2020-11/msg00032.html"
},
{
"name": "openSUSE-SU-2020:1875",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2020-11/msg00033.html"
},
{
"name": "[cxf-commits] 20201112 svn commit: r1067927 - in /websites/production/cxf/content: cache/main.pageCache security-advisories.data/CVE-2020-13954.txt.asc security-advisories.html",
"tags": [
"mailing-list",
"x_transferred"
],
"url": "https://lists.apache.org/thread.html/rd49aabd984ed540c8ff7916d4d79405f3fa311d2fdbcf9ed307839a6%40%3Ccommits.cxf.apache.org%3E"
},
{
"name": "[cxf-commits] 20210402 svn commit: r1073270 - in /websites/production/cxf/content: cache/main.pageCache security-advisories.data/CVE-2021-22696.txt.asc security-advisories.html",
"tags": [
"mailing-list",
"x_transferred"
],
"url": "https://lists.apache.org/thread.html/rec7160382badd3ef4ad017a22f64a266c7188b9ba71394f0d321e2d4%40%3Ccommits.cxf.apache.org%3E"
},
{
"name": "[cxf-commits] 20210616 svn commit: r1075801 - in /websites/production/cxf/content: cache/main.pageCache index.html security-advisories.data/CVE-2021-30468.txt.asc security-advisories.html",
"tags": [
"mailing-list",
"x_transferred"
],
"url": "https://lists.apache.org/thread.html/rfb87e0bf3995e7d560afeed750fac9329ff5f1ad49da365129b7f89e%40%3Ccommits.cxf.apache.org%3E"
},
{
"name": "[oss-security] 20211006 Multiple vulnerabilities in Jenkins and Jenkins plugins",
"tags": [
"mailing-list",
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2021/10/06/1"
},
{
"tags": [
"x_transferred"
],
"url": "https://security.netapp.com/advisory/ntap-20231027-0003/"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2014-08-18T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "org.apache.http.conn.ssl.AbstractVerifier in Apache HttpComponents HttpClient before 4.3.5 and HttpAsyncClient before 4.0.2 does not properly verify that the server hostname matches a domain name in the subject\u0027s Common Name (CN) or subjectAltName field of the X.509 certificate, which allows man-in-the-middle attackers to spoof SSL servers via a \"CN=\" string in a field in the distinguished name (DN) of a certificate, as demonstrated by the \"foo,CN=www.apache.org\" string in the O field."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-10-27T14:07:16.016Z",
"orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"shortName": "redhat"
},
"references": [
{
"name": "RHSA-2014:1891",
"tags": [
"vendor-advisory"
],
"url": "http://rhn.redhat.com/errata/RHSA-2014-1891.html"
},
{
"name": "RHSA-2015:0765",
"tags": [
"vendor-advisory"
],
"url": "http://rhn.redhat.com/errata/RHSA-2015-0765.html"
},
{
"url": "https://access.redhat.com/solutions/1165533"
},
{
"name": "110143",
"tags": [
"vdb-entry"
],
"url": "http://www.osvdb.org/110143"
},
{
"url": "http://www.oracle.com/technetwork/security-advisory/cpujul2018-4258247.html"
},
{
"name": "RHSA-2015:0675",
"tags": [
"vendor-advisory"
],
"url": "http://rhn.redhat.com/errata/RHSA-2015-0675.html"
},
{
"name": "60713",
"tags": [
"third-party-advisory"
],
"url": "http://secunia.com/advisories/60713"
},
{
"url": "http://packetstormsecurity.com/files/127913/Apache-HttpComponents-Man-In-The-Middle.html"
},
{
"name": "RHSA-2015:0720",
"tags": [
"vendor-advisory"
],
"url": "http://rhn.redhat.com/errata/RHSA-2015-0720.html"
},
{
"name": "RHSA-2014:1166",
"tags": [
"vendor-advisory"
],
"url": "http://rhn.redhat.com/errata/RHSA-2014-1166.html"
},
{
"name": "RHSA-2015:1888",
"tags": [
"vendor-advisory"
],
"url": "http://rhn.redhat.com/errata/RHSA-2015-1888.html"
},
{
"name": "RHSA-2014:1833",
"tags": [
"vendor-advisory"
],
"url": "http://rhn.redhat.com/errata/RHSA-2014-1833.html"
},
{
"name": "RHSA-2015:0850",
"tags": [
"vendor-advisory"
],
"url": "http://rhn.redhat.com/errata/RHSA-2015-0850.html"
},
{
"name": "RHSA-2015:0158",
"tags": [
"vendor-advisory"
],
"url": "http://rhn.redhat.com/errata/RHSA-2015-0158.html"
},
{
"name": "RHSA-2014:1834",
"tags": [
"vendor-advisory"
],
"url": "http://rhn.redhat.com/errata/RHSA-2014-1834.html"
},
{
"name": "60466",
"tags": [
"third-party-advisory"
],
"url": "http://secunia.com/advisories/60466"
},
{
"name": "RHSA-2015:0125",
"tags": [
"vendor-advisory"
],
"url": "http://rhn.redhat.com/errata/RHSA-2015-0125.html"
},
{
"name": "RHSA-2015:1176",
"tags": [
"vendor-advisory"
],
"url": "http://rhn.redhat.com/errata/RHSA-2015-1176.html"
},
{
"name": "RHSA-2016:1931",
"tags": [
"vendor-advisory"
],
"url": "http://rhn.redhat.com/errata/RHSA-2016-1931.html"
},
{
"name": "RHSA-2014:1146",
"tags": [
"vendor-advisory"
],
"url": "http://rhn.redhat.com/errata/RHSA-2014-1146.html"
},
{
"name": "RHSA-2015:1177",
"tags": [
"vendor-advisory"
],
"url": "http://rhn.redhat.com/errata/RHSA-2015-1177.html"
},
{
"name": "69258",
"tags": [
"vdb-entry"
],
"url": "http://www.securityfocus.com/bid/69258"
},
{
"name": "RHSA-2014:1892",
"tags": [
"vendor-advisory"
],
"url": "http://rhn.redhat.com/errata/RHSA-2014-1892.html"
},
{
"name": "RHSA-2015:0851",
"tags": [
"vendor-advisory"
],
"url": "http://rhn.redhat.com/errata/RHSA-2015-0851.html"
},
{
"url": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05103564"
},
{
"name": "RHSA-2014:1835",
"tags": [
"vendor-advisory"
],
"url": "http://rhn.redhat.com/errata/RHSA-2014-1835.html"
},
{
"name": "1030812",
"tags": [
"vdb-entry"
],
"url": "http://www.securitytracker.com/id/1030812"
},
{
"url": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05363782"
},
{
"name": "USN-2769-1",
"tags": [
"vendor-advisory"
],
"url": "http://www.ubuntu.com/usn/USN-2769-1"
},
{
"name": "60589",
"tags": [
"third-party-advisory"
],
"url": "http://secunia.com/advisories/60589"
},
{
"name": "RHSA-2014:1836",
"tags": [
"vendor-advisory"
],
"url": "http://rhn.redhat.com/errata/RHSA-2014-1836.html"
},
{
"name": "apache-cve20143577-spoofing(95327)",
"tags": [
"vdb-entry"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/95327"
},
{
"name": "20140818 CVE-2014-3577: Apache HttpComponents client: Hostname verification susceptible to MITM attack",
"tags": [
"mailing-list"
],
"url": "http://seclists.org/fulldisclosure/2014/Aug/48"
},
{
"name": "RHSA-2016:1773",
"tags": [
"vendor-advisory"
],
"url": "http://rhn.redhat.com/errata/RHSA-2016-1773.html"
},
{
"name": "[drill-dev] 20191017 Dependencies used by Drill contain known vulnerabilities",
"tags": [
"mailing-list"
],
"url": "https://lists.apache.org/thread.html/b0656d359c7d40ec9f39c8cc61bca66802ef9a2a12ee199f5b0c1442%40%3Cdev.drill.apache.org%3E"
},
{
"name": "[drill-dev] 20191021 [jira] [Created] (DRILL-7416) Updates required to dependencies to resolve potential security vulnerabilities",
"tags": [
"mailing-list"
],
"url": "https://lists.apache.org/thread.html/519eb0fd45642dcecd9ff74cb3e71c20a4753f7d82e2f07864b5108f%40%3Cdev.drill.apache.org%3E"
},
{
"name": "[drill-issues] 20191021 [jira] [Created] (DRILL-7416) Updates required to dependencies to resolve potential security vulnerabilities",
"tags": [
"mailing-list"
],
"url": "https://lists.apache.org/thread.html/f9bc3e55f4e28d1dcd1a69aae6d53e609a758e34d2869b4d798e13cc%40%3Cissues.drill.apache.org%3E"
},
{
"name": "[cxf-commits] 20200116 svn commit: r1055336 - in /websites/production/cxf/content: cache/main.pageCache security-advisories.data/CVE-2019-12423.txt.asc security-advisories.data/CVE-2019-17573.txt.asc security-advisories.html",
"tags": [
"mailing-list"
],
"url": "https://lists.apache.org/thread.html/rc774278135816e7afc943dc9fc78eb0764f2c84a2b96470a0187315c%40%3Ccommits.cxf.apache.org%3E"
},
{
"name": "[cxf-commits] 20200319 svn commit: r1058035 - in /websites/production/cxf/content: cache/main.pageCache security-advisories.data/CVE-2019-17573.txt.asc security-advisories.html",
"tags": [
"mailing-list"
],
"url": "https://lists.apache.org/thread.html/r36e44ffc1a9b365327df62cdfaabe85b9a5637de102cea07d79b2dbf%40%3Ccommits.cxf.apache.org%3E"
},
{
"name": "[cxf-commits] 20200401 svn commit: r1058573 - in /websites/production/cxf/content: cache/main.pageCache index.html security-advisories.data/CVE-2020-1954.txt.asc security-advisories.html",
"tags": [
"mailing-list"
],
"url": "https://lists.apache.org/thread.html/rff42cfa5e7d75b7c1af0e37589140a8f1999e578a75738740b244bd4%40%3Ccommits.cxf.apache.org%3E"
},
{
"name": "openSUSE-SU-2020:1873",
"tags": [
"vendor-advisory"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2020-11/msg00032.html"
},
{
"name": "openSUSE-SU-2020:1875",
"tags": [
"vendor-advisory"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2020-11/msg00033.html"
},
{
"name": "[cxf-commits] 20201112 svn commit: r1067927 - in /websites/production/cxf/content: cache/main.pageCache security-advisories.data/CVE-2020-13954.txt.asc security-advisories.html",
"tags": [
"mailing-list"
],
"url": "https://lists.apache.org/thread.html/rd49aabd984ed540c8ff7916d4d79405f3fa311d2fdbcf9ed307839a6%40%3Ccommits.cxf.apache.org%3E"
},
{
"name": "[cxf-commits] 20210402 svn commit: r1073270 - in /websites/production/cxf/content: cache/main.pageCache security-advisories.data/CVE-2021-22696.txt.asc security-advisories.html",
"tags": [
"mailing-list"
],
"url": "https://lists.apache.org/thread.html/rec7160382badd3ef4ad017a22f64a266c7188b9ba71394f0d321e2d4%40%3Ccommits.cxf.apache.org%3E"
},
{
"name": "[cxf-commits] 20210616 svn commit: r1075801 - in /websites/production/cxf/content: cache/main.pageCache index.html security-advisories.data/CVE-2021-30468.txt.asc security-advisories.html",
"tags": [
"mailing-list"
],
"url": "https://lists.apache.org/thread.html/rfb87e0bf3995e7d560afeed750fac9329ff5f1ad49da365129b7f89e%40%3Ccommits.cxf.apache.org%3E"
},
{
"name": "[oss-security] 20211006 Multiple vulnerabilities in Jenkins and Jenkins plugins",
"tags": [
"mailing-list"
],
"url": "http://www.openwall.com/lists/oss-security/2021/10/06/1"
},
{
"url": "https://security.netapp.com/advisory/ntap-20231027-0003/"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"assignerShortName": "redhat",
"cveId": "CVE-2014-3577",
"datePublished": "2014-08-21T00:00:00.000Z",
"dateReserved": "2014-05-14T00:00:00.000Z",
"dateUpdated": "2024-08-06T10:50:17.592Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1",
"vulnerability-lookup:meta": {
"epss": {
"cve": "CVE-2014-3577",
"date": "2026-07-12",
"epss": "0.09149",
"percentile": "0.94722"
},
"nvd": "{\"cve\":{\"id\":\"CVE-2014-3577\",\"sourceIdentifier\":\"secalert@redhat.com\",\"published\":\"2014-08-21T14:55:05.100\",\"lastModified\":\"2026-05-06T22:30:45.220\",\"vulnStatus\":\"Modified\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"org.apache.http.conn.ssl.AbstractVerifier in Apache HttpComponents HttpClient before 4.3.5 and HttpAsyncClient before 4.0.2 does not properly verify that the server hostname matches a domain name in the subject\u0027s Common Name (CN) or subjectAltName field of the X.509 certificate, which allows man-in-the-middle attackers to spoof SSL servers via a \\\"CN=\\\" string in a field in the distinguished name (DN) of a certificate, as demonstrated by the \\\"foo,CN=www.apache.org\\\" string in the O field.\"},{\"lang\":\"es\",\"value\":\"org.apache.http.conn.ssl.AbstractVerifier en Apache HttpComponents HttpClient anterior a 4.3.5 y HttpAsyncClient anterior a 4.0.2 no verifica debidamente que el nombre del servidor coincide con un nombre de dominio en el campo del asunto Common Name (CN) o subjectAltName del certificado X.509, lo que permite a atacantes man-in-the-middle falsificar servidores SSL a trav\u00e9s de una cadena \u0027CN=\u0027 en un campo en el Distinguished Name (DN) de un certificado, tal y como fue demostrado por la cadena \u0027foo,CN=www.apache.org\u0027 en el campo O.\"}],\"metrics\":{\"cvssMetricV2\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"2.0\",\"vectorString\":\"AV:N/AC:M/Au:N/C:P/I:P/A:N\",\"baseScore\":5.8,\"accessVector\":\"NETWORK\",\"accessComplexity\":\"MEDIUM\",\"authentication\":\"NONE\",\"confidentialityImpact\":\"PARTIAL\",\"integrityImpact\":\"PARTIAL\",\"availabilityImpact\":\"NONE\"},\"baseSeverity\":\"MEDIUM\",\"exploitabilityScore\":8.6,\"impactScore\":4.9,\"acInsufInfo\":false,\"obtainAllPrivilege\":false,\"obtainUserPrivilege\":false,\"obtainOtherPrivilege\":false,\"userInteractionRequired\":false}]},\"weaknesses\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"NVD-CWE-Other\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:httpclient:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"4.0\",\"versionEndIncluding\":\"4.3.4\",\"matchCriteriaId\":\"B255B644-287F-4245-93EC-35C72729454F\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:httpasyncclient:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"4.0\",\"versionEndIncluding\":\"4.0.1\",\"matchCriteriaId\":\"A889F3E1-B405-4F5C-84A9-DFBA68ECEDC7\"}]}]}],\"references\":[{\"url\":\"http://lists.opensuse.org/opensuse-security-announce/2020-11/msg00032.html\",\"source\":\"secalert@redhat.com\"},{\"url\":\"http://lists.opensuse.org/opensuse-security-announce/2020-11/msg00033.html\",\"source\":\"secalert@redhat.com\"},{\"url\":\"http://packetstormsecurity.com/files/127913/Apache-HttpComponents-Man-In-The-Middle.html\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Exploit\",\"Third Party Advisory\",\"VDB Entry\"]},{\"url\":\"http://rhn.redhat.com/errata/RHSA-2014-1146.html\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://rhn.redhat.com/errata/RHSA-2014-1166.html\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://rhn.redhat.com/errata/RHSA-2014-1833.html\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://rhn.redhat.com/errata/RHSA-2014-1834.html\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://rhn.redhat.com/errata/RHSA-2014-1835.html\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://rhn.redhat.com/errata/RHSA-2014-1836.html\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://rhn.redhat.com/errata/RHSA-2014-1891.html\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://rhn.redhat.com/errata/RHSA-2014-1892.html\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://rhn.redhat.com/errata/RHSA-2015-0125.html\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://rhn.redhat.com/errata/RHSA-2015-0158.html\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://rhn.redhat.com/errata/RHSA-2015-0675.html\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://rhn.redhat.com/errata/RHSA-2015-0720.html\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://rhn.redhat.com/errata/RHSA-2015-0765.html\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://rhn.redhat.com/errata/RHSA-2015-0850.html\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://rhn.redhat.com/errata/RHSA-2015-0851.html\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://rhn.redhat.com/errata/RHSA-2015-1176.html\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://rhn.redhat.com/errata/RHSA-2015-1177.html\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://rhn.redhat.com/errata/RHSA-2015-1888.html\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://rhn.redhat.com/errata/RHSA-2016-1773.html\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://rhn.redhat.com/errata/RHSA-2016-1931.html\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://seclists.org/fulldisclosure/2014/Aug/48\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Exploit\",\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"http://secunia.com/advisories/60466\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://secunia.com/advisories/60589\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://secunia.com/advisories/60713\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://www.openwall.com/lists/oss-security/2021/10/06/1\",\"source\":\"secalert@redhat.com\"},{\"url\":\"http://www.oracle.com/technetwork/security-advisory/cpujul2018-4258247.html\",\"source\":\"secalert@redhat.com\"},{\"url\":\"http://www.osvdb.org/110143\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Broken Link\"]},{\"url\":\"http://www.securityfocus.com/bid/69258\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Third Party Advisory\",\"VDB Entry\"]},{\"url\":\"http://www.securitytracker.com/id/1030812\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Third Party Advisory\",\"VDB Entry\"]},{\"url\":\"http://www.ubuntu.com/usn/USN-2769-1\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://access.redhat.com/solutions/1165533\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://exchange.xforce.ibmcloud.com/vulnerabilities/95327\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Third Party Advisory\",\"VDB Entry\"]},{\"url\":\"https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05103564\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05363782\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://lists.apache.org/thread.html/519eb0fd45642dcecd9ff74cb3e71c20a4753f7d82e2f07864b5108f%40%3Cdev.drill.apache.org%3E\",\"source\":\"secalert@redhat.com\"},{\"url\":\"https://lists.apache.org/thread.html/b0656d359c7d40ec9f39c8cc61bca66802ef9a2a12ee199f5b0c1442%40%3Cdev.drill.apache.org%3E\",\"source\":\"secalert@redhat.com\"},{\"url\":\"https://lists.apache.org/thread.html/f9bc3e55f4e28d1dcd1a69aae6d53e609a758e34d2869b4d798e13cc%40%3Cissues.drill.apache.org%3E\",\"source\":\"secalert@redhat.com\"},{\"url\":\"https://lists.apache.org/thread.html/r36e44ffc1a9b365327df62cdfaabe85b9a5637de102cea07d79b2dbf%40%3Ccommits.cxf.apache.org%3E\",\"source\":\"secalert@redhat.com\"},{\"url\":\"https://lists.apache.org/thread.html/rc774278135816e7afc943dc9fc78eb0764f2c84a2b96470a0187315c%40%3Ccommits.cxf.apache.org%3E\",\"source\":\"secalert@redhat.com\"},{\"url\":\"https://lists.apache.org/thread.html/rd49aabd984ed540c8ff7916d4d79405f3fa311d2fdbcf9ed307839a6%40%3Ccommits.cxf.apache.org%3E\",\"source\":\"secalert@redhat.com\"},{\"url\":\"https://lists.apache.org/thread.html/rec7160382badd3ef4ad017a22f64a266c7188b9ba71394f0d321e2d4%40%3Ccommits.cxf.apache.org%3E\",\"source\":\"secalert@redhat.com\"},{\"url\":\"https://lists.apache.org/thread.html/rfb87e0bf3995e7d560afeed750fac9329ff5f1ad49da365129b7f89e%40%3Ccommits.cxf.apache.org%3E\",\"source\":\"secalert@redhat.com\"},{\"url\":\"https://lists.apache.org/thread.html/rff42cfa5e7d75b7c1af0e37589140a8f1999e578a75738740b244bd4%40%3Ccommits.cxf.apache.org%3E\",\"source\":\"secalert@redhat.com\"},{\"url\":\"https://security.netapp.com/advisory/ntap-20231027-0003/\",\"source\":\"secalert@redhat.com\"},{\"url\":\"http://lists.opensuse.org/opensuse-security-announce/2020-11/msg00032.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://lists.opensuse.org/opensuse-security-announce/2020-11/msg00033.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://packetstormsecurity.com/files/127913/Apache-HttpComponents-Man-In-The-Middle.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Exploit\",\"Third Party Advisory\",\"VDB Entry\"]},{\"url\":\"http://rhn.redhat.com/errata/RHSA-2014-1146.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://rhn.redhat.com/errata/RHSA-2014-1166.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://rhn.redhat.com/errata/RHSA-2014-1833.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://rhn.redhat.com/errata/RHSA-2014-1834.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://rhn.redhat.com/errata/RHSA-2014-1835.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://rhn.redhat.com/errata/RHSA-2014-1836.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://rhn.redhat.com/errata/RHSA-2014-1891.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://rhn.redhat.com/errata/RHSA-2014-1892.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://rhn.redhat.com/errata/RHSA-2015-0125.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://rhn.redhat.com/errata/RHSA-2015-0158.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://rhn.redhat.com/errata/RHSA-2015-0675.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://rhn.redhat.com/errata/RHSA-2015-0720.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://rhn.redhat.com/errata/RHSA-2015-0765.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://rhn.redhat.com/errata/RHSA-2015-0850.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://rhn.redhat.com/errata/RHSA-2015-0851.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://rhn.redhat.com/errata/RHSA-2015-1176.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://rhn.redhat.com/errata/RHSA-2015-1177.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://rhn.redhat.com/errata/RHSA-2015-1888.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://rhn.redhat.com/errata/RHSA-2016-1773.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://rhn.redhat.com/errata/RHSA-2016-1931.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://seclists.org/fulldisclosure/2014/Aug/48\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Exploit\",\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"http://secunia.com/advisories/60466\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://secunia.com/advisories/60589\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://secunia.com/advisories/60713\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://www.openwall.com/lists/oss-security/2021/10/06/1\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.oracle.com/technetwork/security-advisory/cpujul2018-4258247.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.osvdb.org/110143\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Broken Link\"]},{\"url\":\"http://www.securityfocus.com/bid/69258\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\",\"VDB Entry\"]},{\"url\":\"http://www.securitytracker.com/id/1030812\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\",\"VDB Entry\"]},{\"url\":\"http://www.ubuntu.com/usn/USN-2769-1\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://access.redhat.com/solutions/1165533\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://exchange.xforce.ibmcloud.com/vulnerabilities/95327\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\",\"VDB Entry\"]},{\"url\":\"https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05103564\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05363782\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://lists.apache.org/thread.html/519eb0fd45642dcecd9ff74cb3e71c20a4753f7d82e2f07864b5108f%40%3Cdev.drill.apache.org%3E\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://lists.apache.org/thread.html/b0656d359c7d40ec9f39c8cc61bca66802ef9a2a12ee199f5b0c1442%40%3Cdev.drill.apache.org%3E\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://lists.apache.org/thread.html/f9bc3e55f4e28d1dcd1a69aae6d53e609a758e34d2869b4d798e13cc%40%3Cissues.drill.apache.org%3E\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://lists.apache.org/thread.html/r36e44ffc1a9b365327df62cdfaabe85b9a5637de102cea07d79b2dbf%40%3Ccommits.cxf.apache.org%3E\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://lists.apache.org/thread.html/rc774278135816e7afc943dc9fc78eb0764f2c84a2b96470a0187315c%40%3Ccommits.cxf.apache.org%3E\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://lists.apache.org/thread.html/rd49aabd984ed540c8ff7916d4d79405f3fa311d2fdbcf9ed307839a6%40%3Ccommits.cxf.apache.org%3E\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://lists.apache.org/thread.html/rec7160382badd3ef4ad017a22f64a266c7188b9ba71394f0d321e2d4%40%3Ccommits.cxf.apache.org%3E\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://lists.apache.org/thread.html/rfb87e0bf3995e7d560afeed750fac9329ff5f1ad49da365129b7f89e%40%3Ccommits.cxf.apache.org%3E\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://lists.apache.org/thread.html/rff42cfa5e7d75b7c1af0e37589140a8f1999e578a75738740b244bd4%40%3Ccommits.cxf.apache.org%3E\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://security.netapp.com/advisory/ntap-20231027-0003/\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"}],\"evaluatorComment\":\"\u003ca href=\\\"http://cwe.mitre.org/data/definitions/297.html\\\" rel=\\\"nofollow\\\"\u003eCWE-297: Improper Validation of Certificate with Host Mismatch\u003c/a\u003e\"}}",
"redhat_vex": {
"aggregate_severity": "Important",
"current_release_date": "2026-06-28T07:15:47+00:00",
"cve": "CVE-2014-3577",
"id": "CVE-2014-3577",
"initial_release_date": "2014-08-18T00:00:00+00:00",
"product_status:fixed": "335",
"product_status:known_affected": "34",
"product_status:known_not_affected": "570",
"source": "Red Hat CSAF VEX",
"status": "final",
"title": "CXF: SSL hostname verification bypass, incomplete CVE-2012-6153 fix",
"url": "https://security.access.redhat.com/data/csaf/v2/vex/2014/cve-2014-3577.json",
"version": "3"
}
}
}
WID-SEC-W-2023-0432
Vulnerability from csaf_certbund - Published: 2021-10-06 22:00 - Updated: 2023-02-20 23:00In Jenkins existieren mehrere Schwachstellen. Die Schwachstellen bestehen im Jenkins Core sowie in verschiedenen Plugins. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um Sicherheitsvorkehrungen zu umgehen, Informationen offenzulegen oder einen Cross-Site-Scripting-Angriff durchzuführen. Zur erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Benutzeraktion erforderlich.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Red Hat Enterprise Linux
Red Hat
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
Jenkins Jenkins plugins
Jenkins / Jenkins
|
cpe:/a:cloudbees:jenkins:plugins
|
— | |
|
Red Hat OpenShift Container Platform 4.12
Red Hat
|
cpe:/a:redhat:openshift:container_platform_4.12
|
— |
In Jenkins existieren mehrere Schwachstellen. Die Schwachstellen bestehen im Jenkins Core sowie in verschiedenen Plugins. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um Sicherheitsvorkehrungen zu umgehen, Informationen offenzulegen oder einen Cross-Site-Scripting-Angriff durchzuführen. Zur erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Benutzeraktion erforderlich.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Red Hat Enterprise Linux
Red Hat
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
Jenkins Jenkins plugins
Jenkins / Jenkins
|
cpe:/a:cloudbees:jenkins:plugins
|
— | |
|
Red Hat OpenShift Container Platform 4.12
Red Hat
|
cpe:/a:redhat:openshift:container_platform_4.12
|
— |
In Jenkins existieren mehrere Schwachstellen. Die Schwachstellen bestehen im Jenkins Core sowie in verschiedenen Plugins. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um Sicherheitsvorkehrungen zu umgehen, Informationen offenzulegen oder einen Cross-Site-Scripting-Angriff durchzuführen. Zur erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Benutzeraktion erforderlich.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Red Hat Enterprise Linux
Red Hat
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
Jenkins Jenkins plugins
Jenkins / Jenkins
|
cpe:/a:cloudbees:jenkins:plugins
|
— | |
|
Red Hat OpenShift Container Platform 4.12
Red Hat
|
cpe:/a:redhat:openshift:container_platform_4.12
|
— |
In Jenkins existieren mehrere Schwachstellen. Die Schwachstellen bestehen im Jenkins Core sowie in verschiedenen Plugins. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um Sicherheitsvorkehrungen zu umgehen, Informationen offenzulegen oder einen Cross-Site-Scripting-Angriff durchzuführen. Zur erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Benutzeraktion erforderlich.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Red Hat Enterprise Linux
Red Hat
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
Jenkins Jenkins plugins
Jenkins / Jenkins
|
cpe:/a:cloudbees:jenkins:plugins
|
— | |
|
Red Hat OpenShift Container Platform 4.12
Red Hat
|
cpe:/a:redhat:openshift:container_platform_4.12
|
— |
{
"document": {
"aggregate_severity": {
"text": "mittel"
},
"category": "csaf_base",
"csaf_version": "2.0",
"distribution": {
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "de-DE",
"notes": [
{
"category": "legal_disclaimer",
"text": "Das BSI ist als Anbieter f\u00fcr die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch daf\u00fcr verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgf\u00e4ltig im Einzelfall zu pr\u00fcfen."
},
{
"category": "description",
"text": "Jenkins ist ein erweiterbarer, webbasierter Integration Server zur kontinuierlichen Unterst\u00fctzung bei Softwareentwicklungen aller Art.",
"title": "Produktbeschreibung"
},
{
"category": "summary",
"text": "Ein entfernter, anonymer Angreifer kann mehrere Schwachstellen in Jenkins ausnutzen, um Sicherheitsvorkehrungen zu umgehen, Dateien zu manipulieren oder einen Cross-Site-Scripting-Angriff durchzuf\u00fchren.",
"title": "Angriff"
},
{
"category": "general",
"text": "- UNIX\n- Linux\n- Windows\n- Sonstiges",
"title": "Betroffene Betriebssysteme"
}
],
"publisher": {
"category": "other",
"contact_details": "csaf-provider@cert-bund.de",
"name": "Bundesamt f\u00fcr Sicherheit in der Informationstechnik",
"namespace": "https://www.bsi.bund.de"
},
"references": [
{
"category": "self",
"summary": "WID-SEC-W-2023-0432 - CSAF Version",
"url": "https://wid.cert-bund.de/.well-known/csaf/white/2021/wid-sec-w-2023-0432.json"
},
{
"category": "self",
"summary": "WID-SEC-2023-0432 - Portal Version",
"url": "https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2023-0432"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2023:0769 vom 2023-02-21",
"url": "https://access.redhat.com/errata/RHSA-2023:0769"
},
{
"category": "external",
"summary": "Jenkins Security Advisory vom 2021-10-06",
"url": "https://www.jenkins.io/security/advisory/2021-10-06/"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2022:0055 vom 2022-03-10",
"url": "https://access.redhat.com/errata/RHSA-2022:0055"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2022:0056 vom 2022-03-10",
"url": "https://access.redhat.com/errata/RHSA-2022:0056"
}
],
"source_lang": "en-US",
"title": "Jenkins: Mehrere Schwachstellen",
"tracking": {
"current_release_date": "2023-02-20T23:00:00.000+00:00",
"generator": {
"date": "2024-08-15T17:44:22.216+00:00",
"engine": {
"name": "BSI-WID",
"version": "1.3.5"
}
},
"id": "WID-SEC-W-2023-0432",
"initial_release_date": "2021-10-06T22:00:00.000+00:00",
"revision_history": [
{
"date": "2021-10-06T22:00:00.000+00:00",
"number": "1",
"summary": "Initiale Fassung"
},
{
"date": "2021-10-07T22:00:00.000+00:00",
"number": "2",
"summary": "Referenz(en) aufgenommen: 2011949"
},
{
"date": "2022-03-10T23:00:00.000+00:00",
"number": "3",
"summary": "Neue Updates von Red Hat aufgenommen"
},
{
"date": "2023-02-20T23:00:00.000+00:00",
"number": "4",
"summary": "Neue Updates von Red Hat aufgenommen"
}
],
"status": "final",
"version": "4"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Jenkins Jenkins plugins",
"product": {
"name": "Jenkins Jenkins plugins",
"product_id": "T013614",
"product_identification_helper": {
"cpe": "cpe:/a:cloudbees:jenkins:plugins"
}
}
},
{
"category": "product_name",
"name": "Jenkins Jenkins \u003c 2.315",
"product": {
"name": "Jenkins Jenkins \u003c 2.315",
"product_id": "T020571",
"product_identification_helper": {
"cpe": "cpe:/a:cloudbees:jenkins:2.315"
}
}
},
{
"category": "product_name",
"name": "Jenkins Jenkins \u003c LTS 2.303.2",
"product": {
"name": "Jenkins Jenkins \u003c LTS 2.303.2",
"product_id": "T020572",
"product_identification_helper": {
"cpe": "cpe:/a:cloudbees:jenkins:lts_2.303.2"
}
}
}
],
"category": "product_name",
"name": "Jenkins"
}
],
"category": "vendor",
"name": "Jenkins"
},
{
"branches": [
{
"category": "product_name",
"name": "Red Hat Enterprise Linux",
"product": {
"name": "Red Hat Enterprise Linux",
"product_id": "67646",
"product_identification_helper": {
"cpe": "cpe:/o:redhat:enterprise_linux:-"
}
}
},
{
"category": "product_name",
"name": "Red Hat OpenShift Container Platform 4.12",
"product": {
"name": "Red Hat OpenShift Container Platform 4.12",
"product_id": "T026435",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:openshift:container_platform_4.12"
}
}
}
],
"category": "vendor",
"name": "Red Hat"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2014-3577",
"notes": [
{
"category": "description",
"text": "In Jenkins existieren mehrere Schwachstellen. Die Schwachstellen bestehen im Jenkins Core sowie in verschiedenen Plugins. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um Sicherheitsvorkehrungen zu umgehen, Informationen offenzulegen oder einen Cross-Site-Scripting-Angriff durchzuf\u00fchren. Zur erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Benutzeraktion erforderlich."
}
],
"product_status": {
"known_affected": [
"67646",
"T013614",
"T026435"
]
},
"release_date": "2021-10-06T22:00:00.000+00:00",
"title": "CVE-2014-3577"
},
{
"cve": "CVE-2021-21682",
"notes": [
{
"category": "description",
"text": "In Jenkins existieren mehrere Schwachstellen. Die Schwachstellen bestehen im Jenkins Core sowie in verschiedenen Plugins. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um Sicherheitsvorkehrungen zu umgehen, Informationen offenzulegen oder einen Cross-Site-Scripting-Angriff durchzuf\u00fchren. Zur erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Benutzeraktion erforderlich."
}
],
"product_status": {
"known_affected": [
"67646",
"T013614",
"T026435"
]
},
"release_date": "2021-10-06T22:00:00.000+00:00",
"title": "CVE-2021-21682"
},
{
"cve": "CVE-2021-21683",
"notes": [
{
"category": "description",
"text": "In Jenkins existieren mehrere Schwachstellen. Die Schwachstellen bestehen im Jenkins Core sowie in verschiedenen Plugins. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um Sicherheitsvorkehrungen zu umgehen, Informationen offenzulegen oder einen Cross-Site-Scripting-Angriff durchzuf\u00fchren. Zur erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Benutzeraktion erforderlich."
}
],
"product_status": {
"known_affected": [
"67646",
"T013614",
"T026435"
]
},
"release_date": "2021-10-06T22:00:00.000+00:00",
"title": "CVE-2021-21683"
},
{
"cve": "CVE-2021-21684",
"notes": [
{
"category": "description",
"text": "In Jenkins existieren mehrere Schwachstellen. Die Schwachstellen bestehen im Jenkins Core sowie in verschiedenen Plugins. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um Sicherheitsvorkehrungen zu umgehen, Informationen offenzulegen oder einen Cross-Site-Scripting-Angriff durchzuf\u00fchren. Zur erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Benutzeraktion erforderlich."
}
],
"product_status": {
"known_affected": [
"67646",
"T013614",
"T026435"
]
},
"release_date": "2021-10-06T22:00:00.000+00:00",
"title": "CVE-2021-21684"
}
]
}
WID-SEC-W-2025-1459
Vulnerability from csaf_certbund - Published: 2025-07-03 22:00 - Updated: 2025-07-03 22:00| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Dell Data Protection Advisor <19.12 SP 1
Dell / Data Protection Advisor
|
<19.12 SP 1 |
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Dell Data Protection Advisor <19.12 SP 1
Dell / Data Protection Advisor
|
<19.12 SP 1 |
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Dell Data Protection Advisor <19.12 SP 1
Dell / Data Protection Advisor
|
<19.12 SP 1 |
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Dell Data Protection Advisor <19.12 SP 1
Dell / Data Protection Advisor
|
<19.12 SP 1 |
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Dell Data Protection Advisor <19.12 SP 1
Dell / Data Protection Advisor
|
<19.12 SP 1 |
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Dell Data Protection Advisor <19.12 SP 1
Dell / Data Protection Advisor
|
<19.12 SP 1 |
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Dell Data Protection Advisor <19.12 SP 1
Dell / Data Protection Advisor
|
<19.12 SP 1 |
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Dell Data Protection Advisor <19.12 SP 1
Dell / Data Protection Advisor
|
<19.12 SP 1 |
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Dell Data Protection Advisor <19.12 SP 1
Dell / Data Protection Advisor
|
<19.12 SP 1 |
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Dell Data Protection Advisor <19.12 SP 1
Dell / Data Protection Advisor
|
<19.12 SP 1 |
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Dell Data Protection Advisor <19.12 SP 1
Dell / Data Protection Advisor
|
<19.12 SP 1 |
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Dell Data Protection Advisor <19.12 SP 1
Dell / Data Protection Advisor
|
<19.12 SP 1 |
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Dell Data Protection Advisor <19.12 SP 1
Dell / Data Protection Advisor
|
<19.12 SP 1 |
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Dell Data Protection Advisor <19.12 SP 1
Dell / Data Protection Advisor
|
<19.12 SP 1 |
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Dell Data Protection Advisor <19.12 SP 1
Dell / Data Protection Advisor
|
<19.12 SP 1 |
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Dell Data Protection Advisor <19.12 SP 1
Dell / Data Protection Advisor
|
<19.12 SP 1 |
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Dell Data Protection Advisor <19.12 SP 1
Dell / Data Protection Advisor
|
<19.12 SP 1 |
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Dell Data Protection Advisor <19.12 SP 1
Dell / Data Protection Advisor
|
<19.12 SP 1 |
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Dell Data Protection Advisor <19.12 SP 1
Dell / Data Protection Advisor
|
<19.12 SP 1 |
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Dell Data Protection Advisor <19.12 SP 1
Dell / Data Protection Advisor
|
<19.12 SP 1 |
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Dell Data Protection Advisor <19.12 SP 1
Dell / Data Protection Advisor
|
<19.12 SP 1 |
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Dell Data Protection Advisor <19.12 SP 1
Dell / Data Protection Advisor
|
<19.12 SP 1 |
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Dell Data Protection Advisor <19.12 SP 1
Dell / Data Protection Advisor
|
<19.12 SP 1 |
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Dell Data Protection Advisor <19.12 SP 1
Dell / Data Protection Advisor
|
<19.12 SP 1 |
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Dell Data Protection Advisor <19.12 SP 1
Dell / Data Protection Advisor
|
<19.12 SP 1 |
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Dell Data Protection Advisor <19.12 SP 1
Dell / Data Protection Advisor
|
<19.12 SP 1 |
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Dell Data Protection Advisor <19.12 SP 1
Dell / Data Protection Advisor
|
<19.12 SP 1 |
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Dell Data Protection Advisor <19.12 SP 1
Dell / Data Protection Advisor
|
<19.12 SP 1 |
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Dell Data Protection Advisor <19.12 SP 1
Dell / Data Protection Advisor
|
<19.12 SP 1 |
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Dell Data Protection Advisor <19.12 SP 1
Dell / Data Protection Advisor
|
<19.12 SP 1 |
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Dell Data Protection Advisor <19.12 SP 1
Dell / Data Protection Advisor
|
<19.12 SP 1 |
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Dell Data Protection Advisor <19.12 SP 1
Dell / Data Protection Advisor
|
<19.12 SP 1 |
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Dell Data Protection Advisor <19.12 SP 1
Dell / Data Protection Advisor
|
<19.12 SP 1 |
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Dell Data Protection Advisor <19.12 SP 1
Dell / Data Protection Advisor
|
<19.12 SP 1 |
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Dell Data Protection Advisor <19.12 SP 1
Dell / Data Protection Advisor
|
<19.12 SP 1 |
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Dell Data Protection Advisor <19.12 SP 1
Dell / Data Protection Advisor
|
<19.12 SP 1 |
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Dell Data Protection Advisor <19.12 SP 1
Dell / Data Protection Advisor
|
<19.12 SP 1 |
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Dell Data Protection Advisor <19.12 SP 1
Dell / Data Protection Advisor
|
<19.12 SP 1 |
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Dell Data Protection Advisor <19.12 SP 1
Dell / Data Protection Advisor
|
<19.12 SP 1 |
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Dell Data Protection Advisor <19.12 SP 1
Dell / Data Protection Advisor
|
<19.12 SP 1 |
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Dell Data Protection Advisor <19.12 SP 1
Dell / Data Protection Advisor
|
<19.12 SP 1 |
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Dell Data Protection Advisor <19.12 SP 1
Dell / Data Protection Advisor
|
<19.12 SP 1 |
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Dell Data Protection Advisor <19.12 SP 1
Dell / Data Protection Advisor
|
<19.12 SP 1 |
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Dell Data Protection Advisor <19.12 SP 1
Dell / Data Protection Advisor
|
<19.12 SP 1 |
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Dell Data Protection Advisor <19.12 SP 1
Dell / Data Protection Advisor
|
<19.12 SP 1 |
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Dell Data Protection Advisor <19.12 SP 1
Dell / Data Protection Advisor
|
<19.12 SP 1 |
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Dell Data Protection Advisor <19.12 SP 1
Dell / Data Protection Advisor
|
<19.12 SP 1 |
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Dell Data Protection Advisor <19.12 SP 1
Dell / Data Protection Advisor
|
<19.12 SP 1 |
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Dell Data Protection Advisor <19.12 SP 1
Dell / Data Protection Advisor
|
<19.12 SP 1 |
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Dell Data Protection Advisor <19.12 SP 1
Dell / Data Protection Advisor
|
<19.12 SP 1 |
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Dell Data Protection Advisor <19.12 SP 1
Dell / Data Protection Advisor
|
<19.12 SP 1 |
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Dell Data Protection Advisor <19.12 SP 1
Dell / Data Protection Advisor
|
<19.12 SP 1 |
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Dell Data Protection Advisor <19.12 SP 1
Dell / Data Protection Advisor
|
<19.12 SP 1 |
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Dell Data Protection Advisor <19.12 SP 1
Dell / Data Protection Advisor
|
<19.12 SP 1 |
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Dell Data Protection Advisor <19.12 SP 1
Dell / Data Protection Advisor
|
<19.12 SP 1 |
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Dell Data Protection Advisor <19.12 SP 1
Dell / Data Protection Advisor
|
<19.12 SP 1 |
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Dell Data Protection Advisor <19.12 SP 1
Dell / Data Protection Advisor
|
<19.12 SP 1 |
{
"document": {
"aggregate_severity": {
"text": "hoch"
},
"category": "csaf_base",
"csaf_version": "2.0",
"distribution": {
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "de-DE",
"notes": [
{
"category": "legal_disclaimer",
"text": "Das BSI ist als Anbieter f\u00fcr die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch daf\u00fcr verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgf\u00e4ltig im Einzelfall zu pr\u00fcfen."
},
{
"category": "description",
"text": "Data Protection Advisor ist eine Monitoring L\u00f6sung. Der Collector ist der lokale Agent.",
"title": "Produktbeschreibung"
},
{
"category": "summary",
"text": "Ein Angreifer kann mehrere Schwachstellen in Dell Data Protection Advisor ausnutzen, um beliebigen Programmcode auszuf\u00fchren, um einen Denial of Service Angriff durchzuf\u00fchren, und um weitere nicht n\u00e4her spezifizierte Angriffe durchzuf\u00fchren.",
"title": "Angriff"
},
{
"category": "general",
"text": "- Linux\n- Sonstiges\n- UNIX\n- Windows",
"title": "Betroffene Betriebssysteme"
}
],
"publisher": {
"category": "other",
"contact_details": "csaf-provider@cert-bund.de",
"name": "Bundesamt f\u00fcr Sicherheit in der Informationstechnik",
"namespace": "https://www.bsi.bund.de"
},
"references": [
{
"category": "self",
"summary": "WID-SEC-W-2025-1459 - CSAF Version",
"url": "https://wid.cert-bund.de/.well-known/csaf/white/2025/wid-sec-w-2025-1459.json"
},
{
"category": "self",
"summary": "WID-SEC-2025-1459 - Portal Version",
"url": "https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2025-1459"
},
{
"category": "external",
"summary": "Dell Security Advisory DSA-2025-276 vom 2025-07-03",
"url": "https://www.dell.com/support/kbdoc/000340538"
}
],
"source_lang": "en-US",
"title": "Dell Data Protection Advisor: Mehrere Schwachstellen",
"tracking": {
"current_release_date": "2025-07-03T22:00:00.000+00:00",
"generator": {
"date": "2025-07-04T08:09:43.042+00:00",
"engine": {
"name": "BSI-WID",
"version": "1.4.0"
}
},
"id": "WID-SEC-W-2025-1459",
"initial_release_date": "2025-07-03T22:00:00.000+00:00",
"revision_history": [
{
"date": "2025-07-03T22:00:00.000+00:00",
"number": "1",
"summary": "Initiale Fassung"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version_range",
"name": "\u003c19.12 SP 1",
"product": {
"name": "Dell Data Protection Advisor \u003c19.12 SP 1",
"product_id": "T045044"
}
},
{
"category": "product_version",
"name": "19.12 SP 1",
"product": {
"name": "Dell Data Protection Advisor 19.12 SP 1",
"product_id": "T045044-fixed",
"product_identification_helper": {
"cpe": "cpe:/a:dell:data_protection_advisor:19.12_sp_1"
}
}
}
],
"category": "product_name",
"name": "Data Protection Advisor"
}
],
"category": "vendor",
"name": "Dell"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2013-0340",
"product_status": {
"known_affected": [
"T045044"
]
},
"release_date": "2025-07-03T22:00:00.000+00:00",
"title": "CVE-2013-0340"
},
{
"cve": "CVE-2013-1624",
"product_status": {
"known_affected": [
"T045044"
]
},
"release_date": "2025-07-03T22:00:00.000+00:00",
"title": "CVE-2013-1624"
},
{
"cve": "CVE-2014-3577",
"product_status": {
"known_affected": [
"T045044"
]
},
"release_date": "2025-07-03T22:00:00.000+00:00",
"title": "CVE-2014-3577"
},
{
"cve": "CVE-2015-3193",
"product_status": {
"known_affected": [
"T045044"
]
},
"release_date": "2025-07-03T22:00:00.000+00:00",
"title": "CVE-2015-3193"
},
{
"cve": "CVE-2015-3194",
"product_status": {
"known_affected": [
"T045044"
]
},
"release_date": "2025-07-03T22:00:00.000+00:00",
"title": "CVE-2015-3194"
},
{
"cve": "CVE-2015-5262",
"product_status": {
"known_affected": [
"T045044"
]
},
"release_date": "2025-07-03T22:00:00.000+00:00",
"title": "CVE-2015-5262"
},
{
"cve": "CVE-2016-0705",
"product_status": {
"known_affected": [
"T045044"
]
},
"release_date": "2025-07-03T22:00:00.000+00:00",
"title": "CVE-2016-0705"
},
{
"cve": "CVE-2016-0797",
"product_status": {
"known_affected": [
"T045044"
]
},
"release_date": "2025-07-03T22:00:00.000+00:00",
"title": "CVE-2016-0797"
},
{
"cve": "CVE-2016-0798",
"product_status": {
"known_affected": [
"T045044"
]
},
"release_date": "2025-07-03T22:00:00.000+00:00",
"title": "CVE-2016-0798"
},
{
"cve": "CVE-2016-0799",
"product_status": {
"known_affected": [
"T045044"
]
},
"release_date": "2025-07-03T22:00:00.000+00:00",
"title": "CVE-2016-0799"
},
{
"cve": "CVE-2016-2842",
"product_status": {
"known_affected": [
"T045044"
]
},
"release_date": "2025-07-03T22:00:00.000+00:00",
"title": "CVE-2016-2842"
},
{
"cve": "CVE-2016-6306",
"product_status": {
"known_affected": [
"T045044"
]
},
"release_date": "2025-07-03T22:00:00.000+00:00",
"title": "CVE-2016-6306"
},
{
"cve": "CVE-2017-3731",
"product_status": {
"known_affected": [
"T045044"
]
},
"release_date": "2025-07-03T22:00:00.000+00:00",
"title": "CVE-2017-3731"
},
{
"cve": "CVE-2017-3732",
"product_status": {
"known_affected": [
"T045044"
]
},
"release_date": "2025-07-03T22:00:00.000+00:00",
"title": "CVE-2017-3732"
},
{
"cve": "CVE-2018-5968",
"product_status": {
"known_affected": [
"T045044"
]
},
"release_date": "2025-07-03T22:00:00.000+00:00",
"title": "CVE-2018-5968"
},
{
"cve": "CVE-2018-7489",
"product_status": {
"known_affected": [
"T045044"
]
},
"release_date": "2025-07-03T22:00:00.000+00:00",
"title": "CVE-2018-7489"
},
{
"cve": "CVE-2019-16869",
"product_status": {
"known_affected": [
"T045044"
]
},
"release_date": "2025-07-03T22:00:00.000+00:00",
"title": "CVE-2019-16869"
},
{
"cve": "CVE-2019-20444",
"product_status": {
"known_affected": [
"T045044"
]
},
"release_date": "2025-07-03T22:00:00.000+00:00",
"title": "CVE-2019-20444"
},
{
"cve": "CVE-2019-20445",
"product_status": {
"known_affected": [
"T045044"
]
},
"release_date": "2025-07-03T22:00:00.000+00:00",
"title": "CVE-2019-20445"
},
{
"cve": "CVE-2020-10683",
"product_status": {
"known_affected": [
"T045044"
]
},
"release_date": "2025-07-03T22:00:00.000+00:00",
"title": "CVE-2020-10683"
},
{
"cve": "CVE-2020-11023",
"product_status": {
"known_affected": [
"T045044"
]
},
"release_date": "2025-07-03T22:00:00.000+00:00",
"title": "CVE-2020-11023"
},
{
"cve": "CVE-2020-11612",
"product_status": {
"known_affected": [
"T045044"
]
},
"release_date": "2025-07-03T22:00:00.000+00:00",
"title": "CVE-2020-11612"
},
{
"cve": "CVE-2020-25649",
"product_status": {
"known_affected": [
"T045044"
]
},
"release_date": "2025-07-03T22:00:00.000+00:00",
"title": "CVE-2020-25649"
},
{
"cve": "CVE-2020-36518",
"product_status": {
"known_affected": [
"T045044"
]
},
"release_date": "2025-07-03T22:00:00.000+00:00",
"title": "CVE-2020-36518"
},
{
"cve": "CVE-2021-21290",
"product_status": {
"known_affected": [
"T045044"
]
},
"release_date": "2025-07-03T22:00:00.000+00:00",
"title": "CVE-2021-21290"
},
{
"cve": "CVE-2021-21295",
"product_status": {
"known_affected": [
"T045044"
]
},
"release_date": "2025-07-03T22:00:00.000+00:00",
"title": "CVE-2021-21295"
},
{
"cve": "CVE-2021-21409",
"product_status": {
"known_affected": [
"T045044"
]
},
"release_date": "2025-07-03T22:00:00.000+00:00",
"title": "CVE-2021-21409"
},
{
"cve": "CVE-2021-22696",
"product_status": {
"known_affected": [
"T045044"
]
},
"release_date": "2025-07-03T22:00:00.000+00:00",
"title": "CVE-2021-22696"
},
{
"cve": "CVE-2021-30468",
"product_status": {
"known_affected": [
"T045044"
]
},
"release_date": "2025-07-03T22:00:00.000+00:00",
"title": "CVE-2021-30468"
},
{
"cve": "CVE-2021-3597",
"product_status": {
"known_affected": [
"T045044"
]
},
"release_date": "2025-07-03T22:00:00.000+00:00",
"title": "CVE-2021-3597"
},
{
"cve": "CVE-2021-3629",
"product_status": {
"known_affected": [
"T045044"
]
},
"release_date": "2025-07-03T22:00:00.000+00:00",
"title": "CVE-2021-3629"
},
{
"cve": "CVE-2021-3690",
"product_status": {
"known_affected": [
"T045044"
]
},
"release_date": "2025-07-03T22:00:00.000+00:00",
"title": "CVE-2021-3690"
},
{
"cve": "CVE-2021-3711",
"product_status": {
"known_affected": [
"T045044"
]
},
"release_date": "2025-07-03T22:00:00.000+00:00",
"title": "CVE-2021-3711"
},
{
"cve": "CVE-2021-37136",
"product_status": {
"known_affected": [
"T045044"
]
},
"release_date": "2025-07-03T22:00:00.000+00:00",
"title": "CVE-2021-37136"
},
{
"cve": "CVE-2021-37137",
"product_status": {
"known_affected": [
"T045044"
]
},
"release_date": "2025-07-03T22:00:00.000+00:00",
"title": "CVE-2021-37137"
},
{
"cve": "CVE-2021-3859",
"product_status": {
"known_affected": [
"T045044"
]
},
"release_date": "2025-07-03T22:00:00.000+00:00",
"title": "CVE-2021-3859"
},
{
"cve": "CVE-2021-40690",
"product_status": {
"known_affected": [
"T045044"
]
},
"release_date": "2025-07-03T22:00:00.000+00:00",
"title": "CVE-2021-40690"
},
{
"cve": "CVE-2021-43797",
"product_status": {
"known_affected": [
"T045044"
]
},
"release_date": "2025-07-03T22:00:00.000+00:00",
"title": "CVE-2021-43797"
},
{
"cve": "CVE-2021-46877",
"product_status": {
"known_affected": [
"T045044"
]
},
"release_date": "2025-07-03T22:00:00.000+00:00",
"title": "CVE-2021-46877"
},
{
"cve": "CVE-2022-1259",
"product_status": {
"known_affected": [
"T045044"
]
},
"release_date": "2025-07-03T22:00:00.000+00:00",
"title": "CVE-2022-1259"
},
{
"cve": "CVE-2022-1319",
"product_status": {
"known_affected": [
"T045044"
]
},
"release_date": "2025-07-03T22:00:00.000+00:00",
"title": "CVE-2022-1319"
},
{
"cve": "CVE-2022-2053",
"product_status": {
"known_affected": [
"T045044"
]
},
"release_date": "2025-07-03T22:00:00.000+00:00",
"title": "CVE-2022-2053"
},
{
"cve": "CVE-2022-24823",
"product_status": {
"known_affected": [
"T045044"
]
},
"release_date": "2025-07-03T22:00:00.000+00:00",
"title": "CVE-2022-24823"
},
{
"cve": "CVE-2022-2764",
"product_status": {
"known_affected": [
"T045044"
]
},
"release_date": "2025-07-03T22:00:00.000+00:00",
"title": "CVE-2022-2764"
},
{
"cve": "CVE-2022-40152",
"product_status": {
"known_affected": [
"T045044"
]
},
"release_date": "2025-07-03T22:00:00.000+00:00",
"title": "CVE-2022-40152"
},
{
"cve": "CVE-2022-41881",
"product_status": {
"known_affected": [
"T045044"
]
},
"release_date": "2025-07-03T22:00:00.000+00:00",
"title": "CVE-2022-41881"
},
{
"cve": "CVE-2022-42003",
"product_status": {
"known_affected": [
"T045044"
]
},
"release_date": "2025-07-03T22:00:00.000+00:00",
"title": "CVE-2022-42003"
},
{
"cve": "CVE-2022-42004",
"product_status": {
"known_affected": [
"T045044"
]
},
"release_date": "2025-07-03T22:00:00.000+00:00",
"title": "CVE-2022-42004"
},
{
"cve": "CVE-2022-46363",
"product_status": {
"known_affected": [
"T045044"
]
},
"release_date": "2025-07-03T22:00:00.000+00:00",
"title": "CVE-2022-46363"
},
{
"cve": "CVE-2022-46364",
"product_status": {
"known_affected": [
"T045044"
]
},
"release_date": "2025-07-03T22:00:00.000+00:00",
"title": "CVE-2022-46364"
},
{
"cve": "CVE-2022-46908",
"product_status": {
"known_affected": [
"T045044"
]
},
"release_date": "2025-07-03T22:00:00.000+00:00",
"title": "CVE-2022-46908"
},
{
"cve": "CVE-2023-0482",
"product_status": {
"known_affected": [
"T045044"
]
},
"release_date": "2025-07-03T22:00:00.000+00:00",
"title": "CVE-2023-0482"
},
{
"cve": "CVE-2023-1108",
"product_status": {
"known_affected": [
"T045044"
]
},
"release_date": "2025-07-03T22:00:00.000+00:00",
"title": "CVE-2023-1108"
},
{
"cve": "CVE-2023-3223",
"product_status": {
"known_affected": [
"T045044"
]
},
"release_date": "2025-07-03T22:00:00.000+00:00",
"title": "CVE-2023-3223"
},
{
"cve": "CVE-2023-34462",
"product_status": {
"known_affected": [
"T045044"
]
},
"release_date": "2025-07-03T22:00:00.000+00:00",
"title": "CVE-2023-34462"
},
{
"cve": "CVE-2023-44483",
"product_status": {
"known_affected": [
"T045044"
]
},
"release_date": "2025-07-03T22:00:00.000+00:00",
"title": "CVE-2023-44483"
},
{
"cve": "CVE-2024-1459",
"product_status": {
"known_affected": [
"T045044"
]
},
"release_date": "2025-07-03T22:00:00.000+00:00",
"title": "CVE-2024-1459"
}
]
}
WID-SEC-W-2026-0351
Vulnerability from csaf_certbund - Published: 2026-02-09 23:00 - Updated: 2026-02-09 23:00| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Dell NetWorker AUTHC <19.14
Dell / NetWorker
|
AUTHC <19.14 | ||
|
Dell NetWorker vCenter User Interface <19.14
Dell / NetWorker
|
vCenter User Interface <19.14 | ||
|
Dell NetWorker Management Web UI <19.14
Dell / NetWorker
|
Management Web UI <19.14 | ||
|
Dell NetWorker Management Console <19.14
Dell / NetWorker
|
Management Console <19.14 | ||
|
Dell NetWorker File-Level Recovery <19.14
Dell / NetWorker
|
File-Level Recovery <19.14 | ||
|
Dell NetWorker REST API <19.14
Dell / NetWorker
|
REST API <19.14 |
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Dell NetWorker AUTHC <19.14
Dell / NetWorker
|
AUTHC <19.14 | ||
|
Dell NetWorker vCenter User Interface <19.14
Dell / NetWorker
|
vCenter User Interface <19.14 | ||
|
Dell NetWorker Management Web UI <19.14
Dell / NetWorker
|
Management Web UI <19.14 | ||
|
Dell NetWorker Management Console <19.14
Dell / NetWorker
|
Management Console <19.14 | ||
|
Dell NetWorker File-Level Recovery <19.14
Dell / NetWorker
|
File-Level Recovery <19.14 | ||
|
Dell NetWorker REST API <19.14
Dell / NetWorker
|
REST API <19.14 |
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Dell NetWorker AUTHC <19.14
Dell / NetWorker
|
AUTHC <19.14 | ||
|
Dell NetWorker vCenter User Interface <19.14
Dell / NetWorker
|
vCenter User Interface <19.14 | ||
|
Dell NetWorker Management Web UI <19.14
Dell / NetWorker
|
Management Web UI <19.14 | ||
|
Dell NetWorker Management Console <19.14
Dell / NetWorker
|
Management Console <19.14 | ||
|
Dell NetWorker File-Level Recovery <19.14
Dell / NetWorker
|
File-Level Recovery <19.14 | ||
|
Dell NetWorker REST API <19.14
Dell / NetWorker
|
REST API <19.14 |
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Dell NetWorker AUTHC <19.14
Dell / NetWorker
|
AUTHC <19.14 | ||
|
Dell NetWorker vCenter User Interface <19.14
Dell / NetWorker
|
vCenter User Interface <19.14 | ||
|
Dell NetWorker Management Web UI <19.14
Dell / NetWorker
|
Management Web UI <19.14 | ||
|
Dell NetWorker Management Console <19.14
Dell / NetWorker
|
Management Console <19.14 | ||
|
Dell NetWorker File-Level Recovery <19.14
Dell / NetWorker
|
File-Level Recovery <19.14 | ||
|
Dell NetWorker REST API <19.14
Dell / NetWorker
|
REST API <19.14 |
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Dell NetWorker AUTHC <19.14
Dell / NetWorker
|
AUTHC <19.14 | ||
|
Dell NetWorker vCenter User Interface <19.14
Dell / NetWorker
|
vCenter User Interface <19.14 | ||
|
Dell NetWorker Management Web UI <19.14
Dell / NetWorker
|
Management Web UI <19.14 | ||
|
Dell NetWorker Management Console <19.14
Dell / NetWorker
|
Management Console <19.14 | ||
|
Dell NetWorker File-Level Recovery <19.14
Dell / NetWorker
|
File-Level Recovery <19.14 | ||
|
Dell NetWorker REST API <19.14
Dell / NetWorker
|
REST API <19.14 |
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Dell NetWorker AUTHC <19.14
Dell / NetWorker
|
AUTHC <19.14 | ||
|
Dell NetWorker vCenter User Interface <19.14
Dell / NetWorker
|
vCenter User Interface <19.14 | ||
|
Dell NetWorker Management Web UI <19.14
Dell / NetWorker
|
Management Web UI <19.14 | ||
|
Dell NetWorker Management Console <19.14
Dell / NetWorker
|
Management Console <19.14 | ||
|
Dell NetWorker File-Level Recovery <19.14
Dell / NetWorker
|
File-Level Recovery <19.14 | ||
|
Dell NetWorker REST API <19.14
Dell / NetWorker
|
REST API <19.14 |
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Dell NetWorker AUTHC <19.14
Dell / NetWorker
|
AUTHC <19.14 | ||
|
Dell NetWorker vCenter User Interface <19.14
Dell / NetWorker
|
vCenter User Interface <19.14 | ||
|
Dell NetWorker Management Web UI <19.14
Dell / NetWorker
|
Management Web UI <19.14 | ||
|
Dell NetWorker Management Console <19.14
Dell / NetWorker
|
Management Console <19.14 | ||
|
Dell NetWorker File-Level Recovery <19.14
Dell / NetWorker
|
File-Level Recovery <19.14 | ||
|
Dell NetWorker REST API <19.14
Dell / NetWorker
|
REST API <19.14 |
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Dell NetWorker AUTHC <19.14
Dell / NetWorker
|
AUTHC <19.14 | ||
|
Dell NetWorker vCenter User Interface <19.14
Dell / NetWorker
|
vCenter User Interface <19.14 | ||
|
Dell NetWorker Management Web UI <19.14
Dell / NetWorker
|
Management Web UI <19.14 | ||
|
Dell NetWorker Management Console <19.14
Dell / NetWorker
|
Management Console <19.14 | ||
|
Dell NetWorker File-Level Recovery <19.14
Dell / NetWorker
|
File-Level Recovery <19.14 | ||
|
Dell NetWorker REST API <19.14
Dell / NetWorker
|
REST API <19.14 |
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Dell NetWorker AUTHC <19.14
Dell / NetWorker
|
AUTHC <19.14 | ||
|
Dell NetWorker vCenter User Interface <19.14
Dell / NetWorker
|
vCenter User Interface <19.14 | ||
|
Dell NetWorker Management Web UI <19.14
Dell / NetWorker
|
Management Web UI <19.14 | ||
|
Dell NetWorker Management Console <19.14
Dell / NetWorker
|
Management Console <19.14 | ||
|
Dell NetWorker File-Level Recovery <19.14
Dell / NetWorker
|
File-Level Recovery <19.14 | ||
|
Dell NetWorker REST API <19.14
Dell / NetWorker
|
REST API <19.14 |
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Dell NetWorker AUTHC <19.14
Dell / NetWorker
|
AUTHC <19.14 | ||
|
Dell NetWorker vCenter User Interface <19.14
Dell / NetWorker
|
vCenter User Interface <19.14 | ||
|
Dell NetWorker Management Web UI <19.14
Dell / NetWorker
|
Management Web UI <19.14 | ||
|
Dell NetWorker Management Console <19.14
Dell / NetWorker
|
Management Console <19.14 | ||
|
Dell NetWorker File-Level Recovery <19.14
Dell / NetWorker
|
File-Level Recovery <19.14 | ||
|
Dell NetWorker REST API <19.14
Dell / NetWorker
|
REST API <19.14 |
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Dell NetWorker AUTHC <19.14
Dell / NetWorker
|
AUTHC <19.14 | ||
|
Dell NetWorker vCenter User Interface <19.14
Dell / NetWorker
|
vCenter User Interface <19.14 | ||
|
Dell NetWorker Management Web UI <19.14
Dell / NetWorker
|
Management Web UI <19.14 | ||
|
Dell NetWorker Management Console <19.14
Dell / NetWorker
|
Management Console <19.14 | ||
|
Dell NetWorker File-Level Recovery <19.14
Dell / NetWorker
|
File-Level Recovery <19.14 | ||
|
Dell NetWorker REST API <19.14
Dell / NetWorker
|
REST API <19.14 |
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Dell NetWorker AUTHC <19.14
Dell / NetWorker
|
AUTHC <19.14 | ||
|
Dell NetWorker vCenter User Interface <19.14
Dell / NetWorker
|
vCenter User Interface <19.14 | ||
|
Dell NetWorker Management Web UI <19.14
Dell / NetWorker
|
Management Web UI <19.14 | ||
|
Dell NetWorker Management Console <19.14
Dell / NetWorker
|
Management Console <19.14 | ||
|
Dell NetWorker File-Level Recovery <19.14
Dell / NetWorker
|
File-Level Recovery <19.14 | ||
|
Dell NetWorker REST API <19.14
Dell / NetWorker
|
REST API <19.14 |
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Dell NetWorker AUTHC <19.14
Dell / NetWorker
|
AUTHC <19.14 | ||
|
Dell NetWorker vCenter User Interface <19.14
Dell / NetWorker
|
vCenter User Interface <19.14 | ||
|
Dell NetWorker Management Web UI <19.14
Dell / NetWorker
|
Management Web UI <19.14 | ||
|
Dell NetWorker Management Console <19.14
Dell / NetWorker
|
Management Console <19.14 | ||
|
Dell NetWorker File-Level Recovery <19.14
Dell / NetWorker
|
File-Level Recovery <19.14 | ||
|
Dell NetWorker REST API <19.14
Dell / NetWorker
|
REST API <19.14 |
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Dell NetWorker AUTHC <19.14
Dell / NetWorker
|
AUTHC <19.14 | ||
|
Dell NetWorker vCenter User Interface <19.14
Dell / NetWorker
|
vCenter User Interface <19.14 | ||
|
Dell NetWorker Management Web UI <19.14
Dell / NetWorker
|
Management Web UI <19.14 | ||
|
Dell NetWorker Management Console <19.14
Dell / NetWorker
|
Management Console <19.14 | ||
|
Dell NetWorker File-Level Recovery <19.14
Dell / NetWorker
|
File-Level Recovery <19.14 | ||
|
Dell NetWorker REST API <19.14
Dell / NetWorker
|
REST API <19.14 |
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Dell NetWorker AUTHC <19.14
Dell / NetWorker
|
AUTHC <19.14 | ||
|
Dell NetWorker vCenter User Interface <19.14
Dell / NetWorker
|
vCenter User Interface <19.14 | ||
|
Dell NetWorker Management Web UI <19.14
Dell / NetWorker
|
Management Web UI <19.14 | ||
|
Dell NetWorker Management Console <19.14
Dell / NetWorker
|
Management Console <19.14 | ||
|
Dell NetWorker File-Level Recovery <19.14
Dell / NetWorker
|
File-Level Recovery <19.14 | ||
|
Dell NetWorker REST API <19.14
Dell / NetWorker
|
REST API <19.14 |
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Dell NetWorker AUTHC <19.14
Dell / NetWorker
|
AUTHC <19.14 | ||
|
Dell NetWorker vCenter User Interface <19.14
Dell / NetWorker
|
vCenter User Interface <19.14 | ||
|
Dell NetWorker Management Web UI <19.14
Dell / NetWorker
|
Management Web UI <19.14 | ||
|
Dell NetWorker Management Console <19.14
Dell / NetWorker
|
Management Console <19.14 | ||
|
Dell NetWorker File-Level Recovery <19.14
Dell / NetWorker
|
File-Level Recovery <19.14 | ||
|
Dell NetWorker REST API <19.14
Dell / NetWorker
|
REST API <19.14 |
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Dell NetWorker AUTHC <19.14
Dell / NetWorker
|
AUTHC <19.14 | ||
|
Dell NetWorker vCenter User Interface <19.14
Dell / NetWorker
|
vCenter User Interface <19.14 | ||
|
Dell NetWorker Management Web UI <19.14
Dell / NetWorker
|
Management Web UI <19.14 | ||
|
Dell NetWorker Management Console <19.14
Dell / NetWorker
|
Management Console <19.14 | ||
|
Dell NetWorker File-Level Recovery <19.14
Dell / NetWorker
|
File-Level Recovery <19.14 | ||
|
Dell NetWorker REST API <19.14
Dell / NetWorker
|
REST API <19.14 |
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Dell NetWorker AUTHC <19.14
Dell / NetWorker
|
AUTHC <19.14 | ||
|
Dell NetWorker vCenter User Interface <19.14
Dell / NetWorker
|
vCenter User Interface <19.14 | ||
|
Dell NetWorker Management Web UI <19.14
Dell / NetWorker
|
Management Web UI <19.14 | ||
|
Dell NetWorker Management Console <19.14
Dell / NetWorker
|
Management Console <19.14 | ||
|
Dell NetWorker File-Level Recovery <19.14
Dell / NetWorker
|
File-Level Recovery <19.14 | ||
|
Dell NetWorker REST API <19.14
Dell / NetWorker
|
REST API <19.14 |
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Dell NetWorker AUTHC <19.14
Dell / NetWorker
|
AUTHC <19.14 | ||
|
Dell NetWorker vCenter User Interface <19.14
Dell / NetWorker
|
vCenter User Interface <19.14 | ||
|
Dell NetWorker Management Web UI <19.14
Dell / NetWorker
|
Management Web UI <19.14 | ||
|
Dell NetWorker Management Console <19.14
Dell / NetWorker
|
Management Console <19.14 | ||
|
Dell NetWorker File-Level Recovery <19.14
Dell / NetWorker
|
File-Level Recovery <19.14 | ||
|
Dell NetWorker REST API <19.14
Dell / NetWorker
|
REST API <19.14 |
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Dell NetWorker AUTHC <19.14
Dell / NetWorker
|
AUTHC <19.14 | ||
|
Dell NetWorker vCenter User Interface <19.14
Dell / NetWorker
|
vCenter User Interface <19.14 | ||
|
Dell NetWorker Management Web UI <19.14
Dell / NetWorker
|
Management Web UI <19.14 | ||
|
Dell NetWorker Management Console <19.14
Dell / NetWorker
|
Management Console <19.14 | ||
|
Dell NetWorker File-Level Recovery <19.14
Dell / NetWorker
|
File-Level Recovery <19.14 | ||
|
Dell NetWorker REST API <19.14
Dell / NetWorker
|
REST API <19.14 |
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Dell NetWorker AUTHC <19.14
Dell / NetWorker
|
AUTHC <19.14 | ||
|
Dell NetWorker vCenter User Interface <19.14
Dell / NetWorker
|
vCenter User Interface <19.14 | ||
|
Dell NetWorker Management Web UI <19.14
Dell / NetWorker
|
Management Web UI <19.14 | ||
|
Dell NetWorker Management Console <19.14
Dell / NetWorker
|
Management Console <19.14 | ||
|
Dell NetWorker File-Level Recovery <19.14
Dell / NetWorker
|
File-Level Recovery <19.14 | ||
|
Dell NetWorker REST API <19.14
Dell / NetWorker
|
REST API <19.14 |
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Dell NetWorker AUTHC <19.14
Dell / NetWorker
|
AUTHC <19.14 | ||
|
Dell NetWorker vCenter User Interface <19.14
Dell / NetWorker
|
vCenter User Interface <19.14 | ||
|
Dell NetWorker Management Web UI <19.14
Dell / NetWorker
|
Management Web UI <19.14 | ||
|
Dell NetWorker Management Console <19.14
Dell / NetWorker
|
Management Console <19.14 | ||
|
Dell NetWorker File-Level Recovery <19.14
Dell / NetWorker
|
File-Level Recovery <19.14 | ||
|
Dell NetWorker REST API <19.14
Dell / NetWorker
|
REST API <19.14 |
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Dell NetWorker AUTHC <19.14
Dell / NetWorker
|
AUTHC <19.14 | ||
|
Dell NetWorker vCenter User Interface <19.14
Dell / NetWorker
|
vCenter User Interface <19.14 | ||
|
Dell NetWorker Management Web UI <19.14
Dell / NetWorker
|
Management Web UI <19.14 | ||
|
Dell NetWorker Management Console <19.14
Dell / NetWorker
|
Management Console <19.14 | ||
|
Dell NetWorker File-Level Recovery <19.14
Dell / NetWorker
|
File-Level Recovery <19.14 | ||
|
Dell NetWorker REST API <19.14
Dell / NetWorker
|
REST API <19.14 |
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Dell NetWorker AUTHC <19.14
Dell / NetWorker
|
AUTHC <19.14 | ||
|
Dell NetWorker vCenter User Interface <19.14
Dell / NetWorker
|
vCenter User Interface <19.14 | ||
|
Dell NetWorker Management Web UI <19.14
Dell / NetWorker
|
Management Web UI <19.14 | ||
|
Dell NetWorker Management Console <19.14
Dell / NetWorker
|
Management Console <19.14 | ||
|
Dell NetWorker File-Level Recovery <19.14
Dell / NetWorker
|
File-Level Recovery <19.14 | ||
|
Dell NetWorker REST API <19.14
Dell / NetWorker
|
REST API <19.14 |
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Dell NetWorker AUTHC <19.14
Dell / NetWorker
|
AUTHC <19.14 | ||
|
Dell NetWorker vCenter User Interface <19.14
Dell / NetWorker
|
vCenter User Interface <19.14 | ||
|
Dell NetWorker Management Web UI <19.14
Dell / NetWorker
|
Management Web UI <19.14 | ||
|
Dell NetWorker Management Console <19.14
Dell / NetWorker
|
Management Console <19.14 | ||
|
Dell NetWorker File-Level Recovery <19.14
Dell / NetWorker
|
File-Level Recovery <19.14 | ||
|
Dell NetWorker REST API <19.14
Dell / NetWorker
|
REST API <19.14 |
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Dell NetWorker AUTHC <19.14
Dell / NetWorker
|
AUTHC <19.14 | ||
|
Dell NetWorker vCenter User Interface <19.14
Dell / NetWorker
|
vCenter User Interface <19.14 | ||
|
Dell NetWorker Management Web UI <19.14
Dell / NetWorker
|
Management Web UI <19.14 | ||
|
Dell NetWorker Management Console <19.14
Dell / NetWorker
|
Management Console <19.14 | ||
|
Dell NetWorker File-Level Recovery <19.14
Dell / NetWorker
|
File-Level Recovery <19.14 | ||
|
Dell NetWorker REST API <19.14
Dell / NetWorker
|
REST API <19.14 |
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Dell NetWorker AUTHC <19.14
Dell / NetWorker
|
AUTHC <19.14 | ||
|
Dell NetWorker vCenter User Interface <19.14
Dell / NetWorker
|
vCenter User Interface <19.14 | ||
|
Dell NetWorker Management Web UI <19.14
Dell / NetWorker
|
Management Web UI <19.14 | ||
|
Dell NetWorker Management Console <19.14
Dell / NetWorker
|
Management Console <19.14 | ||
|
Dell NetWorker File-Level Recovery <19.14
Dell / NetWorker
|
File-Level Recovery <19.14 | ||
|
Dell NetWorker REST API <19.14
Dell / NetWorker
|
REST API <19.14 |
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Dell NetWorker AUTHC <19.14
Dell / NetWorker
|
AUTHC <19.14 | ||
|
Dell NetWorker vCenter User Interface <19.14
Dell / NetWorker
|
vCenter User Interface <19.14 | ||
|
Dell NetWorker Management Web UI <19.14
Dell / NetWorker
|
Management Web UI <19.14 | ||
|
Dell NetWorker Management Console <19.14
Dell / NetWorker
|
Management Console <19.14 | ||
|
Dell NetWorker File-Level Recovery <19.14
Dell / NetWorker
|
File-Level Recovery <19.14 | ||
|
Dell NetWorker REST API <19.14
Dell / NetWorker
|
REST API <19.14 |
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Dell NetWorker AUTHC <19.14
Dell / NetWorker
|
AUTHC <19.14 | ||
|
Dell NetWorker vCenter User Interface <19.14
Dell / NetWorker
|
vCenter User Interface <19.14 | ||
|
Dell NetWorker Management Web UI <19.14
Dell / NetWorker
|
Management Web UI <19.14 | ||
|
Dell NetWorker Management Console <19.14
Dell / NetWorker
|
Management Console <19.14 | ||
|
Dell NetWorker File-Level Recovery <19.14
Dell / NetWorker
|
File-Level Recovery <19.14 | ||
|
Dell NetWorker REST API <19.14
Dell / NetWorker
|
REST API <19.14 |
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Dell NetWorker AUTHC <19.14
Dell / NetWorker
|
AUTHC <19.14 | ||
|
Dell NetWorker vCenter User Interface <19.14
Dell / NetWorker
|
vCenter User Interface <19.14 | ||
|
Dell NetWorker Management Web UI <19.14
Dell / NetWorker
|
Management Web UI <19.14 | ||
|
Dell NetWorker Management Console <19.14
Dell / NetWorker
|
Management Console <19.14 | ||
|
Dell NetWorker File-Level Recovery <19.14
Dell / NetWorker
|
File-Level Recovery <19.14 | ||
|
Dell NetWorker REST API <19.14
Dell / NetWorker
|
REST API <19.14 |
{
"document": {
"aggregate_severity": {
"text": "hoch"
},
"category": "csaf_base",
"csaf_version": "2.0",
"distribution": {
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "de-DE",
"notes": [
{
"category": "legal_disclaimer",
"text": "Das BSI ist als Anbieter f\u00fcr die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch daf\u00fcr verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgf\u00e4ltig im Einzelfall zu pr\u00fcfen."
},
{
"category": "description",
"text": "Dell NetWorker stellt zentralisiert Backup- und Recovery-Dienste bereit.",
"title": "Produktbeschreibung"
},
{
"category": "summary",
"text": "Ein Angreifer kann mehrere Schwachstellen in Dell NetWorker ausnutzen, um Angriffe zu starten, die die Integrit\u00e4t, Vertraulichkeit und Verf\u00fcgbarkeit von Systemen beeintr\u00e4chtigen.",
"title": "Angriff"
},
{
"category": "general",
"text": "- Sonstiges\n- UNIX\n- Windows",
"title": "Betroffene Betriebssysteme"
}
],
"publisher": {
"category": "other",
"contact_details": "csaf-provider@cert-bund.de",
"name": "Bundesamt f\u00fcr Sicherheit in der Informationstechnik",
"namespace": "https://www.bsi.bund.de"
},
"references": [
{
"category": "self",
"summary": "WID-SEC-W-2026-0351 - CSAF Version",
"url": "https://wid.cert-bund.de/.well-known/csaf/white/2026/wid-sec-w-2026-0351.json"
},
{
"category": "self",
"summary": "WID-SEC-2026-0351 - Portal Version",
"url": "https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2026-0351"
},
{
"category": "external",
"summary": "Dell Security Advisory DSA-2026-023 vom 2026-02-09",
"url": "https://www.dell.com/support/kbdoc/de-de/000425429/dsa-2026-023-security-update-for-dell-networker-multiple-third-party-component-vulnerabilities"
},
{
"category": "external",
"summary": "Dell Security Advisory DSA-2026-024 vom 2026-02-09",
"url": "https://www.dell.com/support/kbdoc/de-de/000425759/dsa-2026-024-security-update-for-dell-networker-multiple-third-party-component-vulnerabilities"
}
],
"source_lang": "en-US",
"title": "Dell NetWorker (Third Party Components): Mehrere Schwachstellen",
"tracking": {
"current_release_date": "2026-02-09T23:00:00.000+00:00",
"generator": {
"date": "2026-02-10T10:02:33.638+00:00",
"engine": {
"name": "BSI-WID",
"version": "1.5.0"
}
},
"id": "WID-SEC-W-2026-0351",
"initial_release_date": "2026-02-09T23:00:00.000+00:00",
"revision_history": [
{
"date": "2026-02-09T23:00:00.000+00:00",
"number": "1",
"summary": "Initiale Fassung"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version_range",
"name": "AUTHC \u003c19.14",
"product": {
"name": "Dell NetWorker AUTHC \u003c19.14",
"product_id": "T050629"
}
},
{
"category": "product_version",
"name": "AUTHC 19.14",
"product": {
"name": "Dell NetWorker AUTHC 19.14",
"product_id": "T050629-fixed",
"product_identification_helper": {
"cpe": "cpe:/a:dell:networker:authc__19.14"
}
}
},
{
"category": "product_version_range",
"name": "Management Console \u003c19.14",
"product": {
"name": "Dell NetWorker Management Console \u003c19.14",
"product_id": "T050630"
}
},
{
"category": "product_version",
"name": "Management Console 19.14",
"product": {
"name": "Dell NetWorker Management Console 19.14",
"product_id": "T050630-fixed",
"product_identification_helper": {
"cpe": "cpe:/a:dell:networker:management_console__19.14"
}
}
},
{
"category": "product_version_range",
"name": "Management Web UI \u003c19.14",
"product": {
"name": "Dell NetWorker Management Web UI \u003c19.14",
"product_id": "T050631"
}
},
{
"category": "product_version",
"name": "Management Web UI 19.14",
"product": {
"name": "Dell NetWorker Management Web UI 19.14",
"product_id": "T050631-fixed",
"product_identification_helper": {
"cpe": "cpe:/a:dell:networker:management_web_ui__19.14"
}
}
},
{
"category": "product_version_range",
"name": "REST API \u003c19.14",
"product": {
"name": "Dell NetWorker REST API \u003c19.14",
"product_id": "T050632"
}
},
{
"category": "product_version",
"name": "REST API 19.14",
"product": {
"name": "Dell NetWorker REST API 19.14",
"product_id": "T050632-fixed",
"product_identification_helper": {
"cpe": "cpe:/a:dell:networker:rest_api__19.14"
}
}
},
{
"category": "product_version_range",
"name": "File-Level Recovery \u003c19.14",
"product": {
"name": "Dell NetWorker File-Level Recovery \u003c19.14",
"product_id": "T050633"
}
},
{
"category": "product_version",
"name": "File-Level Recovery 19.14",
"product": {
"name": "Dell NetWorker File-Level Recovery 19.14",
"product_id": "T050633-fixed",
"product_identification_helper": {
"cpe": "cpe:/a:dell:networker:file-level_recovery__19.14"
}
}
},
{
"category": "product_version_range",
"name": "vCenter User Interface \u003c19.14",
"product": {
"name": "Dell NetWorker vCenter User Interface \u003c19.14",
"product_id": "T050634"
}
},
{
"category": "product_version",
"name": "vCenter User Interface 19.14",
"product": {
"name": "Dell NetWorker vCenter User Interface 19.14",
"product_id": "T050634-fixed",
"product_identification_helper": {
"cpe": "cpe:/a:dell:networker:vcenter_user_interface__19.14"
}
}
}
],
"category": "product_name",
"name": "NetWorker"
}
],
"category": "vendor",
"name": "Dell"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2012-5783",
"product_status": {
"known_affected": [
"T050629",
"T050634",
"T050631",
"T050630",
"T050633",
"T050632"
]
},
"release_date": "2026-02-09T23:00:00.000+00:00",
"title": "CVE-2012-5783"
},
{
"cve": "CVE-2014-3577",
"product_status": {
"known_affected": [
"T050629",
"T050634",
"T050631",
"T050630",
"T050633",
"T050632"
]
},
"release_date": "2026-02-09T23:00:00.000+00:00",
"title": "CVE-2014-3577"
},
{
"cve": "CVE-2015-5262",
"product_status": {
"known_affected": [
"T050629",
"T050634",
"T050631",
"T050630",
"T050633",
"T050632"
]
},
"release_date": "2026-02-09T23:00:00.000+00:00",
"title": "CVE-2015-5262"
},
{
"cve": "CVE-2020-13956",
"product_status": {
"known_affected": [
"T050629",
"T050634",
"T050631",
"T050630",
"T050633",
"T050632"
]
},
"release_date": "2026-02-09T23:00:00.000+00:00",
"title": "CVE-2020-13956"
},
{
"cve": "CVE-2023-35116",
"product_status": {
"known_affected": [
"T050629",
"T050634",
"T050631",
"T050630",
"T050633",
"T050632"
]
},
"release_date": "2026-02-09T23:00:00.000+00:00",
"title": "CVE-2023-35116"
},
{
"cve": "CVE-2024-29736",
"product_status": {
"known_affected": [
"T050629",
"T050634",
"T050631",
"T050630",
"T050633",
"T050632"
]
},
"release_date": "2026-02-09T23:00:00.000+00:00",
"title": "CVE-2024-29736"
},
{
"cve": "CVE-2024-32007",
"product_status": {
"known_affected": [
"T050629",
"T050634",
"T050631",
"T050630",
"T050633",
"T050632"
]
},
"release_date": "2026-02-09T23:00:00.000+00:00",
"title": "CVE-2024-32007"
},
{
"cve": "CVE-2024-41172",
"product_status": {
"known_affected": [
"T050629",
"T050634",
"T050631",
"T050630",
"T050633",
"T050632"
]
},
"release_date": "2026-02-09T23:00:00.000+00:00",
"title": "CVE-2024-41172"
},
{
"cve": "CVE-2025-11226",
"product_status": {
"known_affected": [
"T050629",
"T050634",
"T050631",
"T050630",
"T050633",
"T050632"
]
},
"release_date": "2026-02-09T23:00:00.000+00:00",
"title": "CVE-2025-11226"
},
{
"cve": "CVE-2025-22228",
"product_status": {
"known_affected": [
"T050629",
"T050634",
"T050631",
"T050630",
"T050633",
"T050632"
]
},
"release_date": "2026-02-09T23:00:00.000+00:00",
"title": "CVE-2025-22228"
},
{
"cve": "CVE-2025-22233",
"product_status": {
"known_affected": [
"T050629",
"T050634",
"T050631",
"T050630",
"T050633",
"T050632"
]
},
"release_date": "2026-02-09T23:00:00.000+00:00",
"title": "CVE-2025-22233"
},
{
"cve": "CVE-2025-22235",
"product_status": {
"known_affected": [
"T050629",
"T050634",
"T050631",
"T050630",
"T050633",
"T050632"
]
},
"release_date": "2026-02-09T23:00:00.000+00:00",
"title": "CVE-2025-22235"
},
{
"cve": "CVE-2025-23184",
"product_status": {
"known_affected": [
"T050629",
"T050634",
"T050631",
"T050630",
"T050633",
"T050632"
]
},
"release_date": "2026-02-09T23:00:00.000+00:00",
"title": "CVE-2025-23184"
},
{
"cve": "CVE-2025-27820",
"product_status": {
"known_affected": [
"T050629",
"T050634",
"T050631",
"T050630",
"T050633",
"T050632"
]
},
"release_date": "2026-02-09T23:00:00.000+00:00",
"title": "CVE-2025-27820"
},
{
"cve": "CVE-2025-31650",
"product_status": {
"known_affected": [
"T050629",
"T050634",
"T050631",
"T050630",
"T050633",
"T050632"
]
},
"release_date": "2026-02-09T23:00:00.000+00:00",
"title": "CVE-2025-31650"
},
{
"cve": "CVE-2025-31651",
"product_status": {
"known_affected": [
"T050629",
"T050634",
"T050631",
"T050630",
"T050633",
"T050632"
]
},
"release_date": "2026-02-09T23:00:00.000+00:00",
"title": "CVE-2025-31651"
},
{
"cve": "CVE-2025-41234",
"product_status": {
"known_affected": [
"T050629",
"T050634",
"T050631",
"T050630",
"T050633",
"T050632"
]
},
"release_date": "2026-02-09T23:00:00.000+00:00",
"title": "CVE-2025-41234"
},
{
"cve": "CVE-2025-41242",
"product_status": {
"known_affected": [
"T050629",
"T050634",
"T050631",
"T050630",
"T050633",
"T050632"
]
},
"release_date": "2026-02-09T23:00:00.000+00:00",
"title": "CVE-2025-41242"
},
{
"cve": "CVE-2025-41248",
"product_status": {
"known_affected": [
"T050629",
"T050634",
"T050631",
"T050630",
"T050633",
"T050632"
]
},
"release_date": "2026-02-09T23:00:00.000+00:00",
"title": "CVE-2025-41248"
},
{
"cve": "CVE-2025-41254",
"product_status": {
"known_affected": [
"T050629",
"T050634",
"T050631",
"T050630",
"T050633",
"T050632"
]
},
"release_date": "2026-02-09T23:00:00.000+00:00",
"title": "CVE-2025-41254"
},
{
"cve": "CVE-2025-46392",
"product_status": {
"known_affected": [
"T050629",
"T050634",
"T050631",
"T050630",
"T050633",
"T050632"
]
},
"release_date": "2026-02-09T23:00:00.000+00:00",
"title": "CVE-2025-46392"
},
{
"cve": "CVE-2025-48913",
"product_status": {
"known_affected": [
"T050629",
"T050634",
"T050631",
"T050630",
"T050633",
"T050632"
]
},
"release_date": "2026-02-09T23:00:00.000+00:00",
"title": "CVE-2025-48913"
},
{
"cve": "CVE-2025-48924",
"product_status": {
"known_affected": [
"T050629",
"T050634",
"T050631",
"T050630",
"T050633",
"T050632"
]
},
"release_date": "2026-02-09T23:00:00.000+00:00",
"title": "CVE-2025-48924"
},
{
"cve": "CVE-2025-48989",
"product_status": {
"known_affected": [
"T050629",
"T050634",
"T050631",
"T050630",
"T050633",
"T050632"
]
},
"release_date": "2026-02-09T23:00:00.000+00:00",
"title": "CVE-2025-48989"
},
{
"cve": "CVE-2025-53864",
"product_status": {
"known_affected": [
"T050629",
"T050634",
"T050631",
"T050630",
"T050633",
"T050632"
]
},
"release_date": "2026-02-09T23:00:00.000+00:00",
"title": "CVE-2025-53864"
},
{
"cve": "CVE-2025-7962",
"product_status": {
"known_affected": [
"T050629",
"T050634",
"T050631",
"T050630",
"T050633",
"T050632"
]
},
"release_date": "2026-02-09T23:00:00.000+00:00",
"title": "CVE-2025-7962"
},
{
"cve": "CVE-2025-8713",
"product_status": {
"known_affected": [
"T050629",
"T050634",
"T050631",
"T050630",
"T050633",
"T050632"
]
},
"release_date": "2026-02-09T23:00:00.000+00:00",
"title": "CVE-2025-8713"
},
{
"cve": "CVE-2025-8714",
"product_status": {
"known_affected": [
"T050629",
"T050634",
"T050631",
"T050630",
"T050633",
"T050632"
]
},
"release_date": "2026-02-09T23:00:00.000+00:00",
"title": "CVE-2025-8714"
},
{
"cve": "CVE-2025-8715",
"product_status": {
"known_affected": [
"T050629",
"T050634",
"T050631",
"T050630",
"T050633",
"T050632"
]
},
"release_date": "2026-02-09T23:00:00.000+00:00",
"title": "CVE-2025-8715"
},
{
"cve": "CVE-2025-8885",
"product_status": {
"known_affected": [
"T050629",
"T050634",
"T050631",
"T050630",
"T050633",
"T050632"
]
},
"release_date": "2026-02-09T23:00:00.000+00:00",
"title": "CVE-2025-8885"
}
]
}
Sightings
| Author | Source | Type | Date | Other |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.