Action not permitted
Modal body text goes here.
Modal Title
Modal Body
CVE-2016-6306 (GCVE-0-2016-6306)
Vulnerability from cvelistv5 – Published: 2016-09-26 00:00 – Updated: 2024-08-06 01:29
VLAI
EPSS
Summary
The certificate parser in OpenSSL before 1.0.1u and 1.0.2 before 1.0.2i might allow remote attackers to cause a denial of service (out-of-bounds read) via crafted certificate operations, related to s3_clnt.c and s3_srvr.c.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
56 references
Date Public
2016-09-22 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T01:29:18.287Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://www.tenable.com/security/tns-2016-20"
},
{
"name": "RHSA-2018:2185",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2018:2185"
},
{
"name": "RHSA-2018:2186",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2018:2186"
},
{
"name": "93153",
"tags": [
"vdb-entry",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/93153"
},
{
"name": "RHSA-2016:1940",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "http://rhn.redhat.com/errata/RHSA-2016-1940.html"
},
{
"name": "GLSA-201612-16",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://security.gentoo.org/glsa/201612-16"
},
{
"tags": [
"x_transferred"
],
"url": "https://kb.pulsesecure.net/articles/Pulse_Security_Advisories/SA40312"
},
{
"tags": [
"x_transferred"
],
"url": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-hpesbhf03856en_us"
},
{
"name": "1036885",
"tags": [
"vdb-entry",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1036885"
},
{
"tags": [
"x_transferred"
],
"url": "https://www.tenable.com/security/tns-2016-16"
},
{
"tags": [
"x_transferred"
],
"url": "https://www.tenable.com/security/tns-2016-21"
},
{
"tags": [
"x_transferred"
],
"url": "https://bto.bluecoat.com/security-advisory/sa132"
},
{
"name": "FreeBSD-SA-16:26",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://security.FreeBSD.org/advisories/FreeBSD-SA-16:26.openssl.asc"
},
{
"name": "SUSE-SU-2016:2470",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-10/msg00013.html"
},
{
"name": "RHSA-2018:2187",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2018:2187"
},
{
"tags": [
"x_transferred"
],
"url": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05302448"
},
{
"tags": [
"x_transferred"
],
"url": "http://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10759"
},
{
"tags": [
"x_transferred"
],
"url": "https://kc.mcafee.com/corporate/index?page=content\u0026id=SB10215"
},
{
"name": "SUSE-SU-2017:2700",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2017-10/msg00011.html"
},
{
"name": "USN-3087-1",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "http://www.ubuntu.com/usn/USN-3087-1"
},
{
"name": "SUSE-SU-2016:2469",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-10/msg00012.html"
},
{
"name": "openSUSE-SU-2016:2537",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-10/msg00029.html"
},
{
"name": "USN-3087-2",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "http://www.ubuntu.com/usn/USN-3087-2"
},
{
"name": "SUSE-SU-2017:2699",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2017-10/msg00010.html"
},
{
"name": "openSUSE-SU-2016:2407",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-09/msg00031.html"
},
{
"name": "20170717 Orion Elite Hidden IP Browser Pro - All Versions - Multiple Known Vulnerabilities",
"tags": [
"mailing-list",
"x_transferred"
],
"url": "http://seclists.org/fulldisclosure/2017/Jul/31"
},
{
"name": "SUSE-SU-2016:2458",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-10/msg00005.html"
},
{
"tags": [
"x_transferred"
],
"url": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en\u0026docId=emr_na-hpesbhf03856en_us"
},
{
"name": "DSA-3673",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "http://www.debian.org/security/2016/dsa-3673"
},
{
"name": "openSUSE-SU-2016:2391",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-09/msg00023.html"
},
{
"name": "openSUSE-SU-2018:0458",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2018-02/msg00032.html"
},
{
"name": "SUSE-SU-2016:2387",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-09/msg00022.html"
},
{
"tags": [
"x_transferred"
],
"url": "https://h20566.www2.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-c05302448"
},
{
"tags": [
"x_transferred"
],
"url": "https://support.f5.com/csp/article/K90492697"
},
{
"name": "SUSE-SU-2016:2468",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-10/msg00011.html"
},
{
"name": "openSUSE-SU-2016:2496",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-10/msg00021.html"
},
{
"name": "SUSE-SU-2016:2394",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-09/msg00024.html"
},
{
"tags": [
"x_transferred"
],
"url": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20170322-01-openssl-en"
},
{
"tags": [
"x_transferred"
],
"url": "https://www.oracle.com/security-alerts/cpuapr2020.html"
},
{
"tags": [
"x_transferred"
],
"url": "http://www.oracle.com/technetwork/security-advisory/cpujan2018-3236628.html"
},
{
"tags": [
"x_transferred"
],
"url": "http://www.oracle.com/technetwork/security-advisory/cpuapr2018-3678067.html"
},
{
"tags": [
"x_transferred"
],
"url": "https://www.oracle.com/security-alerts/cpujul2020.html"
},
{
"tags": [
"x_transferred"
],
"url": "http://www.oracle.com/technetwork/security-advisory/cpujul2017-3236622.html"
},
{
"tags": [
"x_transferred"
],
"url": "https://www.oracle.com/technetwork/security-advisory/cpujul2019-5072835.html"
},
{
"tags": [
"x_transferred"
],
"url": "https://www.oracle.com/security-alerts/cpujan2020.html"
},
{
"tags": [
"x_transferred"
],
"url": "http://www.oracle.com/technetwork/security-advisory/cpuoct2017-3236626.html"
},
{
"tags": [
"x_transferred"
],
"url": "http://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html"
},
{
"tags": [
"x_transferred"
],
"url": "http://www.oracle.com/technetwork/topics/security/linuxbulletinoct2016-3090545.html"
},
{
"tags": [
"x_transferred"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21995039"
},
{
"tags": [
"x_transferred"
],
"url": "https://nodejs.org/en/blog/vulnerability/september-2016-security-releases/"
},
{
"tags": [
"x_transferred"
],
"url": "http://www.oracle.com/technetwork/topics/security/ovmbulletinoct2016-3090547.html"
},
{
"tags": [
"x_transferred"
],
"url": "https://www.openssl.org/news/secadv/20160922.txt"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.openssl.org/?p=openssl.git%3Ba=commit%3Bh=52e623c4cb06fffa9d5e75c60b34b4bc130b12e9"
},
{
"tags": [
"x_transferred"
],
"url": "https://www.oracle.com/security-alerts/cpuoct2020.html"
},
{
"tags": [
"x_transferred"
],
"url": "https://www.arista.com/en/support/advisories-notices/security-advisories/1749-security-advisory-24"
},
{
"tags": [
"x_transferred"
],
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-412672.pdf"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2016-09-22T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "The certificate parser in OpenSSL before 1.0.1u and 1.0.2 before 1.0.2i might allow remote attackers to cause a denial of service (out-of-bounds read) via crafted certificate operations, related to s3_clnt.c and s3_srvr.c."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-12-13T00:00:00.000Z",
"orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"shortName": "redhat"
},
"references": [
{
"url": "https://www.tenable.com/security/tns-2016-20"
},
{
"name": "RHSA-2018:2185",
"tags": [
"vendor-advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2018:2185"
},
{
"name": "RHSA-2018:2186",
"tags": [
"vendor-advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2018:2186"
},
{
"name": "93153",
"tags": [
"vdb-entry"
],
"url": "http://www.securityfocus.com/bid/93153"
},
{
"name": "RHSA-2016:1940",
"tags": [
"vendor-advisory"
],
"url": "http://rhn.redhat.com/errata/RHSA-2016-1940.html"
},
{
"name": "GLSA-201612-16",
"tags": [
"vendor-advisory"
],
"url": "https://security.gentoo.org/glsa/201612-16"
},
{
"url": "https://kb.pulsesecure.net/articles/Pulse_Security_Advisories/SA40312"
},
{
"url": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-hpesbhf03856en_us"
},
{
"name": "1036885",
"tags": [
"vdb-entry"
],
"url": "http://www.securitytracker.com/id/1036885"
},
{
"url": "https://www.tenable.com/security/tns-2016-16"
},
{
"url": "https://www.tenable.com/security/tns-2016-21"
},
{
"url": "https://bto.bluecoat.com/security-advisory/sa132"
},
{
"name": "FreeBSD-SA-16:26",
"tags": [
"vendor-advisory"
],
"url": "https://security.FreeBSD.org/advisories/FreeBSD-SA-16:26.openssl.asc"
},
{
"name": "SUSE-SU-2016:2470",
"tags": [
"vendor-advisory"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-10/msg00013.html"
},
{
"name": "RHSA-2018:2187",
"tags": [
"vendor-advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2018:2187"
},
{
"url": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05302448"
},
{
"url": "http://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10759"
},
{
"url": "https://kc.mcafee.com/corporate/index?page=content\u0026id=SB10215"
},
{
"name": "SUSE-SU-2017:2700",
"tags": [
"vendor-advisory"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2017-10/msg00011.html"
},
{
"name": "USN-3087-1",
"tags": [
"vendor-advisory"
],
"url": "http://www.ubuntu.com/usn/USN-3087-1"
},
{
"name": "SUSE-SU-2016:2469",
"tags": [
"vendor-advisory"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-10/msg00012.html"
},
{
"name": "openSUSE-SU-2016:2537",
"tags": [
"vendor-advisory"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-10/msg00029.html"
},
{
"name": "USN-3087-2",
"tags": [
"vendor-advisory"
],
"url": "http://www.ubuntu.com/usn/USN-3087-2"
},
{
"name": "SUSE-SU-2017:2699",
"tags": [
"vendor-advisory"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2017-10/msg00010.html"
},
{
"name": "openSUSE-SU-2016:2407",
"tags": [
"vendor-advisory"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-09/msg00031.html"
},
{
"name": "20170717 Orion Elite Hidden IP Browser Pro - All Versions - Multiple Known Vulnerabilities",
"tags": [
"mailing-list"
],
"url": "http://seclists.org/fulldisclosure/2017/Jul/31"
},
{
"name": "SUSE-SU-2016:2458",
"tags": [
"vendor-advisory"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-10/msg00005.html"
},
{
"url": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en\u0026docId=emr_na-hpesbhf03856en_us"
},
{
"name": "DSA-3673",
"tags": [
"vendor-advisory"
],
"url": "http://www.debian.org/security/2016/dsa-3673"
},
{
"name": "openSUSE-SU-2016:2391",
"tags": [
"vendor-advisory"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-09/msg00023.html"
},
{
"name": "openSUSE-SU-2018:0458",
"tags": [
"vendor-advisory"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2018-02/msg00032.html"
},
{
"name": "SUSE-SU-2016:2387",
"tags": [
"vendor-advisory"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-09/msg00022.html"
},
{
"url": "https://h20566.www2.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-c05302448"
},
{
"url": "https://support.f5.com/csp/article/K90492697"
},
{
"name": "SUSE-SU-2016:2468",
"tags": [
"vendor-advisory"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-10/msg00011.html"
},
{
"name": "openSUSE-SU-2016:2496",
"tags": [
"vendor-advisory"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-10/msg00021.html"
},
{
"name": "SUSE-SU-2016:2394",
"tags": [
"vendor-advisory"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-09/msg00024.html"
},
{
"url": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20170322-01-openssl-en"
},
{
"url": "https://www.oracle.com/security-alerts/cpuapr2020.html"
},
{
"url": "http://www.oracle.com/technetwork/security-advisory/cpujan2018-3236628.html"
},
{
"url": "http://www.oracle.com/technetwork/security-advisory/cpuapr2018-3678067.html"
},
{
"url": "https://www.oracle.com/security-alerts/cpujul2020.html"
},
{
"url": "http://www.oracle.com/technetwork/security-advisory/cpujul2017-3236622.html"
},
{
"url": "https://www.oracle.com/technetwork/security-advisory/cpujul2019-5072835.html"
},
{
"url": "https://www.oracle.com/security-alerts/cpujan2020.html"
},
{
"url": "http://www.oracle.com/technetwork/security-advisory/cpuoct2017-3236626.html"
},
{
"url": "http://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html"
},
{
"url": "http://www.oracle.com/technetwork/topics/security/linuxbulletinoct2016-3090545.html"
},
{
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21995039"
},
{
"url": "https://nodejs.org/en/blog/vulnerability/september-2016-security-releases/"
},
{
"url": "http://www.oracle.com/technetwork/topics/security/ovmbulletinoct2016-3090547.html"
},
{
"url": "https://www.openssl.org/news/secadv/20160922.txt"
},
{
"url": "https://git.openssl.org/?p=openssl.git%3Ba=commit%3Bh=52e623c4cb06fffa9d5e75c60b34b4bc130b12e9"
},
{
"url": "https://www.oracle.com/security-alerts/cpuoct2020.html"
},
{
"url": "https://www.arista.com/en/support/advisories-notices/security-advisories/1749-security-advisory-24"
},
{
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-412672.pdf"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"assignerShortName": "redhat",
"cveId": "CVE-2016-6306",
"datePublished": "2016-09-26T00:00:00.000Z",
"dateReserved": "2016-07-26T00:00:00.000Z",
"dateUpdated": "2024-08-06T01:29:18.287Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1",
"vulnerability-lookup:meta": {
"epss": {
"cve": "CVE-2016-6306",
"date": "2026-05-29",
"epss": "0.0887",
"percentile": "0.92678"
},
"nvd": "{\"cve\":{\"id\":\"CVE-2016-6306\",\"sourceIdentifier\":\"secalert@redhat.com\",\"published\":\"2016-09-26T19:59:02.910\",\"lastModified\":\"2026-05-06T22:30:45.220\",\"vulnStatus\":\"Modified\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"The certificate parser in OpenSSL before 1.0.1u and 1.0.2 before 1.0.2i might allow remote attackers to cause a denial of service (out-of-bounds read) via crafted certificate operations, related to s3_clnt.c and s3_srvr.c.\"},{\"lang\":\"es\",\"value\":\"El analizador certificado en OpenSSL en versiones anteriores a 1.0.1u y 1.0.2 en versiones anteriores a 1.0.2i podr\u00eda permitir a atacantes remotos provocar una denegaci\u00f3n de servicio (lectura fuera de rango) a trav\u00e9s de operaciones certificadas manipuladas, relacionado con s3_clnt.c y s3_srvr.c.\"}],\"metrics\":{\"cvssMetricV31\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H\",\"baseScore\":5.9,\"baseSeverity\":\"MEDIUM\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"HIGH\",\"privilegesRequired\":\"NONE\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"NONE\",\"integrityImpact\":\"NONE\",\"availabilityImpact\":\"HIGH\"},\"exploitabilityScore\":2.2,\"impactScore\":3.6}],\"cvssMetricV2\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"2.0\",\"vectorString\":\"AV:N/AC:M/Au:N/C:N/I:N/A:P\",\"baseScore\":4.3,\"accessVector\":\"NETWORK\",\"accessComplexity\":\"MEDIUM\",\"authentication\":\"NONE\",\"confidentialityImpact\":\"NONE\",\"integrityImpact\":\"NONE\",\"availabilityImpact\":\"PARTIAL\"},\"baseSeverity\":\"MEDIUM\",\"exploitabilityScore\":8.6,\"impactScore\":2.9,\"acInsufInfo\":false,\"obtainAllPrivilege\":false,\"obtainUserPrivilege\":false,\"obtainOtherPrivilege\":false,\"userInteractionRequired\":false}]},\"weaknesses\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-125\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:openssl:openssl:1.0.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"2D1C00C0-C77E-4255-9ECA-20F2673C7366\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:openssl:openssl:1.0.1:beta1:*:*:*:*:*:*\",\"matchCriteriaId\":\"21F16D65-8A46-4AC7-8970-73AB700035FB\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:openssl:openssl:1.0.1:beta2:*:*:*:*:*:*\",\"matchCriteriaId\":\"92F393FF-7E6F-4671-BFBF-060162E12659\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:openssl:openssl:1.0.1:beta3:*:*:*:*:*:*\",\"matchCriteriaId\":\"E1B85A09-CF8D-409D-966E-168F9959F6F6\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:openssl:openssl:1.0.1a:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"3A66E6CF-39CF-412E-8EF0-8E10BA21B4A4\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:openssl:openssl:1.0.1b:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"C684FB18-FDDC-4BED-A28C-C23EE6CD0094\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:openssl:openssl:1.0.1c:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"A74A79A7-4FAF-4C81-8622-050008B96AE1\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:openssl:openssl:1.0.1d:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"CEDACCB9-8D61-49EE-9957-9E58BC7BB031\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:openssl:openssl:1.0.1e:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"4993DD56-F9E3-4AC8-AC3E-BF204B950DEC\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:openssl:openssl:1.0.1f:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"E884B241-F9C3-44F8-A420-DE65F5F3D660\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:openssl:openssl:1.0.1g:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"3A383620-B4F7-44A7-85DA-A4FF2E115D80\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:openssl:openssl:1.0.1h:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"5F0C6812-F455-49CF-B29B-9AC00306DA43\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:openssl:openssl:1.0.1i:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"3F2D462C-A1B4-4572-A615-BDE9DC5F1E55\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:openssl:openssl:1.0.1j:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"3703E445-17C0-4C85-A496-A35641C0C8DB\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:openssl:openssl:1.0.1k:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"2F4034B9-EF1C-40E6-B92A-D4D7B7E7E774\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:openssl:openssl:1.0.1l:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"ABEC1927-F469-4B9E-B544-DA6CF90F0B34\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:openssl:openssl:1.0.1m:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"DE2188F9-FAF8-4A0C-BB49-E95BDBC119BF\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:openssl:openssl:1.0.1n:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"A9EC827B-5313-47D7-BF49-CFF033CF3D53\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:openssl:openssl:1.0.1o:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"A438E65F-33B1-46BC-AD93-200DCC6B43D4\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:openssl:openssl:1.0.1p:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"4BFDCF78-62C1-429E-A43C-0C9FEC14837D\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:openssl:openssl:1.0.1q:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"6A0B4DEF-C6E8-4243-9893-6E650013600C\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:openssl:openssl:1.0.1r:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"E28CD4F7-522F-4ECA-9035-228596CDE769\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:openssl:openssl:1.0.1s:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"A491B32F-31F0-4151-AE9B-313CBF2C060D\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:openssl:openssl:1.0.1t:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"0AF4953B-BB23-4C80-8C48-9E94EB234AAE\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:hp:icewall_federation_agent:3.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"B3261B40-5CBE-4AA6-990A-0A7BE96E5518\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:hp:icewall_mcrp:3.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"C6AFB9DD-DA50-4F9D-B19D-160CA487D002\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:hp:icewall_sso:10.0:*:*:*:certd:*:*:*\",\"matchCriteriaId\":\"87037877-8506-4737-9F47-2CB687975B1C\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:hp:icewall_sso:10.0:*:*:*:dfw:*:*:*\",\"matchCriteriaId\":\"FD94C478-6F81-4F37-B7F3-61D8682EC593\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:hp:icewall_sso_agent_option:10.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"531FE660-C1A9-4C83-90BE-E38AA493D4F7\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:novell:suse_linux_enterprise_module_for_web_scripting:12.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"F788DAEB-9865-45DE-B18A-FDD43E1EBB9D\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:openssl:openssl:1.0.2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"AD3E5C1B-EC63-4214-A0BD-0B8681CE6C8B\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:openssl:openssl:1.0.2:beta1:*:*:*:*:*:*\",\"matchCriteriaId\":\"18797BEE-417D-4959-9AAD-C5A7C051B524\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:openssl:openssl:1.0.2:beta2:*:*:*:*:*:*\",\"matchCriteriaId\":\"6FAA3C31-BD9D-45A9-A502-837FECA6D479\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:openssl:openssl:1.0.2:beta3:*:*:*:*:*:*\",\"matchCriteriaId\":\"6455A421-9956-4846-AC7C-3431E0D37D23\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:openssl:openssl:1.0.2a:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"60F946FD-F564-49DA-B043-5943308BA9EE\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:openssl:openssl:1.0.2b:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"4847BCF3-EFCE-41AF-8E7D-3D51EB9DCC5B\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:openssl:openssl:1.0.2c:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"9B89180B-FB68-4DD8-B076-16E51CC7FB91\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:openssl:openssl:1.0.2d:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"4C986592-4086-4A39-9767-EF34DBAA6A53\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:openssl:openssl:1.0.2e:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"7B23181C-03DB-4E92-B3F6-6B585B5231B4\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:openssl:openssl:1.0.2f:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"94D9EC1C-4843-4026-9B05-E060E9391734\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:openssl:openssl:1.0.2h:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"036FB24F-7D86-4730-8BC9-722875BEC807\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:nodejs:node.js:*:*:*:*:-:*:*:*\",\"versionStartIncluding\":\"0.10.0\",\"versionEndExcluding\":\"0.10.47\",\"matchCriteriaId\":\"080F38F5-0A51-43BC-BC66-98545B31A0F2\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:nodejs:node.js:*:*:*:*:-:*:*:*\",\"versionStartIncluding\":\"0.12.0\",\"versionEndExcluding\":\"0.12.16\",\"matchCriteriaId\":\"F90AAE35-9B46-4FEA-AF3A-5F28761EAC4D\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:nodejs:node.js:*:*:*:*:-:*:*:*\",\"versionStartIncluding\":\"4.0.0\",\"versionEndIncluding\":\"4.1.2\",\"matchCriteriaId\":\"A47FC4F7-1F77-4314-B4B3-3C5D8E335379\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:nodejs:node.js:*:*:*:*:lts:*:*:*\",\"versionStartIncluding\":\"4.2.0\",\"versionEndExcluding\":\"4.6.0\",\"matchCriteriaId\":\"303F780C-C971-4216-86D6-5026AAD56279\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:nodejs:node.js:*:*:*:*:-:*:*:*\",\"versionStartIncluding\":\"5.0.0\",\"versionEndIncluding\":\"5.12.0\",\"matchCriteriaId\":\"121E5D5D-B4D9-43F3-B5C9-74590192FAF1\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:nodejs:node.js:*:*:*:*:-:*:*:*\",\"versionStartIncluding\":\"6.0.0\",\"versionEndExcluding\":\"6.7.0\",\"matchCriteriaId\":\"8291D42E-9E50-414D-9752-D70906D512B2\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"C11E6FB0-C8C0-4527-9AA0-CB9B316F8F43\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:-:*:*:*\",\"matchCriteriaId\":\"CB66DB75-2B16-4EBF-9B93-CE49D8086E41\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:esm:*:*:*\",\"matchCriteriaId\":\"815D70A8-47D3-459C-A32C-9FEACA0659D1\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:esm:*:*:*\",\"matchCriteriaId\":\"7A5301BF-1402-4BE0-A0F8-69FBE79BC6D6\"}]}]}],\"references\":[{\"url\":\"http://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10759\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://lists.opensuse.org/opensuse-security-announce/2016-09/msg00022.html\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"http://lists.opensuse.org/opensuse-security-announce/2016-09/msg00023.html\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://lists.opensuse.org/opensuse-security-announce/2016-09/msg00024.html\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"http://lists.opensuse.org/opensuse-security-announce/2016-09/msg00031.html\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"http://lists.opensuse.org/opensuse-security-announce/2016-10/msg00005.html\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://lists.opensuse.org/opensuse-security-announce/2016-10/msg00011.html\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://lists.opensuse.org/opensuse-security-announce/2016-10/msg00012.html\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"http://lists.opensuse.org/opensuse-security-announce/2016-10/msg00013.html\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"http://lists.opensuse.org/opensuse-security-announce/2016-10/msg00021.html\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"http://lists.opensuse.org/opensuse-security-announce/2016-10/msg00029.html\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://lists.opensuse.org/opensuse-security-announce/2017-10/msg00010.html\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"http://lists.opensuse.org/opensuse-security-announce/2017-10/msg00011.html\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://lists.opensuse.org/opensuse-security-announce/2018-02/msg00032.html\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"http://rhn.redhat.com/errata/RHSA-2016-1940.html\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://seclists.org/fulldisclosure/2017/Jul/31\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"http://www-01.ibm.com/support/docview.wss?uid=swg21995039\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://www.debian.org/security/2016/dsa-3673\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20170322-01-openssl-en\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://www.oracle.com/technetwork/security-advisory/cpuapr2018-3678067.html\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Patch\",\"Third Party Advisory\"]},{\"url\":\"http://www.oracle.com/technetwork/security-advisory/cpujan2018-3236628.html\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Patch\",\"Third Party Advisory\"]},{\"url\":\"http://www.oracle.com/technetwork/security-advisory/cpujul2017-3236622.html\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Patch\",\"Third Party Advisory\"]},{\"url\":\"http://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Patch\",\"Third Party Advisory\"]},{\"url\":\"http://www.oracle.com/technetwork/security-advisory/cpuoct2017-3236626.html\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Patch\",\"Third Party Advisory\"]},{\"url\":\"http://www.oracle.com/technetwork/topics/security/linuxbulletinoct2016-3090545.html\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://www.oracle.com/technetwork/topics/security/ovmbulletinoct2016-3090547.html\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://www.securityfocus.com/bid/93153\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Third Party Advisory\",\"VDB Entry\"]},{\"url\":\"http://www.securitytracker.com/id/1036885\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Third Party Advisory\",\"VDB Entry\"]},{\"url\":\"http://www.ubuntu.com/usn/USN-3087-1\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://www.ubuntu.com/usn/USN-3087-2\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://access.redhat.com/errata/RHSA-2018:2185\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://access.redhat.com/errata/RHSA-2018:2186\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://access.redhat.com/errata/RHSA-2018:2187\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://bto.bluecoat.com/security-advisory/sa132\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://cert-portal.siemens.com/productcert/pdf/ssa-412672.pdf\",\"source\":\"secalert@redhat.com\"},{\"url\":\"https://git.openssl.org/?p=openssl.git%3Ba=commit%3Bh=52e623c4cb06fffa9d5e75c60b34b4bc130b12e9\",\"source\":\"secalert@redhat.com\"},{\"url\":\"https://h20566.www2.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-c05302448\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05302448\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://kb.pulsesecure.net/articles/Pulse_Security_Advisories/SA40312\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://kc.mcafee.com/corporate/index?page=content\u0026id=SB10215\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://nodejs.org/en/blog/vulnerability/september-2016-security-releases/\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"https://security.FreeBSD.org/advisories/FreeBSD-SA-16:26.openssl.asc\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://security.gentoo.org/glsa/201612-16\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://support.f5.com/csp/article/K90492697\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://support.hpe.com/hpsc/doc/public/display?docLocale=en\u0026docId=emr_na-hpesbhf03856en_us\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-hpesbhf03856en_us\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://www.arista.com/en/support/advisories-notices/security-advisories/1749-security-advisory-24\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://www.openssl.org/news/secadv/20160922.txt\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"https://www.oracle.com/security-alerts/cpuapr2020.html\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://www.oracle.com/security-alerts/cpujan2020.html\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://www.oracle.com/security-alerts/cpujul2020.html\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://www.oracle.com/security-alerts/cpuoct2020.html\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://www.oracle.com/technetwork/security-advisory/cpujul2019-5072835.html\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Patch\",\"Third Party Advisory\"]},{\"url\":\"https://www.tenable.com/security/tns-2016-16\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://www.tenable.com/security/tns-2016-20\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://www.tenable.com/security/tns-2016-21\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10759\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://lists.opensuse.org/opensuse-security-announce/2016-09/msg00022.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"http://lists.opensuse.org/opensuse-security-announce/2016-09/msg00023.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://lists.opensuse.org/opensuse-security-announce/2016-09/msg00024.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"http://lists.opensuse.org/opensuse-security-announce/2016-09/msg00031.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"http://lists.opensuse.org/opensuse-security-announce/2016-10/msg00005.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://lists.opensuse.org/opensuse-security-announce/2016-10/msg00011.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://lists.opensuse.org/opensuse-security-announce/2016-10/msg00012.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"http://lists.opensuse.org/opensuse-security-announce/2016-10/msg00013.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"http://lists.opensuse.org/opensuse-security-announce/2016-10/msg00021.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"http://lists.opensuse.org/opensuse-security-announce/2016-10/msg00029.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://lists.opensuse.org/opensuse-security-announce/2017-10/msg00010.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"http://lists.opensuse.org/opensuse-security-announce/2017-10/msg00011.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://lists.opensuse.org/opensuse-security-announce/2018-02/msg00032.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"http://rhn.redhat.com/errata/RHSA-2016-1940.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://seclists.org/fulldisclosure/2017/Jul/31\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"http://www-01.ibm.com/support/docview.wss?uid=swg21995039\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://www.debian.org/security/2016/dsa-3673\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20170322-01-openssl-en\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://www.oracle.com/technetwork/security-advisory/cpuapr2018-3678067.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Patch\",\"Third Party Advisory\"]},{\"url\":\"http://www.oracle.com/technetwork/security-advisory/cpujan2018-3236628.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Patch\",\"Third Party Advisory\"]},{\"url\":\"http://www.oracle.com/technetwork/security-advisory/cpujul2017-3236622.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Patch\",\"Third Party Advisory\"]},{\"url\":\"http://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Patch\",\"Third Party Advisory\"]},{\"url\":\"http://www.oracle.com/technetwork/security-advisory/cpuoct2017-3236626.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Patch\",\"Third Party Advisory\"]},{\"url\":\"http://www.oracle.com/technetwork/topics/security/linuxbulletinoct2016-3090545.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://www.oracle.com/technetwork/topics/security/ovmbulletinoct2016-3090547.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://www.securityfocus.com/bid/93153\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\",\"VDB Entry\"]},{\"url\":\"http://www.securitytracker.com/id/1036885\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\",\"VDB Entry\"]},{\"url\":\"http://www.ubuntu.com/usn/USN-3087-1\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://www.ubuntu.com/usn/USN-3087-2\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://access.redhat.com/errata/RHSA-2018:2185\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://access.redhat.com/errata/RHSA-2018:2186\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://access.redhat.com/errata/RHSA-2018:2187\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://bto.bluecoat.com/security-advisory/sa132\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://cert-portal.siemens.com/productcert/pdf/ssa-412672.pdf\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://git.openssl.org/?p=openssl.git%3Ba=commit%3Bh=52e623c4cb06fffa9d5e75c60b34b4bc130b12e9\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://h20566.www2.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-c05302448\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05302448\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://kb.pulsesecure.net/articles/Pulse_Security_Advisories/SA40312\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://kc.mcafee.com/corporate/index?page=content\u0026id=SB10215\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://nodejs.org/en/blog/vulnerability/september-2016-security-releases/\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"https://security.FreeBSD.org/advisories/FreeBSD-SA-16:26.openssl.asc\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://security.gentoo.org/glsa/201612-16\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://support.f5.com/csp/article/K90492697\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://support.hpe.com/hpsc/doc/public/display?docLocale=en\u0026docId=emr_na-hpesbhf03856en_us\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-hpesbhf03856en_us\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://www.arista.com/en/support/advisories-notices/security-advisories/1749-security-advisory-24\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://www.openssl.org/news/secadv/20160922.txt\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"https://www.oracle.com/security-alerts/cpuapr2020.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://www.oracle.com/security-alerts/cpujan2020.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://www.oracle.com/security-alerts/cpujul2020.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://www.oracle.com/security-alerts/cpuoct2020.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://www.oracle.com/technetwork/security-advisory/cpujul2019-5072835.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Patch\",\"Third Party Advisory\"]},{\"url\":\"https://www.tenable.com/security/tns-2016-16\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://www.tenable.com/security/tns-2016-20\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://www.tenable.com/security/tns-2016-21\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]}]}}"
}
}
VAR-201609-0592
Vulnerability from variot - Updated: 2026-03-09 21:46The certificate parser in OpenSSL before 1.0.1u and 1.0.2 before 1.0.2i might allow remote attackers to cause a denial of service (out-of-bounds read) via crafted certificate operations, related to s3_clnt.c and s3_srvr.c. Supplementary information : CWE Vulnerability type by CWE-125: Out-of-bounds Read ( Read out of bounds ) Has been identified. http://cwe.mitre.org/data/definitions/125.htmlService disruption through the manipulation of crafted certificates by third parties ( Read out of bounds ) There is a possibility of being put into a state. OpenSSL is prone to a local denial-of-service vulnerability. A local attacker can exploit this issue to cause a denial-of-service condition. OpenSSL Security Advisory [22 Sep 2016] ========================================
OCSP Status Request extension unbounded memory growth (CVE-2016-6304)
Severity: High
A malicious client can send an excessively large OCSP Status Request extension. If that client continually requests renegotiation, sending a large OCSP Status Request extension each time, then there will be unbounded memory growth on the server. This will eventually lead to a Denial Of Service attack through memory exhaustion. Servers with a default configuration are vulnerable even if they do not support OCSP. Builds using the "no-ocsp" build time option are not affected.
Servers using OpenSSL versions prior to 1.0.1g are not vulnerable in a default configuration, instead only if an application explicitly enables OCSP stapling support.
OpenSSL 1.1.0 users should upgrade to 1.1.0a OpenSSL 1.0.2 users should upgrade to 1.0.2i OpenSSL 1.0.1 users should upgrade to 1.0.1u
This issue was reported to OpenSSL on 29th August 2016 by Shi Lei (Gear Team, Qihoo 360 Inc.). The fix was developed by Matt Caswell of the OpenSSL development team.
SSL_peek() hang on empty record (CVE-2016-6305)
Severity: Moderate
OpenSSL 1.1.0 SSL/TLS will hang during a call to SSL_peek() if the peer sends an empty record. This could be exploited by a malicious peer in a Denial Of Service attack.
OpenSSL 1.1.0 users should upgrade to 1.1.0a
This issue was reported to OpenSSL on 10th September 2016 by Alex Gaynor. The fix was developed by Matt Caswell of the OpenSSL development team.
SWEET32 Mitigation (CVE-2016-2183)
Severity: Low
SWEET32 (https://sweet32.info) is an attack on older block cipher algorithms that use a block size of 64 bits. In mitigation for the SWEET32 attack DES based ciphersuites have been moved from the HIGH cipherstring group to MEDIUM in OpenSSL 1.0.1 and OpenSSL 1.0.2. OpenSSL 1.1.0 since release has had these ciphersuites disabled by default.
OpenSSL 1.0.2 users should upgrade to 1.0.2i OpenSSL 1.0.1 users should upgrade to 1.0.1u
This issue was reported to OpenSSL on 16th August 2016 by Karthikeyan Bhargavan and Gaetan Leurent (INRIA). The fix was developed by Rich Salz of the OpenSSL development team.
OOB write in MDC2_Update() (CVE-2016-6303)
Severity: Low
An overflow can occur in MDC2_Update() either if called directly or through the EVP_DigestUpdate() function using MDC2. If an attacker is able to supply very large amounts of input data after a previous call to EVP_EncryptUpdate() with a partial block then a length check can overflow resulting in a heap corruption.
The amount of data needed is comparable to SIZE_MAX which is impractical on most platforms.
OpenSSL 1.0.2 users should upgrade to 1.0.2i OpenSSL 1.0.1 users should upgrade to 1.0.1u
This issue was reported to OpenSSL on 11th August 2016 by Shi Lei (Gear Team, Qihoo 360 Inc.). The fix was developed by Stephen Henson of the OpenSSL development team.
Malformed SHA512 ticket DoS (CVE-2016-6302)
Severity: Low
If a server uses SHA512 for TLS session ticket HMAC it is vulnerable to a DoS attack where a malformed ticket will result in an OOB read which will ultimately crash.
The use of SHA512 in TLS session tickets is comparatively rare as it requires a custom server callback and ticket lookup mechanism.
OpenSSL 1.0.2 users should upgrade to 1.0.2i OpenSSL 1.0.1 users should upgrade to 1.0.1u
This issue was reported to OpenSSL on 19th August 2016 by Shi Lei (Gear Team, Qihoo 360 Inc.). The fix was developed by Stephen Henson of the OpenSSL development team.
OOB write in BN_bn2dec() (CVE-2016-2182)
Severity: Low
The function BN_bn2dec() does not check the return value of BN_div_word(). This can cause an OOB write if an application uses this function with an overly large BIGNUM. This could be a problem if an overly large certificate or CRL is printed out from an untrusted source. TLS is not affected because record limits will reject an oversized certificate before it is parsed.
OpenSSL 1.0.2 users should upgrade to 1.0.2i OpenSSL 1.0.1 users should upgrade to 1.0.1u
This issue was reported to OpenSSL on 2nd August 2016 by Shi Lei (Gear Team, Qihoo 360 Inc.). The fix was developed by Stephen Henson of the OpenSSL development team.
OOB read in TS_OBJ_print_bio() (CVE-2016-2180)
Severity: Low
The function TS_OBJ_print_bio() misuses OBJ_obj2txt(): the return value is the total length the OID text representation would use and not the amount of data written. This will result in OOB reads when large OIDs are presented.
OpenSSL 1.0.2 users should upgrade to 1.0.2i OpenSSL 1.0.1 users should upgrade to 1.0.1u
This issue was reported to OpenSSL on 21st July 2016 by Shi Lei (Gear Team, Qihoo 360 Inc.). The fix was developed by Stephen Henson of the OpenSSL development team.
Pointer arithmetic undefined behaviour (CVE-2016-2177)
Severity: Low
Avoid some undefined pointer arithmetic
A common idiom in the codebase is to check limits in the following manner: "p + len > limit"
Where "p" points to some malloc'd data of SIZE bytes and limit == p + SIZE
"len" here could be from some externally supplied data (e.g. from a TLS message).
The rules of C pointer arithmetic are such that "p + len" is only well defined where len <= SIZE. Therefore the above idiom is actually undefined behaviour.
For example this could cause problems if some malloc implementation provides an address for "p" such that "p + len" actually overflows for values of len that are too big and therefore p + len < limit.
OpenSSL 1.0.2 users should upgrade to 1.0.2i OpenSSL 1.0.1 users should upgrade to 1.0.1u
This issue was reported to OpenSSL on 4th May 2016 by Guido Vranken. The fix was developed by Matt Caswell of the OpenSSL development team.
Constant time flag not preserved in DSA signing (CVE-2016-2178)
Severity: Low
Operations in the DSA signing algorithm should run in constant time in order to avoid side channel attacks. A flaw in the OpenSSL DSA implementation means that a non-constant time codepath is followed for certain operations. This has been demonstrated through a cache-timing attack to be sufficient for an attacker to recover the private DSA key.
OpenSSL 1.0.2 users should upgrade to 1.0.2i OpenSSL 1.0.1 users should upgrade to 1.0.1u
This issue was reported to OpenSSL on 23rd May 2016 by César Pereida (Aalto University), Billy Brumley (Tampere University of Technology), and Yuval Yarom (The University of Adelaide and NICTA). The fix was developed by César Pereida.
DTLS buffered message DoS (CVE-2016-2179)
Severity: Low
In a DTLS connection where handshake messages are delivered out-of-order those messages that OpenSSL is not yet ready to process will be buffered for later use. Under certain circumstances, a flaw in the logic means that those messages do not get removed from the buffer even though the handshake has been completed. An attacker could force up to approx. 15 messages to remain in the buffer when they are no longer required. These messages will be cleared when the DTLS connection is closed. The default maximum size for a message is 100k. Therefore the attacker could force an additional 1500k to be consumed per connection. By opening many simulataneous connections an attacker could cause a DoS attack through memory exhaustion.
OpenSSL 1.0.2 DTLS users should upgrade to 1.0.2i OpenSSL 1.0.1 DTLS users should upgrade to 1.0.1u
This issue was reported to OpenSSL on 22nd June 2016 by Quan Luo. The fix was developed by Matt Caswell of the OpenSSL development team.
DTLS replay protection DoS (CVE-2016-2181)
Severity: Low
A flaw in the DTLS replay attack protection mechanism means that records that arrive for future epochs update the replay protection "window" before the MAC for the record has been validated. This could be exploited by an attacker by sending a record for the next epoch (which does not have to decrypt or have a valid MAC), with a very large sequence number. This means that all subsequent legitimate packets are dropped causing a denial of service for a specific DTLS connection.
OpenSSL 1.0.2 DTLS users should upgrade to 1.0.2i OpenSSL 1.0.1 DTLS users should upgrade to 1.0.1u
This issue was reported to OpenSSL on 21st November 2015 by the OCAP audit team. The fix was developed by Matt Caswell of the OpenSSL development team.
Certificate message OOB reads (CVE-2016-6306)
Severity: Low
In OpenSSL 1.0.2 and earlier some missing message length checks can result in OOB reads of up to 2 bytes beyond an allocated buffer. There is a theoretical DoS risk but this has not been observed in practice on common platforms.
The messages affected are client certificate, client certificate request and server certificate. As a result the attack can only be performed against a client or a server which enables client authentication.
OpenSSL 1.1.0 is not affected.
OpenSSL 1.0.2 users should upgrade to 1.0.2i OpenSSL 1.0.1 users should upgrade to 1.0.1u
This issue was reported to OpenSSL on 22nd August 2016 by Shi Lei (Gear Team, Qihoo 360 Inc.). The fix was developed by Stephen Henson of the OpenSSL development team.
Excessive allocation of memory in tls_get_message_header() (CVE-2016-6307)
Severity: Low
A TLS message includes 3 bytes for its length in the header for the message. This would allow for messages up to 16Mb in length. Messages of this length are excessive and OpenSSL includes a check to ensure that a peer is sending reasonably sized messages in order to avoid too much memory being consumed to service a connection. A flaw in the logic of version 1.1.0 means that memory for the message is allocated too early, prior to the excessive message length check. Due to way memory is allocated in OpenSSL this could mean an attacker could force up to 21Mb to be allocated to service a connection. This could lead to a Denial of Service through memory exhaustion. However, the excessive message length check still takes place, and this would cause the connection to immediately fail. Assuming that the application calls SSL_free() on the failed conneciton in a timely manner then the 21Mb of allocated memory will then be immediately freed again. Therefore the excessive memory allocation will be transitory in nature. This then means that there is only a security impact if:
1) The application does not call SSL_free() in a timely manner in the event that the connection fails or 2) The application is working in a constrained environment where there is very little free memory or 3) The attacker initiates multiple connection attempts such that there are multiple connections in a state where memory has been allocated for the connection; SSL_free() has not yet been called; and there is insufficient memory to service the multiple requests.
Except in the instance of (1) above any Denial Of Service is likely to be transitory because as soon as the connection fails the memory is subsequently freed again in the SSL_free() call. However there is an increased risk during this period of application crashes due to the lack of memory - which would then mean a more serious Denial of Service.
This issue does not affect DTLS users.
OpenSSL 1.1.0 TLS users should upgrade to 1.1.0a
This issue was reported to OpenSSL on 18th September 2016 by Shi Lei (Gear Team, Qihoo 360 Inc.). The fix was developed by Matt Caswell of the OpenSSL development team.
Excessive allocation of memory in dtls1_preprocess_fragment() (CVE-2016-6308)
Severity: Low
This issue is very similar to CVE-2016-6307. The underlying defect is different but the security analysis and impacts are the same except that it impacts DTLS.
A DTLS message includes 3 bytes for its length in the header for the message. This would allow for messages up to 16Mb in length. Messages of this length are excessive and OpenSSL includes a check to ensure that a peer is sending reasonably sized messages in order to avoid too much memory being consumed to service a connection. A flaw in the logic of version 1.1.0 means that memory for the message is allocated too early, prior to the excessive message length check. Due to way memory is allocated in OpenSSL this could mean an attacker could force up to 21Mb to be allocated to service a connection. This could lead to a Denial of Service through memory exhaustion. However, the excessive message length check still takes place, and this would cause the connection to immediately fail. Assuming that the application calls SSL_free() on the failed conneciton in a timely manner then the 21Mb of allocated memory will then be immediately freed again. Therefore the excessive memory allocation will be transitory in nature. This then means that there is only a security impact if:
1) The application does not call SSL_free() in a timely manner in the event that the connection fails or 2) The application is working in a constrained environment where there is very little free memory or 3) The attacker initiates multiple connection attempts such that there are multiple connections in a state where memory has been allocated for the connection; SSL_free() has not yet been called; and there is insufficient memory to service the multiple requests.
Except in the instance of (1) above any Denial Of Service is likely to be transitory because as soon as the connection fails the memory is subsequently freed again in the SSL_free() call. However there is an increased risk during this period of application crashes due to the lack of memory - which would then mean a more serious Denial of Service.
This issue does not affect TLS users.
OpenSSL 1.1.0 DTLS users should upgrade to 1.1.0a
This issue was reported to OpenSSL on 18th September 2016 by Shi Lei (Gear Team, Qihoo 360 Inc.). The fix was developed by Matt Caswell of the OpenSSL development team.
Note
As per our previous announcements and our Release Strategy (https://www.openssl.org/policies/releasestrat.html), support for OpenSSL version 1.0.1 will cease on 31st December 2016. No security updates for that version will be provided after that date. Users of 1.0.1 are advised to upgrade.
Support for versions 0.9.8 and 1.0.0 ended on 31st December 2015. Those versions are no longer receiving security updates.
References
URL for this Security Advisory: https://www.openssl.org/news/secadv/20160922.txt
Note: the online version of the advisory may be updated with additional details over time.
For details of OpenSSL severity classifications please see: https://www.openssl.org/policies/secpolicy.html . -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
===================================================================== Red Hat Security Advisory
Synopsis: Important: openssl security update Advisory ID: RHSA-2016:1940-01 Product: Red Hat Enterprise Linux Advisory URL: https://rhn.redhat.com/errata/RHSA-2016-1940.html Issue date: 2016-09-27 CVE Names: CVE-2016-2177 CVE-2016-2178 CVE-2016-2179 CVE-2016-2180 CVE-2016-2181 CVE-2016-2182 CVE-2016-6302 CVE-2016-6304 CVE-2016-6306 =====================================================================
- Summary:
An update for openssl is now available for Red Hat Enterprise Linux 6 and Red Hat Enterprise Linux 7.
Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
- Relevant releases/architectures:
Red Hat Enterprise Linux Client (v. 7) - x86_64 Red Hat Enterprise Linux Client Optional (v. 7) - x86_64 Red Hat Enterprise Linux ComputeNode (v. 7) - x86_64 Red Hat Enterprise Linux ComputeNode Optional (v. 7) - x86_64 Red Hat Enterprise Linux Desktop (v. 6) - i386, x86_64 Red Hat Enterprise Linux Desktop Optional (v. 6) - i386, x86_64 Red Hat Enterprise Linux HPC Node (v. 6) - x86_64 Red Hat Enterprise Linux HPC Node Optional (v. 6) - x86_64 Red Hat Enterprise Linux Server (v. 6) - i386, ppc64, s390x, x86_64 Red Hat Enterprise Linux Server (v. 7) - ppc64, ppc64le, s390x, x86_64 Red Hat Enterprise Linux Server Optional (v. 6) - i386, ppc64, s390x, x86_64 Red Hat Enterprise Linux Server Optional (v. 7) - ppc64, ppc64le, s390x, x86_64 Red Hat Enterprise Linux Workstation (v. 6) - i386, x86_64 Red Hat Enterprise Linux Workstation (v. 7) - x86_64 Red Hat Enterprise Linux Workstation Optional (v. 6) - i386, x86_64 Red Hat Enterprise Linux Workstation Optional (v. 7) - x86_64
- Description:
OpenSSL is a toolkit that implements the Secure Sockets Layer (SSL) and Transport Layer Security (TLS) protocols, as well as a full-strength general-purpose cryptography library. A remote attacker could cause a TLS server using OpenSSL to consume an excessive amount of memory and, possibly, exit unexpectedly after exhausting all available memory, if it enabled OCSP stapling support. (CVE-2016-2178)
-
It was discovered that the Datagram TLS (DTLS) implementation could fail to release memory in certain cases. A malicious DTLS client could cause a DTLS server using OpenSSL to consume an excessive amount of memory and, possibly, exit unexpectedly after exhausting all available memory. A remote attacker could possibly use this flaw to make a DTLS server using OpenSSL to reject further packets sent from a DTLS client over an established DTLS connection. (CVE-2016-2181)
-
An out of bounds write flaw was discovered in the OpenSSL BN_bn2dec() function. (CVE-2016-2182)
-
A flaw was found in the DES/3DES cipher was used as part of the TLS/SSL protocol. A man-in-the-middle attacker could use this flaw to recover some plaintext data by capturing large amounts of encrypted traffic between TLS/SSL server and client if the communication used a DES/3DES based ciphersuite. (CVE-2016-2183)
This update mitigates the CVE-2016-2183 issue by lowering priority of DES cipher suites so they are not preferred over cipher suites using AES. For compatibility reasons, DES cipher suites remain enabled by default and included in the set of cipher suites identified by the HIGH cipher string. Future updates may move them to MEDIUM or not enable them by default.
-
An integer underflow flaw leading to a buffer over-read was found in the way OpenSSL parsed TLS session tickets. (CVE-2016-6302)
-
Multiple integer overflow flaws were found in the way OpenSSL performed pointer arithmetic. A remote attacker could possibly use these flaws to cause a TLS/SSL server or client using OpenSSL to crash. (CVE-2016-2177)
-
An out of bounds read flaw was found in the way OpenSSL formatted Public Key Infrastructure Time-Stamp Protocol data for printing. An attacker could possibly cause an application using OpenSSL to crash if it printed time stamp data from the attacker. A remote attacker could possibly use these flaws to crash a TLS/SSL server or client using OpenSSL. (CVE-2016-6306)
Red Hat would like to thank the OpenSSL project for reporting CVE-2016-6304 and CVE-2016-6306 and OpenVPN for reporting CVE-2016-2183.
- Solution:
For details on how to apply this update, which includes the changes described in this advisory, refer to:
https://access.redhat.com/articles/11258
For the update to take effect, all services linked to the OpenSSL library must be restarted, or the system rebooted.
- Bugs fixed (https://bugzilla.redhat.com/):
1341705 - CVE-2016-2177 openssl: Possible integer overflow vulnerabilities in codebase 1343400 - CVE-2016-2178 openssl: Non-constant time codepath followed for certain operations in DSA implementation 1359615 - CVE-2016-2180 OpenSSL: OOB read in TS_OBJ_print_bio() 1367340 - CVE-2016-2182 openssl: Out-of-bounds write caused by unchecked errors in BN_bn2dec() 1369113 - CVE-2016-2181 openssl: DTLS replay protection bypass allows DoS against DTLS connection 1369383 - CVE-2016-2183 SSL/TLS: Birthday attack against 64-bit block ciphers (SWEET32) 1369504 - CVE-2016-2179 openssl: DTLS memory exhaustion DoS when messages are not removed from fragment buffer 1369855 - CVE-2016-6302 openssl: Insufficient TLS session ticket HMAC length checks 1377594 - CVE-2016-6306 openssl: certificate message OOB reads 1377600 - CVE-2016-6304 openssl: OCSP Status Request extension unbounded memory growth
- Package List:
Red Hat Enterprise Linux Desktop (v. 6):
Source: openssl-1.0.1e-48.el6_8.3.src.rpm
i386: openssl-1.0.1e-48.el6_8.3.i686.rpm openssl-debuginfo-1.0.1e-48.el6_8.3.i686.rpm
x86_64: openssl-1.0.1e-48.el6_8.3.i686.rpm openssl-1.0.1e-48.el6_8.3.x86_64.rpm openssl-debuginfo-1.0.1e-48.el6_8.3.i686.rpm openssl-debuginfo-1.0.1e-48.el6_8.3.x86_64.rpm
Red Hat Enterprise Linux Desktop Optional (v. 6):
i386: openssl-debuginfo-1.0.1e-48.el6_8.3.i686.rpm openssl-devel-1.0.1e-48.el6_8.3.i686.rpm openssl-perl-1.0.1e-48.el6_8.3.i686.rpm openssl-static-1.0.1e-48.el6_8.3.i686.rpm
x86_64: openssl-debuginfo-1.0.1e-48.el6_8.3.i686.rpm openssl-debuginfo-1.0.1e-48.el6_8.3.x86_64.rpm openssl-devel-1.0.1e-48.el6_8.3.i686.rpm openssl-devel-1.0.1e-48.el6_8.3.x86_64.rpm openssl-perl-1.0.1e-48.el6_8.3.x86_64.rpm openssl-static-1.0.1e-48.el6_8.3.x86_64.rpm
Red Hat Enterprise Linux HPC Node (v. 6):
Source: openssl-1.0.1e-48.el6_8.3.src.rpm
x86_64: openssl-1.0.1e-48.el6_8.3.i686.rpm openssl-1.0.1e-48.el6_8.3.x86_64.rpm openssl-debuginfo-1.0.1e-48.el6_8.3.i686.rpm openssl-debuginfo-1.0.1e-48.el6_8.3.x86_64.rpm
Red Hat Enterprise Linux HPC Node Optional (v. 6):
x86_64: openssl-debuginfo-1.0.1e-48.el6_8.3.i686.rpm openssl-debuginfo-1.0.1e-48.el6_8.3.x86_64.rpm openssl-devel-1.0.1e-48.el6_8.3.i686.rpm openssl-devel-1.0.1e-48.el6_8.3.x86_64.rpm openssl-perl-1.0.1e-48.el6_8.3.x86_64.rpm openssl-static-1.0.1e-48.el6_8.3.x86_64.rpm
Red Hat Enterprise Linux Server (v. 6):
Source: openssl-1.0.1e-48.el6_8.3.src.rpm
i386: openssl-1.0.1e-48.el6_8.3.i686.rpm openssl-debuginfo-1.0.1e-48.el6_8.3.i686.rpm openssl-devel-1.0.1e-48.el6_8.3.i686.rpm
ppc64: openssl-1.0.1e-48.el6_8.3.ppc.rpm openssl-1.0.1e-48.el6_8.3.ppc64.rpm openssl-debuginfo-1.0.1e-48.el6_8.3.ppc.rpm openssl-debuginfo-1.0.1e-48.el6_8.3.ppc64.rpm openssl-devel-1.0.1e-48.el6_8.3.ppc.rpm openssl-devel-1.0.1e-48.el6_8.3.ppc64.rpm
s390x: openssl-1.0.1e-48.el6_8.3.s390.rpm openssl-1.0.1e-48.el6_8.3.s390x.rpm openssl-debuginfo-1.0.1e-48.el6_8.3.s390.rpm openssl-debuginfo-1.0.1e-48.el6_8.3.s390x.rpm openssl-devel-1.0.1e-48.el6_8.3.s390.rpm openssl-devel-1.0.1e-48.el6_8.3.s390x.rpm
x86_64: openssl-1.0.1e-48.el6_8.3.i686.rpm openssl-1.0.1e-48.el6_8.3.x86_64.rpm openssl-debuginfo-1.0.1e-48.el6_8.3.i686.rpm openssl-debuginfo-1.0.1e-48.el6_8.3.x86_64.rpm openssl-devel-1.0.1e-48.el6_8.3.i686.rpm openssl-devel-1.0.1e-48.el6_8.3.x86_64.rpm
Red Hat Enterprise Linux Server Optional (v. 6):
i386: openssl-debuginfo-1.0.1e-48.el6_8.3.i686.rpm openssl-perl-1.0.1e-48.el6_8.3.i686.rpm openssl-static-1.0.1e-48.el6_8.3.i686.rpm
ppc64: openssl-debuginfo-1.0.1e-48.el6_8.3.ppc64.rpm openssl-perl-1.0.1e-48.el6_8.3.ppc64.rpm openssl-static-1.0.1e-48.el6_8.3.ppc64.rpm
s390x: openssl-debuginfo-1.0.1e-48.el6_8.3.s390x.rpm openssl-perl-1.0.1e-48.el6_8.3.s390x.rpm openssl-static-1.0.1e-48.el6_8.3.s390x.rpm
x86_64: openssl-debuginfo-1.0.1e-48.el6_8.3.x86_64.rpm openssl-perl-1.0.1e-48.el6_8.3.x86_64.rpm openssl-static-1.0.1e-48.el6_8.3.x86_64.rpm
Red Hat Enterprise Linux Workstation (v. 6):
Source: openssl-1.0.1e-48.el6_8.3.src.rpm
i386: openssl-1.0.1e-48.el6_8.3.i686.rpm openssl-debuginfo-1.0.1e-48.el6_8.3.i686.rpm openssl-devel-1.0.1e-48.el6_8.3.i686.rpm
x86_64: openssl-1.0.1e-48.el6_8.3.i686.rpm openssl-1.0.1e-48.el6_8.3.x86_64.rpm openssl-debuginfo-1.0.1e-48.el6_8.3.i686.rpm openssl-debuginfo-1.0.1e-48.el6_8.3.x86_64.rpm openssl-devel-1.0.1e-48.el6_8.3.i686.rpm openssl-devel-1.0.1e-48.el6_8.3.x86_64.rpm
Red Hat Enterprise Linux Workstation Optional (v. 6):
i386: openssl-debuginfo-1.0.1e-48.el6_8.3.i686.rpm openssl-perl-1.0.1e-48.el6_8.3.i686.rpm openssl-static-1.0.1e-48.el6_8.3.i686.rpm
x86_64: openssl-debuginfo-1.0.1e-48.el6_8.3.x86_64.rpm openssl-perl-1.0.1e-48.el6_8.3.x86_64.rpm openssl-static-1.0.1e-48.el6_8.3.x86_64.rpm
Red Hat Enterprise Linux Client (v. 7):
Source: openssl-1.0.1e-51.el7_2.7.src.rpm
x86_64: openssl-1.0.1e-51.el7_2.7.x86_64.rpm openssl-debuginfo-1.0.1e-51.el7_2.7.i686.rpm openssl-debuginfo-1.0.1e-51.el7_2.7.x86_64.rpm openssl-libs-1.0.1e-51.el7_2.7.i686.rpm openssl-libs-1.0.1e-51.el7_2.7.x86_64.rpm
Red Hat Enterprise Linux Client Optional (v. 7):
x86_64: openssl-debuginfo-1.0.1e-51.el7_2.7.i686.rpm openssl-debuginfo-1.0.1e-51.el7_2.7.x86_64.rpm openssl-devel-1.0.1e-51.el7_2.7.i686.rpm openssl-devel-1.0.1e-51.el7_2.7.x86_64.rpm openssl-perl-1.0.1e-51.el7_2.7.x86_64.rpm openssl-static-1.0.1e-51.el7_2.7.i686.rpm openssl-static-1.0.1e-51.el7_2.7.x86_64.rpm
Red Hat Enterprise Linux ComputeNode (v. 7):
Source: openssl-1.0.1e-51.el7_2.7.src.rpm
x86_64: openssl-1.0.1e-51.el7_2.7.x86_64.rpm openssl-debuginfo-1.0.1e-51.el7_2.7.i686.rpm openssl-debuginfo-1.0.1e-51.el7_2.7.x86_64.rpm openssl-libs-1.0.1e-51.el7_2.7.i686.rpm openssl-libs-1.0.1e-51.el7_2.7.x86_64.rpm
Red Hat Enterprise Linux ComputeNode Optional (v. 7):
x86_64: openssl-debuginfo-1.0.1e-51.el7_2.7.i686.rpm openssl-debuginfo-1.0.1e-51.el7_2.7.x86_64.rpm openssl-devel-1.0.1e-51.el7_2.7.i686.rpm openssl-devel-1.0.1e-51.el7_2.7.x86_64.rpm openssl-perl-1.0.1e-51.el7_2.7.x86_64.rpm openssl-static-1.0.1e-51.el7_2.7.i686.rpm openssl-static-1.0.1e-51.el7_2.7.x86_64.rpm
Red Hat Enterprise Linux Server (v. 7):
Source: openssl-1.0.1e-51.el7_2.7.src.rpm
ppc64: openssl-1.0.1e-51.el7_2.7.ppc64.rpm openssl-debuginfo-1.0.1e-51.el7_2.7.ppc.rpm openssl-debuginfo-1.0.1e-51.el7_2.7.ppc64.rpm openssl-devel-1.0.1e-51.el7_2.7.ppc.rpm openssl-devel-1.0.1e-51.el7_2.7.ppc64.rpm openssl-libs-1.0.1e-51.el7_2.7.ppc.rpm openssl-libs-1.0.1e-51.el7_2.7.ppc64.rpm
ppc64le: openssl-1.0.1e-51.el7_2.7.ppc64le.rpm openssl-debuginfo-1.0.1e-51.el7_2.7.ppc64le.rpm openssl-devel-1.0.1e-51.el7_2.7.ppc64le.rpm openssl-libs-1.0.1e-51.el7_2.7.ppc64le.rpm
s390x: openssl-1.0.1e-51.el7_2.7.s390x.rpm openssl-debuginfo-1.0.1e-51.el7_2.7.s390.rpm openssl-debuginfo-1.0.1e-51.el7_2.7.s390x.rpm openssl-devel-1.0.1e-51.el7_2.7.s390.rpm openssl-devel-1.0.1e-51.el7_2.7.s390x.rpm openssl-libs-1.0.1e-51.el7_2.7.s390.rpm openssl-libs-1.0.1e-51.el7_2.7.s390x.rpm
x86_64: openssl-1.0.1e-51.el7_2.7.x86_64.rpm openssl-debuginfo-1.0.1e-51.el7_2.7.i686.rpm openssl-debuginfo-1.0.1e-51.el7_2.7.x86_64.rpm openssl-devel-1.0.1e-51.el7_2.7.i686.rpm openssl-devel-1.0.1e-51.el7_2.7.x86_64.rpm openssl-libs-1.0.1e-51.el7_2.7.i686.rpm openssl-libs-1.0.1e-51.el7_2.7.x86_64.rpm
Red Hat Enterprise Linux Server Optional (v. 7):
ppc64: openssl-debuginfo-1.0.1e-51.el7_2.7.ppc.rpm openssl-debuginfo-1.0.1e-51.el7_2.7.ppc64.rpm openssl-perl-1.0.1e-51.el7_2.7.ppc64.rpm openssl-static-1.0.1e-51.el7_2.7.ppc.rpm openssl-static-1.0.1e-51.el7_2.7.ppc64.rpm
ppc64le: openssl-debuginfo-1.0.1e-51.el7_2.7.ppc64le.rpm openssl-perl-1.0.1e-51.el7_2.7.ppc64le.rpm openssl-static-1.0.1e-51.el7_2.7.ppc64le.rpm
s390x: openssl-debuginfo-1.0.1e-51.el7_2.7.s390.rpm openssl-debuginfo-1.0.1e-51.el7_2.7.s390x.rpm openssl-perl-1.0.1e-51.el7_2.7.s390x.rpm openssl-static-1.0.1e-51.el7_2.7.s390.rpm openssl-static-1.0.1e-51.el7_2.7.s390x.rpm
x86_64: openssl-debuginfo-1.0.1e-51.el7_2.7.i686.rpm openssl-debuginfo-1.0.1e-51.el7_2.7.x86_64.rpm openssl-perl-1.0.1e-51.el7_2.7.x86_64.rpm openssl-static-1.0.1e-51.el7_2.7.i686.rpm openssl-static-1.0.1e-51.el7_2.7.x86_64.rpm
Red Hat Enterprise Linux Workstation (v. 7):
Source: openssl-1.0.1e-51.el7_2.7.src.rpm
x86_64: openssl-1.0.1e-51.el7_2.7.x86_64.rpm openssl-debuginfo-1.0.1e-51.el7_2.7.i686.rpm openssl-debuginfo-1.0.1e-51.el7_2.7.x86_64.rpm openssl-devel-1.0.1e-51.el7_2.7.i686.rpm openssl-devel-1.0.1e-51.el7_2.7.x86_64.rpm openssl-libs-1.0.1e-51.el7_2.7.i686.rpm openssl-libs-1.0.1e-51.el7_2.7.x86_64.rpm
Red Hat Enterprise Linux Workstation Optional (v. 7):
x86_64: openssl-debuginfo-1.0.1e-51.el7_2.7.i686.rpm openssl-debuginfo-1.0.1e-51.el7_2.7.x86_64.rpm openssl-perl-1.0.1e-51.el7_2.7.x86_64.rpm openssl-static-1.0.1e-51.el7_2.7.i686.rpm openssl-static-1.0.1e-51.el7_2.7.x86_64.rpm
These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key/
- References:
https://access.redhat.com/security/cve/CVE-2016-2177 https://access.redhat.com/security/cve/CVE-2016-2178 https://access.redhat.com/security/cve/CVE-2016-2179 https://access.redhat.com/security/cve/CVE-2016-2180 https://access.redhat.com/security/cve/CVE-2016-2181 https://access.redhat.com/security/cve/CVE-2016-2182 https://access.redhat.com/security/cve/CVE-2016-6302 https://access.redhat.com/security/cve/CVE-2016-6304 https://access.redhat.com/security/cve/CVE-2016-6306 https://access.redhat.com/security/updates/classification/#important https://www.openssl.org/news/secadv/20160922.txt
- Contact:
The Red Hat security contact is secalert@redhat.com. More contact details at https://access.redhat.com/security/team/contact/
Copyright 2016 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1
iD8DBQFX6nnFXlSAg2UNWIIRAqklAJ9uGMit/wxZ0CfuGjR7Vi2+AjmGMwCfTpEI xpTW7ApBLmKhVjs49DGYouI= =4VgY -----END PGP SIGNATURE-----
-- RHSA-announce mailing list RHSA-announce@redhat.com https://www.redhat.com/mailman/listinfo/rhsa-announce . Description:
This release adds the new Apache HTTP Server 2.4.29 packages that are part of the JBoss Core Services offering.
This release serves as a replacement for Red Hat JBoss Core Services Apache HTTP Server 2.4.23, and includes bug fixes and enhancements. Refer to the Release Notes for information on the most significant bug fixes, enhancements and component upgrades included in this release. Solution:
Before applying this update, make sure all previously released errata relevant to your system have been applied. JIRA issues fixed (https://issues.jboss.org/):
JBCS-372 - Errata for httpd 2.4.29 GA RHEL 6
Gentoo Linux Security Advisory GLSA 201612-16
https://security.gentoo.org/
Severity: Normal Title: OpenSSL: Multiple vulnerabilities Date: December 07, 2016 Bugs: #581234, #585142, #585276, #591454, #592068, #592074, #592082, #594500, #595186 ID: 201612-16
Synopsis
Multiple vulnerabilities have been found in OpenSSL, the worst of which allows attackers to conduct a time based side-channel attack.
Affected packages
-------------------------------------------------------------------
Package / Vulnerable / Unaffected
-------------------------------------------------------------------
1 dev-libs/openssl < 1.0.2j >= 1.0.2j
Description
Multiple vulnerabilities have been discovered in OpenSSL. Please review the CVE identifiers and the International Association for Cryptologic Research's (IACR) paper, "Make Sure DSA Signing Exponentiations Really are Constant-Time" for further details.
Workaround
There is no known workaround at this time.
Resolution
All OpenSSL users should upgrade to the latest version:
# emerge --sync # emerge --ask --oneshot --verbose ">=dev-libs/openssl-1.0.2j"
References
[ 1 ] CVE-2016-2105 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-2105 [ 2 ] CVE-2016-2106 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-2106 [ 3 ] CVE-2016-2107 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-2107 [ 4 ] CVE-2016-2108 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-2108 [ 5 ] CVE-2016-2109 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-2109 [ 6 ] CVE-2016-2176 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-2176 [ 7 ] CVE-2016-2177 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-2177 [ 8 ] CVE-2016-2178 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-2178 [ 9 ] CVE-2016-2180 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-2180 [ 10 ] CVE-2016-2183 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-2183 [ 11 ] CVE-2016-6304 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-6304 [ 12 ] CVE-2016-6305 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-6305 [ 13 ] CVE-2016-6306 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-6306 [ 14 ] CVE-2016-7052 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-7052 [ 15 ] Make Sure DSA Signing Exponentiations Really are Constant-Time http://eprint.iacr.org/2016/594.pdf
Availability
This GLSA and any updates to it are available for viewing at the Gentoo Security Website:
https://security.gentoo.org/glsa/201612-16
Concerns?
Security is a primary focus of Gentoo Linux and ensuring the confidentiality and security of our users' machines is of utmost importance to us. Any security concerns should be addressed to security@gentoo.org or alternatively, you may file a bug at https://bugs.gentoo.org.
License
Copyright 2016 Gentoo Foundation, Inc; referenced text belongs to its owner(s).
The contents of this document are licensed under the Creative Commons - Attribution / Share Alike license.
http://creativecommons.org/licenses/by-sa/2.5
. ========================================================================== Ubuntu Security Notice USN-3087-2 September 23, 2016
openssl regression
A security issue affects these releases of Ubuntu and its derivatives:
- Ubuntu 16.04 LTS
- Ubuntu 14.04 LTS
- Ubuntu 12.04 LTS
Summary:
USN-3087-1 introduced a regression in OpenSSL. The fix for CVE-2016-2182 was incomplete and caused a regression when parsing certificates. This update fixes the problem.
We apologize for the inconvenience. This issue has only been addressed in Ubuntu 16.04 LTS in this update. (CVE-2016-2178) Quan Luo discovered that OpenSSL did not properly restrict the lifetime of queue entries in the DTLS implementation. (CVE-2016-2181) Shi Lei discovered that OpenSSL incorrectly validated division results. (CVE-2016-2182) Karthik Bhargavan and Gaetan Leurent discovered that the DES and Triple DES ciphers were vulnerable to birthday attacks. (CVE-2016-2183) Shi Lei discovered that OpenSSL incorrectly handled certain ticket lengths. (CVE-2016-6303) Shi Lei discovered that OpenSSL incorrectly performed certain message length checks. (CVE-2016-6306)
Update instructions:
The problem can be corrected by updating your system to the following package versions:
Ubuntu 16.04 LTS: libssl1.0.0 1.0.2g-1ubuntu4.5
Ubuntu 14.04 LTS: libssl1.0.0 1.0.1f-1ubuntu2.21
Ubuntu 12.04 LTS: libssl1.0.0 1.0.1-4ubuntu5.38
After a standard system update you need to reboot your computer to make all the necessary changes
Show details on source website{
"affected_products": {
"_id": null,
"data": [
{
"_id": null,
"model": "icewall sso",
"scope": "eq",
"trust": 1.0,
"vendor": "hp",
"version": "10.0"
},
{
"_id": null,
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "1.0.1p"
},
{
"_id": null,
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "1.0.1f"
},
{
"_id": null,
"model": "node.js",
"scope": "gte",
"trust": 1.0,
"vendor": "nodejs",
"version": "6.0.0"
},
{
"_id": null,
"model": "node.js",
"scope": "gte",
"trust": 1.0,
"vendor": "nodejs",
"version": "0.10.0"
},
{
"_id": null,
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "1.0.1l"
},
{
"_id": null,
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "1.0.1d"
},
{
"_id": null,
"model": "node.js",
"scope": "gte",
"trust": 1.0,
"vendor": "nodejs",
"version": "5.0.0"
},
{
"_id": null,
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "1.0.1c"
},
{
"_id": null,
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "1.0.2d"
},
{
"_id": null,
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "1.0.1g"
},
{
"_id": null,
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "1.0.2"
},
{
"_id": null,
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "1.0.1s"
},
{
"_id": null,
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "1.0.2b"
},
{
"_id": null,
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "1.0.2c"
},
{
"_id": null,
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "1.0.1q"
},
{
"_id": null,
"model": "node.js",
"scope": "lt",
"trust": 1.0,
"vendor": "nodejs",
"version": "0.10.47"
},
{
"_id": null,
"model": "linux",
"scope": "eq",
"trust": 1.0,
"vendor": "debian",
"version": "8.0"
},
{
"_id": null,
"model": "ubuntu linux",
"scope": "eq",
"trust": 1.0,
"vendor": "canonical",
"version": "12.04"
},
{
"_id": null,
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "1.0.1t"
},
{
"_id": null,
"model": "icewall federation agent",
"scope": "eq",
"trust": 1.0,
"vendor": "hp",
"version": "3.0"
},
{
"_id": null,
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "1.0.2e"
},
{
"_id": null,
"model": "node.js",
"scope": "gte",
"trust": 1.0,
"vendor": "nodejs",
"version": "4.0.0"
},
{
"_id": null,
"model": "ubuntu linux",
"scope": "eq",
"trust": 1.0,
"vendor": "canonical",
"version": "16.04"
},
{
"_id": null,
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "1.0.1b"
},
{
"_id": null,
"model": "ubuntu linux",
"scope": "eq",
"trust": 1.0,
"vendor": "canonical",
"version": "14.04"
},
{
"_id": null,
"model": "node.js",
"scope": "lt",
"trust": 1.0,
"vendor": "nodejs",
"version": "0.12.16"
},
{
"_id": null,
"model": "node.js",
"scope": "gte",
"trust": 1.0,
"vendor": "nodejs",
"version": "0.12.0"
},
{
"_id": null,
"model": "node.js",
"scope": "gte",
"trust": 1.0,
"vendor": "nodejs",
"version": "4.2.0"
},
{
"_id": null,
"model": "suse linux enterprise module for web scripting",
"scope": "eq",
"trust": 1.0,
"vendor": "novell",
"version": "12.0"
},
{
"_id": null,
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "1.0.1h"
},
{
"_id": null,
"model": "icewall mcrp",
"scope": "eq",
"trust": 1.0,
"vendor": "hp",
"version": "3.0"
},
{
"_id": null,
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "1.0.2h"
},
{
"_id": null,
"model": "node.js",
"scope": "lte",
"trust": 1.0,
"vendor": "nodejs",
"version": "4.1.2"
},
{
"_id": null,
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "1.0.1j"
},
{
"_id": null,
"model": "node.js",
"scope": "lt",
"trust": 1.0,
"vendor": "nodejs",
"version": "4.6.0"
},
{
"_id": null,
"model": "node.js",
"scope": "lt",
"trust": 1.0,
"vendor": "nodejs",
"version": "6.7.0"
},
{
"_id": null,
"model": "icewall sso agent option",
"scope": "eq",
"trust": 1.0,
"vendor": "hp",
"version": "10.0"
},
{
"_id": null,
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "1.0.1o"
},
{
"_id": null,
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "1.0.1"
},
{
"_id": null,
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "1.0.1e"
},
{
"_id": null,
"model": "node.js",
"scope": "lte",
"trust": 1.0,
"vendor": "nodejs",
"version": "5.12.0"
},
{
"_id": null,
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "1.0.1a"
},
{
"_id": null,
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "1.0.2f"
},
{
"_id": null,
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "1.0.1i"
},
{
"_id": null,
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "1.0.1r"
},
{
"_id": null,
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "1.0.1k"
},
{
"_id": null,
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "1.0.1n"
},
{
"_id": null,
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "1.0.2a"
},
{
"_id": null,
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "1.0.1m"
},
{
"_id": null,
"model": "ucosminexus application server",
"scope": "eq",
"trust": 0.8,
"vendor": "hitachi",
"version": "(64)"
},
{
"_id": null,
"model": "web server",
"scope": null,
"trust": 0.8,
"vendor": "hitachi",
"version": null
},
{
"_id": null,
"model": "ucosminexus application server",
"scope": "eq",
"trust": 0.8,
"vendor": "hitachi",
"version": "express"
},
{
"_id": null,
"model": "webotx application server",
"scope": "eq",
"trust": 0.8,
"vendor": "nec",
"version": "enterprise v8.2 to v9.4"
},
{
"_id": null,
"model": "ucosminexus developer",
"scope": "eq",
"trust": 0.8,
"vendor": "hitachi",
"version": "professional for plug-in"
},
{
"_id": null,
"model": "ucosminexus service platform",
"scope": "eq",
"trust": 0.8,
"vendor": "hitachi",
"version": "- messaging"
},
{
"_id": null,
"model": "webotx application server",
"scope": "eq",
"trust": 0.8,
"vendor": "nec",
"version": "foundation v8.2 to v8.5"
},
{
"_id": null,
"model": "ucosminexus developer standard",
"scope": null,
"trust": 0.8,
"vendor": "hitachi",
"version": null
},
{
"_id": null,
"model": "ucosminexus service platform",
"scope": "eq",
"trust": 0.8,
"vendor": "hitachi",
"version": "(64)"
},
{
"_id": null,
"model": "ucosminexus developer",
"scope": "eq",
"trust": 0.8,
"vendor": "hitachi",
"version": "01"
},
{
"_id": null,
"model": "enterpriseidentitymanager",
"scope": null,
"trust": 0.8,
"vendor": "nec",
"version": null
},
{
"_id": null,
"model": "icewall sso",
"scope": "eq",
"trust": 0.8,
"vendor": "hewlett packard",
"version": "certd"
},
{
"_id": null,
"model": "ix2000 series",
"scope": null,
"trust": 0.8,
"vendor": "nec",
"version": null
},
{
"_id": null,
"model": "webotx application server",
"scope": "eq",
"trust": 0.8,
"vendor": "nec",
"version": "st ard v8.2 to v9.4"
},
{
"_id": null,
"model": "ucosminexus developer light",
"scope": null,
"trust": 0.8,
"vendor": "hitachi",
"version": null
},
{
"_id": null,
"model": "icewall sso",
"scope": "eq",
"trust": 0.8,
"vendor": "hewlett packard",
"version": "agent option"
},
{
"_id": null,
"model": "ucosminexus application server",
"scope": "eq",
"trust": 0.8,
"vendor": "hitachi",
"version": "none"
},
{
"_id": null,
"model": "express5800",
"scope": "eq",
"trust": 0.8,
"vendor": "nec",
"version": "sg3600 all series"
},
{
"_id": null,
"model": "application server for developers",
"scope": null,
"trust": 0.8,
"vendor": "hitachi",
"version": null
},
{
"_id": null,
"model": "openssl",
"scope": "eq",
"trust": 0.8,
"vendor": "openssl",
"version": "1.0.2i"
},
{
"_id": null,
"model": "linux enterprise module for web scripting",
"scope": null,
"trust": 0.8,
"vendor": "suse",
"version": null
},
{
"_id": null,
"model": "ucosminexus primary server",
"scope": "eq",
"trust": 0.8,
"vendor": "hitachi",
"version": "base"
},
{
"_id": null,
"model": "webotx application server",
"scope": "eq",
"trust": 0.8,
"vendor": "nec",
"version": "express v8.2 to v9.4"
},
{
"_id": null,
"model": "ucosminexus application server",
"scope": "eq",
"trust": 0.8,
"vendor": "hitachi",
"version": "st ard-r"
},
{
"_id": null,
"model": "enterprisedirectoryserver",
"scope": "eq",
"trust": 0.8,
"vendor": "nec",
"version": "v8.0 to v8.1"
},
{
"_id": null,
"model": "ucosminexus primary server",
"scope": "eq",
"trust": 0.8,
"vendor": "hitachi",
"version": "base(64)"
},
{
"_id": null,
"model": "ucosminexus service platform",
"scope": "eq",
"trust": 0.8,
"vendor": "hitachi",
"version": "none"
},
{
"_id": null,
"model": "icewall federation agent",
"scope": null,
"trust": 0.8,
"vendor": "hewlett packard",
"version": null
},
{
"_id": null,
"model": "ix1000 series",
"scope": null,
"trust": 0.8,
"vendor": "nec",
"version": null
},
{
"_id": null,
"model": "cosminexus http server",
"scope": null,
"trust": 0.8,
"vendor": "hitachi",
"version": null
},
{
"_id": null,
"model": "capssuite",
"scope": "eq",
"trust": 0.8,
"vendor": "nec",
"version": "v3.0 to v4.0"
},
{
"_id": null,
"model": "webotx portal",
"scope": "eq",
"trust": 0.8,
"vendor": "nec",
"version": "v8.2 to v9.1"
},
{
"_id": null,
"model": "ucosminexus application server",
"scope": "eq",
"trust": 0.8,
"vendor": "hitachi",
"version": "-r"
},
{
"_id": null,
"model": "ucosminexus service architect",
"scope": null,
"trust": 0.8,
"vendor": "hitachi",
"version": null
},
{
"_id": null,
"model": "ucosminexus application server enterprise",
"scope": null,
"trust": 0.8,
"vendor": "hitachi",
"version": null
},
{
"_id": null,
"model": "esmpro/serveragentservice",
"scope": "eq",
"trust": 0.8,
"vendor": "nec",
"version": "all versions (linux edition )"
},
{
"_id": null,
"model": "openssl",
"scope": "lt",
"trust": 0.8,
"vendor": "openssl",
"version": "1.0.2"
},
{
"_id": null,
"model": "icewall mcrp",
"scope": null,
"trust": 0.8,
"vendor": "hewlett packard",
"version": null
},
{
"_id": null,
"model": "ucosminexus application server standard",
"scope": null,
"trust": 0.8,
"vendor": "hitachi",
"version": null
},
{
"_id": null,
"model": "icewall sso",
"scope": "eq",
"trust": 0.8,
"vendor": "hewlett packard",
"version": "dfw"
},
{
"_id": null,
"model": "ix3000 series",
"scope": null,
"trust": 0.8,
"vendor": "nec",
"version": null
},
{
"_id": null,
"model": "ucosminexus developer",
"scope": "eq",
"trust": 0.8,
"vendor": "hitachi",
"version": "professional"
},
{
"_id": null,
"model": "node.js",
"scope": null,
"trust": 0.8,
"vendor": "node js",
"version": null
},
{
"_id": null,
"model": "ucosminexus developer",
"scope": "eq",
"trust": 0.8,
"vendor": "hitachi",
"version": "none"
},
{
"_id": null,
"model": "ucosminexus application server smart edition",
"scope": null,
"trust": 0.8,
"vendor": "hitachi",
"version": null
},
{
"_id": null,
"model": "application server",
"scope": null,
"trust": 0.8,
"vendor": "hitachi",
"version": null
},
{
"_id": null,
"model": "paging server",
"scope": "eq",
"trust": 0.6,
"vendor": "cisco",
"version": "0"
},
{
"_id": null,
"model": "node.js",
"scope": "eq",
"trust": 0.6,
"vendor": "nodejs",
"version": "6.6.0"
},
{
"_id": null,
"model": "tivoli storage productivity center",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.2.10"
},
{
"_id": null,
"model": "webex centers t32",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"_id": null,
"model": "sdk for node.js",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.2.0.3"
},
{
"_id": null,
"model": "big-ip afm hf6",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.6"
},
{
"_id": null,
"model": "video surveillance series ip cameras",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "30000"
},
{
"_id": null,
"model": "big-ip apm hf8",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.6"
},
{
"_id": null,
"model": "sterling connect:express for unix ifix",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "1.5.0.13150-13"
},
{
"_id": null,
"model": "clean access manager",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"_id": null,
"model": "big-ip gtm hf9",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.4.1"
},
{
"_id": null,
"model": "sdk for node.js",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.2.0.2"
},
{
"_id": null,
"model": "nexus series blade switches 4.1 e1",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "4000"
},
{
"_id": null,
"model": "big-ip ltm hf2",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.5.4"
},
{
"_id": null,
"model": "sdk for node.js",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.2.0.0"
},
{
"_id": null,
"model": "sterling connect:express for unix",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.5.0.9"
},
{
"_id": null,
"model": "big-ip analytics hf1",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "12.0.0"
},
{
"_id": null,
"model": "telepresence content server",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"_id": null,
"model": "proactive network operations center",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"_id": null,
"model": "commerce guided search",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "6.5"
},
{
"_id": null,
"model": "big-ip analytics build",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.5.110.104.180"
},
{
"_id": null,
"model": "big-ip psm",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.4.1"
},
{
"_id": null,
"model": "email gateway",
"scope": "eq",
"trust": 0.3,
"vendor": "mcafee",
"version": "7.6"
},
{
"_id": null,
"model": "unified ip phone",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "69010"
},
{
"_id": null,
"model": "big-ip aam",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.5"
},
{
"_id": null,
"model": "anyconnect secure mobility client for linux",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "4.0.7"
},
{
"_id": null,
"model": "ucs central software",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"_id": null,
"model": "big-ip aam build",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.5.40.1.256"
},
{
"_id": null,
"model": "big-ip afm",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.5.1"
},
{
"_id": null,
"model": "video surveillance media server",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"_id": null,
"model": "sterling connect:express for unix",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.5.0.13"
},
{
"_id": null,
"model": "stealthwatch management console",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"_id": null,
"model": "project openssl 1.0.1e",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"_id": null,
"model": "big-ip link controller",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.5.4"
},
{
"_id": null,
"model": "tivoli provisioning manager for os deployment 5.1.fix pack",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3"
},
{
"_id": null,
"model": "big-ip psm",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "10.2.4"
},
{
"_id": null,
"model": "big-ip asm",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.6.0"
},
{
"_id": null,
"model": "ios and cisco ios xe software",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "16.2"
},
{
"_id": null,
"model": "anyconnect secure mobility client for android",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "4.0.7"
},
{
"_id": null,
"model": "mysql",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "5.6.5"
},
{
"_id": null,
"model": "project openssl 1.0.2g",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"_id": null,
"model": "jabber software development kit",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "11.8"
},
{
"_id": null,
"model": "project openssl 1.0.1a",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"_id": null,
"model": "big-ip ltm build",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.5.110.104.180"
},
{
"_id": null,
"model": "computer telephony integration object server",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"_id": null,
"model": "big-ip afm hf2",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.5.4"
},
{
"_id": null,
"model": "unified workforce optimization",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"_id": null,
"model": "industrial router 1.2.1rb4",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "910"
},
{
"_id": null,
"model": "firepass",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "7.0"
},
{
"_id": null,
"model": "big-ip gtm hf2",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.4.1"
},
{
"_id": null,
"model": "storwize unified",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "v70001.5.0.1"
},
{
"_id": null,
"model": "big-ip analytics hf7",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.5"
},
{
"_id": null,
"model": "big-ip apm hf2",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.5.4"
},
{
"_id": null,
"model": "big-ip apm hf4",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.6"
},
{
"_id": null,
"model": "mysql",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "5.6"
},
{
"_id": null,
"model": "powerkvm",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.1"
},
{
"_id": null,
"model": "big-ip afm hf6",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.4.1"
},
{
"_id": null,
"model": "mysql",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "5.7.14"
},
{
"_id": null,
"model": "sonas",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.5.2.0"
},
{
"_id": null,
"model": "big-ip link controller",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.6.1"
},
{
"_id": null,
"model": "big-ip pem",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.5.4"
},
{
"_id": null,
"model": "big-ip asm hf2",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "12.0.0"
},
{
"_id": null,
"model": "big-ip link controller build",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "12.01.14.628"
},
{
"_id": null,
"model": "big-ip apm hf8",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.4.1"
},
{
"_id": null,
"model": "ip interoperability and collaboration system",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"_id": null,
"model": "asr series",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "50000"
},
{
"_id": null,
"model": "edge digital media player",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "3400"
},
{
"_id": null,
"model": "big-ip ltm",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "10.2.1"
},
{
"_id": null,
"model": "big-ip afm",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "12.1.0"
},
{
"_id": null,
"model": "big-ip afm",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.6.0"
},
{
"_id": null,
"model": "nexus series switches standalone nx-os mode",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "9000-0"
},
{
"_id": null,
"model": "unified contact center enterprise",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"_id": null,
"model": "security network protection",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "5.3.3.1"
},
{
"_id": null,
"model": "nexus series switches standalone nx-os mode 7.0 i5",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "9000-"
},
{
"_id": null,
"model": "big-ip link controller hf2",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "12.0"
},
{
"_id": null,
"model": "vm virtualbox",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "5.0.11"
},
{
"_id": null,
"model": "big-ip link controller hf2",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.4.1"
},
{
"_id": null,
"model": "big-ip aam hf1",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.5.4"
},
{
"_id": null,
"model": "nexus series switches 5.2.8",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "7000"
},
{
"_id": null,
"model": "big-iq device",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "4.5"
},
{
"_id": null,
"model": "anyconnect secure mobility client for desktop platforms",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"_id": null,
"model": "big-ip pem hf6",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.6"
},
{
"_id": null,
"model": "mysql",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "5.6.26"
},
{
"_id": null,
"model": "cognos business intelligence server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "10.1.1"
},
{
"_id": null,
"model": "big-iq device",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "4.2"
},
{
"_id": null,
"model": "smartcloud entry appliance fi",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.2.0.4"
},
{
"_id": null,
"model": "big-ip pem hf2",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.5.3"
},
{
"_id": null,
"model": "sdk for node.js",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "4.6.0.0"
},
{
"_id": null,
"model": "big-ip apm",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.5.0"
},
{
"_id": null,
"model": "big-ip asm",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "12.0"
},
{
"_id": null,
"model": "jabber guest",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"_id": null,
"model": "big-ip asm",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.4.1"
},
{
"_id": null,
"model": "prime license manager",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"_id": null,
"model": "video surveillance ptz ip cameras",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "2.9"
},
{
"_id": null,
"model": "series digital media players 5.3.6 rb3",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "4300"
},
{
"_id": null,
"model": "big-ip afm hf8",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.6"
},
{
"_id": null,
"model": "stealthwatch flowcollector sflow",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"_id": null,
"model": "web security appliance",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"_id": null,
"model": "big-ip aam hf11",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.5.1"
},
{
"_id": null,
"model": "sdk for node.js",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.1.0.0"
},
{
"_id": null,
"model": "visual quality experience server",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"_id": null,
"model": "mysql",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "5.7.11"
},
{
"_id": null,
"model": "commerce guided search",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "6.2.2"
},
{
"_id": null,
"model": "video surveillance series ip cameras",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "60002.9"
},
{
"_id": null,
"model": "content security management appliance",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"_id": null,
"model": "big-ip afm hf1",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.4.1"
},
{
"_id": null,
"model": "agent for openflow",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"_id": null,
"model": "big-ip link controller hf5",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.6.0"
},
{
"_id": null,
"model": "prime collaboration provisioning",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "11.6"
},
{
"_id": null,
"model": "anyconnect secure mobility client for desktop platforms",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "4.4"
},
{
"_id": null,
"model": "commerce experience manager",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "6.3"
},
{
"_id": null,
"model": "storwize unified",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "v70001.5.2.4"
},
{
"_id": null,
"model": "email gateway",
"scope": "eq",
"trust": 0.3,
"vendor": "mcafee",
"version": "7.6.2"
},
{
"_id": null,
"model": "vm virtualbox",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "5.0.8"
},
{
"_id": null,
"model": "flex system manager",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.3.4.0"
},
{
"_id": null,
"model": "rational insight",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.1.1"
},
{
"_id": null,
"model": "big-ip apm hf4",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "12.0"
},
{
"_id": null,
"model": "mysql",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "5.6.15"
},
{
"_id": null,
"model": "big-ip apm hf4",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.4.1"
},
{
"_id": null,
"model": "big-ip apm hf1",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "10.2.1"
},
{
"_id": null,
"model": "big-ip analytics",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.5.4"
},
{
"_id": null,
"model": "ons series multiservice provisioning platforms",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154540"
},
{
"_id": null,
"model": "telepresence sx series ce8.2.2",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"_id": null,
"model": "big-iq device",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "4.4"
},
{
"_id": null,
"model": "big-ip afm",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.5"
},
{
"_id": null,
"model": "prime collaboration assurance",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"_id": null,
"model": "webex meetings client hosted t32",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"_id": null,
"model": "asa next-generation firewall services",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"_id": null,
"model": "big-ip aam hf8",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.4"
},
{
"_id": null,
"model": "big-ip link controller",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.5.3"
},
{
"_id": null,
"model": "big-ip apm hf7",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.6"
},
{
"_id": null,
"model": "big-ip aam hf4",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "12.0"
},
{
"_id": null,
"model": "big-ip aam hf4",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.4.1"
},
{
"_id": null,
"model": "big-ip gtm",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.4"
},
{
"_id": null,
"model": "big-ip afm",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "12.0"
},
{
"_id": null,
"model": "email security appliance",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "10.0.1"
},
{
"_id": null,
"model": "big-ip afm build",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "12.01.14.628"
},
{
"_id": null,
"model": "big-ip asm hf3",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.4.1"
},
{
"_id": null,
"model": "telepresence server on multiparty media",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "8200"
},
{
"_id": null,
"model": "big-ip analytics hf2",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "12.0.0"
},
{
"_id": null,
"model": "big-ip apm",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.5.2"
},
{
"_id": null,
"model": "big-ip aam hf2",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.4"
},
{
"_id": null,
"model": "mysql",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "5.7.9"
},
{
"_id": null,
"model": "big-ip psm hf1",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "10.2.1"
},
{
"_id": null,
"model": "unified communications manager im \u0026 presence service (formerly c",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"_id": null,
"model": "ios and cisco ios xe software",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "16.3"
},
{
"_id": null,
"model": "big-ip analytics",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.6.1"
},
{
"_id": null,
"model": "webex meetings for blackberry",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"_id": null,
"model": "security network protection",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.3.1.5"
},
{
"_id": null,
"model": "big-ip link controller",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.2.1"
},
{
"_id": null,
"model": "big-ip afm hf8",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.4.1"
},
{
"_id": null,
"model": "project openssl 1.0.1g",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"_id": null,
"model": "sdk for node.js",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.1.0.20"
},
{
"_id": null,
"model": "big-ip asm",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.5.1"
},
{
"_id": null,
"model": "big-ip asm hf10",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.4"
},
{
"_id": null,
"model": "big-ip gtm hf10",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.4"
},
{
"_id": null,
"model": "big-ip ltm",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.5.3"
},
{
"_id": null,
"model": "wide area application services",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"_id": null,
"model": "security virtual server protection for vmware",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.1.0.1"
},
{
"_id": null,
"model": "big-ip pem hf9",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.4.1"
},
{
"_id": null,
"model": "big-ip aam hf10",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.5.1"
},
{
"_id": null,
"model": "big-ip gtm hf6",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.6"
},
{
"_id": null,
"model": "big-ip apm",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "10.2.1"
},
{
"_id": null,
"model": "big-ip gtm",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.5.2"
},
{
"_id": null,
"model": "big-ip ltm hf1",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "10.2.1"
},
{
"_id": null,
"model": "storwize unified",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "v70001.5.0.2"
},
{
"_id": null,
"model": "firesight system software",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "6.0.1.3"
},
{
"_id": null,
"model": "big-ip webaccelerator hf1",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "10.2.1"
},
{
"_id": null,
"model": "anyconnect secure mobility client for mac os",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "x4.0.7"
},
{
"_id": null,
"model": "common services platform collector",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "1.11"
},
{
"_id": null,
"model": "cognos business intelligence server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "10.2.1"
},
{
"_id": null,
"model": "big-ip ltm",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.5.1"
},
{
"_id": null,
"model": "big-ip edge gateway",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "10.2.3"
},
{
"_id": null,
"model": "big-ip afm hf5",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.6.0"
},
{
"_id": null,
"model": "partner support service",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "1.0"
},
{
"_id": null,
"model": "media services interface",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"_id": null,
"model": "big-ip link controller",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "12.1.1"
},
{
"_id": null,
"model": "big-ip afm hf11",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.5.1"
},
{
"_id": null,
"model": "mysql",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "5.6.9"
},
{
"_id": null,
"model": "project openssl 1.0.1i",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"_id": null,
"model": "big-ip pem hf10",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.5.1"
},
{
"_id": null,
"model": "cloud web security",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"_id": null,
"model": "prime collaboration assurance",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "11.6"
},
{
"_id": null,
"model": "jabber for iphone and ipad",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"_id": null,
"model": "vm virtualbox",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "5.0"
},
{
"_id": null,
"model": "email gateway 7.6.2h968406",
"scope": null,
"trust": 0.3,
"vendor": "mcafee",
"version": null
},
{
"_id": null,
"model": "unified attendant console advanced",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"_id": null,
"model": "common services platform collector",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"_id": null,
"model": "anyconnect secure mobility client for windows",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"_id": null,
"model": "big-ip link controller hf9",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.4.1"
},
{
"_id": null,
"model": "telepresence mx series ce8.2.2",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"_id": null,
"model": "tivoli provisioning manager for os deployment",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.1"
},
{
"_id": null,
"model": "big-ip ltm hf8",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.6"
},
{
"_id": null,
"model": "big-ip link controller hf6",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.6"
},
{
"_id": null,
"model": "spectrum control",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.2.8"
},
{
"_id": null,
"model": "big-ip apm hf1",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.5.3"
},
{
"_id": null,
"model": "project openssl 1.0.1s",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"_id": null,
"model": "webex meetings client on-premises",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "-0"
},
{
"_id": null,
"model": "unified intelligence center",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "11.6(1)"
},
{
"_id": null,
"model": "services provisioning platform",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"_id": null,
"model": "ucs b-series blade servers",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "3.1.3"
},
{
"_id": null,
"model": "nac appliance clean access manager",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "-0"
},
{
"_id": null,
"model": "storwize unified",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "v70001.5.0.0"
},
{
"_id": null,
"model": "big-ip link controller hf8",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.4"
},
{
"_id": null,
"model": "sterling connect:express for unix",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.4.6"
},
{
"_id": null,
"model": "big-ip afm hf2",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "12.1"
},
{
"_id": null,
"model": "big-ip link controller hf10",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.5.1"
},
{
"_id": null,
"model": "aix",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.2"
},
{
"_id": null,
"model": "telepresence system",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "10000"
},
{
"_id": null,
"model": "tivoli provisioning manager for os deployment build",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.1.20290.1"
},
{
"_id": null,
"model": "jabber for android",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"_id": null,
"model": "asa next-generation firewall services",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "2.1.2"
},
{
"_id": null,
"model": "big-ip apm hf2",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "12.1"
},
{
"_id": null,
"model": "mobilefirst platform foundation",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.3.0.0"
},
{
"_id": null,
"model": "email gateway",
"scope": "eq",
"trust": 0.3,
"vendor": "mcafee",
"version": "7.6.405"
},
{
"_id": null,
"model": "big-ip gtm hf2",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.5.4"
},
{
"_id": null,
"model": "big-ip afm build 685-hf10",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.4.1"
},
{
"_id": null,
"model": "big-ip gtm hf6",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.4.1"
},
{
"_id": null,
"model": "api gateway",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "11.1.2.4.0"
},
{
"_id": null,
"model": "big-ip gtm",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "10.2.2"
},
{
"_id": null,
"model": "big-ip asm",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "10.2.40"
},
{
"_id": null,
"model": "commerce experience manager",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "6.5"
},
{
"_id": null,
"model": "big-iq device hf3",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "4.4"
},
{
"_id": null,
"model": "arx",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "6.4"
},
{
"_id": null,
"model": "big-ip apm hf10",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.5.1"
},
{
"_id": null,
"model": "unified attendant console premium edition",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"_id": null,
"model": "sdk for node.js",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.1.0.7"
},
{
"_id": null,
"model": "big-ip analytics",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.2.1"
},
{
"_id": null,
"model": "services provisioning platform sfp1.1",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"_id": null,
"model": "mysql",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "5.6.8"
},
{
"_id": null,
"model": "mediasense",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"_id": null,
"model": "mysql workbench",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "6.1.5"
},
{
"_id": null,
"model": "big-iq security",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "4.5"
},
{
"_id": null,
"model": "big-ip link controller hf1",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "10.2.1"
},
{
"_id": null,
"model": "video surveillance series high-definition ip cameras",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "40000"
},
{
"_id": null,
"model": "sonas",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.5.2.2"
},
{
"_id": null,
"model": "jabber for android",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "11.8"
},
{
"_id": null,
"model": "big-ip aam hf1",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "12.1"
},
{
"_id": null,
"model": "anyconnect secure mobility client for desktop platforms",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "4.3.4"
},
{
"_id": null,
"model": "series digital media players 5.3.6 rb3",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "4400"
},
{
"_id": null,
"model": "video surveillance series ip cameras",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "30002.9"
},
{
"_id": null,
"model": "sdk for node.js",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.4.1.0"
},
{
"_id": null,
"model": "big-ip dns build",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "12.01.14.628"
},
{
"_id": null,
"model": "big-ip link controller hf2",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.5.4"
},
{
"_id": null,
"model": "mysql",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "5.6.20"
},
{
"_id": null,
"model": "big-ip afm build",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.5.110.104.180"
},
{
"_id": null,
"model": "project openssl 1.0.1r",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"_id": null,
"model": "big-ip pem hf8",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.4.1"
},
{
"_id": null,
"model": "mysql workbench",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "6.3.8"
},
{
"_id": null,
"model": "big-ip dns",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "12.0"
},
{
"_id": null,
"model": "big-ip edge gateway 10.2.3-hf1",
"scope": null,
"trust": 0.3,
"vendor": "f5",
"version": null
},
{
"_id": null,
"model": "cognos metrics manager",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "10.2"
},
{
"_id": null,
"model": "arx",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "6.3"
},
{
"_id": null,
"model": "sdk for node.js",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.2.0.10"
},
{
"_id": null,
"model": "big-ip ltm hf8",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.4.1"
},
{
"_id": null,
"model": "big-ip link controller hf6",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.4.1"
},
{
"_id": null,
"model": "stealthwatch identity",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"_id": null,
"model": "aironet series access points",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "270016.2"
},
{
"_id": null,
"model": "sonas",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.5.2.1"
},
{
"_id": null,
"model": "big-ip asm",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.5.4"
},
{
"_id": null,
"model": "sdk for node.js",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.3.1.0"
},
{
"_id": null,
"model": "big-ip aam hf10",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.4.1"
},
{
"_id": null,
"model": "application policy infrastructure controller",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "2.2(1)"
},
{
"_id": null,
"model": "big-ip ltm hf1",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "12.0.0"
},
{
"_id": null,
"model": "tivoli storage productivity center",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.2.2"
},
{
"_id": null,
"model": "big-iq security",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "4.4"
},
{
"_id": null,
"model": "big-ip pem",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "12.1.0"
},
{
"_id": null,
"model": "big-ip ltm",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "12.0"
},
{
"_id": null,
"model": "big-ip afm hf1",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.5.4"
},
{
"_id": null,
"model": "storwize unified",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "v70001.5.1.0"
},
{
"_id": null,
"model": "big-ip ltm",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.4.1"
},
{
"_id": null,
"model": "big-ip aam hf6",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.6"
},
{
"_id": null,
"model": "big-ip edge gateway",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "10.2.4"
},
{
"_id": null,
"model": "aironet series access points",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "270016.1"
},
{
"_id": null,
"model": "big-ip apm",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.5.1"
},
{
"_id": null,
"model": "unified workforce optimization quality management solution 11.5 su1",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"_id": null,
"model": "show and share",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"_id": null,
"model": "telepresence system ex series tc7.3.7",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"_id": null,
"model": "big-ip wom",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "10.2.2"
},
{
"_id": null,
"model": "mysql",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "5.6.2"
},
{
"_id": null,
"model": "rrdi",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.0.5"
},
{
"_id": null,
"model": "big-ip link controller hf4",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "12.0"
},
{
"_id": null,
"model": "big-ip asm hf5",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.6.0"
},
{
"_id": null,
"model": "tivoli provisioning manager for images",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.1.19"
},
{
"_id": null,
"model": "universal small cell iuh",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"_id": null,
"model": "ucs director",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"_id": null,
"model": "tivoli provisioning manager for images build",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.1.20280.6"
},
{
"_id": null,
"model": "big-ip afm hf3",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "12.0.0"
},
{
"_id": null,
"model": "big-ip pem hf3",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "12.0"
},
{
"_id": null,
"model": "arx",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "6.2"
},
{
"_id": null,
"model": "big-ip asm",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.6.1"
},
{
"_id": null,
"model": "big-ip aam",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.5.3"
},
{
"_id": null,
"model": "sdk for node.js",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.1.0.3"
},
{
"_id": null,
"model": "jabber client framework components",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "11.8"
},
{
"_id": null,
"model": "big-ip analytics hf5",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.6.0"
},
{
"_id": null,
"model": "big-ip aam build",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.66.204.442"
},
{
"_id": null,
"model": "big-ip ltm hf4",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.6.0"
},
{
"_id": null,
"model": "telepresence isdn link",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"_id": null,
"model": "telepresence profile series tc7.3.7",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"_id": null,
"model": "webex meetings client on-premises t32",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"_id": null,
"model": "dcm series d9900 digital content manager",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"_id": null,
"model": "big-ip asm hf1",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "12.0.0"
},
{
"_id": null,
"model": "commerce guided search",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "6.5.1"
},
{
"_id": null,
"model": "big-ip analytics hf3",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.4.1"
},
{
"_id": null,
"model": "big-ip websafe hf1",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "12.0"
},
{
"_id": null,
"model": "big-ip afm hf7",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.6"
},
{
"_id": null,
"model": "unified attendant console business edition",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"_id": null,
"model": "big-ip aam",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.5.1"
},
{
"_id": null,
"model": "nexus series switches",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "70006.2.19"
},
{
"_id": null,
"model": "storwize unified",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "v70001.5.2.3"
},
{
"_id": null,
"model": "big-ip link controller hf10",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.4.1"
},
{
"_id": null,
"model": "big-ip gtm hf2",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.5.3"
},
{
"_id": null,
"model": "big-ip gtm hf1",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "10.2.1"
},
{
"_id": null,
"model": "project openssl 1.0.2i",
"scope": "ne",
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"_id": null,
"model": "sdk for node.js",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.1.0.14"
},
{
"_id": null,
"model": "big-ip gtm build",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.5.110.104.180"
},
{
"_id": null,
"model": "big-ip asm hf1",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "12.1"
},
{
"_id": null,
"model": "big-ip aam hf2",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "12.0.0"
},
{
"_id": null,
"model": "aironet series access points",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "270016.4"
},
{
"_id": null,
"model": "bigfix remote control",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "9.1.2"
},
{
"_id": null,
"model": "powerkvm",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.1"
},
{
"_id": null,
"model": "enterprise manager ops center",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "12.1.4"
},
{
"_id": null,
"model": "big-ip pem",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.5"
},
{
"_id": null,
"model": "big-ip apm hf1",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.4.1"
},
{
"_id": null,
"model": "mds series multilayer switches",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "90000"
},
{
"_id": null,
"model": "big-ip gtm hf5",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.6.0"
},
{
"_id": null,
"model": "prime network services controller 1.01u",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"_id": null,
"model": "big-ip aam hf2",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "12.1"
},
{
"_id": null,
"model": "sdk for node.js",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.2.0.12"
},
{
"_id": null,
"model": "big-ip apm",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.6.0"
},
{
"_id": null,
"model": "big-ip analytics hf6",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.6"
},
{
"_id": null,
"model": "oss support tools",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "8.9.15.9.8"
},
{
"_id": null,
"model": "big-ip wom",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.2.1"
},
{
"_id": null,
"model": "big-ip apm hf10",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.4.1"
},
{
"_id": null,
"model": "firesight system software",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "5.4.0.10"
},
{
"_id": null,
"model": "worklight consumer edition",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.1.0.0"
},
{
"_id": null,
"model": "big-ip link controller hf11",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.5.1"
},
{
"_id": null,
"model": "universal small cell series",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "50000"
},
{
"_id": null,
"model": "telepresence system tx1310",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"_id": null,
"model": "nexus series switches 5.2 sv3",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "1000v"
},
{
"_id": null,
"model": "big-ip aam hf6",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.4.1"
},
{
"_id": null,
"model": "unified communications domain manager",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"_id": null,
"model": "big-ip gtm",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "10.2.3"
},
{
"_id": null,
"model": "telepresence server on multiparty media and",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "3103204.4"
},
{
"_id": null,
"model": "big-ip link controller hf2",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.5.3"
},
{
"_id": null,
"model": "rrdi",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.0.2"
},
{
"_id": null,
"model": "rational insight",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.1.1.4"
},
{
"_id": null,
"model": "tivoli provisioning manager for os deployment build",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "5.1.1051.08"
},
{
"_id": null,
"model": "security network protection",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.3.1.10"
},
{
"_id": null,
"model": "project openssl 1.0.2h",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"_id": null,
"model": "nac guest server",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"_id": null,
"model": "enterprise content delivery system",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"_id": null,
"model": "email security appliance",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"_id": null,
"model": "security network protection",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.3.1"
},
{
"_id": null,
"model": "cognos business intelligence server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "10.2.11"
},
{
"_id": null,
"model": "anyconnect secure mobility client for linux",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"_id": null,
"model": "security network protection",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.3.1.1"
},
{
"_id": null,
"model": "telepresence system ex series",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"_id": null,
"model": "prime collaboration deployment",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"_id": null,
"model": "big-ip ltm hf4",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "12.0"
},
{
"_id": null,
"model": "webex business suite",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"_id": null,
"model": "big-ip asm",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.5.3"
},
{
"_id": null,
"model": "big-ip aam hf7",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.6"
},
{
"_id": null,
"model": "dx series ip phones",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"_id": null,
"model": "ios and cisco ios xe software",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "15.5(3)"
},
{
"_id": null,
"model": "vm virtualbox",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "5.0.18"
},
{
"_id": null,
"model": "big-ip ltm hf2",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.4"
},
{
"_id": null,
"model": "anyconnect secure mobility client for android",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"_id": null,
"model": "sdk for node.js",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.1.0.19"
},
{
"_id": null,
"model": "nexus series blade switches",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "40000"
},
{
"_id": null,
"model": "telepresence server on multiparty media",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "8204.4"
},
{
"_id": null,
"model": "big-iq device",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "4.3"
},
{
"_id": null,
"model": "big-ip pem hf2",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.5.4"
},
{
"_id": null,
"model": "sdk for node.js",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.5.0.0"
},
{
"_id": null,
"model": "big-ip apm hf5",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.6"
},
{
"_id": null,
"model": "sterling connect:express for unix",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.5.0.11"
},
{
"_id": null,
"model": "telepresence system",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "500-376.1"
},
{
"_id": null,
"model": "big-ip link controller",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.4"
},
{
"_id": null,
"model": "big-ip apm",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "12.0"
},
{
"_id": null,
"model": "jabber for windows",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "11.8"
},
{
"_id": null,
"model": "big-ip apm",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.4.1"
},
{
"_id": null,
"model": "telepresence profile series ce8.2.2",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"_id": null,
"model": "big-ip analytics hf7",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.6"
},
{
"_id": null,
"model": "enterprise manager base platform",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "13.1.0.0"
},
{
"_id": null,
"model": "big-ip analytics hf6",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.4.1"
},
{
"_id": null,
"model": "big-ip aam",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.4.0"
},
{
"_id": null,
"model": "mysql",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "5.6.10"
},
{
"_id": null,
"model": "big-ip afm",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.5.3"
},
{
"_id": null,
"model": "ace30 application control engine module",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"_id": null,
"model": "big-ip analytics hf1",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.5.3"
},
{
"_id": null,
"model": "vm virtualbox",
"scope": "ne",
"trust": 0.3,
"vendor": "oracle",
"version": "5.0.28"
},
{
"_id": null,
"model": "edge digital media player 1.6rb5",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "300"
},
{
"_id": null,
"model": "mysql",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "5.7.12"
},
{
"_id": null,
"model": "unified ip phone",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "69450"
},
{
"_id": null,
"model": "big-ip gtm hf4",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.6.0"
},
{
"_id": null,
"model": "big-ip apm",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "10.2.4"
},
{
"_id": null,
"model": "big-ip afm hf2",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.4"
},
{
"_id": null,
"model": "sdk for node.js",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.4.0.0"
},
{
"_id": null,
"model": "telepresence isdn gateway mse",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "83210"
},
{
"_id": null,
"model": "storwize unified",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "v70001.6.1.0"
},
{
"_id": null,
"model": "jabber software development kit",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"_id": null,
"model": "wireless lan controller",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "8.4"
},
{
"_id": null,
"model": "uc integration for microsoft lync",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "11.6.3"
},
{
"_id": null,
"model": "sdk for node.js",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.4.5.0"
},
{
"_id": null,
"model": "rational application developer for websphere software",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "9.1"
},
{
"_id": null,
"model": "big-ip websafe",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.6"
},
{
"_id": null,
"model": "email gateway",
"scope": "eq",
"trust": 0.3,
"vendor": "mcafee",
"version": "7.6.404"
},
{
"_id": null,
"model": "big-ip apm hf2",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.4"
},
{
"_id": null,
"model": "unified contact center enterprise",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "11.6.1"
},
{
"_id": null,
"model": "telepresence system tx1310",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "6.1"
},
{
"_id": null,
"model": "tivoli provisioning manager for os deployment build",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.1.151.05"
},
{
"_id": null,
"model": "spa112 2-port phone adapter",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "1.4.2"
},
{
"_id": null,
"model": "connected grid routers",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "7.3"
},
{
"_id": null,
"model": "commerce experience manager",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "6.4.1.2"
},
{
"_id": null,
"model": "enterprise manager base platform",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "12.1"
},
{
"_id": null,
"model": "i",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.3"
},
{
"_id": null,
"model": "big-ip pem",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.4"
},
{
"_id": null,
"model": "big-ip gtm hf8",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.4"
},
{
"_id": null,
"model": "mysql",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "5.6.33"
},
{
"_id": null,
"model": "big-ip aam",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "12.0"
},
{
"_id": null,
"model": "big-ip aam",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.4.1"
},
{
"_id": null,
"model": "big-ip ltm hf9",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.4.1"
},
{
"_id": null,
"model": "big-ip gtm",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.5"
},
{
"_id": null,
"model": "telepresence mx series tc7.3.7",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"_id": null,
"model": "big-ip asm",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "12.1.1"
},
{
"_id": null,
"model": "ip interoperability and collaboration system",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "5.0(1)"
},
{
"_id": null,
"model": "big-ip afm hf9",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.4"
},
{
"_id": null,
"model": "big-ip webaccelerator",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "10.2.2"
},
{
"_id": null,
"model": "project openssl 1.0.1c",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"_id": null,
"model": "spa122 analog telephone adapter with router",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"_id": null,
"model": "big-ip link controller hf3",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "12.0"
},
{
"_id": null,
"model": "big-ip aam hf3",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.4.1"
},
{
"_id": null,
"model": "big-ip link controller hf3",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.4.1"
},
{
"_id": null,
"model": "big-ip ltm hf5",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.4.1"
},
{
"_id": null,
"model": "big-ip apm hf9",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.4.1"
},
{
"_id": null,
"model": "universal small cell series",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "50003.4.2.0"
},
{
"_id": null,
"model": "security guardium",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "10.0.1"
},
{
"_id": null,
"model": "big-ip asm hf4",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.6.0"
},
{
"_id": null,
"model": "big-ip link controller",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.5.2"
},
{
"_id": null,
"model": "uc integration for microsoft lync",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"_id": null,
"model": "connected grid routers",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"_id": null,
"model": "openssh for gpfs for windows",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.5"
},
{
"_id": null,
"model": "big-ip ltm hf10",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.4.1"
},
{
"_id": null,
"model": "big-ip edge gateway",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "10.2.1"
},
{
"_id": null,
"model": "big-ip apm hf5",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.4.1"
},
{
"_id": null,
"model": "project openssl 1.0.1f",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"_id": null,
"model": "big-ip asm hf2",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.5.3"
},
{
"_id": null,
"model": "email gateway",
"scope": "eq",
"trust": 0.3,
"vendor": "mcafee",
"version": "7.6.401"
},
{
"_id": null,
"model": "project openssl 1.0.2a",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"_id": null,
"model": "security network protection",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.3.1.8"
},
{
"_id": null,
"model": "sdk for node.js",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.1.0.15"
},
{
"_id": null,
"model": "bigfix remote control",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "9.1.3"
},
{
"_id": null,
"model": "unity express",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"_id": null,
"model": "mysql",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "5.6.7"
},
{
"_id": null,
"model": "project openssl 1.0.2f",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"_id": null,
"model": "mysql",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "5.6.21"
},
{
"_id": null,
"model": "big-ip afm hf1",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "12.1"
},
{
"_id": null,
"model": "telepresence system",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "13000"
},
{
"_id": null,
"model": "big-ip link controller hf1",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.4.1"
},
{
"_id": null,
"model": "big-ip gtm hf4",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.4.1"
},
{
"_id": null,
"model": "worklight enterprise edition",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.1.0.0"
},
{
"_id": null,
"model": "big-ip afm",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "12.1.1"
},
{
"_id": null,
"model": "big-ip ltm",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.5.4"
},
{
"_id": null,
"model": "tivoli provisioning manager for images",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.1.0"
},
{
"_id": null,
"model": "tandberg codian isdn gateway",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"_id": null,
"model": "email gateway 7.6.405h1165239",
"scope": null,
"trust": 0.3,
"vendor": "mcafee",
"version": null
},
{
"_id": null,
"model": "jabber guest",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "11"
},
{
"_id": null,
"model": "big-ip asm hf3",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "12.0.0"
},
{
"_id": null,
"model": "big-ip aam hf9",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.4"
},
{
"_id": null,
"model": "vm virtualbox",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "5.0.9"
},
{
"_id": null,
"model": "big-ip websafe",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "12.0"
},
{
"_id": null,
"model": "digital media manager 5.3.6 rb3",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"_id": null,
"model": "sdk for node.js",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.4.4.0"
},
{
"_id": null,
"model": "big-ip webaccelerator",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.2.1"
},
{
"_id": null,
"model": "big-ip analytics",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.4"
},
{
"_id": null,
"model": "series digital media players",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "44000"
},
{
"_id": null,
"model": "big-ip asm hf8",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.4"
},
{
"_id": null,
"model": "ata series analog terminal adaptors",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "1901.3"
},
{
"_id": null,
"model": "prime network services controller",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"_id": null,
"model": "ata series analog terminal adaptors",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "1900"
},
{
"_id": null,
"model": "asr series",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "500021.2"
},
{
"_id": null,
"model": "project openssl 1.0.1t",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"_id": null,
"model": "big-iq cloud hf2",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "4.4"
},
{
"_id": null,
"model": "ons series multiservice provisioning platforms",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "1545410.7"
},
{
"_id": null,
"model": "sterling connect:express for unix",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.5.0.12"
},
{
"_id": null,
"model": "big-ip asm build",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.5.40.1.256"
},
{
"_id": null,
"model": "big-ip ltm",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.6.1"
},
{
"_id": null,
"model": "big-ip link controller",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "10.2.2"
},
{
"_id": null,
"model": "telepresence system series",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "30000"
},
{
"_id": null,
"model": "cognos metrics manager",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "10.1.1"
},
{
"_id": null,
"model": "tivoli provisioning manager for os deployment",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.1.19"
},
{
"_id": null,
"model": "security network protection",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.3.2.3"
},
{
"_id": null,
"model": "worklight consumer edition",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.1.0.2"
},
{
"_id": null,
"model": "big-ip gtm hf7",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.6"
},
{
"_id": null,
"model": "hosted collaboration mediation fulfillment",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"_id": null,
"model": "big-ip apm hf1",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.5.4"
},
{
"_id": null,
"model": "unified communications manager session management edition",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"_id": null,
"model": "mysql",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "5.6.19"
},
{
"_id": null,
"model": "smartcloud entry",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.4.0"
},
{
"_id": null,
"model": "big-ip ltm hf11",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.5.1"
},
{
"_id": null,
"model": "big-ip apm build",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.5.110.104.180"
},
{
"_id": null,
"model": "project openssl",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "1.0.2"
},
{
"_id": null,
"model": "security guardium",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "10.1.2"
},
{
"_id": null,
"model": "mysql",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "5.6.25"
},
{
"_id": null,
"model": "mobilefirst platform foundation",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.0.0"
},
{
"_id": null,
"model": "big-ip aam build",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "12.01.14.628"
},
{
"_id": null,
"model": "webex meetings server multimedia platform",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "-0"
},
{
"_id": null,
"model": "nexus series switches",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "70000"
},
{
"_id": null,
"model": "rational insight",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.1.1.7"
},
{
"_id": null,
"model": "big-ip afm",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.4.1"
},
{
"_id": null,
"model": "unified ip conference phone 10.3.1sr4",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "8831"
},
{
"_id": null,
"model": "prime network registrar",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "8.3.5"
},
{
"_id": null,
"model": "big-ip analytics hf1",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.4.1"
},
{
"_id": null,
"model": "project openssl 1.0.2d",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"_id": null,
"model": "series stackable managed switches",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "5000"
},
{
"_id": null,
"model": "big-ip analytics",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.5.2"
},
{
"_id": null,
"model": "big-ip afm hf10",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.5.1"
},
{
"_id": null,
"model": "prime access registrar",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"_id": null,
"model": "unified intelligent contact management enterprise",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "11.6.1"
},
{
"_id": null,
"model": "stealthwatch flowcollector netflow",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"_id": null,
"model": "email gateway",
"scope": "eq",
"trust": 0.3,
"vendor": "mcafee",
"version": "7.6.3.2"
},
{
"_id": null,
"model": "sdk for node.js",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.4.3.0"
},
{
"_id": null,
"model": "ucs manager",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"_id": null,
"model": "rrdi",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.0.1"
},
{
"_id": null,
"model": "big-ip edge gateway hf1",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "10.2.1"
},
{
"_id": null,
"model": "mysql",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "5.6.11"
},
{
"_id": null,
"model": "big-ip ltm",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "10.2.2"
},
{
"_id": null,
"model": "big-ip gtm hf1",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.4.1"
},
{
"_id": null,
"model": "webex meetings server",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "1.0"
},
{
"_id": null,
"model": "network analysis module",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "6.2(2)"
},
{
"_id": null,
"model": "big-ip apm hf6",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.6"
},
{
"_id": null,
"model": "big-ip gtm hf9",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.4"
},
{
"_id": null,
"model": "video surveillance 4300e and 4500e high-definition ip cameras",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"_id": null,
"model": "big-iq security",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "4.3"
},
{
"_id": null,
"model": "unified attendant console department edition",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"_id": null,
"model": "ip series phones",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "78000"
},
{
"_id": null,
"model": "aironet series access points",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "27000"
},
{
"_id": null,
"model": "onepk all-in-one virtual machine",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"_id": null,
"model": "big-ip link controller hf5",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.4.1"
},
{
"_id": null,
"model": "big-ip ltm hf7",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.4"
},
{
"_id": null,
"model": "big-iq centralized management",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "5.1"
},
{
"_id": null,
"model": "big-ip psm",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.4"
},
{
"_id": null,
"model": "big-ip pem hf2",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "12.1"
},
{
"_id": null,
"model": "big-iq cloud hf3",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "4.4"
},
{
"_id": null,
"model": "storwize unified",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "v70001.6.0.1"
},
{
"_id": null,
"model": "industrial router",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "9100"
},
{
"_id": null,
"model": "big-ip asm hf6",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.6"
},
{
"_id": null,
"model": "email gateway",
"scope": "eq",
"trust": 0.3,
"vendor": "mcafee",
"version": "7.6.1"
},
{
"_id": null,
"model": "tivoli storage productivity center",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.2"
},
{
"_id": null,
"model": "big-ip ltm hf2",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "12.0.0"
},
{
"_id": null,
"model": "big-ip asm hf11",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.5.1"
},
{
"_id": null,
"model": "big-ip asm hf2",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.4.1"
},
{
"_id": null,
"model": "big-ip asm hf9",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.4.1"
},
{
"_id": null,
"model": "unified intelligence center",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"_id": null,
"model": "big-ip afm hf4",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.6.0"
},
{
"_id": null,
"model": "big-ip apm",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.5.4"
},
{
"_id": null,
"model": "security network protection",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.3.2"
},
{
"_id": null,
"model": "aix",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.1"
},
{
"_id": null,
"model": "video distribution suite for internet streaming",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"_id": null,
"model": "big-ip ltm hf2",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "12.1"
},
{
"_id": null,
"model": "telepresence system",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "13006.1"
},
{
"_id": null,
"model": "sdk for node.js",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "6.7.0.0"
},
{
"_id": null,
"model": "tivoli storage productivity center",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.2.7.1"
},
{
"_id": null,
"model": "tivoli provisioning manager for os deployment",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.1.116"
},
{
"_id": null,
"model": "cloupia unified infrastructure controller",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"_id": null,
"model": "nexus series switches",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "50000"
},
{
"_id": null,
"model": "telepresence system",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "11006.1"
},
{
"_id": null,
"model": "big-ip ltm",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.2.1"
},
{
"_id": null,
"model": "flex system manager",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.3.20"
},
{
"_id": null,
"model": "packaged contact center enterprise",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"_id": null,
"model": "agent desktop for cisco unified contact center express",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"_id": null,
"model": "mobilefirst platform foundation",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.0.0.0"
},
{
"_id": null,
"model": "smartcloud entry",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.1"
},
{
"_id": null,
"model": "big-ip gtm hf2",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.4"
},
{
"_id": null,
"model": "big-ip pem hf8",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.6"
},
{
"_id": null,
"model": "video surveillance series ip cameras",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "70000"
},
{
"_id": null,
"model": "adaptive security appliance",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"_id": null,
"model": "secure global desktop",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "5.2"
},
{
"_id": null,
"model": "telepresence sx series tc7.3.7",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"_id": null,
"model": "cognos metrics manager",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "10.2.1"
},
{
"_id": null,
"model": "tivoli storage productivity center",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.2.5"
},
{
"_id": null,
"model": "big-ip dns",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "12.1.1"
},
{
"_id": null,
"model": "big-ip apm hf8",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.4"
},
{
"_id": null,
"model": "big-ip afm hf2",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "12.0.0"
},
{
"_id": null,
"model": "project openssl 1.0.1n",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"_id": null,
"model": "big-ip apm",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.6.1"
},
{
"_id": null,
"model": "big-ip aam",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.5.4"
},
{
"_id": null,
"model": "nac appliance clean access server",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "-0"
},
{
"_id": null,
"model": "project openssl 1.0.1o",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"_id": null,
"model": "big-ip asm hf1",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "10.2.1"
},
{
"_id": null,
"model": "big-ip apm hf6",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.4.1"
},
{
"_id": null,
"model": "big-ip aam hf5",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.6.0"
},
{
"_id": null,
"model": "webex meetings for windows phone",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "80"
},
{
"_id": null,
"model": "video surveillance series ip cameras",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "60000"
},
{
"_id": null,
"model": "sdk for node.js",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "1.1.1.4"
},
{
"_id": null,
"model": "big-ip gtm",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "10.2.1"
},
{
"_id": null,
"model": "firesight system software",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "6.1.0.1"
},
{
"_id": null,
"model": "big-ip ltm build 685-hf10",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.4.1"
},
{
"_id": null,
"model": "big-ip link controller",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "10.2.3"
},
{
"_id": null,
"model": "big-ip analytics hf4",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.6"
},
{
"_id": null,
"model": "spa232d multi-line dect analog telephone adapter",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"_id": null,
"model": "sdk for node.js",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.1.1.1"
},
{
"_id": null,
"model": "prime optical for service providers",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"_id": null,
"model": "smart care",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"_id": null,
"model": "sdk for node.js",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.4.6.0"
},
{
"_id": null,
"model": "big-ip ltm hf6",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.6"
},
{
"_id": null,
"model": "big-ip ltm hf11",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.4.1"
},
{
"_id": null,
"model": "big-ip link controller hf2",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.4"
},
{
"_id": null,
"model": "universal small cell cloudbase factory recovery root filesystem",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.99.4"
},
{
"_id": null,
"model": "security network protection",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "5.3.1.11"
},
{
"_id": null,
"model": "edge digital media player 1.2rb1.0.3",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "340"
},
{
"_id": null,
"model": "network performance analysis",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"_id": null,
"model": "big-ip ltm",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "12.1.1"
},
{
"_id": null,
"model": "nexus series switches",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "60006.2.19"
},
{
"_id": null,
"model": "big-ip asm hf6",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.4.1"
},
{
"_id": null,
"model": "rrdi",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.0"
},
{
"_id": null,
"model": "unified ip conference phone for third-party call control",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "88310"
},
{
"_id": null,
"model": "big-ip afm hf4",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "12.0"
},
{
"_id": null,
"model": "big-ip afm hf4",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.4.1"
},
{
"_id": null,
"model": "project openssl 1.0.2e",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"_id": null,
"model": "big-ip link controller hf4",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.6"
},
{
"_id": null,
"model": "big-ip pem",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.5.1"
},
{
"_id": null,
"model": "big-ip afm hf10",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.4.1"
},
{
"_id": null,
"model": "big-ip aam hf1",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "12.0.0"
},
{
"_id": null,
"model": "sonas",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "1.5.2.5"
},
{
"_id": null,
"model": "storwize unified",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "v70001.5.2.0"
},
{
"_id": null,
"model": "big-ip asm",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.4"
},
{
"_id": null,
"model": "security guardium",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "10.1"
},
{
"_id": null,
"model": "big-ip analytics build",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.5.40.1.256"
},
{
"_id": null,
"model": "big-ip afm hf5",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.4.1"
},
{
"_id": null,
"model": "big-ip aam",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.6.1"
},
{
"_id": null,
"model": "project openssl 1.0.1q",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"_id": null,
"model": "spectrum control",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.2.10"
},
{
"_id": null,
"model": "webex meetings for windows phone",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "82.8"
},
{
"_id": null,
"model": "universal small cell cloudbase factory recovery root filesystem",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"_id": null,
"model": "mysql",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "5.7.7"
},
{
"_id": null,
"model": "big-ip analytics hf2",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.4.1"
},
{
"_id": null,
"model": "smartcloud entry",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.3.0"
},
{
"_id": null,
"model": "big-ip link controller hf1",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.5.4"
},
{
"_id": null,
"model": "secure access control system",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "5.8.0.32.7"
},
{
"_id": null,
"model": "big-ip link controller",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "12.1.0"
},
{
"_id": null,
"model": "telepresence integrator c series ce8.2.2",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"_id": null,
"model": "enterprise linux",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "5"
},
{
"_id": null,
"model": "big-ip aam build",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.5.110.104.180"
},
{
"_id": null,
"model": "tivoli provisioning manager for os deployment intirim fix",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.133"
},
{
"_id": null,
"model": "secure global desktop",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "5.3"
},
{
"_id": null,
"model": "sdk for node.js",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.2.0.9"
},
{
"_id": null,
"model": "big-ip apm hf3",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.6"
},
{
"_id": null,
"model": "cognos business intelligence server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "10.2.2"
},
{
"_id": null,
"model": "big-ip pem hf1",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.5.4"
},
{
"_id": null,
"model": "webex meetings client hosted",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "-0"
},
{
"_id": null,
"model": "rational insight",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.1.13"
},
{
"_id": null,
"model": "big-ip ltm build",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.5.40.1.256"
},
{
"_id": null,
"model": "content security management appliance",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "6.1.140"
},
{
"_id": null,
"model": "mysql",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "5.7.8"
},
{
"_id": null,
"model": "big-ip aam hf5",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.4.1"
},
{
"_id": null,
"model": "security virtual server protection for vmware",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.1"
},
{
"_id": null,
"model": "rrdi",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.0"
},
{
"_id": null,
"model": "stealthwatch udp director",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"_id": null,
"model": "big-ip psm",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "10.2.2"
},
{
"_id": null,
"model": "intrusion prevention system solutions",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"_id": null,
"model": "big-ip apm",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.5.3"
},
{
"_id": null,
"model": "big-iq centralized management",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "4.6"
},
{
"_id": null,
"model": "unified ip conference phone",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "88310"
},
{
"_id": null,
"model": "nexus series switches 5.2.8",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "6000"
},
{
"_id": null,
"model": "security network protection",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.3.2.1"
},
{
"_id": null,
"model": "big-ip ltm hf1",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.5.3"
},
{
"_id": null,
"model": "big-ip analytics hf4",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.4.1"
},
{
"_id": null,
"model": "mysql",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "5.6.14"
},
{
"_id": null,
"model": "big-ip analytics hf10",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.4.1"
},
{
"_id": null,
"model": "smartcloud entry appliance fp",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.1.0.4"
},
{
"_id": null,
"model": "big-ip ltm hf6",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.4.1"
},
{
"_id": null,
"model": "big-ip ltm hf3",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "12.0.0"
},
{
"_id": null,
"model": "big-ip pem",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.6.0"
},
{
"_id": null,
"model": "big-ip link controller hf7",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.5"
},
{
"_id": null,
"model": "big-ip analytics build 685-hf10",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.4.1"
},
{
"_id": null,
"model": "jabber client framework components",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"_id": null,
"model": "prime ip express",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"_id": null,
"model": "unified sip proxy software",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "10"
},
{
"_id": null,
"model": "tivoli storage productivity center",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.2.4"
},
{
"_id": null,
"model": "big-ip analytics",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.5.1"
},
{
"_id": null,
"model": "big-ip apm hf1",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "12.1"
},
{
"_id": null,
"model": "big-ip websafe",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.6.1"
},
{
"_id": null,
"model": "aix",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.3"
},
{
"_id": null,
"model": "big-ip pem hf10",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.4.1"
},
{
"_id": null,
"model": "mysql workbench",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "6.1.4"
},
{
"_id": null,
"model": "big-ip link controller hf4",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.4.1"
},
{
"_id": null,
"model": "big-ip link controller",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.5"
},
{
"_id": null,
"model": "big-ip apm",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.2.1"
},
{
"_id": null,
"model": "security manager",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"_id": null,
"model": "netflow generation appliance",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"_id": null,
"model": "big-ip afm hf8",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.4"
},
{
"_id": null,
"model": "email gateway",
"scope": "eq",
"trust": 0.3,
"vendor": "mcafee",
"version": "7.6.403"
},
{
"_id": null,
"model": "jabber for mac",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "11.8"
},
{
"_id": null,
"model": "big-ip afm",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.5.4"
},
{
"_id": null,
"model": "big-ip analytics hf1",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.5.4"
},
{
"_id": null,
"model": "unified sip proxy software",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"_id": null,
"model": "unified ip phone",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "99510"
},
{
"_id": null,
"model": "sdk for node.js",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.1.1.3"
},
{
"_id": null,
"model": "unified ip phone",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "89450"
},
{
"_id": null,
"model": "telepresence supervisor mse",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "80500"
},
{
"_id": null,
"model": "tivoli provisioning manager for os deployment build",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.1.20280.6"
},
{
"_id": null,
"model": "telepresence server and mse",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "701087104.4"
},
{
"_id": null,
"model": "vm virtualbox",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "5.0.10"
},
{
"_id": null,
"model": "mysql",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "5.6.6"
},
{
"_id": null,
"model": "rational insight",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.1.12"
},
{
"_id": null,
"model": "ucs series and series fabric interconnects",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "620063000"
},
{
"_id": null,
"model": "big-ip apm hf3",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "12.0"
},
{
"_id": null,
"model": "commerce experience manager",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "6.2.2"
},
{
"_id": null,
"model": "big-ip apm hf3",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.4.1"
},
{
"_id": null,
"model": "webex meeting center",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"_id": null,
"model": "rational insight",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.1.11"
},
{
"_id": null,
"model": "big-ip aam hf2",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.5.3"
},
{
"_id": null,
"model": "rrdi",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.0.4"
},
{
"_id": null,
"model": "sdk for node.js",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.6.0.0"
},
{
"_id": null,
"model": "big-ip gtm hf1",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.5.4"
},
{
"_id": null,
"model": "big-ip analytics hf8",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.4"
},
{
"_id": null,
"model": "big-ip gtm",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.5.1"
},
{
"_id": null,
"model": "big-ip apm",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "12.1.1"
},
{
"_id": null,
"model": "big-ip analytics",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "12.1.0"
},
{
"_id": null,
"model": "sdk for node.js",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.2.0.1"
},
{
"_id": null,
"model": "big-ip analytics",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.6.0"
},
{
"_id": null,
"model": "big-ip pem",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "12.0"
},
{
"_id": null,
"model": "big-ip afm",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.6.1"
},
{
"_id": null,
"model": "lotus protector for mail security",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.8.3.0"
},
{
"_id": null,
"model": "netflow generation appliance",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "1.1(1)"
},
{
"_id": null,
"model": "sdk for node.js",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.2.0.8"
},
{
"_id": null,
"model": "vm virtualbox",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "5.0.13"
},
{
"_id": null,
"model": "commerce guided search",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "6.5.2"
},
{
"_id": null,
"model": "mysql",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "5.7.6"
},
{
"_id": null,
"model": "security network protection",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.3.2.2"
},
{
"_id": null,
"model": "sdk for node.js",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.1.0.6"
},
{
"_id": null,
"model": "secure global desktop",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "4.71"
},
{
"_id": null,
"model": "sdk for node.js",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.2.0.11"
},
{
"_id": null,
"model": "big-iq cloud",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "4.0"
},
{
"_id": null,
"model": "big-ip link controller hf1",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.5.3"
},
{
"_id": null,
"model": "big-ip asm",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "10.2.2"
},
{
"_id": null,
"model": "big-ip apm hf11",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.5.1"
},
{
"_id": null,
"model": "socialminer",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"_id": null,
"model": "big-ip asm hf5",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.4.1"
},
{
"_id": null,
"model": "big-ip link controller hf9",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.4"
},
{
"_id": null,
"model": "powerkvm update",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "2.1.1.3-6513"
},
{
"_id": null,
"model": "mysql",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "5.6.28"
},
{
"_id": null,
"model": "big-ip pem hf2",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.4"
},
{
"_id": null,
"model": "sdk for node.js",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.3.2.0"
},
{
"_id": null,
"model": "big-ip asm hf2",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.5.4"
},
{
"_id": null,
"model": "webex meetings server",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.0"
},
{
"_id": null,
"model": "big-ip pem hf1",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.5.3"
},
{
"_id": null,
"model": "spa112 2-port phone adapter",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"_id": null,
"model": "intracer",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"_id": null,
"model": "video surveillance series high-definition ip cameras",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "40002.9"
},
{
"_id": null,
"model": "mysql",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "5.6.29"
},
{
"_id": null,
"model": "sdk for node.js",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.1.0.18"
},
{
"_id": null,
"model": "big-ip dns hf1",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "12.0.0"
},
{
"_id": null,
"model": "big-ip analytics hf5",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.4.1"
},
{
"_id": null,
"model": "big-ip ltm hf4",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.4.1"
},
{
"_id": null,
"model": "tivoli provisioning manager for os deployment build",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.1.1051.07"
},
{
"_id": null,
"model": "rrdi",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.0.3"
},
{
"_id": null,
"model": "big-ip apm",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.4.0"
},
{
"_id": null,
"model": "big-ip aam",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "12.1.1"
},
{
"_id": null,
"model": "big-ip asm hf10",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.5.1"
},
{
"_id": null,
"model": "jabber for windows",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"_id": null,
"model": "oss support tools",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "8.8.15.7.15"
},
{
"_id": null,
"model": "big-ip aam hf8",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.6"
},
{
"_id": null,
"model": "sonas",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.5.1.3"
},
{
"_id": null,
"model": "big-ip gtm",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.6.0"
},
{
"_id": null,
"model": "prime infrastructure",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "3.2"
},
{
"_id": null,
"model": "telepresence video communication server",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"_id": null,
"model": "video surveillance 4300e and 4500e high-definition ip cameras",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "2.9"
},
{
"_id": null,
"model": "big-ip analytics",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.5"
},
{
"_id": null,
"model": "big-ip psm",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "10.2.3"
},
{
"_id": null,
"model": "big-ip asm build",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.66.204.442"
},
{
"_id": null,
"model": "powerkvm update",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "3.1.0.23"
},
{
"_id": null,
"model": "computer telephony integration object server",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "11.6.1"
},
{
"_id": null,
"model": "telepresence system",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "11000"
},
{
"_id": null,
"model": "big-ip gtm hf5",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.4.1"
},
{
"_id": null,
"model": "centos",
"scope": "eq",
"trust": 0.3,
"vendor": "centos",
"version": "7"
},
{
"_id": null,
"model": "telepresence sx series",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"_id": null,
"model": "big-ip asm",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.2.1"
},
{
"_id": null,
"model": "big-ip analytics",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "12.0"
},
{
"_id": null,
"model": "big-iq cloud",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "4.2"
},
{
"_id": null,
"model": "telepresence server on multiparty media and",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "3103200"
},
{
"_id": null,
"model": "big-ip ltm hf1",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.4.1"
},
{
"_id": null,
"model": "mysql",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "5.6.24"
},
{
"_id": null,
"model": "content security appliance update servers",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"_id": null,
"model": "big-ip psm hf2",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.4"
},
{
"_id": null,
"model": "rational insight",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.1"
},
{
"_id": null,
"model": "big-ip websafe hf2",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "12.0"
},
{
"_id": null,
"model": "unified ip phone",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "99710"
},
{
"_id": null,
"model": "big-ip wom",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "10.2.3"
},
{
"_id": null,
"model": "videoscape anyres live",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "9.7.2"
},
{
"_id": null,
"model": "big-iq centralized management",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "5.0"
},
{
"_id": null,
"model": "security network protection",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.3.1.6"
},
{
"_id": null,
"model": "sdk for node.js",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.1.0.9"
},
{
"_id": null,
"model": "big-ip ltm hf8",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.4"
},
{
"_id": null,
"model": "big-ip afm hf3",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.4.1"
},
{
"_id": null,
"model": "sonas",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.5.2.3"
},
{
"_id": null,
"model": "tivoli provisioning manager for os deployment",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.1.0.2"
},
{
"_id": null,
"model": "security guardium",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "10.0"
},
{
"_id": null,
"model": "email gateway",
"scope": "eq",
"trust": 0.3,
"vendor": "mcafee",
"version": "7.6.4"
},
{
"_id": null,
"model": "sdk for node.js",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.1"
},
{
"_id": null,
"model": "big-ip websafe",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "12.1.1"
},
{
"_id": null,
"model": "big-ip link controller build",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.5.40.1.256"
},
{
"_id": null,
"model": "firesight system software",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "5.4.1.9"
},
{
"_id": null,
"model": "sdk for node.js",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.1.0.13"
},
{
"_id": null,
"model": "big-ip gtm hf1",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.5.3"
},
{
"_id": null,
"model": "big-ip link controller hf8",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.5.1"
},
{
"_id": null,
"model": "big-ip aam hf10",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.4"
},
{
"_id": null,
"model": "ata analog telephone adaptor",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "1870"
},
{
"_id": null,
"model": "universal small cell iuh",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "3.17.3"
},
{
"_id": null,
"model": "big-ip analytics hf2",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.5.4"
},
{
"_id": null,
"model": "tivoli storage productivity center",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.2.1.1"
},
{
"_id": null,
"model": "big-ip link controller hf2",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "12.1"
},
{
"_id": null,
"model": "mysql",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "5.7.2"
},
{
"_id": null,
"model": "project openssl 1.0.1m",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"_id": null,
"model": "ios and cisco ios xe software",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "16.4"
},
{
"_id": null,
"model": "telepresence system",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "500-326.1"
},
{
"_id": null,
"model": "big-iq adc",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "4.5"
},
{
"_id": null,
"model": "big-ip asm hf1",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.4.1"
},
{
"_id": null,
"model": "big-ip aam hf8",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.4.1"
},
{
"_id": null,
"model": "expressway series",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"_id": null,
"model": "big-ip ltm",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.4"
},
{
"_id": null,
"model": "vm virtualbox",
"scope": "ne",
"trust": 0.3,
"vendor": "oracle",
"version": "5.1.8"
},
{
"_id": null,
"model": "big-ip gtm",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.4.1"
},
{
"_id": null,
"model": "small business series managed switches",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "3000"
},
{
"_id": null,
"model": "sdk for node.js",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "1.2.0.15"
},
{
"_id": null,
"model": "virtualization experience media edition",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "11.8"
},
{
"_id": null,
"model": "unity express",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "10"
},
{
"_id": null,
"model": "big-iq cloud",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "4.1"
},
{
"_id": null,
"model": "email gateway",
"scope": "eq",
"trust": 0.3,
"vendor": "mcafee",
"version": "7.6.3.1"
},
{
"_id": null,
"model": "big-ip aam hf2",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.4.1"
},
{
"_id": null,
"model": "big-ip analytics hf9",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.4"
},
{
"_id": null,
"model": "rrdi",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.0.6"
},
{
"_id": null,
"model": "telepresence system",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "10006.1"
},
{
"_id": null,
"model": "telepresence isdn gateway",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "32410"
},
{
"_id": null,
"model": "big-ip afm hf1",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "12.0.0"
},
{
"_id": null,
"model": "telepresence mcu",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"_id": null,
"model": "big-ip gtm",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "10.2.4"
},
{
"_id": null,
"model": "edge digital media player",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "3000"
},
{
"_id": null,
"model": "series smart plus switches",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2200"
},
{
"_id": null,
"model": "enterprise manager ops center",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "12.2.2"
},
{
"_id": null,
"model": "smartcloud entry",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.2"
},
{
"_id": null,
"model": "big-ip asm",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "10.2.3"
},
{
"_id": null,
"model": "sdk for node.js",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.1.0.21"
},
{
"_id": null,
"model": "sonas",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.5.0.0"
},
{
"_id": null,
"model": "smartcloud entry appliance fi",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.4.0.4"
},
{
"_id": null,
"model": "nexus series switches",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "1000v0"
},
{
"_id": null,
"model": "big-ip websafe hf8",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.6"
},
{
"_id": null,
"model": "tivoli storage productivity center",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.2.5.1"
},
{
"_id": null,
"model": "rational insight",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.1.1.6"
},
{
"_id": null,
"model": "sdk for node.js",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.1.0.5"
},
{
"_id": null,
"model": "project openssl",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "1.0.1"
},
{
"_id": null,
"model": "virtual security gateway",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"_id": null,
"model": "big-ip gtm hf3",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.4.1"
},
{
"_id": null,
"model": "big-ip link controller hf8",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.6"
},
{
"_id": null,
"model": "big-ip link controller hf10",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.4"
},
{
"_id": null,
"model": "rational insight",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.1.1.5"
},
{
"_id": null,
"model": "big-ip asm hf10",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.4.1"
},
{
"_id": null,
"model": "telepresence tx9000 series",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"_id": null,
"model": "big-ip gtm hf10",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.4.1"
},
{
"_id": null,
"model": "smartcloud entry appliance fp",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.2.0.4"
},
{
"_id": null,
"model": "big-ip link controller",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "10.2.1"
},
{
"_id": null,
"model": "big-ip afm build",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.5.40.1.256"
},
{
"_id": null,
"model": "big-ip ltm",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.5.2"
},
{
"_id": null,
"model": "project openssl 1.0.1j",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"_id": null,
"model": "big-ip apm hf10",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.4"
},
{
"_id": null,
"model": "series digital media players",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "43000"
},
{
"_id": null,
"model": "telepresence system series",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "30006.1"
},
{
"_id": null,
"model": "universal small cell series",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "70003.4.2.0"
},
{
"_id": null,
"model": "big-ip asm",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "12.1.0"
},
{
"_id": null,
"model": "big-ip asm hf4",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "12.0"
},
{
"_id": null,
"model": "security network protection",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.3.1.4"
},
{
"_id": null,
"model": "big-ip psm hf9",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.4"
},
{
"_id": null,
"model": "big-ip asm hf4",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.4.1"
},
{
"_id": null,
"model": "unity connection",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"_id": null,
"model": "security manager",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "4.13"
},
{
"_id": null,
"model": "sdk for node.js",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.1.1.0"
},
{
"_id": null,
"model": "mysql",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "5.6.12"
},
{
"_id": null,
"model": "ucs b-series blade servers",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"_id": null,
"model": "vios",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.2"
},
{
"_id": null,
"model": "big-ip wom",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "10.2.4"
},
{
"_id": null,
"model": "ucs standalone c-series rack server integrated management cont",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "-0"
},
{
"_id": null,
"model": "sonas",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.5.0.1"
},
{
"_id": null,
"model": "security network protection",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "5.3.2.5"
},
{
"_id": null,
"model": "telepresence integrator c series",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"_id": null,
"model": "spectrum control",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.2.9"
},
{
"_id": null,
"model": "big-ip dns hf2",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "12.0"
},
{
"_id": null,
"model": "project openssl 1.0.1d",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"_id": null,
"model": "big-ip analytics hf2",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.5.3"
},
{
"_id": null,
"model": "storwize unified",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "v70001.6.0.0"
},
{
"_id": null,
"model": "big-ip analytics build",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.66.204.442"
},
{
"_id": null,
"model": "big-ip aam hf4",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.6.0"
},
{
"_id": null,
"model": "mysql",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "5.6.32"
},
{
"_id": null,
"model": "big-ip link controller hf8",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.4.1"
},
{
"_id": null,
"model": "big-ip edge gateway",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "10.2.2"
},
{
"_id": null,
"model": "big-ip asm hf2",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "12.1"
},
{
"_id": null,
"model": "big-iq cloud and orchestration",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "1.0"
},
{
"_id": null,
"model": "big-ip apm hf1",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.5.2"
},
{
"_id": null,
"model": "enterprise content delivery system",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "2.6.9"
},
{
"_id": null,
"model": "nexus series switches",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "60000"
},
{
"_id": null,
"model": "commerce experience manager",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "6.5.1"
},
{
"_id": null,
"model": "mds series multilayer switches 5.2.8",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "9000"
},
{
"_id": null,
"model": "big-ip analytics hf8",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.5.1"
},
{
"_id": null,
"model": "series digital media players 5.4.1 rb4",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "4300"
},
{
"_id": null,
"model": "ucs standalone c-series rack server integrated management cont",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "-3.0"
},
{
"_id": null,
"model": "big-ip asm",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.5"
},
{
"_id": null,
"model": "storwize unified",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "v70001.5.2.1"
},
{
"_id": null,
"model": "big-ip webaccelerator",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "10.2.3"
},
{
"_id": null,
"model": "ios and cisco ios xe software",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "16.1"
},
{
"_id": null,
"model": "prime network",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"_id": null,
"model": "telepresence tx9000 series",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "6.1"
},
{
"_id": null,
"model": "sdk for node.js",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.4.2.0"
},
{
"_id": null,
"model": "big-ip pem",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.6.1"
},
{
"_id": null,
"model": "big-ip gtm build",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.5.40.1.256"
},
{
"_id": null,
"model": "prime performance manager",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"_id": null,
"model": "big-ip ltm build",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.66.204.442"
},
{
"_id": null,
"model": "smart net total care local collector appliance",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "-0"
},
{
"_id": null,
"model": "prime collaboration provisioning",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"_id": null,
"model": "tivoli storage productivity center",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.2.12"
},
{
"_id": null,
"model": "connected grid routers",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "15.8.9"
},
{
"_id": null,
"model": "big-ip aam build 685-hf10",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.4.1"
},
{
"_id": null,
"model": "network analysis module",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"_id": null,
"model": "commerce experience manager",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "6.5.2"
},
{
"_id": null,
"model": "nexus series fabric switches aci mode",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "9000-0"
},
{
"_id": null,
"model": "prime performance manager sp1611",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "1.7"
},
{
"_id": null,
"model": "worklight consumer edition",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.1.0.1"
},
{
"_id": null,
"model": "vm virtualbox",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "5.0.12"
},
{
"_id": null,
"model": "big-ip ltm hf2",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.5.3"
},
{
"_id": null,
"model": "big-ip gtm build 685-hf10",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.4.1"
},
{
"_id": null,
"model": "vm virtualbox",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "5.0.22"
},
{
"_id": null,
"model": "unified ip phone 9.3 sr3",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "6901"
},
{
"_id": null,
"model": "mysql",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "5.6.23"
},
{
"_id": null,
"model": "vm virtualbox",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "5.0.16"
},
{
"_id": null,
"model": "big-ip ltm hf1",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.5.4"
},
{
"_id": null,
"model": "mysql",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "5.7.10"
},
{
"_id": null,
"model": "big-ip ltm hf9",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.4"
},
{
"_id": null,
"model": "big-ip edge gateway",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.2.1"
},
{
"_id": null,
"model": "telepresence server and mse",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "701087100"
},
{
"_id": null,
"model": "storwize unified",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "v70001.5.1.3"
},
{
"_id": null,
"model": "big-ip apm hf9",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.4"
},
{
"_id": null,
"model": "mds series multilayer switches",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "90006.2.19"
},
{
"_id": null,
"model": "aironet series access points",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "270015.5(3)"
},
{
"_id": null,
"model": "big-ip ltm hf10",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.4"
},
{
"_id": null,
"model": "mysql",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "5.6.30"
},
{
"_id": null,
"model": "mysql",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "5.6.4"
},
{
"_id": null,
"model": "spectrum control",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.2.11"
},
{
"_id": null,
"model": "big-ip link controller",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.5.1"
},
{
"_id": null,
"model": "big-ip asm build",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "12.01.14.628"
},
{
"_id": null,
"model": "big-ip afm hf2",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.5.3"
},
{
"_id": null,
"model": "telepresence server on virtual machine",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"_id": null,
"model": "webex meetings for android",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"_id": null,
"model": "big-ip apm hf2",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.5.3"
},
{
"_id": null,
"model": "rational application developer for websphere software",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "9.5"
},
{
"_id": null,
"model": "big-ip websafe hf3",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "12.0"
},
{
"_id": null,
"model": "big-ip asm hf1",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.5.4"
},
{
"_id": null,
"model": "big-ip pem",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.5.3"
},
{
"_id": null,
"model": "big-ip gtm",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.5.4"
},
{
"_id": null,
"model": "nexus series switches 5.2.8",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "5000"
},
{
"_id": null,
"model": "digital media manager 5.4.1 rb4",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"_id": null,
"model": "unified workforce optimization quality management solution",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "-0"
},
{
"_id": null,
"model": "telepresence integrator c series tc7.3.7",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"_id": null,
"model": "tivoli provisioning manager for os deployment",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.1.3"
},
{
"_id": null,
"model": "big-ip aam",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.5.2"
},
{
"_id": null,
"model": "universal small cell series",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "50003.5.12.23"
},
{
"_id": null,
"model": "big-ip aam hf2",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.5.4"
},
{
"_id": null,
"model": "mysql",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "5.6.13"
},
{
"_id": null,
"model": "spa122 analog telephone adapter with router",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "1.4.2"
},
{
"_id": null,
"model": "big-ip asm hf7",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.6"
},
{
"_id": null,
"model": "sterling connect:express for unix",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.4"
},
{
"_id": null,
"model": "big-ip aam hf1",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.5.3"
},
{
"_id": null,
"model": "cloud object storage",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"_id": null,
"model": "mysql",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "5.7.5"
},
{
"_id": null,
"model": "rrdi",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.0.1"
},
{
"_id": null,
"model": "big-ip apm build",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.66.204.442"
},
{
"_id": null,
"model": "worklight enterprise edition",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.1.0.2"
},
{
"_id": null,
"model": "vm virtualbox",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "5.0.14"
},
{
"_id": null,
"model": "sonas",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.5.2.4"
},
{
"_id": null,
"model": "email gateway",
"scope": "eq",
"trust": 0.3,
"vendor": "mcafee",
"version": "7.6.3"
},
{
"_id": null,
"model": "big-ip pem hf5",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.6.0"
},
{
"_id": null,
"model": "mysql",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "5.7.4"
},
{
"_id": null,
"model": "big-ip analytics hf8",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.4.1"
},
{
"_id": null,
"model": "sdk for node.js",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.2.0.4"
},
{
"_id": null,
"model": "big-ip link controller",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.6"
},
{
"_id": null,
"model": "unified intelligent contact management enterprise",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"_id": null,
"model": "security network protection",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.3.2.4"
},
{
"_id": null,
"model": "big-ip gtm",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.6.1"
},
{
"_id": null,
"model": "application and content networking system",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"_id": null,
"model": "project openssl 1.0.1k",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"_id": null,
"model": "big-ip apm",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "10.2.2"
},
{
"_id": null,
"model": "big-ip webaccelerator",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "10.2.4"
},
{
"_id": null,
"model": "anyconnect secure mobility client for ios",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"_id": null,
"model": "big-ip psm",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "10.2.1"
},
{
"_id": null,
"model": "ace application control engine",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "47100"
},
{
"_id": null,
"model": "big-ip asm build 685-hf10",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.4.1"
},
{
"_id": null,
"model": "big-ip ltm",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "10.2.3"
},
{
"_id": null,
"model": "oss support tools",
"scope": "ne",
"trust": 0.3,
"vendor": "oracle",
"version": "8.15.17.3.14"
},
{
"_id": null,
"model": "anyconnect secure mobility client for mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "x0"
},
{
"_id": null,
"model": "sdk for node.js",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.1.0.2"
},
{
"_id": null,
"model": "big-ip analytics hf3",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "12.0.0"
},
{
"_id": null,
"model": "big-iq security",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "4.0"
},
{
"_id": null,
"model": "commerce guided search",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "6.4.1.2"
},
{
"_id": null,
"model": "tivoli provisioning manager for images build",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.1.20290.1"
},
{
"_id": null,
"model": "project openssl 1.0.1b",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"_id": null,
"model": "big-ip psm hf8",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.4"
},
{
"_id": null,
"model": "security network protection",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.3.1.2"
},
{
"_id": null,
"model": "big-ip pem hf2",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "12.0"
},
{
"_id": null,
"model": "big-ip dns",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "12.1.0"
},
{
"_id": null,
"model": "prime infrastructure plug and play standalone gateway",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"_id": null,
"model": "virtual security gateway",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "2.1.6"
},
{
"_id": null,
"model": "nexus series switches",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "50006.2.19"
},
{
"_id": null,
"model": "big-ip analytics",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.5.3"
},
{
"_id": null,
"model": "big-ip afm",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.4"
},
{
"_id": null,
"model": "project openssl 1.0.1u",
"scope": "ne",
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"_id": null,
"model": "telepresence conductor",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"_id": null,
"model": "mysql",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "5.7.3"
},
{
"_id": null,
"model": "big-ip wom",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "10.2.1"
},
{
"_id": null,
"model": "big-ip websafe hf1",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "12.1"
},
{
"_id": null,
"model": "application policy infrastructure controller",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"_id": null,
"model": "jabber for mac",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"_id": null,
"model": "big-ip apm hf1",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "12.0.0"
},
{
"_id": null,
"model": "storwize unified",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "v70001.5.2.2"
},
{
"_id": null,
"model": "jabber for iphone and ipad",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "11.8"
},
{
"_id": null,
"model": "big-ip pem",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "12.1.1"
},
{
"_id": null,
"model": "prime network registrar",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "9.0"
},
{
"_id": null,
"model": "security network protection",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.3.3"
},
{
"_id": null,
"model": "sdk for node.js",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.0.0.0"
},
{
"_id": null,
"model": "cognos metrics manager",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "10.2.2"
},
{
"_id": null,
"model": "big-ip asm",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.5.2"
},
{
"_id": null,
"model": "big-ip ltm hf2",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.4.1"
},
{
"_id": null,
"model": "i",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1"
},
{
"_id": null,
"model": "worklight enterprise edition",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.1.0.1"
},
{
"_id": null,
"model": "big-ip ltm",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "12.1.0"
},
{
"_id": null,
"model": "big-ip ltm",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.6.0"
},
{
"_id": null,
"model": "telepresence video communication server",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "x8.8.3"
},
{
"_id": null,
"model": "mysql",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "5.6.16"
},
{
"_id": null,
"model": "big-iq cloud",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "4.3"
},
{
"_id": null,
"model": "tivoli storage productivity center",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.2.4.1"
},
{
"_id": null,
"model": "series digital media players 5.4.1 rb4",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "4400"
},
{
"_id": null,
"model": "sterling connect:express for unix",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.5.0"
},
{
"_id": null,
"model": "multicast manager",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"_id": null,
"model": "aironet series access points",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "270016.3"
},
{
"_id": null,
"model": "cognos business intelligence server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "10.2"
},
{
"_id": null,
"model": "big-ip wom hf1",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "10.2.1"
},
{
"_id": null,
"model": "big-ip link controller",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "12.0"
},
{
"_id": null,
"model": "big-ip link controller",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.4.1"
},
{
"_id": null,
"model": "anyconnect secure mobility client for ios",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "4.0.7"
},
{
"_id": null,
"model": "big-ip link controller build",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.66.204.442"
},
{
"_id": null,
"model": "secure access control system",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "5.8.0.32.8"
},
{
"_id": null,
"model": "big-ip asm hf1",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.5.3"
},
{
"_id": null,
"model": "big-ip psm hf10",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.4"
},
{
"_id": null,
"model": "big-iq security",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "4.2"
},
{
"_id": null,
"model": "big-ip gtm",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.5.3"
},
{
"_id": null,
"model": "webex node for mcs",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"_id": null,
"model": "telepresence mcu",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "4.5(1.89)"
},
{
"_id": null,
"model": "management appliance",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"_id": null,
"model": "anyconnect secure mobility client for windows",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "4.0.7"
},
{
"_id": null,
"model": "big-ip link controller",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "10.2.4"
},
{
"_id": null,
"model": "videoscape anyres live",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"_id": null,
"model": "video surveillance ptz ip cameras",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"_id": null,
"model": "big-ip asm hf2",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.4"
},
{
"_id": null,
"model": "big-ip afm",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.5.2"
},
{
"_id": null,
"model": "big-ip asm hf9",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.4"
},
{
"_id": null,
"model": "big-ip afm hf2",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.4.1"
},
{
"_id": null,
"model": "video distribution suite for internet streaming",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "4.003(002)"
},
{
"_id": null,
"model": "mysql",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "5.6.31"
},
{
"_id": null,
"model": "iworkflow",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "2.0"
},
{
"_id": null,
"model": "big-ip dns hf3",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "12.0"
},
{
"_id": null,
"model": "i",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.2"
},
{
"_id": null,
"model": "big-ip asm",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "10.2.1"
},
{
"_id": null,
"model": "sterling connect:direct for hp nonstop",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.6"
},
{
"_id": null,
"model": "big-ip apm hf2",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "12.0"
},
{
"_id": null,
"model": "big-ip apm hf2",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.4.1"
},
{
"_id": null,
"model": "tivoli storage productivity center",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.2.3"
},
{
"_id": null,
"model": "project openssl 1.0.2c",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"_id": null,
"model": "telepresence serial gateway series",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"_id": null,
"model": "big-ip asm build",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.5.110.104.180"
},
{
"_id": null,
"model": "big-ip analytics",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "12.1.1"
},
{
"_id": null,
"model": "mysql",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "5.7.13"
},
{
"_id": null,
"model": "big-ip gtm hf8",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.4.1"
},
{
"_id": null,
"model": "big-ip pem",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.4.1"
},
{
"_id": null,
"model": "big-ip asm hf8",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.6"
},
{
"_id": null,
"model": "big-ip ltm",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.5"
},
{
"_id": null,
"model": "big-ip gtm",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.2.1"
},
{
"_id": null,
"model": "big-ip analytics build",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "12.01.14.628"
},
{
"_id": null,
"model": "email gateway",
"scope": "eq",
"trust": 0.3,
"vendor": "mcafee",
"version": "7.6.400"
},
{
"_id": null,
"model": "big-ip apm build",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.5.40.1.256"
},
{
"_id": null,
"model": "big-ip afm hf9",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.4.1"
},
{
"_id": null,
"model": "unified ip phone",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "89610"
},
{
"_id": null,
"model": "expressway series",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "x8.8.3"
},
{
"_id": null,
"model": "sdk for node.js",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.1.0.12"
},
{
"_id": null,
"model": "commerce guided search",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "6.3"
},
{
"_id": null,
"model": "prime network",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "431"
},
{
"_id": null,
"model": "aix",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1"
},
{
"_id": null,
"model": "big-ip aam hf1",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.4.1"
},
{
"_id": null,
"model": "big-ip ltm hf1",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "12.1"
},
{
"_id": null,
"model": "telepresence system",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "500-320"
},
{
"_id": null,
"model": "unified attendant console enterprise edition",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"_id": null,
"model": "big-iq security",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "4.1"
},
{
"_id": null,
"model": "sdk for node.js",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.2.0.14"
},
{
"_id": null,
"model": "big-ip analytics hf9",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.4.1"
},
{
"_id": null,
"model": "unified contact center express",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"_id": null,
"model": "vm virtualbox",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "5.0.26"
},
{
"_id": null,
"model": "tivoli provisioning manager for os deployment",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.1"
},
{
"_id": null,
"model": "big-ip websafe hf2",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "12.1"
},
{
"_id": null,
"model": "big-ip ltm",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "10.2.4"
},
{
"_id": null,
"model": "telepresence system ex series ce8.2.2",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"_id": null,
"model": "big-ip apm",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "10.2.3"
},
{
"_id": null,
"model": "prime data center network manager",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"_id": null,
"model": "network analysis module 6.2",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"_id": null,
"model": "big-ip ltm build",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "12.01.14.628"
},
{
"_id": null,
"model": "mxe series media experience engines",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "35000"
},
{
"_id": null,
"model": "project openssl 1.0.2b",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"_id": null,
"model": "big-ip afm build",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.66.204.442"
},
{
"_id": null,
"model": "universal small cell cloudbase factory recovery root filesystem",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "3.17.3"
},
{
"_id": null,
"model": "videoscape control suite",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"_id": null,
"model": "unified communications manager",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"_id": null,
"model": "tandberg codian mse",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "83200"
},
{
"_id": null,
"model": "ip series phones vpn feature",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "8800-0"
},
{
"_id": null,
"model": "flex system manager",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.3.3.0"
},
{
"_id": null,
"model": "mobilefirst platform foundation",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.0.0.0"
},
{
"_id": null,
"model": "security network protection",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.3.1.9"
},
{
"_id": null,
"model": "security network protection",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.3.1.3"
},
{
"_id": null,
"model": "big-ip pem hf4",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.6.0"
},
{
"_id": null,
"model": "smartcloud entry",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.2"
},
{
"_id": null,
"model": "big-ip afm hf10",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.4"
},
{
"_id": null,
"model": "big-ip aam hf3",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "12.0.0"
},
{
"_id": null,
"model": "mysql",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "5.6.27"
},
{
"_id": null,
"model": "mysql",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "5.6.17"
},
{
"_id": null,
"model": "mysql",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "5.6.18"
},
{
"_id": null,
"model": "enterprise manager base platform",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "13.2.0.0"
},
{
"_id": null,
"model": "big-iq cloud",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "4.5"
},
{
"_id": null,
"model": "big-ip aam hf9",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.4.1"
},
{
"_id": null,
"model": "email gateway",
"scope": "ne",
"trust": 0.3,
"vendor": "mcafee",
"version": "7.6.406-3402.103"
},
{
"_id": null,
"model": "enterprise manager",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "3.1.1"
},
{
"_id": null,
"model": "unified meetingplace 8.6mr1",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"_id": null,
"model": "big-ip analytics",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.4.1"
},
{
"_id": null,
"model": "telepresence mx series",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"_id": null,
"model": "tapi service provider",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"_id": null,
"model": "big-ip analytics hf2",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.4"
},
{
"_id": null,
"model": "telepresence system",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "500-370"
},
{
"_id": null,
"model": "video surveillance series ip cameras",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "70002.9"
},
{
"_id": null,
"model": "sonas",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.5.0.2"
},
{
"_id": null,
"model": "big-ip asm hf8",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.4.1"
},
{
"_id": null,
"model": "big-ip pem hf11",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.5.1"
},
{
"_id": null,
"model": "big-ip ltm hf3",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.4.1"
},
{
"_id": null,
"model": "big-ip apm",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "12.1.0"
},
{
"_id": null,
"model": "spa525g 5-line ip phone",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"_id": null,
"model": "telepresence profile series",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"_id": null,
"model": "sonas",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.5.1.0"
},
{
"_id": null,
"model": "secure access control system",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"_id": null,
"model": "mysql",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "5.6.22"
},
{
"_id": null,
"model": "unified ip conference phone for third-party call control 9.3 sr3",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "8831"
},
{
"_id": null,
"model": "unified ip series phones",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "79000"
},
{
"_id": null,
"model": "big-ip ltm hf10",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.5.1"
},
{
"_id": null,
"model": "spa232d multi-line dect analog telephone adapter",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "1.4.2"
},
{
"_id": null,
"model": "nexus series fabric switches aci mode",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "9000-0"
},
{
"_id": null,
"model": "tivoli storage productivity center",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.2.6"
},
{
"_id": null,
"model": "big-ip link controller hf1",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "12.0.0"
},
{
"_id": null,
"model": "big-iq security hf2",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "4.4"
},
{
"_id": null,
"model": "visual quality experience tools server",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"_id": null,
"model": "virtualization experience media edition",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"_id": null,
"model": "big-ip webaccelerator",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "10.2.1"
},
{
"_id": null,
"model": "big-ip ltm hf7",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.6"
},
{
"_id": null,
"model": "enterprise manager ops center",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "12.3.2"
},
{
"_id": null,
"model": "emergency responder",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"_id": null,
"model": "email gateway 7.6.405h1157986",
"scope": null,
"trust": 0.3,
"vendor": "mcafee",
"version": null
},
{
"_id": null,
"model": "big-ip link controller hf1",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "12.1"
},
{
"_id": null,
"model": "project openssl 1.0.1l",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"_id": null,
"model": "tivoli storage productivity center",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.2.7"
},
{
"_id": null,
"model": "big-ip apm build 685-hf10",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.4.1"
},
{
"_id": null,
"model": "registered envelope service",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"_id": null,
"model": "big-ip pem hf1",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "12.0.0"
},
{
"_id": null,
"model": "big-iq cloud",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "4.4"
},
{
"_id": null,
"model": "universal small cell series",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "70003.5.12.23"
},
{
"_id": null,
"model": "firesight system software",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"_id": null,
"model": "big-ip analytics hf10",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.4"
},
{
"_id": null,
"model": "smartcloud entry appliance fi",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.3.0.4"
},
{
"_id": null,
"model": "big-ip aam",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "12.1.0"
},
{
"_id": null,
"model": "mysql",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "5.7.15"
},
{
"_id": null,
"model": "sdk for node.js",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.1.1.2"
},
{
"_id": null,
"model": "big-ip aam",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.6.0"
},
{
"_id": null,
"model": "big-ip websafe",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "12.1"
},
{
"_id": null,
"model": "unified meetingplace",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"_id": null,
"model": "security virtual server protection for vmware",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.1.1"
},
{
"_id": null,
"model": "big-ip websafe hf4",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "12.0"
},
{
"_id": null,
"model": "big-ip pem hf1",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "12.1"
},
{
"_id": null,
"model": "unified contact center express",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "11.6"
},
{
"_id": null,
"model": "big-ip pem hf4",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "12.0"
},
{
"_id": null,
"model": "tivoli provisioning manager for images system edition",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "x7.1.1.0"
},
{
"_id": null,
"model": "webex meetings server",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "2.6.1.30"
},
{
"_id": null,
"model": "big-iq device hf2",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "4.4"
},
{
"_id": null,
"model": "big-ip gtm build",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.66.204.442"
},
{
"_id": null,
"model": "project openssl 1.0.1h",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"_id": null,
"model": "big-ip afm hf1",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.5.3"
},
{
"_id": null,
"model": "sdk for node.js",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.2.0.13"
},
{
"_id": null,
"model": "big-ip ltm hf5",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.6.0"
},
{
"_id": null,
"model": "email gateway",
"scope": "eq",
"trust": 0.3,
"vendor": "mcafee",
"version": "7.6.402"
},
{
"_id": null,
"model": "big-ip apm build",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "12.01.14.628"
},
{
"_id": null,
"model": "project openssl 1.0.1p",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
}
],
"sources": [
{
"db": "BID",
"id": "93153"
},
{
"db": "CNNVD",
"id": "CNNVD-201609-595"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-004992"
},
{
"db": "NVD",
"id": "CVE-2016-6306"
}
]
},
"configurations": {
"_id": null,
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"cpe_match": [
{
"cpe22Uri": "cpe:/a:nodejs:node.js",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:openssl:openssl",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:suse:linux_enterprise_module_for_web_scripting",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:hp:icewall_federation_agent",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:hp:icewall_mcrp",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:hp:icewall_sso",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:nec:capssuite",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:nec:enterprise_directoryserver",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:nec:enterpriseidentitymanager",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:nec:esmpro_serveragent",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:nec:esmpro_serveragentservice",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/h:nec:express5800",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/h:nec:ix1000",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/h:nec:ix2000",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/h:nec:ix3000",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:nec:webotx_application_server",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:nec:webotx_portal",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:hitachi:cosminexus_http_server",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:hitachi:hitachi_application_server",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:hitachi:hitachi_application_server_for_developers",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:hitachi:hitachi_web_server",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:hitachi:ucosminexus_application_server",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:hitachi:ucosminexus_application_server_enterprise",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:hitachi:ucosminexus_application_server_smart_edition",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:hitachi:ucosminexus_application_server_standard",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:hitachi:ucosminexus_developer",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:hitachi:ucosminexus_developer_light",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:hitachi:ucosminexus_developer_standard",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:hitachi:ucosminexus_primary_server",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:hitachi:ucosminexus_service_architect",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:hitachi:ucosminexus_service_platform",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2016-004992"
}
]
},
"credits": {
"_id": null,
"data": "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerabilities that are described in this advisory.",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201609-595"
}
],
"trust": 0.6
},
"cve": "CVE-2016-6306",
"cvss": {
"_id": null,
"data": [
{
"cvssV2": [
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "PARTIAL",
"baseScore": 4.3,
"confidentialityImpact": "NONE",
"exploitabilityScore": 8.6,
"id": "CVE-2016-6306",
"impactScore": 2.9,
"integrityImpact": "NONE",
"severity": "MEDIUM",
"trust": 1.9,
"vectorString": "AV:N/AC:M/Au:N/C:N/I:N/A:P",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"author": "nvd@nist.gov",
"availabilityImpact": "HIGH",
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"exploitabilityScore": 2.2,
"id": "CVE-2016-6306",
"impactScore": 3.6,
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
{
"attackComplexity": "High",
"attackVector": "Network",
"author": "NVD",
"availabilityImpact": "High",
"baseScore": 5.9,
"baseSeverity": "Medium",
"confidentialityImpact": "None",
"exploitabilityScore": null,
"id": "CVE-2016-6306",
"impactScore": null,
"integrityImpact": "None",
"privilegesRequired": "None",
"scope": "Unchanged",
"trust": 0.8,
"userInteraction": "None",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.0"
}
],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2016-6306",
"trust": 1.0,
"value": "MEDIUM"
},
{
"author": "NVD",
"id": "CVE-2016-6306",
"trust": 0.8,
"value": "Medium"
},
{
"author": "CNNVD",
"id": "CNNVD-201609-595",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "VULMON",
"id": "CVE-2016-6306",
"trust": 0.1,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "VULMON",
"id": "CVE-2016-6306"
},
{
"db": "CNNVD",
"id": "CNNVD-201609-595"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-004992"
},
{
"db": "NVD",
"id": "CVE-2016-6306"
}
]
},
"description": {
"_id": null,
"data": "The certificate parser in OpenSSL before 1.0.1u and 1.0.2 before 1.0.2i might allow remote attackers to cause a denial of service (out-of-bounds read) via crafted certificate operations, related to s3_clnt.c and s3_srvr.c. Supplementary information : CWE Vulnerability type by CWE-125: Out-of-bounds Read ( Read out of bounds ) Has been identified. http://cwe.mitre.org/data/definitions/125.htmlService disruption through the manipulation of crafted certificates by third parties ( Read out of bounds ) There is a possibility of being put into a state. OpenSSL is prone to a local denial-of-service vulnerability. \nA local attacker can exploit this issue to cause a denial-of-service condition. \nOpenSSL Security Advisory [22 Sep 2016]\n========================================\n\nOCSP Status Request extension unbounded memory growth (CVE-2016-6304)\n=====================================================================\n\nSeverity: High\n\nA malicious client can send an excessively large OCSP Status Request extension. \nIf that client continually requests renegotiation, sending a large OCSP Status\nRequest extension each time, then there will be unbounded memory growth on the\nserver. This will eventually lead to a Denial Of Service attack through memory\nexhaustion. Servers with a default configuration are vulnerable even if they do\nnot support OCSP. Builds using the \"no-ocsp\" build time option are not affected. \n\nServers using OpenSSL versions prior to 1.0.1g are not vulnerable in a default\nconfiguration, instead only if an application explicitly enables OCSP stapling\nsupport. \n\nOpenSSL 1.1.0 users should upgrade to 1.1.0a\nOpenSSL 1.0.2 users should upgrade to 1.0.2i\nOpenSSL 1.0.1 users should upgrade to 1.0.1u\n\nThis issue was reported to OpenSSL on 29th August 2016 by Shi Lei (Gear Team,\nQihoo 360 Inc.). The fix was developed by Matt Caswell of the OpenSSL\ndevelopment team. \n\nSSL_peek() hang on empty record (CVE-2016-6305)\n===============================================\n\nSeverity: Moderate\n\nOpenSSL 1.1.0 SSL/TLS will hang during a call to SSL_peek() if the peer sends an\nempty record. This could be exploited by a malicious peer in a Denial Of Service\nattack. \n\nOpenSSL 1.1.0 users should upgrade to 1.1.0a\n\nThis issue was reported to OpenSSL on 10th September 2016 by Alex Gaynor. The\nfix was developed by Matt Caswell of the OpenSSL development team. \n\nSWEET32 Mitigation (CVE-2016-2183)\n==================================\n\nSeverity: Low\n\nSWEET32 (https://sweet32.info) is an attack on older block cipher algorithms\nthat use a block size of 64 bits. In mitigation for the SWEET32 attack DES based\nciphersuites have been moved from the HIGH cipherstring group to MEDIUM in\nOpenSSL 1.0.1 and OpenSSL 1.0.2. OpenSSL 1.1.0 since release has had these\nciphersuites disabled by default. \n\nOpenSSL 1.0.2 users should upgrade to 1.0.2i\nOpenSSL 1.0.1 users should upgrade to 1.0.1u\n\nThis issue was reported to OpenSSL on 16th August 2016 by Karthikeyan\nBhargavan and Gaetan Leurent (INRIA). The fix was developed by Rich Salz of the\nOpenSSL development team. \n\nOOB write in MDC2_Update() (CVE-2016-6303)\n==========================================\n\nSeverity: Low\n\nAn overflow can occur in MDC2_Update() either if called directly or\nthrough the EVP_DigestUpdate() function using MDC2. If an attacker\nis able to supply very large amounts of input data after a previous\ncall to EVP_EncryptUpdate() with a partial block then a length check\ncan overflow resulting in a heap corruption. \n\nThe amount of data needed is comparable to SIZE_MAX which is impractical\non most platforms. \n\nOpenSSL 1.0.2 users should upgrade to 1.0.2i\nOpenSSL 1.0.1 users should upgrade to 1.0.1u\n\nThis issue was reported to OpenSSL on 11th August 2016 by Shi Lei (Gear Team,\nQihoo 360 Inc.). The fix was developed by Stephen Henson of the OpenSSL\ndevelopment team. \n\nMalformed SHA512 ticket DoS (CVE-2016-6302)\n===========================================\n\nSeverity: Low\n\nIf a server uses SHA512 for TLS session ticket HMAC it is vulnerable to a\nDoS attack where a malformed ticket will result in an OOB read which will\nultimately crash. \n\nThe use of SHA512 in TLS session tickets is comparatively rare as it requires\na custom server callback and ticket lookup mechanism. \n\nOpenSSL 1.0.2 users should upgrade to 1.0.2i\nOpenSSL 1.0.1 users should upgrade to 1.0.1u\n\nThis issue was reported to OpenSSL on 19th August 2016 by Shi Lei (Gear Team,\nQihoo 360 Inc.). The fix was developed by Stephen Henson of the OpenSSL\ndevelopment team. \n\nOOB write in BN_bn2dec() (CVE-2016-2182)\n========================================\n\nSeverity: Low\n\nThe function BN_bn2dec() does not check the return value of BN_div_word(). \nThis can cause an OOB write if an application uses this function with an\noverly large BIGNUM. This could be a problem if an overly large certificate\nor CRL is printed out from an untrusted source. TLS is not affected because\nrecord limits will reject an oversized certificate before it is parsed. \n\nOpenSSL 1.0.2 users should upgrade to 1.0.2i\nOpenSSL 1.0.1 users should upgrade to 1.0.1u\n\nThis issue was reported to OpenSSL on 2nd August 2016 by Shi Lei (Gear Team,\nQihoo 360 Inc.). The fix was developed by Stephen Henson of the OpenSSL\ndevelopment team. \n\nOOB read in TS_OBJ_print_bio() (CVE-2016-2180)\n==============================================\n\nSeverity: Low\n\nThe function TS_OBJ_print_bio() misuses OBJ_obj2txt(): the return value is\nthe total length the OID text representation would use and not the amount\nof data written. This will result in OOB reads when large OIDs are presented. \n\nOpenSSL 1.0.2 users should upgrade to 1.0.2i\nOpenSSL 1.0.1 users should upgrade to 1.0.1u\n\nThis issue was reported to OpenSSL on 21st July 2016 by Shi Lei (Gear Team,\nQihoo 360 Inc.). The fix was developed by Stephen Henson of the OpenSSL\ndevelopment team. \n\nPointer arithmetic undefined behaviour (CVE-2016-2177)\n======================================================\n\nSeverity: Low\n\nAvoid some undefined pointer arithmetic\n\nA common idiom in the codebase is to check limits in the following manner:\n\"p + len \u003e limit\"\n\nWhere \"p\" points to some malloc\u0027d data of SIZE bytes and\nlimit == p + SIZE\n\n\"len\" here could be from some externally supplied data (e.g. from a TLS\nmessage). \n\nThe rules of C pointer arithmetic are such that \"p + len\" is only well\ndefined where len \u003c= SIZE. Therefore the above idiom is actually\nundefined behaviour. \n\nFor example this could cause problems if some malloc implementation\nprovides an address for \"p\" such that \"p + len\" actually overflows for\nvalues of len that are too big and therefore p + len \u003c limit. \n\nOpenSSL 1.0.2 users should upgrade to 1.0.2i\nOpenSSL 1.0.1 users should upgrade to 1.0.1u\n\nThis issue was reported to OpenSSL on 4th May 2016 by Guido Vranken. The\nfix was developed by Matt Caswell of the OpenSSL development team. \n\nConstant time flag not preserved in DSA signing (CVE-2016-2178)\n===============================================================\n\nSeverity: Low\n\nOperations in the DSA signing algorithm should run in constant time in order to\navoid side channel attacks. A flaw in the OpenSSL DSA implementation means that\na non-constant time codepath is followed for certain operations. This has been\ndemonstrated through a cache-timing attack to be sufficient for an attacker to\nrecover the private DSA key. \n\nOpenSSL 1.0.2 users should upgrade to 1.0.2i\nOpenSSL 1.0.1 users should upgrade to 1.0.1u\n\nThis issue was reported to OpenSSL on 23rd May 2016 by C\u00e9sar Pereida (Aalto\nUniversity), Billy Brumley (Tampere University of Technology), and Yuval Yarom\n(The University of Adelaide and NICTA). The fix was developed by C\u00e9sar Pereida. \n\nDTLS buffered message DoS (CVE-2016-2179)\n=========================================\n\nSeverity: Low\n\nIn a DTLS connection where handshake messages are delivered out-of-order those\nmessages that OpenSSL is not yet ready to process will be buffered for later\nuse. Under certain circumstances, a flaw in the logic means that those messages\ndo not get removed from the buffer even though the handshake has been completed. \nAn attacker could force up to approx. 15 messages to remain in the buffer when\nthey are no longer required. These messages will be cleared when the DTLS\nconnection is closed. The default maximum size for a message is 100k. Therefore\nthe attacker could force an additional 1500k to be consumed per connection. By\nopening many simulataneous connections an attacker could cause a DoS attack\nthrough memory exhaustion. \n\nOpenSSL 1.0.2 DTLS users should upgrade to 1.0.2i\nOpenSSL 1.0.1 DTLS users should upgrade to 1.0.1u\n\nThis issue was reported to OpenSSL on 22nd June 2016 by Quan Luo. The fix was\ndeveloped by Matt Caswell of the OpenSSL development team. \n\nDTLS replay protection DoS (CVE-2016-2181)\n==========================================\n\nSeverity: Low\n\nA flaw in the DTLS replay attack protection mechanism means that records that\narrive for future epochs update the replay protection \"window\" before the MAC\nfor the record has been validated. This could be exploited by an attacker by\nsending a record for the next epoch (which does not have to decrypt or have a\nvalid MAC), with a very large sequence number. This means that all subsequent\nlegitimate packets are dropped causing a denial of service for a specific\nDTLS connection. \n\nOpenSSL 1.0.2 DTLS users should upgrade to 1.0.2i\nOpenSSL 1.0.1 DTLS users should upgrade to 1.0.1u\n\nThis issue was reported to OpenSSL on 21st November 2015 by the OCAP audit team. \nThe fix was developed by Matt Caswell of the OpenSSL development team. \n\nCertificate message OOB reads (CVE-2016-6306)\n=============================================\n\nSeverity: Low\n\nIn OpenSSL 1.0.2 and earlier some missing message length checks can result in\nOOB reads of up to 2 bytes beyond an allocated buffer. There is a theoretical\nDoS risk but this has not been observed in practice on common platforms. \n\nThe messages affected are client certificate, client certificate request and\nserver certificate. As a result the attack can only be performed against\na client or a server which enables client authentication. \n\nOpenSSL 1.1.0 is not affected. \n\nOpenSSL 1.0.2 users should upgrade to 1.0.2i\nOpenSSL 1.0.1 users should upgrade to 1.0.1u\n\nThis issue was reported to OpenSSL on 22nd August 2016 by Shi Lei (Gear Team,\nQihoo 360 Inc.). The fix was developed by Stephen Henson of the OpenSSL\ndevelopment team. \n\nExcessive allocation of memory in tls_get_message_header() (CVE-2016-6307)\n==========================================================================\n\nSeverity: Low\n\nA TLS message includes 3 bytes for its length in the header for the message. \nThis would allow for messages up to 16Mb in length. Messages of this length are\nexcessive and OpenSSL includes a check to ensure that a peer is sending\nreasonably sized messages in order to avoid too much memory being consumed to\nservice a connection. A flaw in the logic of version 1.1.0 means that memory for\nthe message is allocated too early, prior to the excessive message length\ncheck. Due to way memory is allocated in OpenSSL this could mean an attacker\ncould force up to 21Mb to be allocated to service a connection. This could lead\nto a Denial of Service through memory exhaustion. However, the excessive message\nlength check still takes place, and this would cause the connection to\nimmediately fail. Assuming that the application calls SSL_free() on the failed\nconneciton in a timely manner then the 21Mb of allocated memory will then be\nimmediately freed again. Therefore the excessive memory allocation will be\ntransitory in nature. This then means that there is only a security impact if:\n\n1) The application does not call SSL_free() in a timely manner in the\nevent that the connection fails\nor\n2) The application is working in a constrained environment where there\nis very little free memory\nor\n3) The attacker initiates multiple connection attempts such that there\nare multiple connections in a state where memory has been allocated for\nthe connection; SSL_free() has not yet been called; and there is\ninsufficient memory to service the multiple requests. \n\nExcept in the instance of (1) above any Denial Of Service is likely to\nbe transitory because as soon as the connection fails the memory is\nsubsequently freed again in the SSL_free() call. However there is an\nincreased risk during this period of application crashes due to the lack\nof memory - which would then mean a more serious Denial of Service. \n\nThis issue does not affect DTLS users. \n\nOpenSSL 1.1.0 TLS users should upgrade to 1.1.0a\n\nThis issue was reported to OpenSSL on 18th September 2016 by Shi Lei (Gear Team,\nQihoo 360 Inc.). The fix was developed by Matt Caswell of the OpenSSL\ndevelopment team. \n\nExcessive allocation of memory in dtls1_preprocess_fragment() (CVE-2016-6308)\n=============================================================================\n\nSeverity: Low\n\nThis issue is very similar to CVE-2016-6307. The underlying defect is different\nbut the security analysis and impacts are the same except that it impacts DTLS. \n\nA DTLS message includes 3 bytes for its length in the header for the message. \nThis would allow for messages up to 16Mb in length. Messages of this length are\nexcessive and OpenSSL includes a check to ensure that a peer is sending\nreasonably sized messages in order to avoid too much memory being consumed to\nservice a connection. A flaw in the logic of version 1.1.0 means that memory for\nthe message is allocated too early, prior to the excessive message length\ncheck. Due to way memory is allocated in OpenSSL this could mean an attacker\ncould force up to 21Mb to be allocated to service a connection. This could lead\nto a Denial of Service through memory exhaustion. However, the excessive message\nlength check still takes place, and this would cause the connection to\nimmediately fail. Assuming that the application calls SSL_free() on the failed\nconneciton in a timely manner then the 21Mb of allocated memory will then be\nimmediately freed again. Therefore the excessive memory allocation will be\ntransitory in nature. This then means that there is only a security impact if:\n\n1) The application does not call SSL_free() in a timely manner in the\nevent that the connection fails\nor\n2) The application is working in a constrained environment where there\nis very little free memory\nor\n3) The attacker initiates multiple connection attempts such that there\nare multiple connections in a state where memory has been allocated for\nthe connection; SSL_free() has not yet been called; and there is\ninsufficient memory to service the multiple requests. \n\nExcept in the instance of (1) above any Denial Of Service is likely to\nbe transitory because as soon as the connection fails the memory is\nsubsequently freed again in the SSL_free() call. However there is an\nincreased risk during this period of application crashes due to the lack\nof memory - which would then mean a more serious Denial of Service. \n\nThis issue does not affect TLS users. \n\nOpenSSL 1.1.0 DTLS users should upgrade to 1.1.0a\n\nThis issue was reported to OpenSSL on 18th September 2016 by Shi Lei (Gear Team,\nQihoo 360 Inc.). The fix was developed by Matt Caswell of the OpenSSL\ndevelopment team. \n\nNote\n====\n\nAs per our previous announcements and our Release Strategy\n(https://www.openssl.org/policies/releasestrat.html), support for OpenSSL\nversion 1.0.1 will cease on 31st December 2016. No security updates for that\nversion will be provided after that date. Users of 1.0.1 are advised to\nupgrade. \n\nSupport for versions 0.9.8 and 1.0.0 ended on 31st December 2015. Those\nversions are no longer receiving security updates. \n\nReferences\n==========\n\nURL for this Security Advisory:\nhttps://www.openssl.org/news/secadv/20160922.txt\n\nNote: the online version of the advisory may be updated with additional details\nover time. \n\nFor details of OpenSSL severity classifications please see:\nhttps://www.openssl.org/policies/secpolicy.html\n. -----BEGIN PGP SIGNED MESSAGE-----\nHash: SHA1\n\n=====================================================================\n Red Hat Security Advisory\n\nSynopsis: Important: openssl security update\nAdvisory ID: RHSA-2016:1940-01\nProduct: Red Hat Enterprise Linux\nAdvisory URL: https://rhn.redhat.com/errata/RHSA-2016-1940.html\nIssue date: 2016-09-27\nCVE Names: CVE-2016-2177 CVE-2016-2178 CVE-2016-2179 \n CVE-2016-2180 CVE-2016-2181 CVE-2016-2182 \n CVE-2016-6302 CVE-2016-6304 CVE-2016-6306 \n=====================================================================\n\n1. Summary:\n\nAn update for openssl is now available for Red Hat Enterprise Linux 6 and\nRed Hat Enterprise Linux 7. \n\nRed Hat Product Security has rated this update as having a security impact\nof Important. A Common Vulnerability Scoring System (CVSS) base score,\nwhich gives a detailed severity rating, is available for each vulnerability\nfrom the CVE link(s) in the References section. \n\n2. Relevant releases/architectures:\n\nRed Hat Enterprise Linux Client (v. 7) - x86_64\nRed Hat Enterprise Linux Client Optional (v. 7) - x86_64\nRed Hat Enterprise Linux ComputeNode (v. 7) - x86_64\nRed Hat Enterprise Linux ComputeNode Optional (v. 7) - x86_64\nRed Hat Enterprise Linux Desktop (v. 6) - i386, x86_64\nRed Hat Enterprise Linux Desktop Optional (v. 6) - i386, x86_64\nRed Hat Enterprise Linux HPC Node (v. 6) - x86_64\nRed Hat Enterprise Linux HPC Node Optional (v. 6) - x86_64\nRed Hat Enterprise Linux Server (v. 6) - i386, ppc64, s390x, x86_64\nRed Hat Enterprise Linux Server (v. 7) - ppc64, ppc64le, s390x, x86_64\nRed Hat Enterprise Linux Server Optional (v. 6) - i386, ppc64, s390x, x86_64\nRed Hat Enterprise Linux Server Optional (v. 7) - ppc64, ppc64le, s390x, x86_64\nRed Hat Enterprise Linux Workstation (v. 6) - i386, x86_64\nRed Hat Enterprise Linux Workstation (v. 7) - x86_64\nRed Hat Enterprise Linux Workstation Optional (v. 6) - i386, x86_64\nRed Hat Enterprise Linux Workstation Optional (v. 7) - x86_64\n\n3. Description:\n\nOpenSSL is a toolkit that implements the Secure Sockets Layer (SSL) and\nTransport Layer Security (TLS) protocols, as well as a full-strength\ngeneral-purpose cryptography library. A remote attacker\ncould cause a TLS server using OpenSSL to consume an excessive amount of\nmemory and, possibly, exit unexpectedly after exhausting all available\nmemory, if it enabled OCSP stapling support. \n(CVE-2016-2178)\n\n* It was discovered that the Datagram TLS (DTLS) implementation could fail\nto release memory in certain cases. A malicious DTLS client could cause a\nDTLS server using OpenSSL to consume an excessive amount of memory and,\npossibly, exit unexpectedly after exhausting all available memory. A remote attacker could possibly use this flaw\nto make a DTLS server using OpenSSL to reject further packets sent from a\nDTLS client over an established DTLS connection. (CVE-2016-2181)\n\n* An out of bounds write flaw was discovered in the OpenSSL BN_bn2dec()\nfunction. (CVE-2016-2182)\n\n* A flaw was found in the DES/3DES cipher was used as part of the TLS/SSL\nprotocol. A man-in-the-middle attacker could use this flaw to recover some\nplaintext data by capturing large amounts of encrypted traffic between\nTLS/SSL server and client if the communication used a DES/3DES based\nciphersuite. (CVE-2016-2183)\n\nThis update mitigates the CVE-2016-2183 issue by lowering priority of DES\ncipher suites so they are not preferred over cipher suites using AES. For\ncompatibility reasons, DES cipher suites remain enabled by default and\nincluded in the set of cipher suites identified by the HIGH cipher string. \nFuture updates may move them to MEDIUM or not enable them by default. \n\n* An integer underflow flaw leading to a buffer over-read was found in the\nway OpenSSL parsed TLS session tickets. (CVE-2016-6302)\n\n* Multiple integer overflow flaws were found in the way OpenSSL performed\npointer arithmetic. A remote attacker could possibly use these flaws to\ncause a TLS/SSL server or client using OpenSSL to crash. (CVE-2016-2177)\n\n* An out of bounds read flaw was found in the way OpenSSL formatted Public\nKey Infrastructure Time-Stamp Protocol data for printing. An attacker could\npossibly cause an application using OpenSSL to crash if it printed time\nstamp data from the attacker. A remote attacker could\npossibly use these flaws to crash a TLS/SSL server or client using OpenSSL. \n(CVE-2016-6306)\n\nRed Hat would like to thank the OpenSSL project for reporting CVE-2016-6304\nand CVE-2016-6306 and OpenVPN for reporting CVE-2016-2183. \n\n4. Solution:\n\nFor details on how to apply this update, which includes the changes\ndescribed in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nFor the update to take effect, all services linked to the OpenSSL library\nmust be restarted, or the system rebooted. \n\n5. Bugs fixed (https://bugzilla.redhat.com/):\n\n1341705 - CVE-2016-2177 openssl: Possible integer overflow vulnerabilities in codebase\n1343400 - CVE-2016-2178 openssl: Non-constant time codepath followed for certain operations in DSA implementation\n1359615 - CVE-2016-2180 OpenSSL: OOB read in TS_OBJ_print_bio()\n1367340 - CVE-2016-2182 openssl: Out-of-bounds write caused by unchecked errors in BN_bn2dec()\n1369113 - CVE-2016-2181 openssl: DTLS replay protection bypass allows DoS against DTLS connection\n1369383 - CVE-2016-2183 SSL/TLS: Birthday attack against 64-bit block ciphers (SWEET32)\n1369504 - CVE-2016-2179 openssl: DTLS memory exhaustion DoS when messages are not removed from fragment buffer\n1369855 - CVE-2016-6302 openssl: Insufficient TLS session ticket HMAC length checks\n1377594 - CVE-2016-6306 openssl: certificate message OOB reads\n1377600 - CVE-2016-6304 openssl: OCSP Status Request extension unbounded memory growth\n\n6. Package List:\n\nRed Hat Enterprise Linux Desktop (v. 6):\n\nSource:\nopenssl-1.0.1e-48.el6_8.3.src.rpm\n\ni386:\nopenssl-1.0.1e-48.el6_8.3.i686.rpm\nopenssl-debuginfo-1.0.1e-48.el6_8.3.i686.rpm\n\nx86_64:\nopenssl-1.0.1e-48.el6_8.3.i686.rpm\nopenssl-1.0.1e-48.el6_8.3.x86_64.rpm\nopenssl-debuginfo-1.0.1e-48.el6_8.3.i686.rpm\nopenssl-debuginfo-1.0.1e-48.el6_8.3.x86_64.rpm\n\nRed Hat Enterprise Linux Desktop Optional (v. 6):\n\ni386:\nopenssl-debuginfo-1.0.1e-48.el6_8.3.i686.rpm\nopenssl-devel-1.0.1e-48.el6_8.3.i686.rpm\nopenssl-perl-1.0.1e-48.el6_8.3.i686.rpm\nopenssl-static-1.0.1e-48.el6_8.3.i686.rpm\n\nx86_64:\nopenssl-debuginfo-1.0.1e-48.el6_8.3.i686.rpm\nopenssl-debuginfo-1.0.1e-48.el6_8.3.x86_64.rpm\nopenssl-devel-1.0.1e-48.el6_8.3.i686.rpm\nopenssl-devel-1.0.1e-48.el6_8.3.x86_64.rpm\nopenssl-perl-1.0.1e-48.el6_8.3.x86_64.rpm\nopenssl-static-1.0.1e-48.el6_8.3.x86_64.rpm\n\nRed Hat Enterprise Linux HPC Node (v. 6):\n\nSource:\nopenssl-1.0.1e-48.el6_8.3.src.rpm\n\nx86_64:\nopenssl-1.0.1e-48.el6_8.3.i686.rpm\nopenssl-1.0.1e-48.el6_8.3.x86_64.rpm\nopenssl-debuginfo-1.0.1e-48.el6_8.3.i686.rpm\nopenssl-debuginfo-1.0.1e-48.el6_8.3.x86_64.rpm\n\nRed Hat Enterprise Linux HPC Node Optional (v. 6):\n\nx86_64:\nopenssl-debuginfo-1.0.1e-48.el6_8.3.i686.rpm\nopenssl-debuginfo-1.0.1e-48.el6_8.3.x86_64.rpm\nopenssl-devel-1.0.1e-48.el6_8.3.i686.rpm\nopenssl-devel-1.0.1e-48.el6_8.3.x86_64.rpm\nopenssl-perl-1.0.1e-48.el6_8.3.x86_64.rpm\nopenssl-static-1.0.1e-48.el6_8.3.x86_64.rpm\n\nRed Hat Enterprise Linux Server (v. 6):\n\nSource:\nopenssl-1.0.1e-48.el6_8.3.src.rpm\n\ni386:\nopenssl-1.0.1e-48.el6_8.3.i686.rpm\nopenssl-debuginfo-1.0.1e-48.el6_8.3.i686.rpm\nopenssl-devel-1.0.1e-48.el6_8.3.i686.rpm\n\nppc64:\nopenssl-1.0.1e-48.el6_8.3.ppc.rpm\nopenssl-1.0.1e-48.el6_8.3.ppc64.rpm\nopenssl-debuginfo-1.0.1e-48.el6_8.3.ppc.rpm\nopenssl-debuginfo-1.0.1e-48.el6_8.3.ppc64.rpm\nopenssl-devel-1.0.1e-48.el6_8.3.ppc.rpm\nopenssl-devel-1.0.1e-48.el6_8.3.ppc64.rpm\n\ns390x:\nopenssl-1.0.1e-48.el6_8.3.s390.rpm\nopenssl-1.0.1e-48.el6_8.3.s390x.rpm\nopenssl-debuginfo-1.0.1e-48.el6_8.3.s390.rpm\nopenssl-debuginfo-1.0.1e-48.el6_8.3.s390x.rpm\nopenssl-devel-1.0.1e-48.el6_8.3.s390.rpm\nopenssl-devel-1.0.1e-48.el6_8.3.s390x.rpm\n\nx86_64:\nopenssl-1.0.1e-48.el6_8.3.i686.rpm\nopenssl-1.0.1e-48.el6_8.3.x86_64.rpm\nopenssl-debuginfo-1.0.1e-48.el6_8.3.i686.rpm\nopenssl-debuginfo-1.0.1e-48.el6_8.3.x86_64.rpm\nopenssl-devel-1.0.1e-48.el6_8.3.i686.rpm\nopenssl-devel-1.0.1e-48.el6_8.3.x86_64.rpm\n\nRed Hat Enterprise Linux Server Optional (v. 6):\n\ni386:\nopenssl-debuginfo-1.0.1e-48.el6_8.3.i686.rpm\nopenssl-perl-1.0.1e-48.el6_8.3.i686.rpm\nopenssl-static-1.0.1e-48.el6_8.3.i686.rpm\n\nppc64:\nopenssl-debuginfo-1.0.1e-48.el6_8.3.ppc64.rpm\nopenssl-perl-1.0.1e-48.el6_8.3.ppc64.rpm\nopenssl-static-1.0.1e-48.el6_8.3.ppc64.rpm\n\ns390x:\nopenssl-debuginfo-1.0.1e-48.el6_8.3.s390x.rpm\nopenssl-perl-1.0.1e-48.el6_8.3.s390x.rpm\nopenssl-static-1.0.1e-48.el6_8.3.s390x.rpm\n\nx86_64:\nopenssl-debuginfo-1.0.1e-48.el6_8.3.x86_64.rpm\nopenssl-perl-1.0.1e-48.el6_8.3.x86_64.rpm\nopenssl-static-1.0.1e-48.el6_8.3.x86_64.rpm\n\nRed Hat Enterprise Linux Workstation (v. 6):\n\nSource:\nopenssl-1.0.1e-48.el6_8.3.src.rpm\n\ni386:\nopenssl-1.0.1e-48.el6_8.3.i686.rpm\nopenssl-debuginfo-1.0.1e-48.el6_8.3.i686.rpm\nopenssl-devel-1.0.1e-48.el6_8.3.i686.rpm\n\nx86_64:\nopenssl-1.0.1e-48.el6_8.3.i686.rpm\nopenssl-1.0.1e-48.el6_8.3.x86_64.rpm\nopenssl-debuginfo-1.0.1e-48.el6_8.3.i686.rpm\nopenssl-debuginfo-1.0.1e-48.el6_8.3.x86_64.rpm\nopenssl-devel-1.0.1e-48.el6_8.3.i686.rpm\nopenssl-devel-1.0.1e-48.el6_8.3.x86_64.rpm\n\nRed Hat Enterprise Linux Workstation Optional (v. 6):\n\ni386:\nopenssl-debuginfo-1.0.1e-48.el6_8.3.i686.rpm\nopenssl-perl-1.0.1e-48.el6_8.3.i686.rpm\nopenssl-static-1.0.1e-48.el6_8.3.i686.rpm\n\nx86_64:\nopenssl-debuginfo-1.0.1e-48.el6_8.3.x86_64.rpm\nopenssl-perl-1.0.1e-48.el6_8.3.x86_64.rpm\nopenssl-static-1.0.1e-48.el6_8.3.x86_64.rpm\n\nRed Hat Enterprise Linux Client (v. 7):\n\nSource:\nopenssl-1.0.1e-51.el7_2.7.src.rpm\n\nx86_64:\nopenssl-1.0.1e-51.el7_2.7.x86_64.rpm\nopenssl-debuginfo-1.0.1e-51.el7_2.7.i686.rpm\nopenssl-debuginfo-1.0.1e-51.el7_2.7.x86_64.rpm\nopenssl-libs-1.0.1e-51.el7_2.7.i686.rpm\nopenssl-libs-1.0.1e-51.el7_2.7.x86_64.rpm\n\nRed Hat Enterprise Linux Client Optional (v. 7):\n\nx86_64:\nopenssl-debuginfo-1.0.1e-51.el7_2.7.i686.rpm\nopenssl-debuginfo-1.0.1e-51.el7_2.7.x86_64.rpm\nopenssl-devel-1.0.1e-51.el7_2.7.i686.rpm\nopenssl-devel-1.0.1e-51.el7_2.7.x86_64.rpm\nopenssl-perl-1.0.1e-51.el7_2.7.x86_64.rpm\nopenssl-static-1.0.1e-51.el7_2.7.i686.rpm\nopenssl-static-1.0.1e-51.el7_2.7.x86_64.rpm\n\nRed Hat Enterprise Linux ComputeNode (v. 7):\n\nSource:\nopenssl-1.0.1e-51.el7_2.7.src.rpm\n\nx86_64:\nopenssl-1.0.1e-51.el7_2.7.x86_64.rpm\nopenssl-debuginfo-1.0.1e-51.el7_2.7.i686.rpm\nopenssl-debuginfo-1.0.1e-51.el7_2.7.x86_64.rpm\nopenssl-libs-1.0.1e-51.el7_2.7.i686.rpm\nopenssl-libs-1.0.1e-51.el7_2.7.x86_64.rpm\n\nRed Hat Enterprise Linux ComputeNode Optional (v. 7):\n\nx86_64:\nopenssl-debuginfo-1.0.1e-51.el7_2.7.i686.rpm\nopenssl-debuginfo-1.0.1e-51.el7_2.7.x86_64.rpm\nopenssl-devel-1.0.1e-51.el7_2.7.i686.rpm\nopenssl-devel-1.0.1e-51.el7_2.7.x86_64.rpm\nopenssl-perl-1.0.1e-51.el7_2.7.x86_64.rpm\nopenssl-static-1.0.1e-51.el7_2.7.i686.rpm\nopenssl-static-1.0.1e-51.el7_2.7.x86_64.rpm\n\nRed Hat Enterprise Linux Server (v. 7):\n\nSource:\nopenssl-1.0.1e-51.el7_2.7.src.rpm\n\nppc64:\nopenssl-1.0.1e-51.el7_2.7.ppc64.rpm\nopenssl-debuginfo-1.0.1e-51.el7_2.7.ppc.rpm\nopenssl-debuginfo-1.0.1e-51.el7_2.7.ppc64.rpm\nopenssl-devel-1.0.1e-51.el7_2.7.ppc.rpm\nopenssl-devel-1.0.1e-51.el7_2.7.ppc64.rpm\nopenssl-libs-1.0.1e-51.el7_2.7.ppc.rpm\nopenssl-libs-1.0.1e-51.el7_2.7.ppc64.rpm\n\nppc64le:\nopenssl-1.0.1e-51.el7_2.7.ppc64le.rpm\nopenssl-debuginfo-1.0.1e-51.el7_2.7.ppc64le.rpm\nopenssl-devel-1.0.1e-51.el7_2.7.ppc64le.rpm\nopenssl-libs-1.0.1e-51.el7_2.7.ppc64le.rpm\n\ns390x:\nopenssl-1.0.1e-51.el7_2.7.s390x.rpm\nopenssl-debuginfo-1.0.1e-51.el7_2.7.s390.rpm\nopenssl-debuginfo-1.0.1e-51.el7_2.7.s390x.rpm\nopenssl-devel-1.0.1e-51.el7_2.7.s390.rpm\nopenssl-devel-1.0.1e-51.el7_2.7.s390x.rpm\nopenssl-libs-1.0.1e-51.el7_2.7.s390.rpm\nopenssl-libs-1.0.1e-51.el7_2.7.s390x.rpm\n\nx86_64:\nopenssl-1.0.1e-51.el7_2.7.x86_64.rpm\nopenssl-debuginfo-1.0.1e-51.el7_2.7.i686.rpm\nopenssl-debuginfo-1.0.1e-51.el7_2.7.x86_64.rpm\nopenssl-devel-1.0.1e-51.el7_2.7.i686.rpm\nopenssl-devel-1.0.1e-51.el7_2.7.x86_64.rpm\nopenssl-libs-1.0.1e-51.el7_2.7.i686.rpm\nopenssl-libs-1.0.1e-51.el7_2.7.x86_64.rpm\n\nRed Hat Enterprise Linux Server Optional (v. 7):\n\nppc64:\nopenssl-debuginfo-1.0.1e-51.el7_2.7.ppc.rpm\nopenssl-debuginfo-1.0.1e-51.el7_2.7.ppc64.rpm\nopenssl-perl-1.0.1e-51.el7_2.7.ppc64.rpm\nopenssl-static-1.0.1e-51.el7_2.7.ppc.rpm\nopenssl-static-1.0.1e-51.el7_2.7.ppc64.rpm\n\nppc64le:\nopenssl-debuginfo-1.0.1e-51.el7_2.7.ppc64le.rpm\nopenssl-perl-1.0.1e-51.el7_2.7.ppc64le.rpm\nopenssl-static-1.0.1e-51.el7_2.7.ppc64le.rpm\n\ns390x:\nopenssl-debuginfo-1.0.1e-51.el7_2.7.s390.rpm\nopenssl-debuginfo-1.0.1e-51.el7_2.7.s390x.rpm\nopenssl-perl-1.0.1e-51.el7_2.7.s390x.rpm\nopenssl-static-1.0.1e-51.el7_2.7.s390.rpm\nopenssl-static-1.0.1e-51.el7_2.7.s390x.rpm\n\nx86_64:\nopenssl-debuginfo-1.0.1e-51.el7_2.7.i686.rpm\nopenssl-debuginfo-1.0.1e-51.el7_2.7.x86_64.rpm\nopenssl-perl-1.0.1e-51.el7_2.7.x86_64.rpm\nopenssl-static-1.0.1e-51.el7_2.7.i686.rpm\nopenssl-static-1.0.1e-51.el7_2.7.x86_64.rpm\n\nRed Hat Enterprise Linux Workstation (v. 7):\n\nSource:\nopenssl-1.0.1e-51.el7_2.7.src.rpm\n\nx86_64:\nopenssl-1.0.1e-51.el7_2.7.x86_64.rpm\nopenssl-debuginfo-1.0.1e-51.el7_2.7.i686.rpm\nopenssl-debuginfo-1.0.1e-51.el7_2.7.x86_64.rpm\nopenssl-devel-1.0.1e-51.el7_2.7.i686.rpm\nopenssl-devel-1.0.1e-51.el7_2.7.x86_64.rpm\nopenssl-libs-1.0.1e-51.el7_2.7.i686.rpm\nopenssl-libs-1.0.1e-51.el7_2.7.x86_64.rpm\n\nRed Hat Enterprise Linux Workstation Optional (v. 7):\n\nx86_64:\nopenssl-debuginfo-1.0.1e-51.el7_2.7.i686.rpm\nopenssl-debuginfo-1.0.1e-51.el7_2.7.x86_64.rpm\nopenssl-perl-1.0.1e-51.el7_2.7.x86_64.rpm\nopenssl-static-1.0.1e-51.el7_2.7.i686.rpm\nopenssl-static-1.0.1e-51.el7_2.7.x86_64.rpm\n\nThese packages are GPG signed by Red Hat for security. Our key and\ndetails on how to verify the signature are available from\nhttps://access.redhat.com/security/team/key/\n\n7. References:\n\nhttps://access.redhat.com/security/cve/CVE-2016-2177\nhttps://access.redhat.com/security/cve/CVE-2016-2178\nhttps://access.redhat.com/security/cve/CVE-2016-2179\nhttps://access.redhat.com/security/cve/CVE-2016-2180\nhttps://access.redhat.com/security/cve/CVE-2016-2181\nhttps://access.redhat.com/security/cve/CVE-2016-2182\nhttps://access.redhat.com/security/cve/CVE-2016-6302\nhttps://access.redhat.com/security/cve/CVE-2016-6304\nhttps://access.redhat.com/security/cve/CVE-2016-6306\nhttps://access.redhat.com/security/updates/classification/#important\nhttps://www.openssl.org/news/secadv/20160922.txt\n\n8. Contact:\n\nThe Red Hat security contact is \u003csecalert@redhat.com\u003e. More contact\ndetails at https://access.redhat.com/security/team/contact/\n\nCopyright 2016 Red Hat, Inc. \n-----BEGIN PGP SIGNATURE-----\nVersion: GnuPG v1\n\niD8DBQFX6nnFXlSAg2UNWIIRAqklAJ9uGMit/wxZ0CfuGjR7Vi2+AjmGMwCfTpEI\nxpTW7ApBLmKhVjs49DGYouI=\n=4VgY\n-----END PGP SIGNATURE-----\n\n\n--\nRHSA-announce mailing list\nRHSA-announce@redhat.com\nhttps://www.redhat.com/mailman/listinfo/rhsa-announce\n. Description:\n\nThis release adds the new Apache HTTP Server 2.4.29 packages that are part\nof the JBoss Core Services offering. \n\nThis release serves as a replacement for Red Hat JBoss Core Services\nApache HTTP Server 2.4.23, and includes bug fixes and enhancements. Refer\nto the Release Notes for information on the most significant bug fixes,\nenhancements and component upgrades included in this release. Solution:\n\nBefore applying this update, make sure all previously released errata\nrelevant to your system have been applied. JIRA issues fixed (https://issues.jboss.org/):\n\nJBCS-372 - Errata for httpd 2.4.29 GA RHEL 6\n\n7. \n- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\nGentoo Linux Security Advisory GLSA 201612-16\n- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\n https://security.gentoo.org/\n- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\n\n Severity: Normal\n Title: OpenSSL: Multiple vulnerabilities\n Date: December 07, 2016\n Bugs: #581234, #585142, #585276, #591454, #592068, #592074,\n #592082, #594500, #595186\n ID: 201612-16\n\n- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\n\nSynopsis\n========\n\nMultiple vulnerabilities have been found in OpenSSL, the worst of which\nallows attackers to conduct a time based side-channel attack. \n\nAffected packages\n=================\n\n -------------------------------------------------------------------\n Package / Vulnerable / Unaffected\n -------------------------------------------------------------------\n 1 dev-libs/openssl \u003c 1.0.2j \u003e= 1.0.2j\n\nDescription\n===========\n\nMultiple vulnerabilities have been discovered in OpenSSL. Please review\nthe CVE identifiers and the International Association for Cryptologic\nResearch\u0027s (IACR) paper, \"Make Sure DSA Signing Exponentiations Really\nare Constant-Time\" for further details. \n\nWorkaround\n==========\n\nThere is no known workaround at this time. \n\nResolution\n==========\n\nAll OpenSSL users should upgrade to the latest version:\n\n # emerge --sync\n # emerge --ask --oneshot --verbose \"\u003e=dev-libs/openssl-1.0.2j\"\n\nReferences\n==========\n\n[ 1 ] CVE-2016-2105\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-2105\n[ 2 ] CVE-2016-2106\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-2106\n[ 3 ] CVE-2016-2107\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-2107\n[ 4 ] CVE-2016-2108\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-2108\n[ 5 ] CVE-2016-2109\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-2109\n[ 6 ] CVE-2016-2176\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-2176\n[ 7 ] CVE-2016-2177\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-2177\n[ 8 ] CVE-2016-2178\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-2178\n[ 9 ] CVE-2016-2180\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-2180\n[ 10 ] CVE-2016-2183\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-2183\n[ 11 ] CVE-2016-6304\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-6304\n[ 12 ] CVE-2016-6305\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-6305\n[ 13 ] CVE-2016-6306\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-6306\n[ 14 ] CVE-2016-7052\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-7052\n[ 15 ] Make Sure DSA Signing Exponentiations Really are Constant-Time\n http://eprint.iacr.org/2016/594.pdf\n\nAvailability\n============\n\nThis GLSA and any updates to it are available for viewing at\nthe Gentoo Security Website:\n\n https://security.gentoo.org/glsa/201612-16\n\nConcerns?\n=========\n\nSecurity is a primary focus of Gentoo Linux and ensuring the\nconfidentiality and security of our users\u0027 machines is of utmost\nimportance to us. Any security concerns should be addressed to\nsecurity@gentoo.org or alternatively, you may file a bug at\nhttps://bugs.gentoo.org. \n\nLicense\n=======\n\nCopyright 2016 Gentoo Foundation, Inc; referenced text\nbelongs to its owner(s). \n\nThe contents of this document are licensed under the\nCreative Commons - Attribution / Share Alike license. \n\nhttp://creativecommons.org/licenses/by-sa/2.5\n\n\n. ==========================================================================\nUbuntu Security Notice USN-3087-2\nSeptember 23, 2016\n\nopenssl regression\n==========================================================================\n\nA security issue affects these releases of Ubuntu and its derivatives:\n\n- Ubuntu 16.04 LTS\n- Ubuntu 14.04 LTS\n- Ubuntu 12.04 LTS\n\nSummary:\n\nUSN-3087-1 introduced a regression in OpenSSL. The fix for CVE-2016-2182 was\nincomplete and caused a regression when parsing certificates. This update\nfixes the problem. \n\nWe apologize for the inconvenience. This\n issue has only been addressed in Ubuntu 16.04 LTS in this update. (CVE-2016-2178)\n Quan Luo discovered that OpenSSL did not properly restrict the lifetime\n of queue entries in the DTLS implementation. (CVE-2016-2181)\n Shi Lei discovered that OpenSSL incorrectly validated division results. \n (CVE-2016-2182)\n Karthik Bhargavan and Gaetan Leurent discovered that the DES and Triple DES\n ciphers were vulnerable to birthday attacks. \n (CVE-2016-2183)\n Shi Lei discovered that OpenSSL incorrectly handled certain ticket lengths. (CVE-2016-6303)\n Shi Lei discovered that OpenSSL incorrectly performed certain message\n length checks. (CVE-2016-6306)\n\nUpdate instructions:\n\nThe problem can be corrected by updating your system to the following\npackage versions:\n\nUbuntu 16.04 LTS:\n libssl1.0.0 1.0.2g-1ubuntu4.5\n\nUbuntu 14.04 LTS:\n libssl1.0.0 1.0.1f-1ubuntu2.21\n\nUbuntu 12.04 LTS:\n libssl1.0.0 1.0.1-4ubuntu5.38\n\nAfter a standard system update you need to reboot your computer to make\nall the necessary changes",
"sources": [
{
"db": "NVD",
"id": "CVE-2016-6306"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-004992"
},
{
"db": "BID",
"id": "93153"
},
{
"db": "VULMON",
"id": "CVE-2016-6306"
},
{
"db": "PACKETSTORM",
"id": "169633"
},
{
"db": "PACKETSTORM",
"id": "138870"
},
{
"db": "PACKETSTORM",
"id": "148525"
},
{
"db": "PACKETSTORM",
"id": "140056"
},
{
"db": "PACKETSTORM",
"id": "138820"
},
{
"db": "PACKETSTORM",
"id": "138826"
}
],
"trust": 2.52
},
"external_ids": {
"_id": null,
"data": [
{
"db": "NVD",
"id": "CVE-2016-6306",
"trust": 3.4
},
{
"db": "BID",
"id": "93153",
"trust": 2.0
},
{
"db": "MCAFEE",
"id": "SB10215",
"trust": 1.7
},
{
"db": "SECTRACK",
"id": "1036885",
"trust": 1.7
},
{
"db": "TENABLE",
"id": "TNS-2016-16",
"trust": 1.7
},
{
"db": "TENABLE",
"id": "TNS-2016-21",
"trust": 1.7
},
{
"db": "TENABLE",
"id": "TNS-2016-20",
"trust": 1.7
},
{
"db": "PULSESECURE",
"id": "SA40312",
"trust": 1.7
},
{
"db": "SIEMENS",
"id": "SSA-412672",
"trust": 1.7
},
{
"db": "JUNIPER",
"id": "JSA10759",
"trust": 1.7
},
{
"db": "JVN",
"id": "JVNVU98667810",
"trust": 0.8
},
{
"db": "JVNDB",
"id": "JVNDB-2016-004992",
"trust": 0.8
},
{
"db": "AUSCERT",
"id": "ESB-2022.0696",
"trust": 0.6
},
{
"db": "AUSCERT",
"id": "ESB-2019.2148",
"trust": 0.6
},
{
"db": "AUSCERT",
"id": "ESB-2019.4645",
"trust": 0.6
},
{
"db": "CNNVD",
"id": "CNNVD-201609-595",
"trust": 0.6
},
{
"db": "ICS CERT",
"id": "ICSA-22-349-21",
"trust": 0.1
},
{
"db": "VULMON",
"id": "CVE-2016-6306",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "169633",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "138870",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "148525",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "140056",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "138820",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "138826",
"trust": 0.1
}
],
"sources": [
{
"db": "VULMON",
"id": "CVE-2016-6306"
},
{
"db": "BID",
"id": "93153"
},
{
"db": "PACKETSTORM",
"id": "169633"
},
{
"db": "PACKETSTORM",
"id": "138870"
},
{
"db": "PACKETSTORM",
"id": "148525"
},
{
"db": "PACKETSTORM",
"id": "140056"
},
{
"db": "PACKETSTORM",
"id": "138820"
},
{
"db": "PACKETSTORM",
"id": "138826"
},
{
"db": "CNNVD",
"id": "CNNVD-201609-595"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-004992"
},
{
"db": "NVD",
"id": "CVE-2016-6306"
}
]
},
"id": "VAR-201609-0592",
"iot": {
"_id": null,
"data": true,
"sources": [
{
"db": "VARIoT devices database",
"id": null
}
],
"trust": 0.4116151236363636
},
"last_update_date": "2026-03-09T21:46:18.832000Z",
"patch": {
"_id": null,
"data": [
{
"title": "cisco-sa-20160927-openssl",
"trust": 0.8,
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160927-openssl"
},
{
"title": "hitachi-sec-2017-102",
"trust": 0.8,
"url": "http://www.hitachi.co.jp/Prod/comp/soft1/global/security/info/vuls/hitachi-sec-2017-102/index.html"
},
{
"title": "HPSBGN03658",
"trust": 0.8,
"url": "https://h20566.www2.hpe.com/hpsc/doc/public/display?docId=emr_na-c05302448"
},
{
"title": "1995039",
"trust": 0.8,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21995039"
},
{
"title": "NV17-001",
"trust": 0.8,
"url": "http://jpn.nec.com/security-info/secinfo/nv17-001.html"
},
{
"title": "OpenSSL 1.0.2 Series Release Notes",
"trust": 0.8,
"url": "https://www.openssl.org/news/openssl-1.0.2-notes.html"
},
{
"title": "OpenSSL 1.0.1 Series Release Notes",
"trust": 0.8,
"url": "https://www.openssl.org/news/openssl-1.0.1-notes.html"
},
{
"title": "Security updates for all active release lines, September 2016",
"trust": 0.8,
"url": "https://nodejs.org/en/blog/vulnerability/september-2016-security-releases/"
},
{
"title": "Fix small OOB reads.",
"trust": 0.8,
"url": "https://git.openssl.org/?p=openssl.git;a=commit;h=52e623c4cb06fffa9d5e75c60b34b4bc130b12e9"
},
{
"title": "Certificate message OOB reads (CVE-2016-6306)",
"trust": 0.8,
"url": "https://www.openssl.org/news/secadv/20160922.txt"
},
{
"title": "SUSE-SU-2016:2470",
"trust": 0.8,
"url": "https://lists.opensuse.org/opensuse-security-announce/2016-10/msg00013.html"
},
{
"title": "Oracle Critical Patch Update Advisory - October 2016",
"trust": 0.8,
"url": "http://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html"
},
{
"title": "Oracle Linux Bulletin - October 2016",
"trust": 0.8,
"url": "http://www.oracle.com/technetwork/topics/security/linuxbulletinoct2016-3090545.html"
},
{
"title": "Oracle VM Server for x86 Bulletin - October 2016",
"trust": 0.8,
"url": "http://www.oracle.com/technetwork/topics/security/ovmbulletinoct2016-3090547.html"
},
{
"title": "SA40312",
"trust": 0.8,
"url": "https://kb.pulsesecure.net/articles/Pulse_Security_Advisories/SA40312"
},
{
"title": "SA132",
"trust": 0.8,
"url": "https://bto.bluecoat.com/security-advisory/sa132"
},
{
"title": "JSA10759",
"trust": 0.8,
"url": "http://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10759"
},
{
"title": "TNS-2016-16",
"trust": 0.8,
"url": "https://www.tenable.com/security/tns-2016-16"
},
{
"title": "TLSA-2016-28",
"trust": 0.8,
"url": "http://www.turbolinux.co.jp/security/2016/TLSA-2016-28j.html"
},
{
"title": "hitachi-sec-2017-102",
"trust": 0.8,
"url": "http://www.hitachi.co.jp/Prod/comp/soft1/security/info/vuls/hitachi-sec-2017-102/index.html"
},
{
"title": "OpenSSL Remediation measures for denial of service vulnerabilities",
"trust": 0.6,
"url": "http://123.124.177.30/web/xxk/bdxqById.tag?id=64373"
},
{
"title": "Red Hat: Moderate: Red Hat JBoss Core Services Apache HTTP Server 2.4.29 security update",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories\u0026qid=RHSA-20182187 - Security Advisory"
},
{
"title": "Red Hat: Moderate: Red Hat JBoss Core Services Apache HTTP Server 2.4.29 RHEL 7 security update",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories\u0026qid=RHSA-20182185 - Security Advisory"
},
{
"title": "Red Hat: Important: openssl security update",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories\u0026qid=RHSA-20161940 - Security Advisory"
},
{
"title": "Red Hat: Moderate: Red Hat JBoss Core Services Apache HTTP Server 2.4.29 RHEL 6 security update",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories\u0026qid=RHSA-20182186 - Security Advisory"
},
{
"title": "Arch Linux Issues: ",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=arch_linux_issues\u0026qid=CVE-2016-6306"
},
{
"title": "Red Hat: CVE-2016-6306",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=red_hat_cve_database\u0026qid=CVE-2016-6306"
},
{
"title": "Ubuntu Security Notice: openssl regression",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=ubuntu_security_notice\u0026qid=USN-3087-2"
},
{
"title": "Ubuntu Security Notice: openssl vulnerabilities",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=ubuntu_security_notice\u0026qid=USN-3087-1"
},
{
"title": "Amazon Linux AMI: ALAS-2016-755",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=amazon_linux_ami\u0026qid=ALAS-2016-755"
},
{
"title": "Arch Linux Advisories: [ASA-201609-23] openssl: multiple issues",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=arch_linux_advisories\u0026qid=ASA-201609-23"
},
{
"title": "Arch Linux Advisories: [ASA-201609-24] lib32-openssl: multiple issues",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=arch_linux_advisories\u0026qid=ASA-201609-24"
},
{
"title": "IBM: IBM Security Bulletin: Fabric OS firmware for Brocade 8Gb SAN Switch Module for BladeCenter is affected by vulnerabilities in OpenSSL and OpenSSH",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=ibm_psirt_blog\u0026qid=b7f5b1e7edcafce07f28205855d4db49"
},
{
"title": "Oracle: Oracle Critical Patch Update Advisory - January 2017",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=oracle_advisories\u0026qid=69e9536e77203a3c76b24dd89f4f9300"
},
{
"title": "Forcepoint Security Advisories: CVE-2016-2180 to -2183, -6302 to -6309, -2179, -7052 OpenSSL Vulnerabilities",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=forcepoint_security_advisories\u0026qid=a9dd8a175d084c7432b7ad47715ac50c"
},
{
"title": "Tenable Security Advisories: [R7] Nessus 6.9 Fixes Multiple Vulnerabilities",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=tenable_security_advisories\u0026qid=TNS-2016-16"
},
{
"title": "Symantec Security Advisories: SA132 : OpenSSL Vulnerabilities 22-Sep-2016 and 26-Sep-2016",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=symantec_security_advisories\u0026qid=1e6dcaf5dac6ef96a7d917a8c1393040"
},
{
"title": "Cisco: Multiple Vulnerabilities in OpenSSL Affecting Cisco Products: September 2016",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=cisco_security_advisories_and_alerts_ciscoproducts\u0026qid=cisco-sa-20160927-openssl"
},
{
"title": "Oracle: Oracle Critical Patch Update Advisory - October 2016",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=oracle_advisories\u0026qid=05aabe19d38058b7814ef5514aab4c0c"
},
{
"title": "Oracle Solaris Third Party Bulletins: Oracle Solaris Third Party Bulletin - July 2016",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=oracle_solaris_third_party_bulletins\u0026qid=ac5af5dd99788925425f5747ec672707"
},
{
"title": "Tenable Security Advisories: [R3] PVS 5.2.0 Fixes Multiple Third-party Library Vulnerabilities",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=tenable_security_advisories\u0026qid=TNS-2016-20"
},
{
"title": "Oracle Solaris Third Party Bulletins: Oracle Solaris Third Party Bulletin - July 2018",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=oracle_solaris_third_party_bulletins\u0026qid=586e6062440cdd312211d748e028164e"
},
{
"title": "Tenable Security Advisories: [R2] LCE 4.8.2 Fixes Multiple Third-party Library Vulnerabilities",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=tenable_security_advisories\u0026qid=TNS-2016-21"
},
{
"title": "Oracle Solaris Third Party Bulletins: Oracle Solaris Third Party Bulletin - October 2016",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=oracle_solaris_third_party_bulletins\u0026qid=6839c4d3fd328571c675c335d58b5591"
},
{
"title": "Oracle: Oracle Critical Patch Update Advisory - July 2017",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=oracle_advisories\u0026qid=2f446a7e1ea263c0c3a365776c6713f2"
},
{
"title": "Oracle Solaris Third Party Bulletins: Oracle Solaris Third Party Bulletin - April 2017",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=oracle_solaris_third_party_bulletins\u0026qid=a31bff03e9909229fd67996884614fdf"
},
{
"title": "Oracle: Oracle Critical Patch Update Advisory - January 2018",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=oracle_advisories\u0026qid=e2a7f287e9acc8c64ab3df71130bc64d"
},
{
"title": "Oracle VM Server for x86 Bulletins: Oracle VM Server for x86 Bulletin - October 2016",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=oracle_vm_server_for_x86_bulletins\u0026qid=21c0efa2643d707e2f50a501209eb75c"
},
{
"title": "Oracle Linux Bulletins: Oracle Linux Bulletin - October 2016",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=oracle_linux_bulletins\u0026qid=13f3551b67d913fba90df4b2c0dae0bf"
},
{
"title": "Oracle: Oracle Critical Patch Update Advisory - April 2018",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=oracle_advisories\u0026qid=4019ca77f50c7a34e4d97833e6f3321e"
},
{
"title": "Oracle: Oracle Critical Patch Update Advisory - April 2017",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=oracle_advisories\u0026qid=143b3fb255063c81571469eaa3cf0a87"
},
{
"title": "Oracle: Oracle Critical Patch Update Advisory - October 2017",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=oracle_advisories\u0026qid=523d3f220a64ff01dd95e064bd37566a"
},
{
"title": "",
"trust": 0.1,
"url": "https://github.com/Live-Hack-CVE/CVE-2016-6306 "
},
{
"title": "",
"trust": 0.1,
"url": "https://github.com/imhunterand/hackerone-publicy-disclosed "
}
],
"sources": [
{
"db": "VULMON",
"id": "CVE-2016-6306"
},
{
"db": "CNNVD",
"id": "CNNVD-201609-595"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-004992"
}
]
},
"problemtype_data": {
"_id": null,
"data": [
{
"problemtype": "CWE-125",
"trust": 1.0
},
{
"problemtype": "CWE-Other",
"trust": 0.8
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2016-004992"
},
{
"db": "NVD",
"id": "CVE-2016-6306"
}
]
},
"references": {
"_id": null,
"data": [
{
"trust": 2.2,
"url": "https://www.openssl.org/news/secadv/20160922.txt"
},
{
"trust": 2.0,
"url": "http://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html"
},
{
"trust": 2.0,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21995039"
},
{
"trust": 2.0,
"url": "http://www.oracle.com/technetwork/security-advisory/cpujan2018-3236628.html"
},
{
"trust": 1.9,
"url": "http://www.ubuntu.com/usn/usn-3087-1"
},
{
"trust": 1.8,
"url": "http://www.securityfocus.com/bid/93153"
},
{
"trust": 1.8,
"url": "https://security.gentoo.org/glsa/201612-16"
},
{
"trust": 1.8,
"url": "http://rhn.redhat.com/errata/rhsa-2016-1940.html"
},
{
"trust": 1.8,
"url": "https://access.redhat.com/errata/rhsa-2018:2186"
},
{
"trust": 1.8,
"url": "http://www.ubuntu.com/usn/usn-3087-2"
},
{
"trust": 1.7,
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-10/msg00013.html"
},
{
"trust": 1.7,
"url": "https://nodejs.org/en/blog/vulnerability/september-2016-security-releases/"
},
{
"trust": 1.7,
"url": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docdisplay?docid=emr_na-c05302448"
},
{
"trust": 1.7,
"url": "http://www.oracle.com/technetwork/topics/security/ovmbulletinoct2016-3090547.html"
},
{
"trust": 1.7,
"url": "http://www.oracle.com/technetwork/topics/security/linuxbulletinoct2016-3090545.html"
},
{
"trust": 1.7,
"url": "https://kb.pulsesecure.net/articles/pulse_security_advisories/sa40312"
},
{
"trust": 1.7,
"url": "https://bto.bluecoat.com/security-advisory/sa132"
},
{
"trust": 1.7,
"url": "http://kb.juniper.net/infocenter/index?page=content\u0026id=jsa10759"
},
{
"trust": 1.7,
"url": "https://www.tenable.com/security/tns-2016-16"
},
{
"trust": 1.7,
"url": "http://www.securitytracker.com/id/1036885"
},
{
"trust": 1.7,
"url": "http://www.oracle.com/technetwork/security-advisory/cpujul2017-3236622.html"
},
{
"trust": 1.7,
"url": "http://www.oracle.com/technetwork/security-advisory/cpuoct2017-3236626.html"
},
{
"trust": 1.7,
"url": "https://www.tenable.com/security/tns-2016-21"
},
{
"trust": 1.7,
"url": "https://www.tenable.com/security/tns-2016-20"
},
{
"trust": 1.7,
"url": "https://security.freebsd.org/advisories/freebsd-sa-16:26.openssl.asc"
},
{
"trust": 1.7,
"url": "http://www.oracle.com/technetwork/security-advisory/cpuapr2018-3678067.html"
},
{
"trust": 1.7,
"url": "https://support.hpe.com/hpsc/doc/public/display?doclocale=en_us\u0026docid=emr_na-hpesbhf03856en_us"
},
{
"trust": 1.7,
"url": "https://access.redhat.com/errata/rhsa-2018:2187"
},
{
"trust": 1.7,
"url": "https://access.redhat.com/errata/rhsa-2018:2185"
},
{
"trust": 1.7,
"url": "https://www.oracle.com/technetwork/security-advisory/cpujul2019-5072835.html"
},
{
"trust": 1.7,
"url": "https://www.oracle.com/security-alerts/cpujan2020.html"
},
{
"trust": 1.7,
"url": "https://www.oracle.com/security-alerts/cpuapr2020.html"
},
{
"trust": 1.7,
"url": "https://www.oracle.com/security-alerts/cpujul2020.html"
},
{
"trust": 1.7,
"url": "https://www.oracle.com/security-alerts/cpuoct2020.html"
},
{
"trust": 1.7,
"url": "https://kc.mcafee.com/corporate/index?page=content\u0026id=sb10215"
},
{
"trust": 1.7,
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-10/msg00005.html"
},
{
"trust": 1.7,
"url": "http://www.debian.org/security/2016/dsa-3673"
},
{
"trust": 1.7,
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-09/msg00024.html"
},
{
"trust": 1.7,
"url": "https://support.hpe.com/hpsc/doc/public/display?doclocale=en\u0026docid=emr_na-hpesbhf03856en_us"
},
{
"trust": 1.7,
"url": "http://lists.opensuse.org/opensuse-security-announce/2017-10/msg00010.html"
},
{
"trust": 1.7,
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-10/msg00029.html"
},
{
"trust": 1.7,
"url": "https://www.arista.com/en/support/advisories-notices/security-advisories/1749-security-advisory-24"
},
{
"trust": 1.7,
"url": "https://support.f5.com/csp/article/k90492697"
},
{
"trust": 1.7,
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-10/msg00012.html"
},
{
"trust": 1.7,
"url": "http://lists.opensuse.org/opensuse-security-announce/2018-02/msg00032.html"
},
{
"trust": 1.7,
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-09/msg00023.html"
},
{
"trust": 1.7,
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-10/msg00011.html"
},
{
"trust": 1.7,
"url": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20170322-01-openssl-en"
},
{
"trust": 1.7,
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-09/msg00031.html"
},
{
"trust": 1.7,
"url": "http://lists.opensuse.org/opensuse-security-announce/2017-10/msg00011.html"
},
{
"trust": 1.7,
"url": "http://seclists.org/fulldisclosure/2017/jul/31"
},
{
"trust": 1.7,
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-10/msg00021.html"
},
{
"trust": 1.7,
"url": "https://h20566.www2.hpe.com/hpsc/doc/public/display?doclocale=en_us\u0026docid=emr_na-c05302448"
},
{
"trust": 1.7,
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-09/msg00022.html"
},
{
"trust": 1.7,
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-412672.pdf"
},
{
"trust": 1.1,
"url": "https://git.openssl.org/?p=openssl.git%3ba=commit%3bh=52e623c4cb06fffa9d5e75c60b34b4bc130b12e9"
},
{
"trust": 0.9,
"url": "http://tools.cisco.com/security/center/content/ciscosecurityadvisory/cisco-sa-20160927-openssl"
},
{
"trust": 0.8,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2016-6306"
},
{
"trust": 0.8,
"url": "http://jvn.jp/vu/jvnvu98667810/index.html"
},
{
"trust": 0.8,
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2016-6306"
},
{
"trust": 0.8,
"url": "http://www.bizmobile.co.jp/news_02.php?id=4069\u0026nc=1"
},
{
"trust": 0.6,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-6306"
},
{
"trust": 0.6,
"url": "https://git.openssl.org/?p=openssl.git;a=commit;h=52e623c4cb06fffa9d5e75c60b34b4bc130b12e9"
},
{
"trust": 0.6,
"url": "https://www.suse.com/support/update/announcement/2019/suse-su-201914246-1.html"
},
{
"trust": 0.6,
"url": "https://www.auscert.org.au/bulletins/esb-2022.0696"
},
{
"trust": 0.6,
"url": "http://www.ibm.com/support/docview.wss?uid=ibm10887855"
},
{
"trust": 0.6,
"url": "https://www.auscert.org.au/bulletins/esb-2019.4645/"
},
{
"trust": 0.6,
"url": "https://www.auscert.org.au/bulletins/esb-2019.2148/"
},
{
"trust": 0.5,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-6302"
},
{
"trust": 0.5,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-2182"
},
{
"trust": 0.5,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-2177"
},
{
"trust": 0.5,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-2180"
},
{
"trust": 0.5,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-2178"
},
{
"trust": 0.5,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-6304"
},
{
"trust": 0.4,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-2183"
},
{
"trust": 0.4,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-2179"
},
{
"trust": 0.4,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-2181"
},
{
"trust": 0.3,
"url": "http://openssl.org/"
},
{
"trust": 0.3,
"url": "http://aix.software.ibm.com/aix/efixes/security/openssl_advisory21.asc"
},
{
"trust": 0.3,
"url": "https://www.ibm.com/blogs/psirt/ibm-security-bulletin-multiple-vulnerabilities-in-openssl-affect-ibm-worklight-and-ibm-mobilefirst-platform-foundation-2/"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=isg3t1024394"
},
{
"trust": 0.3,
"url": "http://www.ibm.com/support/docview.wss?uid=isg3t1024401"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=isg3t1024507"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=isg3t1024648"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=nas8n1021643"
},
{
"trust": 0.3,
"url": "http://www.oracle.com/technetwork/security-advisory/cpuapr2017-3236618.html"
},
{
"trust": 0.3,
"url": "http://www.oracle.com/technetwork/security-advisory/cpujan2017-2881727.html"
},
{
"trust": 0.3,
"url": "https://kc.mcafee.com/resources/sites/mcafee/content/live/product_documentation/27000/pd27128/en_us/meg_7_6_406_3402_103_release_notes_en_us.pdf"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21991896"
},
{
"trust": 0.3,
"url": "https://support.f5.com/kb/en-us/solutions/public/k/90/sol90492697.html?sr=59127107"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=ssg1s1009586"
},
{
"trust": 0.3,
"url": "http://www.ibm.com/support/docview.wss?uid=ssg1s1009648"
},
{
"trust": 0.3,
"url": "https://www-01.ibm.com/support/docview.wss?uid=swg21985392"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21991724"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21992348"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21992427"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21992681"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21992898"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21993061"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21993601"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21993856"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21993875"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21995129"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21995392"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21995393"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21995691"
},
{
"trust": 0.3,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-6303"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-6305"
},
{
"trust": 0.2,
"url": "https://access.redhat.com/articles/11258"
},
{
"trust": 0.2,
"url": "https://access.redhat.com/security/cve/cve-2016-6306"
},
{
"trust": 0.2,
"url": "https://access.redhat.com/security/team/contact/"
},
{
"trust": 0.2,
"url": "https://www.redhat.com/mailman/listinfo/rhsa-announce"
},
{
"trust": 0.2,
"url": "https://bugzilla.redhat.com/):"
},
{
"trust": 0.2,
"url": "https://access.redhat.com/security/cve/cve-2016-2182"
},
{
"trust": 0.2,
"url": "https://access.redhat.com/security/cve/cve-2016-6302"
},
{
"trust": 0.2,
"url": "https://access.redhat.com/security/team/key/"
},
{
"trust": 0.1,
"url": "https://cwe.mitre.org/data/definitions/125.html"
},
{
"trust": 0.1,
"url": "https://github.com/live-hack-cve/cve-2016-6306"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov"
},
{
"trust": 0.1,
"url": "https://usn.ubuntu.com/3087-2/"
},
{
"trust": 0.1,
"url": "https://www.cisa.gov/uscert/ics/advisories/icsa-22-349-21"
},
{
"trust": 0.1,
"url": "http://tools.cisco.com/security/center/viewalert.x?alertid=49001"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-6308"
},
{
"trust": 0.1,
"url": "https://www.openssl.org/policies/secpolicy.html"
},
{
"trust": 0.1,
"url": "https://sweet32.info)"
},
{
"trust": 0.1,
"url": "https://www.openssl.org/policies/releasestrat.html),"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-6307"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/updates/classification/#important"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2016-2180"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2016-2177"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2016-2181"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2016-6304"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2016-2179"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2016-2178"
},
{
"trust": 0.1,
"url": "https://issues.jboss.org/):"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2017-3731"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-7055"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2017-3738"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2017-3731"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2017-3737"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2017-3732"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2017-3738"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2017-3732"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/documentation/en-us/red_hat_jboss_core_services/2.4.29/"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/updates/classification/#moderate"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2016-7055"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2017-3737"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2017-3736"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2017-3736"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-2107"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-2109"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-2106"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-2105"
},
{
"trust": 0.1,
"url": "https://security.gentoo.org/"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-2183"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-2107"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-2178"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-2176"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-7052"
},
{
"trust": 0.1,
"url": "http://creativecommons.org/licenses/by-sa/2.5"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-6304"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-6305"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-2108"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-2106"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-2108"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-7052"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-2105"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-2109"
},
{
"trust": 0.1,
"url": "http://eprint.iacr.org/2016/594.pdf"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-2176"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-2180"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-2177"
},
{
"trust": 0.1,
"url": "https://bugs.gentoo.org."
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-6306"
},
{
"trust": 0.1,
"url": "https://launchpad.net/ubuntu/+source/openssl/1.0.1-4ubuntu5.37"
},
{
"trust": 0.1,
"url": "https://launchpad.net/ubuntu/+source/openssl/1.0.1f-1ubuntu2.20"
},
{
"trust": 0.1,
"url": "https://launchpad.net/ubuntu/+source/openssl/1.0.2g-1ubuntu4.4"
},
{
"trust": 0.1,
"url": "https://launchpad.net/ubuntu/+source/openssl/1.0.1f-1ubuntu2.21"
},
{
"trust": 0.1,
"url": "https://launchpad.net/ubuntu/+source/openssl/1.0.1-4ubuntu5.38"
},
{
"trust": 0.1,
"url": "https://launchpad.net/ubuntu/+source/openssl/1.0.2g-1ubuntu4.5"
},
{
"trust": 0.1,
"url": "https://launchpad.net/bugs/1626883"
}
],
"sources": [
{
"db": "VULMON",
"id": "CVE-2016-6306"
},
{
"db": "BID",
"id": "93153"
},
{
"db": "PACKETSTORM",
"id": "169633"
},
{
"db": "PACKETSTORM",
"id": "138870"
},
{
"db": "PACKETSTORM",
"id": "148525"
},
{
"db": "PACKETSTORM",
"id": "140056"
},
{
"db": "PACKETSTORM",
"id": "138820"
},
{
"db": "PACKETSTORM",
"id": "138826"
},
{
"db": "CNNVD",
"id": "CNNVD-201609-595"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-004992"
},
{
"db": "NVD",
"id": "CVE-2016-6306"
}
]
},
"sources": {
"_id": null,
"data": [
{
"db": "VULMON",
"id": "CVE-2016-6306",
"ident": null
},
{
"db": "BID",
"id": "93153",
"ident": null
},
{
"db": "PACKETSTORM",
"id": "169633",
"ident": null
},
{
"db": "PACKETSTORM",
"id": "138870",
"ident": null
},
{
"db": "PACKETSTORM",
"id": "148525",
"ident": null
},
{
"db": "PACKETSTORM",
"id": "140056",
"ident": null
},
{
"db": "PACKETSTORM",
"id": "138820",
"ident": null
},
{
"db": "PACKETSTORM",
"id": "138826",
"ident": null
},
{
"db": "CNNVD",
"id": "CNNVD-201609-595",
"ident": null
},
{
"db": "JVNDB",
"id": "JVNDB-2016-004992",
"ident": null
},
{
"db": "NVD",
"id": "CVE-2016-6306",
"ident": null
}
]
},
"sources_release_date": {
"_id": null,
"data": [
{
"date": "2016-09-26T00:00:00",
"db": "VULMON",
"id": "CVE-2016-6306",
"ident": null
},
{
"date": "2016-09-23T00:00:00",
"db": "BID",
"id": "93153",
"ident": null
},
{
"date": "2016-09-22T12:12:12",
"db": "PACKETSTORM",
"id": "169633",
"ident": null
},
{
"date": "2016-09-27T19:32:00",
"db": "PACKETSTORM",
"id": "138870",
"ident": null
},
{
"date": "2018-07-12T21:48:57",
"db": "PACKETSTORM",
"id": "148525",
"ident": null
},
{
"date": "2016-12-07T16:37:31",
"db": "PACKETSTORM",
"id": "140056",
"ident": null
},
{
"date": "2016-09-22T22:25:00",
"db": "PACKETSTORM",
"id": "138820",
"ident": null
},
{
"date": "2016-09-23T19:19:00",
"db": "PACKETSTORM",
"id": "138826",
"ident": null
},
{
"date": "2016-09-27T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201609-595",
"ident": null
},
{
"date": "2016-09-30T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2016-004992",
"ident": null
},
{
"date": "2016-09-26T19:59:02.910000",
"db": "NVD",
"id": "CVE-2016-6306",
"ident": null
}
]
},
"sources_update_date": {
"_id": null,
"data": [
{
"date": "2023-11-07T00:00:00",
"db": "VULMON",
"id": "CVE-2016-6306",
"ident": null
},
{
"date": "2017-12-19T22:37:00",
"db": "BID",
"id": "93153",
"ident": null
},
{
"date": "2022-12-14T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201609-595",
"ident": null
},
{
"date": "2017-07-25T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2016-004992",
"ident": null
},
{
"date": "2025-04-12T10:46:40.837000",
"db": "NVD",
"id": "CVE-2016-6306",
"ident": null
}
]
},
"threat_type": {
"_id": null,
"data": "remote",
"sources": [
{
"db": "PACKETSTORM",
"id": "138870"
},
{
"db": "PACKETSTORM",
"id": "148525"
},
{
"db": "PACKETSTORM",
"id": "138820"
},
{
"db": "PACKETSTORM",
"id": "138826"
},
{
"db": "CNNVD",
"id": "CNNVD-201609-595"
}
],
"trust": 1.0
},
"title": {
"_id": null,
"data": "OpenSSL Denial of service in a certificate parser (DoS) Vulnerabilities",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2016-004992"
}
],
"trust": 0.8
},
"type": {
"_id": null,
"data": "buffer error",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201609-595"
}
],
"trust": 0.6
}
}
WID-SEC-W-2024-0209
Vulnerability from csaf_certbund - Published: 2016-09-22 22:00 - Updated: 2025-11-02 23:00Summary
OpenSSL: Mehrere Schwachstellen
Severity
Mittel
Notes
Das BSI ist als Anbieter für die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch dafür verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgfältig im Einzelfall zu prüfen.
Produktbeschreibung: OpenSSL ist eine im Quelltext frei verfügbare Bibliothek, die Secure Sockets Layer (SSL) und Transport Layer Security (TLS) implementiert.
Angriff: Ein entfernter, anonymer Angreifer kann mehrere Schwachstellen in OpenSSL ausnutzen, um Sicherheitsvorkehrungen zu umgehen, einen Denial of Service Angriff durchzuführen oder vertrauliche Informationen offenzulegen.
Betroffene Betriebssysteme: - Appliance
- CISCO Appliance
- F5 Networks
- Juniper Appliance
- Linux
- UNIX
- Windows
Affected products
Known affected
85 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Cisco IP Phone
Cisco
|
cpe:/h:cisco:ip_phone:-
|
— | |
|
Cisco WebEx Meetings Server
Cisco
|
cpe:/a:cisco:webex_meetings_server:-
|
— | |
|
HPE Loadrunner Software
HPE
|
cpe:/a:hp:loadrunner:-
|
— | |
|
FreeBSD Project FreeBSD OS 9
FreeBSD Project / FreeBSD OS
|
cpe:/o:freebsd:freebsd:9.0
|
9 | |
|
Juniper Junos Space
Juniper / Junos Space
|
cpe:/a:juniper:junos_space:-
|
— | |
|
NetApp OnCommand Unified Manager
NetApp
|
cpe:/a:netapp:oncommand_unified_manager:-
|
— | |
|
Juniper ScreenOS
Juniper
|
cpe:/o:juniper:screenos:-
|
— | |
|
Blue Coat Director 6.1
Blue Coat / Director
|
cpe:/a:bluecoat:director:6.1
|
6.1 | |
|
Cisco Unified MeetingPlace (MP)
Cisco
|
cpe:/a:cisco:unified_meetingplace:-
|
— | |
|
Blue Coat ProxySG 6.5
Blue Coat / ProxySG
|
cpe:/h:bluecoat:proxysg:6.5
|
6.5 | |
|
Blue Coat ProxySG 6.6
Blue Coat / ProxySG
|
cpe:/h:bluecoat:proxysg:6.6
|
6.6 | |
|
Oracle Linux
Oracle
|
cpe:/o:oracle:linux:-
|
— | |
|
Cisco AnyConnect Secure Mobility Solution
Cisco
|
cpe:/a:cisco:anyconnect_secure_mobility_client:2.0
|
— | |
|
Cisco Prime Infrastructure
Cisco
|
cpe:/a:cisco:prime_infrastructure:-
|
— | |
|
IBM Rational Build Forge <8.0.0.27
IBM / Rational Build Forge
|
<8.0.0.27 | ||
|
F5 WAN Optimization Manager
F5
|
cpe:/a:f5:big-ip_wan_optimization_manager:-
|
— | |
|
Cisco Small Business 300 Series Managed Switches
Cisco
|
cpe:/h:cisco:small_business_300_series_managed_switches:1.2.7.76
|
— | |
|
Juniper JUNOS
Juniper
|
cpe:/o:juniper:junos:-
|
— | |
|
HPE SiteScope
HPE
|
cpe:/a:hp:sitescope:-
|
— | |
|
Cisco ONS
Cisco
|
cpe:/h:cisco:ons:15454
|
— | |
|
Cisco WebEx Node for MCS
Cisco
|
cpe:/a:cisco:webex_node_for_mcs:-
|
— | |
|
Cisco Prime Collaboration
Cisco
|
cpe:/a:cisco:prime_collaboration:-
|
— | |
|
Arista EOS
Arista
|
cpe:/o:arista:arista_eos:4.15
|
— | |
|
Cisco Show and Share
Cisco
|
cpe:/a:cisco:show_and_share:-
|
— | |
|
FreeBSD Project FreeBSD OS 11-11.0
FreeBSD Project / FreeBSD OS
|
cpe:/o:freebsd:freebsd:11
|
11-11.0 | |
|
Cisco Nexus 2000
Cisco
|
cpe:/h:cisco:nexus:3000
|
— | |
|
SUSE Linux Enterprise Server
SUSE
|
cpe:/o:suse:linux_enterprise_server:12:ltss
|
— | |
|
Cisco Video Surveillance
Cisco
|
cpe:/a:cisco:video_surveillance_ip_gateway_encoder_decoder:-
|
— | |
|
Cisco Nexus 7000
Cisco
|
cpe:/h:cisco:nexus_7000:-
|
— | |
|
Cisco Nexus 5000
Cisco
|
cpe:/h:cisco:nexus_5000:-
|
— | |
|
Cisco TelePresence
Cisco
|
cpe:/h:cisco:telepresence_video_communication_server:-::control
|
— | |
|
HPE Performance Center
HPE
|
cpe:/a:hp:performance_center:-
|
— | |
|
Cisco Emergency Responder
Cisco
|
cpe:/a:cisco:emergency_responder:-
|
— | |
|
Cisco Network Analysis Module
Cisco
|
cpe:/h:cisco:network_analysis_module:-
|
— | |
|
Dell NetWorker <19.10
Dell / NetWorker
|
<19.10 | ||
|
Cisco Secure Access Control Server (ACS)
Cisco
|
cpe:/a:cisco:secure_access_control_server:2.1%284%29:-:windows
|
— | |
|
Xerox FreeFlow Print Server
Xerox
|
cpe:/a:xerox:freeflow_print_server:8
|
— | |
|
SUSE Linux
SUSE
|
cpe:/o:suse:suse_linux:-
|
— | |
|
Cisco Security Manager (CSM)
Cisco
|
cpe:/a:cisco:security_manager:-
|
— | |
|
Debian Linux Jessie (8.0)
Debian
|
cpe:/o:debian:debian_linux:8.0
|
— | |
|
Cisco WebEx Meeting Center
Cisco
|
cpe:/a:cisco:webex_meeting_center:-
|
— | |
|
Blue Coat ProxyAV 3.5
Blue Coat / ProxyAV
|
cpe:/h:bluecoat:proxyav:3.5
|
3.5 | |
|
Cisco Unified Contact Center Express (UCCX)
Cisco
|
cpe:/h:cisco:unified_contact_center_express:-
|
— | |
|
Ubuntu Linux 16.04 LTS
Ubuntu / Linux
|
cpe:/o:canonical:ubuntu_linux:16.04_lts
|
16.04 LTS | |
|
Red Hat Enterprise Linux
Red Hat
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
Ubuntu Linux 14.04 LTS
Ubuntu / Linux
|
cpe:/o:canonical:ubuntu_linux:14.04:-:lts
|
14.04 LTS | |
|
Cisco Intrusion Prevention System (IPS)
Cisco
|
cpe:/h:cisco:intrusion_prevention_system:-
|
— | |
|
Cisco Unified Communications Domain Manager (CUCDM)
Cisco
|
cpe:/a:cisco:unified_communications_domain_manager:-
|
— | |
|
Cisco Application Networking Manager
Cisco
|
cpe:/a:cisco:application_networking_manager:-
|
— | |
|
Juniper Junos Space <24.1R2
Juniper / Junos Space
|
<24.1R2 | ||
|
Cisco Unity Express
Cisco
|
cpe:/h:cisco:unity_express:-
|
— | |
|
F5 FirePass
F5
|
cpe:/a:f5:firepass:-
|
— | |
|
F5 ARX 6.2.0-6.4.0
F5 / ARX
|
cpe:/a:f5:arx:-
|
6.2.0-6.4.0 | |
|
Cisco MDS 9000
Cisco
|
cpe:/o:cisco:mds_9000:-
|
— | |
|
F5 BIG-IP
F5 / BIG-IP
|
cpe:/a:f5:big-ip:-
|
— | |
|
Cisco Aironet Access Point
cisco
|
cpe:/h:cisco:aironet_3500:-
|
— | |
|
Cisco IOS
Cisco
|
cpe:/o:cisco:ios:10.0
|
— | |
|
Open Source OpenSSL <1.0.1u
Open Source / OpenSSL
|
<1.0.1u | ||
|
Cisco IOS XE
Cisco
|
cpe:/o:cisco:ios_xe:3.1.0s
|
— | |
|
Cisco Advanced Malware Protection
Cisco
|
cpe:/h:cisco:advanced_malware_protection:-
|
— | |
|
Cisco Unity Connection
Cisco
|
cpe:/a:cisco:unity_connection:1.1
|
— | |
|
Xerox Phaser
Xerox
|
cpe:/h:xerox:phaser:-
|
— | |
|
FreeBSD Project FreeBSD OS 10-10.3
FreeBSD Project / FreeBSD OS
|
cpe:/o:freebsd:freebsd:10.3
|
10-10.3 | |
|
Cisco Packet Tracer
Cisco
|
cpe:/a:cisco:packet_tracer:5.2
|
— | |
|
Tenable Security Nessus 6.8-6.8.2
Tenable Security / Nessus
|
cpe:/a:tenable:nessus:6.8.2
|
6.8-6.8.2 | |
|
Open Source OpenSSL <1.1.0a
Open Source / OpenSSL
|
<1.1.0a | ||
|
Cisco Nexus 6000
Cisco
|
cpe:/h:cisco:nexus_6000:-
|
— | |
|
Fortinet FortiOS
Fortinet
|
cpe:/o:fortinet:fortios:-
|
— | |
|
HPE Integrated Lights-Out 4
HPE / Integrated Lights-Out
|
cpe:/h:hp:integrated_lights-out:4.0
|
4 | |
|
Cisco Nexus 9000
Cisco
|
cpe:/h:cisco:nexus_9000:-
|
— | |
|
Cisco Unified Contact Center Enterprise
Cisco
|
cpe:/a:cisco:unified_contact_center_enterprise:-
|
— | |
|
Cisco Unified Communications Manager (CUCM)
Cisco
|
cpe:/a:cisco:unified_communications_manager:-
|
— | |
|
Cisco Wide Area Application Services
Cisco
|
cpe:/a:cisco:wide_area_application_services:-
|
— | |
|
Cisco Nexus 1000V
Cisco
|
cpe:/h:cisco:nexus_1000v:-
|
— | |
|
Open Source OpenSSL <1.0.2i
Open Source / OpenSSL
|
<1.0.2i | ||
|
F5 BIG-IP
F5 / BIG-IP
|
cpe:/a:f5:big-ip:-
|
— | |
|
Cisco Email Security Appliance
Cisco
|
cpe:/h:cisco:email_security_appliance:-
|
— | |
|
Ubuntu Linux 12.04 LTS
Ubuntu / Linux
|
cpe:/o:canonical:ubuntu_linux:12.04:-:lts
|
12.04 LTS | |
|
Cisco Digital Media Manager
Cisco
|
cpe:/a:cisco:digital_media_manager:-
|
— | |
|
F5 WebAccelerator
F5
|
cpe:/h:f5:big-ip_webaccelerator:10.2.4
|
— | |
|
Cisco Unified IP Phone
Cisco
|
cpe:/h:cisco:unified_ip_phones:::9900_series
|
— | |
|
FreeBSD Project FreeBSD OS 9.3
FreeBSD Project / FreeBSD OS
|
cpe:/o:freebsd:freebsd:9.3
|
9.3 | |
|
Cisco ACE
Cisco
|
cpe:/a:cisco:application_control_engine_software:a1%287%29
|
— | |
|
Open Source CentOS
Open Source
|
cpe:/o:centos:centos:-
|
— | |
|
Cisco Wireless LAN Controllers
Cisco
|
cpe:/a:cisco:wireless_lan_controllers:-
|
— |
Affected products
Known affected
86 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Cisco IP Phone
Cisco
|
cpe:/h:cisco:ip_phone:-
|
— | |
|
Cisco WebEx Meetings Server
Cisco
|
cpe:/a:cisco:webex_meetings_server:-
|
— | |
|
HPE Loadrunner Software
HPE
|
cpe:/a:hp:loadrunner:-
|
— | |
|
FreeBSD Project FreeBSD OS 9
FreeBSD Project / FreeBSD OS
|
cpe:/o:freebsd:freebsd:9.0
|
9 | |
|
Juniper Junos Space
Juniper / Junos Space
|
cpe:/a:juniper:junos_space:-
|
— | |
|
NetApp OnCommand Unified Manager
NetApp
|
cpe:/a:netapp:oncommand_unified_manager:-
|
— | |
|
Juniper ScreenOS
Juniper
|
cpe:/o:juniper:screenos:-
|
— | |
|
Blue Coat Director 6.1
Blue Coat / Director
|
cpe:/a:bluecoat:director:6.1
|
6.1 | |
|
Cisco Unified MeetingPlace (MP)
Cisco
|
cpe:/a:cisco:unified_meetingplace:-
|
— | |
|
Blue Coat ProxySG 6.5
Blue Coat / ProxySG
|
cpe:/h:bluecoat:proxysg:6.5
|
6.5 | |
|
Blue Coat ProxySG 6.6
Blue Coat / ProxySG
|
cpe:/h:bluecoat:proxysg:6.6
|
6.6 | |
|
Oracle Linux
Oracle
|
cpe:/o:oracle:linux:-
|
— | |
|
Cisco AnyConnect Secure Mobility Solution
Cisco
|
cpe:/a:cisco:anyconnect_secure_mobility_client:2.0
|
— | |
|
Cisco Prime Infrastructure
Cisco
|
cpe:/a:cisco:prime_infrastructure:-
|
— | |
|
IBM Rational Build Forge <8.0.0.27
IBM / Rational Build Forge
|
<8.0.0.27 | ||
|
F5 WAN Optimization Manager
F5
|
cpe:/a:f5:big-ip_wan_optimization_manager:-
|
— | |
|
Cisco Small Business 300 Series Managed Switches
Cisco
|
cpe:/h:cisco:small_business_300_series_managed_switches:1.2.7.76
|
— | |
|
Juniper JUNOS
Juniper
|
cpe:/o:juniper:junos:-
|
— | |
|
HPE SiteScope
HPE
|
cpe:/a:hp:sitescope:-
|
— | |
|
Cisco ONS
Cisco
|
cpe:/h:cisco:ons:15454
|
— | |
|
Cisco WebEx Node for MCS
Cisco
|
cpe:/a:cisco:webex_node_for_mcs:-
|
— | |
|
Cisco Prime Collaboration
Cisco
|
cpe:/a:cisco:prime_collaboration:-
|
— | |
|
Arista EOS
Arista
|
cpe:/o:arista:arista_eos:4.15
|
— | |
|
Cisco Show and Share
Cisco
|
cpe:/a:cisco:show_and_share:-
|
— | |
|
FreeBSD Project FreeBSD OS 11-11.0
FreeBSD Project / FreeBSD OS
|
cpe:/o:freebsd:freebsd:11
|
11-11.0 | |
|
Cisco Nexus 2000
Cisco
|
cpe:/h:cisco:nexus:3000
|
— | |
|
SUSE Linux Enterprise Server
SUSE
|
cpe:/o:suse:linux_enterprise_server:12:ltss
|
— | |
|
Cisco Video Surveillance
Cisco
|
cpe:/a:cisco:video_surveillance_ip_gateway_encoder_decoder:-
|
— | |
|
Cisco Nexus 7000
Cisco
|
cpe:/h:cisco:nexus_7000:-
|
— | |
|
Cisco Nexus 5000
Cisco
|
cpe:/h:cisco:nexus_5000:-
|
— | |
|
Cisco TelePresence
Cisco
|
cpe:/h:cisco:telepresence_video_communication_server:-::control
|
— | |
|
HPE Performance Center
HPE
|
cpe:/a:hp:performance_center:-
|
— | |
|
Cisco Emergency Responder
Cisco
|
cpe:/a:cisco:emergency_responder:-
|
— | |
|
Cisco Network Analysis Module
Cisco
|
cpe:/h:cisco:network_analysis_module:-
|
— | |
|
Dell NetWorker <19.10
Dell / NetWorker
|
<19.10 | ||
|
Cisco Secure Access Control Server (ACS)
Cisco
|
cpe:/a:cisco:secure_access_control_server:2.1%284%29:-:windows
|
— | |
|
Xerox FreeFlow Print Server
Xerox
|
cpe:/a:xerox:freeflow_print_server:8
|
— | |
|
SUSE Linux
SUSE
|
cpe:/o:suse:suse_linux:-
|
— | |
|
Cisco Security Manager (CSM)
Cisco
|
cpe:/a:cisco:security_manager:-
|
— | |
|
Debian Linux Jessie (8.0)
Debian
|
cpe:/o:debian:debian_linux:8.0
|
— | |
|
Cisco WebEx Meeting Center
Cisco
|
cpe:/a:cisco:webex_meeting_center:-
|
— | |
|
Blue Coat ProxyAV 3.5
Blue Coat / ProxyAV
|
cpe:/h:bluecoat:proxyav:3.5
|
3.5 | |
|
Cisco Unified Contact Center Express (UCCX)
Cisco
|
cpe:/h:cisco:unified_contact_center_express:-
|
— | |
|
Ubuntu Linux 16.04 LTS
Ubuntu / Linux
|
cpe:/o:canonical:ubuntu_linux:16.04_lts
|
16.04 LTS | |
|
Red Hat Enterprise Linux
Red Hat
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
Ubuntu Linux 14.04 LTS
Ubuntu / Linux
|
cpe:/o:canonical:ubuntu_linux:14.04:-:lts
|
14.04 LTS | |
|
Cisco Intrusion Prevention System (IPS)
Cisco
|
cpe:/h:cisco:intrusion_prevention_system:-
|
— | |
|
Cisco Unified Communications Domain Manager (CUCDM)
Cisco
|
cpe:/a:cisco:unified_communications_domain_manager:-
|
— | |
|
Cisco Application Networking Manager
Cisco
|
cpe:/a:cisco:application_networking_manager:-
|
— | |
|
Juniper Junos Space <24.1R2
Juniper / Junos Space
|
<24.1R2 | ||
|
Xerox WorkCentre
Xerox
|
cpe:/h:xerox:workcentre:-
|
— | |
|
Cisco Unity Express
Cisco
|
cpe:/h:cisco:unity_express:-
|
— | |
|
F5 FirePass
F5
|
cpe:/a:f5:firepass:-
|
— | |
|
F5 ARX 6.2.0-6.4.0
F5 / ARX
|
cpe:/a:f5:arx:-
|
6.2.0-6.4.0 | |
|
Cisco MDS 9000
Cisco
|
cpe:/o:cisco:mds_9000:-
|
— | |
|
F5 BIG-IP
F5 / BIG-IP
|
cpe:/a:f5:big-ip:-
|
— | |
|
Cisco Aironet Access Point
cisco
|
cpe:/h:cisco:aironet_3500:-
|
— | |
|
Cisco IOS
Cisco
|
cpe:/o:cisco:ios:10.0
|
— | |
|
Open Source OpenSSL <1.0.1u
Open Source / OpenSSL
|
<1.0.1u | ||
|
Cisco IOS XE
Cisco
|
cpe:/o:cisco:ios_xe:3.1.0s
|
— | |
|
Cisco Advanced Malware Protection
Cisco
|
cpe:/h:cisco:advanced_malware_protection:-
|
— | |
|
Cisco Unity Connection
Cisco
|
cpe:/a:cisco:unity_connection:1.1
|
— | |
|
Xerox Phaser
Xerox
|
cpe:/h:xerox:phaser:-
|
— | |
|
FreeBSD Project FreeBSD OS 10-10.3
FreeBSD Project / FreeBSD OS
|
cpe:/o:freebsd:freebsd:10.3
|
10-10.3 | |
|
Cisco Packet Tracer
Cisco
|
cpe:/a:cisco:packet_tracer:5.2
|
— | |
|
Tenable Security Nessus 6.8-6.8.2
Tenable Security / Nessus
|
cpe:/a:tenable:nessus:6.8.2
|
6.8-6.8.2 | |
|
Open Source OpenSSL <1.1.0a
Open Source / OpenSSL
|
<1.1.0a | ||
|
Cisco Nexus 6000
Cisco
|
cpe:/h:cisco:nexus_6000:-
|
— | |
|
Fortinet FortiOS
Fortinet
|
cpe:/o:fortinet:fortios:-
|
— | |
|
HPE Integrated Lights-Out 4
HPE / Integrated Lights-Out
|
cpe:/h:hp:integrated_lights-out:4.0
|
4 | |
|
Cisco Nexus 9000
Cisco
|
cpe:/h:cisco:nexus_9000:-
|
— | |
|
Cisco Unified Contact Center Enterprise
Cisco
|
cpe:/a:cisco:unified_contact_center_enterprise:-
|
— | |
|
Cisco Unified Communications Manager (CUCM)
Cisco
|
cpe:/a:cisco:unified_communications_manager:-
|
— | |
|
Cisco Wide Area Application Services
Cisco
|
cpe:/a:cisco:wide_area_application_services:-
|
— | |
|
Cisco Nexus 1000V
Cisco
|
cpe:/h:cisco:nexus_1000v:-
|
— | |
|
Open Source OpenSSL <1.0.2i
Open Source / OpenSSL
|
<1.0.2i | ||
|
F5 BIG-IP
F5 / BIG-IP
|
cpe:/a:f5:big-ip:-
|
— | |
|
Cisco Email Security Appliance
Cisco
|
cpe:/h:cisco:email_security_appliance:-
|
— | |
|
Ubuntu Linux 12.04 LTS
Ubuntu / Linux
|
cpe:/o:canonical:ubuntu_linux:12.04:-:lts
|
12.04 LTS | |
|
Cisco Digital Media Manager
Cisco
|
cpe:/a:cisco:digital_media_manager:-
|
— | |
|
F5 WebAccelerator
F5
|
cpe:/h:f5:big-ip_webaccelerator:10.2.4
|
— | |
|
Cisco Unified IP Phone
Cisco
|
cpe:/h:cisco:unified_ip_phones:::9900_series
|
— | |
|
FreeBSD Project FreeBSD OS 9.3
FreeBSD Project / FreeBSD OS
|
cpe:/o:freebsd:freebsd:9.3
|
9.3 | |
|
Cisco ACE
Cisco
|
cpe:/a:cisco:application_control_engine_software:a1%287%29
|
— | |
|
Open Source CentOS
Open Source
|
cpe:/o:centos:centos:-
|
— | |
|
Cisco Wireless LAN Controllers
Cisco
|
cpe:/a:cisco:wireless_lan_controllers:-
|
— |
Affected products
Known affected
86 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Cisco IP Phone
Cisco
|
cpe:/h:cisco:ip_phone:-
|
— | |
|
Cisco WebEx Meetings Server
Cisco
|
cpe:/a:cisco:webex_meetings_server:-
|
— | |
|
HPE Loadrunner Software
HPE
|
cpe:/a:hp:loadrunner:-
|
— | |
|
FreeBSD Project FreeBSD OS 9
FreeBSD Project / FreeBSD OS
|
cpe:/o:freebsd:freebsd:9.0
|
9 | |
|
Juniper Junos Space
Juniper / Junos Space
|
cpe:/a:juniper:junos_space:-
|
— | |
|
NetApp OnCommand Unified Manager
NetApp
|
cpe:/a:netapp:oncommand_unified_manager:-
|
— | |
|
Juniper ScreenOS
Juniper
|
cpe:/o:juniper:screenos:-
|
— | |
|
Blue Coat Director 6.1
Blue Coat / Director
|
cpe:/a:bluecoat:director:6.1
|
6.1 | |
|
Cisco Unified MeetingPlace (MP)
Cisco
|
cpe:/a:cisco:unified_meetingplace:-
|
— | |
|
Blue Coat ProxySG 6.5
Blue Coat / ProxySG
|
cpe:/h:bluecoat:proxysg:6.5
|
6.5 | |
|
Blue Coat ProxySG 6.6
Blue Coat / ProxySG
|
cpe:/h:bluecoat:proxysg:6.6
|
6.6 | |
|
Oracle Linux
Oracle
|
cpe:/o:oracle:linux:-
|
— | |
|
Cisco AnyConnect Secure Mobility Solution
Cisco
|
cpe:/a:cisco:anyconnect_secure_mobility_client:2.0
|
— | |
|
Cisco Prime Infrastructure
Cisco
|
cpe:/a:cisco:prime_infrastructure:-
|
— | |
|
IBM Rational Build Forge <8.0.0.27
IBM / Rational Build Forge
|
<8.0.0.27 | ||
|
F5 WAN Optimization Manager
F5
|
cpe:/a:f5:big-ip_wan_optimization_manager:-
|
— | |
|
Cisco Small Business 300 Series Managed Switches
Cisco
|
cpe:/h:cisco:small_business_300_series_managed_switches:1.2.7.76
|
— | |
|
Juniper JUNOS
Juniper
|
cpe:/o:juniper:junos:-
|
— | |
|
HPE SiteScope
HPE
|
cpe:/a:hp:sitescope:-
|
— | |
|
Cisco ONS
Cisco
|
cpe:/h:cisco:ons:15454
|
— | |
|
Cisco WebEx Node for MCS
Cisco
|
cpe:/a:cisco:webex_node_for_mcs:-
|
— | |
|
Cisco Prime Collaboration
Cisco
|
cpe:/a:cisco:prime_collaboration:-
|
— | |
|
Arista EOS
Arista
|
cpe:/o:arista:arista_eos:4.15
|
— | |
|
Cisco Show and Share
Cisco
|
cpe:/a:cisco:show_and_share:-
|
— | |
|
FreeBSD Project FreeBSD OS 11-11.0
FreeBSD Project / FreeBSD OS
|
cpe:/o:freebsd:freebsd:11
|
11-11.0 | |
|
Cisco Nexus 2000
Cisco
|
cpe:/h:cisco:nexus:3000
|
— | |
|
SUSE Linux Enterprise Server
SUSE
|
cpe:/o:suse:linux_enterprise_server:12:ltss
|
— | |
|
Cisco Video Surveillance
Cisco
|
cpe:/a:cisco:video_surveillance_ip_gateway_encoder_decoder:-
|
— | |
|
Cisco Nexus 7000
Cisco
|
cpe:/h:cisco:nexus_7000:-
|
— | |
|
Cisco Nexus 5000
Cisco
|
cpe:/h:cisco:nexus_5000:-
|
— | |
|
Cisco TelePresence
Cisco
|
cpe:/h:cisco:telepresence_video_communication_server:-::control
|
— | |
|
HPE Performance Center
HPE
|
cpe:/a:hp:performance_center:-
|
— | |
|
Cisco Emergency Responder
Cisco
|
cpe:/a:cisco:emergency_responder:-
|
— | |
|
Cisco Network Analysis Module
Cisco
|
cpe:/h:cisco:network_analysis_module:-
|
— | |
|
Dell NetWorker <19.10
Dell / NetWorker
|
<19.10 | ||
|
Cisco Secure Access Control Server (ACS)
Cisco
|
cpe:/a:cisco:secure_access_control_server:2.1%284%29:-:windows
|
— | |
|
Xerox FreeFlow Print Server
Xerox
|
cpe:/a:xerox:freeflow_print_server:8
|
— | |
|
SUSE Linux
SUSE
|
cpe:/o:suse:suse_linux:-
|
— | |
|
Cisco Security Manager (CSM)
Cisco
|
cpe:/a:cisco:security_manager:-
|
— | |
|
Debian Linux Jessie (8.0)
Debian
|
cpe:/o:debian:debian_linux:8.0
|
— | |
|
Cisco WebEx Meeting Center
Cisco
|
cpe:/a:cisco:webex_meeting_center:-
|
— | |
|
Blue Coat ProxyAV 3.5
Blue Coat / ProxyAV
|
cpe:/h:bluecoat:proxyav:3.5
|
3.5 | |
|
Cisco Unified Contact Center Express (UCCX)
Cisco
|
cpe:/h:cisco:unified_contact_center_express:-
|
— | |
|
Ubuntu Linux 16.04 LTS
Ubuntu / Linux
|
cpe:/o:canonical:ubuntu_linux:16.04_lts
|
16.04 LTS | |
|
Red Hat Enterprise Linux
Red Hat
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
Ubuntu Linux 14.04 LTS
Ubuntu / Linux
|
cpe:/o:canonical:ubuntu_linux:14.04:-:lts
|
14.04 LTS | |
|
Cisco Intrusion Prevention System (IPS)
Cisco
|
cpe:/h:cisco:intrusion_prevention_system:-
|
— | |
|
Cisco Unified Communications Domain Manager (CUCDM)
Cisco
|
cpe:/a:cisco:unified_communications_domain_manager:-
|
— | |
|
Cisco Application Networking Manager
Cisco
|
cpe:/a:cisco:application_networking_manager:-
|
— | |
|
Juniper Junos Space <24.1R2
Juniper / Junos Space
|
<24.1R2 | ||
|
Xerox WorkCentre
Xerox
|
cpe:/h:xerox:workcentre:-
|
— | |
|
Cisco Unity Express
Cisco
|
cpe:/h:cisco:unity_express:-
|
— | |
|
F5 FirePass
F5
|
cpe:/a:f5:firepass:-
|
— | |
|
F5 ARX 6.2.0-6.4.0
F5 / ARX
|
cpe:/a:f5:arx:-
|
6.2.0-6.4.0 | |
|
Cisco MDS 9000
Cisco
|
cpe:/o:cisco:mds_9000:-
|
— | |
|
F5 BIG-IP
F5 / BIG-IP
|
cpe:/a:f5:big-ip:-
|
— | |
|
Cisco Aironet Access Point
cisco
|
cpe:/h:cisco:aironet_3500:-
|
— | |
|
Cisco IOS
Cisco
|
cpe:/o:cisco:ios:10.0
|
— | |
|
Open Source OpenSSL <1.0.1u
Open Source / OpenSSL
|
<1.0.1u | ||
|
Cisco IOS XE
Cisco
|
cpe:/o:cisco:ios_xe:3.1.0s
|
— | |
|
Cisco Advanced Malware Protection
Cisco
|
cpe:/h:cisco:advanced_malware_protection:-
|
— | |
|
Cisco Unity Connection
Cisco
|
cpe:/a:cisco:unity_connection:1.1
|
— | |
|
Xerox Phaser
Xerox
|
cpe:/h:xerox:phaser:-
|
— | |
|
FreeBSD Project FreeBSD OS 10-10.3
FreeBSD Project / FreeBSD OS
|
cpe:/o:freebsd:freebsd:10.3
|
10-10.3 | |
|
Cisco Packet Tracer
Cisco
|
cpe:/a:cisco:packet_tracer:5.2
|
— | |
|
Tenable Security Nessus 6.8-6.8.2
Tenable Security / Nessus
|
cpe:/a:tenable:nessus:6.8.2
|
6.8-6.8.2 | |
|
Open Source OpenSSL <1.1.0a
Open Source / OpenSSL
|
<1.1.0a | ||
|
Cisco Nexus 6000
Cisco
|
cpe:/h:cisco:nexus_6000:-
|
— | |
|
Fortinet FortiOS
Fortinet
|
cpe:/o:fortinet:fortios:-
|
— | |
|
HPE Integrated Lights-Out 4
HPE / Integrated Lights-Out
|
cpe:/h:hp:integrated_lights-out:4.0
|
4 | |
|
Cisco Nexus 9000
Cisco
|
cpe:/h:cisco:nexus_9000:-
|
— | |
|
Cisco Unified Contact Center Enterprise
Cisco
|
cpe:/a:cisco:unified_contact_center_enterprise:-
|
— | |
|
Cisco Unified Communications Manager (CUCM)
Cisco
|
cpe:/a:cisco:unified_communications_manager:-
|
— | |
|
Cisco Wide Area Application Services
Cisco
|
cpe:/a:cisco:wide_area_application_services:-
|
— | |
|
Cisco Nexus 1000V
Cisco
|
cpe:/h:cisco:nexus_1000v:-
|
— | |
|
Open Source OpenSSL <1.0.2i
Open Source / OpenSSL
|
<1.0.2i | ||
|
F5 BIG-IP
F5 / BIG-IP
|
cpe:/a:f5:big-ip:-
|
— | |
|
Cisco Email Security Appliance
Cisco
|
cpe:/h:cisco:email_security_appliance:-
|
— | |
|
Ubuntu Linux 12.04 LTS
Ubuntu / Linux
|
cpe:/o:canonical:ubuntu_linux:12.04:-:lts
|
12.04 LTS | |
|
Cisco Digital Media Manager
Cisco
|
cpe:/a:cisco:digital_media_manager:-
|
— | |
|
F5 WebAccelerator
F5
|
cpe:/h:f5:big-ip_webaccelerator:10.2.4
|
— | |
|
Cisco Unified IP Phone
Cisco
|
cpe:/h:cisco:unified_ip_phones:::9900_series
|
— | |
|
FreeBSD Project FreeBSD OS 9.3
FreeBSD Project / FreeBSD OS
|
cpe:/o:freebsd:freebsd:9.3
|
9.3 | |
|
Cisco ACE
Cisco
|
cpe:/a:cisco:application_control_engine_software:a1%287%29
|
— | |
|
Open Source CentOS
Open Source
|
cpe:/o:centos:centos:-
|
— | |
|
Cisco Wireless LAN Controllers
Cisco
|
cpe:/a:cisco:wireless_lan_controllers:-
|
— |
Affected products
Known affected
86 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Cisco IP Phone
Cisco
|
cpe:/h:cisco:ip_phone:-
|
— | |
|
Cisco WebEx Meetings Server
Cisco
|
cpe:/a:cisco:webex_meetings_server:-
|
— | |
|
HPE Loadrunner Software
HPE
|
cpe:/a:hp:loadrunner:-
|
— | |
|
FreeBSD Project FreeBSD OS 9
FreeBSD Project / FreeBSD OS
|
cpe:/o:freebsd:freebsd:9.0
|
9 | |
|
Juniper Junos Space
Juniper / Junos Space
|
cpe:/a:juniper:junos_space:-
|
— | |
|
NetApp OnCommand Unified Manager
NetApp
|
cpe:/a:netapp:oncommand_unified_manager:-
|
— | |
|
Juniper ScreenOS
Juniper
|
cpe:/o:juniper:screenos:-
|
— | |
|
Blue Coat Director 6.1
Blue Coat / Director
|
cpe:/a:bluecoat:director:6.1
|
6.1 | |
|
Cisco Unified MeetingPlace (MP)
Cisco
|
cpe:/a:cisco:unified_meetingplace:-
|
— | |
|
Blue Coat ProxySG 6.5
Blue Coat / ProxySG
|
cpe:/h:bluecoat:proxysg:6.5
|
6.5 | |
|
Blue Coat ProxySG 6.6
Blue Coat / ProxySG
|
cpe:/h:bluecoat:proxysg:6.6
|
6.6 | |
|
Oracle Linux
Oracle
|
cpe:/o:oracle:linux:-
|
— | |
|
Cisco AnyConnect Secure Mobility Solution
Cisco
|
cpe:/a:cisco:anyconnect_secure_mobility_client:2.0
|
— | |
|
Cisco Prime Infrastructure
Cisco
|
cpe:/a:cisco:prime_infrastructure:-
|
— | |
|
IBM Rational Build Forge <8.0.0.27
IBM / Rational Build Forge
|
<8.0.0.27 | ||
|
F5 WAN Optimization Manager
F5
|
cpe:/a:f5:big-ip_wan_optimization_manager:-
|
— | |
|
Cisco Small Business 300 Series Managed Switches
Cisco
|
cpe:/h:cisco:small_business_300_series_managed_switches:1.2.7.76
|
— | |
|
Juniper JUNOS
Juniper
|
cpe:/o:juniper:junos:-
|
— | |
|
HPE SiteScope
HPE
|
cpe:/a:hp:sitescope:-
|
— | |
|
Cisco ONS
Cisco
|
cpe:/h:cisco:ons:15454
|
— | |
|
Cisco WebEx Node for MCS
Cisco
|
cpe:/a:cisco:webex_node_for_mcs:-
|
— | |
|
Cisco Prime Collaboration
Cisco
|
cpe:/a:cisco:prime_collaboration:-
|
— | |
|
Arista EOS
Arista
|
cpe:/o:arista:arista_eos:4.15
|
— | |
|
Cisco Show and Share
Cisco
|
cpe:/a:cisco:show_and_share:-
|
— | |
|
FreeBSD Project FreeBSD OS 11-11.0
FreeBSD Project / FreeBSD OS
|
cpe:/o:freebsd:freebsd:11
|
11-11.0 | |
|
Cisco Nexus 2000
Cisco
|
cpe:/h:cisco:nexus:3000
|
— | |
|
SUSE Linux Enterprise Server
SUSE
|
cpe:/o:suse:linux_enterprise_server:12:ltss
|
— | |
|
Cisco Video Surveillance
Cisco
|
cpe:/a:cisco:video_surveillance_ip_gateway_encoder_decoder:-
|
— | |
|
Cisco Nexus 7000
Cisco
|
cpe:/h:cisco:nexus_7000:-
|
— | |
|
Cisco Nexus 5000
Cisco
|
cpe:/h:cisco:nexus_5000:-
|
— | |
|
Cisco TelePresence
Cisco
|
cpe:/h:cisco:telepresence_video_communication_server:-::control
|
— | |
|
HPE Performance Center
HPE
|
cpe:/a:hp:performance_center:-
|
— | |
|
Cisco Emergency Responder
Cisco
|
cpe:/a:cisco:emergency_responder:-
|
— | |
|
Cisco Network Analysis Module
Cisco
|
cpe:/h:cisco:network_analysis_module:-
|
— | |
|
Dell NetWorker <19.10
Dell / NetWorker
|
<19.10 | ||
|
Cisco Secure Access Control Server (ACS)
Cisco
|
cpe:/a:cisco:secure_access_control_server:2.1%284%29:-:windows
|
— | |
|
Xerox FreeFlow Print Server
Xerox
|
cpe:/a:xerox:freeflow_print_server:8
|
— | |
|
SUSE Linux
SUSE
|
cpe:/o:suse:suse_linux:-
|
— | |
|
Cisco Security Manager (CSM)
Cisco
|
cpe:/a:cisco:security_manager:-
|
— | |
|
Debian Linux Jessie (8.0)
Debian
|
cpe:/o:debian:debian_linux:8.0
|
— | |
|
Cisco WebEx Meeting Center
Cisco
|
cpe:/a:cisco:webex_meeting_center:-
|
— | |
|
Blue Coat ProxyAV 3.5
Blue Coat / ProxyAV
|
cpe:/h:bluecoat:proxyav:3.5
|
3.5 | |
|
Cisco Unified Contact Center Express (UCCX)
Cisco
|
cpe:/h:cisco:unified_contact_center_express:-
|
— | |
|
Ubuntu Linux 16.04 LTS
Ubuntu / Linux
|
cpe:/o:canonical:ubuntu_linux:16.04_lts
|
16.04 LTS | |
|
Red Hat Enterprise Linux
Red Hat
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
Ubuntu Linux 14.04 LTS
Ubuntu / Linux
|
cpe:/o:canonical:ubuntu_linux:14.04:-:lts
|
14.04 LTS | |
|
Cisco Intrusion Prevention System (IPS)
Cisco
|
cpe:/h:cisco:intrusion_prevention_system:-
|
— | |
|
Cisco Unified Communications Domain Manager (CUCDM)
Cisco
|
cpe:/a:cisco:unified_communications_domain_manager:-
|
— | |
|
Cisco Application Networking Manager
Cisco
|
cpe:/a:cisco:application_networking_manager:-
|
— | |
|
Juniper Junos Space <24.1R2
Juniper / Junos Space
|
<24.1R2 | ||
|
Xerox WorkCentre
Xerox
|
cpe:/h:xerox:workcentre:-
|
— | |
|
Cisco Unity Express
Cisco
|
cpe:/h:cisco:unity_express:-
|
— | |
|
F5 FirePass
F5
|
cpe:/a:f5:firepass:-
|
— | |
|
F5 ARX 6.2.0-6.4.0
F5 / ARX
|
cpe:/a:f5:arx:-
|
6.2.0-6.4.0 | |
|
Cisco MDS 9000
Cisco
|
cpe:/o:cisco:mds_9000:-
|
— | |
|
F5 BIG-IP
F5 / BIG-IP
|
cpe:/a:f5:big-ip:-
|
— | |
|
Cisco Aironet Access Point
cisco
|
cpe:/h:cisco:aironet_3500:-
|
— | |
|
Cisco IOS
Cisco
|
cpe:/o:cisco:ios:10.0
|
— | |
|
Open Source OpenSSL <1.0.1u
Open Source / OpenSSL
|
<1.0.1u | ||
|
Cisco IOS XE
Cisco
|
cpe:/o:cisco:ios_xe:3.1.0s
|
— | |
|
Cisco Advanced Malware Protection
Cisco
|
cpe:/h:cisco:advanced_malware_protection:-
|
— | |
|
Cisco Unity Connection
Cisco
|
cpe:/a:cisco:unity_connection:1.1
|
— | |
|
Xerox Phaser
Xerox
|
cpe:/h:xerox:phaser:-
|
— | |
|
FreeBSD Project FreeBSD OS 10-10.3
FreeBSD Project / FreeBSD OS
|
cpe:/o:freebsd:freebsd:10.3
|
10-10.3 | |
|
Cisco Packet Tracer
Cisco
|
cpe:/a:cisco:packet_tracer:5.2
|
— | |
|
Tenable Security Nessus 6.8-6.8.2
Tenable Security / Nessus
|
cpe:/a:tenable:nessus:6.8.2
|
6.8-6.8.2 | |
|
Open Source OpenSSL <1.1.0a
Open Source / OpenSSL
|
<1.1.0a | ||
|
Cisco Nexus 6000
Cisco
|
cpe:/h:cisco:nexus_6000:-
|
— | |
|
Fortinet FortiOS
Fortinet
|
cpe:/o:fortinet:fortios:-
|
— | |
|
HPE Integrated Lights-Out 4
HPE / Integrated Lights-Out
|
cpe:/h:hp:integrated_lights-out:4.0
|
4 | |
|
Cisco Nexus 9000
Cisco
|
cpe:/h:cisco:nexus_9000:-
|
— | |
|
Cisco Unified Contact Center Enterprise
Cisco
|
cpe:/a:cisco:unified_contact_center_enterprise:-
|
— | |
|
Cisco Unified Communications Manager (CUCM)
Cisco
|
cpe:/a:cisco:unified_communications_manager:-
|
— | |
|
Cisco Wide Area Application Services
Cisco
|
cpe:/a:cisco:wide_area_application_services:-
|
— | |
|
Cisco Nexus 1000V
Cisco
|
cpe:/h:cisco:nexus_1000v:-
|
— | |
|
Open Source OpenSSL <1.0.2i
Open Source / OpenSSL
|
<1.0.2i | ||
|
F5 BIG-IP
F5 / BIG-IP
|
cpe:/a:f5:big-ip:-
|
— | |
|
Cisco Email Security Appliance
Cisco
|
cpe:/h:cisco:email_security_appliance:-
|
— | |
|
Ubuntu Linux 12.04 LTS
Ubuntu / Linux
|
cpe:/o:canonical:ubuntu_linux:12.04:-:lts
|
12.04 LTS | |
|
Cisco Digital Media Manager
Cisco
|
cpe:/a:cisco:digital_media_manager:-
|
— | |
|
F5 WebAccelerator
F5
|
cpe:/h:f5:big-ip_webaccelerator:10.2.4
|
— | |
|
Cisco Unified IP Phone
Cisco
|
cpe:/h:cisco:unified_ip_phones:::9900_series
|
— | |
|
FreeBSD Project FreeBSD OS 9.3
FreeBSD Project / FreeBSD OS
|
cpe:/o:freebsd:freebsd:9.3
|
9.3 | |
|
Cisco ACE
Cisco
|
cpe:/a:cisco:application_control_engine_software:a1%287%29
|
— | |
|
Open Source CentOS
Open Source
|
cpe:/o:centos:centos:-
|
— | |
|
Cisco Wireless LAN Controllers
Cisco
|
cpe:/a:cisco:wireless_lan_controllers:-
|
— |
Affected products
Known affected
86 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Cisco IP Phone
Cisco
|
cpe:/h:cisco:ip_phone:-
|
— | |
|
Cisco WebEx Meetings Server
Cisco
|
cpe:/a:cisco:webex_meetings_server:-
|
— | |
|
HPE Loadrunner Software
HPE
|
cpe:/a:hp:loadrunner:-
|
— | |
|
FreeBSD Project FreeBSD OS 9
FreeBSD Project / FreeBSD OS
|
cpe:/o:freebsd:freebsd:9.0
|
9 | |
|
Juniper Junos Space
Juniper / Junos Space
|
cpe:/a:juniper:junos_space:-
|
— | |
|
NetApp OnCommand Unified Manager
NetApp
|
cpe:/a:netapp:oncommand_unified_manager:-
|
— | |
|
Juniper ScreenOS
Juniper
|
cpe:/o:juniper:screenos:-
|
— | |
|
Blue Coat Director 6.1
Blue Coat / Director
|
cpe:/a:bluecoat:director:6.1
|
6.1 | |
|
Cisco Unified MeetingPlace (MP)
Cisco
|
cpe:/a:cisco:unified_meetingplace:-
|
— | |
|
Blue Coat ProxySG 6.5
Blue Coat / ProxySG
|
cpe:/h:bluecoat:proxysg:6.5
|
6.5 | |
|
Blue Coat ProxySG 6.6
Blue Coat / ProxySG
|
cpe:/h:bluecoat:proxysg:6.6
|
6.6 | |
|
Oracle Linux
Oracle
|
cpe:/o:oracle:linux:-
|
— | |
|
Cisco AnyConnect Secure Mobility Solution
Cisco
|
cpe:/a:cisco:anyconnect_secure_mobility_client:2.0
|
— | |
|
Cisco Prime Infrastructure
Cisco
|
cpe:/a:cisco:prime_infrastructure:-
|
— | |
|
IBM Rational Build Forge <8.0.0.27
IBM / Rational Build Forge
|
<8.0.0.27 | ||
|
F5 WAN Optimization Manager
F5
|
cpe:/a:f5:big-ip_wan_optimization_manager:-
|
— | |
|
Cisco Small Business 300 Series Managed Switches
Cisco
|
cpe:/h:cisco:small_business_300_series_managed_switches:1.2.7.76
|
— | |
|
Juniper JUNOS
Juniper
|
cpe:/o:juniper:junos:-
|
— | |
|
HPE SiteScope
HPE
|
cpe:/a:hp:sitescope:-
|
— | |
|
Cisco ONS
Cisco
|
cpe:/h:cisco:ons:15454
|
— | |
|
Cisco WebEx Node for MCS
Cisco
|
cpe:/a:cisco:webex_node_for_mcs:-
|
— | |
|
Cisco Prime Collaboration
Cisco
|
cpe:/a:cisco:prime_collaboration:-
|
— | |
|
Arista EOS
Arista
|
cpe:/o:arista:arista_eos:4.15
|
— | |
|
Cisco Show and Share
Cisco
|
cpe:/a:cisco:show_and_share:-
|
— | |
|
FreeBSD Project FreeBSD OS 11-11.0
FreeBSD Project / FreeBSD OS
|
cpe:/o:freebsd:freebsd:11
|
11-11.0 | |
|
Cisco Nexus 2000
Cisco
|
cpe:/h:cisco:nexus:3000
|
— | |
|
SUSE Linux Enterprise Server
SUSE
|
cpe:/o:suse:linux_enterprise_server:12:ltss
|
— | |
|
Cisco Video Surveillance
Cisco
|
cpe:/a:cisco:video_surveillance_ip_gateway_encoder_decoder:-
|
— | |
|
Cisco Nexus 7000
Cisco
|
cpe:/h:cisco:nexus_7000:-
|
— | |
|
Cisco Nexus 5000
Cisco
|
cpe:/h:cisco:nexus_5000:-
|
— | |
|
Cisco TelePresence
Cisco
|
cpe:/h:cisco:telepresence_video_communication_server:-::control
|
— | |
|
HPE Performance Center
HPE
|
cpe:/a:hp:performance_center:-
|
— | |
|
Cisco Emergency Responder
Cisco
|
cpe:/a:cisco:emergency_responder:-
|
— | |
|
Cisco Network Analysis Module
Cisco
|
cpe:/h:cisco:network_analysis_module:-
|
— | |
|
Dell NetWorker <19.10
Dell / NetWorker
|
<19.10 | ||
|
Cisco Secure Access Control Server (ACS)
Cisco
|
cpe:/a:cisco:secure_access_control_server:2.1%284%29:-:windows
|
— | |
|
Xerox FreeFlow Print Server
Xerox
|
cpe:/a:xerox:freeflow_print_server:8
|
— | |
|
SUSE Linux
SUSE
|
cpe:/o:suse:suse_linux:-
|
— | |
|
Cisco Security Manager (CSM)
Cisco
|
cpe:/a:cisco:security_manager:-
|
— | |
|
Debian Linux Jessie (8.0)
Debian
|
cpe:/o:debian:debian_linux:8.0
|
— | |
|
Cisco WebEx Meeting Center
Cisco
|
cpe:/a:cisco:webex_meeting_center:-
|
— | |
|
Blue Coat ProxyAV 3.5
Blue Coat / ProxyAV
|
cpe:/h:bluecoat:proxyav:3.5
|
3.5 | |
|
Cisco Unified Contact Center Express (UCCX)
Cisco
|
cpe:/h:cisco:unified_contact_center_express:-
|
— | |
|
Ubuntu Linux 16.04 LTS
Ubuntu / Linux
|
cpe:/o:canonical:ubuntu_linux:16.04_lts
|
16.04 LTS | |
|
Red Hat Enterprise Linux
Red Hat
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
Ubuntu Linux 14.04 LTS
Ubuntu / Linux
|
cpe:/o:canonical:ubuntu_linux:14.04:-:lts
|
14.04 LTS | |
|
Cisco Intrusion Prevention System (IPS)
Cisco
|
cpe:/h:cisco:intrusion_prevention_system:-
|
— | |
|
Cisco Unified Communications Domain Manager (CUCDM)
Cisco
|
cpe:/a:cisco:unified_communications_domain_manager:-
|
— | |
|
Cisco Application Networking Manager
Cisco
|
cpe:/a:cisco:application_networking_manager:-
|
— | |
|
Juniper Junos Space <24.1R2
Juniper / Junos Space
|
<24.1R2 | ||
|
Xerox WorkCentre
Xerox
|
cpe:/h:xerox:workcentre:-
|
— | |
|
Cisco Unity Express
Cisco
|
cpe:/h:cisco:unity_express:-
|
— | |
|
F5 FirePass
F5
|
cpe:/a:f5:firepass:-
|
— | |
|
F5 ARX 6.2.0-6.4.0
F5 / ARX
|
cpe:/a:f5:arx:-
|
6.2.0-6.4.0 | |
|
Cisco MDS 9000
Cisco
|
cpe:/o:cisco:mds_9000:-
|
— | |
|
F5 BIG-IP
F5 / BIG-IP
|
cpe:/a:f5:big-ip:-
|
— | |
|
Cisco Aironet Access Point
cisco
|
cpe:/h:cisco:aironet_3500:-
|
— | |
|
Cisco IOS
Cisco
|
cpe:/o:cisco:ios:10.0
|
— | |
|
Open Source OpenSSL <1.0.1u
Open Source / OpenSSL
|
<1.0.1u | ||
|
Cisco IOS XE
Cisco
|
cpe:/o:cisco:ios_xe:3.1.0s
|
— | |
|
Cisco Advanced Malware Protection
Cisco
|
cpe:/h:cisco:advanced_malware_protection:-
|
— | |
|
Cisco Unity Connection
Cisco
|
cpe:/a:cisco:unity_connection:1.1
|
— | |
|
Xerox Phaser
Xerox
|
cpe:/h:xerox:phaser:-
|
— | |
|
FreeBSD Project FreeBSD OS 10-10.3
FreeBSD Project / FreeBSD OS
|
cpe:/o:freebsd:freebsd:10.3
|
10-10.3 | |
|
Cisco Packet Tracer
Cisco
|
cpe:/a:cisco:packet_tracer:5.2
|
— | |
|
Tenable Security Nessus 6.8-6.8.2
Tenable Security / Nessus
|
cpe:/a:tenable:nessus:6.8.2
|
6.8-6.8.2 | |
|
Open Source OpenSSL <1.1.0a
Open Source / OpenSSL
|
<1.1.0a | ||
|
Cisco Nexus 6000
Cisco
|
cpe:/h:cisco:nexus_6000:-
|
— | |
|
Fortinet FortiOS
Fortinet
|
cpe:/o:fortinet:fortios:-
|
— | |
|
HPE Integrated Lights-Out 4
HPE / Integrated Lights-Out
|
cpe:/h:hp:integrated_lights-out:4.0
|
4 | |
|
Cisco Nexus 9000
Cisco
|
cpe:/h:cisco:nexus_9000:-
|
— | |
|
Cisco Unified Contact Center Enterprise
Cisco
|
cpe:/a:cisco:unified_contact_center_enterprise:-
|
— | |
|
Cisco Unified Communications Manager (CUCM)
Cisco
|
cpe:/a:cisco:unified_communications_manager:-
|
— | |
|
Cisco Wide Area Application Services
Cisco
|
cpe:/a:cisco:wide_area_application_services:-
|
— | |
|
Cisco Nexus 1000V
Cisco
|
cpe:/h:cisco:nexus_1000v:-
|
— | |
|
Open Source OpenSSL <1.0.2i
Open Source / OpenSSL
|
<1.0.2i | ||
|
F5 BIG-IP
F5 / BIG-IP
|
cpe:/a:f5:big-ip:-
|
— | |
|
Cisco Email Security Appliance
Cisco
|
cpe:/h:cisco:email_security_appliance:-
|
— | |
|
Ubuntu Linux 12.04 LTS
Ubuntu / Linux
|
cpe:/o:canonical:ubuntu_linux:12.04:-:lts
|
12.04 LTS | |
|
Cisco Digital Media Manager
Cisco
|
cpe:/a:cisco:digital_media_manager:-
|
— | |
|
F5 WebAccelerator
F5
|
cpe:/h:f5:big-ip_webaccelerator:10.2.4
|
— | |
|
Cisco Unified IP Phone
Cisco
|
cpe:/h:cisco:unified_ip_phones:::9900_series
|
— | |
|
FreeBSD Project FreeBSD OS 9.3
FreeBSD Project / FreeBSD OS
|
cpe:/o:freebsd:freebsd:9.3
|
9.3 | |
|
Cisco ACE
Cisco
|
cpe:/a:cisco:application_control_engine_software:a1%287%29
|
— | |
|
Open Source CentOS
Open Source
|
cpe:/o:centos:centos:-
|
— | |
|
Cisco Wireless LAN Controllers
Cisco
|
cpe:/a:cisco:wireless_lan_controllers:-
|
— |
Affected products
Known affected
86 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Cisco IP Phone
Cisco
|
cpe:/h:cisco:ip_phone:-
|
— | |
|
Cisco WebEx Meetings Server
Cisco
|
cpe:/a:cisco:webex_meetings_server:-
|
— | |
|
HPE Loadrunner Software
HPE
|
cpe:/a:hp:loadrunner:-
|
— | |
|
FreeBSD Project FreeBSD OS 9
FreeBSD Project / FreeBSD OS
|
cpe:/o:freebsd:freebsd:9.0
|
9 | |
|
Juniper Junos Space
Juniper / Junos Space
|
cpe:/a:juniper:junos_space:-
|
— | |
|
NetApp OnCommand Unified Manager
NetApp
|
cpe:/a:netapp:oncommand_unified_manager:-
|
— | |
|
Juniper ScreenOS
Juniper
|
cpe:/o:juniper:screenos:-
|
— | |
|
Blue Coat Director 6.1
Blue Coat / Director
|
cpe:/a:bluecoat:director:6.1
|
6.1 | |
|
Cisco Unified MeetingPlace (MP)
Cisco
|
cpe:/a:cisco:unified_meetingplace:-
|
— | |
|
Blue Coat ProxySG 6.5
Blue Coat / ProxySG
|
cpe:/h:bluecoat:proxysg:6.5
|
6.5 | |
|
Blue Coat ProxySG 6.6
Blue Coat / ProxySG
|
cpe:/h:bluecoat:proxysg:6.6
|
6.6 | |
|
Oracle Linux
Oracle
|
cpe:/o:oracle:linux:-
|
— | |
|
Cisco AnyConnect Secure Mobility Solution
Cisco
|
cpe:/a:cisco:anyconnect_secure_mobility_client:2.0
|
— | |
|
Cisco Prime Infrastructure
Cisco
|
cpe:/a:cisco:prime_infrastructure:-
|
— | |
|
IBM Rational Build Forge <8.0.0.27
IBM / Rational Build Forge
|
<8.0.0.27 | ||
|
F5 WAN Optimization Manager
F5
|
cpe:/a:f5:big-ip_wan_optimization_manager:-
|
— | |
|
Cisco Small Business 300 Series Managed Switches
Cisco
|
cpe:/h:cisco:small_business_300_series_managed_switches:1.2.7.76
|
— | |
|
Juniper JUNOS
Juniper
|
cpe:/o:juniper:junos:-
|
— | |
|
HPE SiteScope
HPE
|
cpe:/a:hp:sitescope:-
|
— | |
|
Cisco ONS
Cisco
|
cpe:/h:cisco:ons:15454
|
— | |
|
Cisco WebEx Node for MCS
Cisco
|
cpe:/a:cisco:webex_node_for_mcs:-
|
— | |
|
Cisco Prime Collaboration
Cisco
|
cpe:/a:cisco:prime_collaboration:-
|
— | |
|
Arista EOS
Arista
|
cpe:/o:arista:arista_eos:4.15
|
— | |
|
Cisco Show and Share
Cisco
|
cpe:/a:cisco:show_and_share:-
|
— | |
|
FreeBSD Project FreeBSD OS 11-11.0
FreeBSD Project / FreeBSD OS
|
cpe:/o:freebsd:freebsd:11
|
11-11.0 | |
|
Cisco Nexus 2000
Cisco
|
cpe:/h:cisco:nexus:3000
|
— | |
|
SUSE Linux Enterprise Server
SUSE
|
cpe:/o:suse:linux_enterprise_server:12:ltss
|
— | |
|
Cisco Video Surveillance
Cisco
|
cpe:/a:cisco:video_surveillance_ip_gateway_encoder_decoder:-
|
— | |
|
Cisco Nexus 7000
Cisco
|
cpe:/h:cisco:nexus_7000:-
|
— | |
|
Cisco Nexus 5000
Cisco
|
cpe:/h:cisco:nexus_5000:-
|
— | |
|
Cisco TelePresence
Cisco
|
cpe:/h:cisco:telepresence_video_communication_server:-::control
|
— | |
|
HPE Performance Center
HPE
|
cpe:/a:hp:performance_center:-
|
— | |
|
Cisco Emergency Responder
Cisco
|
cpe:/a:cisco:emergency_responder:-
|
— | |
|
Cisco Network Analysis Module
Cisco
|
cpe:/h:cisco:network_analysis_module:-
|
— | |
|
Dell NetWorker <19.10
Dell / NetWorker
|
<19.10 | ||
|
Cisco Secure Access Control Server (ACS)
Cisco
|
cpe:/a:cisco:secure_access_control_server:2.1%284%29:-:windows
|
— | |
|
Xerox FreeFlow Print Server
Xerox
|
cpe:/a:xerox:freeflow_print_server:8
|
— | |
|
SUSE Linux
SUSE
|
cpe:/o:suse:suse_linux:-
|
— | |
|
Cisco Security Manager (CSM)
Cisco
|
cpe:/a:cisco:security_manager:-
|
— | |
|
Debian Linux Jessie (8.0)
Debian
|
cpe:/o:debian:debian_linux:8.0
|
— | |
|
Cisco WebEx Meeting Center
Cisco
|
cpe:/a:cisco:webex_meeting_center:-
|
— | |
|
Blue Coat ProxyAV 3.5
Blue Coat / ProxyAV
|
cpe:/h:bluecoat:proxyav:3.5
|
3.5 | |
|
Cisco Unified Contact Center Express (UCCX)
Cisco
|
cpe:/h:cisco:unified_contact_center_express:-
|
— | |
|
Ubuntu Linux 16.04 LTS
Ubuntu / Linux
|
cpe:/o:canonical:ubuntu_linux:16.04_lts
|
16.04 LTS | |
|
Red Hat Enterprise Linux
Red Hat
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
Ubuntu Linux 14.04 LTS
Ubuntu / Linux
|
cpe:/o:canonical:ubuntu_linux:14.04:-:lts
|
14.04 LTS | |
|
Cisco Intrusion Prevention System (IPS)
Cisco
|
cpe:/h:cisco:intrusion_prevention_system:-
|
— | |
|
Cisco Unified Communications Domain Manager (CUCDM)
Cisco
|
cpe:/a:cisco:unified_communications_domain_manager:-
|
— | |
|
Cisco Application Networking Manager
Cisco
|
cpe:/a:cisco:application_networking_manager:-
|
— | |
|
Juniper Junos Space <24.1R2
Juniper / Junos Space
|
<24.1R2 | ||
|
Xerox WorkCentre
Xerox
|
cpe:/h:xerox:workcentre:-
|
— | |
|
Cisco Unity Express
Cisco
|
cpe:/h:cisco:unity_express:-
|
— | |
|
F5 FirePass
F5
|
cpe:/a:f5:firepass:-
|
— | |
|
F5 ARX 6.2.0-6.4.0
F5 / ARX
|
cpe:/a:f5:arx:-
|
6.2.0-6.4.0 | |
|
Cisco MDS 9000
Cisco
|
cpe:/o:cisco:mds_9000:-
|
— | |
|
F5 BIG-IP
F5 / BIG-IP
|
cpe:/a:f5:big-ip:-
|
— | |
|
Cisco Aironet Access Point
cisco
|
cpe:/h:cisco:aironet_3500:-
|
— | |
|
Cisco IOS
Cisco
|
cpe:/o:cisco:ios:10.0
|
— | |
|
Open Source OpenSSL <1.0.1u
Open Source / OpenSSL
|
<1.0.1u | ||
|
Cisco IOS XE
Cisco
|
cpe:/o:cisco:ios_xe:3.1.0s
|
— | |
|
Cisco Advanced Malware Protection
Cisco
|
cpe:/h:cisco:advanced_malware_protection:-
|
— | |
|
Cisco Unity Connection
Cisco
|
cpe:/a:cisco:unity_connection:1.1
|
— | |
|
Xerox Phaser
Xerox
|
cpe:/h:xerox:phaser:-
|
— | |
|
FreeBSD Project FreeBSD OS 10-10.3
FreeBSD Project / FreeBSD OS
|
cpe:/o:freebsd:freebsd:10.3
|
10-10.3 | |
|
Cisco Packet Tracer
Cisco
|
cpe:/a:cisco:packet_tracer:5.2
|
— | |
|
Tenable Security Nessus 6.8-6.8.2
Tenable Security / Nessus
|
cpe:/a:tenable:nessus:6.8.2
|
6.8-6.8.2 | |
|
Open Source OpenSSL <1.1.0a
Open Source / OpenSSL
|
<1.1.0a | ||
|
Cisco Nexus 6000
Cisco
|
cpe:/h:cisco:nexus_6000:-
|
— | |
|
Fortinet FortiOS
Fortinet
|
cpe:/o:fortinet:fortios:-
|
— | |
|
HPE Integrated Lights-Out 4
HPE / Integrated Lights-Out
|
cpe:/h:hp:integrated_lights-out:4.0
|
4 | |
|
Cisco Nexus 9000
Cisco
|
cpe:/h:cisco:nexus_9000:-
|
— | |
|
Cisco Unified Contact Center Enterprise
Cisco
|
cpe:/a:cisco:unified_contact_center_enterprise:-
|
— | |
|
Cisco Unified Communications Manager (CUCM)
Cisco
|
cpe:/a:cisco:unified_communications_manager:-
|
— | |
|
Cisco Wide Area Application Services
Cisco
|
cpe:/a:cisco:wide_area_application_services:-
|
— | |
|
Cisco Nexus 1000V
Cisco
|
cpe:/h:cisco:nexus_1000v:-
|
— | |
|
Open Source OpenSSL <1.0.2i
Open Source / OpenSSL
|
<1.0.2i | ||
|
F5 BIG-IP
F5 / BIG-IP
|
cpe:/a:f5:big-ip:-
|
— | |
|
Cisco Email Security Appliance
Cisco
|
cpe:/h:cisco:email_security_appliance:-
|
— | |
|
Ubuntu Linux 12.04 LTS
Ubuntu / Linux
|
cpe:/o:canonical:ubuntu_linux:12.04:-:lts
|
12.04 LTS | |
|
Cisco Digital Media Manager
Cisco
|
cpe:/a:cisco:digital_media_manager:-
|
— | |
|
F5 WebAccelerator
F5
|
cpe:/h:f5:big-ip_webaccelerator:10.2.4
|
— | |
|
Cisco Unified IP Phone
Cisco
|
cpe:/h:cisco:unified_ip_phones:::9900_series
|
— | |
|
FreeBSD Project FreeBSD OS 9.3
FreeBSD Project / FreeBSD OS
|
cpe:/o:freebsd:freebsd:9.3
|
9.3 | |
|
Cisco ACE
Cisco
|
cpe:/a:cisco:application_control_engine_software:a1%287%29
|
— | |
|
Open Source CentOS
Open Source
|
cpe:/o:centos:centos:-
|
— | |
|
Cisco Wireless LAN Controllers
Cisco
|
cpe:/a:cisco:wireless_lan_controllers:-
|
— |
Affected products
Known affected
86 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Cisco IP Phone
Cisco
|
cpe:/h:cisco:ip_phone:-
|
— | |
|
Cisco WebEx Meetings Server
Cisco
|
cpe:/a:cisco:webex_meetings_server:-
|
— | |
|
HPE Loadrunner Software
HPE
|
cpe:/a:hp:loadrunner:-
|
— | |
|
FreeBSD Project FreeBSD OS 9
FreeBSD Project / FreeBSD OS
|
cpe:/o:freebsd:freebsd:9.0
|
9 | |
|
Juniper Junos Space
Juniper / Junos Space
|
cpe:/a:juniper:junos_space:-
|
— | |
|
NetApp OnCommand Unified Manager
NetApp
|
cpe:/a:netapp:oncommand_unified_manager:-
|
— | |
|
Juniper ScreenOS
Juniper
|
cpe:/o:juniper:screenos:-
|
— | |
|
Blue Coat Director 6.1
Blue Coat / Director
|
cpe:/a:bluecoat:director:6.1
|
6.1 | |
|
Cisco Unified MeetingPlace (MP)
Cisco
|
cpe:/a:cisco:unified_meetingplace:-
|
— | |
|
Blue Coat ProxySG 6.5
Blue Coat / ProxySG
|
cpe:/h:bluecoat:proxysg:6.5
|
6.5 | |
|
Blue Coat ProxySG 6.6
Blue Coat / ProxySG
|
cpe:/h:bluecoat:proxysg:6.6
|
6.6 | |
|
Oracle Linux
Oracle
|
cpe:/o:oracle:linux:-
|
— | |
|
Cisco AnyConnect Secure Mobility Solution
Cisco
|
cpe:/a:cisco:anyconnect_secure_mobility_client:2.0
|
— | |
|
Cisco Prime Infrastructure
Cisco
|
cpe:/a:cisco:prime_infrastructure:-
|
— | |
|
IBM Rational Build Forge <8.0.0.27
IBM / Rational Build Forge
|
<8.0.0.27 | ||
|
F5 WAN Optimization Manager
F5
|
cpe:/a:f5:big-ip_wan_optimization_manager:-
|
— | |
|
Cisco Small Business 300 Series Managed Switches
Cisco
|
cpe:/h:cisco:small_business_300_series_managed_switches:1.2.7.76
|
— | |
|
Juniper JUNOS
Juniper
|
cpe:/o:juniper:junos:-
|
— | |
|
HPE SiteScope
HPE
|
cpe:/a:hp:sitescope:-
|
— | |
|
Cisco ONS
Cisco
|
cpe:/h:cisco:ons:15454
|
— | |
|
Cisco WebEx Node for MCS
Cisco
|
cpe:/a:cisco:webex_node_for_mcs:-
|
— | |
|
Cisco Prime Collaboration
Cisco
|
cpe:/a:cisco:prime_collaboration:-
|
— | |
|
Arista EOS
Arista
|
cpe:/o:arista:arista_eos:4.15
|
— | |
|
Cisco Show and Share
Cisco
|
cpe:/a:cisco:show_and_share:-
|
— | |
|
FreeBSD Project FreeBSD OS 11-11.0
FreeBSD Project / FreeBSD OS
|
cpe:/o:freebsd:freebsd:11
|
11-11.0 | |
|
Cisco Nexus 2000
Cisco
|
cpe:/h:cisco:nexus:3000
|
— | |
|
SUSE Linux Enterprise Server
SUSE
|
cpe:/o:suse:linux_enterprise_server:12:ltss
|
— | |
|
Cisco Video Surveillance
Cisco
|
cpe:/a:cisco:video_surveillance_ip_gateway_encoder_decoder:-
|
— | |
|
Cisco Nexus 7000
Cisco
|
cpe:/h:cisco:nexus_7000:-
|
— | |
|
Cisco Nexus 5000
Cisco
|
cpe:/h:cisco:nexus_5000:-
|
— | |
|
Cisco TelePresence
Cisco
|
cpe:/h:cisco:telepresence_video_communication_server:-::control
|
— | |
|
HPE Performance Center
HPE
|
cpe:/a:hp:performance_center:-
|
— | |
|
Cisco Emergency Responder
Cisco
|
cpe:/a:cisco:emergency_responder:-
|
— | |
|
Cisco Network Analysis Module
Cisco
|
cpe:/h:cisco:network_analysis_module:-
|
— | |
|
Dell NetWorker <19.10
Dell / NetWorker
|
<19.10 | ||
|
Cisco Secure Access Control Server (ACS)
Cisco
|
cpe:/a:cisco:secure_access_control_server:2.1%284%29:-:windows
|
— | |
|
Xerox FreeFlow Print Server
Xerox
|
cpe:/a:xerox:freeflow_print_server:8
|
— | |
|
SUSE Linux
SUSE
|
cpe:/o:suse:suse_linux:-
|
— | |
|
Cisco Security Manager (CSM)
Cisco
|
cpe:/a:cisco:security_manager:-
|
— | |
|
Debian Linux Jessie (8.0)
Debian
|
cpe:/o:debian:debian_linux:8.0
|
— | |
|
Cisco WebEx Meeting Center
Cisco
|
cpe:/a:cisco:webex_meeting_center:-
|
— | |
|
Blue Coat ProxyAV 3.5
Blue Coat / ProxyAV
|
cpe:/h:bluecoat:proxyav:3.5
|
3.5 | |
|
Cisco Unified Contact Center Express (UCCX)
Cisco
|
cpe:/h:cisco:unified_contact_center_express:-
|
— | |
|
Ubuntu Linux 16.04 LTS
Ubuntu / Linux
|
cpe:/o:canonical:ubuntu_linux:16.04_lts
|
16.04 LTS | |
|
Red Hat Enterprise Linux
Red Hat
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
Ubuntu Linux 14.04 LTS
Ubuntu / Linux
|
cpe:/o:canonical:ubuntu_linux:14.04:-:lts
|
14.04 LTS | |
|
Cisco Intrusion Prevention System (IPS)
Cisco
|
cpe:/h:cisco:intrusion_prevention_system:-
|
— | |
|
Cisco Unified Communications Domain Manager (CUCDM)
Cisco
|
cpe:/a:cisco:unified_communications_domain_manager:-
|
— | |
|
Cisco Application Networking Manager
Cisco
|
cpe:/a:cisco:application_networking_manager:-
|
— | |
|
Juniper Junos Space <24.1R2
Juniper / Junos Space
|
<24.1R2 | ||
|
Xerox WorkCentre
Xerox
|
cpe:/h:xerox:workcentre:-
|
— | |
|
Cisco Unity Express
Cisco
|
cpe:/h:cisco:unity_express:-
|
— | |
|
F5 FirePass
F5
|
cpe:/a:f5:firepass:-
|
— | |
|
F5 ARX 6.2.0-6.4.0
F5 / ARX
|
cpe:/a:f5:arx:-
|
6.2.0-6.4.0 | |
|
Cisco MDS 9000
Cisco
|
cpe:/o:cisco:mds_9000:-
|
— | |
|
F5 BIG-IP
F5 / BIG-IP
|
cpe:/a:f5:big-ip:-
|
— | |
|
Cisco Aironet Access Point
cisco
|
cpe:/h:cisco:aironet_3500:-
|
— | |
|
Cisco IOS
Cisco
|
cpe:/o:cisco:ios:10.0
|
— | |
|
Open Source OpenSSL <1.0.1u
Open Source / OpenSSL
|
<1.0.1u | ||
|
Cisco IOS XE
Cisco
|
cpe:/o:cisco:ios_xe:3.1.0s
|
— | |
|
Cisco Advanced Malware Protection
Cisco
|
cpe:/h:cisco:advanced_malware_protection:-
|
— | |
|
Cisco Unity Connection
Cisco
|
cpe:/a:cisco:unity_connection:1.1
|
— | |
|
Xerox Phaser
Xerox
|
cpe:/h:xerox:phaser:-
|
— | |
|
FreeBSD Project FreeBSD OS 10-10.3
FreeBSD Project / FreeBSD OS
|
cpe:/o:freebsd:freebsd:10.3
|
10-10.3 | |
|
Cisco Packet Tracer
Cisco
|
cpe:/a:cisco:packet_tracer:5.2
|
— | |
|
Tenable Security Nessus 6.8-6.8.2
Tenable Security / Nessus
|
cpe:/a:tenable:nessus:6.8.2
|
6.8-6.8.2 | |
|
Open Source OpenSSL <1.1.0a
Open Source / OpenSSL
|
<1.1.0a | ||
|
Cisco Nexus 6000
Cisco
|
cpe:/h:cisco:nexus_6000:-
|
— | |
|
Fortinet FortiOS
Fortinet
|
cpe:/o:fortinet:fortios:-
|
— | |
|
HPE Integrated Lights-Out 4
HPE / Integrated Lights-Out
|
cpe:/h:hp:integrated_lights-out:4.0
|
4 | |
|
Cisco Nexus 9000
Cisco
|
cpe:/h:cisco:nexus_9000:-
|
— | |
|
Cisco Unified Contact Center Enterprise
Cisco
|
cpe:/a:cisco:unified_contact_center_enterprise:-
|
— | |
|
Cisco Unified Communications Manager (CUCM)
Cisco
|
cpe:/a:cisco:unified_communications_manager:-
|
— | |
|
Cisco Wide Area Application Services
Cisco
|
cpe:/a:cisco:wide_area_application_services:-
|
— | |
|
Cisco Nexus 1000V
Cisco
|
cpe:/h:cisco:nexus_1000v:-
|
— | |
|
Open Source OpenSSL <1.0.2i
Open Source / OpenSSL
|
<1.0.2i | ||
|
F5 BIG-IP
F5 / BIG-IP
|
cpe:/a:f5:big-ip:-
|
— | |
|
Cisco Email Security Appliance
Cisco
|
cpe:/h:cisco:email_security_appliance:-
|
— | |
|
Ubuntu Linux 12.04 LTS
Ubuntu / Linux
|
cpe:/o:canonical:ubuntu_linux:12.04:-:lts
|
12.04 LTS | |
|
Cisco Digital Media Manager
Cisco
|
cpe:/a:cisco:digital_media_manager:-
|
— | |
|
F5 WebAccelerator
F5
|
cpe:/h:f5:big-ip_webaccelerator:10.2.4
|
— | |
|
Cisco Unified IP Phone
Cisco
|
cpe:/h:cisco:unified_ip_phones:::9900_series
|
— | |
|
FreeBSD Project FreeBSD OS 9.3
FreeBSD Project / FreeBSD OS
|
cpe:/o:freebsd:freebsd:9.3
|
9.3 | |
|
Cisco ACE
Cisco
|
cpe:/a:cisco:application_control_engine_software:a1%287%29
|
— | |
|
Open Source CentOS
Open Source
|
cpe:/o:centos:centos:-
|
— | |
|
Cisco Wireless LAN Controllers
Cisco
|
cpe:/a:cisco:wireless_lan_controllers:-
|
— |
Affected products
Known affected
86 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Cisco IP Phone
Cisco
|
cpe:/h:cisco:ip_phone:-
|
— | |
|
Cisco WebEx Meetings Server
Cisco
|
cpe:/a:cisco:webex_meetings_server:-
|
— | |
|
HPE Loadrunner Software
HPE
|
cpe:/a:hp:loadrunner:-
|
— | |
|
FreeBSD Project FreeBSD OS 9
FreeBSD Project / FreeBSD OS
|
cpe:/o:freebsd:freebsd:9.0
|
9 | |
|
Juniper Junos Space
Juniper / Junos Space
|
cpe:/a:juniper:junos_space:-
|
— | |
|
NetApp OnCommand Unified Manager
NetApp
|
cpe:/a:netapp:oncommand_unified_manager:-
|
— | |
|
Juniper ScreenOS
Juniper
|
cpe:/o:juniper:screenos:-
|
— | |
|
Blue Coat Director 6.1
Blue Coat / Director
|
cpe:/a:bluecoat:director:6.1
|
6.1 | |
|
Cisco Unified MeetingPlace (MP)
Cisco
|
cpe:/a:cisco:unified_meetingplace:-
|
— | |
|
Blue Coat ProxySG 6.5
Blue Coat / ProxySG
|
cpe:/h:bluecoat:proxysg:6.5
|
6.5 | |
|
Blue Coat ProxySG 6.6
Blue Coat / ProxySG
|
cpe:/h:bluecoat:proxysg:6.6
|
6.6 | |
|
Oracle Linux
Oracle
|
cpe:/o:oracle:linux:-
|
— | |
|
Cisco AnyConnect Secure Mobility Solution
Cisco
|
cpe:/a:cisco:anyconnect_secure_mobility_client:2.0
|
— | |
|
Cisco Prime Infrastructure
Cisco
|
cpe:/a:cisco:prime_infrastructure:-
|
— | |
|
IBM Rational Build Forge <8.0.0.27
IBM / Rational Build Forge
|
<8.0.0.27 | ||
|
F5 WAN Optimization Manager
F5
|
cpe:/a:f5:big-ip_wan_optimization_manager:-
|
— | |
|
Cisco Small Business 300 Series Managed Switches
Cisco
|
cpe:/h:cisco:small_business_300_series_managed_switches:1.2.7.76
|
— | |
|
Juniper JUNOS
Juniper
|
cpe:/o:juniper:junos:-
|
— | |
|
HPE SiteScope
HPE
|
cpe:/a:hp:sitescope:-
|
— | |
|
Cisco ONS
Cisco
|
cpe:/h:cisco:ons:15454
|
— | |
|
Cisco WebEx Node for MCS
Cisco
|
cpe:/a:cisco:webex_node_for_mcs:-
|
— | |
|
Cisco Prime Collaboration
Cisco
|
cpe:/a:cisco:prime_collaboration:-
|
— | |
|
Arista EOS
Arista
|
cpe:/o:arista:arista_eos:4.15
|
— | |
|
Cisco Show and Share
Cisco
|
cpe:/a:cisco:show_and_share:-
|
— | |
|
FreeBSD Project FreeBSD OS 11-11.0
FreeBSD Project / FreeBSD OS
|
cpe:/o:freebsd:freebsd:11
|
11-11.0 | |
|
Cisco Nexus 2000
Cisco
|
cpe:/h:cisco:nexus:3000
|
— | |
|
SUSE Linux Enterprise Server
SUSE
|
cpe:/o:suse:linux_enterprise_server:12:ltss
|
— | |
|
Cisco Video Surveillance
Cisco
|
cpe:/a:cisco:video_surveillance_ip_gateway_encoder_decoder:-
|
— | |
|
Cisco Nexus 7000
Cisco
|
cpe:/h:cisco:nexus_7000:-
|
— | |
|
Cisco Nexus 5000
Cisco
|
cpe:/h:cisco:nexus_5000:-
|
— | |
|
Cisco TelePresence
Cisco
|
cpe:/h:cisco:telepresence_video_communication_server:-::control
|
— | |
|
HPE Performance Center
HPE
|
cpe:/a:hp:performance_center:-
|
— | |
|
Cisco Emergency Responder
Cisco
|
cpe:/a:cisco:emergency_responder:-
|
— | |
|
Cisco Network Analysis Module
Cisco
|
cpe:/h:cisco:network_analysis_module:-
|
— | |
|
Dell NetWorker <19.10
Dell / NetWorker
|
<19.10 | ||
|
Cisco Secure Access Control Server (ACS)
Cisco
|
cpe:/a:cisco:secure_access_control_server:2.1%284%29:-:windows
|
— | |
|
Xerox FreeFlow Print Server
Xerox
|
cpe:/a:xerox:freeflow_print_server:8
|
— | |
|
SUSE Linux
SUSE
|
cpe:/o:suse:suse_linux:-
|
— | |
|
Cisco Security Manager (CSM)
Cisco
|
cpe:/a:cisco:security_manager:-
|
— | |
|
Debian Linux Jessie (8.0)
Debian
|
cpe:/o:debian:debian_linux:8.0
|
— | |
|
Cisco WebEx Meeting Center
Cisco
|
cpe:/a:cisco:webex_meeting_center:-
|
— | |
|
Blue Coat ProxyAV 3.5
Blue Coat / ProxyAV
|
cpe:/h:bluecoat:proxyav:3.5
|
3.5 | |
|
Cisco Unified Contact Center Express (UCCX)
Cisco
|
cpe:/h:cisco:unified_contact_center_express:-
|
— | |
|
Ubuntu Linux 16.04 LTS
Ubuntu / Linux
|
cpe:/o:canonical:ubuntu_linux:16.04_lts
|
16.04 LTS | |
|
Red Hat Enterprise Linux
Red Hat
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
Ubuntu Linux 14.04 LTS
Ubuntu / Linux
|
cpe:/o:canonical:ubuntu_linux:14.04:-:lts
|
14.04 LTS | |
|
Cisco Intrusion Prevention System (IPS)
Cisco
|
cpe:/h:cisco:intrusion_prevention_system:-
|
— | |
|
Cisco Unified Communications Domain Manager (CUCDM)
Cisco
|
cpe:/a:cisco:unified_communications_domain_manager:-
|
— | |
|
Cisco Application Networking Manager
Cisco
|
cpe:/a:cisco:application_networking_manager:-
|
— | |
|
Juniper Junos Space <24.1R2
Juniper / Junos Space
|
<24.1R2 | ||
|
Xerox WorkCentre
Xerox
|
cpe:/h:xerox:workcentre:-
|
— | |
|
Cisco Unity Express
Cisco
|
cpe:/h:cisco:unity_express:-
|
— | |
|
F5 FirePass
F5
|
cpe:/a:f5:firepass:-
|
— | |
|
F5 ARX 6.2.0-6.4.0
F5 / ARX
|
cpe:/a:f5:arx:-
|
6.2.0-6.4.0 | |
|
Cisco MDS 9000
Cisco
|
cpe:/o:cisco:mds_9000:-
|
— | |
|
F5 BIG-IP
F5 / BIG-IP
|
cpe:/a:f5:big-ip:-
|
— | |
|
Cisco Aironet Access Point
cisco
|
cpe:/h:cisco:aironet_3500:-
|
— | |
|
Cisco IOS
Cisco
|
cpe:/o:cisco:ios:10.0
|
— | |
|
Open Source OpenSSL <1.0.1u
Open Source / OpenSSL
|
<1.0.1u | ||
|
Cisco IOS XE
Cisco
|
cpe:/o:cisco:ios_xe:3.1.0s
|
— | |
|
Cisco Advanced Malware Protection
Cisco
|
cpe:/h:cisco:advanced_malware_protection:-
|
— | |
|
Cisco Unity Connection
Cisco
|
cpe:/a:cisco:unity_connection:1.1
|
— | |
|
Xerox Phaser
Xerox
|
cpe:/h:xerox:phaser:-
|
— | |
|
FreeBSD Project FreeBSD OS 10-10.3
FreeBSD Project / FreeBSD OS
|
cpe:/o:freebsd:freebsd:10.3
|
10-10.3 | |
|
Cisco Packet Tracer
Cisco
|
cpe:/a:cisco:packet_tracer:5.2
|
— | |
|
Tenable Security Nessus 6.8-6.8.2
Tenable Security / Nessus
|
cpe:/a:tenable:nessus:6.8.2
|
6.8-6.8.2 | |
|
Open Source OpenSSL <1.1.0a
Open Source / OpenSSL
|
<1.1.0a | ||
|
Cisco Nexus 6000
Cisco
|
cpe:/h:cisco:nexus_6000:-
|
— | |
|
Fortinet FortiOS
Fortinet
|
cpe:/o:fortinet:fortios:-
|
— | |
|
HPE Integrated Lights-Out 4
HPE / Integrated Lights-Out
|
cpe:/h:hp:integrated_lights-out:4.0
|
4 | |
|
Cisco Nexus 9000
Cisco
|
cpe:/h:cisco:nexus_9000:-
|
— | |
|
Cisco Unified Contact Center Enterprise
Cisco
|
cpe:/a:cisco:unified_contact_center_enterprise:-
|
— | |
|
Cisco Unified Communications Manager (CUCM)
Cisco
|
cpe:/a:cisco:unified_communications_manager:-
|
— | |
|
Cisco Wide Area Application Services
Cisco
|
cpe:/a:cisco:wide_area_application_services:-
|
— | |
|
Cisco Nexus 1000V
Cisco
|
cpe:/h:cisco:nexus_1000v:-
|
— | |
|
Open Source OpenSSL <1.0.2i
Open Source / OpenSSL
|
<1.0.2i | ||
|
F5 BIG-IP
F5 / BIG-IP
|
cpe:/a:f5:big-ip:-
|
— | |
|
Cisco Email Security Appliance
Cisco
|
cpe:/h:cisco:email_security_appliance:-
|
— | |
|
Ubuntu Linux 12.04 LTS
Ubuntu / Linux
|
cpe:/o:canonical:ubuntu_linux:12.04:-:lts
|
12.04 LTS | |
|
Cisco Digital Media Manager
Cisco
|
cpe:/a:cisco:digital_media_manager:-
|
— | |
|
F5 WebAccelerator
F5
|
cpe:/h:f5:big-ip_webaccelerator:10.2.4
|
— | |
|
Cisco Unified IP Phone
Cisco
|
cpe:/h:cisco:unified_ip_phones:::9900_series
|
— | |
|
FreeBSD Project FreeBSD OS 9.3
FreeBSD Project / FreeBSD OS
|
cpe:/o:freebsd:freebsd:9.3
|
9.3 | |
|
Cisco ACE
Cisco
|
cpe:/a:cisco:application_control_engine_software:a1%287%29
|
— | |
|
Open Source CentOS
Open Source
|
cpe:/o:centos:centos:-
|
— | |
|
Cisco Wireless LAN Controllers
Cisco
|
cpe:/a:cisco:wireless_lan_controllers:-
|
— |
Affected products
Known affected
86 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Cisco IP Phone
Cisco
|
cpe:/h:cisco:ip_phone:-
|
— | |
|
Cisco WebEx Meetings Server
Cisco
|
cpe:/a:cisco:webex_meetings_server:-
|
— | |
|
HPE Loadrunner Software
HPE
|
cpe:/a:hp:loadrunner:-
|
— | |
|
FreeBSD Project FreeBSD OS 9
FreeBSD Project / FreeBSD OS
|
cpe:/o:freebsd:freebsd:9.0
|
9 | |
|
Juniper Junos Space
Juniper / Junos Space
|
cpe:/a:juniper:junos_space:-
|
— | |
|
NetApp OnCommand Unified Manager
NetApp
|
cpe:/a:netapp:oncommand_unified_manager:-
|
— | |
|
Juniper ScreenOS
Juniper
|
cpe:/o:juniper:screenos:-
|
— | |
|
Blue Coat Director 6.1
Blue Coat / Director
|
cpe:/a:bluecoat:director:6.1
|
6.1 | |
|
Cisco Unified MeetingPlace (MP)
Cisco
|
cpe:/a:cisco:unified_meetingplace:-
|
— | |
|
Blue Coat ProxySG 6.5
Blue Coat / ProxySG
|
cpe:/h:bluecoat:proxysg:6.5
|
6.5 | |
|
Blue Coat ProxySG 6.6
Blue Coat / ProxySG
|
cpe:/h:bluecoat:proxysg:6.6
|
6.6 | |
|
Oracle Linux
Oracle
|
cpe:/o:oracle:linux:-
|
— | |
|
Cisco AnyConnect Secure Mobility Solution
Cisco
|
cpe:/a:cisco:anyconnect_secure_mobility_client:2.0
|
— | |
|
Cisco Prime Infrastructure
Cisco
|
cpe:/a:cisco:prime_infrastructure:-
|
— | |
|
IBM Rational Build Forge <8.0.0.27
IBM / Rational Build Forge
|
<8.0.0.27 | ||
|
F5 WAN Optimization Manager
F5
|
cpe:/a:f5:big-ip_wan_optimization_manager:-
|
— | |
|
Cisco Small Business 300 Series Managed Switches
Cisco
|
cpe:/h:cisco:small_business_300_series_managed_switches:1.2.7.76
|
— | |
|
Juniper JUNOS
Juniper
|
cpe:/o:juniper:junos:-
|
— | |
|
HPE SiteScope
HPE
|
cpe:/a:hp:sitescope:-
|
— | |
|
Cisco ONS
Cisco
|
cpe:/h:cisco:ons:15454
|
— | |
|
Cisco WebEx Node for MCS
Cisco
|
cpe:/a:cisco:webex_node_for_mcs:-
|
— | |
|
Cisco Prime Collaboration
Cisco
|
cpe:/a:cisco:prime_collaboration:-
|
— | |
|
Arista EOS
Arista
|
cpe:/o:arista:arista_eos:4.15
|
— | |
|
Cisco Show and Share
Cisco
|
cpe:/a:cisco:show_and_share:-
|
— | |
|
FreeBSD Project FreeBSD OS 11-11.0
FreeBSD Project / FreeBSD OS
|
cpe:/o:freebsd:freebsd:11
|
11-11.0 | |
|
Cisco Nexus 2000
Cisco
|
cpe:/h:cisco:nexus:3000
|
— | |
|
SUSE Linux Enterprise Server
SUSE
|
cpe:/o:suse:linux_enterprise_server:12:ltss
|
— | |
|
Cisco Video Surveillance
Cisco
|
cpe:/a:cisco:video_surveillance_ip_gateway_encoder_decoder:-
|
— | |
|
Cisco Nexus 7000
Cisco
|
cpe:/h:cisco:nexus_7000:-
|
— | |
|
Cisco Nexus 5000
Cisco
|
cpe:/h:cisco:nexus_5000:-
|
— | |
|
Cisco TelePresence
Cisco
|
cpe:/h:cisco:telepresence_video_communication_server:-::control
|
— | |
|
HPE Performance Center
HPE
|
cpe:/a:hp:performance_center:-
|
— | |
|
Cisco Emergency Responder
Cisco
|
cpe:/a:cisco:emergency_responder:-
|
— | |
|
Cisco Network Analysis Module
Cisco
|
cpe:/h:cisco:network_analysis_module:-
|
— | |
|
Dell NetWorker <19.10
Dell / NetWorker
|
<19.10 | ||
|
Cisco Secure Access Control Server (ACS)
Cisco
|
cpe:/a:cisco:secure_access_control_server:2.1%284%29:-:windows
|
— | |
|
Xerox FreeFlow Print Server
Xerox
|
cpe:/a:xerox:freeflow_print_server:8
|
— | |
|
SUSE Linux
SUSE
|
cpe:/o:suse:suse_linux:-
|
— | |
|
Cisco Security Manager (CSM)
Cisco
|
cpe:/a:cisco:security_manager:-
|
— | |
|
Debian Linux Jessie (8.0)
Debian
|
cpe:/o:debian:debian_linux:8.0
|
— | |
|
Cisco WebEx Meeting Center
Cisco
|
cpe:/a:cisco:webex_meeting_center:-
|
— | |
|
Blue Coat ProxyAV 3.5
Blue Coat / ProxyAV
|
cpe:/h:bluecoat:proxyav:3.5
|
3.5 | |
|
Cisco Unified Contact Center Express (UCCX)
Cisco
|
cpe:/h:cisco:unified_contact_center_express:-
|
— | |
|
Ubuntu Linux 16.04 LTS
Ubuntu / Linux
|
cpe:/o:canonical:ubuntu_linux:16.04_lts
|
16.04 LTS | |
|
Red Hat Enterprise Linux
Red Hat
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
Ubuntu Linux 14.04 LTS
Ubuntu / Linux
|
cpe:/o:canonical:ubuntu_linux:14.04:-:lts
|
14.04 LTS | |
|
Cisco Intrusion Prevention System (IPS)
Cisco
|
cpe:/h:cisco:intrusion_prevention_system:-
|
— | |
|
Cisco Unified Communications Domain Manager (CUCDM)
Cisco
|
cpe:/a:cisco:unified_communications_domain_manager:-
|
— | |
|
Cisco Application Networking Manager
Cisco
|
cpe:/a:cisco:application_networking_manager:-
|
— | |
|
Juniper Junos Space <24.1R2
Juniper / Junos Space
|
<24.1R2 | ||
|
Xerox WorkCentre
Xerox
|
cpe:/h:xerox:workcentre:-
|
— | |
|
Cisco Unity Express
Cisco
|
cpe:/h:cisco:unity_express:-
|
— | |
|
F5 FirePass
F5
|
cpe:/a:f5:firepass:-
|
— | |
|
F5 ARX 6.2.0-6.4.0
F5 / ARX
|
cpe:/a:f5:arx:-
|
6.2.0-6.4.0 | |
|
Cisco MDS 9000
Cisco
|
cpe:/o:cisco:mds_9000:-
|
— | |
|
F5 BIG-IP
F5 / BIG-IP
|
cpe:/a:f5:big-ip:-
|
— | |
|
Cisco Aironet Access Point
cisco
|
cpe:/h:cisco:aironet_3500:-
|
— | |
|
Cisco IOS
Cisco
|
cpe:/o:cisco:ios:10.0
|
— | |
|
Open Source OpenSSL <1.0.1u
Open Source / OpenSSL
|
<1.0.1u | ||
|
Cisco IOS XE
Cisco
|
cpe:/o:cisco:ios_xe:3.1.0s
|
— | |
|
Cisco Advanced Malware Protection
Cisco
|
cpe:/h:cisco:advanced_malware_protection:-
|
— | |
|
Cisco Unity Connection
Cisco
|
cpe:/a:cisco:unity_connection:1.1
|
— | |
|
Xerox Phaser
Xerox
|
cpe:/h:xerox:phaser:-
|
— | |
|
FreeBSD Project FreeBSD OS 10-10.3
FreeBSD Project / FreeBSD OS
|
cpe:/o:freebsd:freebsd:10.3
|
10-10.3 | |
|
Cisco Packet Tracer
Cisco
|
cpe:/a:cisco:packet_tracer:5.2
|
— | |
|
Tenable Security Nessus 6.8-6.8.2
Tenable Security / Nessus
|
cpe:/a:tenable:nessus:6.8.2
|
6.8-6.8.2 | |
|
Open Source OpenSSL <1.1.0a
Open Source / OpenSSL
|
<1.1.0a | ||
|
Cisco Nexus 6000
Cisco
|
cpe:/h:cisco:nexus_6000:-
|
— | |
|
Fortinet FortiOS
Fortinet
|
cpe:/o:fortinet:fortios:-
|
— | |
|
HPE Integrated Lights-Out 4
HPE / Integrated Lights-Out
|
cpe:/h:hp:integrated_lights-out:4.0
|
4 | |
|
Cisco Nexus 9000
Cisco
|
cpe:/h:cisco:nexus_9000:-
|
— | |
|
Cisco Unified Contact Center Enterprise
Cisco
|
cpe:/a:cisco:unified_contact_center_enterprise:-
|
— | |
|
Cisco Unified Communications Manager (CUCM)
Cisco
|
cpe:/a:cisco:unified_communications_manager:-
|
— | |
|
Cisco Wide Area Application Services
Cisco
|
cpe:/a:cisco:wide_area_application_services:-
|
— | |
|
Cisco Nexus 1000V
Cisco
|
cpe:/h:cisco:nexus_1000v:-
|
— | |
|
Open Source OpenSSL <1.0.2i
Open Source / OpenSSL
|
<1.0.2i | ||
|
F5 BIG-IP
F5 / BIG-IP
|
cpe:/a:f5:big-ip:-
|
— | |
|
Cisco Email Security Appliance
Cisco
|
cpe:/h:cisco:email_security_appliance:-
|
— | |
|
Ubuntu Linux 12.04 LTS
Ubuntu / Linux
|
cpe:/o:canonical:ubuntu_linux:12.04:-:lts
|
12.04 LTS | |
|
Cisco Digital Media Manager
Cisco
|
cpe:/a:cisco:digital_media_manager:-
|
— | |
|
F5 WebAccelerator
F5
|
cpe:/h:f5:big-ip_webaccelerator:10.2.4
|
— | |
|
Cisco Unified IP Phone
Cisco
|
cpe:/h:cisco:unified_ip_phones:::9900_series
|
— | |
|
FreeBSD Project FreeBSD OS 9.3
FreeBSD Project / FreeBSD OS
|
cpe:/o:freebsd:freebsd:9.3
|
9.3 | |
|
Cisco ACE
Cisco
|
cpe:/a:cisco:application_control_engine_software:a1%287%29
|
— | |
|
Open Source CentOS
Open Source
|
cpe:/o:centos:centos:-
|
— | |
|
Cisco Wireless LAN Controllers
Cisco
|
cpe:/a:cisco:wireless_lan_controllers:-
|
— |
Affected products
Known affected
86 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Cisco IP Phone
Cisco
|
cpe:/h:cisco:ip_phone:-
|
— | |
|
Cisco WebEx Meetings Server
Cisco
|
cpe:/a:cisco:webex_meetings_server:-
|
— | |
|
HPE Loadrunner Software
HPE
|
cpe:/a:hp:loadrunner:-
|
— | |
|
FreeBSD Project FreeBSD OS 9
FreeBSD Project / FreeBSD OS
|
cpe:/o:freebsd:freebsd:9.0
|
9 | |
|
Juniper Junos Space
Juniper / Junos Space
|
cpe:/a:juniper:junos_space:-
|
— | |
|
NetApp OnCommand Unified Manager
NetApp
|
cpe:/a:netapp:oncommand_unified_manager:-
|
— | |
|
Juniper ScreenOS
Juniper
|
cpe:/o:juniper:screenos:-
|
— | |
|
Blue Coat Director 6.1
Blue Coat / Director
|
cpe:/a:bluecoat:director:6.1
|
6.1 | |
|
Cisco Unified MeetingPlace (MP)
Cisco
|
cpe:/a:cisco:unified_meetingplace:-
|
— | |
|
Blue Coat ProxySG 6.5
Blue Coat / ProxySG
|
cpe:/h:bluecoat:proxysg:6.5
|
6.5 | |
|
Blue Coat ProxySG 6.6
Blue Coat / ProxySG
|
cpe:/h:bluecoat:proxysg:6.6
|
6.6 | |
|
Oracle Linux
Oracle
|
cpe:/o:oracle:linux:-
|
— | |
|
Cisco AnyConnect Secure Mobility Solution
Cisco
|
cpe:/a:cisco:anyconnect_secure_mobility_client:2.0
|
— | |
|
Cisco Prime Infrastructure
Cisco
|
cpe:/a:cisco:prime_infrastructure:-
|
— | |
|
IBM Rational Build Forge <8.0.0.27
IBM / Rational Build Forge
|
<8.0.0.27 | ||
|
F5 WAN Optimization Manager
F5
|
cpe:/a:f5:big-ip_wan_optimization_manager:-
|
— | |
|
Cisco Small Business 300 Series Managed Switches
Cisco
|
cpe:/h:cisco:small_business_300_series_managed_switches:1.2.7.76
|
— | |
|
Juniper JUNOS
Juniper
|
cpe:/o:juniper:junos:-
|
— | |
|
HPE SiteScope
HPE
|
cpe:/a:hp:sitescope:-
|
— | |
|
Cisco ONS
Cisco
|
cpe:/h:cisco:ons:15454
|
— | |
|
Cisco WebEx Node for MCS
Cisco
|
cpe:/a:cisco:webex_node_for_mcs:-
|
— | |
|
Cisco Prime Collaboration
Cisco
|
cpe:/a:cisco:prime_collaboration:-
|
— | |
|
Arista EOS
Arista
|
cpe:/o:arista:arista_eos:4.15
|
— | |
|
Cisco Show and Share
Cisco
|
cpe:/a:cisco:show_and_share:-
|
— | |
|
FreeBSD Project FreeBSD OS 11-11.0
FreeBSD Project / FreeBSD OS
|
cpe:/o:freebsd:freebsd:11
|
11-11.0 | |
|
Cisco Nexus 2000
Cisco
|
cpe:/h:cisco:nexus:3000
|
— | |
|
SUSE Linux Enterprise Server
SUSE
|
cpe:/o:suse:linux_enterprise_server:12:ltss
|
— | |
|
Cisco Video Surveillance
Cisco
|
cpe:/a:cisco:video_surveillance_ip_gateway_encoder_decoder:-
|
— | |
|
Cisco Nexus 7000
Cisco
|
cpe:/h:cisco:nexus_7000:-
|
— | |
|
Cisco Nexus 5000
Cisco
|
cpe:/h:cisco:nexus_5000:-
|
— | |
|
Cisco TelePresence
Cisco
|
cpe:/h:cisco:telepresence_video_communication_server:-::control
|
— | |
|
HPE Performance Center
HPE
|
cpe:/a:hp:performance_center:-
|
— | |
|
Cisco Emergency Responder
Cisco
|
cpe:/a:cisco:emergency_responder:-
|
— | |
|
Cisco Network Analysis Module
Cisco
|
cpe:/h:cisco:network_analysis_module:-
|
— | |
|
Dell NetWorker <19.10
Dell / NetWorker
|
<19.10 | ||
|
Cisco Secure Access Control Server (ACS)
Cisco
|
cpe:/a:cisco:secure_access_control_server:2.1%284%29:-:windows
|
— | |
|
Xerox FreeFlow Print Server
Xerox
|
cpe:/a:xerox:freeflow_print_server:8
|
— | |
|
SUSE Linux
SUSE
|
cpe:/o:suse:suse_linux:-
|
— | |
|
Cisco Security Manager (CSM)
Cisco
|
cpe:/a:cisco:security_manager:-
|
— | |
|
Debian Linux Jessie (8.0)
Debian
|
cpe:/o:debian:debian_linux:8.0
|
— | |
|
Cisco WebEx Meeting Center
Cisco
|
cpe:/a:cisco:webex_meeting_center:-
|
— | |
|
Blue Coat ProxyAV 3.5
Blue Coat / ProxyAV
|
cpe:/h:bluecoat:proxyav:3.5
|
3.5 | |
|
Cisco Unified Contact Center Express (UCCX)
Cisco
|
cpe:/h:cisco:unified_contact_center_express:-
|
— | |
|
Ubuntu Linux 16.04 LTS
Ubuntu / Linux
|
cpe:/o:canonical:ubuntu_linux:16.04_lts
|
16.04 LTS | |
|
Red Hat Enterprise Linux
Red Hat
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
Ubuntu Linux 14.04 LTS
Ubuntu / Linux
|
cpe:/o:canonical:ubuntu_linux:14.04:-:lts
|
14.04 LTS | |
|
Cisco Intrusion Prevention System (IPS)
Cisco
|
cpe:/h:cisco:intrusion_prevention_system:-
|
— | |
|
Cisco Unified Communications Domain Manager (CUCDM)
Cisco
|
cpe:/a:cisco:unified_communications_domain_manager:-
|
— | |
|
Cisco Application Networking Manager
Cisco
|
cpe:/a:cisco:application_networking_manager:-
|
— | |
|
Juniper Junos Space <24.1R2
Juniper / Junos Space
|
<24.1R2 | ||
|
Xerox WorkCentre
Xerox
|
cpe:/h:xerox:workcentre:-
|
— | |
|
Cisco Unity Express
Cisco
|
cpe:/h:cisco:unity_express:-
|
— | |
|
F5 FirePass
F5
|
cpe:/a:f5:firepass:-
|
— | |
|
F5 ARX 6.2.0-6.4.0
F5 / ARX
|
cpe:/a:f5:arx:-
|
6.2.0-6.4.0 | |
|
Cisco MDS 9000
Cisco
|
cpe:/o:cisco:mds_9000:-
|
— | |
|
F5 BIG-IP
F5 / BIG-IP
|
cpe:/a:f5:big-ip:-
|
— | |
|
Cisco Aironet Access Point
cisco
|
cpe:/h:cisco:aironet_3500:-
|
— | |
|
Cisco IOS
Cisco
|
cpe:/o:cisco:ios:10.0
|
— | |
|
Open Source OpenSSL <1.0.1u
Open Source / OpenSSL
|
<1.0.1u | ||
|
Cisco IOS XE
Cisco
|
cpe:/o:cisco:ios_xe:3.1.0s
|
— | |
|
Cisco Advanced Malware Protection
Cisco
|
cpe:/h:cisco:advanced_malware_protection:-
|
— | |
|
Cisco Unity Connection
Cisco
|
cpe:/a:cisco:unity_connection:1.1
|
— | |
|
Xerox Phaser
Xerox
|
cpe:/h:xerox:phaser:-
|
— | |
|
FreeBSD Project FreeBSD OS 10-10.3
FreeBSD Project / FreeBSD OS
|
cpe:/o:freebsd:freebsd:10.3
|
10-10.3 | |
|
Cisco Packet Tracer
Cisco
|
cpe:/a:cisco:packet_tracer:5.2
|
— | |
|
Tenable Security Nessus 6.8-6.8.2
Tenable Security / Nessus
|
cpe:/a:tenable:nessus:6.8.2
|
6.8-6.8.2 | |
|
Open Source OpenSSL <1.1.0a
Open Source / OpenSSL
|
<1.1.0a | ||
|
Cisco Nexus 6000
Cisco
|
cpe:/h:cisco:nexus_6000:-
|
— | |
|
Fortinet FortiOS
Fortinet
|
cpe:/o:fortinet:fortios:-
|
— | |
|
HPE Integrated Lights-Out 4
HPE / Integrated Lights-Out
|
cpe:/h:hp:integrated_lights-out:4.0
|
4 | |
|
Cisco Nexus 9000
Cisco
|
cpe:/h:cisco:nexus_9000:-
|
— | |
|
Cisco Unified Contact Center Enterprise
Cisco
|
cpe:/a:cisco:unified_contact_center_enterprise:-
|
— | |
|
Cisco Unified Communications Manager (CUCM)
Cisco
|
cpe:/a:cisco:unified_communications_manager:-
|
— | |
|
Cisco Wide Area Application Services
Cisco
|
cpe:/a:cisco:wide_area_application_services:-
|
— | |
|
Cisco Nexus 1000V
Cisco
|
cpe:/h:cisco:nexus_1000v:-
|
— | |
|
Open Source OpenSSL <1.0.2i
Open Source / OpenSSL
|
<1.0.2i | ||
|
F5 BIG-IP
F5 / BIG-IP
|
cpe:/a:f5:big-ip:-
|
— | |
|
Cisco Email Security Appliance
Cisco
|
cpe:/h:cisco:email_security_appliance:-
|
— | |
|
Ubuntu Linux 12.04 LTS
Ubuntu / Linux
|
cpe:/o:canonical:ubuntu_linux:12.04:-:lts
|
12.04 LTS | |
|
Cisco Digital Media Manager
Cisco
|
cpe:/a:cisco:digital_media_manager:-
|
— | |
|
F5 WebAccelerator
F5
|
cpe:/h:f5:big-ip_webaccelerator:10.2.4
|
— | |
|
Cisco Unified IP Phone
Cisco
|
cpe:/h:cisco:unified_ip_phones:::9900_series
|
— | |
|
FreeBSD Project FreeBSD OS 9.3
FreeBSD Project / FreeBSD OS
|
cpe:/o:freebsd:freebsd:9.3
|
9.3 | |
|
Cisco ACE
Cisco
|
cpe:/a:cisco:application_control_engine_software:a1%287%29
|
— | |
|
Open Source CentOS
Open Source
|
cpe:/o:centos:centos:-
|
— | |
|
Cisco Wireless LAN Controllers
Cisco
|
cpe:/a:cisco:wireless_lan_controllers:-
|
— |
Affected products
Known affected
86 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Cisco IP Phone
Cisco
|
cpe:/h:cisco:ip_phone:-
|
— | |
|
Cisco WebEx Meetings Server
Cisco
|
cpe:/a:cisco:webex_meetings_server:-
|
— | |
|
HPE Loadrunner Software
HPE
|
cpe:/a:hp:loadrunner:-
|
— | |
|
FreeBSD Project FreeBSD OS 9
FreeBSD Project / FreeBSD OS
|
cpe:/o:freebsd:freebsd:9.0
|
9 | |
|
Juniper Junos Space
Juniper / Junos Space
|
cpe:/a:juniper:junos_space:-
|
— | |
|
NetApp OnCommand Unified Manager
NetApp
|
cpe:/a:netapp:oncommand_unified_manager:-
|
— | |
|
Juniper ScreenOS
Juniper
|
cpe:/o:juniper:screenos:-
|
— | |
|
Blue Coat Director 6.1
Blue Coat / Director
|
cpe:/a:bluecoat:director:6.1
|
6.1 | |
|
Cisco Unified MeetingPlace (MP)
Cisco
|
cpe:/a:cisco:unified_meetingplace:-
|
— | |
|
Blue Coat ProxySG 6.5
Blue Coat / ProxySG
|
cpe:/h:bluecoat:proxysg:6.5
|
6.5 | |
|
Blue Coat ProxySG 6.6
Blue Coat / ProxySG
|
cpe:/h:bluecoat:proxysg:6.6
|
6.6 | |
|
Oracle Linux
Oracle
|
cpe:/o:oracle:linux:-
|
— | |
|
Cisco AnyConnect Secure Mobility Solution
Cisco
|
cpe:/a:cisco:anyconnect_secure_mobility_client:2.0
|
— | |
|
Cisco Prime Infrastructure
Cisco
|
cpe:/a:cisco:prime_infrastructure:-
|
— | |
|
IBM Rational Build Forge <8.0.0.27
IBM / Rational Build Forge
|
<8.0.0.27 | ||
|
F5 WAN Optimization Manager
F5
|
cpe:/a:f5:big-ip_wan_optimization_manager:-
|
— | |
|
Cisco Small Business 300 Series Managed Switches
Cisco
|
cpe:/h:cisco:small_business_300_series_managed_switches:1.2.7.76
|
— | |
|
Juniper JUNOS
Juniper
|
cpe:/o:juniper:junos:-
|
— | |
|
HPE SiteScope
HPE
|
cpe:/a:hp:sitescope:-
|
— | |
|
Cisco ONS
Cisco
|
cpe:/h:cisco:ons:15454
|
— | |
|
Cisco WebEx Node for MCS
Cisco
|
cpe:/a:cisco:webex_node_for_mcs:-
|
— | |
|
Cisco Prime Collaboration
Cisco
|
cpe:/a:cisco:prime_collaboration:-
|
— | |
|
Arista EOS
Arista
|
cpe:/o:arista:arista_eos:4.15
|
— | |
|
Cisco Show and Share
Cisco
|
cpe:/a:cisco:show_and_share:-
|
— | |
|
FreeBSD Project FreeBSD OS 11-11.0
FreeBSD Project / FreeBSD OS
|
cpe:/o:freebsd:freebsd:11
|
11-11.0 | |
|
Cisco Nexus 2000
Cisco
|
cpe:/h:cisco:nexus:3000
|
— | |
|
SUSE Linux Enterprise Server
SUSE
|
cpe:/o:suse:linux_enterprise_server:12:ltss
|
— | |
|
Cisco Video Surveillance
Cisco
|
cpe:/a:cisco:video_surveillance_ip_gateway_encoder_decoder:-
|
— | |
|
Cisco Nexus 7000
Cisco
|
cpe:/h:cisco:nexus_7000:-
|
— | |
|
Cisco Nexus 5000
Cisco
|
cpe:/h:cisco:nexus_5000:-
|
— | |
|
Cisco TelePresence
Cisco
|
cpe:/h:cisco:telepresence_video_communication_server:-::control
|
— | |
|
HPE Performance Center
HPE
|
cpe:/a:hp:performance_center:-
|
— | |
|
Cisco Emergency Responder
Cisco
|
cpe:/a:cisco:emergency_responder:-
|
— | |
|
Cisco Network Analysis Module
Cisco
|
cpe:/h:cisco:network_analysis_module:-
|
— | |
|
Dell NetWorker <19.10
Dell / NetWorker
|
<19.10 | ||
|
Cisco Secure Access Control Server (ACS)
Cisco
|
cpe:/a:cisco:secure_access_control_server:2.1%284%29:-:windows
|
— | |
|
Xerox FreeFlow Print Server
Xerox
|
cpe:/a:xerox:freeflow_print_server:8
|
— | |
|
SUSE Linux
SUSE
|
cpe:/o:suse:suse_linux:-
|
— | |
|
Cisco Security Manager (CSM)
Cisco
|
cpe:/a:cisco:security_manager:-
|
— | |
|
Debian Linux Jessie (8.0)
Debian
|
cpe:/o:debian:debian_linux:8.0
|
— | |
|
Cisco WebEx Meeting Center
Cisco
|
cpe:/a:cisco:webex_meeting_center:-
|
— | |
|
Blue Coat ProxyAV 3.5
Blue Coat / ProxyAV
|
cpe:/h:bluecoat:proxyav:3.5
|
3.5 | |
|
Cisco Unified Contact Center Express (UCCX)
Cisco
|
cpe:/h:cisco:unified_contact_center_express:-
|
— | |
|
Ubuntu Linux 16.04 LTS
Ubuntu / Linux
|
cpe:/o:canonical:ubuntu_linux:16.04_lts
|
16.04 LTS | |
|
Red Hat Enterprise Linux
Red Hat
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
Ubuntu Linux 14.04 LTS
Ubuntu / Linux
|
cpe:/o:canonical:ubuntu_linux:14.04:-:lts
|
14.04 LTS | |
|
Cisco Intrusion Prevention System (IPS)
Cisco
|
cpe:/h:cisco:intrusion_prevention_system:-
|
— | |
|
Cisco Unified Communications Domain Manager (CUCDM)
Cisco
|
cpe:/a:cisco:unified_communications_domain_manager:-
|
— | |
|
Cisco Application Networking Manager
Cisco
|
cpe:/a:cisco:application_networking_manager:-
|
— | |
|
Juniper Junos Space <24.1R2
Juniper / Junos Space
|
<24.1R2 | ||
|
Xerox WorkCentre
Xerox
|
cpe:/h:xerox:workcentre:-
|
— | |
|
Cisco Unity Express
Cisco
|
cpe:/h:cisco:unity_express:-
|
— | |
|
F5 FirePass
F5
|
cpe:/a:f5:firepass:-
|
— | |
|
F5 ARX 6.2.0-6.4.0
F5 / ARX
|
cpe:/a:f5:arx:-
|
6.2.0-6.4.0 | |
|
Cisco MDS 9000
Cisco
|
cpe:/o:cisco:mds_9000:-
|
— | |
|
F5 BIG-IP
F5 / BIG-IP
|
cpe:/a:f5:big-ip:-
|
— | |
|
Cisco Aironet Access Point
cisco
|
cpe:/h:cisco:aironet_3500:-
|
— | |
|
Cisco IOS
Cisco
|
cpe:/o:cisco:ios:10.0
|
— | |
|
Open Source OpenSSL <1.0.1u
Open Source / OpenSSL
|
<1.0.1u | ||
|
Cisco IOS XE
Cisco
|
cpe:/o:cisco:ios_xe:3.1.0s
|
— | |
|
Cisco Advanced Malware Protection
Cisco
|
cpe:/h:cisco:advanced_malware_protection:-
|
— | |
|
Cisco Unity Connection
Cisco
|
cpe:/a:cisco:unity_connection:1.1
|
— | |
|
Xerox Phaser
Xerox
|
cpe:/h:xerox:phaser:-
|
— | |
|
FreeBSD Project FreeBSD OS 10-10.3
FreeBSD Project / FreeBSD OS
|
cpe:/o:freebsd:freebsd:10.3
|
10-10.3 | |
|
Cisco Packet Tracer
Cisco
|
cpe:/a:cisco:packet_tracer:5.2
|
— | |
|
Tenable Security Nessus 6.8-6.8.2
Tenable Security / Nessus
|
cpe:/a:tenable:nessus:6.8.2
|
6.8-6.8.2 | |
|
Open Source OpenSSL <1.1.0a
Open Source / OpenSSL
|
<1.1.0a | ||
|
Cisco Nexus 6000
Cisco
|
cpe:/h:cisco:nexus_6000:-
|
— | |
|
Fortinet FortiOS
Fortinet
|
cpe:/o:fortinet:fortios:-
|
— | |
|
HPE Integrated Lights-Out 4
HPE / Integrated Lights-Out
|
cpe:/h:hp:integrated_lights-out:4.0
|
4 | |
|
Cisco Nexus 9000
Cisco
|
cpe:/h:cisco:nexus_9000:-
|
— | |
|
Cisco Unified Contact Center Enterprise
Cisco
|
cpe:/a:cisco:unified_contact_center_enterprise:-
|
— | |
|
Cisco Unified Communications Manager (CUCM)
Cisco
|
cpe:/a:cisco:unified_communications_manager:-
|
— | |
|
Cisco Wide Area Application Services
Cisco
|
cpe:/a:cisco:wide_area_application_services:-
|
— | |
|
Cisco Nexus 1000V
Cisco
|
cpe:/h:cisco:nexus_1000v:-
|
— | |
|
Open Source OpenSSL <1.0.2i
Open Source / OpenSSL
|
<1.0.2i | ||
|
F5 BIG-IP
F5 / BIG-IP
|
cpe:/a:f5:big-ip:-
|
— | |
|
Cisco Email Security Appliance
Cisco
|
cpe:/h:cisco:email_security_appliance:-
|
— | |
|
Ubuntu Linux 12.04 LTS
Ubuntu / Linux
|
cpe:/o:canonical:ubuntu_linux:12.04:-:lts
|
12.04 LTS | |
|
Cisco Digital Media Manager
Cisco
|
cpe:/a:cisco:digital_media_manager:-
|
— | |
|
F5 WebAccelerator
F5
|
cpe:/h:f5:big-ip_webaccelerator:10.2.4
|
— | |
|
Cisco Unified IP Phone
Cisco
|
cpe:/h:cisco:unified_ip_phones:::9900_series
|
— | |
|
FreeBSD Project FreeBSD OS 9.3
FreeBSD Project / FreeBSD OS
|
cpe:/o:freebsd:freebsd:9.3
|
9.3 | |
|
Cisco ACE
Cisco
|
cpe:/a:cisco:application_control_engine_software:a1%287%29
|
— | |
|
Open Source CentOS
Open Source
|
cpe:/o:centos:centos:-
|
— | |
|
Cisco Wireless LAN Controllers
Cisco
|
cpe:/a:cisco:wireless_lan_controllers:-
|
— |
Affected products
Known affected
86 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Cisco IP Phone
Cisco
|
cpe:/h:cisco:ip_phone:-
|
— | |
|
Cisco WebEx Meetings Server
Cisco
|
cpe:/a:cisco:webex_meetings_server:-
|
— | |
|
HPE Loadrunner Software
HPE
|
cpe:/a:hp:loadrunner:-
|
— | |
|
FreeBSD Project FreeBSD OS 9
FreeBSD Project / FreeBSD OS
|
cpe:/o:freebsd:freebsd:9.0
|
9 | |
|
Juniper Junos Space
Juniper / Junos Space
|
cpe:/a:juniper:junos_space:-
|
— | |
|
NetApp OnCommand Unified Manager
NetApp
|
cpe:/a:netapp:oncommand_unified_manager:-
|
— | |
|
Juniper ScreenOS
Juniper
|
cpe:/o:juniper:screenos:-
|
— | |
|
Blue Coat Director 6.1
Blue Coat / Director
|
cpe:/a:bluecoat:director:6.1
|
6.1 | |
|
Cisco Unified MeetingPlace (MP)
Cisco
|
cpe:/a:cisco:unified_meetingplace:-
|
— | |
|
Blue Coat ProxySG 6.5
Blue Coat / ProxySG
|
cpe:/h:bluecoat:proxysg:6.5
|
6.5 | |
|
Blue Coat ProxySG 6.6
Blue Coat / ProxySG
|
cpe:/h:bluecoat:proxysg:6.6
|
6.6 | |
|
Oracle Linux
Oracle
|
cpe:/o:oracle:linux:-
|
— | |
|
Cisco AnyConnect Secure Mobility Solution
Cisco
|
cpe:/a:cisco:anyconnect_secure_mobility_client:2.0
|
— | |
|
Cisco Prime Infrastructure
Cisco
|
cpe:/a:cisco:prime_infrastructure:-
|
— | |
|
IBM Rational Build Forge <8.0.0.27
IBM / Rational Build Forge
|
<8.0.0.27 | ||
|
F5 WAN Optimization Manager
F5
|
cpe:/a:f5:big-ip_wan_optimization_manager:-
|
— | |
|
Cisco Small Business 300 Series Managed Switches
Cisco
|
cpe:/h:cisco:small_business_300_series_managed_switches:1.2.7.76
|
— | |
|
Juniper JUNOS
Juniper
|
cpe:/o:juniper:junos:-
|
— | |
|
HPE SiteScope
HPE
|
cpe:/a:hp:sitescope:-
|
— | |
|
Cisco ONS
Cisco
|
cpe:/h:cisco:ons:15454
|
— | |
|
Cisco WebEx Node for MCS
Cisco
|
cpe:/a:cisco:webex_node_for_mcs:-
|
— | |
|
Cisco Prime Collaboration
Cisco
|
cpe:/a:cisco:prime_collaboration:-
|
— | |
|
Arista EOS
Arista
|
cpe:/o:arista:arista_eos:4.15
|
— | |
|
Cisco Show and Share
Cisco
|
cpe:/a:cisco:show_and_share:-
|
— | |
|
FreeBSD Project FreeBSD OS 11-11.0
FreeBSD Project / FreeBSD OS
|
cpe:/o:freebsd:freebsd:11
|
11-11.0 | |
|
Cisco Nexus 2000
Cisco
|
cpe:/h:cisco:nexus:3000
|
— | |
|
SUSE Linux Enterprise Server
SUSE
|
cpe:/o:suse:linux_enterprise_server:12:ltss
|
— | |
|
Cisco Video Surveillance
Cisco
|
cpe:/a:cisco:video_surveillance_ip_gateway_encoder_decoder:-
|
— | |
|
Cisco Nexus 7000
Cisco
|
cpe:/h:cisco:nexus_7000:-
|
— | |
|
Cisco Nexus 5000
Cisco
|
cpe:/h:cisco:nexus_5000:-
|
— | |
|
Cisco TelePresence
Cisco
|
cpe:/h:cisco:telepresence_video_communication_server:-::control
|
— | |
|
HPE Performance Center
HPE
|
cpe:/a:hp:performance_center:-
|
— | |
|
Cisco Emergency Responder
Cisco
|
cpe:/a:cisco:emergency_responder:-
|
— | |
|
Cisco Network Analysis Module
Cisco
|
cpe:/h:cisco:network_analysis_module:-
|
— | |
|
Dell NetWorker <19.10
Dell / NetWorker
|
<19.10 | ||
|
Cisco Secure Access Control Server (ACS)
Cisco
|
cpe:/a:cisco:secure_access_control_server:2.1%284%29:-:windows
|
— | |
|
Xerox FreeFlow Print Server
Xerox
|
cpe:/a:xerox:freeflow_print_server:8
|
— | |
|
SUSE Linux
SUSE
|
cpe:/o:suse:suse_linux:-
|
— | |
|
Cisco Security Manager (CSM)
Cisco
|
cpe:/a:cisco:security_manager:-
|
— | |
|
Debian Linux Jessie (8.0)
Debian
|
cpe:/o:debian:debian_linux:8.0
|
— | |
|
Cisco WebEx Meeting Center
Cisco
|
cpe:/a:cisco:webex_meeting_center:-
|
— | |
|
Blue Coat ProxyAV 3.5
Blue Coat / ProxyAV
|
cpe:/h:bluecoat:proxyav:3.5
|
3.5 | |
|
Cisco Unified Contact Center Express (UCCX)
Cisco
|
cpe:/h:cisco:unified_contact_center_express:-
|
— | |
|
Ubuntu Linux 16.04 LTS
Ubuntu / Linux
|
cpe:/o:canonical:ubuntu_linux:16.04_lts
|
16.04 LTS | |
|
Red Hat Enterprise Linux
Red Hat
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
Ubuntu Linux 14.04 LTS
Ubuntu / Linux
|
cpe:/o:canonical:ubuntu_linux:14.04:-:lts
|
14.04 LTS | |
|
Cisco Intrusion Prevention System (IPS)
Cisco
|
cpe:/h:cisco:intrusion_prevention_system:-
|
— | |
|
Cisco Unified Communications Domain Manager (CUCDM)
Cisco
|
cpe:/a:cisco:unified_communications_domain_manager:-
|
— | |
|
Cisco Application Networking Manager
Cisco
|
cpe:/a:cisco:application_networking_manager:-
|
— | |
|
Juniper Junos Space <24.1R2
Juniper / Junos Space
|
<24.1R2 | ||
|
Xerox WorkCentre
Xerox
|
cpe:/h:xerox:workcentre:-
|
— | |
|
Cisco Unity Express
Cisco
|
cpe:/h:cisco:unity_express:-
|
— | |
|
F5 FirePass
F5
|
cpe:/a:f5:firepass:-
|
— | |
|
F5 ARX 6.2.0-6.4.0
F5 / ARX
|
cpe:/a:f5:arx:-
|
6.2.0-6.4.0 | |
|
Cisco MDS 9000
Cisco
|
cpe:/o:cisco:mds_9000:-
|
— | |
|
F5 BIG-IP
F5 / BIG-IP
|
cpe:/a:f5:big-ip:-
|
— | |
|
Cisco Aironet Access Point
cisco
|
cpe:/h:cisco:aironet_3500:-
|
— | |
|
Cisco IOS
Cisco
|
cpe:/o:cisco:ios:10.0
|
— | |
|
Open Source OpenSSL <1.0.1u
Open Source / OpenSSL
|
<1.0.1u | ||
|
Cisco IOS XE
Cisco
|
cpe:/o:cisco:ios_xe:3.1.0s
|
— | |
|
Cisco Advanced Malware Protection
Cisco
|
cpe:/h:cisco:advanced_malware_protection:-
|
— | |
|
Cisco Unity Connection
Cisco
|
cpe:/a:cisco:unity_connection:1.1
|
— | |
|
Xerox Phaser
Xerox
|
cpe:/h:xerox:phaser:-
|
— | |
|
FreeBSD Project FreeBSD OS 10-10.3
FreeBSD Project / FreeBSD OS
|
cpe:/o:freebsd:freebsd:10.3
|
10-10.3 | |
|
Cisco Packet Tracer
Cisco
|
cpe:/a:cisco:packet_tracer:5.2
|
— | |
|
Tenable Security Nessus 6.8-6.8.2
Tenable Security / Nessus
|
cpe:/a:tenable:nessus:6.8.2
|
6.8-6.8.2 | |
|
Open Source OpenSSL <1.1.0a
Open Source / OpenSSL
|
<1.1.0a | ||
|
Cisco Nexus 6000
Cisco
|
cpe:/h:cisco:nexus_6000:-
|
— | |
|
Fortinet FortiOS
Fortinet
|
cpe:/o:fortinet:fortios:-
|
— | |
|
HPE Integrated Lights-Out 4
HPE / Integrated Lights-Out
|
cpe:/h:hp:integrated_lights-out:4.0
|
4 | |
|
Cisco Nexus 9000
Cisco
|
cpe:/h:cisco:nexus_9000:-
|
— | |
|
Cisco Unified Contact Center Enterprise
Cisco
|
cpe:/a:cisco:unified_contact_center_enterprise:-
|
— | |
|
Cisco Unified Communications Manager (CUCM)
Cisco
|
cpe:/a:cisco:unified_communications_manager:-
|
— | |
|
Cisco Wide Area Application Services
Cisco
|
cpe:/a:cisco:wide_area_application_services:-
|
— | |
|
Cisco Nexus 1000V
Cisco
|
cpe:/h:cisco:nexus_1000v:-
|
— | |
|
Open Source OpenSSL <1.0.2i
Open Source / OpenSSL
|
<1.0.2i | ||
|
F5 BIG-IP
F5 / BIG-IP
|
cpe:/a:f5:big-ip:-
|
— | |
|
Cisco Email Security Appliance
Cisco
|
cpe:/h:cisco:email_security_appliance:-
|
— | |
|
Ubuntu Linux 12.04 LTS
Ubuntu / Linux
|
cpe:/o:canonical:ubuntu_linux:12.04:-:lts
|
12.04 LTS | |
|
Cisco Digital Media Manager
Cisco
|
cpe:/a:cisco:digital_media_manager:-
|
— | |
|
F5 WebAccelerator
F5
|
cpe:/h:f5:big-ip_webaccelerator:10.2.4
|
— | |
|
Cisco Unified IP Phone
Cisco
|
cpe:/h:cisco:unified_ip_phones:::9900_series
|
— | |
|
FreeBSD Project FreeBSD OS 9.3
FreeBSD Project / FreeBSD OS
|
cpe:/o:freebsd:freebsd:9.3
|
9.3 | |
|
Cisco ACE
Cisco
|
cpe:/a:cisco:application_control_engine_software:a1%287%29
|
— | |
|
Open Source CentOS
Open Source
|
cpe:/o:centos:centos:-
|
— | |
|
Cisco Wireless LAN Controllers
Cisco
|
cpe:/a:cisco:wireless_lan_controllers:-
|
— |
Affected products
Known affected
86 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Cisco IP Phone
Cisco
|
cpe:/h:cisco:ip_phone:-
|
— | |
|
Cisco WebEx Meetings Server
Cisco
|
cpe:/a:cisco:webex_meetings_server:-
|
— | |
|
HPE Loadrunner Software
HPE
|
cpe:/a:hp:loadrunner:-
|
— | |
|
FreeBSD Project FreeBSD OS 9
FreeBSD Project / FreeBSD OS
|
cpe:/o:freebsd:freebsd:9.0
|
9 | |
|
Juniper Junos Space
Juniper / Junos Space
|
cpe:/a:juniper:junos_space:-
|
— | |
|
NetApp OnCommand Unified Manager
NetApp
|
cpe:/a:netapp:oncommand_unified_manager:-
|
— | |
|
Juniper ScreenOS
Juniper
|
cpe:/o:juniper:screenos:-
|
— | |
|
Blue Coat Director 6.1
Blue Coat / Director
|
cpe:/a:bluecoat:director:6.1
|
6.1 | |
|
Cisco Unified MeetingPlace (MP)
Cisco
|
cpe:/a:cisco:unified_meetingplace:-
|
— | |
|
Blue Coat ProxySG 6.5
Blue Coat / ProxySG
|
cpe:/h:bluecoat:proxysg:6.5
|
6.5 | |
|
Blue Coat ProxySG 6.6
Blue Coat / ProxySG
|
cpe:/h:bluecoat:proxysg:6.6
|
6.6 | |
|
Oracle Linux
Oracle
|
cpe:/o:oracle:linux:-
|
— | |
|
Cisco AnyConnect Secure Mobility Solution
Cisco
|
cpe:/a:cisco:anyconnect_secure_mobility_client:2.0
|
— | |
|
Cisco Prime Infrastructure
Cisco
|
cpe:/a:cisco:prime_infrastructure:-
|
— | |
|
IBM Rational Build Forge <8.0.0.27
IBM / Rational Build Forge
|
<8.0.0.27 | ||
|
F5 WAN Optimization Manager
F5
|
cpe:/a:f5:big-ip_wan_optimization_manager:-
|
— | |
|
Cisco Small Business 300 Series Managed Switches
Cisco
|
cpe:/h:cisco:small_business_300_series_managed_switches:1.2.7.76
|
— | |
|
Juniper JUNOS
Juniper
|
cpe:/o:juniper:junos:-
|
— | |
|
HPE SiteScope
HPE
|
cpe:/a:hp:sitescope:-
|
— | |
|
Cisco ONS
Cisco
|
cpe:/h:cisco:ons:15454
|
— | |
|
Cisco WebEx Node for MCS
Cisco
|
cpe:/a:cisco:webex_node_for_mcs:-
|
— | |
|
Cisco Prime Collaboration
Cisco
|
cpe:/a:cisco:prime_collaboration:-
|
— | |
|
Arista EOS
Arista
|
cpe:/o:arista:arista_eos:4.15
|
— | |
|
Cisco Show and Share
Cisco
|
cpe:/a:cisco:show_and_share:-
|
— | |
|
FreeBSD Project FreeBSD OS 11-11.0
FreeBSD Project / FreeBSD OS
|
cpe:/o:freebsd:freebsd:11
|
11-11.0 | |
|
Cisco Nexus 2000
Cisco
|
cpe:/h:cisco:nexus:3000
|
— | |
|
SUSE Linux Enterprise Server
SUSE
|
cpe:/o:suse:linux_enterprise_server:12:ltss
|
— | |
|
Cisco Video Surveillance
Cisco
|
cpe:/a:cisco:video_surveillance_ip_gateway_encoder_decoder:-
|
— | |
|
Cisco Nexus 7000
Cisco
|
cpe:/h:cisco:nexus_7000:-
|
— | |
|
Cisco Nexus 5000
Cisco
|
cpe:/h:cisco:nexus_5000:-
|
— | |
|
Cisco TelePresence
Cisco
|
cpe:/h:cisco:telepresence_video_communication_server:-::control
|
— | |
|
HPE Performance Center
HPE
|
cpe:/a:hp:performance_center:-
|
— | |
|
Cisco Emergency Responder
Cisco
|
cpe:/a:cisco:emergency_responder:-
|
— | |
|
Cisco Network Analysis Module
Cisco
|
cpe:/h:cisco:network_analysis_module:-
|
— | |
|
Dell NetWorker <19.10
Dell / NetWorker
|
<19.10 | ||
|
Cisco Secure Access Control Server (ACS)
Cisco
|
cpe:/a:cisco:secure_access_control_server:2.1%284%29:-:windows
|
— | |
|
Xerox FreeFlow Print Server
Xerox
|
cpe:/a:xerox:freeflow_print_server:8
|
— | |
|
SUSE Linux
SUSE
|
cpe:/o:suse:suse_linux:-
|
— | |
|
Cisco Security Manager (CSM)
Cisco
|
cpe:/a:cisco:security_manager:-
|
— | |
|
Debian Linux Jessie (8.0)
Debian
|
cpe:/o:debian:debian_linux:8.0
|
— | |
|
Cisco WebEx Meeting Center
Cisco
|
cpe:/a:cisco:webex_meeting_center:-
|
— | |
|
Blue Coat ProxyAV 3.5
Blue Coat / ProxyAV
|
cpe:/h:bluecoat:proxyav:3.5
|
3.5 | |
|
Cisco Unified Contact Center Express (UCCX)
Cisco
|
cpe:/h:cisco:unified_contact_center_express:-
|
— | |
|
Ubuntu Linux 16.04 LTS
Ubuntu / Linux
|
cpe:/o:canonical:ubuntu_linux:16.04_lts
|
16.04 LTS | |
|
Red Hat Enterprise Linux
Red Hat
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
Ubuntu Linux 14.04 LTS
Ubuntu / Linux
|
cpe:/o:canonical:ubuntu_linux:14.04:-:lts
|
14.04 LTS | |
|
Cisco Intrusion Prevention System (IPS)
Cisco
|
cpe:/h:cisco:intrusion_prevention_system:-
|
— | |
|
Cisco Unified Communications Domain Manager (CUCDM)
Cisco
|
cpe:/a:cisco:unified_communications_domain_manager:-
|
— | |
|
Cisco Application Networking Manager
Cisco
|
cpe:/a:cisco:application_networking_manager:-
|
— | |
|
Juniper Junos Space <24.1R2
Juniper / Junos Space
|
<24.1R2 | ||
|
Xerox WorkCentre
Xerox
|
cpe:/h:xerox:workcentre:-
|
— | |
|
Cisco Unity Express
Cisco
|
cpe:/h:cisco:unity_express:-
|
— | |
|
F5 FirePass
F5
|
cpe:/a:f5:firepass:-
|
— | |
|
F5 ARX 6.2.0-6.4.0
F5 / ARX
|
cpe:/a:f5:arx:-
|
6.2.0-6.4.0 | |
|
Cisco MDS 9000
Cisco
|
cpe:/o:cisco:mds_9000:-
|
— | |
|
F5 BIG-IP
F5 / BIG-IP
|
cpe:/a:f5:big-ip:-
|
— | |
|
Cisco Aironet Access Point
cisco
|
cpe:/h:cisco:aironet_3500:-
|
— | |
|
Cisco IOS
Cisco
|
cpe:/o:cisco:ios:10.0
|
— | |
|
Open Source OpenSSL <1.0.1u
Open Source / OpenSSL
|
<1.0.1u | ||
|
Cisco IOS XE
Cisco
|
cpe:/o:cisco:ios_xe:3.1.0s
|
— | |
|
Cisco Advanced Malware Protection
Cisco
|
cpe:/h:cisco:advanced_malware_protection:-
|
— | |
|
Cisco Unity Connection
Cisco
|
cpe:/a:cisco:unity_connection:1.1
|
— | |
|
Xerox Phaser
Xerox
|
cpe:/h:xerox:phaser:-
|
— | |
|
FreeBSD Project FreeBSD OS 10-10.3
FreeBSD Project / FreeBSD OS
|
cpe:/o:freebsd:freebsd:10.3
|
10-10.3 | |
|
Cisco Packet Tracer
Cisco
|
cpe:/a:cisco:packet_tracer:5.2
|
— | |
|
Tenable Security Nessus 6.8-6.8.2
Tenable Security / Nessus
|
cpe:/a:tenable:nessus:6.8.2
|
6.8-6.8.2 | |
|
Open Source OpenSSL <1.1.0a
Open Source / OpenSSL
|
<1.1.0a | ||
|
Cisco Nexus 6000
Cisco
|
cpe:/h:cisco:nexus_6000:-
|
— | |
|
Fortinet FortiOS
Fortinet
|
cpe:/o:fortinet:fortios:-
|
— | |
|
HPE Integrated Lights-Out 4
HPE / Integrated Lights-Out
|
cpe:/h:hp:integrated_lights-out:4.0
|
4 | |
|
Cisco Nexus 9000
Cisco
|
cpe:/h:cisco:nexus_9000:-
|
— | |
|
Cisco Unified Contact Center Enterprise
Cisco
|
cpe:/a:cisco:unified_contact_center_enterprise:-
|
— | |
|
Cisco Unified Communications Manager (CUCM)
Cisco
|
cpe:/a:cisco:unified_communications_manager:-
|
— | |
|
Cisco Wide Area Application Services
Cisco
|
cpe:/a:cisco:wide_area_application_services:-
|
— | |
|
Cisco Nexus 1000V
Cisco
|
cpe:/h:cisco:nexus_1000v:-
|
— | |
|
Open Source OpenSSL <1.0.2i
Open Source / OpenSSL
|
<1.0.2i | ||
|
F5 BIG-IP
F5 / BIG-IP
|
cpe:/a:f5:big-ip:-
|
— | |
|
Cisco Email Security Appliance
Cisco
|
cpe:/h:cisco:email_security_appliance:-
|
— | |
|
Ubuntu Linux 12.04 LTS
Ubuntu / Linux
|
cpe:/o:canonical:ubuntu_linux:12.04:-:lts
|
12.04 LTS | |
|
Cisco Digital Media Manager
Cisco
|
cpe:/a:cisco:digital_media_manager:-
|
— | |
|
F5 WebAccelerator
F5
|
cpe:/h:f5:big-ip_webaccelerator:10.2.4
|
— | |
|
Cisco Unified IP Phone
Cisco
|
cpe:/h:cisco:unified_ip_phones:::9900_series
|
— | |
|
FreeBSD Project FreeBSD OS 9.3
FreeBSD Project / FreeBSD OS
|
cpe:/o:freebsd:freebsd:9.3
|
9.3 | |
|
Cisco ACE
Cisco
|
cpe:/a:cisco:application_control_engine_software:a1%287%29
|
— | |
|
Open Source CentOS
Open Source
|
cpe:/o:centos:centos:-
|
— | |
|
Cisco Wireless LAN Controllers
Cisco
|
cpe:/a:cisco:wireless_lan_controllers:-
|
— |
Affected products
Known affected
83 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Cisco IP Phone
Cisco
|
cpe:/h:cisco:ip_phone:-
|
— | |
|
Cisco WebEx Meetings Server
Cisco
|
cpe:/a:cisco:webex_meetings_server:-
|
— | |
|
FreeBSD Project FreeBSD OS 9
FreeBSD Project / FreeBSD OS
|
cpe:/o:freebsd:freebsd:9.0
|
9 | |
|
Juniper Junos Space
Juniper / Junos Space
|
cpe:/a:juniper:junos_space:-
|
— | |
|
NetApp OnCommand Unified Manager
NetApp
|
cpe:/a:netapp:oncommand_unified_manager:-
|
— | |
|
Juniper ScreenOS
Juniper
|
cpe:/o:juniper:screenos:-
|
— | |
|
Blue Coat Director 6.1
Blue Coat / Director
|
cpe:/a:bluecoat:director:6.1
|
6.1 | |
|
Cisco Unified MeetingPlace (MP)
Cisco
|
cpe:/a:cisco:unified_meetingplace:-
|
— | |
|
Blue Coat ProxySG 6.5
Blue Coat / ProxySG
|
cpe:/h:bluecoat:proxysg:6.5
|
6.5 | |
|
Blue Coat ProxySG 6.6
Blue Coat / ProxySG
|
cpe:/h:bluecoat:proxysg:6.6
|
6.6 | |
|
Oracle Linux
Oracle
|
cpe:/o:oracle:linux:-
|
— | |
|
Cisco AnyConnect Secure Mobility Solution
Cisco
|
cpe:/a:cisco:anyconnect_secure_mobility_client:2.0
|
— | |
|
Cisco Prime Infrastructure
Cisco
|
cpe:/a:cisco:prime_infrastructure:-
|
— | |
|
IBM Rational Build Forge <8.0.0.27
IBM / Rational Build Forge
|
<8.0.0.27 | ||
|
F5 WAN Optimization Manager
F5
|
cpe:/a:f5:big-ip_wan_optimization_manager:-
|
— | |
|
Cisco Small Business 300 Series Managed Switches
Cisco
|
cpe:/h:cisco:small_business_300_series_managed_switches:1.2.7.76
|
— | |
|
Juniper JUNOS
Juniper
|
cpe:/o:juniper:junos:-
|
— | |
|
HPE SiteScope
HPE
|
cpe:/a:hp:sitescope:-
|
— | |
|
Cisco ONS
Cisco
|
cpe:/h:cisco:ons:15454
|
— | |
|
Cisco WebEx Node for MCS
Cisco
|
cpe:/a:cisco:webex_node_for_mcs:-
|
— | |
|
Cisco Prime Collaboration
Cisco
|
cpe:/a:cisco:prime_collaboration:-
|
— | |
|
Arista EOS
Arista
|
cpe:/o:arista:arista_eos:4.15
|
— | |
|
Cisco Show and Share
Cisco
|
cpe:/a:cisco:show_and_share:-
|
— | |
|
FreeBSD Project FreeBSD OS 11-11.0
FreeBSD Project / FreeBSD OS
|
cpe:/o:freebsd:freebsd:11
|
11-11.0 | |
|
Cisco Nexus 2000
Cisco
|
cpe:/h:cisco:nexus:3000
|
— | |
|
SUSE Linux Enterprise Server
SUSE
|
cpe:/o:suse:linux_enterprise_server:12:ltss
|
— | |
|
Cisco Video Surveillance
Cisco
|
cpe:/a:cisco:video_surveillance_ip_gateway_encoder_decoder:-
|
— | |
|
Cisco Nexus 7000
Cisco
|
cpe:/h:cisco:nexus_7000:-
|
— | |
|
Cisco Nexus 5000
Cisco
|
cpe:/h:cisco:nexus_5000:-
|
— | |
|
Cisco TelePresence
Cisco
|
cpe:/h:cisco:telepresence_video_communication_server:-::control
|
— | |
|
Cisco Emergency Responder
Cisco
|
cpe:/a:cisco:emergency_responder:-
|
— | |
|
Cisco Network Analysis Module
Cisco
|
cpe:/h:cisco:network_analysis_module:-
|
— | |
|
Dell NetWorker <19.10
Dell / NetWorker
|
<19.10 | ||
|
Cisco Secure Access Control Server (ACS)
Cisco
|
cpe:/a:cisco:secure_access_control_server:2.1%284%29:-:windows
|
— | |
|
Xerox FreeFlow Print Server
Xerox
|
cpe:/a:xerox:freeflow_print_server:8
|
— | |
|
SUSE Linux
SUSE
|
cpe:/o:suse:suse_linux:-
|
— | |
|
Cisco Security Manager (CSM)
Cisco
|
cpe:/a:cisco:security_manager:-
|
— | |
|
Debian Linux Jessie (8.0)
Debian
|
cpe:/o:debian:debian_linux:8.0
|
— | |
|
Cisco WebEx Meeting Center
Cisco
|
cpe:/a:cisco:webex_meeting_center:-
|
— | |
|
Blue Coat ProxyAV 3.5
Blue Coat / ProxyAV
|
cpe:/h:bluecoat:proxyav:3.5
|
3.5 | |
|
Cisco Unified Contact Center Express (UCCX)
Cisco
|
cpe:/h:cisco:unified_contact_center_express:-
|
— | |
|
Ubuntu Linux 16.04 LTS
Ubuntu / Linux
|
cpe:/o:canonical:ubuntu_linux:16.04_lts
|
16.04 LTS | |
|
Red Hat Enterprise Linux
Red Hat
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
Ubuntu Linux 14.04 LTS
Ubuntu / Linux
|
cpe:/o:canonical:ubuntu_linux:14.04:-:lts
|
14.04 LTS | |
|
Cisco Intrusion Prevention System (IPS)
Cisco
|
cpe:/h:cisco:intrusion_prevention_system:-
|
— | |
|
Cisco Unified Communications Domain Manager (CUCDM)
Cisco
|
cpe:/a:cisco:unified_communications_domain_manager:-
|
— | |
|
Cisco Application Networking Manager
Cisco
|
cpe:/a:cisco:application_networking_manager:-
|
— | |
|
Juniper Junos Space <24.1R2
Juniper / Junos Space
|
<24.1R2 | ||
|
Cisco Unity Express
Cisco
|
cpe:/h:cisco:unity_express:-
|
— | |
|
F5 FirePass
F5
|
cpe:/a:f5:firepass:-
|
— | |
|
F5 ARX 6.2.0-6.4.0
F5 / ARX
|
cpe:/a:f5:arx:-
|
6.2.0-6.4.0 | |
|
Cisco MDS 9000
Cisco
|
cpe:/o:cisco:mds_9000:-
|
— | |
|
F5 BIG-IP
F5 / BIG-IP
|
cpe:/a:f5:big-ip:-
|
— | |
|
Cisco Aironet Access Point
cisco
|
cpe:/h:cisco:aironet_3500:-
|
— | |
|
Cisco IOS
Cisco
|
cpe:/o:cisco:ios:10.0
|
— | |
|
Open Source OpenSSL <1.0.1u
Open Source / OpenSSL
|
<1.0.1u | ||
|
Cisco IOS XE
Cisco
|
cpe:/o:cisco:ios_xe:3.1.0s
|
— | |
|
Cisco Advanced Malware Protection
Cisco
|
cpe:/h:cisco:advanced_malware_protection:-
|
— | |
|
Cisco Unity Connection
Cisco
|
cpe:/a:cisco:unity_connection:1.1
|
— | |
|
Xerox Phaser
Xerox
|
cpe:/h:xerox:phaser:-
|
— | |
|
FreeBSD Project FreeBSD OS 10-10.3
FreeBSD Project / FreeBSD OS
|
cpe:/o:freebsd:freebsd:10.3
|
10-10.3 | |
|
Cisco Packet Tracer
Cisco
|
cpe:/a:cisco:packet_tracer:5.2
|
— | |
|
Tenable Security Nessus 6.8-6.8.2
Tenable Security / Nessus
|
cpe:/a:tenable:nessus:6.8.2
|
6.8-6.8.2 | |
|
Open Source OpenSSL <1.1.0a
Open Source / OpenSSL
|
<1.1.0a | ||
|
Cisco Nexus 6000
Cisco
|
cpe:/h:cisco:nexus_6000:-
|
— | |
|
Fortinet FortiOS
Fortinet
|
cpe:/o:fortinet:fortios:-
|
— | |
|
HPE Integrated Lights-Out 4
HPE / Integrated Lights-Out
|
cpe:/h:hp:integrated_lights-out:4.0
|
4 | |
|
Cisco Nexus 9000
Cisco
|
cpe:/h:cisco:nexus_9000:-
|
— | |
|
Cisco Unified Contact Center Enterprise
Cisco
|
cpe:/a:cisco:unified_contact_center_enterprise:-
|
— | |
|
Cisco Unified Communications Manager (CUCM)
Cisco
|
cpe:/a:cisco:unified_communications_manager:-
|
— | |
|
Cisco Wide Area Application Services
Cisco
|
cpe:/a:cisco:wide_area_application_services:-
|
— | |
|
Cisco Nexus 1000V
Cisco
|
cpe:/h:cisco:nexus_1000v:-
|
— | |
|
Open Source OpenSSL <1.0.2i
Open Source / OpenSSL
|
<1.0.2i | ||
|
F5 BIG-IP
F5 / BIG-IP
|
cpe:/a:f5:big-ip:-
|
— | |
|
Cisco Email Security Appliance
Cisco
|
cpe:/h:cisco:email_security_appliance:-
|
— | |
|
Ubuntu Linux 12.04 LTS
Ubuntu / Linux
|
cpe:/o:canonical:ubuntu_linux:12.04:-:lts
|
12.04 LTS | |
|
Cisco Digital Media Manager
Cisco
|
cpe:/a:cisco:digital_media_manager:-
|
— | |
|
F5 WebAccelerator
F5
|
cpe:/h:f5:big-ip_webaccelerator:10.2.4
|
— | |
|
Cisco Unified IP Phone
Cisco
|
cpe:/h:cisco:unified_ip_phones:::9900_series
|
— | |
|
FreeBSD Project FreeBSD OS 9.3
FreeBSD Project / FreeBSD OS
|
cpe:/o:freebsd:freebsd:9.3
|
9.3 | |
|
Cisco ACE
Cisco
|
cpe:/a:cisco:application_control_engine_software:a1%287%29
|
— | |
|
Open Source CentOS
Open Source
|
cpe:/o:centos:centos:-
|
— | |
|
Cisco Wireless LAN Controllers
Cisco
|
cpe:/a:cisco:wireless_lan_controllers:-
|
— |
References
79 references
{
"document": {
"aggregate_severity": {
"text": "mittel"
},
"category": "csaf_base",
"csaf_version": "2.0",
"distribution": {
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "de-DE",
"notes": [
{
"category": "legal_disclaimer",
"text": "Das BSI ist als Anbieter f\u00fcr die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch daf\u00fcr verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgf\u00e4ltig im Einzelfall zu pr\u00fcfen."
},
{
"category": "description",
"text": "OpenSSL ist eine im Quelltext frei verf\u00fcgbare Bibliothek, die Secure Sockets Layer (SSL) und Transport Layer Security (TLS) implementiert.",
"title": "Produktbeschreibung"
},
{
"category": "summary",
"text": "Ein entfernter, anonymer Angreifer kann mehrere Schwachstellen in OpenSSL ausnutzen, um Sicherheitsvorkehrungen zu umgehen, einen Denial of Service Angriff durchzuf\u00fchren oder vertrauliche Informationen offenzulegen.",
"title": "Angriff"
},
{
"category": "general",
"text": "- Appliance\n- CISCO Appliance\n- F5 Networks\n- Juniper Appliance\n- Linux\n- UNIX\n- Windows",
"title": "Betroffene Betriebssysteme"
}
],
"publisher": {
"category": "other",
"contact_details": "csaf-provider@cert-bund.de",
"name": "Bundesamt f\u00fcr Sicherheit in der Informationstechnik",
"namespace": "https://www.bsi.bund.de"
},
"references": [
{
"category": "self",
"summary": "WID-SEC-W-2024-0209 - CSAF Version",
"url": "https://wid.cert-bund.de/.well-known/csaf/white/2016/wid-sec-w-2024-0209.json"
},
{
"category": "self",
"summary": "WID-SEC-2024-0209 - Portal Version",
"url": "https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2024-0209"
},
{
"category": "external",
"summary": "OpenSSL Security Advisory vom 2016-09-22",
"url": "https://www.openssl.org/news/secadv/20160922.txt"
},
{
"category": "external",
"summary": "FreeBSD Security Advisory FREEBSD-SA-16:26.OPENSSL vom 2016-09-23",
"url": "https://security.FreeBSD.org/advisories/FreeBSD-SA-16:26.openssl.asc"
},
{
"category": "external",
"summary": "Ubuntu Security Notice USN-3087-2 vom 2016-09-23",
"url": "http://www.ubuntu.com/usn/usn-3087-2/"
},
{
"category": "external",
"summary": "SUSE Security Update Announcement ID SUSE-SU-2016:2387-1",
"url": "https://www.suse.com/de-de/support/update/announcement/2016/suse-su-20162387-1.html"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2016:1940 vom 2016-09-27",
"url": "https://access.redhat.com/errata/RHSA-2016:1940"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2016:2394-1 vom 2016-09-27",
"url": "https://www.suse.com/support/update/announcement/2016/suse-su-20162394-1.html"
},
{
"category": "external",
"summary": "CISCO Security Advisory CISCO-SA-20160927-OPENSSL vom 2016-09-27",
"url": "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160927-openssl?vs_f=Cisco%20Security%20Advisory\u0026vs_cat=Security%20Intelligence\u0026vs_type=RSS\u0026vs_p=Multiple%20Vulnerabilities%20in%20OpenSSL%20Affecting%20Cisco%20Products:%20September%202016\u0026vs_k=1"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2016:2458-1 vom 2016-10-05",
"url": "https://www.suse.com/support/update/announcement/2016/suse-su-20162458-1.html"
},
{
"category": "external",
"summary": "Arista Security Advisory 0024 vom 2016-10-05",
"url": "http://www.arista.com/en/support/advisories-notices/security-advisories/1749-security-advisory-24"
},
{
"category": "external",
"summary": "F5 Security Advisory sol13167034 vom 2016-10-05",
"url": "https://support.f5.com/kb/en-us/solutions/public/k/13/sol13167034.html?ref=rss"
},
{
"category": "external",
"summary": "Blue Coat Security Advisory sa13 vom 2016-10-06",
"url": "https://kb.bluecoat.com/security-advisory/sa132"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2016:2468-1 vom 2016-10-07",
"url": "https://www.suse.com/support/update/announcement/2016/suse-su-20162468-1.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2016:2469-1 vom 2016-10-07",
"url": "https://www.suse.com/support/update/announcement/2016/suse-su-20162469-1.html"
},
{
"category": "external",
"summary": "Juniper Security Bulletin JSA10759 vom 2016-10-14",
"url": "https://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10759\u0026cat=SIRT_1\u0026actp=LIST"
},
{
"category": "external",
"summary": "Update des CISCO Security Advisory CISCO-SA-20160927-OPENSSL vom 2016-10-19",
"url": "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160927-openssl?vs_f=Cisco%20Security%20Advisory\u0026vs_cat=Security%20Intelligence\u0026vs_type=RSS\u0026vs_p=Multiple%20Vulnerabilities%20in%20OpenSSL%20Affecting%20Cisco%20Products:%20September%202016\u0026vs_k=1"
},
{
"category": "external",
"summary": "F5 Security Advisory sol90492697 vom 2016-10-24",
"url": "https://support.f5.com/kb/en-us/solutions/public/k/90/sol90492697.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2016:2545-1 vom 2016-10-25",
"url": "https://www.suse.com/support/update/announcement/2016/suse-su-20162545-1.html"
},
{
"category": "external",
"summary": "Tenable Advisory ID TNS-2016-16 vom 2016-10-25",
"url": "http://www.tenable.com/security/tns-2016-16"
},
{
"category": "external",
"summary": "F5 Security Advisory sol59298921 vom 2016-10-30",
"url": "https://support.f5.com/kb/en-us/solutions/public/k/59/sol59298921.html?ref=rss"
},
{
"category": "external",
"summary": "F5 Security Advisory SOL23512141 vom 2016-11-01",
"url": "https://support.f5.com/kb/en-us/solutions/public/k/23/sol23512141.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2016:2470-2 vom 2016-11-01",
"url": "https://www.suse.com/support/update/announcement/2016/suse-su-20162470-2.html"
},
{
"category": "external",
"summary": "HPE SECURITY BULLETIN c05323116 vom 2016-11-01",
"url": "https://h20564.www2.hpe.com/hpsc/doc/public/display?docId=emr_na-c05323116"
},
{
"category": "external",
"summary": "F5 Security Advisory SOL01276005 vom 2016-11-04",
"url": "https://support.f5.com/kb/en-us/solutions/public/k/01/sol01276005.html"
},
{
"category": "external",
"summary": "F5 Security Advisory SOL02652550 vom 2016-11-14",
"url": "https://support.f5.com/kb/en-us/solutions/public/k/02/sol02652550.html"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2016:2802 vom 2016-11-18",
"url": "https://access.redhat.com/errata/RHSA-2016:2802"
},
{
"category": "external",
"summary": "BLUECOAT Security Advisory SA135 vom 2016-12-01",
"url": "https://bto.bluecoat.com/security-advisory/sa135"
},
{
"category": "external",
"summary": "Xerox Mini Bulletin XRX16AF vom 2016-12-04",
"url": "https://www.xerox.com/download/security/security-bulletin/1cf9a-54159c674d1b0/cert_Security_Mini-_Bulletin_XRX16AF_for_PH3635_v1-0.pdf"
},
{
"category": "external",
"summary": "RedHat Security Advisory RHSA-2016-2957",
"url": "https://rhn.redhat.com/errata/RHSA-2016-2957.html"
},
{
"category": "external",
"summary": "BLUECOAT Security Advisory SA137 vom 2016-12-20",
"url": "https://bto.bluecoat.com/security-advisory/sa137"
},
{
"category": "external",
"summary": "BLUECOAT Security Advisory SA133 vom 2016-12-23",
"url": "https://bto.bluecoat.com/security-advisory/sa133"
},
{
"category": "external",
"summary": "Juniper Security Advisory JSA10774 vom 2017-01-12",
"url": "https://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10774"
},
{
"category": "external",
"summary": "Juniper Security Advisory JSA10770 vom 2017-01-12",
"url": "http://www.auscert.org.au/render.html?it=42842"
},
{
"category": "external",
"summary": "HP Security Bulletin c05369403",
"url": "https://h20564.www2.hpe.com/hpsc/doc/public/display?docId=emr_na-c05369403"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2017:0193 vom 2017-01-26",
"url": "https://access.redhat.com/errata/RHSA-2017:0193"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2017:0194 vom 2017-01-26",
"url": "https://access.redhat.com/errata/RHSA-2017:0194"
},
{
"category": "external",
"summary": "Ubuntu Security Notice USN-3181-1 vom 2017-01-31",
"url": "http://www.ubuntu.com/usn/usn-3181-1/"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2017:0460-1 vom 2017-02-14",
"url": "https://lists.opensuse.org/opensuse-security-announce/2017-02/msg00023.html"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2017:0462 vom 2017-03-08",
"url": "https://access.redhat.com/errata/RHSA-2017:0462"
},
{
"category": "external",
"summary": "Xerox Security Bulletin XRX17-006 vom 2017-03-08",
"url": "https://www.xerox.com/download/security/security-bulletin/2efe6-54a395387fa39/cert_XRX17-006_FFPSv8_UpdateManager_Mar2017.pdf"
},
{
"category": "external",
"summary": "Xerox Security Bulletin XRX17-005 vom 2017-03-08",
"url": "https://www.xerox.com/download/security/security-bulletin/312e6-54a3954424112/cert_XRX17-005_FFPSv7_v9_UpdateManager_Mar2017.pdf"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2017:0719-1 vom 2017-03-17",
"url": "https://www.suse.com/support/update/announcement/2017/suse-su-20170719-1.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2017:0716-1 vom 2017-03-17",
"url": "https://www.suse.com/support/update/announcement/2017/suse-su-20170716-1.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2017:0726-1 vom 2017-03-17",
"url": "https://www.suse.com/support/update/announcement/2017/suse-su-20170726-1.html"
},
{
"category": "external",
"summary": "Fortinet Security Advisory FG-IR-16-048 vom 2017-04-06",
"url": "http://fortiguard.com/psirt/FG-IR-16-048"
},
{
"category": "external",
"summary": "NetApp Advisory Number NTAP-20160928-0001 vom 2017-04-06",
"url": "https://kb.netapp.com/support/s/article/ka51A00000007QeQAI/NTAP-20160928-0001?language=en_US"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2017:1414 vom 2017-06-07",
"url": "https://access.redhat.com/errata/RHSA-2017:1414"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2017:1413 vom 2017-06-07",
"url": "https://access.redhat.com/errata/RHSA-2017:1413"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2017:1415 vom 2017-06-08",
"url": "https://rhn.redhat.com/errata/RHSA-2017-1415.html"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2017:1658 vom 2017-06-29",
"url": "https://access.redhat.com/errata/RHSA-2017:1658"
},
{
"category": "external",
"summary": "HPE SECURITY BULLETIN hpesbgn03765en_us vom 2017-08-31",
"url": "https://h20564.www2.hpe.com/hpsc/doc/public/display?docId=emr_na-hpesbgn03765en_us"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2017:2710 vom 2017-09-13",
"url": "https://access.redhat.com/errata/RHSA-2017:2710"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2017:2709 vom 2017-09-13",
"url": "https://access.redhat.com/errata/RHSA-2017:2709"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2017:2708 vom 2017-09-13",
"url": "https://access.redhat.com/errata/RHSA-2017:2708"
},
{
"category": "external",
"summary": "Xerox Mini Bulletin XRX17AD vom 2017-09-28",
"url": "https://security.business.xerox.com/wp-content/uploads/2017/09/cert_Security_Mini-_Bulletin_XRX17AD_for_PH3635_v1.0.pdf"
},
{
"category": "external",
"summary": "Xerox Mini Bulletin XRX17AE vom 2017-09-28",
"url": "https://security.business.xerox.com/wp-content/uploads/2017/09/cert_Security_Mini-_Bulletin_XRX17AE_for_WC3325_v1.0.pdf"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2017:3114 vom 2017-11-02",
"url": "https://access.redhat.com/errata/RHSA-2017:3114"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2017:3113 vom 2017-11-02",
"url": "https://access.redhat.com/errata/RHSA-2017:3113"
},
{
"category": "external",
"summary": "F5 Security Advisory K53084033 vom 2017-11-06",
"url": "https://support.f5.com/csp/article/K53084033"
},
{
"category": "external",
"summary": "McAfee Security Bulletin:SB10215",
"url": "https://kc.mcafee.com/corporate/index?page=content\u0026id=SB10215"
},
{
"category": "external",
"summary": "NetApp Security Advisory NTAP-20160915-0001 vom 2018-01-30",
"url": "https://security.netapp.com/advisory/ntap-20160915-0001/"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2018:2123 vom 2018-07-03",
"url": "http://rhn.redhat.com/errata/RHSA-2018-2123.html"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2018:2185 vom 2018-07-13",
"url": "https://access.redhat.com/errata/RHSA-2018:2185"
},
{
"category": "external",
"summary": "CentOS Security Advisory CESA-2018:2123 vom 2018-07-13",
"url": "http://centos-announce.2309468.n4.nabble.com/CentOS-announce-CESA-2018-2123-Moderate-CentOS-7-python-Security-Update-tp4645172.html"
},
{
"category": "external",
"summary": "NetApp Security Advisory NTAP-20170119-0001 vom 2019-02-07",
"url": "https://security.netapp.com/advisory/ntap-20170119-0001/"
},
{
"category": "external",
"summary": "Oracle Linux Security Advisory ELSA-2019-4581 vom 2019-03-13",
"url": "http://linux.oracle.com/errata/ELSA-2019-4581.html"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2019:1245 vom 2019-05-20",
"url": "https://access.redhat.com/errata/RHSA-2019:1245"
},
{
"category": "external",
"summary": "Oracle Linux Security Advisory ELSA-2019-4747 vom 2019-08-16",
"url": "http://linux.oracle.com/errata/ELSA-2019-4747.html"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2019:2859 vom 2019-09-27",
"url": "https://access.redhat.com/errata/RHSA-2019:2859"
},
{
"category": "external",
"summary": "EMC Security Advisory 542344 vom 2020-03-31",
"url": "https://www.dell.com/support/security/de-de/details/542344/DSA-2020-072-Dell-EMC-VNX2-Family-Security-Update-for-Multiple-Third-Party-Component-Vulnerabilit"
},
{
"category": "external",
"summary": "Oracle Linux Security Advisory ELSA-2021-9150 vom 2021-04-01",
"url": "https://linux.oracle.com/errata/ELSA-2021-9150.html"
},
{
"category": "external",
"summary": "F5 Security Advisory K90492697 vom 2021-05-18",
"url": "https://support.f5.com/csp/article/K90492697"
},
{
"category": "external",
"summary": "Oracle Linux Security Advisory ELSA-2022-9272 vom 2022-04-08",
"url": "https://linux.oracle.com/errata/ELSA-2022-9272.html"
},
{
"category": "external",
"summary": "Dell Knowledge Base Article",
"url": "https://www.dell.com/support/kbdoc/en-us/000221474/dsa-2024-059-security-update-for-dell-networker-multiple-components-vulnerabilities"
},
{
"category": "external",
"summary": "IBM Security Bulletin 7173018 vom 2024-10-14",
"url": "https://www.ibm.com/support/pages/node/7173018"
},
{
"category": "external",
"summary": "Juniper Security Advisory JSA92874 vom 2024-01-09",
"url": "https://supportportal.juniper.net/s/article/2025-01-Security-Bulletin-Junos-Space-Multiple-vulnerabilities-resolved-in-24-1R2-release"
},
{
"category": "external",
"summary": "Juniper Security Bulletin",
"url": "https://supportportal.juniper.net/s/article/2025-01-Security-Bulletin-Junos-Space-Multiple-vulnerabilities-resolved-in-24-1R2-release?language=en_US"
},
{
"category": "external",
"summary": "F5 Security Advisory K02652550 vom 2025-10-31",
"url": "https://my.f5.com/manage/s/article/K02652550"
}
],
"source_lang": "en-US",
"title": "OpenSSL: Mehrere Schwachstellen",
"tracking": {
"current_release_date": "2025-11-02T23:00:00.000+00:00",
"generator": {
"date": "2025-11-03T10:33:34.142+00:00",
"engine": {
"name": "BSI-WID",
"version": "1.4.0"
}
},
"id": "WID-SEC-W-2024-0209",
"initial_release_date": "2016-09-22T22:00:00.000+00:00",
"revision_history": [
{
"date": "2016-09-22T22:00:00.000+00:00",
"number": "1",
"summary": "Initial Release"
},
{
"date": "2016-09-22T22:00:00.000+00:00",
"number": "2",
"summary": "Version nicht vorhanden"
},
{
"date": "2016-09-25T22:00:00.000+00:00",
"number": "3",
"summary": "New remediations available"
},
{
"date": "2016-09-25T22:00:00.000+00:00",
"number": "4",
"summary": "Version nicht vorhanden"
},
{
"date": "2016-09-26T22:00:00.000+00:00",
"number": "5",
"summary": "New remediations available"
},
{
"date": "2016-09-26T22:00:00.000+00:00",
"number": "6",
"summary": "Version nicht vorhanden"
},
{
"date": "2016-09-27T22:00:00.000+00:00",
"number": "7",
"summary": "New remediations available"
},
{
"date": "2016-09-27T22:00:00.000+00:00",
"number": "8",
"summary": "New remediations available"
},
{
"date": "2016-10-05T22:00:00.000+00:00",
"number": "9",
"summary": "New remediations available"
},
{
"date": "2016-10-05T22:00:00.000+00:00",
"number": "10",
"summary": "Version nicht vorhanden"
},
{
"date": "2016-10-05T22:00:00.000+00:00",
"number": "11",
"summary": "Version nicht vorhanden"
},
{
"date": "2016-10-05T22:00:00.000+00:00",
"number": "12",
"summary": "Version nicht vorhanden"
},
{
"date": "2016-10-05T22:00:00.000+00:00",
"number": "13",
"summary": "Version nicht vorhanden"
},
{
"date": "2016-10-05T22:00:00.000+00:00",
"number": "14",
"summary": "Version nicht vorhanden"
},
{
"date": "2016-10-05T22:00:00.000+00:00",
"number": "15",
"summary": "Version nicht vorhanden"
},
{
"date": "2016-10-05T22:00:00.000+00:00",
"number": "16",
"summary": "Version nicht vorhanden"
},
{
"date": "2016-10-06T22:00:00.000+00:00",
"number": "17",
"summary": "New remediations available"
},
{
"date": "2016-10-06T22:00:00.000+00:00",
"number": "18",
"summary": "New remediations available"
},
{
"date": "2016-10-06T22:00:00.000+00:00",
"number": "19",
"summary": "Version nicht vorhanden"
},
{
"date": "2016-10-16T22:00:00.000+00:00",
"number": "20",
"summary": "New remediations available"
},
{
"date": "2016-10-16T22:00:00.000+00:00",
"number": "21",
"summary": "Version nicht vorhanden"
},
{
"date": "2016-10-16T22:00:00.000+00:00",
"number": "22",
"summary": "Version nicht vorhanden"
},
{
"date": "2016-10-16T22:00:00.000+00:00",
"number": "23",
"summary": "Version nicht vorhanden"
},
{
"date": "2016-10-16T22:00:00.000+00:00",
"number": "24",
"summary": "Version nicht vorhanden"
},
{
"date": "2016-10-16T22:00:00.000+00:00",
"number": "25",
"summary": "Version nicht vorhanden"
},
{
"date": "2016-10-16T22:00:00.000+00:00",
"number": "26",
"summary": "Version nicht vorhanden"
},
{
"date": "2016-10-24T22:00:00.000+00:00",
"number": "27",
"summary": "New remediations available"
},
{
"date": "2016-10-25T22:00:00.000+00:00",
"number": "28",
"summary": "New remediations available"
},
{
"date": "2016-10-25T22:00:00.000+00:00",
"number": "29",
"summary": "New remediations available"
},
{
"date": "2016-10-25T22:00:00.000+00:00",
"number": "30",
"summary": "Version nicht vorhanden"
},
{
"date": "2016-10-25T22:00:00.000+00:00",
"number": "31",
"summary": "Version nicht vorhanden"
},
{
"date": "2016-10-31T23:00:00.000+00:00",
"number": "32",
"summary": "New remediations available"
},
{
"date": "2016-11-01T23:00:00.000+00:00",
"number": "33",
"summary": "New remediations available"
},
{
"date": "2016-11-01T23:00:00.000+00:00",
"number": "34",
"summary": "New remediations available"
},
{
"date": "2016-11-01T23:00:00.000+00:00",
"number": "35",
"summary": "Version nicht vorhanden"
},
{
"date": "2016-11-01T23:00:00.000+00:00",
"number": "36",
"summary": "Version nicht vorhanden"
},
{
"date": "2016-11-06T23:00:00.000+00:00",
"number": "37",
"summary": "New remediations available"
},
{
"date": "2016-11-06T23:00:00.000+00:00",
"number": "38",
"summary": "Version nicht vorhanden"
},
{
"date": "2016-11-14T23:00:00.000+00:00",
"number": "39",
"summary": "New remediations available"
},
{
"date": "2016-11-17T23:00:00.000+00:00",
"number": "40",
"summary": "New remediations available"
},
{
"date": "2016-11-17T23:00:00.000+00:00",
"number": "41",
"summary": "Version nicht vorhanden"
},
{
"date": "2016-11-17T23:00:00.000+00:00",
"number": "42",
"summary": "Version nicht vorhanden"
},
{
"date": "2016-11-30T23:00:00.000+00:00",
"number": "43",
"summary": "New remediations available"
},
{
"date": "2016-11-30T23:00:00.000+00:00",
"number": "44",
"summary": "Version nicht vorhanden"
},
{
"date": "2016-11-30T23:00:00.000+00:00",
"number": "45",
"summary": "Version nicht vorhanden"
},
{
"date": "2016-12-18T23:00:00.000+00:00",
"number": "46",
"summary": "New remediations available"
},
{
"date": "2016-12-20T23:00:00.000+00:00",
"number": "47",
"summary": "New remediations available"
},
{
"date": "2016-12-22T23:00:00.000+00:00",
"number": "48",
"summary": "New remediations available"
},
{
"date": "2017-01-11T23:00:00.000+00:00",
"number": "49",
"summary": "New remediations available"
},
{
"date": "2017-01-12T23:00:00.000+00:00",
"number": "50",
"summary": "New remediations available"
},
{
"date": "2017-01-12T23:00:00.000+00:00",
"number": "51",
"summary": "Version nicht vorhanden"
},
{
"date": "2017-01-25T23:00:00.000+00:00",
"number": "52",
"summary": "New remediations available"
},
{
"date": "2017-01-31T23:00:00.000+00:00",
"number": "53",
"summary": "New remediations available"
},
{
"date": "2017-02-14T23:00:00.000+00:00",
"number": "54",
"summary": "New remediations available"
},
{
"date": "2017-03-08T23:00:00.000+00:00",
"number": "55",
"summary": "New remediations available"
},
{
"date": "2017-03-08T23:00:00.000+00:00",
"number": "56",
"summary": "New remediations available"
},
{
"date": "2017-03-08T23:00:00.000+00:00",
"number": "57",
"summary": "Version nicht vorhanden"
},
{
"date": "2017-03-08T23:00:00.000+00:00",
"number": "58",
"summary": "New remediations available"
},
{
"date": "2017-03-19T23:00:00.000+00:00",
"number": "59",
"summary": "New remediations available"
},
{
"date": "2017-03-19T23:00:00.000+00:00",
"number": "60",
"summary": "Version nicht vorhanden"
},
{
"date": "2017-03-19T23:00:00.000+00:00",
"number": "61",
"summary": "Version nicht vorhanden"
},
{
"date": "2017-06-07T22:00:00.000+00:00",
"number": "62",
"summary": "New remediations available"
},
{
"date": "2017-06-07T22:00:00.000+00:00",
"number": "63",
"summary": "New remediations available"
},
{
"date": "2017-06-28T22:00:00.000+00:00",
"number": "64",
"summary": "New remediations available"
},
{
"date": "2017-07-05T22:00:00.000+00:00",
"number": "65",
"summary": "Added references"
},
{
"date": "2017-08-31T22:00:00.000+00:00",
"number": "66",
"summary": "Version nicht vorhanden"
},
{
"date": "2017-09-13T22:00:00.000+00:00",
"number": "67",
"summary": "New remediations available"
},
{
"date": "2017-09-13T22:00:00.000+00:00",
"number": "68",
"summary": "Version nicht vorhanden"
},
{
"date": "2017-11-02T23:00:00.000+00:00",
"number": "69",
"summary": "New remediations available"
},
{
"date": "2017-11-05T23:00:00.000+00:00",
"number": "70",
"summary": "New remediations available"
},
{
"date": "2017-12-07T23:00:00.000+00:00",
"number": "71",
"summary": "New remediations available"
},
{
"date": "2018-01-30T23:00:00.000+00:00",
"number": "72",
"summary": "New remediations available"
},
{
"date": "2018-07-03T22:00:00.000+00:00",
"number": "73",
"summary": "New remediations available"
},
{
"date": "2018-07-12T22:00:00.000+00:00",
"number": "74",
"summary": "New remediations available"
},
{
"date": "2018-07-15T22:00:00.000+00:00",
"number": "75",
"summary": "New remediations available"
},
{
"date": "2018-11-05T23:00:00.000+00:00",
"number": "76",
"summary": "Added references"
},
{
"date": "2019-02-07T23:00:00.000+00:00",
"number": "77",
"summary": "Neue Updates von NetApp aufgenommen"
},
{
"date": "2019-03-13T23:00:00.000+00:00",
"number": "78",
"summary": "Neue Updates von Oracle Linux aufgenommen"
},
{
"date": "2019-05-20T22:00:00.000+00:00",
"number": "79",
"summary": "Neue Updates von Red Hat aufgenommen"
},
{
"date": "2019-08-18T22:00:00.000+00:00",
"number": "80",
"summary": "Neue Updates von Oracle Linux aufgenommen"
},
{
"date": "2019-09-26T22:00:00.000+00:00",
"number": "81",
"summary": "Neue Updates von Red Hat aufgenommen"
},
{
"date": "2020-03-30T22:00:00.000+00:00",
"number": "82",
"summary": "Neue Updates von EMC aufgenommen"
},
{
"date": "2021-03-31T22:00:00.000+00:00",
"number": "83",
"summary": "Neue Updates von Oracle Linux aufgenommen"
},
{
"date": "2021-05-17T22:00:00.000+00:00",
"number": "84",
"summary": "Neue Updates von F5 aufgenommen"
},
{
"date": "2022-04-10T22:00:00.000+00:00",
"number": "85",
"summary": "Neue Updates von Oracle Linux aufgenommen"
},
{
"date": "2024-01-25T23:00:00.000+00:00",
"number": "86",
"summary": "Neue Updates von Dell aufgenommen"
},
{
"date": "2024-10-13T22:00:00.000+00:00",
"number": "87",
"summary": "Neue Updates von IBM aufgenommen"
},
{
"date": "2025-01-08T23:00:00.000+00:00",
"number": "88",
"summary": "Neue Updates von Juniper aufgenommen"
},
{
"date": "2025-04-10T22:00:00.000+00:00",
"number": "89",
"summary": "Neue Updates aufgenommen"
},
{
"date": "2025-11-02T23:00:00.000+00:00",
"number": "90",
"summary": "Neue Updates von F5 aufgenommen"
}
],
"status": "final",
"version": "90"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Arista EOS",
"product": {
"name": "Arista EOS",
"product_id": "T006486",
"product_identification_helper": {
"cpe": "cpe:/o:arista:arista_eos:4.15"
}
}
}
],
"category": "vendor",
"name": "Arista"
},
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "6.1",
"product": {
"name": "Blue Coat Director 6.1",
"product_id": "T006616",
"product_identification_helper": {
"cpe": "cpe:/a:bluecoat:director:6.1"
}
}
}
],
"category": "product_name",
"name": "Director"
},
{
"branches": [
{
"category": "product_version",
"name": "3.5",
"product": {
"name": "Blue Coat ProxyAV 3.5",
"product_id": "T003290",
"product_identification_helper": {
"cpe": "cpe:/h:bluecoat:proxyav:3.5"
}
}
}
],
"category": "product_name",
"name": "ProxyAV"
},
{
"branches": [
{
"category": "product_version",
"name": "6.6",
"product": {
"name": "Blue Coat ProxySG 6.6",
"product_id": "T006617",
"product_identification_helper": {
"cpe": "cpe:/h:bluecoat:proxysg:6.6"
}
}
},
{
"category": "product_version",
"name": "6.5",
"product": {
"name": "Blue Coat ProxySG 6.5",
"product_id": "T006618",
"product_identification_helper": {
"cpe": "cpe:/h:bluecoat:proxysg:6.5"
}
}
}
],
"category": "product_name",
"name": "ProxySG"
}
],
"category": "vendor",
"name": "Blue Coat"
},
{
"branches": [
{
"category": "product_name",
"name": "Cisco ACE",
"product": {
"name": "Cisco ACE",
"product_id": "171387",
"product_identification_helper": {
"cpe": "cpe:/a:cisco:application_control_engine_software:a1%287%29"
}
}
},
{
"category": "product_name",
"name": "Cisco Advanced Malware Protection",
"product": {
"name": "Cisco Advanced Malware Protection",
"product_id": "T007044",
"product_identification_helper": {
"cpe": "cpe:/h:cisco:advanced_malware_protection:-"
}
}
},
{
"category": "product_name",
"name": "Cisco AnyConnect Secure Mobility Solution",
"product": {
"name": "Cisco AnyConnect Secure Mobility Solution",
"product_id": "148715",
"product_identification_helper": {
"cpe": "cpe:/a:cisco:anyconnect_secure_mobility_client:2.0"
}
}
},
{
"category": "product_name",
"name": "Cisco Application Networking Manager",
"product": {
"name": "Cisco Application Networking Manager",
"product_id": "T000614",
"product_identification_helper": {
"cpe": "cpe:/a:cisco:application_networking_manager:-"
}
}
},
{
"category": "product_name",
"name": "Cisco Digital Media Manager",
"product": {
"name": "Cisco Digital Media Manager",
"product_id": "201470",
"product_identification_helper": {
"cpe": "cpe:/a:cisco:digital_media_manager:-"
}
}
},
{
"category": "product_name",
"name": "Cisco Email Security Appliance",
"product": {
"name": "Cisco Email Security Appliance",
"product_id": "196900",
"product_identification_helper": {
"cpe": "cpe:/h:cisco:email_security_appliance:-"
}
}
},
{
"category": "product_name",
"name": "Cisco Emergency Responder",
"product": {
"name": "Cisco Emergency Responder",
"product_id": "2040",
"product_identification_helper": {
"cpe": "cpe:/a:cisco:emergency_responder:-"
}
}
},
{
"category": "product_name",
"name": "Cisco IOS",
"product": {
"name": "Cisco IOS",
"product_id": "18557",
"product_identification_helper": {
"cpe": "cpe:/o:cisco:ios:10.0"
}
}
},
{
"category": "product_name",
"name": "Cisco IOS XE",
"product": {
"name": "Cisco IOS XE",
"product_id": "153141",
"product_identification_helper": {
"cpe": "cpe:/o:cisco:ios_xe:3.1.0s"
}
}
},
{
"category": "product_name",
"name": "Cisco IP Phone",
"product": {
"name": "Cisco IP Phone",
"product_id": "2070",
"product_identification_helper": {
"cpe": "cpe:/h:cisco:ip_phone:-"
}
}
},
{
"category": "product_name",
"name": "Cisco Intrusion Prevention System (IPS)",
"product": {
"name": "Cisco Intrusion Prevention System (IPS)",
"product_id": "2056",
"product_identification_helper": {
"cpe": "cpe:/h:cisco:intrusion_prevention_system:-"
}
}
},
{
"category": "product_name",
"name": "Cisco MDS 9000",
"product": {
"name": "Cisco MDS 9000",
"product_id": "T001069",
"product_identification_helper": {
"cpe": "cpe:/o:cisco:mds_9000:-"
}
}
},
{
"category": "product_name",
"name": "Cisco Network Analysis Module",
"product": {
"name": "Cisco Network Analysis Module",
"product_id": "2084",
"product_identification_helper": {
"cpe": "cpe:/h:cisco:network_analysis_module:-"
}
}
},
{
"category": "product_name",
"name": "Cisco Nexus 2000",
"product": {
"name": "Cisco Nexus 2000",
"product_id": "T003851",
"product_identification_helper": {
"cpe": "cpe:/h:cisco:nexus:3000"
}
}
},
{
"category": "product_name",
"name": "Cisco Nexus 1000V",
"product": {
"name": "Cisco Nexus 1000V",
"product_id": "160893",
"product_identification_helper": {
"cpe": "cpe:/h:cisco:nexus_1000v:-"
}
}
},
{
"category": "product_name",
"name": "Cisco Nexus 5000",
"product": {
"name": "Cisco Nexus 5000",
"product_id": "110496",
"product_identification_helper": {
"cpe": "cpe:/h:cisco:nexus_5000:-"
}
}
},
{
"category": "product_name",
"name": "Cisco Nexus 6000",
"product": {
"name": "Cisco Nexus 6000",
"product_id": "T004721",
"product_identification_helper": {
"cpe": "cpe:/h:cisco:nexus_6000:-"
}
}
},
{
"category": "product_name",
"name": "Cisco Nexus 7000",
"product": {
"name": "Cisco Nexus 7000",
"product_id": "110495",
"product_identification_helper": {
"cpe": "cpe:/h:cisco:nexus_7000:-"
}
}
},
{
"category": "product_name",
"name": "Cisco Nexus 9000",
"product": {
"name": "Cisco Nexus 9000",
"product_id": "T004723",
"product_identification_helper": {
"cpe": "cpe:/h:cisco:nexus_9000:-"
}
}
},
{
"category": "product_name",
"name": "Cisco ONS",
"product": {
"name": "Cisco ONS",
"product_id": "T002252",
"product_identification_helper": {
"cpe": "cpe:/h:cisco:ons:15454"
}
}
},
{
"category": "product_name",
"name": "Cisco Packet Tracer",
"product": {
"name": "Cisco Packet Tracer",
"product_id": "131351",
"product_identification_helper": {
"cpe": "cpe:/a:cisco:packet_tracer:5.2"
}
}
},
{
"category": "product_name",
"name": "Cisco Prime Collaboration",
"product": {
"name": "Cisco Prime Collaboration",
"product_id": "190829",
"product_identification_helper": {
"cpe": "cpe:/a:cisco:prime_collaboration:-"
}
}
},
{
"category": "product_name",
"name": "Cisco Prime Infrastructure",
"product": {
"name": "Cisco Prime Infrastructure",
"product_id": "T000756",
"product_identification_helper": {
"cpe": "cpe:/a:cisco:prime_infrastructure:-"
}
}
},
{
"category": "product_name",
"name": "Cisco Secure Access Control Server (ACS)",
"product": {
"name": "Cisco Secure Access Control Server (ACS)",
"product_id": "138491",
"product_identification_helper": {
"cpe": "cpe:/a:cisco:secure_access_control_server:2.1%284%29:-:windows"
}
}
},
{
"category": "product_name",
"name": "Cisco Security Manager (CSM)",
"product": {
"name": "Cisco Security Manager (CSM)",
"product_id": "95918",
"product_identification_helper": {
"cpe": "cpe:/a:cisco:security_manager:-"
}
}
},
{
"category": "product_name",
"name": "Cisco Show and Share",
"product": {
"name": "Cisco Show and Share",
"product_id": "T003254",
"product_identification_helper": {
"cpe": "cpe:/a:cisco:show_and_share:-"
}
}
},
{
"category": "product_name",
"name": "Cisco Small Business 300 Series Managed Switches",
"product": {
"name": "Cisco Small Business 300 Series Managed Switches",
"product_id": "T000752",
"product_identification_helper": {
"cpe": "cpe:/h:cisco:small_business_300_series_managed_switches:1.2.7.76"
}
}
},
{
"category": "product_name",
"name": "Cisco TelePresence",
"product": {
"name": "Cisco TelePresence",
"product_id": "161441",
"product_identification_helper": {
"cpe": "cpe:/h:cisco:telepresence_video_communication_server:-::control"
}
}
},
{
"category": "product_name",
"name": "Cisco Unified Communications Domain Manager (CUCDM)",
"product": {
"name": "Cisco Unified Communications Domain Manager (CUCDM)",
"product_id": "189046",
"product_identification_helper": {
"cpe": "cpe:/a:cisco:unified_communications_domain_manager:-"
}
}
},
{
"category": "product_name",
"name": "Cisco Unified Communications Manager (CUCM)",
"product": {
"name": "Cisco Unified Communications Manager (CUCM)",
"product_id": "2142",
"product_identification_helper": {
"cpe": "cpe:/a:cisco:unified_communications_manager:-"
}
}
},
{
"category": "product_name",
"name": "Cisco Unified Contact Center Enterprise",
"product": {
"name": "Cisco Unified Contact Center Enterprise",
"product_id": "2143",
"product_identification_helper": {
"cpe": "cpe:/a:cisco:unified_contact_center_enterprise:-"
}
}
},
{
"category": "product_name",
"name": "Cisco Unified Contact Center Express (UCCX)",
"product": {
"name": "Cisco Unified Contact Center Express (UCCX)",
"product_id": "T003053",
"product_identification_helper": {
"cpe": "cpe:/h:cisco:unified_contact_center_express:-"
}
}
},
{
"category": "product_name",
"name": "Cisco Unified IP Phone",
"product": {
"name": "Cisco Unified IP Phone",
"product_id": "T001530",
"product_identification_helper": {
"cpe": "cpe:/h:cisco:unified_ip_phones:::9900_series"
}
}
},
{
"category": "product_name",
"name": "Cisco Unified MeetingPlace (MP)",
"product": {
"name": "Cisco Unified MeetingPlace (MP)",
"product_id": "2153",
"product_identification_helper": {
"cpe": "cpe:/a:cisco:unified_meetingplace:-"
}
}
},
{
"category": "product_name",
"name": "Cisco Unity Connection",
"product": {
"name": "Cisco Unity Connection",
"product_id": "161504",
"product_identification_helper": {
"cpe": "cpe:/a:cisco:unity_connection:1.1"
}
}
},
{
"category": "product_name",
"name": "Cisco Unity Express",
"product": {
"name": "Cisco Unity Express",
"product_id": "2002",
"product_identification_helper": {
"cpe": "cpe:/h:cisco:unity_express:-"
}
}
},
{
"category": "product_name",
"name": "Cisco Video Surveillance",
"product": {
"name": "Cisco Video Surveillance",
"product_id": "64489",
"product_identification_helper": {
"cpe": "cpe:/a:cisco:video_surveillance_ip_gateway_encoder_decoder:-"
}
}
},
{
"category": "product_name",
"name": "Cisco WebEx Meeting Center",
"product": {
"name": "Cisco WebEx Meeting Center",
"product_id": "T002323",
"product_identification_helper": {
"cpe": "cpe:/a:cisco:webex_meeting_center:-"
}
}
},
{
"category": "product_name",
"name": "Cisco WebEx Meetings Server",
"product": {
"name": "Cisco WebEx Meetings Server",
"product_id": "T001160",
"product_identification_helper": {
"cpe": "cpe:/a:cisco:webex_meetings_server:-"
}
}
},
{
"category": "product_name",
"name": "Cisco WebEx Node for MCS",
"product": {
"name": "Cisco WebEx Node for MCS",
"product_id": "T001162",
"product_identification_helper": {
"cpe": "cpe:/a:cisco:webex_node_for_mcs:-"
}
}
},
{
"category": "product_name",
"name": "Cisco Wide Area Application Services",
"product": {
"name": "Cisco Wide Area Application Services",
"product_id": "2186",
"product_identification_helper": {
"cpe": "cpe:/a:cisco:wide_area_application_services:-"
}
}
},
{
"category": "product_name",
"name": "Cisco Wireless LAN Controllers",
"product": {
"name": "Cisco Wireless LAN Controllers",
"product_id": "1889",
"product_identification_helper": {
"cpe": "cpe:/a:cisco:wireless_lan_controllers:-"
}
}
}
],
"category": "vendor",
"name": "Cisco"
},
{
"branches": [
{
"category": "product_name",
"name": "Debian Linux Jessie (8.0)",
"product": {
"name": "Debian Linux Jessie (8.0)",
"product_id": "310725",
"product_identification_helper": {
"cpe": "cpe:/o:debian:debian_linux:8.0"
}
}
}
],
"category": "vendor",
"name": "Debian"
},
{
"branches": [
{
"branches": [
{
"category": "product_version_range",
"name": "\u003c19.10",
"product": {
"name": "Dell NetWorker \u003c19.10",
"product_id": "T032354"
}
},
{
"category": "product_version",
"name": "19.1",
"product": {
"name": "Dell NetWorker 19.10",
"product_id": "T032354-fixed",
"product_identification_helper": {
"cpe": "cpe:/a:dell:networker:19.10"
}
}
}
],
"category": "product_name",
"name": "NetWorker"
}
],
"category": "vendor",
"name": "Dell"
},
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "6.2.0-6.4.0",
"product": {
"name": "F5 ARX 6.2.0-6.4.0",
"product_id": "T001664",
"product_identification_helper": {
"cpe": "cpe:/a:f5:arx:-"
}
}
}
],
"category": "product_name",
"name": "ARX"
},
{
"branches": [
{
"category": "product_name",
"name": "F5 BIG-IP",
"product": {
"name": "F5 BIG-IP",
"product_id": "T001663",
"product_identification_helper": {
"cpe": "cpe:/a:f5:big-ip:-"
}
}
},
{
"category": "product_name",
"name": "F5 BIG-IP",
"product": {
"name": "F5 BIG-IP",
"product_id": "T038870",
"product_identification_helper": {
"cpe": "cpe:/a:f5:big-ip:-"
}
}
}
],
"category": "product_name",
"name": "BIG-IP"
},
{
"category": "product_name",
"name": "F5 FirePass",
"product": {
"name": "F5 FirePass",
"product_id": "T001665",
"product_identification_helper": {
"cpe": "cpe:/a:f5:firepass:-"
}
}
},
{
"category": "product_name",
"name": "F5 WAN Optimization Manager",
"product": {
"name": "F5 WAN Optimization Manager",
"product_id": "T001721",
"product_identification_helper": {
"cpe": "cpe:/a:f5:big-ip_wan_optimization_manager:-"
}
}
},
{
"category": "product_name",
"name": "F5 WebAccelerator",
"product": {
"name": "F5 WebAccelerator",
"product_id": "T001411",
"product_identification_helper": {
"cpe": "cpe:/h:f5:big-ip_webaccelerator:10.2.4"
}
}
}
],
"category": "vendor",
"name": "F5"
},
{
"branches": [
{
"category": "product_name",
"name": "Fortinet FortiOS",
"product": {
"name": "Fortinet FortiOS",
"product_id": "T009615",
"product_identification_helper": {
"cpe": "cpe:/o:fortinet:fortios:-"
}
}
}
],
"category": "vendor",
"name": "Fortinet"
},
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "9",
"product": {
"name": "FreeBSD Project FreeBSD OS 9",
"product_id": "157037",
"product_identification_helper": {
"cpe": "cpe:/o:freebsd:freebsd:9.0"
}
}
},
{
"category": "product_version",
"name": "9.3",
"product": {
"name": "FreeBSD Project FreeBSD OS 9.3",
"product_id": "T003390",
"product_identification_helper": {
"cpe": "cpe:/o:freebsd:freebsd:9.3"
}
}
},
{
"category": "product_version",
"name": "10-10.3",
"product": {
"name": "FreeBSD Project FreeBSD OS 10-10.3",
"product_id": "T007633",
"product_identification_helper": {
"cpe": "cpe:/o:freebsd:freebsd:10.3"
}
}
},
{
"category": "product_version",
"name": "11-11.0",
"product": {
"name": "FreeBSD Project FreeBSD OS 11-11.0",
"product_id": "T008147",
"product_identification_helper": {
"cpe": "cpe:/o:freebsd:freebsd:11"
}
}
}
],
"category": "product_name",
"name": "FreeBSD OS"
}
],
"category": "vendor",
"name": "FreeBSD Project"
},
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "4",
"product": {
"name": "HPE Integrated Lights-Out 4",
"product_id": "205828",
"product_identification_helper": {
"cpe": "cpe:/h:hp:integrated_lights-out:4.0"
}
}
}
],
"category": "product_name",
"name": "Integrated Lights-Out"
},
{
"category": "product_name",
"name": "HPE Loadrunner Software",
"product": {
"name": "HPE Loadrunner Software",
"product_id": "72612",
"product_identification_helper": {
"cpe": "cpe:/a:hp:loadrunner:-"
}
}
},
{
"category": "product_name",
"name": "HPE Performance Center",
"product": {
"name": "HPE Performance Center",
"product_id": "T010661",
"product_identification_helper": {
"cpe": "cpe:/a:hp:performance_center:-"
}
}
},
{
"category": "product_name",
"name": "HPE SiteScope",
"product": {
"name": "HPE SiteScope",
"product_id": "T008871",
"product_identification_helper": {
"cpe": "cpe:/a:hp:sitescope:-"
}
}
}
],
"category": "vendor",
"name": "HPE"
},
{
"branches": [
{
"branches": [
{
"category": "product_version_range",
"name": "\u003c8.0.0.27",
"product": {
"name": "IBM Rational Build Forge \u003c8.0.0.27",
"product_id": "T038286"
}
},
{
"category": "product_version",
"name": "8.0.0.27",
"product": {
"name": "IBM Rational Build Forge 8.0.0.27",
"product_id": "T038286-fixed",
"product_identification_helper": {
"cpe": "cpe:/a:ibm:rational_build_forge:8.0.0.27"
}
}
}
],
"category": "product_name",
"name": "Rational Build Forge"
}
],
"category": "vendor",
"name": "IBM"
},
{
"branches": [
{
"category": "product_name",
"name": "Juniper JUNOS",
"product": {
"name": "Juniper JUNOS",
"product_id": "5930",
"product_identification_helper": {
"cpe": "cpe:/o:juniper:junos:-"
}
}
},
{
"branches": [
{
"category": "product_name",
"name": "Juniper Junos Space",
"product": {
"name": "Juniper Junos Space",
"product_id": "T003343",
"product_identification_helper": {
"cpe": "cpe:/a:juniper:junos_space:-"
}
}
},
{
"category": "product_version_range",
"name": "\u003c24.1R2",
"product": {
"name": "Juniper Junos Space \u003c24.1R2",
"product_id": "T040074"
}
},
{
"category": "product_version",
"name": "24.1R2",
"product": {
"name": "Juniper Junos Space 24.1R2",
"product_id": "T040074-fixed",
"product_identification_helper": {
"cpe": "cpe:/a:juniper:junos_space:24.1r2"
}
}
}
],
"category": "product_name",
"name": "Junos Space"
},
{
"category": "product_name",
"name": "Juniper ScreenOS",
"product": {
"name": "Juniper ScreenOS",
"product_id": "T008638",
"product_identification_helper": {
"cpe": "cpe:/o:juniper:screenos:-"
}
}
}
],
"category": "vendor",
"name": "Juniper"
},
{
"branches": [
{
"category": "product_name",
"name": "NetApp OnCommand Unified Manager",
"product": {
"name": "NetApp OnCommand Unified Manager",
"product_id": "T009408",
"product_identification_helper": {
"cpe": "cpe:/a:netapp:oncommand_unified_manager:-"
}
}
}
],
"category": "vendor",
"name": "NetApp"
},
{
"branches": [
{
"category": "product_name",
"name": "Open Source CentOS",
"product": {
"name": "Open Source CentOS",
"product_id": "1727",
"product_identification_helper": {
"cpe": "cpe:/o:centos:centos:-"
}
}
},
{
"branches": [
{
"category": "product_version_range",
"name": "\u003c1.1.0a",
"product": {
"name": "Open Source OpenSSL \u003c1.1.0a",
"product_id": "T008528"
}
},
{
"category": "product_version",
"name": "1.1.0a",
"product": {
"name": "Open Source OpenSSL 1.1.0a",
"product_id": "T008528-fixed",
"product_identification_helper": {
"cpe": "cpe:/a:openssl:openssl:1.1.0a"
}
}
},
{
"category": "product_version_range",
"name": "\u003c1.0.2i",
"product": {
"name": "Open Source OpenSSL \u003c1.0.2i",
"product_id": "T008529"
}
},
{
"category": "product_version",
"name": "1.0.2i",
"product": {
"name": "Open Source OpenSSL 1.0.2i",
"product_id": "T008529-fixed",
"product_identification_helper": {
"cpe": "cpe:/a:openssl:openssl:1.0.2i"
}
}
},
{
"category": "product_version_range",
"name": "\u003c1.0.1u",
"product": {
"name": "Open Source OpenSSL \u003c1.0.1u",
"product_id": "T008530"
}
},
{
"category": "product_version",
"name": "1.0.1u",
"product": {
"name": "Open Source OpenSSL 1.0.1u",
"product_id": "T008530-fixed",
"product_identification_helper": {
"cpe": "cpe:/a:openssl:openssl:1.0.1u"
}
}
}
],
"category": "product_name",
"name": "OpenSSL"
}
],
"category": "vendor",
"name": "Open Source"
},
{
"branches": [
{
"category": "product_name",
"name": "Oracle Linux",
"product": {
"name": "Oracle Linux",
"product_id": "T004914",
"product_identification_helper": {
"cpe": "cpe:/o:oracle:linux:-"
}
}
}
],
"category": "vendor",
"name": "Oracle"
},
{
"branches": [
{
"category": "product_name",
"name": "Red Hat Enterprise Linux",
"product": {
"name": "Red Hat Enterprise Linux",
"product_id": "67646",
"product_identification_helper": {
"cpe": "cpe:/o:redhat:enterprise_linux:-"
}
}
}
],
"category": "vendor",
"name": "Red Hat"
},
{
"branches": [
{
"category": "product_name",
"name": "SUSE Linux",
"product": {
"name": "SUSE Linux",
"product_id": "T002207",
"product_identification_helper": {
"cpe": "cpe:/o:suse:suse_linux:-"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise Server",
"product": {
"name": "SUSE Linux Enterprise Server",
"product_id": "T008429",
"product_identification_helper": {
"cpe": "cpe:/o:suse:linux_enterprise_server:12:ltss"
}
}
}
],
"category": "vendor",
"name": "SUSE"
},
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "6.8-6.8.2",
"product": {
"name": "Tenable Security Nessus 6.8-6.8.2",
"product_id": "T008769",
"product_identification_helper": {
"cpe": "cpe:/a:tenable:nessus:6.8.2"
}
}
}
],
"category": "product_name",
"name": "Nessus"
}
],
"category": "vendor",
"name": "Tenable Security"
},
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "12.04 LTS",
"product": {
"name": "Ubuntu Linux 12.04 LTS",
"product_id": "170497",
"product_identification_helper": {
"cpe": "cpe:/o:canonical:ubuntu_linux:12.04:-:lts"
}
}
},
{
"category": "product_version",
"name": "14.04 LTS",
"product": {
"name": "Ubuntu Linux 14.04 LTS",
"product_id": "T003005",
"product_identification_helper": {
"cpe": "cpe:/o:canonical:ubuntu_linux:14.04:-:lts"
}
}
},
{
"category": "product_version",
"name": "16.04 LTS",
"product": {
"name": "Ubuntu Linux 16.04 LTS",
"product_id": "T007521",
"product_identification_helper": {
"cpe": "cpe:/o:canonical:ubuntu_linux:16.04_lts"
}
}
}
],
"category": "product_name",
"name": "Linux"
}
],
"category": "vendor",
"name": "Ubuntu"
},
{
"branches": [
{
"category": "product_name",
"name": "Xerox FreeFlow Print Server",
"product": {
"name": "Xerox FreeFlow Print Server",
"product_id": "T000700",
"product_identification_helper": {
"cpe": "cpe:/a:xerox:freeflow_print_server:8"
}
}
},
{
"category": "product_name",
"name": "Xerox Phaser",
"product": {
"name": "Xerox Phaser",
"product_id": "T004484",
"product_identification_helper": {
"cpe": "cpe:/h:xerox:phaser:-"
}
}
},
{
"category": "product_name",
"name": "Xerox WorkCentre",
"product": {
"name": "Xerox WorkCentre",
"product_id": "T000855",
"product_identification_helper": {
"cpe": "cpe:/h:xerox:workcentre:-"
}
}
}
],
"category": "vendor",
"name": "Xerox"
},
{
"branches": [
{
"category": "product_name",
"name": "Cisco Aironet Access Point",
"product": {
"name": "Cisco Aironet Access Point",
"product_id": "177610",
"product_identification_helper": {
"cpe": "cpe:/h:cisco:aironet_3500:-"
}
}
}
],
"category": "vendor",
"name": "cisco"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2016-2183",
"product_status": {
"known_affected": [
"2070",
"T001160",
"72612",
"157037",
"T003343",
"T009408",
"T008638",
"T006616",
"2153",
"T006618",
"T006617",
"T004914",
"148715",
"T000756",
"T038286",
"T001721",
"T000752",
"5930",
"T008871",
"T002252",
"T001162",
"190829",
"T006486",
"T003254",
"T008147",
"T003851",
"T008429",
"64489",
"110495",
"110496",
"161441",
"T010661",
"2040",
"2084",
"T032354",
"138491",
"T000700",
"T002207",
"95918",
"310725",
"T002323",
"T003290",
"T003053",
"T007521",
"67646",
"T003005",
"2056",
"189046",
"T000614",
"T040074",
"2002",
"T001665",
"T001664",
"T001069",
"T001663",
"177610",
"18557",
"T008530",
"153141",
"T007044",
"161504",
"T004484",
"T007633",
"131351",
"T008769",
"T008528",
"T004721",
"T009615",
"205828",
"T004723",
"2143",
"2142",
"2186",
"160893",
"T008529",
"T038870",
"196900",
"170497",
"201470",
"T001411",
"T001530",
"T003390",
"171387",
"1727",
"1889"
]
},
"release_date": "2016-09-22T22:00:00.000+00:00",
"title": "CVE-2016-2183"
},
{
"cve": "CVE-2016-2177",
"product_status": {
"known_affected": [
"2070",
"T001160",
"72612",
"157037",
"T003343",
"T009408",
"T008638",
"T006616",
"2153",
"T006618",
"T006617",
"T004914",
"148715",
"T000756",
"T038286",
"T001721",
"T000752",
"5930",
"T008871",
"T002252",
"T001162",
"190829",
"T006486",
"T003254",
"T008147",
"T003851",
"T008429",
"64489",
"110495",
"110496",
"161441",
"T010661",
"2040",
"2084",
"T032354",
"138491",
"T000700",
"T002207",
"95918",
"310725",
"T002323",
"T003290",
"T003053",
"T007521",
"67646",
"T003005",
"2056",
"189046",
"T000614",
"T040074",
"T000855",
"2002",
"T001665",
"T001664",
"T001069",
"T001663",
"177610",
"18557",
"T008530",
"153141",
"T007044",
"161504",
"T004484",
"T007633",
"131351",
"T008769",
"T008528",
"T004721",
"T009615",
"205828",
"T004723",
"2143",
"2142",
"2186",
"160893",
"T008529",
"T038870",
"196900",
"170497",
"201470",
"T001411",
"T001530",
"T003390",
"171387",
"1727",
"1889"
]
},
"release_date": "2016-09-22T22:00:00.000+00:00",
"title": "CVE-2016-2177"
},
{
"cve": "CVE-2016-2179",
"product_status": {
"known_affected": [
"2070",
"T001160",
"72612",
"157037",
"T003343",
"T009408",
"T008638",
"T006616",
"2153",
"T006618",
"T006617",
"T004914",
"148715",
"T000756",
"T038286",
"T001721",
"T000752",
"5930",
"T008871",
"T002252",
"T001162",
"190829",
"T006486",
"T003254",
"T008147",
"T003851",
"T008429",
"64489",
"110495",
"110496",
"161441",
"T010661",
"2040",
"2084",
"T032354",
"138491",
"T000700",
"T002207",
"95918",
"310725",
"T002323",
"T003290",
"T003053",
"T007521",
"67646",
"T003005",
"2056",
"189046",
"T000614",
"T040074",
"T000855",
"2002",
"T001665",
"T001664",
"T001069",
"T001663",
"177610",
"18557",
"T008530",
"153141",
"T007044",
"161504",
"T004484",
"T007633",
"131351",
"T008769",
"T008528",
"T004721",
"T009615",
"205828",
"T004723",
"2143",
"2142",
"2186",
"160893",
"T008529",
"T038870",
"196900",
"170497",
"201470",
"T001411",
"T001530",
"T003390",
"171387",
"1727",
"1889"
]
},
"release_date": "2016-09-22T22:00:00.000+00:00",
"title": "CVE-2016-2179"
},
{
"cve": "CVE-2016-2180",
"product_status": {
"known_affected": [
"2070",
"T001160",
"72612",
"157037",
"T003343",
"T009408",
"T008638",
"T006616",
"2153",
"T006618",
"T006617",
"T004914",
"148715",
"T000756",
"T038286",
"T001721",
"T000752",
"5930",
"T008871",
"T002252",
"T001162",
"190829",
"T006486",
"T003254",
"T008147",
"T003851",
"T008429",
"64489",
"110495",
"110496",
"161441",
"T010661",
"2040",
"2084",
"T032354",
"138491",
"T000700",
"T002207",
"95918",
"310725",
"T002323",
"T003290",
"T003053",
"T007521",
"67646",
"T003005",
"2056",
"189046",
"T000614",
"T040074",
"T000855",
"2002",
"T001665",
"T001664",
"T001069",
"T001663",
"177610",
"18557",
"T008530",
"153141",
"T007044",
"161504",
"T004484",
"T007633",
"131351",
"T008769",
"T008528",
"T004721",
"T009615",
"205828",
"T004723",
"2143",
"2142",
"2186",
"160893",
"T008529",
"T038870",
"196900",
"170497",
"201470",
"T001411",
"T001530",
"T003390",
"171387",
"1727",
"1889"
]
},
"release_date": "2016-09-22T22:00:00.000+00:00",
"title": "CVE-2016-2180"
},
{
"cve": "CVE-2016-2181",
"product_status": {
"known_affected": [
"2070",
"T001160",
"72612",
"157037",
"T003343",
"T009408",
"T008638",
"T006616",
"2153",
"T006618",
"T006617",
"T004914",
"148715",
"T000756",
"T038286",
"T001721",
"T000752",
"5930",
"T008871",
"T002252",
"T001162",
"190829",
"T006486",
"T003254",
"T008147",
"T003851",
"T008429",
"64489",
"110495",
"110496",
"161441",
"T010661",
"2040",
"2084",
"T032354",
"138491",
"T000700",
"T002207",
"95918",
"310725",
"T002323",
"T003290",
"T003053",
"T007521",
"67646",
"T003005",
"2056",
"189046",
"T000614",
"T040074",
"T000855",
"2002",
"T001665",
"T001664",
"T001069",
"T001663",
"177610",
"18557",
"T008530",
"153141",
"T007044",
"161504",
"T004484",
"T007633",
"131351",
"T008769",
"T008528",
"T004721",
"T009615",
"205828",
"T004723",
"2143",
"2142",
"2186",
"160893",
"T008529",
"T038870",
"196900",
"170497",
"201470",
"T001411",
"T001530",
"T003390",
"171387",
"1727",
"1889"
]
},
"release_date": "2016-09-22T22:00:00.000+00:00",
"title": "CVE-2016-2181"
},
{
"cve": "CVE-2016-2182",
"product_status": {
"known_affected": [
"2070",
"T001160",
"72612",
"157037",
"T003343",
"T009408",
"T008638",
"T006616",
"2153",
"T006618",
"T006617",
"T004914",
"148715",
"T000756",
"T038286",
"T001721",
"T000752",
"5930",
"T008871",
"T002252",
"T001162",
"190829",
"T006486",
"T003254",
"T008147",
"T003851",
"T008429",
"64489",
"110495",
"110496",
"161441",
"T010661",
"2040",
"2084",
"T032354",
"138491",
"T000700",
"T002207",
"95918",
"310725",
"T002323",
"T003290",
"T003053",
"T007521",
"67646",
"T003005",
"2056",
"189046",
"T000614",
"T040074",
"T000855",
"2002",
"T001665",
"T001664",
"T001069",
"T001663",
"177610",
"18557",
"T008530",
"153141",
"T007044",
"161504",
"T004484",
"T007633",
"131351",
"T008769",
"T008528",
"T004721",
"T009615",
"205828",
"T004723",
"2143",
"2142",
"2186",
"160893",
"T008529",
"T038870",
"196900",
"170497",
"201470",
"T001411",
"T001530",
"T003390",
"171387",
"1727",
"1889"
]
},
"release_date": "2016-09-22T22:00:00.000+00:00",
"title": "CVE-2016-2182"
},
{
"cve": "CVE-2016-6302",
"product_status": {
"known_affected": [
"2070",
"T001160",
"72612",
"157037",
"T003343",
"T009408",
"T008638",
"T006616",
"2153",
"T006618",
"T006617",
"T004914",
"148715",
"T000756",
"T038286",
"T001721",
"T000752",
"5930",
"T008871",
"T002252",
"T001162",
"190829",
"T006486",
"T003254",
"T008147",
"T003851",
"T008429",
"64489",
"110495",
"110496",
"161441",
"T010661",
"2040",
"2084",
"T032354",
"138491",
"T000700",
"T002207",
"95918",
"310725",
"T002323",
"T003290",
"T003053",
"T007521",
"67646",
"T003005",
"2056",
"189046",
"T000614",
"T040074",
"T000855",
"2002",
"T001665",
"T001664",
"T001069",
"T001663",
"177610",
"18557",
"T008530",
"153141",
"T007044",
"161504",
"T004484",
"T007633",
"131351",
"T008769",
"T008528",
"T004721",
"T009615",
"205828",
"T004723",
"2143",
"2142",
"2186",
"160893",
"T008529",
"T038870",
"196900",
"170497",
"201470",
"T001411",
"T001530",
"T003390",
"171387",
"1727",
"1889"
]
},
"release_date": "2016-09-22T22:00:00.000+00:00",
"title": "CVE-2016-6302"
},
{
"cve": "CVE-2016-6303",
"product_status": {
"known_affected": [
"2070",
"T001160",
"72612",
"157037",
"T003343",
"T009408",
"T008638",
"T006616",
"2153",
"T006618",
"T006617",
"T004914",
"148715",
"T000756",
"T038286",
"T001721",
"T000752",
"5930",
"T008871",
"T002252",
"T001162",
"190829",
"T006486",
"T003254",
"T008147",
"T003851",
"T008429",
"64489",
"110495",
"110496",
"161441",
"T010661",
"2040",
"2084",
"T032354",
"138491",
"T000700",
"T002207",
"95918",
"310725",
"T002323",
"T003290",
"T003053",
"T007521",
"67646",
"T003005",
"2056",
"189046",
"T000614",
"T040074",
"T000855",
"2002",
"T001665",
"T001664",
"T001069",
"T001663",
"177610",
"18557",
"T008530",
"153141",
"T007044",
"161504",
"T004484",
"T007633",
"131351",
"T008769",
"T008528",
"T004721",
"T009615",
"205828",
"T004723",
"2143",
"2142",
"2186",
"160893",
"T008529",
"T038870",
"196900",
"170497",
"201470",
"T001411",
"T001530",
"T003390",
"171387",
"1727",
"1889"
]
},
"release_date": "2016-09-22T22:00:00.000+00:00",
"title": "CVE-2016-6303"
},
{
"cve": "CVE-2016-6304",
"product_status": {
"known_affected": [
"2070",
"T001160",
"72612",
"157037",
"T003343",
"T009408",
"T008638",
"T006616",
"2153",
"T006618",
"T006617",
"T004914",
"148715",
"T000756",
"T038286",
"T001721",
"T000752",
"5930",
"T008871",
"T002252",
"T001162",
"190829",
"T006486",
"T003254",
"T008147",
"T003851",
"T008429",
"64489",
"110495",
"110496",
"161441",
"T010661",
"2040",
"2084",
"T032354",
"138491",
"T000700",
"T002207",
"95918",
"310725",
"T002323",
"T003290",
"T003053",
"T007521",
"67646",
"T003005",
"2056",
"189046",
"T000614",
"T040074",
"T000855",
"2002",
"T001665",
"T001664",
"T001069",
"T001663",
"177610",
"18557",
"T008530",
"153141",
"T007044",
"161504",
"T004484",
"T007633",
"131351",
"T008769",
"T008528",
"T004721",
"T009615",
"205828",
"T004723",
"2143",
"2142",
"2186",
"160893",
"T008529",
"T038870",
"196900",
"170497",
"201470",
"T001411",
"T001530",
"T003390",
"171387",
"1727",
"1889"
]
},
"release_date": "2016-09-22T22:00:00.000+00:00",
"title": "CVE-2016-6304"
},
{
"cve": "CVE-2016-6305",
"product_status": {
"known_affected": [
"2070",
"T001160",
"72612",
"157037",
"T003343",
"T009408",
"T008638",
"T006616",
"2153",
"T006618",
"T006617",
"T004914",
"148715",
"T000756",
"T038286",
"T001721",
"T000752",
"5930",
"T008871",
"T002252",
"T001162",
"190829",
"T006486",
"T003254",
"T008147",
"T003851",
"T008429",
"64489",
"110495",
"110496",
"161441",
"T010661",
"2040",
"2084",
"T032354",
"138491",
"T000700",
"T002207",
"95918",
"310725",
"T002323",
"T003290",
"T003053",
"T007521",
"67646",
"T003005",
"2056",
"189046",
"T000614",
"T040074",
"T000855",
"2002",
"T001665",
"T001664",
"T001069",
"T001663",
"177610",
"18557",
"T008530",
"153141",
"T007044",
"161504",
"T004484",
"T007633",
"131351",
"T008769",
"T008528",
"T004721",
"T009615",
"205828",
"T004723",
"2143",
"2142",
"2186",
"160893",
"T008529",
"T038870",
"196900",
"170497",
"201470",
"T001411",
"T001530",
"T003390",
"171387",
"1727",
"1889"
]
},
"release_date": "2016-09-22T22:00:00.000+00:00",
"title": "CVE-2016-6305"
},
{
"cve": "CVE-2016-6306",
"product_status": {
"known_affected": [
"2070",
"T001160",
"72612",
"157037",
"T003343",
"T009408",
"T008638",
"T006616",
"2153",
"T006618",
"T006617",
"T004914",
"148715",
"T000756",
"T038286",
"T001721",
"T000752",
"5930",
"T008871",
"T002252",
"T001162",
"190829",
"T006486",
"T003254",
"T008147",
"T003851",
"T008429",
"64489",
"110495",
"110496",
"161441",
"T010661",
"2040",
"2084",
"T032354",
"138491",
"T000700",
"T002207",
"95918",
"310725",
"T002323",
"T003290",
"T003053",
"T007521",
"67646",
"T003005",
"2056",
"189046",
"T000614",
"T040074",
"T000855",
"2002",
"T001665",
"T001664",
"T001069",
"T001663",
"177610",
"18557",
"T008530",
"153141",
"T007044",
"161504",
"T004484",
"T007633",
"131351",
"T008769",
"T008528",
"T004721",
"T009615",
"205828",
"T004723",
"2143",
"2142",
"2186",
"160893",
"T008529",
"T038870",
"196900",
"170497",
"201470",
"T001411",
"T001530",
"T003390",
"171387",
"1727",
"1889"
]
},
"release_date": "2016-09-22T22:00:00.000+00:00",
"title": "CVE-2016-6306"
},
{
"cve": "CVE-2016-6307",
"product_status": {
"known_affected": [
"2070",
"T001160",
"72612",
"157037",
"T003343",
"T009408",
"T008638",
"T006616",
"2153",
"T006618",
"T006617",
"T004914",
"148715",
"T000756",
"T038286",
"T001721",
"T000752",
"5930",
"T008871",
"T002252",
"T001162",
"190829",
"T006486",
"T003254",
"T008147",
"T003851",
"T008429",
"64489",
"110495",
"110496",
"161441",
"T010661",
"2040",
"2084",
"T032354",
"138491",
"T000700",
"T002207",
"95918",
"310725",
"T002323",
"T003290",
"T003053",
"T007521",
"67646",
"T003005",
"2056",
"189046",
"T000614",
"T040074",
"T000855",
"2002",
"T001665",
"T001664",
"T001069",
"T001663",
"177610",
"18557",
"T008530",
"153141",
"T007044",
"161504",
"T004484",
"T007633",
"131351",
"T008769",
"T008528",
"T004721",
"T009615",
"205828",
"T004723",
"2143",
"2142",
"2186",
"160893",
"T008529",
"T038870",
"196900",
"170497",
"201470",
"T001411",
"T001530",
"T003390",
"171387",
"1727",
"1889"
]
},
"release_date": "2016-09-22T22:00:00.000+00:00",
"title": "CVE-2016-6307"
},
{
"cve": "CVE-2016-6308",
"product_status": {
"known_affected": [
"2070",
"T001160",
"72612",
"157037",
"T003343",
"T009408",
"T008638",
"T006616",
"2153",
"T006618",
"T006617",
"T004914",
"148715",
"T000756",
"T038286",
"T001721",
"T000752",
"5930",
"T008871",
"T002252",
"T001162",
"190829",
"T006486",
"T003254",
"T008147",
"T003851",
"T008429",
"64489",
"110495",
"110496",
"161441",
"T010661",
"2040",
"2084",
"T032354",
"138491",
"T000700",
"T002207",
"95918",
"310725",
"T002323",
"T003290",
"T003053",
"T007521",
"67646",
"T003005",
"2056",
"189046",
"T000614",
"T040074",
"T000855",
"2002",
"T001665",
"T001664",
"T001069",
"T001663",
"177610",
"18557",
"T008530",
"153141",
"T007044",
"161504",
"T004484",
"T007633",
"131351",
"T008769",
"T008528",
"T004721",
"T009615",
"205828",
"T004723",
"2143",
"2142",
"2186",
"160893",
"T008529",
"T038870",
"196900",
"170497",
"201470",
"T001411",
"T001530",
"T003390",
"171387",
"1727",
"1889"
]
},
"release_date": "2016-09-22T22:00:00.000+00:00",
"title": "CVE-2016-6308"
},
{
"cve": "CVE-2016-2178",
"product_status": {
"known_affected": [
"2070",
"T001160",
"157037",
"T003343",
"T009408",
"T008638",
"T006616",
"2153",
"T006618",
"T006617",
"T004914",
"148715",
"T000756",
"T038286",
"T001721",
"T000752",
"5930",
"T008871",
"T002252",
"T001162",
"190829",
"T006486",
"T003254",
"T008147",
"T003851",
"T008429",
"64489",
"110495",
"110496",
"161441",
"2040",
"2084",
"T032354",
"138491",
"T000700",
"T002207",
"95918",
"310725",
"T002323",
"T003290",
"T003053",
"T007521",
"67646",
"T003005",
"2056",
"189046",
"T000614",
"T040074",
"2002",
"T001665",
"T001664",
"T001069",
"T001663",
"177610",
"18557",
"T008530",
"153141",
"T007044",
"161504",
"T004484",
"T007633",
"131351",
"T008769",
"T008528",
"T004721",
"T009615",
"205828",
"T004723",
"2143",
"2142",
"2186",
"160893",
"T008529",
"T038870",
"196900",
"170497",
"201470",
"T001411",
"T001530",
"T003390",
"171387",
"1727",
"1889"
]
},
"release_date": "2016-09-22T22:00:00.000+00:00",
"title": "CVE-2016-2178"
}
]
}
WID-SEC-W-2024-1277
Vulnerability from csaf_certbund - Published: 2017-04-18 22:00 - Updated: 2024-11-11 23:00Summary
Oracle Fusion Middleware: Mehrere Schwachstellen
Severity
Kritisch
Notes
Das BSI ist als Anbieter für die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch dafür verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgfältig im Einzelfall zu prüfen.
Produktbeschreibung: Oracle Fusion Middleware bündelt mehrere Produkte zur Erstellung, Betrieb und Management von intelligenten Business Anwendungen.
Angriff: Ein entfernter, anonymer Angreifer kann mehrere Schwachstellen in Oracle Fusion Middleware ausnutzen, um dadurch die Integrität, Vertraulichkeit und Verfügbarkeit zu gefährden.
Betroffene Betriebssysteme: - Linux
- UNIX
- Windows
In Oracle Fusion Middleware existieren mehrere nicht näher beschriebene Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein Angreifer die Vertraulichkeit, Integrität und Verfügbarkeit gefährden. Für die Ausnutzung einiger dieser Schwachstellen ist keine Authentifizierung notwendig. Oracle veröffentlicht keine weiteren Details zu diesen Schwachstellen (außer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadenshöhe ausschließlich auf Basis der CVSS Impact Matrix. Der Maximalwert für diese Produkte ist "High" für "Integrity", "Confidentiality" und "Availability" und bewirkt damit eine "hohe" Schadenshöhe.
Affected products
Known affected
2 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Oracle WebCenter Sites
Oracle
|
cpe:/a:oracle:webcenter_sites:-
|
— | |
|
Oracle Fusion Middleware
Oracle
|
cpe:/a:oracle:fusion_middleware:-
|
— |
In Oracle Fusion Middleware existieren mehrere nicht näher beschriebene Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein Angreifer die Vertraulichkeit, Integrität und Verfügbarkeit gefährden. Für die Ausnutzung einiger dieser Schwachstellen ist keine Authentifizierung notwendig. Oracle veröffentlicht keine weiteren Details zu diesen Schwachstellen (außer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadenshöhe ausschließlich auf Basis der CVSS Impact Matrix. Der Maximalwert für diese Produkte ist "High" für "Integrity", "Confidentiality" und "Availability" und bewirkt damit eine "hohe" Schadenshöhe.
Affected products
Known affected
2 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Oracle WebCenter Sites
Oracle
|
cpe:/a:oracle:webcenter_sites:-
|
— | |
|
Oracle Fusion Middleware
Oracle
|
cpe:/a:oracle:fusion_middleware:-
|
— |
In Oracle Fusion Middleware existieren mehrere nicht näher beschriebene Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein Angreifer die Vertraulichkeit, Integrität und Verfügbarkeit gefährden. Für die Ausnutzung einiger dieser Schwachstellen ist keine Authentifizierung notwendig. Oracle veröffentlicht keine weiteren Details zu diesen Schwachstellen (außer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadenshöhe ausschließlich auf Basis der CVSS Impact Matrix. Der Maximalwert für diese Produkte ist "High" für "Integrity", "Confidentiality" und "Availability" und bewirkt damit eine "hohe" Schadenshöhe.
Affected products
Known affected
2 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Oracle WebCenter Sites
Oracle
|
cpe:/a:oracle:webcenter_sites:-
|
— | |
|
Oracle Fusion Middleware
Oracle
|
cpe:/a:oracle:fusion_middleware:-
|
— |
In Oracle Fusion Middleware existieren mehrere nicht näher beschriebene Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein Angreifer die Vertraulichkeit, Integrität und Verfügbarkeit gefährden. Für die Ausnutzung einiger dieser Schwachstellen ist keine Authentifizierung notwendig. Oracle veröffentlicht keine weiteren Details zu diesen Schwachstellen (außer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadenshöhe ausschließlich auf Basis der CVSS Impact Matrix. Der Maximalwert für diese Produkte ist "High" für "Integrity", "Confidentiality" und "Availability" und bewirkt damit eine "hohe" Schadenshöhe.
Affected products
Known affected
2 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Oracle WebCenter Sites
Oracle
|
cpe:/a:oracle:webcenter_sites:-
|
— | |
|
Oracle Fusion Middleware
Oracle
|
cpe:/a:oracle:fusion_middleware:-
|
— |
In Oracle Fusion Middleware existieren mehrere nicht näher beschriebene Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein Angreifer die Vertraulichkeit, Integrität und Verfügbarkeit gefährden. Für die Ausnutzung einiger dieser Schwachstellen ist keine Authentifizierung notwendig. Oracle veröffentlicht keine weiteren Details zu diesen Schwachstellen (außer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadenshöhe ausschließlich auf Basis der CVSS Impact Matrix. Der Maximalwert für diese Produkte ist "High" für "Integrity", "Confidentiality" und "Availability" und bewirkt damit eine "hohe" Schadenshöhe.
Affected products
Known affected
2 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Oracle WebCenter Sites
Oracle
|
cpe:/a:oracle:webcenter_sites:-
|
— | |
|
Oracle Fusion Middleware
Oracle
|
cpe:/a:oracle:fusion_middleware:-
|
— |
In Oracle Fusion Middleware existieren mehrere nicht näher beschriebene Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein Angreifer die Vertraulichkeit, Integrität und Verfügbarkeit gefährden. Für die Ausnutzung einiger dieser Schwachstellen ist keine Authentifizierung notwendig. Oracle veröffentlicht keine weiteren Details zu diesen Schwachstellen (außer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadenshöhe ausschließlich auf Basis der CVSS Impact Matrix. Der Maximalwert für diese Produkte ist "High" für "Integrity", "Confidentiality" und "Availability" und bewirkt damit eine "hohe" Schadenshöhe.
Affected products
Known affected
2 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Oracle WebCenter Sites
Oracle
|
cpe:/a:oracle:webcenter_sites:-
|
— | |
|
Oracle Fusion Middleware
Oracle
|
cpe:/a:oracle:fusion_middleware:-
|
— |
In Oracle Fusion Middleware existieren mehrere nicht näher beschriebene Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein Angreifer die Vertraulichkeit, Integrität und Verfügbarkeit gefährden. Für die Ausnutzung einiger dieser Schwachstellen ist keine Authentifizierung notwendig. Oracle veröffentlicht keine weiteren Details zu diesen Schwachstellen (außer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadenshöhe ausschließlich auf Basis der CVSS Impact Matrix. Der Maximalwert für diese Produkte ist "High" für "Integrity", "Confidentiality" und "Availability" und bewirkt damit eine "hohe" Schadenshöhe.
Affected products
Known affected
2 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Oracle WebCenter Sites
Oracle
|
cpe:/a:oracle:webcenter_sites:-
|
— | |
|
Oracle Fusion Middleware
Oracle
|
cpe:/a:oracle:fusion_middleware:-
|
— |
In Oracle Fusion Middleware existieren mehrere nicht näher beschriebene Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein Angreifer die Vertraulichkeit, Integrität und Verfügbarkeit gefährden. Für die Ausnutzung einiger dieser Schwachstellen ist keine Authentifizierung notwendig. Oracle veröffentlicht keine weiteren Details zu diesen Schwachstellen (außer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadenshöhe ausschließlich auf Basis der CVSS Impact Matrix. Der Maximalwert für diese Produkte ist "High" für "Integrity", "Confidentiality" und "Availability" und bewirkt damit eine "hohe" Schadenshöhe.
Affected products
Known affected
2 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Oracle WebCenter Sites
Oracle
|
cpe:/a:oracle:webcenter_sites:-
|
— | |
|
Oracle Fusion Middleware
Oracle
|
cpe:/a:oracle:fusion_middleware:-
|
— |
In Oracle Fusion Middleware existieren mehrere nicht näher beschriebene Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein Angreifer die Vertraulichkeit, Integrität und Verfügbarkeit gefährden. Für die Ausnutzung einiger dieser Schwachstellen ist keine Authentifizierung notwendig. Oracle veröffentlicht keine weiteren Details zu diesen Schwachstellen (außer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadenshöhe ausschließlich auf Basis der CVSS Impact Matrix. Der Maximalwert für diese Produkte ist "High" für "Integrity", "Confidentiality" und "Availability" und bewirkt damit eine "hohe" Schadenshöhe.
Affected products
Known affected
2 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Oracle WebCenter Sites
Oracle
|
cpe:/a:oracle:webcenter_sites:-
|
— | |
|
Oracle Fusion Middleware
Oracle
|
cpe:/a:oracle:fusion_middleware:-
|
— |
In Oracle Fusion Middleware existieren mehrere nicht näher beschriebene Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein Angreifer die Vertraulichkeit, Integrität und Verfügbarkeit gefährden. Für die Ausnutzung einiger dieser Schwachstellen ist keine Authentifizierung notwendig. Oracle veröffentlicht keine weiteren Details zu diesen Schwachstellen (außer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadenshöhe ausschließlich auf Basis der CVSS Impact Matrix. Der Maximalwert für diese Produkte ist "High" für "Integrity", "Confidentiality" und "Availability" und bewirkt damit eine "hohe" Schadenshöhe.
Affected products
Known affected
2 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Oracle WebCenter Sites
Oracle
|
cpe:/a:oracle:webcenter_sites:-
|
— | |
|
Oracle Fusion Middleware
Oracle
|
cpe:/a:oracle:fusion_middleware:-
|
— |
In Oracle Fusion Middleware existieren mehrere nicht näher beschriebene Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein Angreifer die Vertraulichkeit, Integrität und Verfügbarkeit gefährden. Für die Ausnutzung einiger dieser Schwachstellen ist keine Authentifizierung notwendig. Oracle veröffentlicht keine weiteren Details zu diesen Schwachstellen (außer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadenshöhe ausschließlich auf Basis der CVSS Impact Matrix. Der Maximalwert für diese Produkte ist "High" für "Integrity", "Confidentiality" und "Availability" und bewirkt damit eine "hohe" Schadenshöhe.
Affected products
Known affected
2 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Oracle WebCenter Sites
Oracle
|
cpe:/a:oracle:webcenter_sites:-
|
— | |
|
Oracle Fusion Middleware
Oracle
|
cpe:/a:oracle:fusion_middleware:-
|
— |
In Oracle Fusion Middleware existieren mehrere nicht näher beschriebene Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein Angreifer die Vertraulichkeit, Integrität und Verfügbarkeit gefährden. Für die Ausnutzung einiger dieser Schwachstellen ist keine Authentifizierung notwendig. Oracle veröffentlicht keine weiteren Details zu diesen Schwachstellen (außer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadenshöhe ausschließlich auf Basis der CVSS Impact Matrix. Der Maximalwert für diese Produkte ist "High" für "Integrity", "Confidentiality" und "Availability" und bewirkt damit eine "hohe" Schadenshöhe.
Affected products
Known affected
2 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Oracle WebCenter Sites
Oracle
|
cpe:/a:oracle:webcenter_sites:-
|
— | |
|
Oracle Fusion Middleware
Oracle
|
cpe:/a:oracle:fusion_middleware:-
|
— |
In Oracle Fusion Middleware existieren mehrere nicht näher beschriebene Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein Angreifer die Vertraulichkeit, Integrität und Verfügbarkeit gefährden. Für die Ausnutzung einiger dieser Schwachstellen ist keine Authentifizierung notwendig. Oracle veröffentlicht keine weiteren Details zu diesen Schwachstellen (außer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadenshöhe ausschließlich auf Basis der CVSS Impact Matrix. Der Maximalwert für diese Produkte ist "High" für "Integrity", "Confidentiality" und "Availability" und bewirkt damit eine "hohe" Schadenshöhe.
Affected products
Known affected
2 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Oracle WebCenter Sites
Oracle
|
cpe:/a:oracle:webcenter_sites:-
|
— | |
|
Oracle Fusion Middleware
Oracle
|
cpe:/a:oracle:fusion_middleware:-
|
— |
In Oracle Fusion Middleware existieren mehrere nicht näher beschriebene Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein Angreifer die Vertraulichkeit, Integrität und Verfügbarkeit gefährden. Für die Ausnutzung einiger dieser Schwachstellen ist keine Authentifizierung notwendig. Oracle veröffentlicht keine weiteren Details zu diesen Schwachstellen (außer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadenshöhe ausschließlich auf Basis der CVSS Impact Matrix. Der Maximalwert für diese Produkte ist "High" für "Integrity", "Confidentiality" und "Availability" und bewirkt damit eine "hohe" Schadenshöhe.
Affected products
Known affected
2 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Oracle WebCenter Sites
Oracle
|
cpe:/a:oracle:webcenter_sites:-
|
— | |
|
Oracle Fusion Middleware
Oracle
|
cpe:/a:oracle:fusion_middleware:-
|
— |
In Oracle Fusion Middleware existieren mehrere nicht näher beschriebene Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein Angreifer die Vertraulichkeit, Integrität und Verfügbarkeit gefährden. Für die Ausnutzung einiger dieser Schwachstellen ist keine Authentifizierung notwendig. Oracle veröffentlicht keine weiteren Details zu diesen Schwachstellen (außer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadenshöhe ausschließlich auf Basis der CVSS Impact Matrix. Der Maximalwert für diese Produkte ist "High" für "Integrity", "Confidentiality" und "Availability" und bewirkt damit eine "hohe" Schadenshöhe.
Affected products
Known affected
2 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Oracle WebCenter Sites
Oracle
|
cpe:/a:oracle:webcenter_sites:-
|
— | |
|
Oracle Fusion Middleware
Oracle
|
cpe:/a:oracle:fusion_middleware:-
|
— |
In Oracle Fusion Middleware existieren mehrere nicht näher beschriebene Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein Angreifer die Vertraulichkeit, Integrität und Verfügbarkeit gefährden. Für die Ausnutzung einiger dieser Schwachstellen ist keine Authentifizierung notwendig. Oracle veröffentlicht keine weiteren Details zu diesen Schwachstellen (außer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadenshöhe ausschließlich auf Basis der CVSS Impact Matrix. Der Maximalwert für diese Produkte ist "High" für "Integrity", "Confidentiality" und "Availability" und bewirkt damit eine "hohe" Schadenshöhe.
Affected products
Known affected
2 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Oracle WebCenter Sites
Oracle
|
cpe:/a:oracle:webcenter_sites:-
|
— | |
|
Oracle Fusion Middleware
Oracle
|
cpe:/a:oracle:fusion_middleware:-
|
— |
In Oracle Fusion Middleware existieren mehrere nicht näher beschriebene Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein Angreifer die Vertraulichkeit, Integrität und Verfügbarkeit gefährden. Für die Ausnutzung einiger dieser Schwachstellen ist keine Authentifizierung notwendig. Oracle veröffentlicht keine weiteren Details zu diesen Schwachstellen (außer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadenshöhe ausschließlich auf Basis der CVSS Impact Matrix. Der Maximalwert für diese Produkte ist "High" für "Integrity", "Confidentiality" und "Availability" und bewirkt damit eine "hohe" Schadenshöhe.
Affected products
Known affected
2 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Oracle WebCenter Sites
Oracle
|
cpe:/a:oracle:webcenter_sites:-
|
— | |
|
Oracle Fusion Middleware
Oracle
|
cpe:/a:oracle:fusion_middleware:-
|
— |
In Oracle Fusion Middleware existieren mehrere nicht näher beschriebene Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein Angreifer die Vertraulichkeit, Integrität und Verfügbarkeit gefährden. Für die Ausnutzung einiger dieser Schwachstellen ist keine Authentifizierung notwendig. Oracle veröffentlicht keine weiteren Details zu diesen Schwachstellen (außer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadenshöhe ausschließlich auf Basis der CVSS Impact Matrix. Der Maximalwert für diese Produkte ist "High" für "Integrity", "Confidentiality" und "Availability" und bewirkt damit eine "hohe" Schadenshöhe.
Affected products
Known affected
2 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Oracle WebCenter Sites
Oracle
|
cpe:/a:oracle:webcenter_sites:-
|
— | |
|
Oracle Fusion Middleware
Oracle
|
cpe:/a:oracle:fusion_middleware:-
|
— |
In Oracle Fusion Middleware existieren mehrere nicht näher beschriebene Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein Angreifer die Vertraulichkeit, Integrität und Verfügbarkeit gefährden. Für die Ausnutzung einiger dieser Schwachstellen ist keine Authentifizierung notwendig. Oracle veröffentlicht keine weiteren Details zu diesen Schwachstellen (außer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadenshöhe ausschließlich auf Basis der CVSS Impact Matrix. Der Maximalwert für diese Produkte ist "High" für "Integrity", "Confidentiality" und "Availability" und bewirkt damit eine "hohe" Schadenshöhe.
Affected products
Known affected
2 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Oracle WebCenter Sites
Oracle
|
cpe:/a:oracle:webcenter_sites:-
|
— | |
|
Oracle Fusion Middleware
Oracle
|
cpe:/a:oracle:fusion_middleware:-
|
— |
In Oracle Fusion Middleware existieren mehrere nicht näher beschriebene Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein Angreifer die Vertraulichkeit, Integrität und Verfügbarkeit gefährden. Für die Ausnutzung einiger dieser Schwachstellen ist keine Authentifizierung notwendig. Oracle veröffentlicht keine weiteren Details zu diesen Schwachstellen (außer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadenshöhe ausschließlich auf Basis der CVSS Impact Matrix. Der Maximalwert für diese Produkte ist "High" für "Integrity", "Confidentiality" und "Availability" und bewirkt damit eine "hohe" Schadenshöhe.
Affected products
Known affected
2 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Oracle WebCenter Sites
Oracle
|
cpe:/a:oracle:webcenter_sites:-
|
— | |
|
Oracle Fusion Middleware
Oracle
|
cpe:/a:oracle:fusion_middleware:-
|
— |
In Oracle Fusion Middleware existieren mehrere nicht näher beschriebene Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein Angreifer die Vertraulichkeit, Integrität und Verfügbarkeit gefährden. Für die Ausnutzung einiger dieser Schwachstellen ist keine Authentifizierung notwendig. Oracle veröffentlicht keine weiteren Details zu diesen Schwachstellen (außer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadenshöhe ausschließlich auf Basis der CVSS Impact Matrix. Der Maximalwert für diese Produkte ist "High" für "Integrity", "Confidentiality" und "Availability" und bewirkt damit eine "hohe" Schadenshöhe.
Affected products
Known affected
2 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Oracle WebCenter Sites
Oracle
|
cpe:/a:oracle:webcenter_sites:-
|
— | |
|
Oracle Fusion Middleware
Oracle
|
cpe:/a:oracle:fusion_middleware:-
|
— |
In Oracle Fusion Middleware existieren mehrere nicht näher beschriebene Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein Angreifer die Vertraulichkeit, Integrität und Verfügbarkeit gefährden. Für die Ausnutzung einiger dieser Schwachstellen ist keine Authentifizierung notwendig. Oracle veröffentlicht keine weiteren Details zu diesen Schwachstellen (außer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadenshöhe ausschließlich auf Basis der CVSS Impact Matrix. Der Maximalwert für diese Produkte ist "High" für "Integrity", "Confidentiality" und "Availability" und bewirkt damit eine "hohe" Schadenshöhe.
Affected products
Known affected
2 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Oracle WebCenter Sites
Oracle
|
cpe:/a:oracle:webcenter_sites:-
|
— | |
|
Oracle Fusion Middleware
Oracle
|
cpe:/a:oracle:fusion_middleware:-
|
— |
In Oracle Fusion Middleware existieren mehrere nicht näher beschriebene Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein Angreifer die Vertraulichkeit, Integrität und Verfügbarkeit gefährden. Für die Ausnutzung einiger dieser Schwachstellen ist keine Authentifizierung notwendig. Oracle veröffentlicht keine weiteren Details zu diesen Schwachstellen (außer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadenshöhe ausschließlich auf Basis der CVSS Impact Matrix. Der Maximalwert für diese Produkte ist "High" für "Integrity", "Confidentiality" und "Availability" und bewirkt damit eine "hohe" Schadenshöhe.
Affected products
Known affected
2 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Oracle WebCenter Sites
Oracle
|
cpe:/a:oracle:webcenter_sites:-
|
— | |
|
Oracle Fusion Middleware
Oracle
|
cpe:/a:oracle:fusion_middleware:-
|
— |
In Oracle Fusion Middleware existieren mehrere nicht näher beschriebene Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein Angreifer die Vertraulichkeit, Integrität und Verfügbarkeit gefährden. Für die Ausnutzung einiger dieser Schwachstellen ist keine Authentifizierung notwendig. Oracle veröffentlicht keine weiteren Details zu diesen Schwachstellen (außer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadenshöhe ausschließlich auf Basis der CVSS Impact Matrix. Der Maximalwert für diese Produkte ist "High" für "Integrity", "Confidentiality" und "Availability" und bewirkt damit eine "hohe" Schadenshöhe.
Affected products
Known affected
2 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Oracle WebCenter Sites
Oracle
|
cpe:/a:oracle:webcenter_sites:-
|
— | |
|
Oracle Fusion Middleware
Oracle
|
cpe:/a:oracle:fusion_middleware:-
|
— |
In Oracle Fusion Middleware existieren mehrere nicht näher beschriebene Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein Angreifer die Vertraulichkeit, Integrität und Verfügbarkeit gefährden. Für die Ausnutzung einiger dieser Schwachstellen ist keine Authentifizierung notwendig. Oracle veröffentlicht keine weiteren Details zu diesen Schwachstellen (außer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadenshöhe ausschließlich auf Basis der CVSS Impact Matrix. Der Maximalwert für diese Produkte ist "High" für "Integrity", "Confidentiality" und "Availability" und bewirkt damit eine "hohe" Schadenshöhe.
Affected products
Known affected
2 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Oracle WebCenter Sites
Oracle
|
cpe:/a:oracle:webcenter_sites:-
|
— | |
|
Oracle Fusion Middleware
Oracle
|
cpe:/a:oracle:fusion_middleware:-
|
— |
In Oracle Fusion Middleware existieren mehrere nicht näher beschriebene Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein Angreifer die Vertraulichkeit, Integrität und Verfügbarkeit gefährden. Für die Ausnutzung einiger dieser Schwachstellen ist keine Authentifizierung notwendig. Oracle veröffentlicht keine weiteren Details zu diesen Schwachstellen (außer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadenshöhe ausschließlich auf Basis der CVSS Impact Matrix. Der Maximalwert für diese Produkte ist "High" für "Integrity", "Confidentiality" und "Availability" und bewirkt damit eine "hohe" Schadenshöhe.
Affected products
Known affected
2 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Oracle WebCenter Sites
Oracle
|
cpe:/a:oracle:webcenter_sites:-
|
— | |
|
Oracle Fusion Middleware
Oracle
|
cpe:/a:oracle:fusion_middleware:-
|
— |
In Oracle Fusion Middleware existieren mehrere nicht näher beschriebene Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein Angreifer die Vertraulichkeit, Integrität und Verfügbarkeit gefährden. Für die Ausnutzung einiger dieser Schwachstellen ist keine Authentifizierung notwendig. Oracle veröffentlicht keine weiteren Details zu diesen Schwachstellen (außer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadenshöhe ausschließlich auf Basis der CVSS Impact Matrix. Der Maximalwert für diese Produkte ist "High" für "Integrity", "Confidentiality" und "Availability" und bewirkt damit eine "hohe" Schadenshöhe.
Affected products
Known affected
2 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Oracle WebCenter Sites
Oracle
|
cpe:/a:oracle:webcenter_sites:-
|
— | |
|
Oracle Fusion Middleware
Oracle
|
cpe:/a:oracle:fusion_middleware:-
|
— |
In Oracle Fusion Middleware existieren mehrere nicht näher beschriebene Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein Angreifer die Vertraulichkeit, Integrität und Verfügbarkeit gefährden. Für die Ausnutzung einiger dieser Schwachstellen ist keine Authentifizierung notwendig. Oracle veröffentlicht keine weiteren Details zu diesen Schwachstellen (außer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadenshöhe ausschließlich auf Basis der CVSS Impact Matrix. Der Maximalwert für diese Produkte ist "High" für "Integrity", "Confidentiality" und "Availability" und bewirkt damit eine "hohe" Schadenshöhe.
Affected products
Known affected
2 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Oracle WebCenter Sites
Oracle
|
cpe:/a:oracle:webcenter_sites:-
|
— | |
|
Oracle Fusion Middleware
Oracle
|
cpe:/a:oracle:fusion_middleware:-
|
— |
In Oracle Fusion Middleware existieren mehrere nicht näher beschriebene Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein Angreifer die Vertraulichkeit, Integrität und Verfügbarkeit gefährden. Für die Ausnutzung einiger dieser Schwachstellen ist keine Authentifizierung notwendig. Oracle veröffentlicht keine weiteren Details zu diesen Schwachstellen (außer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadenshöhe ausschließlich auf Basis der CVSS Impact Matrix. Der Maximalwert für diese Produkte ist "High" für "Integrity", "Confidentiality" und "Availability" und bewirkt damit eine "hohe" Schadenshöhe.
Affected products
Known affected
2 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Oracle WebCenter Sites
Oracle
|
cpe:/a:oracle:webcenter_sites:-
|
— | |
|
Oracle Fusion Middleware
Oracle
|
cpe:/a:oracle:fusion_middleware:-
|
— |
In Oracle Fusion Middleware existieren mehrere nicht näher beschriebene Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein Angreifer die Vertraulichkeit, Integrität und Verfügbarkeit gefährden. Für die Ausnutzung einiger dieser Schwachstellen ist keine Authentifizierung notwendig. Oracle veröffentlicht keine weiteren Details zu diesen Schwachstellen (außer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadenshöhe ausschließlich auf Basis der CVSS Impact Matrix. Der Maximalwert für diese Produkte ist "High" für "Integrity", "Confidentiality" und "Availability" und bewirkt damit eine "hohe" Schadenshöhe.
Affected products
Known affected
2 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Oracle WebCenter Sites
Oracle
|
cpe:/a:oracle:webcenter_sites:-
|
— | |
|
Oracle Fusion Middleware
Oracle
|
cpe:/a:oracle:fusion_middleware:-
|
— |
In Oracle Fusion Middleware existieren mehrere nicht näher beschriebene Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein Angreifer die Vertraulichkeit, Integrität und Verfügbarkeit gefährden. Für die Ausnutzung einiger dieser Schwachstellen ist keine Authentifizierung notwendig. Oracle veröffentlicht keine weiteren Details zu diesen Schwachstellen (außer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadenshöhe ausschließlich auf Basis der CVSS Impact Matrix. Der Maximalwert für diese Produkte ist "High" für "Integrity", "Confidentiality" und "Availability" und bewirkt damit eine "hohe" Schadenshöhe.
Affected products
Known affected
2 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Oracle WebCenter Sites
Oracle
|
cpe:/a:oracle:webcenter_sites:-
|
— | |
|
Oracle Fusion Middleware
Oracle
|
cpe:/a:oracle:fusion_middleware:-
|
— |
In Oracle Fusion Middleware existieren mehrere nicht näher beschriebene Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein Angreifer die Vertraulichkeit, Integrität und Verfügbarkeit gefährden. Für die Ausnutzung einiger dieser Schwachstellen ist keine Authentifizierung notwendig. Oracle veröffentlicht keine weiteren Details zu diesen Schwachstellen (außer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadenshöhe ausschließlich auf Basis der CVSS Impact Matrix. Der Maximalwert für diese Produkte ist "High" für "Integrity", "Confidentiality" und "Availability" und bewirkt damit eine "hohe" Schadenshöhe.
Affected products
Known affected
2 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Oracle WebCenter Sites
Oracle
|
cpe:/a:oracle:webcenter_sites:-
|
— | |
|
Oracle Fusion Middleware
Oracle
|
cpe:/a:oracle:fusion_middleware:-
|
— |
In Oracle Fusion Middleware existieren mehrere nicht näher beschriebene Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein Angreifer die Vertraulichkeit, Integrität und Verfügbarkeit gefährden. Für die Ausnutzung einiger dieser Schwachstellen ist keine Authentifizierung notwendig. Oracle veröffentlicht keine weiteren Details zu diesen Schwachstellen (außer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadenshöhe ausschließlich auf Basis der CVSS Impact Matrix. Der Maximalwert für diese Produkte ist "High" für "Integrity", "Confidentiality" und "Availability" und bewirkt damit eine "hohe" Schadenshöhe.
Affected products
Known affected
2 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Oracle WebCenter Sites
Oracle
|
cpe:/a:oracle:webcenter_sites:-
|
— | |
|
Oracle Fusion Middleware
Oracle
|
cpe:/a:oracle:fusion_middleware:-
|
— |
In Oracle Fusion Middleware existieren mehrere nicht näher beschriebene Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein Angreifer die Vertraulichkeit, Integrität und Verfügbarkeit gefährden. Für die Ausnutzung einiger dieser Schwachstellen ist keine Authentifizierung notwendig. Oracle veröffentlicht keine weiteren Details zu diesen Schwachstellen (außer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadenshöhe ausschließlich auf Basis der CVSS Impact Matrix. Der Maximalwert für diese Produkte ist "High" für "Integrity", "Confidentiality" und "Availability" und bewirkt damit eine "hohe" Schadenshöhe.
Affected products
Known affected
2 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Oracle WebCenter Sites
Oracle
|
cpe:/a:oracle:webcenter_sites:-
|
— | |
|
Oracle Fusion Middleware
Oracle
|
cpe:/a:oracle:fusion_middleware:-
|
— |
In Oracle Fusion Middleware existieren mehrere nicht näher beschriebene Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein Angreifer die Vertraulichkeit, Integrität und Verfügbarkeit gefährden. Für die Ausnutzung einiger dieser Schwachstellen ist keine Authentifizierung notwendig. Oracle veröffentlicht keine weiteren Details zu diesen Schwachstellen (außer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadenshöhe ausschließlich auf Basis der CVSS Impact Matrix. Der Maximalwert für diese Produkte ist "High" für "Integrity", "Confidentiality" und "Availability" und bewirkt damit eine "hohe" Schadenshöhe.
Affected products
Known affected
2 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Oracle WebCenter Sites
Oracle
|
cpe:/a:oracle:webcenter_sites:-
|
— | |
|
Oracle Fusion Middleware
Oracle
|
cpe:/a:oracle:fusion_middleware:-
|
— |
In Oracle Fusion Middleware existieren mehrere nicht näher beschriebene Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein Angreifer die Vertraulichkeit, Integrität und Verfügbarkeit gefährden. Für die Ausnutzung einiger dieser Schwachstellen ist keine Authentifizierung notwendig. Oracle veröffentlicht keine weiteren Details zu diesen Schwachstellen (außer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadenshöhe ausschließlich auf Basis der CVSS Impact Matrix. Der Maximalwert für diese Produkte ist "High" für "Integrity", "Confidentiality" und "Availability" und bewirkt damit eine "hohe" Schadenshöhe.
Affected products
Known affected
2 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Oracle WebCenter Sites
Oracle
|
cpe:/a:oracle:webcenter_sites:-
|
— | |
|
Oracle Fusion Middleware
Oracle
|
cpe:/a:oracle:fusion_middleware:-
|
— |
In Oracle Fusion Middleware existieren mehrere nicht näher beschriebene Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein Angreifer die Vertraulichkeit, Integrität und Verfügbarkeit gefährden. Für die Ausnutzung einiger dieser Schwachstellen ist keine Authentifizierung notwendig. Oracle veröffentlicht keine weiteren Details zu diesen Schwachstellen (außer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadenshöhe ausschließlich auf Basis der CVSS Impact Matrix. Der Maximalwert für diese Produkte ist "High" für "Integrity", "Confidentiality" und "Availability" und bewirkt damit eine "hohe" Schadenshöhe.
Affected products
Known affected
2 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Oracle WebCenter Sites
Oracle
|
cpe:/a:oracle:webcenter_sites:-
|
— | |
|
Oracle Fusion Middleware
Oracle
|
cpe:/a:oracle:fusion_middleware:-
|
— |
In Oracle Fusion Middleware existieren mehrere nicht näher beschriebene Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein Angreifer die Vertraulichkeit, Integrität und Verfügbarkeit gefährden. Für die Ausnutzung einiger dieser Schwachstellen ist keine Authentifizierung notwendig. Oracle veröffentlicht keine weiteren Details zu diesen Schwachstellen (außer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadenshöhe ausschließlich auf Basis der CVSS Impact Matrix. Der Maximalwert für diese Produkte ist "High" für "Integrity", "Confidentiality" und "Availability" und bewirkt damit eine "hohe" Schadenshöhe.
Affected products
Known affected
2 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Oracle WebCenter Sites
Oracle
|
cpe:/a:oracle:webcenter_sites:-
|
— | |
|
Oracle Fusion Middleware
Oracle
|
cpe:/a:oracle:fusion_middleware:-
|
— |
In Oracle Fusion Middleware existieren mehrere nicht näher beschriebene Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein Angreifer die Vertraulichkeit, Integrität und Verfügbarkeit gefährden. Für die Ausnutzung einiger dieser Schwachstellen ist keine Authentifizierung notwendig. Oracle veröffentlicht keine weiteren Details zu diesen Schwachstellen (außer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadenshöhe ausschließlich auf Basis der CVSS Impact Matrix. Der Maximalwert für diese Produkte ist "High" für "Integrity", "Confidentiality" und "Availability" und bewirkt damit eine "hohe" Schadenshöhe.
Affected products
Known affected
2 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Oracle WebCenter Sites
Oracle
|
cpe:/a:oracle:webcenter_sites:-
|
— | |
|
Oracle Fusion Middleware
Oracle
|
cpe:/a:oracle:fusion_middleware:-
|
— |
In Oracle Fusion Middleware existieren mehrere nicht näher beschriebene Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein Angreifer die Vertraulichkeit, Integrität und Verfügbarkeit gefährden. Für die Ausnutzung einiger dieser Schwachstellen ist keine Authentifizierung notwendig. Oracle veröffentlicht keine weiteren Details zu diesen Schwachstellen (außer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadenshöhe ausschließlich auf Basis der CVSS Impact Matrix. Der Maximalwert für diese Produkte ist "High" für "Integrity", "Confidentiality" und "Availability" und bewirkt damit eine "hohe" Schadenshöhe.
Affected products
Known affected
2 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Oracle WebCenter Sites
Oracle
|
cpe:/a:oracle:webcenter_sites:-
|
— | |
|
Oracle Fusion Middleware
Oracle
|
cpe:/a:oracle:fusion_middleware:-
|
— |
In Oracle Fusion Middleware existieren mehrere nicht näher beschriebene Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein Angreifer die Vertraulichkeit, Integrität und Verfügbarkeit gefährden. Für die Ausnutzung einiger dieser Schwachstellen ist keine Authentifizierung notwendig. Oracle veröffentlicht keine weiteren Details zu diesen Schwachstellen (außer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadenshöhe ausschließlich auf Basis der CVSS Impact Matrix. Der Maximalwert für diese Produkte ist "High" für "Integrity", "Confidentiality" und "Availability" und bewirkt damit eine "hohe" Schadenshöhe.
Affected products
Known affected
2 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Oracle WebCenter Sites
Oracle
|
cpe:/a:oracle:webcenter_sites:-
|
— | |
|
Oracle Fusion Middleware
Oracle
|
cpe:/a:oracle:fusion_middleware:-
|
— |
In Oracle Fusion Middleware existieren mehrere nicht näher beschriebene Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein Angreifer die Vertraulichkeit, Integrität und Verfügbarkeit gefährden. Für die Ausnutzung einiger dieser Schwachstellen ist keine Authentifizierung notwendig. Oracle veröffentlicht keine weiteren Details zu diesen Schwachstellen (außer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadenshöhe ausschließlich auf Basis der CVSS Impact Matrix. Der Maximalwert für diese Produkte ist "High" für "Integrity", "Confidentiality" und "Availability" und bewirkt damit eine "hohe" Schadenshöhe.
Affected products
Known affected
2 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Oracle WebCenter Sites
Oracle
|
cpe:/a:oracle:webcenter_sites:-
|
— | |
|
Oracle Fusion Middleware
Oracle
|
cpe:/a:oracle:fusion_middleware:-
|
— |
In Oracle Fusion Middleware existieren mehrere nicht näher beschriebene Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein Angreifer die Vertraulichkeit, Integrität und Verfügbarkeit gefährden. Für die Ausnutzung einiger dieser Schwachstellen ist keine Authentifizierung notwendig. Oracle veröffentlicht keine weiteren Details zu diesen Schwachstellen (außer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadenshöhe ausschließlich auf Basis der CVSS Impact Matrix. Der Maximalwert für diese Produkte ist "High" für "Integrity", "Confidentiality" und "Availability" und bewirkt damit eine "hohe" Schadenshöhe.
Affected products
Known affected
2 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Oracle WebCenter Sites
Oracle
|
cpe:/a:oracle:webcenter_sites:-
|
— | |
|
Oracle Fusion Middleware
Oracle
|
cpe:/a:oracle:fusion_middleware:-
|
— |
In Oracle Fusion Middleware existieren mehrere nicht näher beschriebene Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein Angreifer die Vertraulichkeit, Integrität und Verfügbarkeit gefährden. Für die Ausnutzung einiger dieser Schwachstellen ist keine Authentifizierung notwendig. Oracle veröffentlicht keine weiteren Details zu diesen Schwachstellen (außer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadenshöhe ausschließlich auf Basis der CVSS Impact Matrix. Der Maximalwert für diese Produkte ist "High" für "Integrity", "Confidentiality" und "Availability" und bewirkt damit eine "hohe" Schadenshöhe.
Affected products
Known affected
2 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Oracle WebCenter Sites
Oracle
|
cpe:/a:oracle:webcenter_sites:-
|
— | |
|
Oracle Fusion Middleware
Oracle
|
cpe:/a:oracle:fusion_middleware:-
|
— |
In Oracle Fusion Middleware existieren mehrere nicht näher beschriebene Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein Angreifer die Vertraulichkeit, Integrität und Verfügbarkeit gefährden. Für die Ausnutzung einiger dieser Schwachstellen ist keine Authentifizierung notwendig. Oracle veröffentlicht keine weiteren Details zu diesen Schwachstellen (außer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadenshöhe ausschließlich auf Basis der CVSS Impact Matrix. Der Maximalwert für diese Produkte ist "High" für "Integrity", "Confidentiality" und "Availability" und bewirkt damit eine "hohe" Schadenshöhe.
Affected products
Known affected
2 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Oracle WebCenter Sites
Oracle
|
cpe:/a:oracle:webcenter_sites:-
|
— | |
|
Oracle Fusion Middleware
Oracle
|
cpe:/a:oracle:fusion_middleware:-
|
— |
In Oracle Fusion Middleware existieren mehrere nicht näher beschriebene Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein Angreifer die Vertraulichkeit, Integrität und Verfügbarkeit gefährden. Für die Ausnutzung einiger dieser Schwachstellen ist keine Authentifizierung notwendig. Oracle veröffentlicht keine weiteren Details zu diesen Schwachstellen (außer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadenshöhe ausschließlich auf Basis der CVSS Impact Matrix. Der Maximalwert für diese Produkte ist "High" für "Integrity", "Confidentiality" und "Availability" und bewirkt damit eine "hohe" Schadenshöhe.
Affected products
Known affected
2 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Oracle WebCenter Sites
Oracle
|
cpe:/a:oracle:webcenter_sites:-
|
— | |
|
Oracle Fusion Middleware
Oracle
|
cpe:/a:oracle:fusion_middleware:-
|
— |
In Oracle Fusion Middleware existieren mehrere nicht näher beschriebene Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein Angreifer die Vertraulichkeit, Integrität und Verfügbarkeit gefährden. Für die Ausnutzung einiger dieser Schwachstellen ist keine Authentifizierung notwendig. Oracle veröffentlicht keine weiteren Details zu diesen Schwachstellen (außer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadenshöhe ausschließlich auf Basis der CVSS Impact Matrix. Der Maximalwert für diese Produkte ist "High" für "Integrity", "Confidentiality" und "Availability" und bewirkt damit eine "hohe" Schadenshöhe.
Affected products
Known affected
2 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Oracle WebCenter Sites
Oracle
|
cpe:/a:oracle:webcenter_sites:-
|
— | |
|
Oracle Fusion Middleware
Oracle
|
cpe:/a:oracle:fusion_middleware:-
|
— |
In Oracle Fusion Middleware existieren mehrere nicht näher beschriebene Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein Angreifer die Vertraulichkeit, Integrität und Verfügbarkeit gefährden. Für die Ausnutzung einiger dieser Schwachstellen ist keine Authentifizierung notwendig. Oracle veröffentlicht keine weiteren Details zu diesen Schwachstellen (außer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadenshöhe ausschließlich auf Basis der CVSS Impact Matrix. Der Maximalwert für diese Produkte ist "High" für "Integrity", "Confidentiality" und "Availability" und bewirkt damit eine "hohe" Schadenshöhe.
Affected products
Known affected
2 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Oracle WebCenter Sites
Oracle
|
cpe:/a:oracle:webcenter_sites:-
|
— | |
|
Oracle Fusion Middleware
Oracle
|
cpe:/a:oracle:fusion_middleware:-
|
— |
In Oracle Fusion Middleware existieren mehrere nicht näher beschriebene Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein Angreifer die Vertraulichkeit, Integrität und Verfügbarkeit gefährden. Für die Ausnutzung einiger dieser Schwachstellen ist keine Authentifizierung notwendig. Oracle veröffentlicht keine weiteren Details zu diesen Schwachstellen (außer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadenshöhe ausschließlich auf Basis der CVSS Impact Matrix. Der Maximalwert für diese Produkte ist "High" für "Integrity", "Confidentiality" und "Availability" und bewirkt damit eine "hohe" Schadenshöhe.
Affected products
Known affected
2 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Oracle WebCenter Sites
Oracle
|
cpe:/a:oracle:webcenter_sites:-
|
— | |
|
Oracle Fusion Middleware
Oracle
|
cpe:/a:oracle:fusion_middleware:-
|
— |
In Oracle Fusion Middleware existieren mehrere nicht näher beschriebene Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein Angreifer die Vertraulichkeit, Integrität und Verfügbarkeit gefährden. Für die Ausnutzung einiger dieser Schwachstellen ist keine Authentifizierung notwendig. Oracle veröffentlicht keine weiteren Details zu diesen Schwachstellen (außer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadenshöhe ausschließlich auf Basis der CVSS Impact Matrix. Der Maximalwert für diese Produkte ist "High" für "Integrity", "Confidentiality" und "Availability" und bewirkt damit eine "hohe" Schadenshöhe.
Affected products
Known affected
2 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Oracle WebCenter Sites
Oracle
|
cpe:/a:oracle:webcenter_sites:-
|
— | |
|
Oracle Fusion Middleware
Oracle
|
cpe:/a:oracle:fusion_middleware:-
|
— |
References
4 references
{
"document": {
"aggregate_severity": {
"text": "kritisch"
},
"category": "csaf_base",
"csaf_version": "2.0",
"distribution": {
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "de-DE",
"notes": [
{
"category": "legal_disclaimer",
"text": "Das BSI ist als Anbieter f\u00fcr die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch daf\u00fcr verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgf\u00e4ltig im Einzelfall zu pr\u00fcfen."
},
{
"category": "description",
"text": "Oracle Fusion Middleware b\u00fcndelt mehrere Produkte zur Erstellung, Betrieb und Management von intelligenten Business Anwendungen.",
"title": "Produktbeschreibung"
},
{
"category": "summary",
"text": "Ein entfernter, anonymer Angreifer kann mehrere Schwachstellen in Oracle Fusion Middleware ausnutzen, um dadurch die Integrit\u00e4t, Vertraulichkeit und Verf\u00fcgbarkeit zu gef\u00e4hrden.",
"title": "Angriff"
},
{
"category": "general",
"text": "- Linux\n- UNIX\n- Windows",
"title": "Betroffene Betriebssysteme"
}
],
"publisher": {
"category": "other",
"contact_details": "csaf-provider@cert-bund.de",
"name": "Bundesamt f\u00fcr Sicherheit in der Informationstechnik",
"namespace": "https://www.bsi.bund.de"
},
"references": [
{
"category": "self",
"summary": "WID-SEC-W-2024-1277 - CSAF Version",
"url": "https://wid.cert-bund.de/.well-known/csaf/white/2017/wid-sec-w-2024-1277.json"
},
{
"category": "self",
"summary": "WID-SEC-2024-1277 - Portal Version",
"url": "https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2024-1277"
},
{
"category": "external",
"summary": "Oracle Critical Patch Update Advisory - April 2017 - Oracle Fusion Middleware vom 2017-04-18",
"url": "http://www.oracle.com/technetwork/security-advisory/cpuapr2017-3236618.html#AppendixFMW"
},
{
"category": "external",
"summary": "CISA Known Exploited Vulnerabilities Catalog vom 2024-06-03",
"url": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog"
}
],
"source_lang": "en-US",
"title": "Oracle Fusion Middleware: Mehrere Schwachstellen",
"tracking": {
"current_release_date": "2024-11-11T23:00:00.000+00:00",
"generator": {
"date": "2024-11-12T10:06:32.931+00:00",
"engine": {
"name": "BSI-WID",
"version": "1.3.8"
}
},
"id": "WID-SEC-W-2024-1277",
"initial_release_date": "2017-04-18T22:00:00.000+00:00",
"revision_history": [
{
"date": "2017-04-18T22:00:00.000+00:00",
"number": "1",
"summary": "Initial Release"
},
{
"date": "2017-04-18T22:00:00.000+00:00",
"number": "2",
"summary": "n"
},
{
"date": "2017-04-18T22:00:00.000+00:00",
"number": "3",
"summary": "Version nicht vorhanden"
},
{
"date": "2024-06-03T22:00:00.000+00:00",
"number": "4",
"summary": "Aktive Ausnutzung gemeldet"
},
{
"date": "2024-11-11T23:00:00.000+00:00",
"number": "5",
"summary": "Korrektur"
}
],
"status": "final",
"version": "5"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Oracle Fusion Middleware",
"product": {
"name": "Oracle Fusion Middleware",
"product_id": "T006198",
"product_identification_helper": {
"cpe": "cpe:/a:oracle:fusion_middleware:-"
}
}
},
{
"category": "product_name",
"name": "Oracle WebCenter Sites",
"product": {
"name": "Oracle WebCenter Sites",
"product_id": "T009734",
"product_identification_helper": {
"cpe": "cpe:/a:oracle:webcenter_sites:-"
}
}
}
],
"category": "vendor",
"name": "Oracle"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2012-1007",
"notes": [
{
"category": "description",
"text": "In Oracle Fusion Middleware existieren mehrere nicht n\u00e4her beschriebene Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein Angreifer die Vertraulichkeit, Integrit\u00e4t und Verf\u00fcgbarkeit gef\u00e4hrden. F\u00fcr die Ausnutzung einiger dieser Schwachstellen ist keine Authentifizierung notwendig. Oracle ver\u00f6ffentlicht keine weiteren Details zu diesen Schwachstellen (au\u00dfer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadensh\u00f6he ausschlie\u00dflich auf Basis der CVSS Impact Matrix. Der Maximalwert f\u00fcr diese Produkte ist \"High\" f\u00fcr \"Integrity\", \"Confidentiality\" und \"Availability\" und bewirkt damit eine \"hohe\" Schadensh\u00f6he."
}
],
"product_status": {
"known_affected": [
"T009734",
"T006198"
]
},
"release_date": "2017-04-18T22:00:00.000+00:00",
"title": "CVE-2012-1007"
},
{
"cve": "CVE-2014-0114",
"notes": [
{
"category": "description",
"text": "In Oracle Fusion Middleware existieren mehrere nicht n\u00e4her beschriebene Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein Angreifer die Vertraulichkeit, Integrit\u00e4t und Verf\u00fcgbarkeit gef\u00e4hrden. F\u00fcr die Ausnutzung einiger dieser Schwachstellen ist keine Authentifizierung notwendig. Oracle ver\u00f6ffentlicht keine weiteren Details zu diesen Schwachstellen (au\u00dfer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadensh\u00f6he ausschlie\u00dflich auf Basis der CVSS Impact Matrix. Der Maximalwert f\u00fcr diese Produkte ist \"High\" f\u00fcr \"Integrity\", \"Confidentiality\" und \"Availability\" und bewirkt damit eine \"hohe\" Schadensh\u00f6he."
}
],
"product_status": {
"known_affected": [
"T009734",
"T006198"
]
},
"release_date": "2017-04-18T22:00:00.000+00:00",
"title": "CVE-2014-0114"
},
{
"cve": "CVE-2015-5351",
"notes": [
{
"category": "description",
"text": "In Oracle Fusion Middleware existieren mehrere nicht n\u00e4her beschriebene Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein Angreifer die Vertraulichkeit, Integrit\u00e4t und Verf\u00fcgbarkeit gef\u00e4hrden. F\u00fcr die Ausnutzung einiger dieser Schwachstellen ist keine Authentifizierung notwendig. Oracle ver\u00f6ffentlicht keine weiteren Details zu diesen Schwachstellen (au\u00dfer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadensh\u00f6he ausschlie\u00dflich auf Basis der CVSS Impact Matrix. Der Maximalwert f\u00fcr diese Produkte ist \"High\" f\u00fcr \"Integrity\", \"Confidentiality\" und \"Availability\" und bewirkt damit eine \"hohe\" Schadensh\u00f6he."
}
],
"product_status": {
"known_affected": [
"T009734",
"T006198"
]
},
"release_date": "2017-04-18T22:00:00.000+00:00",
"title": "CVE-2015-5351"
},
{
"cve": "CVE-2015-7501",
"notes": [
{
"category": "description",
"text": "In Oracle Fusion Middleware existieren mehrere nicht n\u00e4her beschriebene Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein Angreifer die Vertraulichkeit, Integrit\u00e4t und Verf\u00fcgbarkeit gef\u00e4hrden. F\u00fcr die Ausnutzung einiger dieser Schwachstellen ist keine Authentifizierung notwendig. Oracle ver\u00f6ffentlicht keine weiteren Details zu diesen Schwachstellen (au\u00dfer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadensh\u00f6he ausschlie\u00dflich auf Basis der CVSS Impact Matrix. Der Maximalwert f\u00fcr diese Produkte ist \"High\" f\u00fcr \"Integrity\", \"Confidentiality\" und \"Availability\" und bewirkt damit eine \"hohe\" Schadensh\u00f6he."
}
],
"product_status": {
"known_affected": [
"T009734",
"T006198"
]
},
"release_date": "2017-04-18T22:00:00.000+00:00",
"title": "CVE-2015-7501"
},
{
"cve": "CVE-2016-0706",
"notes": [
{
"category": "description",
"text": "In Oracle Fusion Middleware existieren mehrere nicht n\u00e4her beschriebene Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein Angreifer die Vertraulichkeit, Integrit\u00e4t und Verf\u00fcgbarkeit gef\u00e4hrden. F\u00fcr die Ausnutzung einiger dieser Schwachstellen ist keine Authentifizierung notwendig. Oracle ver\u00f6ffentlicht keine weiteren Details zu diesen Schwachstellen (au\u00dfer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadensh\u00f6he ausschlie\u00dflich auf Basis der CVSS Impact Matrix. Der Maximalwert f\u00fcr diese Produkte ist \"High\" f\u00fcr \"Integrity\", \"Confidentiality\" und \"Availability\" und bewirkt damit eine \"hohe\" Schadensh\u00f6he."
}
],
"product_status": {
"known_affected": [
"T009734",
"T006198"
]
},
"release_date": "2017-04-18T22:00:00.000+00:00",
"title": "CVE-2016-0706"
},
{
"cve": "CVE-2016-0714",
"notes": [
{
"category": "description",
"text": "In Oracle Fusion Middleware existieren mehrere nicht n\u00e4her beschriebene Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein Angreifer die Vertraulichkeit, Integrit\u00e4t und Verf\u00fcgbarkeit gef\u00e4hrden. F\u00fcr die Ausnutzung einiger dieser Schwachstellen ist keine Authentifizierung notwendig. Oracle ver\u00f6ffentlicht keine weiteren Details zu diesen Schwachstellen (au\u00dfer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadensh\u00f6he ausschlie\u00dflich auf Basis der CVSS Impact Matrix. Der Maximalwert f\u00fcr diese Produkte ist \"High\" f\u00fcr \"Integrity\", \"Confidentiality\" und \"Availability\" und bewirkt damit eine \"hohe\" Schadensh\u00f6he."
}
],
"product_status": {
"known_affected": [
"T009734",
"T006198"
]
},
"release_date": "2017-04-18T22:00:00.000+00:00",
"title": "CVE-2016-0714"
},
{
"cve": "CVE-2016-0763",
"notes": [
{
"category": "description",
"text": "In Oracle Fusion Middleware existieren mehrere nicht n\u00e4her beschriebene Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein Angreifer die Vertraulichkeit, Integrit\u00e4t und Verf\u00fcgbarkeit gef\u00e4hrden. F\u00fcr die Ausnutzung einiger dieser Schwachstellen ist keine Authentifizierung notwendig. Oracle ver\u00f6ffentlicht keine weiteren Details zu diesen Schwachstellen (au\u00dfer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadensh\u00f6he ausschlie\u00dflich auf Basis der CVSS Impact Matrix. Der Maximalwert f\u00fcr diese Produkte ist \"High\" f\u00fcr \"Integrity\", \"Confidentiality\" und \"Availability\" und bewirkt damit eine \"hohe\" Schadensh\u00f6he."
}
],
"product_status": {
"known_affected": [
"T009734",
"T006198"
]
},
"release_date": "2017-04-18T22:00:00.000+00:00",
"title": "CVE-2016-0763"
},
{
"cve": "CVE-2016-1181",
"notes": [
{
"category": "description",
"text": "In Oracle Fusion Middleware existieren mehrere nicht n\u00e4her beschriebene Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein Angreifer die Vertraulichkeit, Integrit\u00e4t und Verf\u00fcgbarkeit gef\u00e4hrden. F\u00fcr die Ausnutzung einiger dieser Schwachstellen ist keine Authentifizierung notwendig. Oracle ver\u00f6ffentlicht keine weiteren Details zu diesen Schwachstellen (au\u00dfer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadensh\u00f6he ausschlie\u00dflich auf Basis der CVSS Impact Matrix. Der Maximalwert f\u00fcr diese Produkte ist \"High\" f\u00fcr \"Integrity\", \"Confidentiality\" und \"Availability\" und bewirkt damit eine \"hohe\" Schadensh\u00f6he."
}
],
"product_status": {
"known_affected": [
"T009734",
"T006198"
]
},
"release_date": "2017-04-18T22:00:00.000+00:00",
"title": "CVE-2016-1181"
},
{
"cve": "CVE-2016-1182",
"notes": [
{
"category": "description",
"text": "In Oracle Fusion Middleware existieren mehrere nicht n\u00e4her beschriebene Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein Angreifer die Vertraulichkeit, Integrit\u00e4t und Verf\u00fcgbarkeit gef\u00e4hrden. F\u00fcr die Ausnutzung einiger dieser Schwachstellen ist keine Authentifizierung notwendig. Oracle ver\u00f6ffentlicht keine weiteren Details zu diesen Schwachstellen (au\u00dfer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadensh\u00f6he ausschlie\u00dflich auf Basis der CVSS Impact Matrix. Der Maximalwert f\u00fcr diese Produkte ist \"High\" f\u00fcr \"Integrity\", \"Confidentiality\" und \"Availability\" und bewirkt damit eine \"hohe\" Schadensh\u00f6he."
}
],
"product_status": {
"known_affected": [
"T009734",
"T006198"
]
},
"release_date": "2017-04-18T22:00:00.000+00:00",
"title": "CVE-2016-1182"
},
{
"cve": "CVE-2016-2177",
"notes": [
{
"category": "description",
"text": "In Oracle Fusion Middleware existieren mehrere nicht n\u00e4her beschriebene Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein Angreifer die Vertraulichkeit, Integrit\u00e4t und Verf\u00fcgbarkeit gef\u00e4hrden. F\u00fcr die Ausnutzung einiger dieser Schwachstellen ist keine Authentifizierung notwendig. Oracle ver\u00f6ffentlicht keine weiteren Details zu diesen Schwachstellen (au\u00dfer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadensh\u00f6he ausschlie\u00dflich auf Basis der CVSS Impact Matrix. Der Maximalwert f\u00fcr diese Produkte ist \"High\" f\u00fcr \"Integrity\", \"Confidentiality\" und \"Availability\" und bewirkt damit eine \"hohe\" Schadensh\u00f6he."
}
],
"product_status": {
"known_affected": [
"T009734",
"T006198"
]
},
"release_date": "2017-04-18T22:00:00.000+00:00",
"title": "CVE-2016-2177"
},
{
"cve": "CVE-2016-2178",
"notes": [
{
"category": "description",
"text": "In Oracle Fusion Middleware existieren mehrere nicht n\u00e4her beschriebene Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein Angreifer die Vertraulichkeit, Integrit\u00e4t und Verf\u00fcgbarkeit gef\u00e4hrden. F\u00fcr die Ausnutzung einiger dieser Schwachstellen ist keine Authentifizierung notwendig. Oracle ver\u00f6ffentlicht keine weiteren Details zu diesen Schwachstellen (au\u00dfer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadensh\u00f6he ausschlie\u00dflich auf Basis der CVSS Impact Matrix. Der Maximalwert f\u00fcr diese Produkte ist \"High\" f\u00fcr \"Integrity\", \"Confidentiality\" und \"Availability\" und bewirkt damit eine \"hohe\" Schadensh\u00f6he."
}
],
"product_status": {
"known_affected": [
"T009734",
"T006198"
]
},
"release_date": "2017-04-18T22:00:00.000+00:00",
"title": "CVE-2016-2178"
},
{
"cve": "CVE-2016-2179",
"notes": [
{
"category": "description",
"text": "In Oracle Fusion Middleware existieren mehrere nicht n\u00e4her beschriebene Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein Angreifer die Vertraulichkeit, Integrit\u00e4t und Verf\u00fcgbarkeit gef\u00e4hrden. F\u00fcr die Ausnutzung einiger dieser Schwachstellen ist keine Authentifizierung notwendig. Oracle ver\u00f6ffentlicht keine weiteren Details zu diesen Schwachstellen (au\u00dfer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadensh\u00f6he ausschlie\u00dflich auf Basis der CVSS Impact Matrix. Der Maximalwert f\u00fcr diese Produkte ist \"High\" f\u00fcr \"Integrity\", \"Confidentiality\" und \"Availability\" und bewirkt damit eine \"hohe\" Schadensh\u00f6he."
}
],
"product_status": {
"known_affected": [
"T009734",
"T006198"
]
},
"release_date": "2017-04-18T22:00:00.000+00:00",
"title": "CVE-2016-2179"
},
{
"cve": "CVE-2016-2180",
"notes": [
{
"category": "description",
"text": "In Oracle Fusion Middleware existieren mehrere nicht n\u00e4her beschriebene Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein Angreifer die Vertraulichkeit, Integrit\u00e4t und Verf\u00fcgbarkeit gef\u00e4hrden. F\u00fcr die Ausnutzung einiger dieser Schwachstellen ist keine Authentifizierung notwendig. Oracle ver\u00f6ffentlicht keine weiteren Details zu diesen Schwachstellen (au\u00dfer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadensh\u00f6he ausschlie\u00dflich auf Basis der CVSS Impact Matrix. Der Maximalwert f\u00fcr diese Produkte ist \"High\" f\u00fcr \"Integrity\", \"Confidentiality\" und \"Availability\" und bewirkt damit eine \"hohe\" Schadensh\u00f6he."
}
],
"product_status": {
"known_affected": [
"T009734",
"T006198"
]
},
"release_date": "2017-04-18T22:00:00.000+00:00",
"title": "CVE-2016-2180"
},
{
"cve": "CVE-2016-2181",
"notes": [
{
"category": "description",
"text": "In Oracle Fusion Middleware existieren mehrere nicht n\u00e4her beschriebene Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein Angreifer die Vertraulichkeit, Integrit\u00e4t und Verf\u00fcgbarkeit gef\u00e4hrden. F\u00fcr die Ausnutzung einiger dieser Schwachstellen ist keine Authentifizierung notwendig. Oracle ver\u00f6ffentlicht keine weiteren Details zu diesen Schwachstellen (au\u00dfer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadensh\u00f6he ausschlie\u00dflich auf Basis der CVSS Impact Matrix. Der Maximalwert f\u00fcr diese Produkte ist \"High\" f\u00fcr \"Integrity\", \"Confidentiality\" und \"Availability\" und bewirkt damit eine \"hohe\" Schadensh\u00f6he."
}
],
"product_status": {
"known_affected": [
"T009734",
"T006198"
]
},
"release_date": "2017-04-18T22:00:00.000+00:00",
"title": "CVE-2016-2181"
},
{
"cve": "CVE-2016-2182",
"notes": [
{
"category": "description",
"text": "In Oracle Fusion Middleware existieren mehrere nicht n\u00e4her beschriebene Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein Angreifer die Vertraulichkeit, Integrit\u00e4t und Verf\u00fcgbarkeit gef\u00e4hrden. F\u00fcr die Ausnutzung einiger dieser Schwachstellen ist keine Authentifizierung notwendig. Oracle ver\u00f6ffentlicht keine weiteren Details zu diesen Schwachstellen (au\u00dfer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadensh\u00f6he ausschlie\u00dflich auf Basis der CVSS Impact Matrix. Der Maximalwert f\u00fcr diese Produkte ist \"High\" f\u00fcr \"Integrity\", \"Confidentiality\" und \"Availability\" und bewirkt damit eine \"hohe\" Schadensh\u00f6he."
}
],
"product_status": {
"known_affected": [
"T009734",
"T006198"
]
},
"release_date": "2017-04-18T22:00:00.000+00:00",
"title": "CVE-2016-2182"
},
{
"cve": "CVE-2016-2183",
"notes": [
{
"category": "description",
"text": "In Oracle Fusion Middleware existieren mehrere nicht n\u00e4her beschriebene Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein Angreifer die Vertraulichkeit, Integrit\u00e4t und Verf\u00fcgbarkeit gef\u00e4hrden. F\u00fcr die Ausnutzung einiger dieser Schwachstellen ist keine Authentifizierung notwendig. Oracle ver\u00f6ffentlicht keine weiteren Details zu diesen Schwachstellen (au\u00dfer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadensh\u00f6he ausschlie\u00dflich auf Basis der CVSS Impact Matrix. Der Maximalwert f\u00fcr diese Produkte ist \"High\" f\u00fcr \"Integrity\", \"Confidentiality\" und \"Availability\" und bewirkt damit eine \"hohe\" Schadensh\u00f6he."
}
],
"product_status": {
"known_affected": [
"T009734",
"T006198"
]
},
"release_date": "2017-04-18T22:00:00.000+00:00",
"title": "CVE-2016-2183"
},
{
"cve": "CVE-2016-6302",
"notes": [
{
"category": "description",
"text": "In Oracle Fusion Middleware existieren mehrere nicht n\u00e4her beschriebene Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein Angreifer die Vertraulichkeit, Integrit\u00e4t und Verf\u00fcgbarkeit gef\u00e4hrden. F\u00fcr die Ausnutzung einiger dieser Schwachstellen ist keine Authentifizierung notwendig. Oracle ver\u00f6ffentlicht keine weiteren Details zu diesen Schwachstellen (au\u00dfer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadensh\u00f6he ausschlie\u00dflich auf Basis der CVSS Impact Matrix. Der Maximalwert f\u00fcr diese Produkte ist \"High\" f\u00fcr \"Integrity\", \"Confidentiality\" und \"Availability\" und bewirkt damit eine \"hohe\" Schadensh\u00f6he."
}
],
"product_status": {
"known_affected": [
"T009734",
"T006198"
]
},
"release_date": "2017-04-18T22:00:00.000+00:00",
"title": "CVE-2016-6302"
},
{
"cve": "CVE-2016-6303",
"notes": [
{
"category": "description",
"text": "In Oracle Fusion Middleware existieren mehrere nicht n\u00e4her beschriebene Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein Angreifer die Vertraulichkeit, Integrit\u00e4t und Verf\u00fcgbarkeit gef\u00e4hrden. F\u00fcr die Ausnutzung einiger dieser Schwachstellen ist keine Authentifizierung notwendig. Oracle ver\u00f6ffentlicht keine weiteren Details zu diesen Schwachstellen (au\u00dfer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadensh\u00f6he ausschlie\u00dflich auf Basis der CVSS Impact Matrix. Der Maximalwert f\u00fcr diese Produkte ist \"High\" f\u00fcr \"Integrity\", \"Confidentiality\" und \"Availability\" und bewirkt damit eine \"hohe\" Schadensh\u00f6he."
}
],
"product_status": {
"known_affected": [
"T009734",
"T006198"
]
},
"release_date": "2017-04-18T22:00:00.000+00:00",
"title": "CVE-2016-6303"
},
{
"cve": "CVE-2016-6304",
"notes": [
{
"category": "description",
"text": "In Oracle Fusion Middleware existieren mehrere nicht n\u00e4her beschriebene Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein Angreifer die Vertraulichkeit, Integrit\u00e4t und Verf\u00fcgbarkeit gef\u00e4hrden. F\u00fcr die Ausnutzung einiger dieser Schwachstellen ist keine Authentifizierung notwendig. Oracle ver\u00f6ffentlicht keine weiteren Details zu diesen Schwachstellen (au\u00dfer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadensh\u00f6he ausschlie\u00dflich auf Basis der CVSS Impact Matrix. Der Maximalwert f\u00fcr diese Produkte ist \"High\" f\u00fcr \"Integrity\", \"Confidentiality\" und \"Availability\" und bewirkt damit eine \"hohe\" Schadensh\u00f6he."
}
],
"product_status": {
"known_affected": [
"T009734",
"T006198"
]
},
"release_date": "2017-04-18T22:00:00.000+00:00",
"title": "CVE-2016-6304"
},
{
"cve": "CVE-2016-6305",
"notes": [
{
"category": "description",
"text": "In Oracle Fusion Middleware existieren mehrere nicht n\u00e4her beschriebene Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein Angreifer die Vertraulichkeit, Integrit\u00e4t und Verf\u00fcgbarkeit gef\u00e4hrden. F\u00fcr die Ausnutzung einiger dieser Schwachstellen ist keine Authentifizierung notwendig. Oracle ver\u00f6ffentlicht keine weiteren Details zu diesen Schwachstellen (au\u00dfer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadensh\u00f6he ausschlie\u00dflich auf Basis der CVSS Impact Matrix. Der Maximalwert f\u00fcr diese Produkte ist \"High\" f\u00fcr \"Integrity\", \"Confidentiality\" und \"Availability\" und bewirkt damit eine \"hohe\" Schadensh\u00f6he."
}
],
"product_status": {
"known_affected": [
"T009734",
"T006198"
]
},
"release_date": "2017-04-18T22:00:00.000+00:00",
"title": "CVE-2016-6305"
},
{
"cve": "CVE-2016-6306",
"notes": [
{
"category": "description",
"text": "In Oracle Fusion Middleware existieren mehrere nicht n\u00e4her beschriebene Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein Angreifer die Vertraulichkeit, Integrit\u00e4t und Verf\u00fcgbarkeit gef\u00e4hrden. F\u00fcr die Ausnutzung einiger dieser Schwachstellen ist keine Authentifizierung notwendig. Oracle ver\u00f6ffentlicht keine weiteren Details zu diesen Schwachstellen (au\u00dfer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadensh\u00f6he ausschlie\u00dflich auf Basis der CVSS Impact Matrix. Der Maximalwert f\u00fcr diese Produkte ist \"High\" f\u00fcr \"Integrity\", \"Confidentiality\" und \"Availability\" und bewirkt damit eine \"hohe\" Schadensh\u00f6he."
}
],
"product_status": {
"known_affected": [
"T009734",
"T006198"
]
},
"release_date": "2017-04-18T22:00:00.000+00:00",
"title": "CVE-2016-6306"
},
{
"cve": "CVE-2016-6307",
"notes": [
{
"category": "description",
"text": "In Oracle Fusion Middleware existieren mehrere nicht n\u00e4her beschriebene Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein Angreifer die Vertraulichkeit, Integrit\u00e4t und Verf\u00fcgbarkeit gef\u00e4hrden. F\u00fcr die Ausnutzung einiger dieser Schwachstellen ist keine Authentifizierung notwendig. Oracle ver\u00f6ffentlicht keine weiteren Details zu diesen Schwachstellen (au\u00dfer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadensh\u00f6he ausschlie\u00dflich auf Basis der CVSS Impact Matrix. Der Maximalwert f\u00fcr diese Produkte ist \"High\" f\u00fcr \"Integrity\", \"Confidentiality\" und \"Availability\" und bewirkt damit eine \"hohe\" Schadensh\u00f6he."
}
],
"product_status": {
"known_affected": [
"T009734",
"T006198"
]
},
"release_date": "2017-04-18T22:00:00.000+00:00",
"title": "CVE-2016-6307"
},
{
"cve": "CVE-2016-6308",
"notes": [
{
"category": "description",
"text": "In Oracle Fusion Middleware existieren mehrere nicht n\u00e4her beschriebene Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein Angreifer die Vertraulichkeit, Integrit\u00e4t und Verf\u00fcgbarkeit gef\u00e4hrden. F\u00fcr die Ausnutzung einiger dieser Schwachstellen ist keine Authentifizierung notwendig. Oracle ver\u00f6ffentlicht keine weiteren Details zu diesen Schwachstellen (au\u00dfer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadensh\u00f6he ausschlie\u00dflich auf Basis der CVSS Impact Matrix. Der Maximalwert f\u00fcr diese Produkte ist \"High\" f\u00fcr \"Integrity\", \"Confidentiality\" und \"Availability\" und bewirkt damit eine \"hohe\" Schadensh\u00f6he."
}
],
"product_status": {
"known_affected": [
"T009734",
"T006198"
]
},
"release_date": "2017-04-18T22:00:00.000+00:00",
"title": "CVE-2016-6308"
},
{
"cve": "CVE-2016-6309",
"notes": [
{
"category": "description",
"text": "In Oracle Fusion Middleware existieren mehrere nicht n\u00e4her beschriebene Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein Angreifer die Vertraulichkeit, Integrit\u00e4t und Verf\u00fcgbarkeit gef\u00e4hrden. F\u00fcr die Ausnutzung einiger dieser Schwachstellen ist keine Authentifizierung notwendig. Oracle ver\u00f6ffentlicht keine weiteren Details zu diesen Schwachstellen (au\u00dfer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadensh\u00f6he ausschlie\u00dflich auf Basis der CVSS Impact Matrix. Der Maximalwert f\u00fcr diese Produkte ist \"High\" f\u00fcr \"Integrity\", \"Confidentiality\" und \"Availability\" und bewirkt damit eine \"hohe\" Schadensh\u00f6he."
}
],
"product_status": {
"known_affected": [
"T009734",
"T006198"
]
},
"release_date": "2017-04-18T22:00:00.000+00:00",
"title": "CVE-2016-6309"
},
{
"cve": "CVE-2016-7052",
"notes": [
{
"category": "description",
"text": "In Oracle Fusion Middleware existieren mehrere nicht n\u00e4her beschriebene Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein Angreifer die Vertraulichkeit, Integrit\u00e4t und Verf\u00fcgbarkeit gef\u00e4hrden. F\u00fcr die Ausnutzung einiger dieser Schwachstellen ist keine Authentifizierung notwendig. Oracle ver\u00f6ffentlicht keine weiteren Details zu diesen Schwachstellen (au\u00dfer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadensh\u00f6he ausschlie\u00dflich auf Basis der CVSS Impact Matrix. Der Maximalwert f\u00fcr diese Produkte ist \"High\" f\u00fcr \"Integrity\", \"Confidentiality\" und \"Availability\" und bewirkt damit eine \"hohe\" Schadensh\u00f6he."
}
],
"product_status": {
"known_affected": [
"T009734",
"T006198"
]
},
"release_date": "2017-04-18T22:00:00.000+00:00",
"title": "CVE-2016-7052"
},
{
"cve": "CVE-2017-3230",
"notes": [
{
"category": "description",
"text": "In Oracle Fusion Middleware existieren mehrere nicht n\u00e4her beschriebene Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein Angreifer die Vertraulichkeit, Integrit\u00e4t und Verf\u00fcgbarkeit gef\u00e4hrden. F\u00fcr die Ausnutzung einiger dieser Schwachstellen ist keine Authentifizierung notwendig. Oracle ver\u00f6ffentlicht keine weiteren Details zu diesen Schwachstellen (au\u00dfer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadensh\u00f6he ausschlie\u00dflich auf Basis der CVSS Impact Matrix. Der Maximalwert f\u00fcr diese Produkte ist \"High\" f\u00fcr \"Integrity\", \"Confidentiality\" und \"Availability\" und bewirkt damit eine \"hohe\" Schadensh\u00f6he."
}
],
"product_status": {
"known_affected": [
"T009734",
"T006198"
]
},
"release_date": "2017-04-18T22:00:00.000+00:00",
"title": "CVE-2017-3230"
},
{
"cve": "CVE-2017-3499",
"notes": [
{
"category": "description",
"text": "In Oracle Fusion Middleware existieren mehrere nicht n\u00e4her beschriebene Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein Angreifer die Vertraulichkeit, Integrit\u00e4t und Verf\u00fcgbarkeit gef\u00e4hrden. F\u00fcr die Ausnutzung einiger dieser Schwachstellen ist keine Authentifizierung notwendig. Oracle ver\u00f6ffentlicht keine weiteren Details zu diesen Schwachstellen (au\u00dfer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadensh\u00f6he ausschlie\u00dflich auf Basis der CVSS Impact Matrix. Der Maximalwert f\u00fcr diese Produkte ist \"High\" f\u00fcr \"Integrity\", \"Confidentiality\" und \"Availability\" und bewirkt damit eine \"hohe\" Schadensh\u00f6he."
}
],
"product_status": {
"known_affected": [
"T009734",
"T006198"
]
},
"release_date": "2017-04-18T22:00:00.000+00:00",
"title": "CVE-2017-3499"
},
{
"cve": "CVE-2017-3506",
"notes": [
{
"category": "description",
"text": "In Oracle Fusion Middleware existieren mehrere nicht n\u00e4her beschriebene Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein Angreifer die Vertraulichkeit, Integrit\u00e4t und Verf\u00fcgbarkeit gef\u00e4hrden. F\u00fcr die Ausnutzung einiger dieser Schwachstellen ist keine Authentifizierung notwendig. Oracle ver\u00f6ffentlicht keine weiteren Details zu diesen Schwachstellen (au\u00dfer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadensh\u00f6he ausschlie\u00dflich auf Basis der CVSS Impact Matrix. Der Maximalwert f\u00fcr diese Produkte ist \"High\" f\u00fcr \"Integrity\", \"Confidentiality\" und \"Availability\" und bewirkt damit eine \"hohe\" Schadensh\u00f6he."
}
],
"product_status": {
"known_affected": [
"T009734",
"T006198"
]
},
"release_date": "2017-04-18T22:00:00.000+00:00",
"title": "CVE-2017-3506"
},
{
"cve": "CVE-2017-3507",
"notes": [
{
"category": "description",
"text": "In Oracle Fusion Middleware existieren mehrere nicht n\u00e4her beschriebene Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein Angreifer die Vertraulichkeit, Integrit\u00e4t und Verf\u00fcgbarkeit gef\u00e4hrden. F\u00fcr die Ausnutzung einiger dieser Schwachstellen ist keine Authentifizierung notwendig. Oracle ver\u00f6ffentlicht keine weiteren Details zu diesen Schwachstellen (au\u00dfer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadensh\u00f6he ausschlie\u00dflich auf Basis der CVSS Impact Matrix. Der Maximalwert f\u00fcr diese Produkte ist \"High\" f\u00fcr \"Integrity\", \"Confidentiality\" und \"Availability\" und bewirkt damit eine \"hohe\" Schadensh\u00f6he."
}
],
"product_status": {
"known_affected": [
"T009734",
"T006198"
]
},
"release_date": "2017-04-18T22:00:00.000+00:00",
"title": "CVE-2017-3507"
},
{
"cve": "CVE-2017-3531",
"notes": [
{
"category": "description",
"text": "In Oracle Fusion Middleware existieren mehrere nicht n\u00e4her beschriebene Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein Angreifer die Vertraulichkeit, Integrit\u00e4t und Verf\u00fcgbarkeit gef\u00e4hrden. F\u00fcr die Ausnutzung einiger dieser Schwachstellen ist keine Authentifizierung notwendig. Oracle ver\u00f6ffentlicht keine weiteren Details zu diesen Schwachstellen (au\u00dfer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadensh\u00f6he ausschlie\u00dflich auf Basis der CVSS Impact Matrix. Der Maximalwert f\u00fcr diese Produkte ist \"High\" f\u00fcr \"Integrity\", \"Confidentiality\" und \"Availability\" und bewirkt damit eine \"hohe\" Schadensh\u00f6he."
}
],
"product_status": {
"known_affected": [
"T009734",
"T006198"
]
},
"release_date": "2017-04-18T22:00:00.000+00:00",
"title": "CVE-2017-3531"
},
{
"cve": "CVE-2017-3540",
"notes": [
{
"category": "description",
"text": "In Oracle Fusion Middleware existieren mehrere nicht n\u00e4her beschriebene Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein Angreifer die Vertraulichkeit, Integrit\u00e4t und Verf\u00fcgbarkeit gef\u00e4hrden. F\u00fcr die Ausnutzung einiger dieser Schwachstellen ist keine Authentifizierung notwendig. Oracle ver\u00f6ffentlicht keine weiteren Details zu diesen Schwachstellen (au\u00dfer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadensh\u00f6he ausschlie\u00dflich auf Basis der CVSS Impact Matrix. Der Maximalwert f\u00fcr diese Produkte ist \"High\" f\u00fcr \"Integrity\", \"Confidentiality\" und \"Availability\" und bewirkt damit eine \"hohe\" Schadensh\u00f6he."
}
],
"product_status": {
"known_affected": [
"T009734",
"T006198"
]
},
"release_date": "2017-04-18T22:00:00.000+00:00",
"title": "CVE-2017-3540"
},
{
"cve": "CVE-2017-3541",
"notes": [
{
"category": "description",
"text": "In Oracle Fusion Middleware existieren mehrere nicht n\u00e4her beschriebene Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein Angreifer die Vertraulichkeit, Integrit\u00e4t und Verf\u00fcgbarkeit gef\u00e4hrden. F\u00fcr die Ausnutzung einiger dieser Schwachstellen ist keine Authentifizierung notwendig. Oracle ver\u00f6ffentlicht keine weiteren Details zu diesen Schwachstellen (au\u00dfer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadensh\u00f6he ausschlie\u00dflich auf Basis der CVSS Impact Matrix. Der Maximalwert f\u00fcr diese Produkte ist \"High\" f\u00fcr \"Integrity\", \"Confidentiality\" und \"Availability\" und bewirkt damit eine \"hohe\" Schadensh\u00f6he."
}
],
"product_status": {
"known_affected": [
"T009734",
"T006198"
]
},
"release_date": "2017-04-18T22:00:00.000+00:00",
"title": "CVE-2017-3541"
},
{
"cve": "CVE-2017-3542",
"notes": [
{
"category": "description",
"text": "In Oracle Fusion Middleware existieren mehrere nicht n\u00e4her beschriebene Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein Angreifer die Vertraulichkeit, Integrit\u00e4t und Verf\u00fcgbarkeit gef\u00e4hrden. F\u00fcr die Ausnutzung einiger dieser Schwachstellen ist keine Authentifizierung notwendig. Oracle ver\u00f6ffentlicht keine weiteren Details zu diesen Schwachstellen (au\u00dfer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadensh\u00f6he ausschlie\u00dflich auf Basis der CVSS Impact Matrix. Der Maximalwert f\u00fcr diese Produkte ist \"High\" f\u00fcr \"Integrity\", \"Confidentiality\" und \"Availability\" und bewirkt damit eine \"hohe\" Schadensh\u00f6he."
}
],
"product_status": {
"known_affected": [
"T009734",
"T006198"
]
},
"release_date": "2017-04-18T22:00:00.000+00:00",
"title": "CVE-2017-3542"
},
{
"cve": "CVE-2017-3543",
"notes": [
{
"category": "description",
"text": "In Oracle Fusion Middleware existieren mehrere nicht n\u00e4her beschriebene Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein Angreifer die Vertraulichkeit, Integrit\u00e4t und Verf\u00fcgbarkeit gef\u00e4hrden. F\u00fcr die Ausnutzung einiger dieser Schwachstellen ist keine Authentifizierung notwendig. Oracle ver\u00f6ffentlicht keine weiteren Details zu diesen Schwachstellen (au\u00dfer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadensh\u00f6he ausschlie\u00dflich auf Basis der CVSS Impact Matrix. Der Maximalwert f\u00fcr diese Produkte ist \"High\" f\u00fcr \"Integrity\", \"Confidentiality\" und \"Availability\" und bewirkt damit eine \"hohe\" Schadensh\u00f6he."
}
],
"product_status": {
"known_affected": [
"T009734",
"T006198"
]
},
"release_date": "2017-04-18T22:00:00.000+00:00",
"title": "CVE-2017-3543"
},
{
"cve": "CVE-2017-3545",
"notes": [
{
"category": "description",
"text": "In Oracle Fusion Middleware existieren mehrere nicht n\u00e4her beschriebene Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein Angreifer die Vertraulichkeit, Integrit\u00e4t und Verf\u00fcgbarkeit gef\u00e4hrden. F\u00fcr die Ausnutzung einiger dieser Schwachstellen ist keine Authentifizierung notwendig. Oracle ver\u00f6ffentlicht keine weiteren Details zu diesen Schwachstellen (au\u00dfer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadensh\u00f6he ausschlie\u00dflich auf Basis der CVSS Impact Matrix. Der Maximalwert f\u00fcr diese Produkte ist \"High\" f\u00fcr \"Integrity\", \"Confidentiality\" und \"Availability\" und bewirkt damit eine \"hohe\" Schadensh\u00f6he."
}
],
"product_status": {
"known_affected": [
"T009734",
"T006198"
]
},
"release_date": "2017-04-18T22:00:00.000+00:00",
"title": "CVE-2017-3545"
},
{
"cve": "CVE-2017-3553",
"notes": [
{
"category": "description",
"text": "In Oracle Fusion Middleware existieren mehrere nicht n\u00e4her beschriebene Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein Angreifer die Vertraulichkeit, Integrit\u00e4t und Verf\u00fcgbarkeit gef\u00e4hrden. F\u00fcr die Ausnutzung einiger dieser Schwachstellen ist keine Authentifizierung notwendig. Oracle ver\u00f6ffentlicht keine weiteren Details zu diesen Schwachstellen (au\u00dfer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadensh\u00f6he ausschlie\u00dflich auf Basis der CVSS Impact Matrix. Der Maximalwert f\u00fcr diese Produkte ist \"High\" f\u00fcr \"Integrity\", \"Confidentiality\" und \"Availability\" und bewirkt damit eine \"hohe\" Schadensh\u00f6he."
}
],
"product_status": {
"known_affected": [
"T009734",
"T006198"
]
},
"release_date": "2017-04-18T22:00:00.000+00:00",
"title": "CVE-2017-3553"
},
{
"cve": "CVE-2017-3554",
"notes": [
{
"category": "description",
"text": "In Oracle Fusion Middleware existieren mehrere nicht n\u00e4her beschriebene Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein Angreifer die Vertraulichkeit, Integrit\u00e4t und Verf\u00fcgbarkeit gef\u00e4hrden. F\u00fcr die Ausnutzung einiger dieser Schwachstellen ist keine Authentifizierung notwendig. Oracle ver\u00f6ffentlicht keine weiteren Details zu diesen Schwachstellen (au\u00dfer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadensh\u00f6he ausschlie\u00dflich auf Basis der CVSS Impact Matrix. Der Maximalwert f\u00fcr diese Produkte ist \"High\" f\u00fcr \"Integrity\", \"Confidentiality\" und \"Availability\" und bewirkt damit eine \"hohe\" Schadensh\u00f6he."
}
],
"product_status": {
"known_affected": [
"T009734",
"T006198"
]
},
"release_date": "2017-04-18T22:00:00.000+00:00",
"title": "CVE-2017-3554"
},
{
"cve": "CVE-2017-3591",
"notes": [
{
"category": "description",
"text": "In Oracle Fusion Middleware existieren mehrere nicht n\u00e4her beschriebene Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein Angreifer die Vertraulichkeit, Integrit\u00e4t und Verf\u00fcgbarkeit gef\u00e4hrden. F\u00fcr die Ausnutzung einiger dieser Schwachstellen ist keine Authentifizierung notwendig. Oracle ver\u00f6ffentlicht keine weiteren Details zu diesen Schwachstellen (au\u00dfer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadensh\u00f6he ausschlie\u00dflich auf Basis der CVSS Impact Matrix. Der Maximalwert f\u00fcr diese Produkte ist \"High\" f\u00fcr \"Integrity\", \"Confidentiality\" und \"Availability\" und bewirkt damit eine \"hohe\" Schadensh\u00f6he."
}
],
"product_status": {
"known_affected": [
"T009734",
"T006198"
]
},
"release_date": "2017-04-18T22:00:00.000+00:00",
"title": "CVE-2017-3591"
},
{
"cve": "CVE-2017-3593",
"notes": [
{
"category": "description",
"text": "In Oracle Fusion Middleware existieren mehrere nicht n\u00e4her beschriebene Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein Angreifer die Vertraulichkeit, Integrit\u00e4t und Verf\u00fcgbarkeit gef\u00e4hrden. F\u00fcr die Ausnutzung einiger dieser Schwachstellen ist keine Authentifizierung notwendig. Oracle ver\u00f6ffentlicht keine weiteren Details zu diesen Schwachstellen (au\u00dfer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadensh\u00f6he ausschlie\u00dflich auf Basis der CVSS Impact Matrix. Der Maximalwert f\u00fcr diese Produkte ist \"High\" f\u00fcr \"Integrity\", \"Confidentiality\" und \"Availability\" und bewirkt damit eine \"hohe\" Schadensh\u00f6he."
}
],
"product_status": {
"known_affected": [
"T009734",
"T006198"
]
},
"release_date": "2017-04-18T22:00:00.000+00:00",
"title": "CVE-2017-3593"
},
{
"cve": "CVE-2017-3594",
"notes": [
{
"category": "description",
"text": "In Oracle Fusion Middleware existieren mehrere nicht n\u00e4her beschriebene Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein Angreifer die Vertraulichkeit, Integrit\u00e4t und Verf\u00fcgbarkeit gef\u00e4hrden. F\u00fcr die Ausnutzung einiger dieser Schwachstellen ist keine Authentifizierung notwendig. Oracle ver\u00f6ffentlicht keine weiteren Details zu diesen Schwachstellen (au\u00dfer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadensh\u00f6he ausschlie\u00dflich auf Basis der CVSS Impact Matrix. Der Maximalwert f\u00fcr diese Produkte ist \"High\" f\u00fcr \"Integrity\", \"Confidentiality\" und \"Availability\" und bewirkt damit eine \"hohe\" Schadensh\u00f6he."
}
],
"product_status": {
"known_affected": [
"T009734",
"T006198"
]
},
"release_date": "2017-04-18T22:00:00.000+00:00",
"title": "CVE-2017-3594"
},
{
"cve": "CVE-2017-3595",
"notes": [
{
"category": "description",
"text": "In Oracle Fusion Middleware existieren mehrere nicht n\u00e4her beschriebene Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein Angreifer die Vertraulichkeit, Integrit\u00e4t und Verf\u00fcgbarkeit gef\u00e4hrden. F\u00fcr die Ausnutzung einiger dieser Schwachstellen ist keine Authentifizierung notwendig. Oracle ver\u00f6ffentlicht keine weiteren Details zu diesen Schwachstellen (au\u00dfer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadensh\u00f6he ausschlie\u00dflich auf Basis der CVSS Impact Matrix. Der Maximalwert f\u00fcr diese Produkte ist \"High\" f\u00fcr \"Integrity\", \"Confidentiality\" und \"Availability\" und bewirkt damit eine \"hohe\" Schadensh\u00f6he."
}
],
"product_status": {
"known_affected": [
"T009734",
"T006198"
]
},
"release_date": "2017-04-18T22:00:00.000+00:00",
"title": "CVE-2017-3595"
},
{
"cve": "CVE-2017-3596",
"notes": [
{
"category": "description",
"text": "In Oracle Fusion Middleware existieren mehrere nicht n\u00e4her beschriebene Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein Angreifer die Vertraulichkeit, Integrit\u00e4t und Verf\u00fcgbarkeit gef\u00e4hrden. F\u00fcr die Ausnutzung einiger dieser Schwachstellen ist keine Authentifizierung notwendig. Oracle ver\u00f6ffentlicht keine weiteren Details zu diesen Schwachstellen (au\u00dfer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadensh\u00f6he ausschlie\u00dflich auf Basis der CVSS Impact Matrix. Der Maximalwert f\u00fcr diese Produkte ist \"High\" f\u00fcr \"Integrity\", \"Confidentiality\" und \"Availability\" und bewirkt damit eine \"hohe\" Schadensh\u00f6he."
}
],
"product_status": {
"known_affected": [
"T009734",
"T006198"
]
},
"release_date": "2017-04-18T22:00:00.000+00:00",
"title": "CVE-2017-3596"
},
{
"cve": "CVE-2017-3597",
"notes": [
{
"category": "description",
"text": "In Oracle Fusion Middleware existieren mehrere nicht n\u00e4her beschriebene Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein Angreifer die Vertraulichkeit, Integrit\u00e4t und Verf\u00fcgbarkeit gef\u00e4hrden. F\u00fcr die Ausnutzung einiger dieser Schwachstellen ist keine Authentifizierung notwendig. Oracle ver\u00f6ffentlicht keine weiteren Details zu diesen Schwachstellen (au\u00dfer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadensh\u00f6he ausschlie\u00dflich auf Basis der CVSS Impact Matrix. Der Maximalwert f\u00fcr diese Produkte ist \"High\" f\u00fcr \"Integrity\", \"Confidentiality\" und \"Availability\" und bewirkt damit eine \"hohe\" Schadensh\u00f6he."
}
],
"product_status": {
"known_affected": [
"T009734",
"T006198"
]
},
"release_date": "2017-04-18T22:00:00.000+00:00",
"title": "CVE-2017-3597"
},
{
"cve": "CVE-2017-3598",
"notes": [
{
"category": "description",
"text": "In Oracle Fusion Middleware existieren mehrere nicht n\u00e4her beschriebene Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein Angreifer die Vertraulichkeit, Integrit\u00e4t und Verf\u00fcgbarkeit gef\u00e4hrden. F\u00fcr die Ausnutzung einiger dieser Schwachstellen ist keine Authentifizierung notwendig. Oracle ver\u00f6ffentlicht keine weiteren Details zu diesen Schwachstellen (au\u00dfer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadensh\u00f6he ausschlie\u00dflich auf Basis der CVSS Impact Matrix. Der Maximalwert f\u00fcr diese Produkte ist \"High\" f\u00fcr \"Integrity\", \"Confidentiality\" und \"Availability\" und bewirkt damit eine \"hohe\" Schadensh\u00f6he."
}
],
"product_status": {
"known_affected": [
"T009734",
"T006198"
]
},
"release_date": "2017-04-18T22:00:00.000+00:00",
"title": "CVE-2017-3598"
},
{
"cve": "CVE-2017-3601",
"notes": [
{
"category": "description",
"text": "In Oracle Fusion Middleware existieren mehrere nicht n\u00e4her beschriebene Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein Angreifer die Vertraulichkeit, Integrit\u00e4t und Verf\u00fcgbarkeit gef\u00e4hrden. F\u00fcr die Ausnutzung einiger dieser Schwachstellen ist keine Authentifizierung notwendig. Oracle ver\u00f6ffentlicht keine weiteren Details zu diesen Schwachstellen (au\u00dfer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadensh\u00f6he ausschlie\u00dflich auf Basis der CVSS Impact Matrix. Der Maximalwert f\u00fcr diese Produkte ist \"High\" f\u00fcr \"Integrity\", \"Confidentiality\" und \"Availability\" und bewirkt damit eine \"hohe\" Schadensh\u00f6he."
}
],
"product_status": {
"known_affected": [
"T009734",
"T006198"
]
},
"release_date": "2017-04-18T22:00:00.000+00:00",
"title": "CVE-2017-3601"
},
{
"cve": "CVE-2017-3602",
"notes": [
{
"category": "description",
"text": "In Oracle Fusion Middleware existieren mehrere nicht n\u00e4her beschriebene Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein Angreifer die Vertraulichkeit, Integrit\u00e4t und Verf\u00fcgbarkeit gef\u00e4hrden. F\u00fcr die Ausnutzung einiger dieser Schwachstellen ist keine Authentifizierung notwendig. Oracle ver\u00f6ffentlicht keine weiteren Details zu diesen Schwachstellen (au\u00dfer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadensh\u00f6he ausschlie\u00dflich auf Basis der CVSS Impact Matrix. Der Maximalwert f\u00fcr diese Produkte ist \"High\" f\u00fcr \"Integrity\", \"Confidentiality\" und \"Availability\" und bewirkt damit eine \"hohe\" Schadensh\u00f6he."
}
],
"product_status": {
"known_affected": [
"T009734",
"T006198"
]
},
"release_date": "2017-04-18T22:00:00.000+00:00",
"title": "CVE-2017-3602"
},
{
"cve": "CVE-2017-3603",
"notes": [
{
"category": "description",
"text": "In Oracle Fusion Middleware existieren mehrere nicht n\u00e4her beschriebene Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein Angreifer die Vertraulichkeit, Integrit\u00e4t und Verf\u00fcgbarkeit gef\u00e4hrden. F\u00fcr die Ausnutzung einiger dieser Schwachstellen ist keine Authentifizierung notwendig. Oracle ver\u00f6ffentlicht keine weiteren Details zu diesen Schwachstellen (au\u00dfer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadensh\u00f6he ausschlie\u00dflich auf Basis der CVSS Impact Matrix. Der Maximalwert f\u00fcr diese Produkte ist \"High\" f\u00fcr \"Integrity\", \"Confidentiality\" und \"Availability\" und bewirkt damit eine \"hohe\" Schadensh\u00f6he."
}
],
"product_status": {
"known_affected": [
"T009734",
"T006198"
]
},
"release_date": "2017-04-18T22:00:00.000+00:00",
"title": "CVE-2017-3603"
},
{
"cve": "CVE-2017-3625",
"notes": [
{
"category": "description",
"text": "In Oracle Fusion Middleware existieren mehrere nicht n\u00e4her beschriebene Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein Angreifer die Vertraulichkeit, Integrit\u00e4t und Verf\u00fcgbarkeit gef\u00e4hrden. F\u00fcr die Ausnutzung einiger dieser Schwachstellen ist keine Authentifizierung notwendig. Oracle ver\u00f6ffentlicht keine weiteren Details zu diesen Schwachstellen (au\u00dfer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadensh\u00f6he ausschlie\u00dflich auf Basis der CVSS Impact Matrix. Der Maximalwert f\u00fcr diese Produkte ist \"High\" f\u00fcr \"Integrity\", \"Confidentiality\" und \"Availability\" und bewirkt damit eine \"hohe\" Schadensh\u00f6he."
}
],
"product_status": {
"known_affected": [
"T009734",
"T006198"
]
},
"release_date": "2017-04-18T22:00:00.000+00:00",
"title": "CVE-2017-3625"
},
{
"cve": "CVE-2017-3626",
"notes": [
{
"category": "description",
"text": "In Oracle Fusion Middleware existieren mehrere nicht n\u00e4her beschriebene Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein Angreifer die Vertraulichkeit, Integrit\u00e4t und Verf\u00fcgbarkeit gef\u00e4hrden. F\u00fcr die Ausnutzung einiger dieser Schwachstellen ist keine Authentifizierung notwendig. Oracle ver\u00f6ffentlicht keine weiteren Details zu diesen Schwachstellen (au\u00dfer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadensh\u00f6he ausschlie\u00dflich auf Basis der CVSS Impact Matrix. Der Maximalwert f\u00fcr diese Produkte ist \"High\" f\u00fcr \"Integrity\", \"Confidentiality\" und \"Availability\" und bewirkt damit eine \"hohe\" Schadensh\u00f6he."
}
],
"product_status": {
"known_affected": [
"T009734",
"T006198"
]
},
"release_date": "2017-04-18T22:00:00.000+00:00",
"title": "CVE-2017-3626"
},
{
"cve": "CVE-2017-5638",
"notes": [
{
"category": "description",
"text": "In Oracle Fusion Middleware existieren mehrere nicht n\u00e4her beschriebene Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein Angreifer die Vertraulichkeit, Integrit\u00e4t und Verf\u00fcgbarkeit gef\u00e4hrden. F\u00fcr die Ausnutzung einiger dieser Schwachstellen ist keine Authentifizierung notwendig. Oracle ver\u00f6ffentlicht keine weiteren Details zu diesen Schwachstellen (au\u00dfer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadensh\u00f6he ausschlie\u00dflich auf Basis der CVSS Impact Matrix. Der Maximalwert f\u00fcr diese Produkte ist \"High\" f\u00fcr \"Integrity\", \"Confidentiality\" und \"Availability\" und bewirkt damit eine \"hohe\" Schadensh\u00f6he."
}
],
"product_status": {
"known_affected": [
"T009734",
"T006198"
]
},
"release_date": "2017-04-18T22:00:00.000+00:00",
"title": "CVE-2017-5638"
}
]
}
WID-SEC-W-2025-1459
Vulnerability from csaf_certbund - Published: 2025-07-03 22:00 - Updated: 2025-07-03 22:00Summary
Dell Data Protection Advisor: Mehrere Schwachstellen
Severity
Hoch
Notes
Das BSI ist als Anbieter für die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch dafür verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgfältig im Einzelfall zu prüfen.
Produktbeschreibung: Data Protection Advisor ist eine Monitoring Lösung. Der Collector ist der lokale Agent.
Angriff: Ein Angreifer kann mehrere Schwachstellen in Dell Data Protection Advisor ausnutzen, um beliebigen Programmcode auszuführen, um einen Denial of Service Angriff durchzuführen, und um weitere nicht näher spezifizierte Angriffe durchzuführen.
Betroffene Betriebssysteme: - Linux
- Sonstiges
- UNIX
- Windows
Affected products
Known affected
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Dell Data Protection Advisor <19.12 SP 1
Dell / Data Protection Advisor
|
<19.12 SP 1 |
Affected products
Known affected
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Dell Data Protection Advisor <19.12 SP 1
Dell / Data Protection Advisor
|
<19.12 SP 1 |
Affected products
Known affected
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Dell Data Protection Advisor <19.12 SP 1
Dell / Data Protection Advisor
|
<19.12 SP 1 |
Affected products
Known affected
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Dell Data Protection Advisor <19.12 SP 1
Dell / Data Protection Advisor
|
<19.12 SP 1 |
Affected products
Known affected
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Dell Data Protection Advisor <19.12 SP 1
Dell / Data Protection Advisor
|
<19.12 SP 1 |
Affected products
Known affected
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Dell Data Protection Advisor <19.12 SP 1
Dell / Data Protection Advisor
|
<19.12 SP 1 |
Affected products
Known affected
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Dell Data Protection Advisor <19.12 SP 1
Dell / Data Protection Advisor
|
<19.12 SP 1 |
Affected products
Known affected
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Dell Data Protection Advisor <19.12 SP 1
Dell / Data Protection Advisor
|
<19.12 SP 1 |
Affected products
Known affected
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Dell Data Protection Advisor <19.12 SP 1
Dell / Data Protection Advisor
|
<19.12 SP 1 |
Affected products
Known affected
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Dell Data Protection Advisor <19.12 SP 1
Dell / Data Protection Advisor
|
<19.12 SP 1 |
Affected products
Known affected
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Dell Data Protection Advisor <19.12 SP 1
Dell / Data Protection Advisor
|
<19.12 SP 1 |
Affected products
Known affected
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Dell Data Protection Advisor <19.12 SP 1
Dell / Data Protection Advisor
|
<19.12 SP 1 |
Affected products
Known affected
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Dell Data Protection Advisor <19.12 SP 1
Dell / Data Protection Advisor
|
<19.12 SP 1 |
Affected products
Known affected
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Dell Data Protection Advisor <19.12 SP 1
Dell / Data Protection Advisor
|
<19.12 SP 1 |
Affected products
Known affected
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Dell Data Protection Advisor <19.12 SP 1
Dell / Data Protection Advisor
|
<19.12 SP 1 |
Affected products
Known affected
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Dell Data Protection Advisor <19.12 SP 1
Dell / Data Protection Advisor
|
<19.12 SP 1 |
Affected products
Known affected
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Dell Data Protection Advisor <19.12 SP 1
Dell / Data Protection Advisor
|
<19.12 SP 1 |
Affected products
Known affected
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Dell Data Protection Advisor <19.12 SP 1
Dell / Data Protection Advisor
|
<19.12 SP 1 |
Affected products
Known affected
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Dell Data Protection Advisor <19.12 SP 1
Dell / Data Protection Advisor
|
<19.12 SP 1 |
Affected products
Known affected
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Dell Data Protection Advisor <19.12 SP 1
Dell / Data Protection Advisor
|
<19.12 SP 1 |
Affected products
Known affected
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Dell Data Protection Advisor <19.12 SP 1
Dell / Data Protection Advisor
|
<19.12 SP 1 |
Affected products
Known affected
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Dell Data Protection Advisor <19.12 SP 1
Dell / Data Protection Advisor
|
<19.12 SP 1 |
Affected products
Known affected
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Dell Data Protection Advisor <19.12 SP 1
Dell / Data Protection Advisor
|
<19.12 SP 1 |
Affected products
Known affected
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Dell Data Protection Advisor <19.12 SP 1
Dell / Data Protection Advisor
|
<19.12 SP 1 |
Affected products
Known affected
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Dell Data Protection Advisor <19.12 SP 1
Dell / Data Protection Advisor
|
<19.12 SP 1 |
Affected products
Known affected
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Dell Data Protection Advisor <19.12 SP 1
Dell / Data Protection Advisor
|
<19.12 SP 1 |
Affected products
Known affected
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Dell Data Protection Advisor <19.12 SP 1
Dell / Data Protection Advisor
|
<19.12 SP 1 |
Affected products
Known affected
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Dell Data Protection Advisor <19.12 SP 1
Dell / Data Protection Advisor
|
<19.12 SP 1 |
Affected products
Known affected
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Dell Data Protection Advisor <19.12 SP 1
Dell / Data Protection Advisor
|
<19.12 SP 1 |
Affected products
Known affected
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Dell Data Protection Advisor <19.12 SP 1
Dell / Data Protection Advisor
|
<19.12 SP 1 |
Affected products
Known affected
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Dell Data Protection Advisor <19.12 SP 1
Dell / Data Protection Advisor
|
<19.12 SP 1 |
Affected products
Known affected
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Dell Data Protection Advisor <19.12 SP 1
Dell / Data Protection Advisor
|
<19.12 SP 1 |
Affected products
Known affected
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Dell Data Protection Advisor <19.12 SP 1
Dell / Data Protection Advisor
|
<19.12 SP 1 |
Affected products
Known affected
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Dell Data Protection Advisor <19.12 SP 1
Dell / Data Protection Advisor
|
<19.12 SP 1 |
Affected products
Known affected
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Dell Data Protection Advisor <19.12 SP 1
Dell / Data Protection Advisor
|
<19.12 SP 1 |
Affected products
Known affected
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Dell Data Protection Advisor <19.12 SP 1
Dell / Data Protection Advisor
|
<19.12 SP 1 |
Affected products
Known affected
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Dell Data Protection Advisor <19.12 SP 1
Dell / Data Protection Advisor
|
<19.12 SP 1 |
Affected products
Known affected
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Dell Data Protection Advisor <19.12 SP 1
Dell / Data Protection Advisor
|
<19.12 SP 1 |
Affected products
Known affected
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Dell Data Protection Advisor <19.12 SP 1
Dell / Data Protection Advisor
|
<19.12 SP 1 |
Affected products
Known affected
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Dell Data Protection Advisor <19.12 SP 1
Dell / Data Protection Advisor
|
<19.12 SP 1 |
Affected products
Known affected
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Dell Data Protection Advisor <19.12 SP 1
Dell / Data Protection Advisor
|
<19.12 SP 1 |
Affected products
Known affected
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Dell Data Protection Advisor <19.12 SP 1
Dell / Data Protection Advisor
|
<19.12 SP 1 |
Affected products
Known affected
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Dell Data Protection Advisor <19.12 SP 1
Dell / Data Protection Advisor
|
<19.12 SP 1 |
Affected products
Known affected
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Dell Data Protection Advisor <19.12 SP 1
Dell / Data Protection Advisor
|
<19.12 SP 1 |
Affected products
Known affected
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Dell Data Protection Advisor <19.12 SP 1
Dell / Data Protection Advisor
|
<19.12 SP 1 |
Affected products
Known affected
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Dell Data Protection Advisor <19.12 SP 1
Dell / Data Protection Advisor
|
<19.12 SP 1 |
Affected products
Known affected
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Dell Data Protection Advisor <19.12 SP 1
Dell / Data Protection Advisor
|
<19.12 SP 1 |
Affected products
Known affected
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Dell Data Protection Advisor <19.12 SP 1
Dell / Data Protection Advisor
|
<19.12 SP 1 |
Affected products
Known affected
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Dell Data Protection Advisor <19.12 SP 1
Dell / Data Protection Advisor
|
<19.12 SP 1 |
Affected products
Known affected
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Dell Data Protection Advisor <19.12 SP 1
Dell / Data Protection Advisor
|
<19.12 SP 1 |
Affected products
Known affected
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Dell Data Protection Advisor <19.12 SP 1
Dell / Data Protection Advisor
|
<19.12 SP 1 |
Affected products
Known affected
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Dell Data Protection Advisor <19.12 SP 1
Dell / Data Protection Advisor
|
<19.12 SP 1 |
Affected products
Known affected
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Dell Data Protection Advisor <19.12 SP 1
Dell / Data Protection Advisor
|
<19.12 SP 1 |
Affected products
Known affected
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Dell Data Protection Advisor <19.12 SP 1
Dell / Data Protection Advisor
|
<19.12 SP 1 |
Affected products
Known affected
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Dell Data Protection Advisor <19.12 SP 1
Dell / Data Protection Advisor
|
<19.12 SP 1 |
Affected products
Known affected
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Dell Data Protection Advisor <19.12 SP 1
Dell / Data Protection Advisor
|
<19.12 SP 1 |
Affected products
Known affected
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Dell Data Protection Advisor <19.12 SP 1
Dell / Data Protection Advisor
|
<19.12 SP 1 |
References
3 references
{
"document": {
"aggregate_severity": {
"text": "hoch"
},
"category": "csaf_base",
"csaf_version": "2.0",
"distribution": {
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "de-DE",
"notes": [
{
"category": "legal_disclaimer",
"text": "Das BSI ist als Anbieter f\u00fcr die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch daf\u00fcr verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgf\u00e4ltig im Einzelfall zu pr\u00fcfen."
},
{
"category": "description",
"text": "Data Protection Advisor ist eine Monitoring L\u00f6sung. Der Collector ist der lokale Agent.",
"title": "Produktbeschreibung"
},
{
"category": "summary",
"text": "Ein Angreifer kann mehrere Schwachstellen in Dell Data Protection Advisor ausnutzen, um beliebigen Programmcode auszuf\u00fchren, um einen Denial of Service Angriff durchzuf\u00fchren, und um weitere nicht n\u00e4her spezifizierte Angriffe durchzuf\u00fchren.",
"title": "Angriff"
},
{
"category": "general",
"text": "- Linux\n- Sonstiges\n- UNIX\n- Windows",
"title": "Betroffene Betriebssysteme"
}
],
"publisher": {
"category": "other",
"contact_details": "csaf-provider@cert-bund.de",
"name": "Bundesamt f\u00fcr Sicherheit in der Informationstechnik",
"namespace": "https://www.bsi.bund.de"
},
"references": [
{
"category": "self",
"summary": "WID-SEC-W-2025-1459 - CSAF Version",
"url": "https://wid.cert-bund.de/.well-known/csaf/white/2025/wid-sec-w-2025-1459.json"
},
{
"category": "self",
"summary": "WID-SEC-2025-1459 - Portal Version",
"url": "https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2025-1459"
},
{
"category": "external",
"summary": "Dell Security Advisory DSA-2025-276 vom 2025-07-03",
"url": "https://www.dell.com/support/kbdoc/000340538"
}
],
"source_lang": "en-US",
"title": "Dell Data Protection Advisor: Mehrere Schwachstellen",
"tracking": {
"current_release_date": "2025-07-03T22:00:00.000+00:00",
"generator": {
"date": "2025-07-04T08:09:43.042+00:00",
"engine": {
"name": "BSI-WID",
"version": "1.4.0"
}
},
"id": "WID-SEC-W-2025-1459",
"initial_release_date": "2025-07-03T22:00:00.000+00:00",
"revision_history": [
{
"date": "2025-07-03T22:00:00.000+00:00",
"number": "1",
"summary": "Initiale Fassung"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version_range",
"name": "\u003c19.12 SP 1",
"product": {
"name": "Dell Data Protection Advisor \u003c19.12 SP 1",
"product_id": "T045044"
}
},
{
"category": "product_version",
"name": "19.12 SP 1",
"product": {
"name": "Dell Data Protection Advisor 19.12 SP 1",
"product_id": "T045044-fixed",
"product_identification_helper": {
"cpe": "cpe:/a:dell:data_protection_advisor:19.12_sp_1"
}
}
}
],
"category": "product_name",
"name": "Data Protection Advisor"
}
],
"category": "vendor",
"name": "Dell"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2013-0340",
"product_status": {
"known_affected": [
"T045044"
]
},
"release_date": "2025-07-03T22:00:00.000+00:00",
"title": "CVE-2013-0340"
},
{
"cve": "CVE-2013-1624",
"product_status": {
"known_affected": [
"T045044"
]
},
"release_date": "2025-07-03T22:00:00.000+00:00",
"title": "CVE-2013-1624"
},
{
"cve": "CVE-2014-3577",
"product_status": {
"known_affected": [
"T045044"
]
},
"release_date": "2025-07-03T22:00:00.000+00:00",
"title": "CVE-2014-3577"
},
{
"cve": "CVE-2015-3193",
"product_status": {
"known_affected": [
"T045044"
]
},
"release_date": "2025-07-03T22:00:00.000+00:00",
"title": "CVE-2015-3193"
},
{
"cve": "CVE-2015-3194",
"product_status": {
"known_affected": [
"T045044"
]
},
"release_date": "2025-07-03T22:00:00.000+00:00",
"title": "CVE-2015-3194"
},
{
"cve": "CVE-2015-5262",
"product_status": {
"known_affected": [
"T045044"
]
},
"release_date": "2025-07-03T22:00:00.000+00:00",
"title": "CVE-2015-5262"
},
{
"cve": "CVE-2016-0705",
"product_status": {
"known_affected": [
"T045044"
]
},
"release_date": "2025-07-03T22:00:00.000+00:00",
"title": "CVE-2016-0705"
},
{
"cve": "CVE-2016-0797",
"product_status": {
"known_affected": [
"T045044"
]
},
"release_date": "2025-07-03T22:00:00.000+00:00",
"title": "CVE-2016-0797"
},
{
"cve": "CVE-2016-0798",
"product_status": {
"known_affected": [
"T045044"
]
},
"release_date": "2025-07-03T22:00:00.000+00:00",
"title": "CVE-2016-0798"
},
{
"cve": "CVE-2016-0799",
"product_status": {
"known_affected": [
"T045044"
]
},
"release_date": "2025-07-03T22:00:00.000+00:00",
"title": "CVE-2016-0799"
},
{
"cve": "CVE-2016-2842",
"product_status": {
"known_affected": [
"T045044"
]
},
"release_date": "2025-07-03T22:00:00.000+00:00",
"title": "CVE-2016-2842"
},
{
"cve": "CVE-2016-6306",
"product_status": {
"known_affected": [
"T045044"
]
},
"release_date": "2025-07-03T22:00:00.000+00:00",
"title": "CVE-2016-6306"
},
{
"cve": "CVE-2017-3731",
"product_status": {
"known_affected": [
"T045044"
]
},
"release_date": "2025-07-03T22:00:00.000+00:00",
"title": "CVE-2017-3731"
},
{
"cve": "CVE-2017-3732",
"product_status": {
"known_affected": [
"T045044"
]
},
"release_date": "2025-07-03T22:00:00.000+00:00",
"title": "CVE-2017-3732"
},
{
"cve": "CVE-2018-5968",
"product_status": {
"known_affected": [
"T045044"
]
},
"release_date": "2025-07-03T22:00:00.000+00:00",
"title": "CVE-2018-5968"
},
{
"cve": "CVE-2018-7489",
"product_status": {
"known_affected": [
"T045044"
]
},
"release_date": "2025-07-03T22:00:00.000+00:00",
"title": "CVE-2018-7489"
},
{
"cve": "CVE-2019-16869",
"product_status": {
"known_affected": [
"T045044"
]
},
"release_date": "2025-07-03T22:00:00.000+00:00",
"title": "CVE-2019-16869"
},
{
"cve": "CVE-2019-20444",
"product_status": {
"known_affected": [
"T045044"
]
},
"release_date": "2025-07-03T22:00:00.000+00:00",
"title": "CVE-2019-20444"
},
{
"cve": "CVE-2019-20445",
"product_status": {
"known_affected": [
"T045044"
]
},
"release_date": "2025-07-03T22:00:00.000+00:00",
"title": "CVE-2019-20445"
},
{
"cve": "CVE-2020-10683",
"product_status": {
"known_affected": [
"T045044"
]
},
"release_date": "2025-07-03T22:00:00.000+00:00",
"title": "CVE-2020-10683"
},
{
"cve": "CVE-2020-11023",
"product_status": {
"known_affected": [
"T045044"
]
},
"release_date": "2025-07-03T22:00:00.000+00:00",
"title": "CVE-2020-11023"
},
{
"cve": "CVE-2020-11612",
"product_status": {
"known_affected": [
"T045044"
]
},
"release_date": "2025-07-03T22:00:00.000+00:00",
"title": "CVE-2020-11612"
},
{
"cve": "CVE-2020-25649",
"product_status": {
"known_affected": [
"T045044"
]
},
"release_date": "2025-07-03T22:00:00.000+00:00",
"title": "CVE-2020-25649"
},
{
"cve": "CVE-2020-36518",
"product_status": {
"known_affected": [
"T045044"
]
},
"release_date": "2025-07-03T22:00:00.000+00:00",
"title": "CVE-2020-36518"
},
{
"cve": "CVE-2021-21290",
"product_status": {
"known_affected": [
"T045044"
]
},
"release_date": "2025-07-03T22:00:00.000+00:00",
"title": "CVE-2021-21290"
},
{
"cve": "CVE-2021-21295",
"product_status": {
"known_affected": [
"T045044"
]
},
"release_date": "2025-07-03T22:00:00.000+00:00",
"title": "CVE-2021-21295"
},
{
"cve": "CVE-2021-21409",
"product_status": {
"known_affected": [
"T045044"
]
},
"release_date": "2025-07-03T22:00:00.000+00:00",
"title": "CVE-2021-21409"
},
{
"cve": "CVE-2021-22696",
"product_status": {
"known_affected": [
"T045044"
]
},
"release_date": "2025-07-03T22:00:00.000+00:00",
"title": "CVE-2021-22696"
},
{
"cve": "CVE-2021-30468",
"product_status": {
"known_affected": [
"T045044"
]
},
"release_date": "2025-07-03T22:00:00.000+00:00",
"title": "CVE-2021-30468"
},
{
"cve": "CVE-2021-3597",
"product_status": {
"known_affected": [
"T045044"
]
},
"release_date": "2025-07-03T22:00:00.000+00:00",
"title": "CVE-2021-3597"
},
{
"cve": "CVE-2021-3629",
"product_status": {
"known_affected": [
"T045044"
]
},
"release_date": "2025-07-03T22:00:00.000+00:00",
"title": "CVE-2021-3629"
},
{
"cve": "CVE-2021-3690",
"product_status": {
"known_affected": [
"T045044"
]
},
"release_date": "2025-07-03T22:00:00.000+00:00",
"title": "CVE-2021-3690"
},
{
"cve": "CVE-2021-3711",
"product_status": {
"known_affected": [
"T045044"
]
},
"release_date": "2025-07-03T22:00:00.000+00:00",
"title": "CVE-2021-3711"
},
{
"cve": "CVE-2021-37136",
"product_status": {
"known_affected": [
"T045044"
]
},
"release_date": "2025-07-03T22:00:00.000+00:00",
"title": "CVE-2021-37136"
},
{
"cve": "CVE-2021-37137",
"product_status": {
"known_affected": [
"T045044"
]
},
"release_date": "2025-07-03T22:00:00.000+00:00",
"title": "CVE-2021-37137"
},
{
"cve": "CVE-2021-3859",
"product_status": {
"known_affected": [
"T045044"
]
},
"release_date": "2025-07-03T22:00:00.000+00:00",
"title": "CVE-2021-3859"
},
{
"cve": "CVE-2021-40690",
"product_status": {
"known_affected": [
"T045044"
]
},
"release_date": "2025-07-03T22:00:00.000+00:00",
"title": "CVE-2021-40690"
},
{
"cve": "CVE-2021-43797",
"product_status": {
"known_affected": [
"T045044"
]
},
"release_date": "2025-07-03T22:00:00.000+00:00",
"title": "CVE-2021-43797"
},
{
"cve": "CVE-2021-46877",
"product_status": {
"known_affected": [
"T045044"
]
},
"release_date": "2025-07-03T22:00:00.000+00:00",
"title": "CVE-2021-46877"
},
{
"cve": "CVE-2022-1259",
"product_status": {
"known_affected": [
"T045044"
]
},
"release_date": "2025-07-03T22:00:00.000+00:00",
"title": "CVE-2022-1259"
},
{
"cve": "CVE-2022-1319",
"product_status": {
"known_affected": [
"T045044"
]
},
"release_date": "2025-07-03T22:00:00.000+00:00",
"title": "CVE-2022-1319"
},
{
"cve": "CVE-2022-2053",
"product_status": {
"known_affected": [
"T045044"
]
},
"release_date": "2025-07-03T22:00:00.000+00:00",
"title": "CVE-2022-2053"
},
{
"cve": "CVE-2022-24823",
"product_status": {
"known_affected": [
"T045044"
]
},
"release_date": "2025-07-03T22:00:00.000+00:00",
"title": "CVE-2022-24823"
},
{
"cve": "CVE-2022-2764",
"product_status": {
"known_affected": [
"T045044"
]
},
"release_date": "2025-07-03T22:00:00.000+00:00",
"title": "CVE-2022-2764"
},
{
"cve": "CVE-2022-40152",
"product_status": {
"known_affected": [
"T045044"
]
},
"release_date": "2025-07-03T22:00:00.000+00:00",
"title": "CVE-2022-40152"
},
{
"cve": "CVE-2022-41881",
"product_status": {
"known_affected": [
"T045044"
]
},
"release_date": "2025-07-03T22:00:00.000+00:00",
"title": "CVE-2022-41881"
},
{
"cve": "CVE-2022-42003",
"product_status": {
"known_affected": [
"T045044"
]
},
"release_date": "2025-07-03T22:00:00.000+00:00",
"title": "CVE-2022-42003"
},
{
"cve": "CVE-2022-42004",
"product_status": {
"known_affected": [
"T045044"
]
},
"release_date": "2025-07-03T22:00:00.000+00:00",
"title": "CVE-2022-42004"
},
{
"cve": "CVE-2022-46363",
"product_status": {
"known_affected": [
"T045044"
]
},
"release_date": "2025-07-03T22:00:00.000+00:00",
"title": "CVE-2022-46363"
},
{
"cve": "CVE-2022-46364",
"product_status": {
"known_affected": [
"T045044"
]
},
"release_date": "2025-07-03T22:00:00.000+00:00",
"title": "CVE-2022-46364"
},
{
"cve": "CVE-2022-46908",
"product_status": {
"known_affected": [
"T045044"
]
},
"release_date": "2025-07-03T22:00:00.000+00:00",
"title": "CVE-2022-46908"
},
{
"cve": "CVE-2023-0482",
"product_status": {
"known_affected": [
"T045044"
]
},
"release_date": "2025-07-03T22:00:00.000+00:00",
"title": "CVE-2023-0482"
},
{
"cve": "CVE-2023-1108",
"product_status": {
"known_affected": [
"T045044"
]
},
"release_date": "2025-07-03T22:00:00.000+00:00",
"title": "CVE-2023-1108"
},
{
"cve": "CVE-2023-3223",
"product_status": {
"known_affected": [
"T045044"
]
},
"release_date": "2025-07-03T22:00:00.000+00:00",
"title": "CVE-2023-3223"
},
{
"cve": "CVE-2023-34462",
"product_status": {
"known_affected": [
"T045044"
]
},
"release_date": "2025-07-03T22:00:00.000+00:00",
"title": "CVE-2023-34462"
},
{
"cve": "CVE-2023-44483",
"product_status": {
"known_affected": [
"T045044"
]
},
"release_date": "2025-07-03T22:00:00.000+00:00",
"title": "CVE-2023-44483"
},
{
"cve": "CVE-2024-1459",
"product_status": {
"known_affected": [
"T045044"
]
},
"release_date": "2025-07-03T22:00:00.000+00:00",
"title": "CVE-2024-1459"
}
]
}
Loading…
Trend slope:
-
(linear fit over daily sighting counts)
Show additional events:
Loading…
Experimental. This forecast is provided for visualization only and may change without notice. Do not use it for operational decisions.
Forecast uses a logistic model when the trend is rising, or an exponential decay model when the trend is falling. Fitted via linearized least squares.
Sightings
| Author | Source | Type | Date | Other |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.
Loading…
Loading…